|
|||||||||
|
|||||||||
| |||||||||
|
|||||||||
|
|||||||||
| |||||||||
|
|
|
| |||||||||
 |
|
|
«
Previous Thread
|
Next Thread
»
|
Thread Tools | Search this Thread | Rate Thread | Display Modes |
Dev Shed Forums Sponsor:
|
|
Stop making mediocre tutorials.The best tutorials are video! Camtasia Studio makes it easy to create engaging, buzz-building screen videos at any size, in any popular format. Download the free trial!
|
|
#46
April 15th, 2008, 09:09 AM
|
||||
|
||||
|
Lets take a Last look at you system.
Download Deckard's System Scanner. HERE 1. Close all applications and windows. 2. Double-click on dss.exe to run it, and follow the prompts. 3. When the scan is complete, a text file will open - Main.txt 4. Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of Main.txt in your thread here. 5. A folder, C:\Deckard, will also open. In it will be another text file, Extra.txt. 6. Attach Extra.txt to your post. Note: some firewalls may warn that sigcheck.exe is trying to access the internet - please ensure that you allow sigcheck.exe permission to do so. What Deckard's System Scanner will do: * create a new System Restore point in Windows XP and Vista. * clean your Temporary Files, Downloaded Program Files, and Internet Cache Files, and also empty the Recycle Bin on all drives. * check some important areas of your system and produce a report for your analyst to review. Deckard's System Scanner automatically runs HijackThis for you, but it will also install and place a shortcut to HijackThis on your desktop if you do not already have HijackThis installed. When you get the two notepad documents, click somewhere inside the notepad document and hold CTRL/Control and press A then C. This will "select all" and "copy" the text. Please post both of the logs.
__________________
O'Neill: "So, we basically saved your whole planet, right?" Chancellor: "Yes." O'Neill: "Are you, therefore, indebted to us in any modest way?" Chancellor: "I suppose that is the case." O'Neill: "So how 'bout the blueprints to build one of those ion cannons?" Chancellor: "You have been told our policy. That has not changed."
|
|
#47
April 16th, 2008, 08:59 AM
|
|||
|
|||
|
Deckard's System Scanner v20071014.68
Run by Administrator on 2008-04-16 19:20:14 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- Successfully created a Deckard's System Scanner Restore Point. -- Last 5 Restore Point(s) -- 67: 2008-04-16 13:50:23 UTC - RP170 - Deckard's System Scanner Restore Point 66: 2008-04-16 13:47:27 UTC - RP169 - Removed BitDefender Free Edition v10 65: 2008-04-16 13:45:59 UTC - RP168 - Removed SUPERAntiSpyware Free Edition 64: 2008-04-15 13:45:34 UTC - RP167 - Installed Java(TM) 6 Update 5 63: 2008-04-15 13:09:53 UTC - RP166 - Removed J2SE Runtime Environment 5.0 Update 11 -- First Restore Point -- 1: 2008-02-16 09:36:35 UTC - RP104 - System Checkpoint Backed up registry hives. Performed disk cleanup. -- HijackThis (run as Administrator.exe) --------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 7:22:32 PM, on 4/16/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\AVG\AVG8\avgam.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\WINDOWS\Explorer.EXE C:\Program Files\SigmaTel\SigmaTel AC97 Audio Drivers\stacmon.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Dell\QuickSet\Quickset.exe C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Program Files\Google\Google Talk\googletalk.exe C:\WINDOWS\system32\ntvdm.exe C:\WINDOWS\system32\msiexec.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\Administrator\Desktop\dss.exe C:\PROGRA~1\TRENDM~1\HIJACK~1\Administrator.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 128.1.2.1:8080 R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O4 - HKLM\..\Run: [SigmaTel StacMon] C:\Program Files\SigmaTel\SigmaTel AC97 Audio Drivers\stacmon.exe O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe" /StartupJobs O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\Quickset.exe O4 - HKLM\..\Run: [Zone Labs Client] C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'Default user') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{D8BB99EF-1AA7-41CF-B8B7-C5E748E10766}: NameServer = 59.144.127.16,59.144.127.17 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 5899 bytes -- File Associations ----------------------------------------------------------- .js - unable to read key .js - unable to read key -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R1 OMCI (OMCI WDM Device Driver) - c:\windows\system32\drivers\omci.sys <Not Verified; Dell Inc; OMCI Driver> R1 PQNTDrv - c:\windows\system32\drivers\pqntdrv.sys R1 SASKUTIL - c:\program files\superantispyware\saskutil.sys (file missing) S0 BootScreen - c:\windows\\systemroot\system32\drivers\vidstub.sys (file missing) S3 BDFsDrv - c:\program files\softwin\bitdefender10\bdfsdrv.sys (file missing) S3 BDRsDrv - c:\program files\softwin\bitdefender10\bdrsdrv.sys (file missing) S3 catchme - c:\docume~1\admini~1\locals~1\temp\catchme.sys (file missing) S3 Profos - c:\program files\softwin\bitdefender10\profos.sys (file missing) S3 SGUARD - c:\windows\system32\drivers\sguard.sys (file missing) S3 Trufos - c:\program files\softwin\bitdefender10\trufos.sys (file missing) S3 zteusbser (ZTE USB Device for Legacy Serial Communication) - c:\windows\system32\drivers\zteusbser.sys <Not Verified; ZTE Corporation; ZTE Corporation USB Modem/Serial Device