Author Topic: here ya go then... (Read 1479 times)

zeroFaTe · « **on:** October 23, 2006, 11:22:13 PM »

Logfile of HijackThis v1.99.1
Scan saved at 12:01:08 AM, on 10/23/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\PornPass Manager\isamonitor.exe
C:\Program Files\PornPass Manager\pmsngr.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\PornPass Manager\pmmon.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\D-Link\Air Utility\AirCFG.exe
C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\PornPass Manager\isamini.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Common Files\DriveCleaner 2006 Free\udcsdr.exe
C:\Program Files\Common Files\DriveCleaner 2006 Free\udcpas.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Silicon Image\SiISATARaid\SATARaid.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Program Files\Messenger\msmsgs.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\Program Files\iPod\bin\iPodService.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\system32\wuauclt.exe
C:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://10609136514.football.sportsline.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7b4d79df-9ef0-429d-a0e9-d9b138c6a53b} - C:\Program Files\PornPass Manager\isaddon.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Protection Bar - {8aed5df3-6e0b-4930-b1a5-f8aa8d757497} - C:\Program Files\PornPass Manager\iesplugin.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [D-Link Air Utility] C:\Program Files\D-Link\Air Utility\AirCFG.exe
O4 - HKLM\..\Run: [ANIWZCSService] C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [SDR6_Check] "C:\Program Files\Common Files\DriveCleaner 2006 Free\udcsdr.exe"
O4 - HKLM\..\Run: [PAS_Check] "C:\Program Files\Common Files\DriveCleaner 2006 Free\udcpas.exe"
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: SATARaid.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...90/mcinsctl.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/m...,23/mcgdmgr.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: contrabandists - {dfa61db1-388e-4c87-8d56-540fa229bcb4} - C:\WINDOWS\system32\dpfwu.dll
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe

guestolo · « **Reply #1 on:** October 24, 2006, 12:26:38 AM »

Can I see a few different logs please
I want to ensure I'm not missing anything
Please supply an uninstall list from Hijackthis
Open Hijackthis>>Open MISC TOOLS SECTION>>Open UNINSTALL MANAGER
Click the SAVE LIST... button
Save the list to your desktop then copy>>Paste back here the Whole contents

Also
Download the latest version of [color=\"red\"]SmitfraudFix[/color][/url] (by S!Ri)
Extract the contents (a folder named SmitfraudFix) to your Desktop.

Open the SmitfraudFix folder and double-click smitfraudfix.cmd
Select option #1 - Search by typing 1 and press "Enter"; a text file will appear, which lists infected files (if present).
Please copy/paste the content of that report into your next reply.
By default, the log is located Here>>C:\Rapport.txt

[color=\"#3366FF\"]Note[/color] : [color=\"#FF0000\"]process.exe[/color] [color=\"#3366FF\"]is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool"; it is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.[/color]

Also
Download this file - Combofix.exe and save it too desktop
Double click combofix.exe & follow the prompts.
When finished, it shall produce a log for you.
Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Post the log from combofix please

Recap, I would like to see
1. The uninstall list from Hijackthis
2. The log from Smitfraudfix
3. The log from combofix

zeroFaTe · « **Reply #2 on:** October 25, 2006, 11:32:22 AM »

HJT Unistall list
3ivx D4 4.5.1 (remove only)
Ad-Aware SE Personal
Adobe Download Manager 2.0 (Remove Only)
Adobe Reader 7.0
Ahead InCD
Ahead InCD EasyWrite Reader
Air Utility
ANIO Service
ANIWZCS Service
AOL Instant Messenger
Azureus
Collab
DivX
DivX Player
DivX Web Player
FL Studio 5
HijackThis 1.99.1
Intel® PRO Network Adapters and Drivers
Internet Explorer Security Plugin 2006
InterVideo WinDVD 4
iPod for Windows 2005-09-23
IrfanView (remove only)
iTunes
J2SE Runtime Environment 5.0 Update 6
Macromedia Flash Player 8
Macromedia Shockwave Player
McAfee SecurityCenter
McAfee VirusScan
Nero - Burning Rom
Nero Media Player
NeroVision Express 2
Panda spyXposer
Public Messenger ver 2.03
QuickTime
Realtek AC'97 Audio
Safety Alerter 2006
SATARaid
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB925486)
Spybot - Search & Destroy 1.4
SpywareBlaster v3.5.1
Starcraft
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB910437)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Winamp (remove only)
Windows Installer 3.1 (KB893803)
Windows Media Format Runtime
Windows Media Player 10
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890923
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086
Windows XP Service Pack 2
WinRAR archiver
WordBiz version 1.8
XviD MPEG-4 Video Codec

SmitFraudFix
SmitFraudFix v2.113

Scan done at 12:27:00.81, Wed 10/25/2006
Run from C:\Documents and Settings\Nick\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
Fix run in normal mode

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» C:\

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» C:\WINDOWS

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» C:\WINDOWS\system

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» C:\WINDOWS\Web

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» C:\WINDOWS\system32

C:\WINDOWS\system32\dpfwu.dll FOUND !

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» C:\WINDOWS\system32\LogFiles

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» C:\Documents and Settings\Nick

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» C:\Documents and Settings\Nick\Application Data

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» Start Menu

C:\DOCUME~1\ALLUSE~1\STARTM~1\Online Security Guide.url FOUND !
C:\DOCUME~1\ALLUSE~1\STARTM~1\Security Troubleshooting.url FOUND !

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» C:\DOCUME~1\Nick\FAVORI~1

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» Desktop

C:\DOCUME~1\ALLUSE~1\Desktop\Online Security Guide.url FOUND !
C:\DOCUME~1\ALLUSE~1\Desktop\Security Troubleshooting.url FOUND !

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» C:\Program Files

C:\Program Files\PornPass Manager\ FOUND !
C:\Program Files\VirusBurster\ FOUND !

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» Corrupted keys

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» Desktop Components

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components]
"Source"="http://www.eselocos.com/images/jmt_2.jpg"
"SubscribedURL"="http://www.eselocos.com/images/jmt_2.jpg"
"FriendlyName"=""

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\1]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{dfa61db1-388e-4c87-8d56-540fa229bcb4}"="contrabandists"

[HKEY_CLASSES_ROOT\CLSID\{dfa61db1-388e-4c87-8d56-540fa229bcb4}\InProcServer32]
@="C:\WINDOWS\system32\dpfwu.dll"

[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{dfa61db1-388e-4c87-8d56-540fa229bcb4}\InProcServer32]
@="C:\WINDOWS\system32\dpfwu.dll"

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» pe386-msguard-lzx32

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» Scanning wininet.dll infection

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» End

combofix
Nick - 06-10-25 12:29:22.07 Service Pack 2
ComboFix 06.10.19 - Running from: "C:\Documents and Settings\Nick\Desktop"

((((((((((((((((((((((((((((((( Files Created from 2006-09-25 to 2006-10-25 ))))))))))))))))))))))))))))))))))

2006-10-25   12:26   53,248   --a------   C:\WINDOWS\system32\Process.exe
2006-10-25   12:26   40,960   --a------   C:\WINDOWS\system32\swsc.exe
2006-10-25   12:26   288,417   --a------   C:\WINDOWS\system32\SrchSTS.exe
2006-10-25   12:26   135,168   --a------   C:\WINDOWS\system32\swreg.exe
2006-10-22   23:31   1,060,864   --a------   C:\WINDOWS\system32\mfc71.dll
2006-10-22   09:52   106,496   --a------   C:\WINDOWS\system32\dpfwu.dll

(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))

2006-10-22 23:31   --------   d--------   C:\Program Files\Common Files\DriveCleaner 2006 Free
2006-10-22 23:31   --------   d--------   C:\Program Files\Common Files
2006-10-22 10:12   --------   d--------   C:\Program Files\VirusBurster
2006-10-22 10:12   --------   d--------   C:\Program Files\PornPass Manager
2006-10-22 08:47   --------   d--------   C:\Program Files\Starcraft
2006-10-21 10:28   --------   d--------   C:\Program Files\Azureus
2006-10-21 10:28   --------   d--------   C:\Documents and Settings\Nick\Application Data\Azureus
2006-09-19 20:27   --------   d--------   C:\Program Files\Lavasoft
2006-09-19 20:27   --------   d--------   C:\Documents and Settings\Nick\Application Data\Lavasoft
2006-09-19 13:24   --------   d--------   C:\Program Files\SpywareBlaster
2006-09-19 13:10   --------   d--------   C:\Program Files\Java
2006-09-19 00:52   --------   d--------   C:\Program Files\IrfanView
2006-09-13 01:01   1084416   --a------   C:\WINDOWS\system32\msxml3.dll
2006-09-10 16:51   --------   d--------   C:\Program Files\Internet Explorer
2006-09-10 16:20   --------   d--------   C:\Program Files\StealthBot
2006-09-10 16:19   --------   d--------   C:\Program Files\iTunes
2006-09-05 15:42   --------   d--h-----   C:\Program Files\InstallShield Installation Information
2006-08-25 11:45   617472   --a------   C:\WINDOWS\system32\comctl32.dll
2006-08-21 08:21   16896   --a------   C:\WINDOWS\system32\fltlib.dll
2006-08-21 05:14   23040   --a------   C:\WINDOWS\system32\fltmc.exe
2006-08-16 07:58   100352   --a------   C:\WINDOWS\system32\6to4svc.dll
2006-07-27 09:24   679424   --a------   C:\WINDOWS\system32\inetcomm.dll

