Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

hackings.cn

Started by anujijnu , Jul 14 2007 10:21 AM

  • Please log in to reply

#1
anujijnu
Posted 14 July 2007 - 10:21 AM

anujijnu

    New Member

  • Member
  • Pip
  • 2 posts
For the past few days, I've noticed that whenever I load a website in Internet Explorer
6, the status bar shows "Waiting for [url="http://www.hackings.cn""]http://www.hackings.cn"[/url] for a couple of seconds
before showing "Waiting for [whatever site I'm trying to load]"

I tried searching about this on the internet, but for some strange reason, there's
not much information about this. At least not in English: http://www.google.co...G=Google Search

Apparently, I'm not the only one who has this problem: http://answers.yahoo...i...HQCL&show=7

And the only "information" I could find on this "hackings.cn" thing is this: http://www.avira.com...nerability.html

I've tried AVG Anti-Virus and ZoneAlarm, but they've caught nothing. I've updated
my Windows with all the updates available.

I don't know what more to do.

Does anyone know about this?
when i try to use few tools mention on the first page of this site to scan my computer.
None of them can be downloades as i click on the link it says -
You are not authorized to view this page.

Plz help me in this regardl.
  • 0

Advertisements

#2
jwbirdsong
Posted 14 July 2007 - 12:53 PM

jwbirdsong

    Trusted Helper

  • Retired Staff
  • 668 posts
See if you can download and get a log from the following.

Download
Deckard's System Scanner (DSS) to your Desktop. Note: You must be logged onto an account with administrator privileges.

1. Close all applications and windows.
2. Double-click on dss.exe to run it, and follow the prompts.
3. When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt<-this one will be minimized
4. Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt and the extra.txt to your post in your reply
  • 0

#3
anujijnu
Posted 14 July 2007 - 10:47 PM

anujijnu

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
I did run the DSS.exe
here are the results.
Main

Deckard's System Scanner v20070711.54
Run by Anuj on 2007-07-15 at 01:52:45
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 2 Restore Point(s) --
2: 2007-07-14 20:22:48 UTC - RP19 - Deckard's System Scanner Restore Point
1: 2007-07-14 19:49:45 UTC - RP18 - anuj14-7


Backed up registry hives.

Performed disk cleanup.


-- HijackThis Clone ------------------------------------------------------------

Emulating logfile of HijackThis v1.99.1
Scan saved at 2007-07-15 01:54:10
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (6.00.2900.2180)

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG7\avgamsvr.exe
C:\Program Files\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\CTSVCCDA.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\ZoneLabs\isafe.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Zone Labs\ZoneAlarm\MailFrontier\mantispm.exe
C:\Program Files\eLitecore\Cyberoam Client for 24Online\CyberoamClient.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Documents and Settings\Anuj\Desktop\soft\dss.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [OrderReminder] C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = C:\WINDOWS\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Acrobat.exe
O4 - Global Startup: Adobe Acrobat Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: 24Online Client.lnk = C:\Program Files\eLitecore\Cyberoam Client for 24Online\CyberoamClient.exe
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\SYSTEM\CCS\Services\Tcpip\..\{D6378858-9FA5-49FA-BB24-8EDA40D05969}: NameServer = 172.16.100.1
O18 - Protocol: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL
O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG7\avgemc.exe
O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - C:\WINDOWS\system32\ZoneLabs\isafe.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSVCCDA.EXE
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - "C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe"


-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 ENO - c:\windows\system32\drivers\eno.sys <Not Verified; PCAUSA; ndishk>
R1 VET-FILT (VET File System Filter) - c:\windows\system32\drivers\vet-filt.sys
R1 VET-REC (VET File System Recognizer) - c:\windows\system32\drivers\vet-rec.sys


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R3 CAISafe (CA ISafe) - c:\windows\system32\zonelabs\isafe.exe <Not Verified; Computer Associates International, Inc.; ISafe>
R3 FLEXnet Licensing Service - "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)>