Driver> -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- S4 DB2-0 (DB2 - DB2-0) - c:\progra~1\ibm\sqllib\bin\db2syscs.exe <Not Verified; International Business Machines Corporation; IBM(R) DB2(R)> S4 DB2CTLSV-0 (DB2 - DB2CTLSV-0) - c:\progra~1\ibm\sqllib\bin\db2syscs.exe <Not Verified; International Business Machines Corporation; IBM(R) DB2(R)> S4 DB2DAS00 (DB2DAS - DB2DAS00) - "c:\program files\ibm\sqllib\\bin\db2dasrrm.exe" <Not Verified; International Business Machines Corporation; IBM(R) DB2(R)> S4 DB2DWLogger (DB2 Warehouse Logger) - "c:\program files\ibm\sqllib\bin\iwh2log.exe" <Not Verified; International Business Machines Corporation; IBM(R) DB2(R)> S4 DB2DWServer (DB2 Warehouse Server) - "c:\program files\ibm\sqllib\bin\iwh2serv.exe" <Not Verified; International Business Machines Corporation; IBM(R) DB2(R)> S4 DB2GOVERNOR (DB2 Governor) - "c:\program files\ibm\sqllib\bin\db2govds.exe" <Not Verified; International Business Machines Corporation; IBM(R) DB2(R)> S4 DB2JDS (DB2 JDBC Applet Server) - "c:\program files\ibm\sqllib\bin\db2jds.exe" <Not Verified; International Business Machines Corporation; IBM(R) DB2(R)> S4 DB2LICD (DB2 License Server) - "c:\program files\ibm\sqllib\bin\db2licd.exe" <Not Verified; International Business Machines Corporation; IBM(R) DB2(R)> S4 DB2NTSECSERVER (DB2 Security Server) - "c:\program files\ibm\sqllib\bin\db2sec.exe" <Not Verified; International Business Machines Corporation; IBM(R) DB2(R)> S4 DB2REMOTECMD (DB2 Remote Command Server) - "c:\program files\ibm\sqllib\bin\db2rcmd.exe" <Not Verified; International Business Machines Corporation; IBM(R) DB2(R)> S4 OLAPServer (Oracle OLAP 9.0.1.0.1) - c:\oracle\ora90\bin\xsolap.exe <Not Verified; Oracle Corporation; Oracle Express Server> S4 Oracle OLAP Agent - c:\oracle\ora90\bin\xsaagent.exe S4 OracleOraHome90Agent - c:\oracle\ora90\bin\agntsrvc.exe <Not Verified; Oracle Corporation; > S4 OracleOraHome90ClientCache - c:\oracle\ora90\bin\onrsd.exe S4 OracleOraHome90HTTPServer - c:\oracle\ora90\apache\apache\apache.exe S4 OracleOraHome90PagingServer - c:\oracle\ora90/bin/pagntsrv.exe S4 OracleOraHome90SNMPPeerEncapsulator - c:\oracle\ora90\bin\encsvc.exe S4 OracleOraHome90SNMPPeerMasterAgent - c:\oracle\ora90\bin\agntsvc.exe S4 ServiceLayer - "c:\program files\pc connectivity solution\servicelayer.exe" <Not Verified; Nokia.; PC Connectivity Solution> S4 xsSmartAgent (Visibroker Smart Agent) - c:\oracle\ora90\bin\osagent.exe -- Device Manager: Disabled ---------------------------------------------------- No disabled devices found. -- Files created between 2008-03-16 and 2008-04-16 ----------------------------- 2008-04-15 19:21:32 0 d-------- C:\Documents and Settings\vyomkesh saxena\Application Data\Grisoft 2008-04-15 19:15:40 0 d-------- C:\Program Files\Java 2008-04-15 19:15:37 0 d-------- C:\Program Files\Common Files\Java 2008-04-14 12:44:19 81984 --a------ C:\WINDOWS\system32\bdod.bin 2008-04-14 12:38:15 0 d-------- C:\Documents and Settings\All Users\Application Data\BitDefender 2008-04-14 10:02:17 0 dr-h----- C:\Documents and Settings\Administrator\Recent 2008-04-14 09:18:30 0 drahs---- C:\autorun.inf 2008-04-13 15:03:40 0 d--h----- C:\$AVG8.VAULT$ 2008-04-13 14:58:23 0 d-------- C:\WINDOWS\system32\drivers\Avg 2008-04-13 14:58:09 0 d-------- C:\Program Files\AVG 2008-04-13 14:58:08 0 d-------- C:\Documents and Settings\All Users\Application Data\avg8 2008-04-13 14:38:31 0 d-------- C:\WINDOWS\ERUNT 2008-04-13 11:52:29 68096 --a------ C:\WINDOWS\zip.exe 2008-04-13 11:52:29 49152 --a------ C:\WINDOWS\VFind.exe 2008-04-13 11:52:29 212480 --a------ C:\WINDOWS\swxcacls.exe <Not Verified; SteelWerX; SteelWerX Extended Configurator ACLists> 2008-04-13 11:52:29 136704 --a------ C:\WINDOWS\swsc.exe <Not Verified; SteelWerX; SteelWerX Service Controller> 2008-04-13 11:52:29 161792 --a------ C:\WINDOWS\swreg.exe <Not Verified; SteelWerX; SteelWerX Registry Editor> 2008-04-13 11:52:29 98816 --a------ C:\WINDOWS\sed.exe 2008-04-13 11:52:29 80412 --a------ C:\WINDOWS\grep.exe 2008-04-13 11:52:29 73728 --a------ C:\WINDOWS\fdsv.exe <Not Verified; Smallfrogs Studio; > 2008-04-12 22:09:09 0 d-------- C:\Program Files\Trend Micro 2008-04-12 21:09:29 0 d-------- C:\WINDOWS\BDOSCAN8 2008-04-12 20:18:16 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com 2008-04-12 20:18:01 0 d-------- C:\Program Files\SUPERAntiSpyware 2008-04-12 20:18:01 0 d-------- C:\Documents and Settings\Administrator\Application Data\SUPERAntiSpyware.com 2008-04-12 19:17:51 0 d-------- C:\Documents and Settings\Administrator\Application Data\Malwarebytes 2008-04-12 19:17:43 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-04-12 03:33:39 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft 2008-04-12 02:33:10 0 d-------- C:\Documents and Settings\Administrator\Application Data\Grisoft 2008-04-08 20:51:29 0 d-------- C:\Documents and Settings\Administrator\Application Data\Image Zone Express 2008-03-31 18:08:47 0 d-------- C:\Documents and Settings\Administrator\Application Data\Nokia Multimedia Player 2008-03-31 17:42:30 0 d-------- C:\Documents and Settings\Administrator\Application Data\Media Player Classic 2008-03-31 17:41:48 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer 2008-03-31 17:41:36 217088 --a------ C:\WINDOWS\system32\yv12vfw.dll <Not Verified; www.helixcommunity.org; Helix YV12 YUV Codec> 2008-03-31 17:41:36 180224 --a------ C:\WINDOWS\system32\xvidvfw.dll 2008-03-31 17:41:36 