(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"AIM"="C:\\Program Files\\AIM\\aim.exe -cnetwait.odl"
"MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"SoundMan"="SOUNDMAN.EXE"
"VSOCheckTask"="\"c:\\PROGRA~1\\mcafee.com\\vso\\mcmnhdlr.exe\" /checktask"
"VirusScan Online"="\"c:\\PROGRA~1\\mcafee.com\\vso\\mcvsshld.exe\""
"MCAgentExe"="c:\\PROGRA~1\\mcafee.com\\agent\\mcagent.exe"
"MCUpdateExe"="c:\\PROGRA~1\\mcafee.com\\agent\\mcupdate.exe"
"InCD"="C:\\Program Files\\Ahead\\InCD\\InCD.exe"
"D-Link Air Utility"="C:\\Program Files\\D-Link\\Air Utility\\AirCFG.exe"
"ANIWZCSService"="C:\\Program Files\\Alpha Networks\\ANIWZCS Service\\WZCSLDR.exe"
"WinampAgent"="C:\\Program Files\\Winamp\\winampa.exe"
"NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe"
"SDR6_Check"="\"C:\\Program Files\\Common Files\\DriveCleaner 2006 Free\\udcsdr.exe\""
"PAS_Check"="\"C:\\Program Files\\Common Files\\DriveCleaner 2006 Free\\udcpas.exe\""

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000000

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"Source"="http://www.eselocos.com/images/jmt_2.jpg"
"SubscribedURL"="http://www.eselocos.com/images/jmt_2.jpg"
"FriendlyName"=""
"Flags"=dword:00002001
"Position"=hex:2c,00,00,00,8d,02,00,00,13,00,00,00,8c,00,00,00,b9,00,00,00,e8,\
03,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=dword:40000001
"OriginalStateInfo"=hex:18,00,00,00,68,02,00,00,e7,00,00,00,8c,00,00,00,ba,00,\
00,00,01,00,00,40
"RestoredStateInfo"=hex:18,00,00,00,b0,00,00,00,77,00,00,00,8c,00,00,00,b9,00,\
00,00,01,00,00,40

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\1]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,a0,00,00,00,00,00,00,00,80,02,00,00,58,02,00,00,ea,\
03,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=dword:40000004
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"
"{dfa61db1-388e-4c87-8d56-540fa229bcb4}"="contrabandists"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000000

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]
"isamonitor.exe"="C:\\Program Files\\PornPass Manager\\isamonitor.exe"
"pmsngr.exe"="C:\\Program Files\\PornPass Manager\\pmsngr.exe"

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
"contrabandists"="{dfa61db1-388e-4c87-8d56-540fa229bcb4}"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

~ ~ ~ ~ ~ ~ ~ ~ Hijackthis Backups ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~

backup-20060919-131627-337
O4 - HKLM\..\Run: [BullsEye Network] C:\Program Files\BullsEye Network\bin\bargains.exe

Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\McAfee.com Scan for Viruses - My Computer (HOME-NICK-Nick).job

Completion time: 06-10-25 12:30:22.18
C:\ComboFix.txt ... 06-10-25 12:30

guestolo · « **Reply #3 on:** October 26, 2006, 09:18:41 PM »

Sorry for the delay, can you do the following
Smitfraudfix is always updating
Can you delete your version of Smitfraudfix.zip and the Smitfraudfix folder on your desktop
Then, REDownload the latest version of [color=\"red\"]SmitfraudFix[/color][/url] (by S!Ri)
Extract the contents (a folder named SmitfraudFix) to your Desktop.

We should update your version of Sun Java to plug up security holes that malware can exploit
==Download the latest version of Java Runtime Environment (JRE) 5.0 Update 9

Scroll down to where it says "The J2SE Runtime Environment (JRE) allows end-users to run Java applications".
Click the "Download" button to the right.
Check the box that says: "Accept License Agreement[/i]".
The page will refresh.
Click on the link to download Windows Offline Installation Multi-language

Save the file to your Desktop.
Don't install it yet

Access your Add/remove programs via Control Panel
Search in the list for all previous installed versions of Java. (J2SE Runtime Environment.... )
eg..J2SE Runtime Environment 5.0 Update 6
It should have the following icon next to it:

Select it and click Remove

Do a "System scan only" with Hijackthis and put a check next to these entries:

O3 - Toolbar: Protection Bar - {8aed5df3-6e0b-4930-b1a5-f8aa8d757497} - C:\Program Files\PornPass Manager\iesplugin.dll

O4 - HKLM\..\Run: [SDR6_Check] "C:\Program Files\Common Files\DriveCleaner 2006 Free\udcsdr.exe"
O4 - HKLM\..\Run: [PAS_Check] "C:\Program Files\Common Files\DriveCleaner 2006 Free\udcpas.exe"

O21 - SSODL: contrabandists - {dfa61db1-388e-4c87-8d56-540fa229bcb4} - C:\WINDOWS\system32\dpfwu.dll

After you have ticked the above entries, close All other open windows
Including this one
Leave Hijackthis open and click FIX CHECKED
OK the prompt and exit Hijackthis

REboot your computer into safe mode

If you didn't intentionally have this program installed
DriveCleaner 2006 Free
Open the folder
C:\Program Files\Common Files\DriveCleaner 2006 Free <-this folder
Look for an uninstaller, run it if found, if there is no uninstaller
Delete the DriveCleaner 2006 Free folder

* Clean your Cache and Cookies in IE:

Go to Control Panel > Internet Options > General tab
Click the "Delete Cookies" button
Next to it, Click the "Delete Files" button
When prompted, place a check in: "Delete all offline content", click OK

* Clean your Cache and Cookies in Firefox (In case you also have Firefox installed):

Go to Tools > Options.
Click Privacy in the menu on the left side of the Options window.
Click the Clear button located to the right of each option (History, Cookies, Cache).
Click OK to close the Options window

Alternatively, you can clear all information stored while browsing by clicking Clear All.
A confirmation dialog box will be shown before clearing the information.
[/list]* Clean other Temporary files + Recycle bin

Go to start > run and type:

cleanmgr and click ok.

Let it scan your system for files to remove.
Make sure Temporary Files, Temporary Internet Files, and Recycle Bin are the only things checked.
Press OK to remove them.

==Open the SmitfraudFix folder you extracted to desktop earlier

Double-click smitfraudfix.cmd
Select option #2 - Clean by typing 2 and press "Enter" to delete infected files.
You will be prompted : "Registry cleaning - Do you want to clean the registry ?"; answer "Yes" by typing Y and press "Enter" in order to remove the Desktop background and clean registry keys associated with the infection.
The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found); answer "Yes" by typing Y and press "Enter".

The tool may need to restart your computer to finish the cleaning process. A text file will appear onscreen, with results from the cleaning process
I'll need to see these later, by default they are also saved at C:\rapport.txt

Reboot back to Normal windows

Go to start > control panel > Display properties > Desktop > Customize Desktop... > Web tab
Uncheck and delete everything you find in there. (except for "My current home page")

Go ahead and install the latest version of Sun java from the installer on your desktop
After installation you can delete the installer

Can you do the following, I just want to check on something
Right click on Hijackthis.exe and rename it too zeroFaTe.exe

Run a fresh scan and save logfile with zeroFaTe.exe (Hijackthis)
Post a fresh Hijackthis log

also post the report from Smitfraudfix found here>>C:\Rapport.txt

zeroFaTe · « **Reply #4 on:** October 27, 2006, 02:15:58 PM »

Logfile of HijackThis v1.99.1
Scan saved at 3:14:23 PM, on 10/27/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\D-Link\Air Utility\AirCFG.exe
C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Silicon Image\SiISATARaid\SATARaid.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Program Files\Messenger\msmsgs.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\Program Files\iPod\bin\iPodService.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\msiexec.exe
C:\HJT\zerofate.exe.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [D-Link Air Utility] C:\Program Files\D-Link\Air Utility\AirCFG.exe
O4 - HKLM\..\Run: [ANIWZCSService] C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PAS_Check] "C:\Program Files\Common Files\DriveCleaner 2006 Free\udcpas.exe"
O4 - HKLM\..\Run: [SDR6_Check] "C:\Program Files\Common Files\DriveCleaner 2006 Free\udcsdr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: SATARaid.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\npjpi150_09.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\npjpi150_09.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...90/mcinsctl.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/m...,23/mcgdmgr.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe

SmitFraudFix v2.114

Scan done at 15:02:16.96, Fri 10/27/2006
Run from C:\Documents and Settings\Nick\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
Fix run in safe mode

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{dfa61db1-388e-4c87-8d56-540fa229bcb4}"="contrabandists"

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» Killing process

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» Generic Renos Fix

GenericRenosFix by S!Ri

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» Deleting infected files

C:\WINDOWS\system32\dpfwu.dll Deleted
C:\DOCUME~1\ALLUSE~1\Desktop\Online Security Guide.url Deleted
C:\DOCUME~1\ALLUSE~1\Desktop\Security Troubleshooting.url Deleted
C:\DOCUME~1\ALLUSE~1\STARTM~1\Online Security Guide.url Deleted
C:\DOCUME~1\ALLUSE~1\STARTM~1\Security Troubleshooting.url Deleted
C:\Program Files\PornPass Manager\ Deleted
C:\Program Files\VirusBurster\ Deleted

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» Deleting Temp Files

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» Registry Cleaning

Registry Cleaning done.

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» End

guestolo · « **Reply #5 on:** October 28, 2006, 05:32:29 PM »

Sorry for the delay ZeroFate, been busy
How's everything running on your end?