-- Files created between 2007-06-15 and 2007-07-15 -----------------------------

2007-07-15 01:51:40 0 d-------- C:\!KillBox
2007-07-15 00:52:06 0 d-------- C:\Documents and Settings\Anuj\Application Data\Help
2007-07-14 23:48:33 0 d-------- C:\Documents and Settings\Anuj\Application Data\AVG7
2007-07-14 23:48:03 0 d-------- C:\Documents and Settings\LocalService\Application Data\AVG7
2007-07-14 23:47:54 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-07-14 23:47:54 0 d-------- C:\Documents and Settings\All Users\Application Data\avg7
2007-07-14 21:28:28 0 d---s---- C:\Documents and Settings\Anuj\UserData
2007-07-14 18:36:31 0 d-------- C:\Documents and Settings\Anuj\Application Data\CyberLink
2007-07-14 18:35:21 0 d-------- C:\Documents and Settings\All Users\Application Data\CyberLink
2007-07-14 18:30:04 364544 -----n--- C:\WINDOWS\system32\TwnLib4.dll <Not Verified; Pegasus Imaging Corp.; TwnLib4>
2007-07-14 18:30:04 106496 --a------ C:\WINDOWS\system32\TwnLib20.dll <Not Verified; Pegasus Software; TWNLIB20>
2007-07-14 18:30:01 471040 -----n--- C:\WINDOWS\system32\ImagXRA7.dll <Not Verified; Pegasus Imaging Corp.; ImagXpress7>
2007-07-14 18:30:01 262144 -----n--- C:\WINDOWS\system32\ImagXR7.dll <Not Verified; Pegasus Imaging Corp.; ImagXpress7>
2007-07-14 18:30:01 1568768 -----n--- C:\WINDOWS\system32\ImagX7.dll <Not Verified; Pegasus Imaging Corp.; ImagXpress7>
2007-07-14 18:29:49 155648 --a------ C:\WINDOWS\system32\NeroCheck.exe <Not Verified; Ahead Software Gmbh; Ahead Software Gmbh NeroCheck>
2007-07-14 18:29:43 0 d-------- C:\Program Files\Common Files\Ahead
2007-07-14 18:29:40 0 d-------- C:\Program Files\Ahead
2007-07-14 18:28:55 0 d-------- C:\Program Files\CyberLink
2007-07-14 18:28:37 40960 --a------ C:\Program Files\Uninstall_CDS.exe
2007-07-14 18:28:35 0 d-------- C:\Program Files\CyberLink DVD Solution
2007-07-14 18:19:01 0 d-------- C:\WINDOWS\system32\appmgmt
2007-07-14 18:05:06 143360 -ra------ C:\WINDOWS\apptune1020.exe <Not Verified; Zenographics; Zenographics apptune>
2007-07-14 18:05:02 0 d-------- C:\Program Files\Hewlett-Packard
2007-07-14 18:05:01 0 d--h----- C:\Program Files\Zenographics
2007-07-14 17:58:11 53552 -----n--- C:\WINDOWS\CTCCW.DLL <Not Verified; Creative® Technology Ltd.; Custom Control for Windows>
2007-07-14 17:58:10 40960 -----n--- C:\WINDOWS\system32\AC3API.DLL <Not Verified; Creative Technology Ltd; AC3 API Library>
2007-07-14 17:58:09 1048576 -----n--- C:\WINDOWS\system32\SFMAN.DAT
2007-07-14 17:58:09 26768 -----n--- C:\WINDOWS\system32\CTL3D.DLL <Not Verified; Microsoft Corporation; 3D Windows Control>
2007-07-14 17:58:07 24576 --a------ C:\WINDOWS\system32\CTDevCRes.dll <Not Verified; Creative Technology Ltd; Audio Device Control>
2007-07-14 17:57:10 0 d-------- C:\WINDOWS\system32\Data
2007-07-14 17:57:10 20480 --a------ C:\WINDOWS\INRES.DLL <Not Verified; Creative Technology Ltd; Creative Audio Product>
2007-07-14 17:57:08 24576 --a------ C:\WINDOWS\MIXERDEF.EXE <Not Verified; Creative Technology Ltd; Creative Audio Product>
2007-07-14 17:57:08 61440 --a------ C:\WINDOWS\MIDIDEF.EXE <Not Verified; Creative Technology Ltd; Creative Audio Product>
2007-07-14 17:56:34 0 d-------- C:\WINDOWS\RegisteredPackages
2007-07-14 17:56:12 0 d-------- C:\Media
2007-07-14 17:56:11 54784 -----n--- C:\WINDOWS\system32\INETWH32.DLL <Not Verified; Blue Sky Software Corporation.; Blue Sky Software - INETWH32>
2007-07-14 17:56:00 25088 --a------ C:\WINDOWS\system32\CTSVCCTL.EXE <Not Verified; Creative Technology Ltd; Creative Service Control>
2007-07-14 17:56:00 44032 --a------ C:\WINDOWS\system32\CTSVCCDA.EXE <Not Verified; Creative Technology Ltd; Creative Service for CDROM Access>
2007-07-14 17:55:39 0 d-------- C:\Documents and Settings\All Users\Application Data\Creative
2007-07-14 17:54:41 0 d-------- C:\Program Files\Creative
2007-07-14 13:52:51 0 d-------- C:\Program Files\Flash Player Pro
2007-07-14 13:51:06 0 d-------- C:\POD
2007-07-14 13:51:00 247648 --a------ C:\WINDOWS\UNINST16.EXE <Not Verified; InstallShield Corporation, Inc.; InstallShield unInstaller>
2007-07-14 13:51:00 26768 --a------ C:\WINDOWS\system\CTL3D.DLL <Not Verified; Microsoft Corporation; 3D Windows Control>
2007-07-14 13:50:51 0 d-------- C:\Documents and Settings\Anuj\WINDOWS
2007-07-14 13:50:07 0 d-------- C:\Program Files\LizardTech
2007-07-14 13:50:07 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-07-14 13:49:07 0 d-------- C:\Program Files\VideoLAN
2007-07-14 00:00:46 306688 --a------ C:\WINDOWS\IsUninst.exe <Not Verified; InstallShield Software Corporation; InstallShield® unInstaller>
2007-07-13 20:22:29 0 d-------- C:\Documents and Settings\Anuj\Application Data\Azureus
2007-07-13 20:16:32 0 d-------- C:\Program Files\Common Files\Java
2007-07-13 20:02:03 0 d-------- C:\Program Files\netbeans-5.5
2007-07-13 20:02:03 0 d-------- C:\Program Files\Java
2007-07-13 19:58:56 0 d-------- C:\Documents and Settings\Anuj\Application Data\WinRAR
2007-07-13 19:57:33 0 d-------- C:\Program Files\Azureus
2007-07-13 19:37:55 0 d-------- C:\Documents and Settings\Anuj\Application Data\Adobe
2007-07-13 19:37:48 0 d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet
2007-07-13 19:37:44 0 d-------- C:\Program Files\Common Files\Macrovision Shared
2007-07-13 19:31:19 0 d-------- C:\WINDOWS\CAVTemp
2007-07-13 19:30:57 0 d-------- C:\Program Files\Common Files\Adobe
2007-07-13 19:30:57 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2007-07-13 19:25:36 0 d-------- C:\Program Files\Microsoft ActiveSync