765952 --a------ C:\WINDOWS\system32\xvidcore.dll 2008-03-31 17:41:35 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll 2008-03-31 17:41:35 196608 --a------ C:\WINDOWS\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100> 2008-03-31 17:41:35 73728 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100> 2008-03-31 17:41:35 639066 --a------ C:\WINDOWS\system32\divx.dll <Not Verified; DivX, Inc.; DivX®> 2008-03-31 17:41:34 10752 --a------ C:\WINDOWS\system32\ff_vfw.dll 2008-03-31 17:41:33 0 d-------- C:\Program Files\K-Lite Codec Pack 2008-03-31 17:41:33 0 d-------- C:\Documents and Settings\All Users\Application Data\Real 2008-03-29 11:59:39 0 d-------- C:\Documents and Settings\Administrator\dwhelper 2008-03-19 18:10:34 0 d-------- C:\Documents and Settings\Administrator\Application Data\GlarySoft 2008-03-19 18:09:19 0 d-------- C:\Program Files\Registry Repair 2008-03-17 17:41:32 74703 --a------ C:\WINDOWS\system32\mfc45.dll 2008-03-17 17:41:19 0 d-------- C:\Documents and Settings\All Users\Application Data\iolo 2008-03-17 17:41:19 0 d-------- C:\Documents and Settings\Administrator\Application Data\iolo 2008-03-17 17:12:21 4212 ---h----- C:\WINDOWS\system32\zllictbl.dat 2008-03-17 17:12:02 0 d-------- C:\WINDOWS\system32\ZoneLabs 2008-03-17 17:11:12 0 d-------- C:\WINDOWS\Internet Logs 2008-03-17 17:02:09 0 d--hs---- C:\INCINERATE 2008-03-17 16:58:55 0 d-------- C:\Program Files\Common Files\Cisco Systems 2008-03-17 15:16:34 0 d-------- C:\Documents and Settings\All Users\Application Data\PC Suite 2008-03-17 15:13:13 0 d-------- C:\Program Files\DIFX 2008-03-17 15:12:29 0 d-------- C:\Program Files\Common Files\PCSuite 2008-03-17 15:12:28 0 d-------- C:\Program Files\Common Files\Nokia 2008-03-17 15:11:48 0 d-------- C:\Program Files\PC Connectivity Solution 2008-03-17 15:11:40 0 d------c- C:\WINDOWS\system32\DRVSTORE 2008-03-17 15:11:27 0 d-------- C:\Program Files\Nokia 2008-03-17 15:05:14 0 d-------- C:\Documents and Settings\All Users\Application Data\Installations -- Find3M Report --------------------------------------------------------------- 2008-04-16 19:16:22 0 d-------- C:\Program Files\Common Files 2008-04-15 14:57:36 28743 --a------ C:\WINDOWS\system32\nvModes.dat 2008-04-14 20:02:23 0 d-------- C:\Documents and Settings\Administrator\Application Data\BitTorrent 2008-04-12 04:08:33 0 d-------- C:\Documents and Settings\Administrator\Application Data\uTorrent 2008-04-12 01:39:33 107132 --a------ C:\WINDOWS\UninstallFirefox.exe 2008-04-12 01:39:31 6349 --a------ C:\WINDOWS\mozver.dat 2008-04-10 02:26:19 0 d-------- C:\Documents and Settings\Administrator\Application Data\IBM 2008-03-31 17:40:26 0 d-------- C:\Program Files\Common Files\Real 2008-03-31 17:40:10 0 d-------- C:\Documents and Settings\Administrator\Application Data\Real 2008-03-30 11:30:27 0 d-------- C:\Documents and Settings\Administrator\Application Data\AdobeUM 2008-03-17 17:25:26 0 d-------- C:\Program Files\iolo 2008-03-17 16:04:12 0 d-------- C:\Program Files\Webshots 2008-03-17 15:21:34 0 d-------- C:\Documents and Settings\Administrator\Application Data\Nokia 2008-03-17 15:21:34 8 --a------ C:\Documents and Settings\Administrator\Application Data\NMM-MetaData.db 2008-03-17 15:17:52 0 d-------- C:\Documents and Settings\Administrator\Application Data\PC Suite 2008-03-17 15:10:53 0 d--h----- C:\Program Files\InstallShield Installation Information 2008-03-13 15:08:25 0 d-------- C:\Documents and Settings\Administrator\Application Data\HP 2008-03-13 15:05:13 117421 --a------ C:\WINDOWS\hpoins11.dat 2008-03-13 14:56:27 0 d-------- C:\Program Files\HP 2008-03-13 14:53:47 0 d-------- C:\Program Files\Common Files\Sonic Shared 2008-03-13 14:53:01 0 d-------- C:\Program Files\Common Files\HP 2008-03-13 14:49:57 0 d-------- C:\Program Files\Hewlett-Packard 2008-03-13 14:48:41 0 d-------- C:\Program Files\Common Files\Hewlett-Packard 2008-03-04 10:29:14 0 d-------- C:\Documents and Settings\Administrator\Application Data\Adobe 2008-03-03 13:39:51 0 d-------- C:\Program Files\Wondershare 2008-02-20 23:16:38 0 d-------- C:\Program Files\Picasa2 2008-02-16 15:12:53 0 d-------- C:\Documents and Settings\Administrator\Application Data\Google 2008-02-16 15:11:30 0 d-------- C:\Program Files\Google -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SigmaTel StacMon"="C:\Program Files\SigmaTel\SigmaTel AC97 Audio Drivers\stacmon.exe" [04/29/2004 02:15 PM] "SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [02/05/2004 04:07 PM] "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [02/05/2004 04:07 PM] "BootSkin Startup Jobs"="C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe" [04/26/2004 04:21 PM] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [06/18/2004 01:31 PM] "Dell QuickSet"="C:\Program Files\Dell\QuickSet\Quickset.exe" [03/04/2004 08:59 PM] "Zone Labs Client"="C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe" [11/15/2003 05:20 PM] "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [04/12/2008 03:33 AM] "AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [04/13/2008 02:58 PM] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [02/22/2008 04:25 AM] [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "HideLegacyLogonScripts"=0 (0x0) "HideLogoffScripts"=0 (0x0) "RunLogonScriptSync"=1 (0x1) "RunStartupScriptSync"=1 (0x1) "HideStartupScripts"=0 (0x0) "DisableRegistryTools"=0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "HideLegacyLogonScripts"=0 (0x0) "HideLogoffScripts"=0 (0x0) "RunLogonScriptSync"=1 (0x1) "RunStartupScriptSync"=1 (0x1) "HideStartupScripts"=0 (0x0) "DisableRegistryTools"=0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "appinit_dlls"=sockspy.