Show Posts

1

Tech Clinic / Please help, HJT file included.

« on: March 19, 2008, 12:42:18 AM »

HJT

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:03:24 AM, on 7/12/2003
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\D-Link\Air Utility\AirCFG.exe
C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\PROGRA~1\Yahoo!\YOP\yop.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Silicon Image\SiISATARaid\SATARaid.exe
C:\PROGRA~1\Yahoo!\YOP\SSDK02.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://att.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [D-Link Air Utility] C:\Program Files\D-Link\Air Utility\AirCFG.exe
O4 - HKLM\..\Run: [ANIWZCSService] C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\PROGRA~1\Symantec\osCheck.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: SATARaid.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/m...90/mcinsctl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/m...,23/mcgdmgr.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\PROGRA~1\Symantec\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 7186 bytes

BitDefender Online Scanner




Scan report generated at: Sat, Jul 12, 2003 - 05:04:24





Scan path: A:\;C:\

:\;








Statistics

Time


01:15:21

Files


246792

Folders


5323

Boot Sectors


2

Archives


1106

Packed Files


9600




Results

Identified Viruses


7

Infected Files


9

Suspect Files


0

Warnings


0

Disinfected


0

Deleted Files


9




Engines Info

Virus Definitions


1010922

Engine build


AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)

Scan plugins


16

Archive plugins


41

Unpack plugins


7

E-mail plugins


6

System plugins


5




Scan Settings

First Action


Disinfect

Second Action


Delete

Heuristics


Yes

Enable Warnings


Yes

Scanned Extensions


*;

Exclude Extensions


Scan Emails


Yes

Scan Archives


Yes

Scan Packed


Yes

Scan Files


Yes

Scan Boot


Yes




Scanned File


Status

C:\Documents and Settings\Nick\Local Settings\Temp\sai522.tmp=>(NSIS o)=>lzma_solid_nsis0004


Detected with: Adware.Zango.AU

C:\Documents and Settings\Nick\Local Settings\Temp\sai522.tmp=>(NSIS o)=>lzma_solid_nsis0004


Deleted

C:\Documents and Settings\Nick\Local Settings\Temp\sai522.tmp=>(NSIS o)


Update failed

C:\Documents and Settings\Nick\Local Settings\Temp\sai522.tmp=>(NSIS o)=>lzma_solid_nsis0011


Detected with: Adware.Zango.AN

C:\Documents and Settings\Nick\Local Settings\Temp\sai522.tmp=>(NSIS o)=>lzma_solid_nsis0011


Deleted

C:\Documents and Settings\Nick\Local Settings\Temp\sai522.tmp=>(NSIS o)


Update failed

C:\Documents and Settings\Nick\Local Settings\Temp\sai522.tmp=>(NSIS o)=>lzma_solid_nsis0013


Detected with: Application.Generic.7161

C:\Documents and Settings\Nick\Local Settings\Temp\sai522.tmp=>(NSIS o)=>lzma_solid_nsis0013


Disinfection failed

C:\Documents and Settings\Nick\Local Settings\Temp\sai522.tmp=>(NSIS o)=>lzma_solid_nsis0013


Deleted

C:\Documents and Settings\Nick\Local Settings\Temp\sai522.tmp=>(NSIS o)


Update failed

C:\Documents and Settings\Nick\Local Settings\Temp\sai522.tmp=>(NSIS o)=>lzma_solid_nsis0015


Detected with: Adware.Zango.SB

C:\Documents and Settings\Nick\Local Settings\Temp\sai522.tmp=>(NSIS o)=>lzma_solid_nsis0015


Deleted

C:\Documents and Settings\Nick\Local Settings\Temp\sai522.tmp=>(NSIS o)


Update failed

C:\Documents and Settings\Nick\Local Settings\Temp\sai522.tmp=>(NSIS o)=>lzma_solid_nsis0016


Detected with: Adware.Zango.AV

C:\Documents and Settings\Nick\Local Settings\Temp\sai522.tmp=>(NSIS o)=>lzma_solid_nsis0016


Deleted

C:\Documents and Settings\Nick\Local Settings\Temp\sai522.tmp=>(NSIS o)


Update failed

C:\Documents and Settings\Nick\Local Settings\Temp\sai522.tmp=>(NSIS o)=>lzma_solid_nsis0017=>(NSIS o)=>lzma_solid_nsis0004


Detected with: Adware.Zango.AU

C:\Documents and Settings\Nick\Local Settings\Temp\sai522.tmp=>(NSIS o)=>lzma_solid_nsis0017=>(NSIS o)=>lzma_solid_nsis0004


Deleted

C:\Documents and Settings\Nick\Local Settings\Temp\sai522.tmp=>(NSIS o)=>lzma_solid_nsis0017=>(NSIS o)


Update failed

C:\Documents and Settings\Nick\Local Settings\Temp\sai522.tmp=>(NSIS o)=>lzma_solid_nsis0020


Detected with: Adware.Zango.SC

C:\Documents and Settings\Nick\Local Settings\Temp\sai522.tmp=>(NSIS o)=>lzma_solid_nsis0020


Deleted

C:\Documents and Settings\Nick\Local Settings\Temp\sai522.tmp=>(NSIS o)


Update failed

C:\System Volume Information\_restore{2DC4DA99-685B-42A9-88DA-B0E18FA16B76}\RP434\A0080576.exe


Infected with: Trojan.Ransom.C

C:\System Volume Information\_restore{2DC4DA99-685B-42A9-88DA-B0E18FA16B76}\RP434\A0080576.exe


Deleted

C:\System Volume Information\_restore{2DC4DA99-685B-42A9-88DA-B0E18FA16B76}\RP434\A0080693.exe


Infected with: Trojan.Ransom.C

C:\System Volume Information\_restore{2DC4DA99-685B-42A9-88DA-B0E18FA16B76}\RP434\A0080693.exe


Deleted


Fixwareout

Username "Nick" - 07/12/2003 3:21:44 [Fixwareout edited 9/01/2007]

~~~~~ Prerun check

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{6C2BF7DA-CBD9-4774-B2E7-88B78B07F06E}
"DhcpNameServer"="85.255.115.42,85.255.112.158" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{90C662B0-EA58-435F-98D9-65FE1196BF71}
"DhcpNameServer"="85.255.115.42,85.255.112.158" <Value cleared.

Successfully flushed the DNS Resolver Cache.

System was rebooted successfully.

~~~~~ Postrun check
HKLM\SOFTWARE\~\Winlogon\ "System"=""
....
....
~~~~~ Misc files.
....
~~~~~ Checking for older varients.
....

~~~~~ Current runs (hklm hkcu "run" Keys Only)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE"
"InCD"="C:\\Program Files\\Ahead\\InCD\\InCD.exe"
"D-Link Air Utility"="C:\\Program Files\\D-Link\\Air Utility\\AirCFG.exe"
"ANIWZCSService"="C:\\Program Files\\Alpha Networks\\ANIWZCS Service\\WZCSLDR.exe"
"WinampAgent"="C:\\Program Files\\Winamp\\winampa.exe"
"NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"ATICCC"="\"C:\\Program Files\\ATI Technologies\\ATI.ACE\\CLIStart.exe\""
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_03\\bin\\jusched.exe\""
"YOP"="C:\\PROGRA~1\\Yahoo!\\YOP\\yop.exe /autostart"
"ccApp"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
"osCheck"="\"C:\\PROGRA~1\\Symantec\\osCheck.exe\""

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"Aim6"="\"C:\\Program Files\\AIM6\\aim6.exe\" /d locale=en-US ee://aol/imApp"
....
Hosts file was reset, If you use a custom hosts file please replace it...
~~~~~ End report ~~~~~

2

Tech Clinic / Please help, HJT file included.

« on: March 14, 2008, 06:53:39 PM »

So, My computer is having trouble booting. Every time I go to turn it on, it goes through the normal process then gets to the black screen with the loading bar, that says Windows XP on it. It then just sits there, never loading. Sometimes it does load, but it's completely random when it does. I've tried booting from CD but it hasn't really helped much, it'll go into a blue screen that says System is loading Windows, and just sits there. Im at a loss about what to do, and I'm really hoping I can get this fixed because i have a lot on here that I dont want to lose. I've been leaving it on, so that I dont have to go through the boot process, which i know is actually very bad. I like to leave my computer off for at least 8 hours out of the day (usually at night). Following is my HJT log I just now created, somebody please help!

Logfile of HijackThis v1.99.1
Scan saved at 12:04:17 AM, on 7/11/2003
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\D-Link\Air Utility\AirCFG.exe
C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\PROGRA~1\Yahoo!\YOP\yop.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\Yahoo!\YOP\SSDK02.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\HJT\zerofate.exe.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://att.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [D-Link Air Utility] C:\Program Files\D-Link\Air Utility\AirCFG.exe
O4 - HKLM\..\Run: [ANIWZCSService] C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\PROGRA~1\Symantec\osCheck.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: SATARaid.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/m...90/mcinsctl.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/m...,23/mcgdmgr.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{02FD96FB-C3E2-4A1E-849C-D4D6F3BFEC29}: NameServer = 85.255.115.42,85.255.112.158
O17 - HKLM\System\CCS\Services\Tcpip\..\{6C2BF7DA-CBD9-4774-B2E7-88B78B07F06E}: NameServer = 85.255.115.42,85.255.112.158
O17 - HKLM\System\CCS\Services\Tcpip\..\{CD7EB040-75A2-4C67-82C7-3EB91AEDE65A}: NameServer = 85.255.115.42,85.255.112.158
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.42 85.255.112.158
O17 - HKLM\System\CS1\Services\Tcpip\..\{02FD96FB-C3E2-4A1E-849C-D4D6F3BFEC29}: NameServer = 85.255.115.42,85.255.112.158
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.115.42 85.255.112.158
O17 - HKLM\System\CS2\Services\Tcpip\..\{02FD96FB-C3E2-4A1E-849C-D4D6F3BFEC29}: NameServer = 85.255.115.42,85.255.112.158
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 85.255.115.42 85.255.112.158
O17 - HKLM\System\CS3\Services\Tcpip\..\{02FD96FB-C3E2-4A1E-849C-D4D6F3BFEC29}: NameServer = 85.255.115.42,85.255.112.158
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.42 85.255.112.158
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h cltCommon (file missing)
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\PROGRA~1\Symantec\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

3

Tech Clinic / here ya go then...

« on: November 13, 2006, 03:49:47 PM »

lol i know i know. i should be able to handle things now. thanks a lot

4

Tech Clinic / here ya go then...

« on: November 10, 2006, 02:16:35 AM »

well, my uncle gave it to me. im sure that everythings legal. its just asking me to upgrade, like get a better version. i think i figured it out. i just messed around with the settngs a little, it seems fine now.

5

Tech Clinic / here ya go then...