2007-07-13 19:20:44 0 d-------- C:\WINDOWS\ShellNew
2007-07-13 19:20:43 0 d-------- C:\Program Files\Common Files\L&H
2007-07-13 18:53:05 0 d--hs---- C:\Recycled
2007-07-13 18:41:08 0 d-------- C:\WINDOWS\Prefetch
2007-07-13 17:58:50 0 d-------- C:\Program Files\Common Files\InstallShield
2007-07-13 17:57:06 5824 --a------ C:\WINDOWS\system32\drivers\ASUSHWIO.SYS
2007-07-13 17:55:37 0 d-------- C:\Documents and Settings\Anuj\Application Data\MailFrontier
2007-07-13 17:52:08 4212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2007-07-13 17:51:50 11264 --a------ C:\WINDOWS\system32\SpOrder.dll <Not Verified; Microsoft Corporation; Microsoft® Windows NT™ Operating System>
2007-07-13 17:51:48 12288 --a------ C:\WINDOWS\system32\vetntmsg.dll
2007-07-13 17:51:48 15668 --a------ C:\WINDOWS\system32\drivers\vet-rec.sys
2007-07-13 17:51:48 21605 --a------ C:\WINDOWS\system32\drivers\vet-filt.sys
2007-07-13 17:51:48 77824 --a------ C:\WINDOWS\system32\driverif.dll <Not Verified; Computer Associates International, Inc.; CA driverif>
2007-07-13 17:51:44 0 d-------- C:\WINDOWS\system32\ZoneLabs
2007-07-13 17:51:14 0 d-------- C:\WINDOWS\Internet Logs
2007-07-13 17:47:40 132608 --a------ C:\WINDOWS\UnGins.exe
2007-07-13 17:47:39 0 d-------- C:\Program Files\eLitecore
2007-07-13 17:42:43 0 d-------- C:\Documents and Settings\Anuj\Application Data\Identities
2007-07-13 17:42:37 0 d--h----- C:\Documents and Settings\Anuj\Templates
2007-07-13 17:42:37 0 dr------- C:\Documents and Settings\Anuj\Start Menu
2007-07-13 17:42:37 0 dr-h----- C:\Documents and Settings\Anuj\SendTo
2007-07-13 17:42:37 0 dr-h----- C:\Documents and Settings\Anuj\Recent
2007-07-13 17:42:37 0 d--h----- C:\Documents and Settings\Anuj\PrintHood
2007-07-13 17:42:37 1310720 --ah----- C:\Documents and Settings\Anuj\NTUSER.DAT
2007-07-13 17:42:37 0 d--h----- C:\Documents and Settings\Anuj\NetHood
2007-07-13 17:42:37 0 dr------- C:\Documents and Settings\Anuj\My Documents
2007-07-13 17:42:37 0 d--h----- C:\Documents and Settings\Anuj\Local Settings
2007-07-13 17:42:37 0 dr------- C:\Documents and Settings\Anuj\Favorites
2007-07-13 17:42:37 0 d-------- C:\Documents and Settings\Anuj\Desktop
2007-07-13 17:42:37 0 d---s---- C:\Documents and Settings\Anuj\Cookies
2007-07-13 17:42:37 0 dr-h----- C:\Documents and Settings\Anuj\Application Data
2007-07-13 17:40:47 0 d-------- C:\WINDOWS\SoftwareDistribution
2007-07-13 17:40:47 0 d--hs---- C:\System Volume Information
2007-07-13 17:40:46 0 d---s---- C:\WINDOWS\system32\Microsoft
2007-07-13 17:40:45 229376 --ah----- C:\Documents and Settings\LocalService\NTUSER.DAT
2007-07-13 17:40:45 0 d--h----- C:\Documents and Settings\LocalService\Local Settings
2007-07-13 17:40:45 0 d---s---- C:\Documents and Settings\LocalService\Cookies
2007-07-13 17:40:45 0 d-------- C:\Documents and Settings\LocalService\Application Data
2007-07-13 17:40:45 0 d---s---- C:\Documents and Settings\LocalService\Application Data\Microsoft
2007-07-13 17:40:34 0 d--h----- C:\Documents and Settings\NetworkService\Local Settings
2007-07-13 17:40:34 0 d---s---- C:\Documents and Settings\NetworkService\Cookies
2007-07-13 17:40:34 0 d-------- C:\Documents and Settings\NetworkService\Application Data
2007-07-13 17:40:34 0 d---s---- C:\Documents and Settings\NetworkService\Application Data\Microsoft
2007-07-13 17:40:33 229376 --ah----- C:\Documents and Settings\NetworkService\NTUSER.DAT
2007-07-13 17:35:27 0 d-------- C:\WINDOWS\system32\xircom
2007-07-13 17:35:27 0 d-------- C:\Program Files\microsoft frontpage
2007-07-13 17:35:12 245760 ---h----- C:\Documents and Settings\Default User\NTUSER.DAT
2007-07-13 17:35:09 0 -rahs---- C:\MSDOS.SYS
2007-07-13 17:35:09 0 -rahs---- C:\IO.SYS
2007-07-13 17:35:09 0 --a------ C:\CONFIG.SYS
2007-07-13 17:35:09 0 --a------ C:\AUTOEXEC.BAT
2007-07-13 17:33:58 0 d--hs---- C:\Documents and Settings\All Users\DRM
2007-07-13 17:33:48 0 dr------- C:\WINDOWS\Offline Web Pages
2007-07-13 17:33:48 0 d---s---- C:\WINDOWS\Downloaded Program Files
2007-07-13 17:33:37 0 d--h----- C:\Program Files\WindowsUpdate
2007-07-13 17:33:19 0 d-------- C:\WINDOWS\system32\DirectX
2007-07-13 17:32:39 0 d---s---- C:\WINDOWS\Tasks
2007-07-13 17:32:37 0 d-------- C:\Program Files\Common Files\MSSoap
2007-07-13 17:32:33 0 d-------- C:\WINDOWS\srchasst
2007-07-13 17:32:32 0 d-------- C:\WINDOWS\system32\Macromed
2007-07-13 17:32:22 0 d-------- C:\Program Files\Movie Maker
2007-07-13 17:32:12 0 d-------- C:\WINDOWS\system32\Restore
2007-07-13 17:31:27 22720 --a------ C:\WINDOWS\system32\emptyregdb.dat
2007-07-13 17:31:17 0 d-------- C:\WINDOWS\Registration
2007-07-13 17:31:13 0 d-------- C:\Program Files\Online Services
2007-07-13 17:31:07 0 d-------- C:\Program Files\Messenger
2007-07-13 17:31:02 0 d-------- C:\Program Files\MSN Gaming Zone
2007-07-13 17:30:16 0 d-------- C:\Program Files\Windows NT
2007-07-13 17:30:12 0 d-------- C:\WINDOWS\system32\MsDtc
2007-07-13 17:30:10 0 d-------- C:\WINDOWS\system32\Com
2007-07-13 17:25:36 0 d--hs---- C:\WINDOWS\Installer
2007-07-13 17:25:35 0 d-------- C:\Program Files\Common Files\ODBC
2007-07-13 17:25:32 0 d-------- C:\Program Files\Common Files\SpeechEngines
2007-07-13 17:25:31 0 dr------- C:\Program Files
2007-07-13 17:25:03 0 d--h----- C:\Documents and Settings\Default User\Templates
2007-07-13 17:25:03 0 dr------- C:\Documents and Settings\Default User\Start Menu
2007-07-13 17:25:03 0 dr-h----- C:\Documents and Settings\Default User\SendTo