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^Webshots.lnk] backup=C:\WINDOWS\pss\Webshots.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk] backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Photosmart Premier Fast Start.lnk] backup=C:\WINDOWS\pss\HP Photosmart Premier Fast Start.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^RealDownload.lnk] backup=C:\WINDOWS\pss\RealDownload.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WinZip Quick Pick.lnk] backup=C:\WINDOWS\pss\WinZip Quick Pick.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCMSMMSG] BCMSMMSG.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CleanUp] C:\PROGRA~1\McAfee.com\Shared\mcappins.exe /v=3 /cleanup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\db2systray.exe DB2] C:\Program Files\IBM\SQLLIB\BIN\db2systray.exe DB2 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dla] C:\WINDOWS\system32\dla\tfswctrl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Updates] svehost.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] nwiz.exe /installquiet [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Venturi Configurator] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "gusvc"=3 (0x3) "Diskeeper"=2 (0x2) "xsSmartAgent"=3 (0x3) "ose"=3 (0x3) "ServiceLayer"=3 (0x3) "OracleOraHome90SNMPPeerMasterAgent"=3 (0x3) "OracleOraHome90SNMPPeerEncapsulator"=3 (0x3) "OracleOraHome90PagingServer"=3 (0x3) "OracleOraHome90HTTPServer"=2 (0x2) "OracleOraHome90ClientCache"=3 (0x3) "OracleOraHome90Agent"=2 (0x2) "Oracle OLAP Agent"=3 (0x3) "OLAPServer"=3 (0x3) "MDM"=2 (0x2) "McTskshd.exe"=2 (0x2) "McDetect.exe"=2 (0x2) "DB2REMOTECMD"=2 (0x2) "DB2NTSECSERVER"=2 (0x2) "DB2LICD"=2 (0x2) "DB2JDS"=2 (0x2) "DB2GOVERNOR"=3 (0x3) "DB2DWServer"=3 (0x3) "DB2DWLogger"=3 (0x3) "DB2DAS00"=2 (0x2) "DB2CTLSV-0"=2 (0x2) "DB2-0"=3 (0x3) "XCOMM"=2 (0x2) "VSSERV"=2 (0x2) "LIVESRV"=2 (0x2) "bdss"=2 (0x2) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs BthServ -- End of Deckard's System Scanner: finished at 2008-04-16 19:23:36 ------------
|
|
#48
April 16th, 2008, 09:00 AM
|
|||
|
|||
|
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post. -------------------------------------------------------------------------------- -- System Information ---------------------------------------------------------- Microsoft Windows XP Professional (build 2600) SP 2.0 Architecture: X86; Language: English CPU 0: Mobile Intel(R) Pentium(R) 4 CPU 3.20GHz CPU 1: Mobile Intel(R) Pentium(R) 4 CPU 3.20GHz Percentage of Memory in Use: 57% Physical Memory (total/avail): 511.34 MiB / 219.21 MiB Pagefile Memory (total/avail): 1248.45 MiB / 850.63 MiB Virtual Memory (total/avail): 2047.88 MiB / 1915.78 MiB C: is Fixed (NTFS) - 20.46 GiB total, 5.71 GiB free. D: is Fixed (NTFS) - 39.1 GiB total, 4.1 GiB free. E: is Fixed (NTFS) - 12.96 GiB total, 4.2 GiB free. F: is Fixed (NTFS) - 2.01 GiB total, 1.97 GiB free. G: is CDROM (No Media) \\.\PHYSICALDRIVE0 - ST980815A - 74.53 GiB - 4 partitions \PARTITION0 (bootable) - Installable File System - 20.46 GiB - C: \PARTITION1 - Extended w/Extended Int 13 - 54.07 GiB - D: - E: - F: -- Security Center ------------------------------------------------------------- AUOptions is disabled. Windows Internal Firewall is disabled. FirstRunDisabled is set. AntiVirusDisableNotify is set. FirewallDisableNotify is set. UpdatesDisableNotify is set. AV: AVG Anti-Virus v8.0 (AVG Technologies) [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\Authoriz edApplications\List] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Author izedApplications\List] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger" "C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server" "C:\\Program Files\\Google\\Google Talk\\googletalk.exe"="C:\\Program Files\\Google\\Google Talk\\googletalk.exe:*:Enabled:Google Talk" "C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent" "C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:µTorrent" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe" "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe" "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe:*:Enabled:hpqdia.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe:*:Enabled:hpqnrs08.exe" "C:\\Program Files\\AVG\\AVG8\\avgupd.exe"="C:\\Program Files\\AVG\\AVG8\\avgupd.exe:*:Enabled:avgupd.exe" "C:\\Program Files\\AVG\\AVG8\\avgemc.exe"="C:\\Program Files\\AVG\\AVG8\\avgemc.exe:*:Enabled:avgemc.exe" "C:\\Program Files\\AVG\\AVG8\\avgnsx.exe"="C:\\Program Files\\AVG\\AVG8\\avgnsx.exe:*:Enabled:avgnsx.exe" -- Environment Variables ------------------------------------------------------- ALLUSERSPROFILE=C:\Documents and Settings\All Users APPDATA=C:\Documents and Settings\Administrator\Application Data CLASSPATH=.;C:\PROGRA~1\IBM\SQLLIB\java\db2java.zip;C:\PROGRA~1\IBM\SQLLIB\java\db2jcc.jar;C:\PROGRA ~1\IBM\SQLLIB\java\sqlj.zip;C:\PROGRA~1\IBM\SQLLIB\java\db2jcc_license_cisuz.jar;C:\PROGRA~1\IBM\SQL LIB\java\db2jcc_license_cu.jar;C:\PROGRA~1\IBM\SQLLIB\bin;C:\PROGRA~1\IBM\SQLLIB\tools\db2XTrigger.j ar;C:\PROGRA~1\IBM\SQLLIB\java\common.jar CommonProgramFiles=C:\Program Files\Common Files COMPUTERNAME=MANHATTAN