« on: November 08, 2006, 10:08:48 AM »

Everything seems to be running fine now, thanks. I have a question about this mcafee antivirus. It needs to be updated but it keeps asking me to pay even though the version on my pc was technically paid for. There' an extra button in the tray that keeps saying "please update" blah blah blah, in a pop-up balloon every time i turn the pc on, and it also just randomly comes up while im on the pc. Is there a way to stop it from asking me to upgrade all the time?

6

Tech Clinic / here ya go then...

« on: November 06, 2006, 11:46:52 PM »

Logfile of HijackThis v1.99.1
Scan saved at 11:44:23 PM, on 11/6/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\D-Link\Air Utility\AirCFG.exe
C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Silicon Image\SiISATARaid\SATARaid.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Program Files\Messenger\msmsgs.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\Program Files\iPod\bin\iPodService.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\HJT\zerofate.exe.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [D-Link Air Utility] C:\Program Files\D-Link\Air Utility\AirCFG.exe
O4 - HKLM\..\Run: [ANIWZCSService] C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: SATARaid.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...90/mcinsctl.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/m...,23/mcgdmgr.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe

7

Tech Clinic / here ya go then...

« on: November 03, 2006, 11:54:43 AM »

i can't find C:\Program Files\DriveCleaner 2006 Free. Im not sure why but i put the address in the search and nothing comes up.

8

Tech Clinic / here ya go then...

« on: November 02, 2006, 09:30:12 PM »

Volume in drive C has no label.
Volume Serial Number is 04E4-BB78

Directory of C:\Documents and Settings\Nick\Desktop

11/02/2006 09:27 PM <DIR> .
11/02/2006 09:27 PM <DIR> ..
10/27/2006 01:55 PM 3,307 222.rtf
09/19/2006 07:26 PM 2,855,080 aawsepersonal.exe
06/10/2005 09:44 PM 20,798,256 AdbeRdr70_enu_full.exe
10/19/2005 06:19 PM 160,256 AIMFix.exe
10/27/2005 03:04 PM 678 Azureus.lnk
04/09/2005 10:00 AM 393,216 bwchart.exe
09/18/2006 11:20 PM <DIR> Caitlin all
10/17/2005 03:47 PM 1,657 Collab.lnk
10/25/2006 11:28 AM 276,918 combofix.exe
11/02/2006 09:27 PM 132 find.bat
11/02/2006 09:27 PM 124 find2.bat
10/17/2005 03:47 PM 778 FL Studio 5.lnk
05/28/2005 09:35 PM 104 Internet.lnk
10/23/2005 10:54 PM 1,565 IrfanView Thumbnails.lnk
10/23/2005 10:54 PM 685 IrfanView.lnk
01/13/2006 12:08 PM <DIR> Music Videos
09/25/2005 04:02 PM 104 My Computer.lnk
03/15/2004 10:08 PM 19,846 nick's poem book.txt
10/27/2006 02:03 PM 1,420 rapport.txt
10/27/2006 02:02 PM <DIR> SmitfraudFix
10/27/2006 01:26 PM 601,128 SmitfraudFix.zip
09/19/2006 07:43 PM 933 Spybot - Search & Destroy.lnk
09/19/2006 07:43 PM 5,037,072 spybotsd14.exe
09/19/2006 12:21 PM 690 SpywareBlaster.lnk
05/28/2005 09:25 PM 1,576 Starcraft - Brood War.lnk
10/25/2006 11:24 AM 2 uninstall_list.txt
07/25/2006 02:07 AM <DIR> VirtualDubMod_1_5_10_2_All_inclusive
04/08/2006 01:15 AM 1,757,806 VirtualDubMod_1_5_10_2_All_inclusive.zip
11/09/2005 03:55 AM 654 Winamp.lnk
06/05/2005 05:53 PM 692 WinRAR.lnk
07/25/2006 01:25 AM 1,524 WordBiz.lnk
06/05/2005 05:52 PM 1,013,454 wrar35b5.exe
28 File(s) 32,929,657 bytes

Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all

09/18/2006 11:20 PM <DIR> .
09/18/2006 11:20 PM <DIR> ..
09/26/2004 08:53 PM 183,615 caitlin.jpg
09/18/2006 11:22 PM 256,822 Clipboard01.bmp
09/13/2006 09:50 PM <DIR> DszeroDs - Caitlin
09/13/2006 09:50 PM <DIR> GoBpUnKrOcKeRs -Caitlin
01/30/2005 10:03 PM 2,794,174 hawaii.bmp
02/16/2004 07:09 PM 2,817,556 homc..03 .tif
09/13/2006 09:49 PM <DIR> RyuhouEx - Caitlin
02/16/2004 07:06 PM 2,817,580 Scan0002.tif
10/29/2004 08:01 AM 620 Shortcut to Caitlin - gadzook.lnk
01/30/2005 10:02 PM 619 Shortcut to Scan0002.lnk
09/18/2006 11:22 PM 32,256 Thumbs.db
09/13/2006 09:49 PM <DIR> XfallenchaosX - caitlin middle
09/13/2006 09:49 PM <DIR> xfallenchaosx - caitlin new
09/13/2006 09:49 PM <DIR> xfallenchaosx - caitlin old
09/13/2006 09:49 PM <DIR> xxryuhouxx - caitlin
8 File(s) 8,903,242 bytes

Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\DszeroDs - Caitlin

09/13/2006 09:50 PM <DIR> .
09/13/2006 09:50 PM <DIR> ..
05/24/2003 06:23 AM 4,208 2003-05-24 [Saturday].htm
06/04/2003 08:47 PM 1,756 2003-06-04 [Wednesday].htm
06/05/2003 06:37 PM 401 2003-06-05 [Thursday].htm
06/07/2003 04:40 PM 2,337 2003-06-07 [Saturday].htm
06/09/2003 09:30 PM 2,070 2003-06-09 [Monday].htm
06/10/2003 07:38 PM 14,563 2003-06-10 [Tuesday].htm
06/12/2003 09:18 PM 18,931 2003-06-12 [Thursday].htm
06/14/2003 05:06 PM 390 2003-06-14 [Saturday].htm
06/15/2003 09:48 PM 35,884 2003-06-15 [Sunday].htm
06/16/2003 09:47 PM 27,543 2003-06-16 [Monday].htm
06/17/2003 08:26 PM 3,694 2003-06-17 [Tuesday].htm
06/18/2003 03:36 PM 22,921 2003-06-18 [Wednesday].htm
06/19/2003 07:21 PM 11,709 2003-06-19 [Thursday].htm
06/20/2003 08:58 PM 5,804 2003-06-20 [Friday].htm
06/22/2003 01:09 PM 6,787 2003-06-22 [Sunday].htm
06/23/2003 05:05 PM 17,660 2003-06-23 [Monday].htm
06/25/2003 12:56 PM 7,187 2003-06-25 [Wednesday].htm
06/27/2003 03:50 PM 15,410 2003-06-27 [Friday].htm
07/06/2003 09:28 PM 5,168 2003-07-06 [Sunday].htm
07/07/2003 06:09 PM 21,267 2003-07-07 [Monday].htm
07/08/2003 04:55 PM 2,293 2003-07-08 [Tuesday].htm
07/13/2003 12:28 PM 2,378 2003-07-13 [Sunday].htm
07/14/2003 08:52 PM 11,916 2003-07-14 [Monday].htm
07/15/2003 07:32 PM 13,510 2003-07-15 [Tuesday].htm
07/19/2003 09:58 PM 14,734 2003-07-19 [Saturday].htm
07/26/2003 02:42 PM 14,938 2003-07-26 [Saturday].htm
07/27/2003 03:17 PM 550 2003-07-27 [Sunday].htm
08/11/2003 09:40 PM 4,268 2003-08-11 [Monday].htm
08/12/2003 11:13 AM 675 2003-08-12 [Tuesday].htm
08/14/2003 10:36 PM 12,800 2003-08-14 [Thursday].htm
08/15/2003 10:17 PM 7,932 2003-08-15 [Friday].htm
08/16/2003 08:14 PM 24,701 2003-08-16 [Saturday].htm
08/17/2003 05:01 PM 8,650 2003-08-17 [Sunday].htm
08/18/2003 07:04 PM 20,208 2003-08-18 [Monday].htm
08/19/2003 12:36 AM 27,747 2003-08-19 [Tuesday].htm
08/20/2003 09:54 PM 36,672 2003-08-20 [Wednesday].htm
08/21/2003 11:25 AM 2,461 2003-08-21 [Thursday].htm
08/22/2003 10:26 AM 3,368 2003-08-22 [Friday].htm
01/23/2004 11:10 PM 2,381 2004-01-23 [Friday].htm
01/25/2004 01:05 PM 2,368 events.txt
10/09/2004 11:02 PM 14 Me....txt
41 File(s) 440,254 bytes

Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\GoBpUnKrOcKeRs -Caitlin

09/13/2006 09:50 PM <DIR> .
09/13/2006 09:50 PM <DIR> ..
04/25/2001 07:16 AM 9,249 2001-04-25 [Wednesday].htm
05/05/2001 10:31 AM 14,933 2001-05-05 [Saturday].htm
09/20/2001 08:45 PM 23,022 2001-09-20 [Thursday].htm
09/21/2001 01:26 AM 21,168 2001-09-21 [Friday].htm
04/09/2003 07:45 PM 13,845 2003-04-09 [Wednesday].htm
09/14/2006 04:40 PM <DIR> 2003-04-18 [Friday]
04/18/2003 10:32 PM 64,574 2003-04-18 [Friday].htm
04/19/2003 12:21 PM 1,909 2003-04-19 [Saturday].htm
04/20/2003 12:05 AM 11,873 2003-04-20 [Sunday].htm
05/26/2003 01:31 PM 9,781 2003-05-26 [Monday].htm
06/01/2003 04:37 PM 9,707 2003-06-01 [Sunday].htm
06/06/2003 06:15 PM 1,344 2003-06-06 [Friday].htm
01/25/2004 07:10 PM 4,610 2004-01-25 [Sunday].htm
06/01/2003 04:37 PM 277 events.txt
13 File(s) 186,292 bytes

Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\GoBpUnKrOcKeRs -Caitlin\2003-04-18 [Friday]

09/14/2006 04:40 PM <DIR> .
09/14/2006 04:40 PM <DIR> ..
04/18/2003 07:32 PM 104,336 MVC-011S.JPG
09/14/2006 04:40 PM 5,632 Thumbs.db
2 File(s) 109,968 bytes

Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\RyuhouEx - Caitlin

09/13/2006 09:49 PM <DIR> .
09/13/2006 09:49 PM <DIR> ..
08/23/2003 08:14 PM 912 2003-08-23 [Saturday].htm
08/24/2003 06:21 PM 3,181 2003-08-24 [Sunday].htm
08/25/2003 01:14 PM 31,929 2003-08-25 [Monday].htm
08/26/2003 03:24 PM 19,349 2003-08-26 [Tuesday].htm
08/27/2003 03:04 PM 8,857 2003-08-27 [Wednesday].htm
08/28/2003 08:31 PM 7,746 2003-08-28 [Thursday].htm
08/29/2003 03:07 PM 12,340 2003-08-29 [Friday].htm
08/30/2003 02:57 PM 1,515 2003-08-30 [Saturday].htm
09/03/2003 06:59 PM 1,973 2003-09-03 [Wednesday].htm
09/07/2003 08:12 PM 17,033 2003-09-07 [Sunday].htm
09/08/2003 02:37 PM 13,073 2003-09-08 [Monday].htm
09/12/2003 01:49 PM 890 2003-09-12 [Friday].htm
09/14/2003 07:36 PM 17,727 2003-09-14 [Sunday].htm
09/15/2003 08:30 PM 2,160 2003-09-15 [Monday].htm
09/17/2003 07:12 PM 755 2003-09-17 [Wednesday].htm
09/19/2003 03:37 PM 3,721 2003-09-19 [Friday].htm
09/22/2003 08:31 PM 1,404 2003-09-22 [Monday].htm
09/24/2003 08:05 PM 6,813 2003-09-24 [Wednesday].htm
09/25/2003 08:19 PM 4,623 2003-09-25 [Thursday].htm
09/26/2003 02:59 PM 713 2003-09-26 [Friday].htm
09/29/2003 08:15 PM 1,859 2003-09-29 [Monday].htm
10/08/2003 06:27 PM 1,441 2003-10-08 [Wednesday].htm
10/09/2003 09:20 PM 6,395 2003-10-09 [Thursday].htm
10/10/2003 10:43 AM 5,340 2003-10-10 [Friday].htm
10/15/2003 08:19 PM 24,779 2003-10-15 [Wednesday].htm
10/17/2003 04:51 PM 1,504 2003-10-17 [Friday].htm
10/19/2003 04:44 PM 688 2003-10-19 [Sunday].htm
10/20/2003 07:54 PM 5,003 2003-10-20 [Monday].htm
10/22/2003 07:51 PM 18,172 2003-10-22 [Wednesday].htm
10/24/2003 02:12 PM 2,034 2003-10-24 [Friday].htm
10/26/2003 08:09 PM 5,619 2003-10-26 [Sunday].htm
10/27/2003 08:54 PM 12,243 2003-10-27 [Monday].htm
10/29/2003 08:00 PM 9,120 2003-10-29 [Wednesday].htm
10/30/2003 03:55 PM 6,331 2003-10-30 [Thursday].htm
10/31/2003 06:20 PM 619 2003-10-31 [Friday].htm
11/03/2003 09:46 PM 2,710 2003-11-03 [Monday].htm
11/04/2003 08:38 PM 5,569 2003-11-04 [Tuesday].htm
11/05/2003 01:50 PM 1,872 2003-11-05 [Wednesday].htm
11/05/2003 01:30 PM 3,046 events.txt
39 File(s) 271,058 bytes

Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\XfallenchaosX - caitlin middle

09/13/2006 09:49 PM <DIR> .
09/13/2006 09:49 PM <DIR> ..
02/29/2004 10:40 PM 978 2004-02-29 [Sunday].htm
03/29/2004 09:59 PM 2,358 2004-03-29 [Monday].htm
04/02/2004 09:16 PM 439 2004-04-02 [Friday].htm
04/03/2004 02:19 PM 997 2004-04-03 [Saturday].htm
04/11/2004 09:00 PM 1,566 2004-04-11 [Sunday].htm
04/15/2004 10:16 PM 11,595 2004-04-15 [Thursday].htm
04/27/2004 02:42 PM 1,133 2004-04-27 [Tuesday].htm
04/27/2004 07:30 PM 937 events.txt
8 File(s) 20,003 bytes

Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\xfallenchaosx - caitlin new

09/13/2006 09:49 PM <DIR> .
09/13/2006 09:49 PM <DIR> ..
05/05/2004 08:06 PM 3,980 2004-05-05 [Wednesday].htm
05/10/2004 05:29 PM 69 events.txt
2 File(s) 4,049 bytes

Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\xfallenchaosx - caitlin old

09/13/2006 09:49 PM <DIR> .
09/13/2006 09:49 PM <DIR> ..
02/27/2004 11:53 PM 1,462 2004-02-27 [Friday].htm
02/28/2004 02:34 PM 924 2004-02-28 [Saturday].htm
03/22/2004 09:05 PM 278 events.txt
3 File(s) 2,664 bytes

Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\xxryuhouxx - caitlin

09/13/2006 09:49 PM <DIR> .
09/13/2006 09:49 PM <DIR> ..
11/10/2003 10:10 PM 3,575 2003-11-10 [Monday].htm
11/11/2003 07:11 PM 728 2003-11-11 [Tuesday].htm
11/17/2003 05:33 PM 4,019 2003-11-17 [Monday].htm
11/19/2003 07:47 PM 1,370 2003-11-19 [Wednesday].htm
11/23/2003 10:04 PM 1,291 2003-11-23 [Sunday].htm
11/24/2003 08:11 PM 1,145 2003-11-24 [Monday].htm
12/02/2003 08:32 PM 912 2003-12-02 [Tuesday].htm
12/03/2003 10:32 PM 1,397 2003-12-03 [Wednesday].htm
12/04/2003 08:52 PM 5,769 2003-12-04 [Thursday].htm
12/06/2003 09:09 PM 27,591 2003-12-06 [Saturday].htm
12/13/2003 05:21 AM 1,466 2003-12-13 [Saturday].htm
12/19/2003 04:40 AM 5,451 2003-12-19 [Friday].htm
12/20/2003 07:10 AM 1,039 2003-12-20 [Saturday].htm
12/21/2003 12:14 PM 5,751 2003-12-21 [Sunday].htm
12/25/2003 11:28 PM 3,770 2003-12-25 [Thursday].htm
12/30/2003 06:38 PM 1,638 2003-12-30 [Tuesday].htm
12/31/2003 01:21 AM 1,355 2003-12-31 [Wednesday].htm
01/02/2004 03:00 AM 597 2004-01-02 [Friday].htm
01/03/2004 12:59 AM 3,883 2004-01-03 [Saturday].htm
01/12/2004 09:31 PM 2,529 2004-01-12 [Monday].htm
01/14/2004 09:36 PM 13,606 2004-01-14 [Wednesday].htm
01/15/2004 03:05 PM 773 2004-01-15 [Thursday].htm
09/14/2006 04:34 PM <DIR> 2004-01-18 [Sunday]
01/18/2004 03:05 AM 4,490 2004-01-18 [Sunday].htm
01/20/2004 07:30 PM 1,855 2004-01-20 [Tuesday].htm
01/21/2004 02:50 PM 3,563 2004-01-21 [Wednesday].htm
01/25/2004 07:47 PM 1,352 2004-01-25 [Sunday].htm
01/26/2004 07:58 PM 1,267 2004-01-26 [Monday].htm
01/27/2004 10:21 PM 4,354 2004-01-27 [Tuesday].htm
09/14/2006 04:34 PM <DIR> 2004-01-28 [Wednesday]
01/28/2004 09:01 PM 4,669 2004-01-28 [Wednesday].htm
01/29/2004 11:04 PM 976 2004-01-29 [Thursday].htm
02/04/2004 04:20 PM 2,271 2004-02-04 [Wednesday].htm
02/09/2004 10:39 PM 1,038 2004-02-09 [Monday].htm
09/14/2006 04:34 PM <DIR> 2004-02-16 [Monday]
02/16/2004 07:20 PM 33,702 2004-02-16 [Monday].htm
02/21/2004 04:32 PM 7,061 2004-02-21 [Saturday].htm
02/23/2004 08:42 PM 1,009 2004-02-23 [Monday].htm
02/27/2004 11:53 PM 1,706 2004-02-27 [Friday].htm
02/27/2004 11:50 PM 2,902 events.txt
37 File(s) 161,870 bytes

Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\xxryuhouxx - caitlin\2004-01-18 [Sunday]

09/14/2006 04:34 PM <DIR> .
09/14/2006 04:34 PM <DIR> ..
09/14/2006 04:34 PM 4,608 Thumbs.db
01/18/2004 03:05 AM 746,974 untitled.bmp
2 File(s) 751,582 bytes

Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\xxryuhouxx - caitlin\2004-01-28 [Wednesday]

09/14/2006 04:34 PM <DIR> .
09/14/2006 04:34 PM <DIR> ..
01/28/2004 09:01 PM 799,510 noname1075341676.bmp
09/14/2006 04:34 PM 6,144 Thumbs.db
2 File(s) 805,654 bytes

Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\xxryuhouxx - caitlin\2004-02-16 [Monday]

09/14/2006 04:34 PM <DIR> .
09/14/2006 04:34 PM <DIR> ..
02/16/2004 07:19 PM 304,381 03' fell down stairs.tif
02/16/2004 07:19 PM 518,964 Caitlin - gadzook
02/16/2004 07:19 PM 95,306 headshot.jpg
02/16/2004 07:19 PM 2,817,556 homc..03 .jpg
09/14/2006 04:36 PM 88,081 scan0001.jpg
02/16/2004 07:19 PM 1,612,356 Scan0001.tif
09/14/2006 04:39 PM 2,796,308 Scan0002.tif
02/16/2004 07:19 PM 8,619 spiderman_bnza_small nicks bowl.jpg
09/14/2006 04:39 PM 27,648 Thumbs.db
9 File(s) 8,269,219 bytes

