andrewuk,
Here are the logs from those scans!
My PC is running fine but my internet is still ridiculously slow! I have checked all the cables and connections!
Anyway here are the logs
KASPERSKY ONLINE SCANNER REPORT
Wednesday, November 14, 2007 8:43:11 AM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 14/11/2007
Kaspersky Anti-Virus database records: 457951
Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
C:\
D:\
E:\
F:\
G:\
H:\
I:\
Scan Statistics
Total number of scanned objects 59898
Number of viruses found 0
Number of infected objects 0
Number of suspicious objects 0
Duration of the scan process 00:34:13
Infected Object Name Virus Name Last Action
C:\Documents and Settings\All Users\Application Data\Microsoft\eHome\logs\ehRecvr.log Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Owner\Application Data\acccore\nss\cert8.db Object is locked skipped
C:\Documents and Settings\Owner\Application Data\acccore\nss\key3.db Object is locked skipped
C:\Documents and Settings\Owner\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\AOL OCP\AIM\Storage\All Users\localStorage\common.cls Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\AOL OCP\AIM\Storage\data\catchincotton\localStorage\common.cls Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Owner\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Owner\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\report\Resident protection.txt Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{593F298F-B7D6-4A3D-A260-6D7E68E3F587}\RP27\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\ModemLog_PCI Soft Data Fax Modem with SmartCP.txt Object is locked skipped
C:\WINDOWS\Registration\{02D4B3F1-FD88-11D1-960D-00805FC79235}.{C04FDB96-EF1B-47F9-B5C5-99B80CA04CAA}.crmlog Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{DD5D427F-4DA1-4613-865F-6BE52F79BEE7}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Media Ce.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\Perflib_Perfdata_5f8.dat Object is locked skipped
C:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
Scan process completed.
Deckard's System Scanner v20071014.68
Run by Owner on 2007-11-14 08:50:09
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
29: 2007-11-14 13:50:12 UTC - RP29 - Deckard's System Scanner Restore Point
28: 2007-11-14 12:50:16 UTC - RP28 - System Checkpoint
27: 2007-11-13 06:23:36 UTC - RP27 - System Checkpoint
26: 2007-11-12 00:12:25 UTC - RP26 - System Checkpoint
25: 2007-11-10 18:26:51 UTC - RP25 - System Checkpoint
-- First Restore Point --
1: 2007-10-31 03:56:03 UTC - RP1 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as Owner.exe) -----------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:50:58 AM, on 11/14/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\zHotkey.exe
C:\Program Files\Digital Media Reader\readericon45G.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Common Files\AOL\Loader\aolload.exe
C:\WINDOWS\system32\dllhost.exe
C:\Documents and Settings\Owner\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Owner.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.gateway.c...h...TP&M=GT4016R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.gateway.c...h...TP&M=GT4016O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\windows\system32\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [CHotkey] zHotkey.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [readericon] C:\Program Files\Digital Media Reader\readericon45G.exe
O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\bigfix.exe
O9 - Extra button: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\Owner\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk
O9 - Extra 'Tools' menuitem: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\Owner\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
http://www.kaspersky...can_unicode.cabO16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoft...free/asinst.cabO20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
--
End of file - 5672 bytes
-- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------
backup-20071113-212800-142 O4 - HKUS\.DEFAULT\..\Run: [Power2GoExpress] NA (User 'Default user')
backup-20071113-212800-747 O4 - HKCU\..\Run: [Power2GoExpress] NA
backup-20071113-212800-956 O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
backup-20071113-212800-967 O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R1 SASDIFSV - c:\program files\superantispyware\sasdifsv.sys
R1 SASKUTIL - c:\program files\superantispyware\saskutil.sys
R3 SASENUM - c:\program files\superantispyware\sasenum.sys <Not Verified; SuperAdBlocker, Inc.; SuperAntiSpyware>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
All services whitelisted.