I still see DriveCleaner 2006 Free in your log
Did the user want to hold onto this?
Was there an uninstaller in the DriveCleaner 2006 Free folder?

guestolo · « **Reply #6 on:** October 30, 2006, 12:32:31 AM »

Never mind, just helped a buddy remove DriveCleaner 2006 Free
Are you ready to clean yourself of it yet?

zeroFaTe · « **Reply #7 on:** October 31, 2006, 04:34:34 PM »

guestolo · « **Reply #8 on:** October 31, 2006, 04:46:28 PM »

Can you do the following
Create a .bat file for me, I want to check on that uninstaller
Open Notepad (START>>>RUN>>>type in notepad)
Hit OK
Copy the contents of the CODE box, not including the word "code"
Paste it to the empty Notepad file
In Notepad click FILE>>SAVE AS
Change the Save as Type to All Files.
Name the file as find.bat

Save this file on the desktop

Code: [Select]

@echo off
cd C:\Program Files\Common Files\DriveCleaner 2006 Free
dir /s /a > C:\find.txt
notepad C:\find.txt
del /q C:\find.txt

Double click on find.bat, a text file should open, copy>>paste the contents back here

EDIT>>Can you do the above .bat file, but also do this one please
Open Notepad (START>>>RUN>>>type in notepad)
Hit OK
Copy the contents of the CODE box, not including the word "code"
Paste it to the empty Notepad file
In Notepad click FILE>>SAVE AS
Change the Save as Type to All Files.
Name the file as find2.bat

Save this file on the desktop

Code: [Select]

@echo off
cd C:\Program Files\DriveCleaner 2006 Free
dir /s /a > C:\find2.txt
notepad C:\find2.txt
del /q C:\find2.txt

Double click on find2.bat, a text file should open, copy>>paste the contents back here

Umm, hello, are you just popping in every couple of days with no info?
Why don't you have the user of the computer sign up and post the info, it may go faster

zeroFaTe · « **Reply #9 on:** November 02, 2006, 09:30:12 PM »

Volume in drive C has no label.
Volume Serial Number is 04E4-BB78

Directory of C:\Documents and Settings\Nick\Desktop

11/02/2006 09:27 PM <DIR> .
11/02/2006 09:27 PM <DIR> ..
10/27/2006 01:55 PM 3,307 222.rtf
09/19/2006 07:26 PM 2,855,080 aawsepersonal.exe
06/10/2005 09:44 PM 20,798,256 AdbeRdr70_enu_full.exe
10/19/2005 06:19 PM 160,256 AIMFix.exe
10/27/2005 03:04 PM 678 Azureus.lnk
04/09/2005 10:00 AM 393,216 bwchart.exe
09/18/2006 11:20 PM <DIR> Caitlin all
10/17/2005 03:47 PM 1,657 Collab.lnk
10/25/2006 11:28 AM 276,918 combofix.exe
11/02/2006 09:27 PM 132 find.bat
11/02/2006 09:27 PM 124 find2.bat
10/17/2005 03:47 PM 778 FL Studio 5.lnk
05/28/2005 09:35 PM 104 Internet.lnk
10/23/2005 10:54 PM 1,565 IrfanView Thumbnails.lnk
10/23/2005 10:54 PM 685 IrfanView.lnk
01/13/2006 12:08 PM <DIR> Music Videos
09/25/2005 04:02 PM 104 My Computer.lnk
03/15/2004 10:08 PM 19,846 nick's poem book.txt
10/27/2006 02:03 PM 1,420 rapport.txt
10/27/2006 02:02 PM <DIR> SmitfraudFix
10/27/2006 01:26 PM 601,128 SmitfraudFix.zip
09/19/2006 07:43 PM 933 Spybot - Search & Destroy.lnk
09/19/2006 07:43 PM 5,037,072 spybotsd14.exe
09/19/2006 12:21 PM 690 SpywareBlaster.lnk
05/28/2005 09:25 PM 1,576 Starcraft - Brood War.lnk
10/25/2006 11:24 AM 2 uninstall_list.txt
07/25/2006 02:07 AM <DIR> VirtualDubMod_1_5_10_2_All_inclusive
04/08/2006 01:15 AM 1,757,806 VirtualDubMod_1_5_10_2_All_inclusive.zip
11/09/2005 03:55 AM 654 Winamp.lnk
06/05/2005 05:53 PM 692 WinRAR.lnk
07/25/2006 01:25 AM 1,524 WordBiz.lnk
06/05/2005 05:52 PM 1,013,454 wrar35b5.exe
28 File(s) 32,929,657 bytes

Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all

09/18/2006 11:20 PM <DIR> .
09/18/2006 11:20 PM <DIR> ..
09/26/2004 08:53 PM 183,615 caitlin.jpg
09/18/2006 11:22 PM 256,822 Clipboard01.bmp
09/13/2006 09:50 PM <DIR> DszeroDs - Caitlin
09/13/2006 09:50 PM <DIR> GoBpUnKrOcKeRs -Caitlin
01/30/2005 10:03 PM 2,794,174 hawaii.bmp
02/16/2004 07:09 PM 2,817,556 homc..03 .tif
09/13/2006 09:49 PM <DIR> RyuhouEx - Caitlin
02/16/2004 07:06 PM 2,817,580 Scan0002.tif
10/29/2004 08:01 AM 620 Shortcut to Caitlin - gadzook.lnk
01/30/2005 10:02 PM 619 Shortcut to Scan0002.lnk
09/18/2006 11:22 PM 32,256 Thumbs.db
09/13/2006 09:49 PM <DIR> XfallenchaosX - caitlin middle
09/13/2006 09:49 PM <DIR> xfallenchaosx - caitlin new
09/13/2006 09:49 PM <DIR> xfallenchaosx - caitlin old
09/13/2006 09:49 PM <DIR> xxryuhouxx - caitlin
8 File(s) 8,903,242 bytes

Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\DszeroDs - Caitlin

09/13/2006 09:50 PM <DIR> .
09/13/2006 09:50 PM <DIR> ..
05/24/2003 06:23 AM 4,208 2003-05-24 [Saturday].htm
06/04/2003 08:47 PM 1,756 2003-06-04 [Wednesday].htm
06/05/2003 06:37 PM 401 2003-06-05 [Thursday].htm
06/07/2003 04:40 PM 2,337 2003-06-07 [Saturday].htm
06/09/2003 09:30 PM 2,070 2003-06-09 [Monday].htm
06/10/2003 07:38 PM 14,563 2003-06-10 [Tuesday].htm
06/12/2003 09:18 PM 18,931 2003-06-12 [Thursday].htm
06/14/2003 05:06 PM 390 2003-06-14 [Saturday].htm
06/15/2003 09:48 PM 35,884 2003-06-15 [Sunday].htm
06/16/2003 09:47 PM 27,543 2003-06-16 [Monday].htm
06/17/2003 08:26 PM 3,694 2003-06-17 [Tuesday].htm
06/18/2003 03:36 PM 22,921 2003-06-18 [Wednesday].htm
06/19/2003 07:21 PM 11,709 2003-06-19 [Thursday].htm
06/20/2003 08:58 PM 5,804 2003-06-20 [Friday].htm
06/22/2003 01:09 PM 6,787 2003-06-22 [Sunday].htm
06/23/2003 05:05 PM 17,660 2003-06-23 [Monday].htm
06/25/2003 12:56 PM 7,187 2003-06-25 [Wednesday].htm
06/27/2003 03:50 PM 15,410 2003-06-27 [Friday].htm
07/06/2003 09:28 PM 5,168 2003-07-06 [Sunday].htm
07/07/2003 06:09 PM 21,267 2003-07-07 [Monday].htm
07/08/2003 04:55 PM 2,293 2003-07-08 [Tuesday].htm
07/13/2003 12:28 PM 2,378 2003-07-13 [Sunday].htm
07/14/2003 08:52 PM 11,916 2003-07-14 [Monday].htm
07/15/2003 07:32 PM 13,510 2003-07-15 [Tuesday].htm
07/19/2003 09:58 PM 14,734 2003-07-19 [Saturday].htm
07/26/2003 02:42 PM 14,938 2003-07-26 [Saturday].htm
07/27/2003 03:17 PM 550 2003-07-27 [Sunday].htm
08/11/2003 09:40 PM 4,268 2003-08-11 [Monday].htm
08/12/2003 11:13 AM 675 2003-08-12 [Tuesday].htm
08/14/2003 10:36 PM 12,800 2003-08-14 [Thursday].htm
08/15/2003 10:17 PM 7,932 2003-08-15 [Friday].htm
08/16/2003 08:14 PM 24,701 2003-08-16 [Saturday].htm
08/17/2003 05:01 PM 8,650 2003-08-17 [Sunday].htm
08/18/2003 07:04 PM 20,208 2003-08-18 [Monday].htm
08/19/2003 12:36 AM 27,747 2003-08-19 [Tuesday].htm
08/20/2003 09:54 PM 36,672 2003-08-20 [Wednesday].htm
08/21/2003 11:25 AM 2,461 2003-08-21 [Thursday].htm
08/22/2003 10:26 AM 3,368 2003-08-22 [Friday].htm
01/23/2004 11:10 PM 2,381 2004-01-23 [Friday].htm
01/25/2004 01:05 PM 2,368 events.txt
10/09/2004 11:02 PM 14 Me....txt
41 File(s) 440,254 bytes

Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\GoBpUnKrOcKeRs -Caitlin

09/13/2006 09:50 PM <DIR> .
09/13/2006 09:50 PM <DIR> ..
04/25/2001 07:16 AM 9,249 2001-04-25 [Wednesday].htm
05/05/2001 10:31 AM 14,933 2001-05-05 [Saturday].htm
09/20/2001 08:45 PM 23,022 2001-09-20 [Thursday].htm
09/21/2001 01:26 AM 21,168 2001-09-21 [Friday].htm
04/09/2003 07:45 PM 13,845 2003-04-09 [Wednesday].htm
09/14/2006 04:40 PM <DIR> 2003-04-18 [Friday]
04/18/2003 10:32 PM 64,574 2003-04-18 [Friday].htm
04/19/2003 12:21 PM 1,909 2003-04-19 [Saturday].htm
04/20/2003 12:05 AM 11,873 2003-04-20 [Sunday].htm
05/26/2003 01:31 PM 9,781 2003-05-26 [Monday].htm
06/01/2003 04:37 PM 9,707 2003-06-01 [Sunday].htm
06/06/2003 06:15 PM 1,344 2003-06-06 [Friday].htm
01/25/2004 07:10 PM 4,610 2004-01-25 [Sunday].htm
06/01/2003 04:37 PM 277 events.txt
13 File(s) 186,292 bytes

Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\GoBpUnKrOcKeRs -Caitlin\2003-04-18 [Friday]

09/14/2006 04:40 PM <DIR> .
09/14/2006 04:40 PM <DIR> ..
04/18/2003 07:32 PM 104,336 MVC-011S.JPG
09/14/2006 04:40 PM 5,632 Thumbs.db
2 File(s) 109,968 bytes

Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\RyuhouEx - Caitlin

09/13/2006 09:49 PM <DIR> .
09/13/2006 09:49 PM <DIR> ..
08/23/2003 08:14 PM 912 2003-08-23 [Saturday].htm
08/24/2003 06:21 PM 3,181 2003-08-24 [Sunday].htm
08/25/2003 01:14 PM 31,929 2003-08-25 [Monday].htm
08/26/2003 03:24 PM 19,349 2003-08-26 [Tuesday].htm
08/27/2003 03:04 PM 8,857 2003-08-27 [Wednesday].htm
08/28/2003 08:31 PM 7,746 2003-08-28 [Thursday].htm
08/29/2003 03:07 PM 12,340 2003-08-29 [Friday].htm
08/30/2003 02:57 PM 1,515 2003-08-30 [Saturday].htm
09/03/2003 06:59 PM 1,973 2003-09-03 [Wednesday].htm
09/07/2003 08:12 PM 17,033 2003-09-07 [Sunday].htm
09/08/2003 02:37 PM 13,073 2003-09-08 [Monday].htm
09/12/2003 01:49 PM 890 2003-09-12 [Friday].htm
09/14/2003 07:36 PM 17,727 2003-09-14 [Sunday].htm
09/15/2003 08:30 PM 2,160 2003-09-15 [Monday].htm
09/17/2003 07:12 PM 755 2003-09-17 [Wednesday].htm
09/19/2003 03:37 PM 3,721 2003-09-19 [Friday].htm
09/22/2003 08:31 PM 1,404 2003-09-22 [Monday].htm
09/24/2003 08:05 PM 6,813 2003-09-24 [Wednesday].htm
09/25/2003 08:19 PM 4,623 2003-09-25 [Thursday].htm
09/26/2003 02:59 PM 713 2003-09-26 [Friday].htm
09/29/2003 08:15 PM 1,859 2003-09-29 [Monday].htm
10/08/2003 06:27 PM 1,441 2003-10-08 [Wednesday].htm
10/09/2003 09:20 PM 6,395 2003-10-09 [Thursday].htm
10/10/2003 10:43 AM 5,340 2003-10-10 [Friday].htm
10/15/2003 08:19 PM 24,779 2003-10-15 [Wednesday].htm
10/17/2003 04:51 PM 1,504 2003-10-17 [Friday].htm
10/19/2003 04:44 PM 688 2003-10-19 [Sunday].htm
10/20/2003 07:54 PM 5,003 2003-10-20 [Monday].htm
10/22/2003 07:51 PM 18,172 2003-10-22 [Wednesday].htm
10/24/2003 02:12 PM 2,034 2003-10-24 [Friday].htm
10/26/2003 08:09 PM 5,619 2003-10-26 [Sunday].htm
10/27/2003 08:54 PM 12,243 2003-10-27 [Monday].htm
10/29/2003 08:00 PM 9,120 2003-10-29 [Wednesday].htm
10/30/2003 03:55 PM 6,331 2003-10-30 [Thursday].htm
10/31/2003 06:20 PM 619 2003-10-31 [Friday].htm
11/03/2003 09:46 PM 2,710 2003-11-03 [Monday].htm
11/04/2003 08:38 PM 5,569 2003-11-04 [Tuesday].htm
11/05/2003 01:50 PM 1,872 2003-11-05 [Wednesday].htm
11/05/2003 01:30 PM 3,046 events.txt
39 File(s) 271,058 bytes

Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\XfallenchaosX - caitlin middle

09/13/2006 09:49 PM <DIR> .
09/13/2006 09:49 PM <DIR> ..
02/29/2004 10:40 PM 978 2004-02-29 [Sunday].htm
03/29/2004 09:59 PM 2,358 2004-03-29 [Monday].htm
04/02/2004 09:16 PM 439 2004-04-02 [Friday].htm
04/03/2004 02:19 PM 997 2004-04-03 [Saturday].htm
04/11/2004 09:00 PM 1,566 2004-04-11 [Sunday].htm
04/15/2004 10:16 PM 11,595 2004-04-15 [Thursday].htm
04/27/2004 02:42 PM 1,133 2004-04-27 [Tuesday].htm
04/27/2004 07:30 PM 937 events.txt
8 File(s) 20,003 bytes

Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\xfallenchaosx - caitlin new

09/13/2006 09:49 PM <DIR> .
09/13/2006 09:49 PM <DIR> ..
05/05/2004 08:06 PM 3,980 2004-05-05 [Wednesday].htm
05/10/2004 05:29 PM 69 events.txt
2 File(s) 4,049 bytes

Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\xfallenchaosx - caitlin old

09/13/2006 09:49 PM <DIR> .
09/13/2006 09:49 PM <DIR> ..
02/27/2004 11:53 PM 1,462 2004-02-27 [Friday].htm
02/28/2004 02:34 PM 924 2004-02-28 [Saturday].htm
03/22/2004 09:05 PM 278 events.txt
3 File(s) 2,664 bytes

Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\xxryuhouxx - caitlin

09/13/2006 09:49 PM <DIR> .
09/13/2006 09:49 PM <DIR> ..
11/10/2003 10:10 PM 3,575 2003-11-10 [Monday].htm
11/11/2003 07:11 PM 728 2003-11-11 [Tuesday].htm
11/17/2003 05:33 PM 4,019 2003-11-17 [Monday].htm
11/19/2003 07:47 PM 1,370 2003-11-19 [Wednesday].htm
11/23/2003 10:04 PM 1,291 2003-11-23 [Sunday].htm
11/24/2003 08:11 PM 1,145 2003-11-24 [Monday].htm
12/02/2003 08:32 PM 912 2003-12-02 [Tuesday].htm
12/03/2003 10:32 PM 1,397 2003-12-03 [Wednesday].htm
12/04/2003 08:52 PM 5,769 2003-12-04 [Thursday].htm
12/06/2003 09:09 PM 27,591 2003-12-06 [Saturday].htm
12/13/2003 05:21 AM 1,466 2003-12-13 [Saturday].htm
12/19/2003 04:40 AM 5,451 2003-12-19 [Friday].htm
12/20/2003 07:10 AM 1,039 2003-12-20 [Saturday].htm
12/21/2003 12:14 PM 5,751 2003-12-21 [Sunday].htm
12/25/2003 11:28 PM 3,770 2003-12-25 [Thursday].htm
12/30/2003 06:38 PM 1,638 2003-12-30 [Tuesday].htm
12/31/2003 01:21 AM 1,355 2003-12-31 [Wednesday].htm
01/02/2004 03:00 AM 597 2004-01-02 [Friday].htm
01/03/2004 12:59 AM 3,883 2004-01-03 [Saturday].htm
01/12/2004 09:31 PM 2,529 2004-01-12 [Monday].htm
01/14/2004 09:36 PM 13,606 2004-01-14 [Wednesday].htm
01/15/2004 03:05 PM 773 2004-01-15 [Thursday].htm
09/14/2006 04:34 PM <DIR> 2004-01-18 [Sunday]
01/18/2004 03:05 AM 4,490 2004-01-18 [Sunday].htm
01/20/2004 07:30 PM 1,855 2004-01-20 [Tuesday].htm
01/21/2004 02:50 PM 3,563 2004-01-21 [Wednesday].htm
01/25/2004 07:47 PM 1,352 2004-01-25 [Sunday].htm
01/26/2004 07:58 PM 1,267 2004-01-26 [Monday].htm
01/27/2004 10:21 PM 4,354 2004-01-27 [Tuesday].htm
09/14/2006 04:34 PM <DIR> 2004-01-28 [Wednesday]
01/28/2004 09:01 PM 4,669 2004-01-28 [Wednesday].htm
01/29/2004 11:04 PM 976 2004-01-29 [Thursday].htm
02/04/2004 04:20 PM 2,271 2004-02-04 [Wednesday].htm
02/09/2004 10:39 PM 1,038 2004-02-09 [Monday].htm
09/14/2006 04:34 PM <DIR> 2004-02-16 [Monday]
02/16/2004 07:20 PM 33,702 2004-02-16 [Monday].htm
02/21/2004 04:32 PM 7,061 2004-02-21 [Saturday].htm
02/23/2004 08:42 PM 1,009 2004-02-23 [Monday].htm
02/27/2004 11:53 PM 1,706 2004-02-27 [Friday].htm
02/27/2004 11:50 PM 2,902 events.txt
37 File(s) 161,870 bytes

Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\xxryuhouxx - caitlin\2004-01-18 [Sunday]

09/14/2006 04:34 PM <DIR> .
09/14/2006 04:34 PM <DIR> ..
09/14/2006 04:34 PM 4,608 Thumbs.db
01/18/2004 03:05 AM 746,974 untitled.bmp
2 File(s) 751,582 bytes

Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\xxryuhouxx - caitlin\2004-01-28 [Wednesday]

09/14/2006 04:34 PM <DIR> .
09/14/2006 04:34 PM <DIR> ..
01/28/2004 09:01 PM 799,510 noname1075341676.bmp
09/14/2006 04:34 PM 6,144 Thumbs.db
2 File(s) 805,654 bytes

Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\xxryuhouxx - caitlin\2004-02-16 [Monday]