2007-07-13 17:25:03 0 d--h----- C:\Documents and Settings\Default User\Recent
2007-07-13 17:25:03 0 d--h----- C:\Documents and Settings\Default User\PrintHood
2007-07-13 17:25:03 0 d--h----- C:\Documents and Settings\Default User\NetHood
2007-07-13 17:25:03 0 d-------- C:\Documents and Settings\Default User\My Documents
2007-07-13 17:25:03 0 dr-h----- C:\Documents and Settings\Default User\Local Settings
2007-07-13 17:25:03 0 d-------- C:\Documents and Settings\Default User\Favorites
2007-07-13 17:25:03 0 d-------- C:\Documents and Settings\Default User\Desktop
2007-07-13 17:25:03 0 d---s---- C:\Documents and Settings\Default User\Cookies
2007-07-13 17:25:03 0 d--h----- C:\Documents and Settings\All Users\Templates
2007-07-13 17:25:03 0 dr------- C:\Documents and Settings\All Users\Start Menu
2007-07-13 17:25:03 0 d-------- C:\Documents and Settings\All Users\Favorites
2007-07-13 17:25:03 0 dr------- C:\Documents and Settings\All Users\Documents
2007-07-13 17:25:03 0 d-------- C:\Documents and Settings\All Users\Desktop
2007-07-13 17:24:50 0 d-------- C:\WINDOWS\system32\CatRoot2
2007-07-13 17:24:50 0 d-------- C:\WINDOWS\system32\CatRoot
2007-07-13 17:24:44 0 dr-h----- C:\Documents and Settings\Default User\Application Data
2007-07-13 17:24:44 0 d---s---- C:\Documents and Settings\Default User\Application Data\Microsoft
2007-07-13 17:24:44 0 dr-h----- C:\Documents and Settings\All Users\Application Data
2007-07-13 17:24:44 0 d---s---- C:\Documents and Settings\All Users\Application Data\Microsoft
2007-07-13 17:24:21 0 d-------- C:\Documents and Settings
2007-07-13 17:18:51 0 d-------- C:\WINDOWS
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\WinSxS
2007-07-13 17:18:51 0 dr------- C:\WINDOWS\Web
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\twain_32
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\system32
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\system32\wins
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\system32\wbem
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\system32\usmt
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\system32\spool
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\system32\ShellExt
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\system32\Setup
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\system32\ras
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\system32\oobe
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\system32\npp
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\system32\mui
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\system32\inetsrv
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\system32\IME
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\system32\icsxml
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\system32\ias
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\system32\export
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\system32\drivers
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\system32\drivers\etc
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\system32\drivers\disdn
2007-07-13 17:18:51 0 dr-hs---- C:\WINDOWS\system32\dllcache
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\system32\dhcp
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\system32\config
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\system32\3com_dmi
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\system32\3076
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\system32\2052
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\system32\1054
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\system32\1042
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\system32\1041
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\system32\1037
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\system32\1033
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\system32\1031
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\system32\1028
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\system32\1025
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\system
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\security
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\Resources
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\repair
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\Provisioning
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\PeerNet
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\pchealth
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\mui
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\msapps
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\msagent
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\Media
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\java
2007-07-13 17:18:51 0 d--h----- C:\WINDOWS\inf
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\ime
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\Help
2007-07-13 17:18:51 0 dr--s---- C:\WINDOWS\Fonts
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\ehome
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\Driver Cache
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\Debug
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\Cursors
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\Connection Wizard
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\Config
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\AppPatch
2007-07-13 17:18:51 0 d-------- C:\WINDOWS\addins