ComSpec=C:\WINDOWS\system32\cmd.exe DB2INSTANCE=DB2 DB2TEMPDIR=C:\PROGRA~1\IBM\SQLLIB\ FP_NO_HOST_CHECK=NO HOMEDRIVE=C: HOMEPATH=\Documents and Settings\Administrator INCLUDE=C:\PROGRA~1\IBM\SQLLIB\INCLUDE;C:\PROGRA~1\IBM\SQLLIB\LIB;C:\PROGRA~1\IBM\SQLLIB\TEMPLATES\I NCLUDE JSERV=C:\oracle\ora90/Apache/Jserv/conf LIB=;C:\PROGRA~1\IBM\SQLLIB\LIB LOGONSERVER=\\MANHATTAN NUMBER_OF_PROCESSORS=2 OLAP_HOME=C:\oracle\ora90\olap OS=Windows_NT Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\Program Files\PC Connectivity Solution;C:\oracle\ora90\bin;C:\oracle\ora90\Apache\Perl\5.00503\bin\mswin32-x86;C:\Program Files\Oracle\jre\1.1.8\bin;C:\PROGRA~1\IBM\SQLLIB\BIN;C:\PROGRA~1\IBM\SQLLIB\FUNCTION;C:\PROGRA~1\IB M\SQLLIB\SAMPLES\REPL PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH PROCESSOR_ARCHITECTURE=x86 PROCESSOR_IDENTIFIER=x86 Family 15 Model 4 Stepping 1, GenuineIntel PROCESSOR_LEVEL=15 PROCESSOR_REVISION=0401 ProgramFiles=C:\Program Files PROMPT=$P$G SESSIONNAME=Console SystemDrive=C: SystemRoot=C:\WINDOWS TEMP=C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp TMP=C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp USERDOMAIN=MANHATTAN USERNAME=Administrator USERPROFILE=C:\Documents and Settings\Administrator VWSPATH=C:\PROGRA~1\IBM\SQLLIB VWS_LOGGING=C:\PROGRA~1\IBM\SQLLIB\LOGGING VWS_TEMPLATES=C:\PROGRA~1\IBM\SQLLIB\TEMPLATES windir=C:\WINDOWS WV_GATEWAY_CFG=C:\oracle\ora90\Apache\modplsql\cfg\wdbsvr.app -- User Profiles --------------------------------------------------------------- vyomkesh saxena (admin) Administrator (admin) -- Add/Remove Programs --------------------------------------------------------- --> C:\WINDOWS\system32\\MSIEXEC.EXE /I {09DA4F91-2A09-4232-AB8C-6BC740096DE3} REMOVE=UpdateMgrFeature --> C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6} --> C:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19} --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\UninstFl.exe -q Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Reader 6.0.1 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A00000000001} Applian FLV Player --> "C:\WINDOWS\Applian FLV Player\uninstall.exe" "/U:C:\Program Files\FLV Player\Uninstall\uninstall.xml" AVG 8.0 --> C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe BCM V.92 56K Modem --> C:\WINDOWS\BCMSMU.exe quiet BitTorrent --> "C:\Program Files\BitTorrent\BitTorrent.exe" /UNINSTALL BootSkin --> C:\PROGRA~1\Stardock\WINCUS~1\BootSkin\UNWISE.EXE C:\PROGRA~1\Stardock\WINCUS~1\BootSkin\INSTALL.LOG Broadcom 440x 10/100 Integrated Controller --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{52504CE6-E909-4113-B232-4AFEC6543A61} /l1033 DB2 Enterprise Server Edition --> MsiExec.exe /I{D8F53726-C7AD-11D4-9155-00203586D551} Dell Resource CD --> MsiExec.exe /X{42929F0F-CE14-47AF-9FC7-FF297A603021} Glarysoft Registry Repair 2.7 --> "C:\Program Files\Registry Repair\unins000.exe" Google Earth --> MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72} Google Talk (remove only) --> "C:\Program Files\Google\Google Talk\uninstall.exe" HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall HP Customer Participation Program 7.0 --> C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat HP Document Viewer 7.0 --> C:\Program Files\HP\Digital Imaging\DocumentViewer\hpzscr01.exe -datfile hpqbud04.dat HP Imaging Device Functions 7.0 --> C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat HP Photosmart Essential --> MsiExec.exe /X{6994491D-D491-48F1-AE1F-E179C1FFFC2F} HP Photosmart Premier Software 6.5 --> C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat HP Photosmart, Officejet and Deskjet 7.0.A --> C:\Program Files\HP\Digital Imaging\{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}\setup\hpzscr01.exe -datfile hposcr11.dat HP Software Update --> MsiExec.exe /X{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E} HP Solution Center 7.0 --> C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat IsoBuster 1.2 --> "C:\Program Files\Smart Projects\IsoBuster\Uninst\unins000.exe" Java(TM) 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050} Jetfighter V Homeland Protector --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{43E05D0C-E145-4FF4-A749-EAF822DBDCA4} K-Lite Mega Codec Pack 2.01 --> "C:\Program Files\K-Lite Codec Pack\unins000.exe" Kundli for Windows (Lite Edition) --> C:\WINDOWS\uninst.exe -f"C:\Program Files\Computer Zone\Kundli for Windows (Lite Edition)\DeIsL1.isu" -c"C:\Program Files\Computer Zone\Kundli for Windows (Lite Edition)\_ISREG32.DLL" Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9} Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Mojo Master Winamp Visualizer for Winamp (remove only) --> "C:\Program Files\Winamp\uninst-vis_MojoMaster.dll.exe" Mozilla Firefox (2.0.0.6) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSVC80_x86 --> MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27} Nokia Connectivity Cable Driver --> MsiExec.exe /X{0A3D3C54-2EC0-4D67-B265-FF17926E6D67} Nokia PC Suite --> C:\Documents and Settings\All Users\Application Data\Installations\{29466F9C-7C6A-419C-B301-F440FAF78760}\Nokia_PC_Suite_rel_6_85_14_1_eng.exe Nokia PC Suite --> MsiExec.exe /I{29466F9C-7C6A-419C-B301-F440FAF78760} NVIDIA Drivers --> C:\WINDOWS\system32\nvudisp.exe UninstallGUI OCR Software by I.R.I.S 7.0 --> C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat PC Connectivity Solution --> MsiExec.exe /I{BA084E7C-8ABA-4670-BDE8-B85E689A5C1B} Picasa 2 --> "C:\Program Files\Picasa2\Uninstall.exe" PowerDVD 5.1 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall PowerQuest PartitionMagic 7.