Directory of C:\Documents and Settings\Nick\Desktop\Music Videos

01/13/2006 12:08 PM <DIR> .
01/13/2006 12:08 PM <DIR> ..
01/13/2006 10:15 AM 56,049,646 311 - 311 fatchance live.mpg
01/13/2006 09:23 AM 31,752,811 311 - all mixed up (video).mpg
01/13/2006 10:57 AM 36,307,852 311 - Amber (Live On Last Call)(1).mpg
01/13/2006 08:52 AM 37,853,188 311 - beautiful disaster live mtv smf.mpg
01/13/2006 10:52 AM 39,359,264 311 - come original live at sokal.mpeg
01/13/2006 11:08 AM 44,130,436 311 - creatures for a while - creatures.mpg
01/13/2006 08:05 AM 29,631,000 311 - don't stay home.mpg
01/13/2006 11:10 AM 36,465,884 311 - Down (Live On Conan O'Brien).mpg
01/13/2006 11:23 AM 40,326,048 311 - down (live on david letterman).mpg
01/13/2006 11:27 AM 29,956,136 311 - Down.mpg
01/13/2006 09:15 AM 42,006,300 311 - feels so good (live).mpg
01/13/2006 09:49 AM 39,301,164 311 - First Straw (Live Kimmel).mpg
01/12/2006 06:44 PM 161 311 - First Straw.avs
01/13/2006 10:25 AM 8,299,742 311 - First Straw.wmv
01/13/2006 10:57 AM 43,533,168 311 - Flowing (video).mpg
01/13/2006 03:47 AM 158 311 - Homebrew.avs
01/13/2006 07:41 AM 7,976,446 311 - Homebrew.wmv
01/13/2006 10:07 AM 36,993,028 311 - i'll be here awhile acoustic (live in seattle).mpg
01/13/2006 09:19 AM 47,818,624 311 - love song 33.mpg
01/13/2006 01:32 AM 175 311 - lovesong_kilborne_2-19-04.avs
01/13/2006 06:18 AM 9,300,700 311 - lovesong_kilborne_2-19-04.wmv
01/13/2006 09:52 AM 27,787,266 311 - prisoner.mpg
01/13/2006 09:38 AM 37,569,784 311 - transistor.mpg
01/13/2006 05:45 AM 160 311 kilborne 512.avs
01/13/2006 07:54 AM 18,634,383 311 kilborne 512.wmv
01/13/2006 10:11 AM 10,265,436 311 lovesong Leno 061104.wmv
01/13/2006 01:51 AM 177 311 on kimmel 2003 - creatures512.avs
01/13/2006 09:32 AM 19,287,237 311 on kimmel 2003 - creatures512.wmv
01/13/2006 09:32 AM 43,155,141 311- beautiful_disaster.mpg
01/13/2006 09:43 AM 37,797,290 311- come original.mpg
01/13/2006 08:28 AM 43,806,804 311- do you right.mpeg
01/13/2006 09:25 AM 51,873,268 311-i'll be here awhile.mpg
01/13/2006 08:24 AM 31,946,756 311_-_amber-daveyscan-ucv.mpeg
01/12/2006 12:10 PM 166 311_Kimmel_DTOM_080505.avs
01/13/2006 12:27 AM 10,496,228 311_Kimmel_DTOM_080505.wmv
01/12/2006 11:56 AM 174 311_on_Sharon_Osbourne_2-20-04.avs
01/13/2006 08:44 AM 9,303,984 311_on_Sharon_Osbourne_2-20-04.wmv
01/13/2006 02:25 AM 186 Drumline on kilborne-512kbps-thatsnice-wmv.avs
01/13/2006 09:55 AM 14,826,035 Drumline on kilborne-512kbps-thatsnice-wmv.wmv
01/13/2006 12:10 PM 92,160 Thumbs.db
40 File(s) 973,904,566 bytes

Directory of C:\Documents and Settings\Nick\Desktop\SmitfraudFix

10/27/2006 02:02 PM <DIR> .
10/27/2006 02:02 PM <DIR> ..
07/31/2004 05:50 PM 51,200 dumphive.exe
10/10/2006 10:34 PM 81,920 GenericRenosFix.exe
06/05/2003 08:13 PM 53,248 Process.exe
01/13/2005 08:41 PM 24,576 Reboot.exe
03/07/2006 09:45 PM 16,384 restart.exe
10/26/2006 10:56 PM 776,024 SmitfraudFix.cmd
09/19/2006 09:13 PM 20,480 SmiUpdate.exe
04/27/2006 04:49 PM 288,417 SrchSTS.exe
08/29/2006 06:43 PM 135,168 swreg.exe
01/09/2006 09:36 AM 40,960 swsc.exe
09/14/2006 11:34 PM 167,936 unzip.exe
11 File(s) 1,656,313 bytes

Directory of C:\Documents and Settings\Nick\Desktop\VirtualDubMod_1_5_10_2_All_inclusive

07/25/2006 02:07 AM <DIR> .
07/25/2006 02:07 AM <DIR> ..
08/25/2005 09:10 PM 40,960 AuxSetup.exe
04/08/2006 01:11 AM <DIR> aviproxy
11/14/2002 06:55 PM 56,832 AviSynthLexer.lexer
08/25/2005 10:44 PM 14,545 Codecs.ini
10/01/2003 05:31 PM 18,321 copying
03/10/2003 04:42 PM 125,440 corona.dll
04/22/2005 04:07 AM 184 Free-Codecs.txt
05/22/2002 05:18 AM 860 license_corona.txt
03/11/2003 10:10 PM 20,992 ogg.dll
04/08/2006 01:11 AM <DIR> plugins
03/17/2003 08:41 PM 1,263 readme_virtualdubmod_dlls.txt
04/25/2003 11:29 PM 146,944 SciLexer.dll
04/08/2006 01:11 AM <DIR> template
08/25/2005 09:10 PM 11,340 vdicmdrv.dll
08/25/2005 09:10 PM 9,804 vdremote.dll
08/25/2005 09:09 PM 7,244 vdsvrlnk.dll
12/01/2003 11:11 PM 74,186 VirtualDub.vdhelp
12/03/2003 08:26 PM 210,415 VirtualDubMod.chm
08/25/2005 09:17 PM 929,280 VirtualDubMod.exe
09/12/2004 12:22 PM 615 VirtualDubMod.exe.manifest
08/25/2005 09:17 PM 137,733 VirtualDubMod.vdi
03/11/2003 10:50 PM 48,640 vorbis.dll
07/25/2006 01:25 AM 699,177 WordBiz18.exe
20 File(s) 2,554,775 bytes

Directory of C:\Documents and Settings\Nick\Desktop\VirtualDubMod_1_5_10_2_All_inclusive\aviproxy

04/08/2006 01:11 AM <DIR> .
04/08/2006 01:11 AM <DIR> ..
10/01/2003 05:31 PM 192 proxyoff.reg
10/01/2003 05:31 PM 192 proxyon.reg
10/01/2003 05:31 PM 1,076 readme.txt
3 File(s) 1,460 bytes

Directory of C:\Documents and Settings\Nick\Desktop\VirtualDubMod_1_5_10_2_All_inclusive\plugins

04/08/2006 01:11 AM <DIR> .
04/08/2006 01:11 AM <DIR> ..
10/01/2003 05:31 PM 88 readme.txt
1 File(s) 88 bytes

Directory of C:\Documents and Settings\Nick\Desktop\VirtualDubMod_1_5_10_2_All_inclusive\template

04/08/2006 01:11 AM <DIR> .
04/08/2006 01:11 AM <DIR> ..
10/30/2002 09:13 PM 40 avisource.avst
10/30/2002 09:13 PM 50 default.avst
10/30/2002 09:13 PM 54 directshow.avst
10/30/2002 09:13 PM 59 mpeg2dec.avst
10/30/2002 09:13 PM 48 mpegdecoder.avst
5 File(s) 251 bytes

Total Files Listed:
274 File(s) 1,030,972,965 bytes
56 Dir(s) 74,018,066,432 bytes free

Volume in drive C has no label.
Volume Serial Number is 04E4-BB78

Directory of C:\Documents and Settings\Nick\Desktop

11/02/2006 09:27 PM <DIR> .
11/02/2006 09:27 PM <DIR> ..
10/27/2006 01:55 PM 3,307 222.rtf
09/19/2006 07:26 PM 2,855,080 aawsepersonal.exe
06/10/2005 09:44 PM 20,798,256 AdbeRdr70_enu_full.exe
10/19/2005 06:19 PM 160,256 AIMFix.exe
10/27/2005 03:04 PM 678 Azureus.lnk
04/09/2005 10:00 AM 393,216 bwchart.exe
09/18/2006 11:20 PM <DIR> Caitlin all
10/17/2005 03:47 PM 1,657 Collab.lnk
10/25/2006 11:28 AM 276,918 combofix.exe
11/02/2006 09:27 PM 132 find.bat
11/02/2006 09:27 PM 124 find2.bat
10/17/2005 03:47 PM 778 FL Studio 5.lnk
05/28/2005 09:35 PM 104 Internet.lnk
10/23/2005 10:54 PM 1,565 IrfanView Thumbnails.lnk
10/23/2005 10:54 PM 685 IrfanView.lnk
01/13/2006 12:08 PM <DIR> Music Videos
09/25/2005 04:02 PM 104 My Computer.lnk
03/15/2004 10:08 PM 19,846 nick's poem book.txt
10/27/2006 02:03 PM 1,420 rapport.txt
10/27/2006 02:02 PM <DIR> SmitfraudFix
10/27/2006 01:26 PM 601,128 SmitfraudFix.zip
09/19/2006 07:43 PM 933 Spybot - Search & Destroy.lnk
09/19/2006 07:43 PM 5,037,072 spybotsd14.exe
09/19/2006 12:21 PM 690 SpywareBlaster.lnk
05/28/2005 09:25 PM 1,576 Starcraft - Brood War.lnk
10/25/2006 11:24 AM 2 uninstall_list.txt
07/25/2006 02:07 AM <DIR> VirtualDubMod_1_5_10_2_All_inclusive
04/08/2006 01:15 AM 1,757,806 VirtualDubMod_1_5_10_2_All_inclusive.zip
11/09/2005 03:55 AM 654 Winamp.lnk
06/05/2005 05:53 PM 692 WinRAR.lnk
07/25/2006 01:25 AM 1,524 WordBiz.lnk
06/05/2005 05:52 PM 1,013,454 wrar35b5.exe
28 File(s) 32,929,657 bytes

Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all

09/18/2006 11:20 PM <DIR> .
09/18/2006 11:20 PM <DIR> ..
09/26/2004 08:53 PM 183,615 caitlin.jpg
09/18/2006 11:22 PM 256,822 Clipboard01.bmp
09/13/2006 09:50 PM <DIR> DszeroDs - Caitlin
09/13/2006 09:50 PM <DIR> GoBpUnKrOcKeRs -Caitlin
01/30/2005 10:03 PM 2,794,174 hawaii.bmp
02/16/2004 07:09 PM 2,817,556 homc..03 .tif
09/13/2006 09:49 PM <DIR> RyuhouEx - Caitlin
02/16/2004 07:06 PM 2,817,580 Scan0002.tif
10/29/2004 08:01 AM 620 Shortcut to Caitlin - gadzook.lnk
01/30/2005 10:02 PM 619 Shortcut to Scan0002.lnk
09/18/2006 11:22 PM 32,256 Thumbs.db
09/13/2006 09:49 PM <DIR> XfallenchaosX - caitlin middle
09/13/2006 09:49 PM <DIR> xfallenchaosx - caitlin new
09/13/2006 09:49 PM <DIR> xfallenchaosx - caitlin old
09/13/2006 09:49 PM <DIR> xxryuhouxx - caitlin
8 File(s) 8,903,242 bytes

Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\DszeroDs - Caitlin

09/13/2006 09:50 PM <DIR> .
09/13/2006 09:50 PM <DIR> ..
05/24/2003 06:23 AM 4,208 2003-05-24 [Saturday].htm
06/04/2003 08:47 PM 1,756 2003-06-04 [Wednesday].htm
06/05/2003 06:37 PM 401 2003-06-05 [Thursday].htm
06/07/2003 04:40 PM 2,337 2003-06-07 [Saturday].htm
06/09/2003 09:30 PM 2,070 2003-06-09 [Monday].htm
06/10/2003 07:38 PM 14,563 2003-06-10 [Tuesday].htm
06/12/2003 09:18 PM 18,931 2003-06-12 [Thursday].htm
06/14/2003 05:06 PM 390 2003-06-14 [Saturday].htm
06/15/2003 09:48 PM 35,884 2003-06-15 [Sunday].htm
06/16/2003 09:47 PM 27,543 2003-06-16 [Monday].htm
06/17/2003 08:26 PM 3,694 2003-06-17 [Tuesday].htm
06/18/2003 03:36 PM 22,921 2003-06-18 [Wednesday].htm
06/19/2003 07:21 PM 11,709 2003-06-19 [Thursday].htm
06/20/2003 08:58 PM 5,804 2003-06-20 [Friday].htm
06/22/2003 01:09 PM 6,787 2003-06-22 [Sunday].htm
06/23/2003 05:05 PM 17,660 2003-06-23 [Monday].htm
06/25/2003 12:56 PM 7,187 2003-06-25 [Wednesday].htm
06/27/2003 03:50 PM 15,410 2003-06-27 [Friday].htm
07/06/2003 09:28 PM 5,168 2003-07-06 [Sunday].htm
07/07/2003 06:09 PM 21,267 2003-07-07 [Monday].htm
07/08/2003 04:55 PM 2,293 2003-07-08 [Tuesday].htm
07/13/2003 12:28 PM 2,378 2003-07-13 [Sunday].htm
07/14/2003 08:52 PM 11,916 2003-07-14 [Monday].htm
07/15/2003 07:32 PM 13,510 2003-07-15 [Tuesday].htm
07/19/2003 09:58 PM 14,734 2003-07-19 [Saturday].htm
07/26/2003 02:42 PM 14,938 2003-07-26 [Saturday].htm
07/27/2003 03:17 PM 550 2003-07-27 [Sunday].htm
08/11/2003 09:40 PM 4,268 2003-08-11 [Monday].htm
08/12/2003 11:13 AM 675 2003-08-12 [Tuesday].htm
08/14/2003 10:36 PM 12,800 2003-08-14 [Thursday].htm
08/15/2003 10:17 PM 7,932 2003-08-15 [Friday].htm
08/16/2003 08:14 PM 24,701 2003-08-16 [Saturday].htm
08/17/2003 05:01 PM 8,650 2003-08-17 [Sunday].htm
08/18/2003 07:04 PM 20,208 2003-08-18 [Monday].htm
08/19/2003 12:36 AM 27,747 2003-08-19 [Tuesday].htm
08/20/2003 09:54 PM 36,672 2003-08-20 [Wednesday].htm
08/21/2003 11:25 AM 2,461 2003-08-21 [Thursday].htm
08/22/2003 10:26 AM 3,368 2003-08-22 [Friday].htm
01/23/2004 11:10 PM 2,381 2004-01-23 [Friday].htm
01/25/2004 01:05 PM 2,368 events.txt
10/09/2004 11:02 PM 14 Me....txt
41 File(s) 440,254 bytes

Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\GoBpUnKrOcKeRs -Caitlin

09/13/2006 09:50 PM <DIR> .
09/13/2006 09:50 PM <DIR> ..
04/25/2001 07:16 AM 9,249 2001-04-25 [Wednesday].htm
05/05/2001 10:31 AM 14,933 2001-05-05 [Saturday].htm
09/20/2001 08:45 PM 23,022 2001-09-20 [Thursday].htm
09/21/2001 01:26 AM 21,168 2001-09-21 [Friday].htm
04/09/2003 07:45 PM 13,845 2003-04-09 [Wednesday].htm
09/14/2006 04:40 PM <DIR> 2003-04-18 [Friday]
04/18/2003 10:32 PM 64,574 2003-04-18 [Friday].htm
04/19/2003 12:21 PM 1,909 2003-04-19 [Saturday].htm
04/20/2003 12:05 AM 11,873 2003-04-20 [Sunday].htm
05/26/2003 01:31 PM 9,781 2003-05-26 [Monday].htm
06/01/2003 04:37 PM 9,707 2003-06-01 [Sunday].htm
06/06/2003 06:15 PM 1,344 2003-06-06 [Friday].htm
01/25/2004 07:10 PM 4,610 2004-01-25 [Sunday].htm
06/01/2003 04:37 PM 277 events.txt
13 File(s) 186,292 bytes

Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\GoBpUnKrOcKeRs -Caitlin\2003-04-18 [Friday]

09/14/2006 04:40 PM <DIR> .
09/14/2006 04:40 PM <DIR> ..
04/18/2003 07:32 PM 104,336 MVC-011S.JPG
09/14/2006 04:40 PM 5,632 Thumbs.db
2 File(s) 109,968 bytes

Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\RyuhouEx - Caitlin

09/13/2006 09:49 PM <DIR> .
09/13/2006 09:49 PM <DIR> ..
08/23/2003 08:14 PM 912 2003-08-23 [Saturday].htm
08/24/2003 06:21 PM 3,181 2003-08-24 [Sunday].htm
08/25/2003 01:14 PM 31,929 2003-08-25 [Monday].htm
08/26/2003 03:24 PM 19,349 2003-08-26 [Tuesday].htm
08/27/2003 03:04 PM 8,857 2003-08-27 [Wednesday].htm
08/28/2003 08:31 PM 7,746 2003-08-28 [Thursday].htm
08/29/2003 03:07 PM 12,340 2003-08-29 [Friday].htm
08/30/2003 02:57 PM 1,515 2003-08-30 [Saturday].htm
09/03/2003 06:59 PM 1,973 2003-09-03 [Wednesday].htm
09/07/2003 08:12 PM 17,033 2003-09-07 [Sunday].htm
09/08/2003 02:37 PM 13,073 2003-09-08 [Monday].htm
09/12/2003 01:49 PM 890 2003-09-12 [Friday].htm
09/14/2003 07:36 PM 17,727 2003-09-14 [Sunday].htm
09/15/2003 08:30 PM 2,160 2003-09-15 [Monday].htm
09/17/2003 07:12 PM 755 2003-09-17 [Wednesday].htm
09/19/2003 03:37 PM 3,721 2003-09-19 [Friday].htm
09/22/2003 08:31 PM 1,404 2003-09-22 [Monday].htm
09/24/2003 08:05 PM 6,813 2003-09-24 [Wednesday].htm
09/25/2003 08:19 PM 4,623 2003-09-25 [Thursday].htm
09/26/2003 02:59 PM 713 2003-09-26 [Friday].htm
09/29/2003 08:15 PM 1,859 2003-09-29 [Monday].htm
10/08/2003 06:27 PM 1,441 2003-10-08 [Wednesday].htm
10/09/2003 09:20 PM 6,395 2003-10-09 [Thursday].htm
10/10/2003 10:43 AM 5,340 2003-10-10 [Friday].htm
10/15/2003 08:19 PM 24,779 2003-10-15 [Wednesday].htm
10/17/2003 04:51 PM 1,504 2003-10-17 [Friday].htm
10/19/2003 04:44 PM 688 2003-10-19 [Sunday].htm
10/20/2003 07:54 PM 5,003 2003-10-20 [Monday].htm
10/22/2003 07:51 PM 18,172 2003-10-22 [Wednesday].htm
10/24/2003 02:12 PM 2,034 2003-10-24 [Friday].htm
10/26/2003 08:09 PM 5,619 2003-10-26 [Sunday].htm
10/27/2003 08:54 PM 12,243 2003-10-27 [Monday].htm
10/29/2003 08:00 PM 9,120 2003-10-29 [Wednesday].htm
10/30/2003 03:55 PM 6,331 2003-10-30 [Thursday].htm
10/31/2003 06:20 PM 619 2003-10-31 [Friday].htm
11/03/2003 09:46 PM 2,710 2003-11-03 [Monday].htm
11/04/2003 08:38 PM 5,569 2003-11-04 [Tuesday].htm
11/05/2003 01:50 PM 1,872 2003-11-05 [Wednesday].htm
11/05/2003 01:30 PM 3,046 events.txt
39 File(s) 271,058 bytes

Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\XfallenchaosX - caitlin middle

09/13/2006 09:49 PM <DIR> .
09/13/2006 09:49 PM <DIR> ..
02/29/2004 10:40 PM 978 2004-02-29 [Sunday].htm
03/29/2004 09:59 PM 2,358 2004-03-29 [Monday].htm
04/02/2004 09:16 PM 439 2004-04-02 [Friday].htm
04/03/2004 02:19 PM 997 2004-04-03 [Saturday].htm
04/11/2004 09:00 PM 1,566 2004-04-11 [Sunday].htm
04/15/2004 10:16 PM 11,595 2004-04-15 [Thursday].htm
04/27/2004 02:42 PM 1,133 2004-04-27 [Tuesday].htm
04/27/2004 07:30 PM 937 events.txt
8 File(s) 20,003 bytes

Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\xfallenchaosx - caitlin new

09/13/2006 09:49 PM <DIR> .
09/13/2006 09:49 PM <DIR> ..
05/05/2004 08:06 PM 3,980 2004-05-05 [Wednesday].htm
05/10/2004 05:29 PM 69 events.txt
2 File(s) 4,049 bytes

Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\xfallenchaosx - caitlin old

09/13/2006 09:49 PM <DIR> .
09/13/2006 09:49 PM <DIR> ..
02/27/2004 11:53 PM 1,462 2004-02-27 [Friday].htm
02/28/2004 02:34 PM 924 2004-02-28 [Saturday].htm
03/22/2004 09:05 PM 278 events.txt
3 File(s) 2,664 bytes

Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\xxryuhouxx - caitlin

09/13/2006 09:49 PM <DIR> .
09/13/2006 09:49 PM <DIR> ..
11/10/2003 10:10 PM 3,575 2003-11-10 [Monday].htm
11/11/2003 07:11 PM 728 2003-11-11 [Tuesday].htm
11/17/2003 05:33 PM 4,019 2003-11-17 [Monday].htm
11/19/2003 07:47 PM 1,370 2003-11-19 [Wednesday].htm
11/23/2003 10:04 PM 1,291 2003-11-23 [Sunday].htm
11/24/2003 08:11 PM 1,145 2003-11-24 [Monday].htm
12/02/2003 08:32 PM 912 2003-12-02 [Tuesday].htm
12/03/2003 10:32 PM 1,397 2003-12-03 [Wednesday].htm
12/04/2003 08:52 PM 5,769 2003-12-04 [Thursday].htm
12/06/2003 09:09 PM 27,591 2003-12-06 [Saturday].htm
12/13/2003 05:21 AM 1,466 2003-12-13 [Saturday].htm
12/19/2003 04:40 AM 5,451 2003-12-19 [Friday].htm
12/20/2003 07:10 AM 1,039 2003-12-20 [Saturday].htm
12/21/2003 12:14 PM 5,751 2003-12-21 [Sunday].htm
12/25/2003 11:28 PM 3,770 2003-12-25 [Thursday].htm
12/30/2003 06:38 PM 1,638 2003-12-30 [Tuesday].htm
12/31/2003 01:21 AM 1,355 2003-12-31 [Wednesday].htm
01/02/2004 03:00 AM 597 2004-01-02 [Friday].htm
01/03/2004 12:59 AM 3,883 2004-01-03 [Saturday].htm
01/12/2004 09:31 PM 2,529 2004-01-12 [Monday].htm
01/14/2004 09:36 PM 13,606 2004-01-14 [Wednesday].htm
01/15/2004 03:05 PM 773 2004-01-15 [Thursday].htm
09/14/2006 04:34 PM <DIR> 2004-01-18 [Sunday]
01/18/2004 03:05 AM 4,490 2004-01-18 [Sunday].htm
01/20/2004 07:30 PM 1,855 2004-01-20 [Tuesday].htm
01/21/2004 02:50 PM 3,563 2004-01-21 [Wednesday].htm
01/25/2004 07:47 PM 1,352 2004-01-25 [Sunday].htm
01/26/2004 07:58 PM 1,267 2004-01-26 [Monday].htm
01/27/2004 10:21 PM 4,354 2004-01-27 [Tuesday].htm
09/14/2006 04:34 PM <DIR> 2004-01-28 [Wednesday]
01/28/2004 09:01 PM 4,669 2004-01-28 [Wednesday].htm
01/29/2004 11:04 PM 976 2004-01-29 [Thursday].htm
02/04/2004 04:20 PM 2,271 2004-02-04 [Wednesday].htm
02/09/2004 10:39 PM 1,038 2004-02-09 [Monday].htm
09/14/2006 04:34 PM <DIR> 2004-02-16 [Monday]
02/16/2004 07:20 PM 33,702 2004-02-16 [Monday].htm
02/21/2004 04:32 PM 7,061 2004-02-21 [Saturday].htm
02/23/2004 08:42 PM 1,009 2004-02-23 [Monday].htm
02/27/2004 11:53 PM 1,706 2004-02-27 [Friday].htm
02/27/2004 11:50 PM 2,902 events.txt
37 File(s) 161,870 bytes

Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\xxryuhouxx - caitlin\2004-01-18 [Sunday]

09/14/2006 04:34 PM <DIR> .
09/14/2006 04:34 PM <DIR> ..
09/14/2006 04:34 PM 4,608 Thumbs.db
01/18/2004 03:05 AM 746,974 untitled.bmp
2 File(s) 751,582 bytes

Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\xxryuhouxx - caitlin\2004-01-28 [Wednesday]

09/14/2006 04:34 PM <DIR> .
09/14/2006 04:34 PM <DIR> ..
01/28/2004 09:01 PM 799,510 noname1075341676.bmp
09/14/2006 04:34 PM 6,144 Thumbs.db
2 File(s) 805,654 bytes

Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\xxryuhouxx - caitlin\2004-02-16 [Monday]

09/14/2006 04:34 PM <DIR> .
09/14/2006 04:34 PM <DIR> ..
02/16/2004 07:19 PM 304,381 03' fell down stairs.tif
02/16/2004 07:19 PM 518,964 Caitlin - gadzook
02/16/2004 07:19 PM 95,306 headshot.jpg
02/16/2004 07:19 PM 2,817,556 homc..03 .jpg
09/14/2006 04:36 PM 88,081 scan0001.jpg
02/16/2004 07:19 PM 1,612,356 Scan0001.tif
09/14/2006 04:39 PM 2,796,308 Scan0002.tif
02/16/2004 07:19 PM 8,619 spiderman_bnza_small nicks bowl.jpg
09/14/2006 04:39 PM 27,648 Thumbs.db
9 File(s) 8,269,219 bytes

Directory of C:\Documents and Settings\Nick\Desktop\Music Videos

01/13/2006 12:08 PM <DIR> .
01/13/2006 12:08 PM <DIR> ..
01/13/2006 10:15 AM 56,049,646 311 - 311 fatchance live.mpg
01/13/2006 09:23 AM 31,752,811 311 - all mixed up (video).mpg
01/13/2006 10:57 AM 36,307,852 311 - Amber (Live On Last Call)(1).mpg
01/13/2006 08:52 AM 37,853,188 311 - beautiful disaster live mtv smf.mpg
01/13/2006 10:52 AM 39,359,264 311 - come original live at sokal.mpeg
01/13/2006 11:08 AM 44,130,436 311 - creatures for a while - creatures.mpg
01/13/2006 08:05 AM 29,631,000 311 - don't stay home.mpg
01/13/2006 11:10 AM 36,465,884 311 - Down (Live On Conan O'Brien).mpg
01/13/2006 11:23 AM 40,326,048 311 - down (live on david letterman).mpg
01/13/2006 11:27 AM 29,956,136 311 - Down.mpg
01/13/2006 09:15 AM 42,006,300 311 - feels so good (live).mpg
01/13/2006 09:49 AM 39,301,164 311 - First Straw (Live Kimmel).mpg
01/12/2006 06:44 PM 161 311 - First Straw.avs
01/13/2006 10:25 AM 8,299,742 311 - First Straw.wmv
01/13/2006 10:57 AM 43,533,168 311 - Flowing (video).mpg
01/13/2006 03:47 AM 158 311 - Homebrew.avs
01/13/2006 07:41 AM 7,976,446 311 - Homebrew.wmv
01/13/2006 10:07 AM 36,993,028 311 - i'll be here awhile acoustic (live in seattle).mpg
01/13/2006 09:19 AM 47,818,624 311 - love song 33.mpg
01/13/2006 01:32 AM 175 311 - lovesong_kilborne_2-19-04.avs
01/13/2006 06:18 AM 9,300,700 311 - lovesong_kilborne_2-19-04.wmv
01/13/2006 09:52 AM 27,787,266 311 - prisoner.mpg
01/13/2006 09:38 AM 37,569,784 311 - transistor.mpg
01/13/2006 05:45 AM 160 311 kilborne 512.avs
01/13/2006 07:54 AM 18,634,383 311 kilborne 512.wmv
01/13/2006 10:11 AM 10,265,436 311 lovesong Leno 061104.wmv
01/13/2006 01:51 AM 177 311 on kimmel 2003 - creatures512.avs
01/13/2006 09:32 AM 19,287,237 311 on kimmel 2003 - creatures512.wmv
01/13/2006 09:32 AM 43,155,141 311- beautiful_disaster.mpg
01/13/2006 09:43 AM 37,797,290 311- come original.mpg
01/13/2006 08:28 AM 43,806,804 311- do you right.mpeg
01/13/2006 09:25 AM 51,873,268 311-i'll be here awhile.mpg
01/13/2006 08:24 AM 31,946,756 311_-_amber-daveyscan-ucv.mpeg
01/12/2006 12:10 PM 166 311_Kimmel_DTOM_080505.avs
01/13/2006 12:27 AM 10,496,228 311_Kimmel_DTOM_080505.wmv
01/12/2006 11:56 AM 174 311_on_Sharon_Osbourne_2-20-04.avs
01/13/2006 08:44 AM 9,303,984 311_on_Sharon_Osbourne_2-20-04.wmv
01/13/2006 02:25 AM 186 Drumline on kilborne-512kbps-thatsnice-wmv.avs
01/13/2006 09:55 AM 14,826,035 Drumline on kilborne-512kbps-thatsnice-wmv.wmv
01/13/2006 12:10 PM 92,160 Thumbs.db
40 File(s) 973,904,566 bytes

Directory of C:\Documents and Settings\Nick\Desktop\SmitfraudFix

10/27/2006 02:02 PM <DIR> .
10/27/2006 02:02 PM <DIR> ..
07/31/2004 05:50 PM 51,200 dumphive.exe
10/10/2006 10:34 PM 81,920 GenericRenosFix.exe
06/05/2003 08:13 PM 53,248 Process.exe
01/13/2005 08:41 PM 24,576 Reboot.exe
03/07/2006 09:45 PM 16,384 restart.exe
10/26/2006 10:56 PM 776,024 SmitfraudFix.cmd
09/19/2006 09:13 PM 20,480 SmiUpdate.exe
04/27/2006 04:49 PM 288,417 SrchSTS.exe
08/29/2006 06:43 PM 135,168 swreg.exe
01/09/2006 09:36 AM 40,960 swsc.exe
09/14/2006 11:34 PM 167,936 unzip.exe
11 File(s) 1,656,313 bytes

Directory of C:\Documents and Settings\Nick\Desktop\VirtualDubMod_1_5_10_2_All_inclusive

07/25/2006 02:07 AM <DIR> .
07/25/2006 02:07 AM <DIR> ..
08/25/2005 09:10 PM 40,960 AuxSetup.exe
04/08/2006 01:11 AM <DIR> aviproxy
11/14/2002 06:55 PM 56,832 AviSynthLexer.lexer
08/25/2005 10:44 PM 14,545 Codecs.ini
10/01/2003 05:31 PM 18,321 copying
03/10/2003 04:42 PM 125,440 corona.dll
04/22/2005 04:07 AM 184 Free-Codecs.txt
05/22/2002 05:18 AM 860 license_corona.txt
03/11/2003 10:10 PM 20,992 ogg.dll
04/08/2006 01:11 AM <DIR> plugins
03/17/2003 08:41 PM 1,263 readme_virtualdubmod_dlls.txt
04/25/2003 11:29 PM 146,944 SciLexer.dll
04/08/2006 01:11 AM <DIR> template
08/25/2005 09:10 PM 11,340 vdicmdrv.dll
08/25/2005 09:10 PM 9,804 vdremote.dll
08/25/2005 09:09 PM 7,244 vdsvrlnk.dll
12/01/2003 11:11 PM 74,186 VirtualDub.vdhelp
12/03/2003 08:26 PM 210,415 VirtualDubMod.chm
08/25/2005 09:17 PM 929,280 VirtualDubMod.exe
09/12/2004 12:22 PM 615 VirtualDubMod.exe.manifest
08/25/2005 09:17 PM 137,733 VirtualDubMod.vdi
03/11/2003 10:50 PM 48,640 vorbis.dll
07/25/2006 01:25 AM 699,177 WordBiz18.exe
20 File(s) 2,554,775 bytes

Directory of C:\Documents and Settings\Nick\Desktop\VirtualDubMod_1_5_10_2_All_inclusive\aviproxy

04/08/2006 01:11 AM <DIR> .
04/08/2006 01:11 AM <DIR> ..
10/01/2003 05:31 PM 192 proxyoff.reg
10/01/2003 05:31 PM 192 proxyon.reg
10/01/2003 05:31 PM 1,076 readme.txt
3 File(s) 1,460 bytes

Directory of C:\Documents and Settings\Nick\Desktop\VirtualDubMod_1_5_10_2_All_inclusive\plugins

04/08/2006 01:11 AM <DIR> .
04/08/2006 01:11 AM <DIR> ..
10/01/2003 05:31 PM 88 readme.txt
1 File(s) 88 bytes

Directory of C:\Documents and Settings\Nick\Desktop\VirtualDubMod_1_5_10_2_All_inclusive\template

04/08/2006 01:11 AM <DIR> .
04/08/2006 01:11 AM <DIR> ..
10/30/2002 09:13 PM 40 avisource.avst
10/30/2002 09:13 PM 50 default.avst
10/30/2002 09:13 PM 54 directshow.avst
10/30/2002 09:13 PM 59 mpeg2dec.avst
10/30/2002 09:13 PM 48 mpegdecoder.avst
5 File(s) 251 bytes

Total Files Listed:
274 File(s) 1,030,972,965 bytes
56 Dir(s) 74,018,095,104 bytes free

im sorry about the time. The user was out of town and i couldn't get to the computer. here's what u wanted.

9

Tech Clinic / here ya go then...

« on: October 31, 2006, 04:34:34 PM »

yea

10

Tech Clinic / here ya go then...

« on: October 27, 2006, 02:15:58 PM »

Logfile of HijackThis v1.99.1
Scan saved at 3:14:23 PM, on 10/27/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\D-Link\Air Utility\AirCFG.exe
C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Silicon Image\SiISATARaid\SATARaid.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Program Files\Messenger\msmsgs.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\Program Files\iPod\bin\iPodService.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\msiexec.exe
C:\HJT\zerofate.exe.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [D-Link Air Utility] C:\Program Files\D-Link\Air Utility\AirCFG.exe
O4 - HKLM\..\Run: [ANIWZCSService] C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PAS_Check] "C:\Program Files\Common Files\DriveCleaner 2006 Free\udcpas.exe"
O4 - HKLM\..\Run: [SDR6_Check] "C:\Program Files\Common Files\DriveCleaner 2006 Free\udcsdr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: SATARaid.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\npjpi150_09.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\npjpi150_09.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...90/mcinsctl.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/m...,23/mcgdmgr.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe

SmitFraudFix v2.114

Scan done at 15:02:16.96, Fri 10/27/2006
Run from C:\Documents and Settings\Nick\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
Fix run in safe mode

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{dfa61db1-388e-4c87-8d56-540fa229bcb4}"="contrabandists"

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» Killing process

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» Generic Renos Fix

GenericRenosFix by S!Ri

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» Deleting infected files

C:\WINDOWS\system32\dpfwu.dll Deleted
C:\DOCUME~1\ALLUSE~1\Desktop\Online Security Guide.url Deleted
C:\DOCUME~1\ALLUSE~1\Desktop\Security Troubleshooting.url Deleted
C:\DOCUME~1\ALLUSE~1\STARTM~1\Online Security Guide.url Deleted
C:\DOCUME~1\ALLUSE~1\STARTM~1\Security Troubleshooting.url Deleted
C:\Program Files\PornPass Manager\ Deleted
C:\Program Files\VirusBurster\ Deleted

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» Deleting Temp Files

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» Registry Cleaning

Registry Cleaning done.

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» End

11

Tech Clinic / here ya go then...

« on: October 25, 2006, 11:32:22 AM »

HJT Unistall list
3ivx D4 4.5.1 (remove only)
Ad-Aware SE Personal
Adobe Download Manager 2.0 (Remove Only)
Adobe Reader 7.0
Ahead InCD
Ahead InCD EasyWrite Reader
Air Utility
ANIO Service
ANIWZCS Service
AOL Instant Messenger
Azureus
Collab
DivX
DivX Player
DivX Web Player
FL Studio 5
HijackThis 1.99.1
Intel® PRO Network Adapters and Drivers
Internet Explorer Security Plugin 2006
InterVideo WinDVD 4
iPod for Windows 2005-09-23
IrfanView (remove only)
iTunes
J2SE Runtime Environment 5.0 Update 6
Macromedia Flash Player 8
Macromedia Shockwave Player
McAfee SecurityCenter
McAfee VirusScan
Nero - Burning Rom
Nero Media Player
NeroVision Express 2
Panda spyXposer
Public Messenger ver 2.03
QuickTime
Realtek AC'97 Audio
Safety Alerter 2006
SATARaid
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB925486)
Spybot - Search & Destroy 1.4
SpywareBlaster v3.5.1
Starcraft
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB910437)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Winamp (remove only)
Windows Installer 3.1 (KB893803)
Windows Media Format Runtime
Windows Media Player 10
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890923
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086
Windows XP Service Pack 2
WinRAR archiver
WordBiz version 1.8
XviD MPEG-4 Video Codec

SmitFraudFix
SmitFraudFix v2.113

Scan done at 12:27:00.81, Wed 10/25/2006
Run from C:\Documents and Settings\Nick\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
Fix run in normal mode

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» C:\

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» C:\WINDOWS

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» C:\WINDOWS\system

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» C:\WINDOWS\Web

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» C:\WINDOWS\system32

C:\WINDOWS\system32\dpfwu.dll FOUND !

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» C:\WINDOWS\system32\LogFiles

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» C:\Documents and Settings\Nick

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» C:\Documents and Settings\Nick\Application Data

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» Start Menu

C:\DOCUME~1\ALLUSE~1\STARTM~1\Online Security Guide.url FOUND !
C:\DOCUME~1\ALLUSE~1\STARTM~1\Security Troubleshooting.url FOUND !

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» C:\DOCUME~1\Nick\FAVORI~1

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» Desktop

C:\DOCUME~1\ALLUSE~1\Desktop\Online Security Guide.url FOUND !
C:\DOCUME~1\ALLUSE~1\Desktop\Security Troubleshooting.url FOUND !

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» C:\Program Files

C:\Program Files\PornPass Manager\ FOUND !
C:\Program Files\VirusBurster\ FOUND !

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» Corrupted keys

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» Desktop Components

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components]
"Source"="http://www.eselocos.com/images/jmt_2.jpg"
"SubscribedURL"="http://www.eselocos.com/images/jmt_2.jpg"
"FriendlyName"=""

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\1]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{dfa61db1-388e-4c87-8d56-540fa229bcb4}"="contrabandists"

[HKEY_CLASSES_ROOT\CLSID\{dfa61db1-388e-4c87-8d56-540fa229bcb4}\InProcServer32]
@="C:\WINDOWS\system32\dpfwu.dll"

[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{dfa61db1-388e-4c87-8d56-540fa229bcb4}\InProcServer32]
@="C:\WINDOWS\system32\dpfwu.dll"

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» pe386-msguard-lzx32

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» Scanning wininet.dll infection

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» End

combofix
Nick - 06-10-25 12:29:22.07 Service Pack 2
ComboFix 06.10.19 - Running from: "C:\Documents and Settings\Nick\Desktop"

((((((((((((((((((((((((((((((( Files Created from 2006-09-25 to 2006-10-25 ))))))))))))))))))))))))))))))))))

2006-10-25   12:26   53,248   --a------   C:\WINDOWS\system32\Process.exe
2006-10-25   12:26   40,960   --a------   C:\WINDOWS\system32\swsc.exe
2006-10-25   12:26   288,417   --a------   C:\WINDOWS\system32\SrchSTS.exe
2006-10-25   12:26   135,168   --a------   C:\WINDOWS\system32\swreg.exe
2006-10-22   23:31   1,060,864   --a------   C:\WINDOWS\system32\mfc71.dll
2006-10-22   09:52   106,496   --a------   C:\WINDOWS\system32\dpfwu.dll

(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))

2006-10-22 23:31   --------   d--------   C:\Program Files\Common Files\DriveCleaner 2006 Free
2006-10-22 23:31   --------   d--------   C:\Program Files\Common Files
2006-10-22 10:12   --------   d--------   C:\Program Files\VirusBurster
2006-10-22 10:12   --------   d--------   C:\Program Files\PornPass Manager
2006-10-22 08:47   --------   d--------   C:\Program Files\Starcraft
2006-10-21 10:28   --------   d--------   C:\Program Files\Azureus
2006-10-21 10:28   --------   d--------   C:\Documents and Settings\Nick\Application Data\Azureus
2006-09-19 20:27   --------   d--------   C:\Program Files\Lavasoft
2006-09-19 20:27   --------   d--------   C:\Documents and Settings\Nick\Application Data\Lavasoft
2006-09-19 13:24   --------   d--------   C:\Program Files\SpywareBlaster
2006-09-19 13:10   --------   d--------   C:\Program Files\Java
2006-09-19 00:52   --------   d--------   C:\Program Files\IrfanView
2006-09-13 01:01   1084416   --a------   C:\WINDOWS\system32\msxml3.dll
2006-09-10 16:51   --------   d--------   C:\Program Files\Internet Explorer
2006-09-10 16:20   --------   d--------   C:\Program Files\StealthBot
2006-09-10 16:19   --------   d--------   C:\Program Files\iTunes
2006-09-05 15:42   --------   d--h-----   C:\Program Files\InstallShield Installation Information
2006-08-25 11:45   617472   --a------   C:\WINDOWS\system32\comctl32.dll
2006-08-21 08:21   16896   --a------   C:\WINDOWS\system32\fltlib.dll
2006-08-21 05:14   23040   --a------   C:\WINDOWS\system32\fltmc.exe
2006-08-16 07:58   100352   --a------   C:\WINDOWS\system32\6to4svc.dll
2006-07-27 09:24   679424   --a------   C:\WINDOWS\system32\inetcomm.dll

(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"AIM"="C:\\Program Files\\AIM\\aim.exe -cnetwait.odl"
"MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"SoundMan"="SOUNDMAN.EXE"
"VSOCheckTask"="\"c:\\PROGRA~1\\mcafee.com\\vso\\mcmnhdlr.exe\" /checktask"
"VirusScan Online"="\"c:\\PROGRA~1\\mcafee.com\\vso\\mcvsshld.exe\""
"MCAgentExe"="c:\\PROGRA~1\\mcafee.com\\agent\\mcagent.exe"
"MCUpdateExe"="c:\\PROGRA~1\\mcafee.com\\agent\\mcupdate.exe"
"InCD"="C:\\Program Files\\Ahead\\InCD\\InCD.exe"
"D-Link Air Utility"="C:\\Program Files\\D-Link\\Air Utility\\AirCFG.exe"
"ANIWZCSService"="C:\\Program Files\\Alpha Networks\\ANIWZCS Service\\WZCSLDR.exe"
"WinampAgent"="C:\\Program Files\\Winamp\\winampa.exe"
"NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe"
"SDR6_Check"="\"C:\\Program Files\\Common Files\\DriveCleaner 2006 Free\\udcsdr.exe\""
"PAS_Check"="\"C:\\Program Files\\Common Files\\DriveCleaner 2006 Free\\udcpas.exe\""

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000000

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"Source"="http://www.eselocos.com/images/jmt_2.jpg"
"SubscribedURL"="http://www.eselocos.com/images/jmt_2.jpg"
"FriendlyName"=""
"Flags"=dword:00002001
"Position"=hex:2c,00,00,00,8d,02,00,00,13,00,00,00,8c,00,00,00,b9,00,00,00,e8,\
03,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=dword:40000001
"OriginalStateInfo"=hex:18,00,00,00,68,02,00,00,e7,00,00,00,8c,00,00,00,ba,00,\
00,00,01,00,00,40
"RestoredStateInfo"=hex:18,00,00,00,b0,00,00,00,77,00,00,00,8c,00,00,00,b9,00,\
00,00,01,00,00,40

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\1]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,a0,00,00,00,00,00,00,00,80,02,00,00,58,02,00,00,ea,\
03,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=dword:40000004
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"
"{dfa61db1-388e-4c87-8d56-540fa229bcb4}"="contrabandists"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000000

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]
"isamonitor.exe"="C:\\Program Files\\PornPass Manager\\isamonitor.exe"
"pmsngr.exe"="C:\\Program Files\\PornPass Manager\\pmsngr.exe"

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
"contrabandists"="{dfa61db1-388e-4c87-8d56-540fa229bcb4}"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

~ ~ ~ ~ ~ ~ ~ ~ Hijackthis Backups ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~

backup-20060919-131627-337
O4 - HKLM\..\Run: [BullsEye Network] C:\Program Files\BullsEye Network\bin\bargains.exe

Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\McAfee.com Scan for Viruses - My Computer (HOME-NICK-Nick).job

Completion time: 06-10-25 12:30:22.18
C:\ComboFix.txt ... 06-10-25 12:30

12

Tech Clinic / here ya go then...

« on: October 23, 2006, 11:22:13 PM »

Logfile of HijackThis v1.99.1
Scan saved at 12:01:08 AM, on 10/23/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\PornPass Manager\isamonitor.exe
C:\Program Files\PornPass Manager\pmsngr.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\PornPass Manager\pmmon.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\D-Link\Air Utility\AirCFG.exe
C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\PornPass Manager\isamini.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Common Files\DriveCleaner 2006 Free\udcsdr.exe
C:\Program Files\Common Files\DriveCleaner 2006 Free\udcpas.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Silicon Image\SiISATARaid\SATARaid.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Program Files\Messenger\msmsgs.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\Program Files\iPod\bin\iPodService.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\system32\wuauclt.exe
C:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://10609136514.football.sportsline.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7b4d79df-9ef0-429d-a0e9-d9b138c6a53b} - C:\Program Files\PornPass Manager\isaddon.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Protection Bar - {8aed5df3-6e0b-4930-b1a5-f8aa8d757497} - C:\Program Files\PornPass Manager\iesplugin.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [D-Link Air Utility] C:\Program Files\D-Link\Air Utility\AirCFG.exe
O4 - HKLM\..\Run: [ANIWZCSService] C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [SDR6_Check] "C:\Program Files\Common Files\DriveCleaner 2006 Free\udcsdr.exe"
O4 - HKLM\..\Run: [PAS_Check] "C:\Program Files\Common Files\DriveCleaner 2006 Free\udcpas.exe"
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: SATARaid.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...90/mcinsctl.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/m...,23/mcgdmgr.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: contrabandists - {dfa61db1-388e-4c87-8d56-540fa229bcb4} - C:\WINDOWS\system32\dpfwu.dll
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe

13

Tech Clinic / Need some help

« on: September 20, 2006, 07:27:19 AM »

both programs came up with a little bit, not too much....Although I thank you a lot for both programs. Everythings running a lot better.

14

Tech Clinic / Need some help

« on: September 19, 2006, 12:32:12 PM »

Yes I would like the link to those. Here's a fresh HJT log. I didn't find the file C://Program Files/Bullseye network but i did find C://Program Files/Macrogaming (from the sweetIm) and I deleted that. Also, I didn't find O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe in my HJT scan when I went to fix it. The Panda spy exposer im not too sure how it works, so i haven't really messed around with it since my friend installed it. Everything else I did.

Logfile of HijackThis v1.99.1
Scan saved at 1:26:46 PM, on 9/19/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\D-Link\Air Utility\AirCFG.exe
C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Silicon Image\SiISATARaid\SATARaid.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Program Files\Messenger\msmsgs.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\Program Files\iPod\bin\iPodService.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://10609136514.football.sportsline.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [D-Link Air Utility] C:\Program Files\D-Link\Air Utility\AirCFG.exe
O4 - HKLM\..\Run: [ANIWZCSService] C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: SATARaid.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...90/mcinsctl.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/m...,23/mcgdmgr.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe

15

Tech Clinic / Need some help

« on: September 18, 2006, 11:40:19 PM »

3ivx D4 4.5.1 (remove only)
Adobe Download Manager 2.0 (Remove Only)
Adobe Reader 7.0
Ahead InCD
Ahead InCD EasyWrite Reader
Air Utility
ANIO Service
ANIWZCS Service
AOL Instant Messenger
Azureus
Collab
DivX
DivX Player
DivX Web Player
FL Studio 5
HijackThis 1.99.1
Intel® PRO Network Adapters and Drivers
InterVideo WinDVD 4
iPod for Windows 2005-09-23
IrfanView (remove only)
iTunes
J2SE Runtime Environment 5.0 Update 4
J2SE Runtime Environment 5.0 Update 6
Macrogaming SweetIM 1.1a
Macromedia Flash Player 8
Macromedia Shockwave Player
McAfee SecurityCenter
McAfee VirusScan
Nero - Burning Rom
Nero Media Player
NeroVision Express 2
Panda spyXposer
QuickTime
Realtek AC'97 Audio
SATARaid
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
SpywareBlaster v3.4
Starcraft
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB910437)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Viewpoint Media Player
Winamp (remove only)
Windows Installer 3.1 (KB893803)
Windows Media Format Runtime
Windows Media Player 10
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890923
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086
Windows XP Service Pack 2
WinRAR archiver
WordBiz version 1.8
XviD MPEG-4 Video Codec

16

Tech Clinic / Need some help

« on: September 18, 2006, 05:23:50 PM »

Im not exactly sure wats going on here. My computer is having serious speed issues. I wanted some help cleaning up a little bit. Im pretty sure that:
O4 - HKLM\..\Run: [BullsEye Network] C:\Program Files\BullsEye Network\bin\bargains.exe
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
shouldn't be there. But i didn't want to do any changes without knowing for sure.

Logfile of HijackThis v1.99.1
Scan saved at 6:19:38 PM, on 9/18/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Ahead\InCD\InCD.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\D-Link\Air Utility\AirCFG.exe
C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Silicon Image\SiISATARaid\SATARaid.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Program Files\Messenger\msmsgs.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\Program Files\iPod\bin\iPodService.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\System32\svchost.exe
C:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://10609136514.football.sportsline.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [D-Link Air Utility] C:\Program Files\D-Link\Air Utility\AirCFG.exe
O4 - HKLM\..\Run: [ANIWZCSService] C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BullsEye Network] C:\Program Files\BullsEye Network\bin\bargains.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MsnMsgr] ~"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: SATARaid.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...90/mcinsctl.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/m...,23/mcgdmgr.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe

17

Tech Clinic / HJT LOG

« on: November 22, 2005, 10:26:03 AM »

Just needed some cleanup on a friends computer...Checking here to make sure i do the right things..

here's the log

********************************************************************************
*********

Logfile of HijackThis v1.99.1
Scan saved at 10:25:06 AM, on 11/22/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\FileZilla Server\FileZilla Server.exe
C:\WINDOWS\system32\RegSrvc.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\Yahoo!\browser\ybrwicon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/mywaybiz
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://bfc.Email Removed/search/de_srchlft.html\' target=\'_blank\' rel=\'nofollow\'>http://bfc.Email Removed/search/de_srchlft.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://yahoo.sbc.com/dsl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/.../search/ie.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell4me.com/mywaybiz
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\1.bin\deSrcAs.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {4D25F921-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\1.bin\deSrcAs.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [DwlClient] C:\Program Files\Common Files\Dell\EUSW\Support.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [PRISMSVR.EXE] "C:\WINDOWS\system32\PRISMSVR.EXE" /APPLY
O4 - HKLM\..\Run: [YBrowser] C:\Program Files\Yahoo!\browser\ybrwicon.exe
O4 - HKLM\..\Run: [IPInSightMonitor 01] "C:\Program Files\SBC Yahoo!\Connection Manager\IP InSight\IPMon32.exe"
O4 - HKLM\..\Run: [ZCfgSvc.exe] C:\WINDOWS\system32\ZCfgSvc.exe
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [FileZilla Server Interface] "C:\Program Files\FileZilla Server\FileZilla Server Interface.exe"
O4 - HKLM\..\RunServices: [WUSB54G.exe] C:\Program Files\WUSB54G Wireless-G Adapter\WUSB54G.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - Global Startup: 2Wire Wireless Client.lnk = ?
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll
O9 - Extra 'Tools' menuitem: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\common\yinsthelper.dll
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} (PhotosCtrl Class) - http://photos.yahoo.com/ocx/us/yexplorer1_9us.cab
O16 - DPF: {D6B2DD49-9184-4334-92E1-D2432EBD2C4E} (Ircchat Control) - http://www.eyechat.org/ircchat.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: Sebring - C:\WINDOWS\system32\LgNotify.dll
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - C:\Program Files\FileZilla Server\FileZilla Server.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\system32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\system32\S24EvMon.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\SYSTEM32\YPCSER~1.EXE

********************************************************************************
*********

18

Tech Clinic / I need help please :'(

« on: October 24, 2005, 03:36:52 PM »

You need to Download HijackThis and post a log first. Instructions on how to do this can be found Here

19

Tech Clinic / HJT log, possible trojan?

« on: October 22, 2005, 08:22:49 PM »

:-) All right, Just lemme know what's goin on.

20

Tech Clinic / HJT log, possible trojan?

« on: October 21, 2005, 01:28:45 PM »

Ha, I already deleted C:\windows\system32\lock.exe
Mcafee picked it up :-)
Did everything you asked me to do, I'm not sure if IE-Spyad is working properly or not, I think it is, but It was a confusing install. Here's a new HJT log just to be safe.

Logfile of HijackThis v1.99.1
Scan saved at 2:26:46 PM, on 10/21/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\D-Link\Air Utility\AirCFG.exe
C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Silicon Image\SiISATARaid\SATARaid.exe
C:\Program Files\LimeWire\LimeWire.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Program Files\Messenger\msmsgs.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\Program Files\Starcraft\Starcraft.exe
C:\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.clanas.net/
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [D-Link Air Utility] C:\Program Files\D-Link\Air Utility\AirCFG.exe
O4 - HKLM\..\Run: [ANIWZCSService] C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MsnMsgr] ~"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: SATARaid.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...90/mcinsctl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1117317957328
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/m...,23/mcgdmgr.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe

TheTechGuide Forum

News:

Messages - zeroFaTe

Tech Clinic / Please help, HJT file included.

Tech Clinic / Please help, HJT file included.

Tech Clinic / here ya go then...

Tech Clinic / here ya go then...

Tech Clinic / here ya go then...

Tech Clinic / here ya go then...

Tech Clinic / here ya go then...

Tech Clinic / here ya go then...

Tech Clinic / here ya go then...

Tech Clinic / here ya go then...

Tech Clinic / here ya go then...

Tech Clinic / here ya go then...

Tech Clinic / Need some help

Tech Clinic / Need some help

Tech Clinic / Need some help

Tech Clinic / Need some help

Tech Clinic / HJT LOG

Tech Clinic / I need help please :'(

Tech Clinic / HJT log, possible trojan?

Tech Clinic / HJT log, possible trojan?