-- Find3M Report ---------------------------------------------------------------

2007-07-13 17:25:04 62 --ahs---- C:\Documents and Settings\Anuj\Application Data\desktop.ini


-- Registry Dump ---------------------------------------------------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"Zone Labs Client"="\"C:\\Program Files\\Zone Labs\\ZoneAlarm\\zlclient.exe\""
"Acrobat Assistant 8.0"="\"C:\\Program Files\\Adobe\\Acrobat 8.0\\Acrobat\\Acrotray.exe\""
@=""
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_11\\bin\\jusched.exe\""
"UpdReg"="C:\\WINDOWS\\UpdReg.EXE"
"OrderReminder"="C:\\Program Files\\Hewlett-Packard\\OrderReminder\\OrderReminder.exe"
"RemoteControl"="\"C:\\Program Files\\CyberLink DVD Solution\\PowerDVD\\PDVDServ.exe\""
"NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVG7\\avgcc.exe /STARTUP"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
Authentication Packages REG_MULTI_SZ msv1_0\
Security Packages REG_MULTI_SZ kerberosmsv1_0schannelwdigest\
Notification Packages REG_MULTI_SZ scecli\


[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\
LocalService REG_MULTI_SZ AlerterWebClientLmHostsRemoteRegistryupnphostSSDPSRV\
NetworkService REG_MULTI_SZ DnsCache\
DcomLaunch REG_MULTI_SZ DcomLaunchTermService\
rpcss REG_MULTI_SZ RpcSs\
imgsvc REG_MULTI_SZ StiSvc\
termsvcs REG_MULTI_SZ TermService\


[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ea5db51c-3235-11dc-a665-000b6a845e4b}]
Shell\Auto\command RavMonE.exe e
Shell\AutoRun\command C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e