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: 1394 Net Adapter
Device ID: V1394\NIC1394\304CABE40CA07
Manufacturer: Microsoft
Name: 1394 Net Adapter
PNP Device ID: V1394\NIC1394\304CABE40CA07
Service: NIC1394
-- Files created between 2007-10-14 and 2007-11-14 -----------------------------
2007-11-13 22:02:14 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2007-11-13 22:02:13 0 d-------- C:\WINDOWS\system32\Kaspersky Lab
2007-11-13 22:02:12 0 d-------- C:\WINDOWS\LastGood
2007-11-08 13:43:20 0 d-------- C:\Program Files\Trend Micro
2007-11-07 18:03:18 0 d-------- C:\WINDOWS\system32\ActiveScan
2007-11-07 16:22:29 0 --a------ C:\WINDOWS\system32\CMMGR32.EXE
2007-11-07 16:04:53 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2007-11-07 16:04:38 0 d-------- C:\Program Files\SUPERAntiSpyware
2007-11-07 16:04:38 0 d-------- C:\Documents and Settings\Owner\Application Data\SUPERAntiSpyware.com
2007-11-07 16:04:20 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-11-07 14:40:03 0 d-------- C:\Documents and Settings\Administrator\Application Data\Grisoft
2007-11-07 13:56:17 0 d-------- C:\Documents and Settings\Owner\Application Data\Grisoft
2007-11-07 13:56:09 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-11-05 23:25:04 0 d-------- C:\Program Files\burst
2007-11-05 22:49:26 737280 --a------ C:\WINDOWS\iun6002.exe <Not Verified; Indigo Rose Corporation; Setup Factory 6.0 Runtime Module>
2007-11-05 22:49:26 0 d-------- C:\Program Files\FireTune
2007-11-05 22:13:26 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2007-11-03 21:00:23 0 d-------- C:\Documents and Settings\Owner\Application Data\CyberLink
2007-11-03 20:59:22 0 d-------- C:\Documents and Settings\All Users\Application Data\CyberLink
2007-11-03 00:54:21 0 d-------- C:\Program Files\MSXML 4.0
2007-11-03 00:12:29 0 d-------- C:\WINDOWS\Sun
2007-11-03 00:12:29 0 d-------- C:\Documents and Settings\Owner\Application Data\Sun
2007-11-02 20:08:42 0 d-------- C:\WINDOWS\system32\PreInstall
2007-11-02 19:29:06 0 d-------- C:\Program Files\Absolute Poker
2007-11-02 19:29:03 0 d-------- C:\Program Files\_uninstallation_info
2007-11-02 19:05:29 0 d-------- C:\Documents and Settings\All Users\Application Data\OrbNetworks
2007-11-02 19:05:26 0 d-------- C:\Program Files\Winamp Remote
2007-11-02 19:04:57 0 d-------- C:\Program Files\Winamp
2007-11-02 19:04:57 0 d-------- C:\Documents and Settings\Owner\Application Data\Winamp
2007-11-02 18:56:06 0 d-------- C:\Documents and Settings\Owner\Application Data\acccore
2007-11-02 18:55:34 0 d-------- C:\Documents and Settings\All Users\Application Data\AOL OCP
2007-11-02 18:55:17 0 d-------- C:\Program Files\AIM6
2007-11-02 18:38:23 1092 --a------ C:\WINDOWS\checkip.dat
2007-10-31 22:42:07 0 d-------- C:\Documents and Settings\Owner\Application Data\Macromedia
2007-10-31 22:42:04 1156 --a------ C:\WINDOWS\mozver.dat
2007-10-31 21:10:34 0 d---s---- C:\Documents and Settings\Owner\UserData
2007-10-31 00:03:44 0 d-------- C:\Documents and Settings\Owner\Application Data\Google
2007-10-30 23:27:31 0 d-------- C:\Program Files\Alwil Software
2007-10-30 23:07:58 0 d-------- C:\Documents and Settings\Owner\Application Data\Mozilla