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1E5007FA-DA5E-4EDD-BDE5-14D128D66887}\SETUP.EXE" QuickSet --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C5074CC4-0E26-4716-A307-960272A90040}\setup.exe" -l0x9 UNINSTALL SigmaTel AC97 Audio Drivers --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7959721D-8268-4565-9E0E-C41A9F4848A9}\setup.exe" -l0x9 -nodialog -uninstall Sonic DLA --> MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6} Sonic RecordNow! --> MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19} Sonic Update Manager --> MsiExec.exe /I{09DA4F91-2A09-4232-AB8C-6BC740096DE3} Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall VideoLAN VLC media player 0.8.2 --> C:\Program Files\VideoLAN\VLC\uninstall.exe Winamp (remove only) --> "C:\Program Files\Winamp\UninstWA.exe" Windows Driver Package - Nokia Modem (08/03/2007 6.84.0.2) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_1EB5F2E6F54A6BEDE9F436D1BA5D830FC71739BE\nokbtmdm.inf Windows Driver Package - Nokia Modem (10/12/2007 3.6) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_0A5D98F754C6588B2E3DDE89DDEF097075ADFFB7\nokia_bluetooth.inf WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe WinZip --> "C:\Program Files\WinZip\WINZIP32.EXE" /uninstall Wondershare Photo Collage Studio (4.2.0) Trial Version --> "C:\Program Files\Wondershare\Photo Collage Studio\unins000.exe" Yahoo! Messenger --> C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG ZoneAlarm Pro --> C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe -- Application Event Log ------------------------------------------------------- Event Record #/Type1394 / Error Event Submitted/Written: 04/16/2008 01:17:16 PM Event ID/Source: 1000 / Application Error Event Description: Faulting application firefox.exe, version 1.8.20080.31114, faulting module xpcom_core.dll, version 1.8.20080.31114, fault address 0x0000179e. Processing media-specific event for [firefox.exe!ws!] Event Record #/Type1393 / Error Event Submitted/Written: 04/16/2008 01:12:24 PM Event ID/Source: 1000 / Application Error Event Description: Faulting application firefox.exe, version 1.8.20080.31114, faulting module unknown, version 0.0.0.0, fault address 0x04809363. Processing media-specific event for [firefox.exe!ws!] Event Record #/Type1392 / Error Event Submitted/Written: 04/16/2008 00:12:46 PM Event ID/Source: 1000 / Application Error Event Description: Faulting application firefox.exe, version 1.8.20080.31114, faulting module xpcom_core.dll, version 1.8.20080.31114, fault address 0x00049c4e. Processing media-specific event for [firefox.exe!ws!] Event Record #/Type1391 / Error Event Submitted/Written: 04/16/2008 00:02:11 PM Event ID/Source: 1001 / Application Error Event Description: Fault bucket 692238662. The Wep key exchange did not result in a secure connection setup after 802.1x authentication. The current setting has been marked as failed and the Wireless connection will be disconnected. Event Record #/Type1390 / Error Event Submitted/Written: 04/16/2008 00:01:58 PM Event ID/Source: 1000 / Application Error Event Description: Faulting application firefox.exe, version 1.8.20080.31114, faulting module unknown, version 0.0.0.0, fault address 0x00000000. Processing media-specific event for [firefox.exe!ws!] -- Security Event Log ---------------------------------------------------------- No Errors/Warnings found. -- System Event Log ------------------------------------------------------------ Event Record #/Type9319 / Error Event Submitted/Written: 04/16/2008 07:17:32 PM Event ID/Source: 7000 / Service Control Manager Event Description: The BDRsDrv service failed to start due to the following error: %%2 Event Record #/Type9318 / Error Event Submitted/Written: 04/16/2008 07:17:32 PM Event ID/Source: 7000 / Service Control Manager Event Description: The BDFsDrv service failed to start due to the following error: %%2 Event Record #/Type9310 / Error Event Submitted/Written: 04/16/2008 06:25:51 PM Event ID/Source: 10005 / DCOM Event Description: DCOM got error "%%1058" attempting to start the service MDM with arguments "" in order to run the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064} Event Record #/Type9309 / Warning Event Submitted/Written: 04/16/2008 06:09:26 PM Event ID/Source: 4226 / Tcpip Event Description: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts. Event Record #/Type9308 / Error Event Submitted/Written: 04/16/2008 06:00:06 PM Event ID/Source: 7 / Disk Event Description: The device, \Device\Harddisk0\D, has a bad block. -- End of Deckard's System Scanner: finished at 2008-04-16 19:23:36 ------------
|
|
#49
April 17th, 2008, 08:49 PM
|
||||
|
||||
|
Sorry to take so long. ust a final tidy up here.
* Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the Quote box below: Quote:
* Save this as CFScript.txt and place it on your desktop.  * Referring to the screenshot above, drag CFScript.txt into ComboFix.exe. * ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal. * When finished, it will produce a log for you. Copy and paste the contents of the log in your next reply. CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall. Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system. Also tell me how things are running.