09/14/2006 04:34 PM <DIR> .
09/14/2006 04:34 PM <DIR> ..
02/16/2004 07:19 PM 304,381 03' fell down stairs.tif
02/16/2004 07:19 PM 518,964 Caitlin - gadzook
02/16/2004 07:19 PM 95,306 headshot.jpg
02/16/2004 07:19 PM 2,817,556 homc..03 .jpg
09/14/2006 04:36 PM 88,081 scan0001.jpg
02/16/2004 07:19 PM 1,612,356 Scan0001.tif
09/14/2006 04:39 PM 2,796,308 Scan0002.tif
02/16/2004 07:19 PM 8,619 spiderman_bnza_small nicks bowl.jpg
09/14/2006 04:39 PM 27,648 Thumbs.db
9 File(s) 8,269,219 bytes

Directory of C:\Documents and Settings\Nick\Desktop\Music Videos

01/13/2006 12:08 PM <DIR> .
01/13/2006 12:08 PM <DIR> ..
01/13/2006 10:15 AM 56,049,646 311 - 311 fatchance live.mpg
01/13/2006 09:23 AM 31,752,811 311 - all mixed up (video).mpg
01/13/2006 10:57 AM 36,307,852 311 - Amber (Live On Last Call)(1).mpg
01/13/2006 08:52 AM 37,853,188 311 - beautiful disaster live mtv smf.mpg
01/13/2006 10:52 AM 39,359,264 311 - come original live at sokal.mpeg
01/13/2006 11:08 AM 44,130,436 311 - creatures for a while - creatures.mpg
01/13/2006 08:05 AM 29,631,000 311 - don't stay home.mpg
01/13/2006 11:10 AM 36,465,884 311 - Down (Live On Conan O'Brien).mpg
01/13/2006 11:23 AM 40,326,048 311 - down (live on david letterman).mpg
01/13/2006 11:27 AM 29,956,136 311 - Down.mpg
01/13/2006 09:15 AM 42,006,300 311 - feels so good (live).mpg
01/13/2006 09:49 AM 39,301,164 311 - First Straw (Live Kimmel).mpg
01/12/2006 06:44 PM 161 311 - First Straw.avs
01/13/2006 10:25 AM 8,299,742 311 - First Straw.wmv
01/13/2006 10:57 AM 43,533,168 311 - Flowing (video).mpg
01/13/2006 03:47 AM 158 311 - Homebrew.avs
01/13/2006 07:41 AM 7,976,446 311 - Homebrew.wmv
01/13/2006 10:07 AM 36,993,028 311 - i'll be here awhile acoustic (live in seattle).mpg
01/13/2006 09:19 AM 47,818,624 311 - love song 33.mpg
01/13/2006 01:32 AM 175 311 - lovesong_kilborne_2-19-04.avs
01/13/2006 06:18 AM 9,300,700 311 - lovesong_kilborne_2-19-04.wmv
01/13/2006 09:52 AM 27,787,266 311 - prisoner.mpg
01/13/2006 09:38 AM 37,569,784 311 - transistor.mpg
01/13/2006 05:45 AM 160 311 kilborne 512.avs
01/13/2006 07:54 AM 18,634,383 311 kilborne 512.wmv
01/13/2006 10:11 AM 10,265,436 311 lovesong Leno 061104.wmv
01/13/2006 01:51 AM 177 311 on kimmel 2003 - creatures512.avs
01/13/2006 09:32 AM 19,287,237 311 on kimmel 2003 - creatures512.wmv
01/13/2006 09:32 AM 43,155,141 311- beautiful_disaster.mpg
01/13/2006 09:43 AM 37,797,290 311- come original.mpg
01/13/2006 08:28 AM 43,806,804 311- do you right.mpeg
01/13/2006 09:25 AM 51,873,268 311-i'll be here awhile.mpg
01/13/2006 08:24 AM 31,946,756 311_-_amber-daveyscan-ucv.mpeg
01/12/2006 12:10 PM 166 311_Kimmel_DTOM_080505.avs
01/13/2006 12:27 AM 10,496,228 311_Kimmel_DTOM_080505.wmv
01/12/2006 11:56 AM 174 311_on_Sharon_Osbourne_2-20-04.avs
01/13/2006 08:44 AM 9,303,984 311_on_Sharon_Osbourne_2-20-04.wmv
01/13/2006 02:25 AM 186 Drumline on kilborne-512kbps-thatsnice-wmv.avs
01/13/2006 09:55 AM 14,826,035 Drumline on kilborne-512kbps-thatsnice-wmv.wmv
01/13/2006 12:10 PM 92,160 Thumbs.db
40 File(s) 973,904,566 bytes

Directory of C:\Documents and Settings\Nick\Desktop\SmitfraudFix

10/27/2006 02:02 PM <DIR> .
10/27/2006 02:02 PM <DIR> ..
07/31/2004 05:50 PM 51,200 dumphive.exe
10/10/2006 10:34 PM 81,920 GenericRenosFix.exe
06/05/2003 08:13 PM 53,248 Process.exe
01/13/2005 08:41 PM 24,576 Reboot.exe
03/07/2006 09:45 PM 16,384 restart.exe
10/26/2006 10:56 PM 776,024 SmitfraudFix.cmd
09/19/2006 09:13 PM 20,480 SmiUpdate.exe
04/27/2006 04:49 PM 288,417 SrchSTS.exe
08/29/2006 06:43 PM 135,168 swreg.exe
01/09/2006 09:36 AM 40,960 swsc.exe
09/14/2006 11:34 PM 167,936 unzip.exe
11 File(s) 1,656,313 bytes

Directory of C:\Documents and Settings\Nick\Desktop\VirtualDubMod_1_5_10_2_All_inclusive

07/25/2006 02:07 AM <DIR> .
07/25/2006 02:07 AM <DIR> ..
08/25/2005 09:10 PM 40,960 AuxSetup.exe
04/08/2006 01:11 AM <DIR> aviproxy
11/14/2002 06:55 PM 56,832 AviSynthLexer.lexer
08/25/2005 10:44 PM 14,545 Codecs.ini
10/01/2003 05:31 PM 18,321 copying
03/10/2003 04:42 PM 125,440 corona.dll
04/22/2005 04:07 AM 184 Free-Codecs.txt
05/22/2002 05:18 AM 860 license_corona.txt
03/11/2003 10:10 PM 20,992 ogg.dll
04/08/2006 01:11 AM <DIR> plugins
03/17/2003 08:41 PM 1,263 readme_virtualdubmod_dlls.txt
04/25/2003 11:29 PM 146,944 SciLexer.dll
04/08/2006 01:11 AM <DIR> template
08/25/2005 09:10 PM 11,340 vdicmdrv.dll
08/25/2005 09:10 PM 9,804 vdremote.dll
08/25/2005 09:09 PM 7,244 vdsvrlnk.dll
12/01/2003 11:11 PM 74,186 VirtualDub.vdhelp
12/03/2003 08:26 PM 210,415 VirtualDubMod.chm
08/25/2005 09:17 PM 929,280 VirtualDubMod.exe
09/12/2004 12:22 PM 615 VirtualDubMod.exe.manifest
08/25/2005 09:17 PM 137,733 VirtualDubMod.vdi
03/11/2003 10:50 PM 48,640 vorbis.dll
07/25/2006 01:25 AM 699,177 WordBiz18.exe
20 File(s) 2,554,775 bytes

Directory of C:\Documents and Settings\Nick\Desktop\VirtualDubMod_1_5_10_2_All_inclusive\aviproxy

04/08/2006 01:11 AM <DIR> .
04/08/2006 01:11 AM <DIR> ..
10/01/2003 05:31 PM 192 proxyoff.reg
10/01/2003 05:31 PM 192 proxyon.reg
10/01/2003 05:31 PM 1,076 readme.txt
3 File(s) 1,460 bytes

Directory of C:\Documents and Settings\Nick\Desktop\VirtualDubMod_1_5_10_2_All_inclusive\plugins

04/08/2006 01:11 AM <DIR> .
04/08/2006 01:11 AM <DIR> ..
10/01/2003 05:31 PM 88 readme.txt
1 File(s) 88 bytes

Directory of C:\Documents and Settings\Nick\Desktop\VirtualDubMod_1_5_10_2_All_inclusive\template

04/08/2006 01:11 AM <DIR> .
04/08/2006 01:11 AM <DIR> ..
10/30/2002 09:13 PM 40 avisource.avst
10/30/2002 09:13 PM 50 default.avst
10/30/2002 09:13 PM 54 directshow.avst
10/30/2002 09:13 PM 59 mpeg2dec.avst
10/30/2002 09:13 PM 48 mpegdecoder.avst
5 File(s) 251 bytes

Total Files Listed:
274 File(s) 1,030,972,965 bytes
56 Dir(s) 74,018,066,432 bytes free