2007-10-30 23:00:34 0 d-------- C:\Documents and Settings\All Users\Application Data\Google
2007-10-30 22:56:39 0 d-------- C:\WINDOWS\system32\Lang
2007-10-30 22:56:15 0 d-------- C:\Documents and Settings\Owner\WINDOWS
2007-10-30 22:56:15 0 d--h----- C:\Documents and Settings\Owner\Templates
2007-10-30 22:56:15 0 dr------- C:\Documents and Settings\Owner\Start Menu
2007-10-30 22:56:15 0 dr-h----- C:\Documents and Settings\Owner\SendTo
2007-10-30 22:56:15 0 dr-h----- C:\Documents and Settings\Owner\Recent
2007-10-30 22:56:15 0 d--h----- C:\Documents and Settings\Owner\PrintHood
2007-10-30 22:56:15 1572864 --ah----- C:\Documents and Settings\Owner\NTUSER.DAT
2007-10-30 22:56:15 0 d--h----- C:\Documents and Settings\Owner\NetHood
2007-10-30 22:56:15 0 dr------- C:\Documents and Settings\Owner\My Documents
2007-10-30 22:56:15 0 d--h----- C:\Documents and Settings\Owner\Local Settings
2007-10-30 22:56:15 0 dr------- C:\Documents and Settings\Owner\Favorites
2007-10-30 22:56:15 0 d-------- C:\Documents and Settings\Owner\Desktop
2007-10-30 22:56:15 0 d---s---- C:\Documents and Settings\Owner\Cookies
2007-10-30 22:56:15 0 dr-h----- C:\Documents and Settings\Owner\Application Data
2007-10-30 22:56:15 0 d-------- C:\Documents and Settings\Owner\Application Data\You've Got Pictures Screensaver
2007-10-30 22:56:15 0 d-------- C:\Documents and Settings\Owner\Application Data\SampleView
2007-10-30 22:56:15 0 d-------- C:\Documents and Settings\Owner\Application Data\Identities
2007-10-30 22:56:15 0 d-------- C:\Documents and Settings\Owner\Application Data\AOL
2007-10-30 22:55:50 0 d-------- C:\Documents and Settings\Default User\Application Data\You've Got Pictures Screensaver
2007-10-30 22:55:50 0 d-------- C:\Documents and Settings\Default User\Application Data\SampleView
2007-10-30 22:55:50 0 d-------- C:\Documents and Settings\Default User\Application Data\AOL
2007-10-30 22:41:21 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2007-10-30 22:32:10 0 d-------- C:\Documents and Settings\Administrator\Application Data\SampleView
2007-10-30 17:22:01 0 d-------- C:\Documents and Settings\Administrator\Application Data\AOL
2007-10-30 17:10:50 0 d-------- C:\Program Files\McAfee.com
2007-10-30 17:10:32 67072 --a------ C:\WINDOWS\POWERCFG.EXE <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-30 17:10:00 0 d-------- C:\Program Files\Microsoft Money 2006
2007-10-30 17:09:51 0 d-------- C:\Program Files\BigFix
2007-10-30 17:09:14 0 d-------- C:\Program Files\Microsoft Works
2007-10-30 17:09:02 0 d-------- C:\Program Files\MSN Encarta Plus
2007-10-30 17:08:40 0 d-------- C:\Program Files\Digital Media Reader
2007-10-30 17:08:33 0 d-------- C:\WINDOWS\Downloaded Installations
2007-10-30 17:07:53 0 d-------- C:\Program Files\Common Files\Nullsoft
2007-10-30 17:07:53 0 d-------- C:\Documents and Settings\Administrator\Application Data\You've Got Pictures Screensaver
2007-10-30 17:07:41 86016 --a------ C:\WINDOWS\unvise32qt.exe <Not Verified; MindVision; Installer VISE 2.8.3>
2007-10-30 17:07:36 0 d-------- C:\WINDOWS\system32\QuickTime
2007-10-30 17:07:36 0 d-------- C:\Program Files\QuickTime
2007-10-30 17:07:36 0 d-------- C:\Documents and Settings\All Users\Application Data\QuickTime
2007-10-30 17:07:32 0 d-------- C:\My Music
2007-10-30 17:07:31 8552 --a------ C:\WINDOWS\system32\drivers\asctrm.sys <Not Verified; Windows ® 2000 DDK provider; Windows ® 2000 DDK driver>
2007-10-30 17:07:28 0 d-------- C:\Program Files\Real
2007-10-30 17:07:28 0 d-------- C:\Program Files\Common Files\Real
2007-10-30 17:07:23 102400 --a------ C:\WINDOWS\system32\SimpleRegistry.dll <Not Verified; 4Developers LLC; SimpleRegistry Control>
2007-10-30 17:07:23 10752 --a------ C:\WINDOWS\system32\aamd532.dll <Not Verified; Almeida & Andrade Ltda; MD5 Maker DLL>
2007-10-30 17:07:20 0 d-------- C:\Documents and Settings\All Users\Application Data\Viewpoint
2007-10-30 17:07:19 0 d-------- C:\Documents and Settings\All Users\Application Data\Pure Networks
2007-10-30 17:07:16 0 d-------- C:\Program Files\Pure Networks
2007-10-30 17:06:48 0 d-------- C:\Documents and Settings\All Users\Application Data\AOL
2007-10-30 17:06:41 335 --a------ C:\WINDOWS\nsreg.dat
2007-10-30 17:06:41 0 d-------- C:\Program Files\Common Files\AOL
2007-10-30 17:06:31 0 d-------- C:\Program Files\Common Files\Roxio Shared
2007-10-30 17:06:19 0 d-------- C:\Documents and Settings\All Users\Application Data\Napster
2007-10-30 17:06:14 0 d-------- C:\Program Files\Napster
2007-10-30 17:05:37 0 d-------- C:\WINDOWS\system32\RTCOM
2007-10-30 17:05:37 40960 --a------ C:\WINDOWS\system32\ChCfg.exe
2007-10-30 17:05:34 0 d-------- C:\Program Files\Realtek
2007-10-30 17:05:30 487424 --a------ C:\WINDOWS\RtlExUpd.dll <Not Verified; Realtek Semiconductor Corp.; RtlExUpd Dynamic Link Library>
2007-10-30 17:05:09 550912 --a------ C:\WINDOWS\zHotkey.exe <Not Verified; ; Multimedia Keyboard Driver>
2007-10-30 17:05:09 36864 --a------ C:\WINDOWS\ShowWnd.exe
2007-10-30 17:05:09 532544 --a------ C:\WINDOWS\PIC.dll
2007-10-30 17:05:09 4223 --a------ C:\WINDOWS\mHotkey.reg
2007-10-30 17:05:09 24576 --a------ C:\WINDOWS\HKNTDLL.dll
2007-10-30 17:05:09 11776 --a------ C:\WINDOWS\HIDMNT.dll
2007-10-30 17:04:41 0 d-------- C:\WINDOWS\nview
2007-10-30 17:04:23 4 --a------ C:\WINDOWS\Pix11.dat
2007-10-30 17:04:08 0 d-------- C:\Program Files\Microsoft Digital Image 2006
2007-10-30 17:03:55 0 d-------- C:\Program Files\Common Files\Adobe
2007-10-30 17:03:47 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2007-10-30 17:03:37 20480 --a------ C:\WINDOWS\system32\Marker32.exe <Not Verified; Gateway; Marker32>
2007-10-30 17:03:10 0 d-------- C:\Program Files\Java
2007-10-30 17:03:09 0 d-------- C:\Program Files\Common Files\Java
2007-10-30 17:01:28 94208 --a------ C:\WINDOWS\system32\bae.dll <Not Verified; Gateway Inc.; Browser Address Error Redirector>
2007-10-30 17:00:21 2 --a------ C:\AUDIT_INSTALL_IN_PROGRESS
2007-10-30 16:59:24 0 d-------- C:\Documents and Settings\Default User\WINDOWS
2007-10-30 16:59:21 262144 --a------ C:\Documents and Settings\All Users\NTUSER.DAT
2007-10-30 16:59:02 0 d-------- C:\Program Files\Microsoft ActiveSync
2007-10-30 16:58:56 0 d-------- C:\WINDOWS\SHELLNEW
2007-10-30 16:58:48 0 d-------- C:\Program Files\Microsoft.NET
2007-10-30 16:58:35 0 dr-h----- C:\MSOCache
2007-10-30 16:56:31 0 d-------- C:\Program Files\Google
2007-10-30 16:54:07 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-10-30 16:54:07 0 d-------- C:\Program Files\CyberLink
2007-10-30 16:53:50 0 d-------- C:\WINDOWS\system32\ReinstallBackups
2007-10-30 16:53:46 0 d-------- C:\Program Files\Common Files\New Boundary
2007-10-30 16:53:46 0 d-------- C:\Program Files\Common Files\InstallShield
2007-10-30 16:53:46 0 d-------- C:\Documents and Settings\All Users\Application Data\Prism Deploy
2007-10-30 16:51:39 2 -r-hs---- C:\USER
2007-10-30 16:51:39 2 --a------ C:\REQUEST_OEMRESET_ENDUSER
2007-10-30 16:50:49 0 d-------- C:\Program Files\CONEXANT
2007-10-30 16:49:24 0 d--hs---- C:\System Volume Information
2007-10-30 15:48:03 60 --a------ C:\WINDOWS\system32\SYSDRV.DAT
2007-10-30 15:48:00 0 d-------- C:\WINDOWS\creator
2007-10-30 15:47:14 0 d-------- C:\WINDOWS\SMINST
2007-10-30 15:47:11 0 d-------- C:\WINDOWS\I386
-- Find3M Report ---------------------------------------------------------------
2007-11-07 16:04:20 0 d-------- C:\Program Files\Common Files
2007-10-30 15:47:11 0 d-------- C:\Program Files\Windows NT
2007-10-30 15:47:10 0 d-------- C:\Program Files\Movie Maker
2007-10-30 15:47:09 0 d-------- C:\Program Files\Messenger
2007-10-30 15:44:11 0 d-------- C:\Program Files\Windows Plus
2007-10-30 15:44:11 0 d-------- C:\Program Files\Online Services
2007-10-30 15:44:11 0 d-------- C:\Program Files\MSN Gaming Zone
2007-10-30 15:44:11 0 d-------- C:\Program Files\microsoft frontpage
2007-10-30 15:44:11 0 d-------- C:\Program Files\Common Files\SpeechEngines
2007-10-30 15:44:11 0 d-------- C:\Program Files\Common Files\ODBC
2007-10-30 15:44:11 0 d-------- C:\Program Files\Common Files\MSSoap
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [08/05/2005 11:56 PM]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [09/18/2005 11:32 AM]
"nwiz"="nwiz.exe" [09/18/2005 11:32 AM C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [09/18/2005 11:32 AM]
"CHotkey"="zHotkey.exe" [12/08/2004 08:57 PM C:\WINDOWS\zHotkey.exe]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [01/07/2005 08:07 PM C:\WINDOWS\system32\HdAShCut.exe]
"readericon"="C:\Program Files\Digital Media Reader\readericon45G.exe" [08/27/2005 08:09 AM]
"Recguard"="%WINDIR%\SMINST\RECGUARD.EXE" []
"RTHDCPL"="RTHDCPL.EXE" [09/14/2005 02:38 PM C:\WINDOWS\RTHDCPL.EXE]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [09/06/2007 06:06 AM]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [10/10/2007 12:28 AM]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [06/11/2007 04:25 AM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [10/31/2007 09:15 PM]
"Aim6"="C:\Program Files\AIM6\aim6.exe" [10/04/2007 10:20 AM]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [11/07/2007 05:43 PM]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
BigFix.lnk - C:\Program Files\BigFix\bigfix.exe [10/30/2007 5:09:51 PM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [12/20/2006 12:55 PM 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL 11/07/2007 05:43 PM 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
-- End of Deckard's System Scanner: finished at 2007-11-14 08:56:10 ------------
DSSExtra will be in my next post.