-- End of Deckard's System Scanner: finished at 2007-07-15 at 01:57:22 --------

-


Extra

Deckard's System Scanner v20070711.54
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Intel® Pentium® 4 CPU 2.40GHz
Percentage of Memory in Use: 52%
Physical Memory (total/avail): 503.48 MiB / 238.1 MiB
Pagefile Memory (total/avail): 1229.81 MiB / 986.39 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1942.27 MiB

C: is Fixed (FAT32) - 18.62 GiB total, 7.14 GiB free.
D: is Fixed (FAT32) - 18.62 GiB total, 2.46 GiB free.
E: is Fixed (FAT32) - 18.62 GiB total, 3.47 GiB free.
F: is Fixed (FAT32) - 18.62 GiB total, 7.13 GiB free.
G: is CDROM (No Media)
H: is CDROM (No Media)


-- Security Center -------------------------------------------------------------

AUOptions is disabled.
Windows Internal Firewall is disabled.

FirstRunDisabled is set.

FW: ZoneAlarm Security Suite Firewall v6.5.722.000 (Zone Labs, Inc.)
AV: ZoneAlarm Security Suite Antivirus v6.5.722.000 (Zone Labs, Inc.)
AV: AVG 7.5.476 v7.5.476 (GRISOFT)

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\WINDOWS\\System32\\ZoneLabs\\vsmon.exe"="C:\\WINDOWS\\System32\\ZoneLabs\\vsmon.exe:*:Enabled:TrueVector Service"
"C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"="C:\\Program Files\\Grisoft\\AVG7\\avginet.exe:*:Enabled:avginet.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe:*:Enabled:avgamsvr.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe:*:Enabled:avgcc.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe:*:Enabled:avgemc.exe"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Anuj\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=ANUJ-DB0ECEBC9F
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Anuj
LOGONSERVER=\\ANUJ-DB0ECEBC9F
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\WBEM;"C:\Program Files\Zone Labs\ZoneAlarm\MailFrontier"
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 3 Stepping 4, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0304
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Anuj\LOCALS~1\Temp
TMP=C:\DOCUME~1\Anuj\LOCALS~1\Temp
tvdumpflags=8
USERDOMAIN=ANUJ-DB0ECEBC9F
USERNAME=Anuj
USERPROFILE=C:\Documents and Settings\Anuj
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

Anuj (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> "C:\Program Files\Creative\SB5.1\Program\Ctzapxx.EXE" /W /U /S
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{435E969D-867E-4364-8E74-3DC8A69C5BDB}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{435E969D-867E-4364-8E74-3DC8A69C5BDB}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{44DC86A0-248D-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{44DC86A0-248D-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48E3A9E6-FA13-11D5-8CC9-00A0C98192B6}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48E3A9E6-FA13-11D5-8CC9-00A0C98192B6}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{51F5239C-197B-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{51F5239C-197B-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E7337A45-3FE5-4392-ABBB-26B794D060C9}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E7337A45-3FE5-4392-ABBB-26B794D060C9}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F865C2FE-25E7-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F865C2FE-25E7-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9 /remove
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Acrobat 8 Professional - English, Français, Deutsch --> msiexec /I {AC76BA86-1033-F400-7760-000000000003}
Adobe Photoshop 7.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Adobe\Photoshop 7.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 7.0\Uninst.dll"
AVG 7.5 --> C:\Program Files\Grisoft\AVG7\setup.exe /UNINSTALL
Azureus --> C:\Program Files\Azureus\Uninstall.exe
Cyberoam Client for 24Online --> C:\WINDOWS\UnGins.exe "C:\Program Files\eLitecore\Cyberoam Client for 24Online\install.log"
DVD Solution --> "C:\Program Files\Uninstall_CDS.exe"
Flash Player Pro V3.3 --> "C:\Program Files\Flash Player Pro\unins000.exe"
J2SE Development Kit 5.0 Update 11 --> MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0150110}
J2SE Runtime Environment 5.0 Update 11 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110}
LaserJet 1020 series --> C:\Program Files\Zenographics\{2E9CFA52-CD39-4EE6-80DF-B4439F9A6CE4}\setup.exe -u "HPLJInstaller.dll=Hplj1020.inf"
Lizardtech DjVu Control --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{105CFC7C-6992-11D5-BD9D-000102C10FD8}\Setup.exe" -l0x9
MailFrontier Desktop --> C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\UNWISE.EXE C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\INSTMLF.LOG
Microsoft Office XP Professional with FrontPage --> MsiExec.exe /I{90280409-6000-11D3-8CFE-0050048383C9}
Multimedia Launcher --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
Nero OEM --> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
NetBeans IDE 5.5 --> C:\Program Files\netbeans-5.5\_uninst\uninstaller.exe
OrderReminder HP LaserJet 1020 --> "C:\Program Files\Hewlett-Packard\OrderReminder\uninstall\hpuninstaller.exe" hp_LaserJet_1020
PowerDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
Sound Blaster 5.1 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BD196DAC-F550-46C5-9D3A-FD04474C1FCC}\SETUP.EXE" -l0x9
VideoLAN VLC media player 0.8.4a --> C:\Program Files\VideoLAN\VLC\uninstall.exe
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
ZoneAlarm Security Suite --> C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe


-- End of Deckard's System Scanner: finished at 2007-07-15 at 01:57:22 ---------



there is one more txt file with the named moved

Directories/Files moved to C:\Deckard\System Scanner\backup

2007-07-14 12:13:34 0 d-------- C:\DOCUME~1\Anuj\LOCALS~1\Temp\2M446A3J
2007-07-14 17:58:42 16384 --a------ C:\DOCUME~1\Anuj\LOCALS~1\Temp\~DF8072.tmp
2007-07-14 18:06:42 16384 --a------ C:\DOCUME~1\Anuj\LOCALS~1\Temp\~DF971B.tmp
2007-07-14 01:35:24 0 --a------ C:\DOCUME~1\Anuj\LOCALS~1\Temp\AZ_46908.bin
2007-07-14 01:51:16 0 --a------ C:\DOCUME~1\Anuj\LOCALS~1\Temp\AZ_46912.r00
2007-07-14 12:14:04 16384 --a------ C:\DOCUME~1\Anuj\LOCALS~1\Temp\~DF8F93.tmp
2007-07-14 17:57:12 88 --a------ C:\DOCUME~1\Anuj\LOCALS~1\Temp\VerChk.txt
2007-07-14 18:32:50 16384 --a------ C:\DOCUME~1\Anuj\LOCALS~1\Temp\~DFEEAB.tmp
2007-07-14 11:07:30 693 --a------ C:\DOCUME~1\Anuj\LOCALS~1\Temp\TWAIN.LOG
2007-07-14 11:07:30 2 --a------ C:\DOCUME~1\Anuj\LOCALS~1\Temp\Twain001.Mtx
2007-07-14 11:07:00 0 --a------ C:\DOCUME~1\Anuj\LOCALS~1\Temp\Twunk002.MTX
2007-07-14 11:07:30 156 --a------ C:\DOCUME~1\Anuj\LOCALS~1\Temp\Twunk001.MTX
2007-07-14 20:34:40 16384 --a------ C:\DOCUME~1\Anuj\LOCALS~1\Temp\~DF1C8B.tmp
2007-07-14 20:38:14 16384 --a------ C:\DOCUME~1\Anuj\LOCALS~1\Temp\~DFFA0A.tmp
2007-07-14 20:37:52 0 d-------- C:\DOCUME~1\Anuj\LOCALS~1\Temp\2M472L35
2002-07-25 12:37:36 346602 -ra------ C:\DOCUME~1\Anuj\LOCALS~1\Temp\IEC2.tmp
2007-07-13 17:47:34 0 d-------- C:\DOCUME~1\Anuj\LOCALS~1\Temp\2M363F6R
2007-07-14 18:05:30 77375 --a------ C:\DOCUME~1\Anuj\LOCALS~1\Temp\debug-1184416522-31.out
2007-07-14 19:31:50 16384 --a------ C:\DOCUME~1\Anuj\LOCALS~1\Temp\~DF11F4.tmp
2007-07-14 17:55:54 0 d-------- C:\DOCUME~1\Anuj\LOCALS~1\Temp\{48E3A9E6-FA13-11D5-8CC9-00A0C98192B6}
2007-07-15 01:28:40 0 d-------- C:\DOCUME~1\Anuj\LOCALS~1\Temp\e4j3.tmp_dir23695
2007-07-15 01:08:18 16384 --a------ C:\DOCUME~1\Anuj\LOCALS~1\Temp\~DF12B5.tmp
2007-07-14 23:48:12 164863 --a------ C:\DOCUME~1\Anuj\LOCALS~1\Temp\avg7inst.log
2007-07-14 21:20:04 0 d-------- C:\DOCUME~1\Anuj\LOCALS~1\Temp\VBE
2007-07-14 23:47:04 0 d-------- C:\DOCUME~1\Anuj\LOCALS~1\Temp\RarSFX0
2007-07-14 00:12:38 1160 --a------ C:\DOCUME~1\Anuj\LOCALS~1\Temp\jinstall.cfg
2007-07-15 01:28:44 0 --a------ C:\DOCUME~1\Anuj\LOCALS~1\Temp\AZ_29313.exe
2007-07-13 17:55:16 16384 --a------ C:\DOCUME~1\Anuj\LOCALS~1\Temp\~DF3EAC.tmp
2003-03-03 22:30:00 339565 -ra------ C:\DOCUME~1\Anuj\LOCALS~1\Temp\IEC1.tmp
2007-07-13 17:58:38 4544 --a------ C:\DOCUME~1\Anuj\LOCALS~1\Temp\plf2.tmp
2007-07-13 17:58:38 0 d-------- C:\DOCUME~1\Anuj\LOCALS~1\Temp\pft4~tmp
2007-07-13 17:58:52 131072 --a------ C:\DOCUME~1\Anuj\LOCALS~1\Temp\4504.rra
2007-07-13 18:46:42 16384 --a------ C:\DOCUME~1\Anuj\LOCALS~1\Temp\~DF253A.tmp