|
|
#50
April 20th, 2008, 02:38 PM
|
|||
|
|||
|
ComboFix 08-04-18.3 - Administrator 2008-04-19 12:53:50.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.109 [GMT 5.5:30] Running from: C:\Documents and Settings\Administrator\Desktop\Combo-Fix.exe Command switches used :: C:\Documents and Settings\Administrator\Desktop\CFScript.txt * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Program Files\iolo C:\Program Files\iolo\System Mechanic 5 Professional\BACKUP\Incinerator.001 C:\Program Files\iolo\System Mechanic 5 Professional\BACKUP\Incinerator.dll C:\Program Files\iolo\System Mechanic 5 Professional\Duplicate_Files.txt C:\Program Files\iolo\System Mechanic 5 Professional\Manual_Dupes_Log.txt C:\Program Files\iolo\System Mechanic 5 Professional\Manual_Junk_Log.txt C:\Program Files\iolo\System Mechanic 5 Professional\Manual_Privacy_Log.txt C:\Program Files\iolo\System Mechanic 5 Professional\Manual_Registry_Log.txt C:\Program Files\iolo\System Mechanic 5 Professional\Manual_SpyHunter_Log.txt C:\Program Files\iolo\System Mechanic 5 Professional\Netbooster_Log.txt C:\Program Files\iolo\System Mechanic 5 Professional\New_Duplicate_Files.txt C:\Program Files\iolo\System Mechanic 5 Professional\Registry\command.dat C:\Program Files\iolo\System Mechanic 5 Professional\Registry\Last\default C:\Program Files\iolo\System Mechanic 5 Professional\Registry\Last\restore.bat C:\Program Files\iolo\System Mechanic 5 Professional\Registry\Last\SAM C:\Program Files\iolo\System Mechanic 5 Professional\Registry\Last\SECURITY C:\Program Files\iolo\System Mechanic 5 Professional\Registry\Last\software C:\Program Files\iolo\System Mechanic 5 Professional\Registry\Last\system C:\Program Files\iolo\System Mechanic 5 Professional\sguard.dat C:\Program Files\iolo\System Mechanic 5 Professional\Spython\prstctrl.tmp C:\Program Files\iolo\System Mechanic 5 Professional\StartUp\Original_StartUp_Profile.cfg C:\Program Files\iolo\System Mechanic 5 Professional\Undo\Manual\{141D1CDB-1E71-40E9-ABEC-90F15A56ADBB}.und C:\Program Files\iolo\System Mechanic 5 Professional\Undo\Manual\{141D1CDB-1E71-40E9-ABEC-90F15A56ADBB}\{15DBB723-53CA-42F2-ACAE-B9FB226C3250}.MP3 C:\Program Files\iolo\System Mechanic 5 Professional\Undo\Manual\{141D1CDB-1E71-40E9-ABEC-90F15A56ADBB}\{1ACBCECA-033A-454F-B02B-A675E2F4627E}.MP3 C:\Program Files\iolo\System Mechanic 5 Professional\Undo\Manual\{141D1CDB-1E71-40E9-ABEC-90F15A56ADBB}\{29514D33-26F7-4511-B3D9-191B6BFF735D}.mp3 C:\Program Files\iolo\System Mechanic 5 Professional\Undo\Manual\{141D1CDB-1E71-40E9-ABEC-90F15A56ADBB}\{3F6884D4-A83D-451E-ACE2-9E3CB2CB3990}.MP3 C:\Program Files\iolo\System Mechanic 5 Professional\Undo\Manual\{141D1CDB-1E71-40E9-ABEC-90F15A56ADBB}\{54682A3A-D208-41C6-91DC-91BF85F439EC}.mp3 C:\Program Files\iolo\System Mechanic 5 Professional\Undo\Manual\{141D1CDB-1E71-40E9-ABEC-90F15A56ADBB}\{55EB9676-E816-4BE2-BF40-AFE21CFAA489}.mp3 C:\Program Files\iolo\System Mechanic 5 Professional\Undo\Manual\{141D1CDB-1E71-40E9-ABEC-90F15A56ADBB}\{55EDB884-F666-4EF5-BB8B-B922E8AD1961}.MP3 C:\Program Files\iolo\System Mechanic 5 Professional\Undo\Manual\{141D1CDB-1E71-40E9-ABEC-90F15A56ADBB}\{5861AE19-08B6-43F0-9F26-E478E4D35B03}.MP3 C:\Program Files\iolo\System Mechanic 5 Professional\Undo\Manual\{141D1CDB-1E71-40E9-ABEC-90F15A56ADBB}\{59147CA6-8808-4677-807F-6DF6CEFA7259}.mp3 C:\Program Files\iolo\System Mechanic 5 Professional\Undo\Manual\{141D1CDB-1E71-40E9-ABEC-90F15A56ADBB}\{680AB8EE-FF1E-4214-9E31-F9C8919B732C}.mp3 C:\Program Files\iolo\System Mechanic 5 Professional\Undo\Manual\{141D1CDB-1E71-40E9-ABEC-90F15A56ADBB}\{781DC195-F1A3-4915-85C4-5548F14B05BB}.MP3 C:\Program Files\iolo\System Mechanic 5 Professional\Undo\Manual\{141D1CDB-1E71-40E9-ABEC-90F15A56ADBB}\{8ED8B5E5-1BD5-4037-B819-45A62CAE5DB3}.mp3 C:\Program Files\iolo\System Mechanic 5 Professional\Undo\Manual\{141D1CDB-1E71-40E9-ABEC-90F15A56ADBB}\{9035D9E7-9C1E-4187-B646-6B2F70432DF0}.MP3 C:\Program Files\iolo\System Mechanic 5 Professional\Undo\Manual\{141D1CDB-1E71-40E9-ABEC-90F15A56ADBB}\{9982F5BE-C5C0-473F-BB0B-CE36189CFB58}.mp3 C:\Program Files\iolo\System Mechanic 5 Professional\Undo\Manual\{141D1CDB-1E71-40E9-ABEC-90F15A56ADBB}\{AC6D1303-C9A8-46CC-A0CC-F774DDB29D4E}.mp3 C:\Program Files\iolo\System Mechanic 5 Professional\Undo\Manual\{141D1CDB-1E71-40E9-ABEC-90F15A56ADBB}\{BB8175C0-5433-427B-AACD-23DEB4A6DE09}.MP3 C:\Program Files\iolo\System Mechanic 5 Professional\Undo\Manual\{141D1CDB-1E71-40E9-ABEC-90F15A56ADBB}\{C059CBAC-7C55-4F9F-A36E-B97277EB9A0D}.MP3 C:\Program Files\iolo\System Mechanic 5 Professional\Undo\Manual\{141D1CDB-1E71-40E9-ABEC-90F15A56ADBB}\{CC31A4AE-AB2C-403A-B3DB-9D84616453D9}.MP3 C:\Program Files\iolo\System Mechanic 5 Professional\Undo\Manual\{141D1CDB-1E71-40E9-ABEC-90F15A56ADBB}\{CC45C179-233E-493D-AEBE-63D930731D47}.MP3 C:\Program Files\iolo\System Mechanic 5 Professional\Undo\Manual\{141D1CDB-1E71-40E9-ABEC-90F15A56ADBB}\{D526A8AC-94D2-4809-91EA-1A3463E25DD2}.mp3 C:\Program Files\iolo\System Mechanic 5 Professional\Undo\Manual\{141D1CDB-1E71-40E9-ABEC-90F15A56ADBB}\{DA94EA27-D767-4A50-8D1E-38D3AE048EDD}.mp3 C:\Program Files\iolo\System Mechanic 5 Professional\Undo\Manual\{141D1CDB-1E71-40E9-ABEC-90F15A56ADBB}\{DE65A628-55F2-46FD-9028-3C2DCC75164B}.MP3 C:\Program Files\iolo\System Mechanic 5 Professional\Undo\Manual\{141D1CDB-1E71-40E9-ABEC-90F15A56ADBB}\{E3245934-E7C3-49E8-87A7-535C4567F478}.MP3 C:\Program Files\iolo\System Mechanic 5 Professional\Undo\Manual\{141D1CDB-1E71-40E9-ABEC-90F15A56ADBB}\{EDEC042A-1741-40F5-8A67-9537B2AA9CF9}.mp3 C:\Program Files\iolo\System Mechanic 5 Professional\Undo\Manual\{141D1CDB-1E71-40E9-ABEC-90F15A56ADBB}\{F10DDD3D-9879-41FD-B48C-86BC32F1DF3C}.mp3 C:\Program Files\iolo\System Mechanic 5 Professional\Undo\Manual\{141D1CDB-1E71-40E9-ABEC-90F15A56ADBB}\{F33570F6-1C0A-4DEE-9BB3-AC08DAB2CE0B}.mp3 C:\Program Files\iolo\System Mechanic 5 Professional\Undo\Manual\{16849961-415F-4CEE-B08E-AB532C559D75}.und C:\Program Files\iolo\System Mechanic 5 Professional\Undo\Manual\{1E84F3BF-C0B9-45CC-BD97-51CCE227085F}.und C:\Program Files\iolo\System Mechanic 5 Professional\Undo\Manual\{34E37A99-D90A-4666-957E-0A0D20E06D1C}.und C:\Program Files\iolo\System Mechanic 5 Professional\Undo\Manual\{42611BE1-AF3E-42C2-86F3-F4591E36A604}.und C:\Program Files\iolo\System Mechanic 5 Professional\Undo\Manual\{87BB88F6-BFDC-4B01-BE09-A06AF8E6F2C5}.und C:\Program Files\iolo\System Mechanic 5 Professional\Undo\Manual\{B737C899-A1F2-460E-BB2A-198E9B3D776D}.und C:\Program Files\iolo\System Mechanic 5 Professional\Undo\Manual\{B737C899-A1F2-460E-BB2A-198E9B3D776D}\{787E4524-3A98-4507-9804-5E00506AB1EE}.wma C:\Program Files\iolo\System Mechanic 5 Professional\Undo\Manual\{CEF3C9D6-5D28-4DF2-B2D9-0833B414B1BC}.und C:\Program Files\iolo\System Mechanic 5 Professional\Undo\Manual\{D4C0731E-7B07-49D3-BEFE-C5E53E9D707C}.und C:\Program Files\iolo\System Mechanic 5 Professional\Undo\Manual\{D4C0731E-7B07-49D3-BEFE-C5E53E9D707C}\{0291BF13-43A7-4FB2-871F-A0FA5BB5DBA6}.mp3 C:\Program Files\iolo\System Mechanic 5 Professional\Undo\Manual\{D4C0731E-7B07-49D3-BEFE-C5E53E9D707C}\{6BF289AB-D0DC-4273-A72C-2A122508D960}.mp3 C:\Program Files\iolo\System Mechanic 5 Professional\Undo\Manual\{D4C0731E-7B07-49D3-BEFE-C5E53E9D707C}\{7FA0DB73-B047-4585-A329-7467D7858169}.mp3 C:\Program Files\iolo\System Mechanic 5 Professional\Undo\Manual\{D4C0731E-7B07-49D3-BEFE-C5E53E9D707C}\{8201B40A-711E-45FC-9FE8-02059D57C487}.mp3 C:\Program Files\iolo\System Mechanic 5 Professional\Undo\Manual\{D4C0731E-7B07-49D3-BEFE-C5E53E9D707C}\{E287A8CF-E436-4D45-B8C4-1C6EABC8C283}.mp3 C:\Program Files\iolo\System Mechanic 5 Professional\Undo\Manual\{D4C0731E-7B07-49D3-BEFE-C5E53E9D707C}\{F0DAAF02-25ED-44AA-9FD6-5EBC0EFF2213}.mp3 C:\Program Files\iolo\System Mechanic 5 Professional\WebUpdate\update5.inf C:\Program Files\Webshots C:\Program Files\Webshots\upgraded_from.txt
|
|
#51
April 20th, 2008, 02:39 PM
|
|||
|
|||
|
((((((((((((((((((((((((( Files Created from 2008-03-19 to 2008-04-19 ))))))))))))))))))))))))))))))) . 2008-04-16 19:19 . 2008-04-16 19:19 <DIR> d-------- C:\Deckard 2008-04-15 19:21 . 2008-04-15 19:21 <DIR> d-------- C:\Documents and Settings\vyomkesh saxena\Application Data\Grisoft 2008-04-15 19:16 . 2008-02-22 02:33 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl 2008-04-15 19:15 . 2008-04-15 19:16 <DIR> d-------- C:\Program Files\Java 2008-04-15 19:15 . 2008-04-15 19:15 <DIR> d-------- C:\Program Files\Common Files\Java 2008-04-14 12:44 . 2008-04-15 14:50 81,984 --a------ C:\WINDOWS\system32\bdod.bin 2008-04-14 12:38 . 2008-04-16 19:17 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\BitDefender 2008-04-14 12:37 . 2008-04-16 19:17 <DIR> d-------- C:\Program Files\Common Files\Softwin 2008-04-13 15:03 . 2008-04-17 13:59 <DIR> d--h----- C:\$AVG8.VAULT$ 2008-04-13 14:58 . 2008-04-19 10:25 <DIR> d-------- C:\WINDOWS\system32\drivers\Avg 2008-04-13 14:58 . 2008-04-13 14:58 <DIR> d-------- C:\Program Files\AVG 2008-04-13 14:58 . 2008-04-13 14:58 <DIR> d-------- C:\Documents and |
Del.icio.us
Digg
Google
Spurl
Blink
Furl
Simpy
Y! MyWeb