Volume in drive C has no label.
Volume Serial Number is 04E4-BB78

Directory of C:\Documents and Settings\Nick\Desktop

11/02/2006 09:27 PM <DIR> .
11/02/2006 09:27 PM <DIR> ..
10/27/2006 01:55 PM 3,307 222.rtf
09/19/2006 07:26 PM 2,855,080 aawsepersonal.exe
06/10/2005 09:44 PM 20,798,256 AdbeRdr70_enu_full.exe
10/19/2005 06:19 PM 160,256 AIMFix.exe
10/27/2005 03:04 PM 678 Azureus.lnk
04/09/2005 10:00 AM 393,216 bwchart.exe
09/18/2006 11:20 PM <DIR> Caitlin all
10/17/2005 03:47 PM 1,657 Collab.lnk
10/25/2006 11:28 AM 276,918 combofix.exe
11/02/2006 09:27 PM 132 find.bat
11/02/2006 09:27 PM 124 find2.bat
10/17/2005 03:47 PM 778 FL Studio 5.lnk
05/28/2005 09:35 PM 104 Internet.lnk
10/23/2005 10:54 PM 1,565 IrfanView Thumbnails.lnk
10/23/2005 10:54 PM 685 IrfanView.lnk
01/13/2006 12:08 PM <DIR> Music Videos
09/25/2005 04:02 PM 104 My Computer.lnk
03/15/2004 10:08 PM 19,846 nick's poem book.txt
10/27/2006 02:03 PM 1,420 rapport.txt
10/27/2006 02:02 PM <DIR> SmitfraudFix
10/27/2006 01:26 PM 601,128 SmitfraudFix.zip
09/19/2006 07:43 PM 933 Spybot - Search & Destroy.lnk
09/19/2006 07:43 PM 5,037,072 spybotsd14.exe
09/19/2006 12:21 PM 690 SpywareBlaster.lnk
05/28/2005 09:25 PM 1,576 Starcraft - Brood War.lnk
10/25/2006 11:24 AM 2 uninstall_list.txt
07/25/2006 02:07 AM <DIR> VirtualDubMod_1_5_10_2_All_inclusive
04/08/2006 01:15 AM 1,757,806 VirtualDubMod_1_5_10_2_All_inclusive.zip
11/09/2005 03:55 AM 654 Winamp.lnk
06/05/2005 05:53 PM 692 WinRAR.lnk
07/25/2006 01:25 AM 1,524 WordBiz.lnk
06/05/2005 05:52 PM 1,013,454 wrar35b5.exe
28 File(s) 32,929,657 bytes

Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all

09/18/2006 11:20 PM <DIR> .
09/18/2006 11:20 PM <DIR> ..
09/26/2004 08:53 PM 183,615 caitlin.jpg
09/18/2006 11:22 PM 256,822 Clipboard01.bmp
09/13/2006 09:50 PM <DIR> DszeroDs - Caitlin
09/13/2006 09:50 PM <DIR> GoBpUnKrOcKeRs -Caitlin
01/30/2005 10:03 PM 2,794,174 hawaii.bmp
02/16/2004 07:09 PM 2,817,556 homc..03 .tif
09/13/2006 09:49 PM <DIR> RyuhouEx - Caitlin
02/16/2004 07:06 PM 2,817,580 Scan0002.tif
10/29/2004 08:01 AM 620 Shortcut to Caitlin - gadzook.lnk
01/30/2005 10:02 PM 619 Shortcut to Scan0002.lnk
09/18/2006 11:22 PM 32,256 Thumbs.db
09/13/2006 09:49 PM <DIR> XfallenchaosX - caitlin middle
09/13/2006 09:49 PM <DIR> xfallenchaosx - caitlin new
09/13/2006 09:49 PM <DIR> xfallenchaosx - caitlin old
09/13/2006 09:49 PM <DIR> xxryuhouxx - caitlin
8 File(s) 8,903,242 bytes

Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\DszeroDs - Caitlin

09/13/2006 09:50 PM <DIR> .
09/13/2006 09:50 PM <DIR> ..
05/24/2003 06:23 AM 4,208 2003-05-24 [Saturday].htm
06/04/2003 08:47 PM 1,756 2003-06-04 [Wednesday].htm
06/05/2003 06:37 PM 401 2003-06-05 [Thursday].htm
06/07/2003 04:40 PM 2,337 2003-06-07 [Saturday].htm
06/09/2003 09:30 PM 2,070 2003-06-09 [Monday].htm
06/10/2003 07:38 PM 14,563 2003-06-10 [Tuesday].htm
06/12/2003 09:18 PM 18,931 2003-06-12 [Thursday].htm
06/14/2003 05:06 PM 390 2003-06-14 [Saturday].htm
06/15/2003 09:48 PM 35,884 2003-06-15 [Sunday].htm
06/16/2003 09:47 PM 27,543 2003-06-16 [Monday].htm
06/17/2003 08:26 PM 3,694 2003-06-17 [Tuesday].htm
06/18/2003 03:36 PM 22,921 2003-06-18 [Wednesday].htm
06/19/2003 07:21 PM 11,709 2003-06-19 [Thursday].htm
06/20/2003 08:58 PM 5,804 2003-06-20 [Friday].htm
06/22/2003 01:09 PM 6,787 2003-06-22 [Sunday].htm
06/23/2003 05:05 PM 17,660 2003-06-23 [Monday].htm
06/25/2003 12:56 PM 7,187 2003-06-25 [Wednesday].htm
06/27/2003 03:50 PM 15,410 2003-06-27 [Friday].htm
07/06/2003 09:28 PM 5,168 2003-07-06 [Sunday].htm
07/07/2003 06:09 PM 21,267 2003-07-07 [Monday].htm
07/08/2003 04:55 PM 2,293 2003-07-08 [Tuesday].htm
07/13/2003 12:28 PM 2,378 2003-07-13 [Sunday].htm
07/14/2003 08:52 PM 11,916 2003-07-14 [Monday].htm
07/15/2003 07:32 PM 13,510 2003-07-15 [Tuesday].htm
07/19/2003 09:58 PM 14,734 2003-07-19 [Saturday].htm
07/26/2003 02:42 PM 14,938 2003-07-26 [Saturday].htm
07/27/2003 03:17 PM 550 2003-07-27 [Sunday].htm
08/11/2003 09:40 PM 4,268 2003-08-11 [Monday].htm
08/12/2003 11:13 AM 675 2003-08-12 [Tuesday].htm
08/14/2003 10:36 PM 12,800 2003-08-14 [Thursday].htm
08/15/2003 10:17 PM 7,932 2003-08-15 [Friday].htm
08/16/2003 08:14 PM 24,701 2003-08-16 [Saturday].htm
08/17/2003 05:01 PM 8,650 2003-08-17 [Sunday].htm
08/18/2003 07:04 PM 20,208 2003-08-18 [Monday].htm
08/19/2003 12:36 AM 27,747 2003-08-19 [Tuesday].htm
08/20/2003 09:54 PM 36,672 2003-08-20 [Wednesday].htm
08/21/2003 11:25 AM 2,461 2003-08-21 [Thursday].htm
08/22/2003 10:26 AM 3,368 2003-08-22 [Friday].htm
01/23/2004 11:10 PM 2,381 2004-01-23 [Friday].htm
01/25/2004 01:05 PM 2,368 events.txt
10/09/2004 11:02 PM 14 Me....txt
41 File(s) 440,254 bytes

Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\GoBpUnKrOcKeRs -Caitlin

09/13/2006 09:50 PM <DIR> .
09/13/2006 09:50 PM <DIR> ..
04/25/2001 07:16 AM 9,249 2001-04-25 [Wednesday].htm
05/05/2001 10:31 AM 14,933 2001-05-05 [Saturday].htm
09/20/2001 08:45 PM 23,022 2001-09-20 [Thursday].htm
09/21/2001 01:26 AM 21,168 2001-09-21 [Friday].htm
04/09/2003 07:45 PM 13,845 2003-04-09 [Wednesday].htm
09/14/2006 04:40 PM <DIR> 2003-04-18 [Friday]
04/18/2003 10:32 PM 64,574 2003-04-18 [Friday].htm
04/19/2003 12:21 PM 1,909 2003-04-19 [Saturday].htm
04/20/2003 12:05 AM 11,873 2003-04-20 [Sunday].htm
05/26/2003 01:31 PM 9,781 2003-05-26 [Monday].htm
06/01/2003 04:37 PM 9,707 2003-06-01 [Sunday].htm
06/06/2003 06:15 PM 1,344 2003-06-06 [Friday].htm
01/25/2004 07:10 PM 4,610 2004-01-25 [Sunday].htm
06/01/2003 04:37 PM 277 events.txt
13 File(s) 186,292 bytes

Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\GoBpUnKrOcKeRs -Caitlin\2003-04-18 [Friday]

09/14/2006 04:40 PM <DIR> .
09/14/2006 04:40 PM <DIR> ..
04/18/2003 07:32 PM 104,336 MVC-011S.JPG
09/14/2006 04:40 PM 5,632 Thumbs.db
2 File(s) 109,968 bytes

Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\RyuhouEx - Caitlin

09/13/2006 09:49 PM <DIR> .
09/13/2006 09:49 PM <DIR> ..
08/23/2003 08:14 PM 912 2003-08-23 [Saturday].htm
08/24/2003 06:21 PM 3,181 2003-08-24 [Sunday].htm
08/25/2003 01:14 PM 31,929 2003-08-25 [Monday].htm
08/26/2003 03:24 PM 19,349 2003-08-26 [Tuesday].htm
08/27/2003 03:04 PM 8,857 2003-08-27 [Wednesday].htm
08/28/2003 08:31 PM 7,746 2003-08-28 [Thursday].htm
08/29/2003 03:07 PM 12,340 2003-08-29 [Friday].htm
08/30/2003 02:57 PM 1,515 2003-08-30 [Saturday].htm
09/03/2003 06:59 PM 1,973 2003-09-03 [Wednesday].htm
09/07/2003 08:12 PM 17,033 2003-09-07 [Sunday].htm
09/08/2003 02:37 PM 13,073 2003-09-08 [Monday].htm
09/12/2003 01:49 PM 890 2003-09-12 [Friday].htm
09/14/2003 07:36 PM 17,727 2003-09-14 [Sunday].htm
09/15/2003 08:30 PM 2,160 2003-09-15 [Monday].htm
09/17/2003 07:12 PM 755 2003-09-17 [Wednesday].htm
09/19/2003 03:37 PM 3,721 2003-09-19 [Friday].htm
09/22/2003 08:31 PM 1,404 2003-09-22 [Monday].htm
09/24/2003 08:05 PM 6,813 2003-09-24 [Wednesday].htm
09/25/2003 08:19 PM 4,623 2003-09-25 [Thursday].htm
09/26/2003 02:59 PM 713 2003-09-26 [Friday].htm
09/29/2003 08:15 PM 1,859 2003-09-29 [Monday].htm
10/08/2003 06:27 PM 1,441 2003-10-08 [Wednesday].htm
10/09/2003 09:20 PM 6,395 2003-10-09 [Thursday].htm
10/10/2003 10:43 AM 5,340 2003-10-10 [Friday].htm
10/15/2003 08:19 PM 24,779 2003-10-15 [Wednesday].htm
10/17/2003 04:51 PM 1,504 2003-10-17 [Friday].htm
10/19/2003 04:44 PM 688 2003-10-19 [Sunday].htm
10/20/2003 07:54 PM 5,003 2003-10-20 [Monday].htm
10/22/2003 07:51 PM 18,172 2003-10-22 [Wednesday].htm
10/24/2003 02:12 PM 2,034 2003-10-24 [Friday].htm
10/26/2003 08:09 PM 5,619 2003-10-26 [Sunday].htm
10/27/2003 08:54 PM 12,243 2003-10-27 [Monday].htm
10/29/2003 08:00 PM 9,120 2003-10-29 [Wednesday].htm
10/30/2003 03:55 PM 6,331 2003-10-30 [Thursday].htm
10/31/2003 06:20 PM 619 2003-10-31 [Friday].htm
11/03/2003 09:46 PM 2,710 2003-11-03 [Monday].htm
11/04/2003 08:38 PM 5,569 2003-11-04 [Tuesday].htm
11/05/2003 01:50 PM 1,872 2003-11-05 [Wednesday].htm
11/05/2003 01:30 PM 3,046 events.txt
39 File(s) 271,058 bytes

Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\XfallenchaosX - caitlin middle

09/13/2006 09:49 PM <DIR> .
09/13/2006 09:49 PM <DIR> ..
02/29/2004 10:40 PM 978 2004-02-29 [Sunday].htm
03/29/2004 09:59 PM 2,358 2004-03-29 [Monday].htm
04/02/2004 09:16 PM 439 2004-04-02 [Friday].htm
04/03/2004 02:19 PM 997 2004-04-03 [Saturday].htm
04/11/2004 09:00 PM 1,566 2004-04-11 [Sunday].htm
04/15/2004 10:16 PM 11,595 2004-04-15 [Thursday].htm
04/27/2004 02:42 PM 1,133 2004-04-27 [Tuesday].htm
04/27/2004 07:30 PM 937 events.txt
8 File(s) 20,003 bytes

Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\xfallenchaosx - caitlin new

09/13/2006 09:49 PM <DIR> .
09/13/2006 09:49 PM <DIR> ..
05/05/2004 08:06 PM 3,980 2004-05-05 [Wednesday].htm
05/10/2004 05:29 PM 69 events.txt
2 File(s) 4,049 bytes

Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\xfallenchaosx - caitlin old

09/13/2006 09:49 PM <DIR> .
09/13/2006 09:49 PM <DIR> ..
02/27/2004 11:53 PM 1,462 2004-02-27 [Friday].htm
02/28/2004 02:34 PM 924 2004-02-28 [Saturday].htm
03/22/2004 09:05 PM 278 events.txt
3 File(s) 2,664 bytes

Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\xxryuhouxx - caitlin

09/13/2006 09:49 PM <DIR> .
09/13/2006 09:49 PM <DIR> ..
11/10/2003 10:10 PM 3,575 2003-11-10 [Monday].htm
11/11/2003 07:11 PM 728 2003-11-11 [Tuesday].htm
11/17/2003 05:33 PM 4,019 2003-11-17 [Monday].htm
11/19/2003 07:47 PM 1,370 2003-11-19 [Wednesday].htm
11/23/2003 10:04 PM 1,291 2003-11-23 [Sunday].htm
11/24/2003 08:11 PM 1,145 2003-11-24 [Monday].htm
12/02/2003 08:32 PM 912 2003-12-02 [Tuesday].htm
12/03/2003 10:32 PM 1,397 2003-12-03 [Wednesday].htm
12/04/2003 08:52 PM 5,769 2003-12-04 [Thursday].htm
12/06/2003 09:09 PM 27,591 2003-12-06 [Saturday].htm
12/13/2003 05:21 AM 1,466 2003-12-13 [Saturday].htm
12/19/2003 04:40 AM 5,451 2003-12-19 [Friday].htm
12/20/2003 07:10 AM 1,039 2003-12-20 [Saturday].htm
12/21/2003 12:14 PM 5,751 2003-12-21 [Sunday].htm
12/25/2003 11:28 PM 3,770 2003-12-25 [Thursday].htm
12/30/2003 06:38 PM 1,638 2003-12-30 [Tuesday].htm
12/31/2003 01:21 AM 1,355 2003-12-31 [Wednesday].htm
01/02/2004 03:00 AM 597 2004-01-02 [Friday].htm
01/03/2004 12:59 AM 3,883 2004-01-03 [Saturday].htm
01/12/2004 09:31 PM 2,529 2004-01-12 [Monday].htm
01/14/2004 09:36 PM 13,606 2004-01-14 [Wednesday].htm
01/15/2004 03:05 PM 773 2004-01-15 [Thursday].htm
09/14/2006 04:34 PM <DIR> 2004-01-18 [Sunday]
01/18/2004 03:05 AM 4,490 2004-01-18 [Sunday].htm
01/20/2004 07:30 PM 1,855 2004-01-20 [Tuesday].htm
01/21/2004 02:50 PM 3,563 2004-01-21 [Wednesday].htm
01/25/2004 07:47 PM 1,352 2004-01-25 [Sunday].htm
01/26/2004 07:58 PM 1,267 2004-01-26 [Monday].htm
01/27/2004 10:21 PM 4,354 2004-01-27 [Tuesday].htm
09/14/2006 04:34 PM <DIR> 2004-01-28 [Wednesday]
01/28/2004 09:01 PM 4,669 2004-01-28 [Wednesday].htm
01/29/2004 11:04 PM 976 2004-01-29 [Thursday].htm
02/04/2004 04:20 PM 2,271 2004-02-04 [Wednesday].htm
02/09/2004 10:39 PM 1,038 2004-02-09 [Monday].htm
09/14/2006 04:34 PM <DIR> 2004-02-16 [Monday]
02/16/2004 07:20 PM 33,702 2004-02-16 [Monday].htm
02/21/2004 04:32 PM 7,061 2004-02-21 [Saturday].htm
02/23/2004 08:42 PM 1,009 2004-02-23 [Monday].htm
02/27/2004 11:53 PM 1,706 2004-02-27 [Friday].htm
02/27/2004 11:50 PM 2,902 events.txt
37 File(s) 161,870 bytes

Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\xxryuhouxx - caitlin\2004-01-18 [Sunday]

09/14/2006 04:34 PM <DIR> .
09/14/2006 04:34 PM <DIR> ..
09/14/2006 04:34 PM 4,608 Thumbs.db
01/18/2004 03:05 AM 746,974 untitled.bmp
2 File(s) 751,582 bytes

Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\xxryuhouxx - caitlin\2004-01-28 [Wednesday]

09/14/2006 04:34 PM <DIR> .
09/14/2006 04:34 PM <DIR> ..
01/28/2004 09:01 PM 799,510 noname1075341676.bmp
09/14/2006 04:34 PM 6,144 Thumbs.db
2 File(s) 805,654 bytes

Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\xxryuhouxx - caitlin\2004-02-16 [Monday]

09/14/2006 04:34 PM <DIR> .
09/14/2006 04:34 PM <DIR> ..
02/16/2004 07:19 PM 304,381 03' fell down stairs.tif
02/16/2004 07:19 PM 518,964 Caitlin - gadzook
02/16/2004 07:19 PM 95,306 headshot.jpg
02/16/2004 07:19 PM 2,817,556 homc..03 .jpg
09/14/2006 04:36 PM 88,081 scan0001.jpg
02/16/2004 07:19 PM 1,612,356 Scan0001.tif
09/14/2006 04:39 PM 2,796,308 Scan0002.tif
02/16/2004 07:19 PM 8,619 spiderman_bnza_small nicks bowl.jpg
09/14/2006 04:39 PM 27,648 Thumbs.db
9 File(s) 8,269,219 bytes

Directory of C:\Documents and Settings\Nick\Desktop\Music Videos

01/13/2006 12:08 PM <DIR> .
01/13/2006 12:08 PM <DIR> ..
01/13/2006 10:15 AM 56,049,646 311 - 311 fatchance live.mpg
01/13/2006 09:23 AM 31,752,811 311 - all mixed up (video).mpg
01/13/2006 10:57 AM 36,307,852 311 - Amber (Live On Last Call)(1).mpg
01/13/2006 08:52 AM 37,853,188 311 - beautiful disaster live mtv smf.mpg
01/13/2006 10:52 AM 39,359,264 311 - come original live at sokal.mpeg
01/13/2006 11:08 AM 44,130,436 311 - creatures for a while - creatures.mpg
01/13/2006 08:05 AM 29,631,000 311 - don't stay home.mpg
01/13/2006 11:10 AM 36,465,884 311 - Down (Live On Conan O'Brien).mpg
01/13/2006 11:23 AM 40,326,048 311 - down (live on david letterman).mpg
01/13/2006 11:27 AM 29,956,136 311 - Down.mpg
01/13/2006 09:15 AM 42,006,300 311 - feels so good (live).mpg
01/13/2006 09:49 AM 39,301,164 311 - First Straw (Live Kimmel).mpg
01/12/2006 06:44 PM 161 311 - First Straw.avs
01/13/2006 10:25 AM 8,299,742 311 - First Straw.wmv
01/13/2006 10:57 AM 43,533,168 311 - Flowing (video).mpg
01/13/2006 03:47 AM 158 311 - Homebrew.avs
01/13/2006 07:41 AM 7,976,446 311 - Homebrew.wmv
01/13/2006 10:07 AM 36,993,028 311 - i'll be here awhile acoustic (live in seattle).mpg
01/13/2006 09:19 AM 47,818,624 311 - love song 33.mpg
01/13/2006 01:32 AM 175 311 - lovesong_kilborne_2-19-04.avs
01/13/2006 06:18 AM 9,300,700 311 - lovesong_kilborne_2-19-04.wmv
01/13/2006 09:52 AM 27,787,266 311 - prisoner.mpg
01/13/2006 09:38 AM 37,569,784 311 - transistor.mpg
01/13/2006 05:45 AM 160 311 kilborne 512.avs
01/13/2006 07:54 AM 18,634,383 311 kilborne 512.wmv
01/13/2006 10:11 AM 10,265,436 311 lovesong Leno 061104.wmv
01/13/2006 01:51 AM 177 311 on kimmel 2003 - creatures512.avs
01/13/2006 09:32 AM 19,287,237 311 on kimmel 2003 - creatures512.wmv
01/13/2006 09:32 AM 43,155,141 311- beautiful_disaster.mpg
01/13/2006 09:43 AM 37,797,290 311- come original.mpg
01/13/2006 08:28 AM 43,806,804 311- do you right.mpeg
01/13/2006 09:25 AM 51,873,268 311-i'll be here awhile.mpg
01/13/2006 08:24 AM 31,946,756 311_-_amber-daveyscan-ucv.mpeg
01/12/2006 12:10 PM 166 311_Kimmel_DTOM_080505.avs
01/13/2006 12:27 AM 10,496,228 311_Kimmel_DTOM_080505.wmv
01/12/2006 11:56 AM 174 311_on_Sharon_Osbourne_2-20-04.avs
01/13/2006 08:44 AM 9,303,984 311_on_Sharon_Osbourne_2-20-04.wmv
01/13/2006 02:25 AM 186 Drumline on kilborne-512kbps-thatsnice-wmv.avs
01/13/2006 09:55 AM 14,826,035 Drumline on kilborne-512kbps-thatsnice-wmv.wmv
01/13/2006 12:10 PM 92,160 Thumbs.db
40 File(s) 973,904,566 bytes

Directory of C:\Documents and Settings\Nick\Desktop\SmitfraudFix

10/27/2006 02:02 PM <DIR> .
10/27/2006 02:02 PM <DIR> ..
07/31/2004 05:50 PM 51,200 dumphive.exe
10/10/2006 10:34 PM 81,920 GenericRenosFix.exe
06/05/2003 08:13 PM 53,248 Process.exe
01/13/2005 08:41 PM 24,576 Reboot.exe
03/07/2006 09:45 PM 16,384 restart.exe
10/26/2006 10:56 PM 776,024 SmitfraudFix.cmd
09/19/2006 09:13 PM 20,480 SmiUpdate.exe
04/27/2006 04:49 PM 288,417 SrchSTS.exe
08/29/2006 06:43 PM 135,168 swreg.exe
01/09/2006 09:36 AM 40,960 swsc.exe
09/14/2006 11:34 PM 167,936 unzip.exe
11 File(s) 1,656,313 bytes

Directory of C:\Documents and Settings\Nick\Desktop\VirtualDubMod_1_5_10_2_All_inclusive

07/25/2006 02:07 AM <DIR> .
07/25/2006 02:07 AM <DIR> ..
08/25/2005 09:10 PM 40,960 AuxSetup.exe
04/08/2006 01:11 AM <DIR> aviproxy
11/14/2002 06:55 PM 56,832 AviSynthLexer.lexer
08/25/2005 10:44 PM 14,545 Codecs.ini
10/01/2003 05:31 PM 18,321 copying
03/10/2003 04:42 PM 125,440 corona.dll
04/22/2005 04:07 AM 184 Free-Codecs.txt
05/22/2002 05:18 AM 860 license_corona.txt
03/11/2003 10:10 PM 20,992 ogg.dll
04/08/2006 01:11 AM <DIR> plugins
03/17/2003 08:41 PM 1,263 readme_virtualdubmod_dlls.txt
04/25/2003 11:29 PM 146,944 SciLexer.dll
04/08/2006 01:11 AM <DIR> template
08/25/2005 09:10 PM 11,340 vdicmdrv.dll
08/25/2005 09:10 PM 9,804 vdremote.dll
08/25/2005 09:09 PM 7,244 vdsvrlnk.dll
12/01/2003 11:11 PM 74,186 VirtualDub.vdhelp
12/03/2003 08:26 PM 210,415 VirtualDubMod.chm
08/25/2005 09:17 PM 929,280 VirtualDubMod.exe
09/12/2004 12:22 PM 615 VirtualDubMod.exe.manifest
08/25/2005 09:17 PM 137,733 VirtualDubMod.vdi
03/11/2003 10:50 PM 48,640 vorbis.dll
07/25/2006 01:25 AM 699,177 WordBiz18.exe
20 File(s) 2,554,775 bytes

Directory of C:\Documents and Settings\Nick\Desktop\VirtualDubMod_1_5_10_2_All_inclusive\aviproxy

04/08/2006 01:11 AM <DIR> .
04/08/2006 01:11 AM <DIR> ..
10/01/2003 05:31 PM 192 proxyoff.reg
10/01/2003 05:31 PM 192 proxyon.reg
10/01/2003 05:31 PM 1,076 readme.txt
3 File(s) 1,460 bytes

Directory of C:\Documents and Settings\Nick\Desktop\VirtualDubMod_1_5_10_2_All_inclusive\plugins

04/08/2006 01:11 AM <DIR> .
04/08/2006 01:11 AM <DIR> ..
10/01/2003 05:31 PM 88 readme.txt
1 File(s) 88 bytes

Directory of C:\Documents and Settings\Nick\Desktop\VirtualDubMod_1_5_10_2_All_inclusive\template

04/08/2006 01:11 AM <DIR> .
04/08/2006 01:11 AM <DIR> ..
10/30/2002 09:13 PM 40 avisource.avst
10/30/2002 09:13 PM 50 default.avst
10/30/2002 09:13 PM 54 directshow.avst
10/30/2002 09:13 PM 59 mpeg2dec.avst
10/30/2002 09:13 PM 48 mpegdecoder.avst
5 File(s) 251 bytes

Total Files Listed:
274 File(s) 1,030,972,965 bytes
56 Dir(s) 74,018,095,104 bytes free

im sorry about the time. The user was out of town and i couldn't get to the computer. here's what u wanted.

guestolo · « **Reply #10 on:** November 02, 2006, 09:59:13 PM »

It appears you didn't save one of the files correctly

Navigate to C:\Program Files\DriveCleaner 2006 Free
Open the folder, is there an uninstaller?

zeroFaTe · « **Reply #11 on:** November 03, 2006, 11:54:43 AM »

i can't find C:\Program Files\DriveCleaner 2006 Free. Im not sure why but i put the address in the search and nothing comes up.

guestolo · « **Reply #12 on:** November 03, 2006, 11:22:15 PM »

To manually look for the folder
Double click on MyComputer icon>>Local C: drive
Program Files folder
See if there is a
DriveCleaner 2006 Free folder

Let's see a fresh log please
But first. do the following
Do a "System scan only" with Hijackthis and put a check next to these entries:

O4 - HKLM\..\Run: [PAS_Check] "C:\Program Files\Common Files\DriveCleaner 2006 Free\udcpas.exe"
O4 - HKLM\..\Run: [SDR6_Check] "C:\Program Files\Common Files\DriveCleaner 2006 Free\udcsdr.exe"

After you have ticked the above entries, close All other open windows
Including this one
Leave Hijackthis open and click FIX CHECKED
OK the prompt and exit Hijackthis

Reboot the computer, then run a fresh scan and save logfile with Hijackthis and post it

zeroFaTe · « **Reply #13 on:** November 06, 2006, 11:46:52 PM »

Logfile of HijackThis v1.99.1
Scan saved at 11:44:23 PM, on 11/6/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\D-Link\Air Utility\AirCFG.exe
C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Silicon Image\SiISATARaid\SATARaid.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Program Files\Messenger\msmsgs.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\Program Files\iPod\bin\iPodService.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\HJT\zerofate.exe.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [D-Link Air Utility] C:\Program Files\D-Link\Air Utility\AirCFG.exe
O4 - HKLM\..\Run: [ANIWZCSService] C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: SATARaid.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...90/mcinsctl.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/m...,23/mcgdmgr.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe

guestolo · « **Reply #14 on:** November 07, 2006, 01:01:34 AM »

How's everything running on your end?

zeroFaTe · « **Reply #15 on:** November 08, 2006, 10:08:48 AM »

Everything seems to be running fine now, thanks. I have a question about this mcafee antivirus. It needs to be updated but it keeps asking me to pay even though the version on my pc was technically paid for. There' an extra button in the tray that keeps saying "please update" blah blah blah, in a pop-up balloon every time i turn the pc on, and it also just randomly comes up while im on the pc. Is there a way to stop it from asking me to upgrade all the time?

guestolo · « **Reply #16 on:** November 08, 2006, 08:29:52 PM »

Quote

It needs to be updated but it keeps asking me to pay even though the version on my pc was technically paid for.

I'm not sure what you mean by that
Is it legally paid for or isn't it?
What version is it?

There are free versions that do a good job, but you don't want to have more than one AV running on your system

zeroFaTe · « **Reply #17 on:** November 10, 2006, 02:16:35 AM »

well, my uncle gave it to me. im sure that everythings legal. its just asking me to upgrade, like get a better version. i think i figured it out. i just messed around with the settngs a little, it seems fine now.

guestolo · « **Reply #18 on:** November 11, 2006, 04:36:23 PM »

Sounds good
Do I have to mention to you the use of SpywareBlaster?
Also, use the Immunization feature in Spybot 1.4

You should have a good acknowledgement how to keep your system secure

http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/wink.gif\' class=\'bbc_emoticon\' alt=\'

\' />

zeroFaTe · « **Reply #19 on:** November 13, 2006, 03:49:47 PM »

lol i know i know. i should be able to handle things now. thanks a lot

News:

Author Topic: here ya go then... (Read 1479 times)