2007-07-13 19:07:18 16384 --a------ C:\DOCUME~1\Anuj\LOCALS~1\Temp\~DF38CA.tmp
2007-07-13 19:08:48 16384 --a------ C:\DOCUME~1\Anuj\LOCALS~1\Temp\~DF2C62.tmp
2007-07-13 19:18:24 3292 --a------ C:\DOCUME~1\Anuj\LOCALS~1\Temp\Office XP Professional with FrontPage Setup(0001).txt
2007-07-13 19:18:24 7714542 --a------ C:\DOCUME~1\Anuj\LOCALS~1\Temp\Office XP Professional with FrontPage Setup(0001)_Task(0001).txt
2007-07-13 19:20:24 33811 --a------ C:\DOCUME~1\Anuj\LOCALS~1\Temp\offcln10.log
2007-07-13 19:27:12 3419 --a------ C:\DOCUME~1\Anuj\LOCALS~1\Temp\Office XP Professional with FrontPage Setup(0002).txt
2007-07-13 19:27:08 15002218 --a------ C:\DOCUME~1\Anuj\LOCALS~1\Temp\Office XP Professional with FrontPage Setup(0002)_Task(0001).txt
2006-09-17 15:00:00 3584 --a------ C:\DOCUME~1\Anuj\LOCALS~1\Temp\1307c4.mst
2007-07-13 19:37:42 592 --a------ C:\DOCUME~1\Anuj\LOCALS~1\Temp\RunTime.ini
2007-07-15 01:17:56 1385 --a------ C:\DOCUME~1\Anuj\LOCALS~1\Temp\libFNP_events.log
2007-07-13 19:37:56 0 d-------- C:\DOCUME~1\Anuj\LOCALS~1\Temp\Acrobat Distiller 8
2007-07-13 19:38:14 0 d-------- C:\DOCUME~1\Anuj\LOCALS~1\Temp\Adobe
2007-07-13 19:52:18 16384 --a------ C:\DOCUME~1\Anuj\LOCALS~1\Temp\~DF9B81.tmp
2007-07-13 19:50:32 0 d-------- C:\DOCUME~1\Anuj\LOCALS~1\Temp\WER1f49.dir00
2007-07-13 19:51:04 0 d-------- C:\DOCUME~1\Anuj\LOCALS~1\Temp\WER9648.dir00
2007-07-13 19:51:20 0 d-------- C:\DOCUME~1\Anuj\LOCALS~1\Temp\WERd1be.dir00
2007-07-13 19:51:34 0 d-------- C:\DOCUME~1\Anuj\LOCALS~1\Temp\WER1352.dir00
2007-07-13 19:51:48 0 d-------- C:\DOCUME~1\Anuj\LOCALS~1\Temp\WER43fe.dir00
2007-07-13 19:51:52 0 d-------- C:\DOCUME~1\Anuj\LOCALS~1\Temp\WER51b6.dir00
2007-07-13 19:53:26 16384 --a------ C:\DOCUME~1\Anuj\LOCALS~1\Temp\~DF7C8B.tmp
2007-07-13 20:19:14 597 --a------ C:\DOCUME~1\Anuj\LOCALS~1\Temp\java_install_reg.log
2007-07-13 20:16:40 0 --a------ C:\DOCUME~1\Anuj\LOCALS~1\Temp\java_install.log
2007-07-13 20:20:30 0 d-------- C:\DOCUME~1\Anuj\LOCALS~1\Temp\mdrtmpdir
2007-07-13 20:21:18 0 d-------- C:\DOCUME~1\Anuj\LOCALS~1\Temp\jarfscacheAnuj
2007-07-14 10:54:36 16384 --a------ C:\DOCUME~1\Anuj\LOCALS~1\Temp\~DFADED.tmp
2007-07-13 23:52:58 759 --a------ C:\DOCUME~1\Anuj\LOCALS~1\Temp\AZU46905.tmp
2007-07-13 23:54:02 309979 --a------ C:\DOCUME~1\Anuj\LOCALS~1\Temp\azplugins_2.1.4.jar
2007-07-15 01:22:30 5250 --a------ C:\DOCUME~1\Anuj\LOCALS~1\Temp\jusched.log
2007-03-15 23:00:24 370328 --a------ C:\DOCUME~1\Anuj\LOCALS~1\Temp\jre-6u1-windows-i586-p-iftw_fa96d0d7.exe <Verified; Sun Microsystems, Inc.; Java™ Platform SE 6 U1>

-*- End of Logfile -*-

i have also run AVG spyware but did not fing anything.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP