hi andrewuk. I ran AVG on my C: and D: drives. I beleive the G: drive is for my FlashDrive. So, I plugged it in and did a scan of G:. AVG found viruses on my G: drive. Since AVG did not automatically produce logs, I figured I would export the results to a .txt file. I pasted these below, and I hope they are clear enough to read. Following these is the DSS log. Thank you.
General properties
Report name Complete Test
Start time 1/27/2008 10:36:21 PM
End time 1/27/2008 11:44:51 PM (total: 1:08:30.4 hrs)
Launch method Scanning launched manually
Scanning result Threats found
Report status Scanning completed successfully
Object summary
Scanned 82710
Threats Found 85
Cleaned 0
Moved to vault 0
Deleted 85
Errors 0
C:\Documents and Settings\Alan\Desktop\aimfix_quarantine\22699_windows.exe.bak Deleted
C:\Documents and Settings\All Users\Desktop\Desktop.exe Deleted
C:\Documents and Settings\Guest\Desktop\Desktop.exe Deleted
C:\Documents and Settings\Guest.ALANCOMP\Guest.ALANCOMP.exe Deleted
C:\Documents and Settings\Guest.ALANCOMP\Desktop\Desktop.exe Deleted
C:\Documents and Settings\TEMP\TEMP.exe Deleted
C:\KPCMS\KPCMS.exe Deleted
C:\My Downloads\My Downloads.exe Deleted
C:\QooBox\Quarantine\C\.exe.vir Deleted
C:\QooBox\Quarantine\C\Documents and Settings\Alan\Application Data\printer.exe.vir Deleted
C:\QooBox\Quarantine\C\WINDOWS\medichi.exe.vir Deleted
C:\QooBox\Quarantine\C\WINDOWS\medichi2.exe.vir Deleted
C:\QooBox\Quarantine\C\WINDOWS\murka.dat.vir Deleted
C:\QooBox\Quarantine\C\WINDOWS\WINDOWS.exe.vir Deleted
C:\QooBox\Quarantine\C\WINDOWS\wsystmp_huv.exe.vir Deleted
C:\QooBox\Quarantine\C\WINDOWS\wsystmp_rsr.exe.vir Deleted
C:\QooBox\Quarantine\C\WINDOWS\wsystmp_vzt.exe.vir Deleted
C:\QooBox\Quarantine\C\WINDOWS\system32\kernelwind32.exe.vir Deleted
C:\QooBox\Quarantine\C\WINDOWS\system32\shovth.exe.vir Deleted
C:\QooBox\Quarantine\C\WINDOWS\system32\suspend.exe.vir Deleted
C:\QooBox\Quarantine\C\WINDOWS\system32\user32.dat.vir Deleted
C:\QooBox\Quarantine\C\WINDOWS\system32\winsn.exe.vir Deleted
C:\QooBox\Quarantine\C\WINDOWS\system32\winsos.exe.vir Deleted
C:\QooBox\Quarantine\C\WINDOWS\system32\dllcache\beep.sys.vir Deleted
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\beep.sys.vir Deleted
C:\WINDOWS\AppPatch\AppPatch.exe Deleted
C:\WINDOWS\Debug\Debug.exe Deleted
C:\WINDOWS\Driver Cache\i386\i386.exe Deleted
C:\WINDOWS\ERDNT\1-12-2008\1-12-2008.exe Deleted
C:\WINDOWS\ERDNT\1-12-2008\Users\00000001\00000001.exe Deleted
C:\WINDOWS\ERDNT\1-12-2008\Users\00000002\00000002.exe Deleted
C:\WINDOWS\ERDNT\dss\dss.exe Deleted
C:\WINDOWS\Help\Help.exe Deleted
C:\WINDOWS\Help\SBSI\Training\Training.exe Deleted
C:\WINDOWS\java\classes\classes.exe Deleted
C:\WINDOWS\java\Packages\Packages.exe Deleted
C:\WINDOWS\java\Packages\Data\Data.exe Deleted
C:\WINDOWS\java\trustlib\trustlib.exe Deleted
C:\WINDOWS\Media\Media.exe Deleted
C:\WINDOWS\Minidump\Minidump.exe Deleted
C:\WINDOWS\msagent\msagent.exe Deleted
C:\WINDOWS\msagent\intl\intl.exe Deleted
C:\WINDOWS\PCHealth\HelpCtr\Binaries\Binaries.exe Deleted
C:\WINDOWS\PCHealth\HelpCtr\Config\Config.exe Deleted
C:\WINDOWS\PCHealth\HelpCtr\Config\Cache\Cache.exe Deleted
C:\WINDOWS\PCHealth\HelpCtr\Config\CheckPoint\CheckPoint.exe Deleted
C:\WINDOWS\PCHealth\HelpCtr\PackageStore\PackageStore.exe Deleted
C:\WINDOWS\Registration\Registration.exe Deleted
C:\WINDOWS\repair\repair.exe Deleted
C:\WINDOWS\Resources\Themes\Luna\Luna.exe Deleted
C:\WINDOWS\Resources\Themes\Luna\Shell\Metallic\Metallic.exe Deleted
C:\WINDOWS\security\logs\logs.exe Deleted
C:\WINDOWS\SoftwareDistribution\SoftwareDistribution.exe Deleted
C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.exe Deleted
C:\WINDOWS\SoftwareDistribution\DataStore\Logs\Logs.exe Deleted
C:\WINDOWS\SoftwareDistribution\Download\Download.exe Deleted
C:\WINDOWS\SoftwareDistribution\Download\c268348752498f57ff1128ae6a23c4f1\c268348752498f57ff1128ae6a23c4f1.exe Deleted
C:\WINDOWS\SoftwareDistribution\Download\c268348752498f57ff1128ae6a23c4f1\update\update.exe Deleted
C:\WINDOWS\SoftwareDistribution\EventCache\EventCache.exe Deleted
C:\WINDOWS\SoftwareDistribution\SelfUpdate\Default\Default.exe Deleted
C:\WINDOWS\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\9482F4B4-E343-43B6-B170-9A65BC822C77.exe Deleted
C:\WINDOWS\SONYSYS\VAIO Recovery\VAIO Recovery.exe Deleted
C:\WINDOWS\srchasst\srchasst.exe Deleted
C:\WINDOWS\srchasst\chars\chars.exe Deleted
C:\WINDOWS\srchasst\mui\0409\0409.exe Deleted
C:\WINDOWS\WinSxS\Manifests\Manifests.exe Deleted
C:\WINDOWS\WinSxS\Policies\x86_policy.1.0.Microsoft.Windows.GdiPlus_6595b64144ccf1df_x-ww_4e8510ac\x86_policy.1.0.Microsoft.Windows.GdiPlus_6595b64144ccf1df_x-ww_4e8510ac.exe Deleted
C:\WINDOWS\WinSxS\Policies\x86_policy.5.1.Microsoft.Windows.SystemCompatible_6595b64144ccf1df_x-ww_a0111510\x86_policy.5.1.Microsoft.Windows.SystemCompatible_6595b64144ccf1df_x-ww_a0111510.exe Deleted
C:\WINDOWS\WinSxS\Policies\x86_policy.5.2.Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_x-ww_362e60dd\x86_policy.5.2.Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_x-ww_362e60dd.exe Deleted
C:\_OTMoveIt\MovedFiles\MovedFiles.exe Deleted
C:\_OTMoveIt\MovedFiles\01072008_213704\WINDOWS\trayicons.exe Deleted
C:\_OTMoveIt\MovedFiles\01072008_213704\WINDOWS\WINDOWS.exe Deleted
C:\_OTMoveIt\MovedFiles\01242008_231248\WINDOWS\system32\wowfx(2).dll Deleted
D:\30697A44.exe Deleted
D:\a712965750e1c654b466de05960fa42d\SP2GDR\SP2GDR.exe Deleted
D:\a712965750e1c654b466de05960fa42d\SP2QFE\SP2QFE.exe Deleted
D:\aacbc799af20f48f737ae2\aacbc799af20f48f737ae2.exe Deleted
D:\Ares\data\data.exe Deleted
D:\Ares\data\GUI\General\General.exe Deleted
D:\Ares\lang\lang.exe Deleted
D:\My Documents\NEW YORK 2007\NEW YORK 2007.exe Deleted
D:\Program Files\AIM\Resources\Resources.exe Deleted
D:\Program Files\AIM\sounds\sounds.exe Deleted
D:\Program Files\AIM\Sysfiles\Sysfiles.exe Deleted
D:\SonicStage\Packages\Optimized Files\Optimized Files.exe Deleted
AVG Results of the G: drive scan:
General properties
Report name Selected Areas Test
Start time 1/28/2008 3:52:47 PM
End time 1/28/2008 3:53:44 PM (total: 57.4 sec)
Launch method Scanning launched manually
Scanning result Threats found
Report status Scanning completed successfully
Object summary
Scanned 560
Threats Found 18
Cleaned 0
Moved to vault 0
Deleted 18
Errors 0
G:\Tarjan FLASHCARD\Tarjan FLASHCARD.exe Deleted
G:\Tarjan FLASHCARD\nb\nb.exe Deleted
G:\Tarjan FLASHCARD\China presentation\China presentation.exe Deleted
G:\CCH - Stigma\CCH - Stigma.exe Deleted
G:\Labels\Labels.exe Deleted
G:\Typed-Up Documents\Typed-Up Documents.exe Deleted
G:\Resume and Cover Letter\Resume and Cover Letter.exe Deleted
G:\EMA and Cell Phones\EMA and Cell Phones.exe Deleted
G:\EMA and Cell Phones\Figures\Figures.exe Deleted
G:\EMA and Cell Phones\Figures\4-24\4-24.exe Deleted
G:\EMA and Cell Phones\4-24 to 4-25\4-24 to 4-25.exe Deleted
G:\CHAT Paper\CHAT Paper.exe Deleted
G:\SC Lit\SC Lit.exe Deleted
G:\HR\HR.exe Deleted
G:\Misc\Misc.exe Deleted
G:\Empowerment\Empowerment.exe Deleted
G:\Clipart\Clipart.exe Deleted
G:\MED SCHOOL APPLICATION\MED SCHOOL APPLICATION.exe Deleted
DSS Log
Deckard's System Scanner v20071014.68
Run by Alan on 2008-01-28 16:04:34
Computer is in Normal Mode.
--------------------------------------------------------------------------------
Total Physical Memory: 447 MiB (512 MiB recommended).System Drive C: has 0.25 GiB (less than 15%) free.-- HijackThis (run as Alan.exe) ------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:04:47 PM, on 1/28/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
C:\Program Files\Sony\vaio media integrated server\VMISrv.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\sony\vaio media integrated server\Platform\VMConsole.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Creative\SBLive 24-Bit External\Surround Mixer\CTSysVol.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\WINDOWS\explorer.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Documents and Settings\Alan\Desktop\dss.exe
C:\DOCUME~1\Alan\Desktop\Alan.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page =
http://go.microsoft....k/?LinkId=54843O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [VMConsole.exe] C:\Program Files\sony\vaio media integrated server\Platform\VMConsole.exe /windowmin
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [SbUsb AudCtrl] RunDll32 sbusbdll.dll,RCMonitor
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBLive 24-Bit External\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [RemoteCenter] C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Policies\Explorer\Run: [{402528E8-0AE7-1033-0519-040404230001}] "C:\Program Files\Common Files\{402528E8-0AE7-1033-0519-040404230001}\Update.exe" mc-110-12-0000140
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - D:\Program Files\AIM\aim.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O15 - Trusted Zone:
http://www.kaspersky.comO16 - DPF: {02466323-75ED-11CF-A267-0020AF2546EA} (VivoActive Control) -
http://www.iicm.edu/.../vivo/vvweb.cabO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://v5.windowsupd...b?1104394529761O16 - DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} (Verizon Wireless Media Upload) -
http://www.vzwpix.co...loadControl.cabO16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} -
http://us.dl1.yimg.c...utocomplete.cabO20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Cisco Systems, Inc. Installer service (CiscoVpnInstallService) - Unknown owner - C:\Documents and Settings\Alan\Local Settings\Temp\WZSB1.tmp\installservice.exe (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\PACSPT~1.EXE
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment File Import Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\VmGateway.exe
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Video\GPVSvr.exe
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
--
End of file - 12643 bytes
-- Files created between 2007-12-28 and 2008-01-28 -----------------------------
2008-01-27 22:33:22 0 d--h----- C:\WINDOWS\PIF
2008-01-19 22:32:35 11552 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
2008-01-19 22:32:35 202528 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-01-19 19:10:39 0 d-------- C:\KAV
2008-01-19 19:06:17 0 dr-hs---- C:\cmdcons
2008-01-19 19:06:15 0 d-------- C:\WINDOWS\setup.pss
2008-01-19 19:06:03 0 d-------- C:\WINDOWS\setupupd
2008-01-19 17:28:16 0 d-------- C:\WINDOWS\XPSP2
2008-01-19 17:27:56 0 d-------- C:\WINDOWS\XPCD
2008-01-07 19:48:35 0 d-------- C:\BFU
2008-01-02 09:28:14 0 d-------- C:\Program Files\Trillian
2008-01-01 08:31:40 0 d-------- C:\Documents and Settings\Administrator\Application Data\SUPERAntiSpyware.com
2008-01-01 05:50:09 0 d-------- C:\Documents and Settings\Alan\Application Data\acccore
2008-01-01 04:26:03 0 d-------- C:\Documents and Settings\All Users\Application Data\AOL
2008-01-01 04:26:03 0 d-------- C:\Documents and Settings\All Users\Application Data\AOL OCP
2008-01-01 04:25:14 0 d-------- C:\Program Files\Common Files\AOL
2008-01-01 04:24:43 0 d-------- C:\Program Files\AIM6
2007-12-31 21:29:19 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2007-12-31 21:27:16 0 d-------- C:\Program Files\SUPERAntiSpyware
2007-12-31 21:27:16 0 d-------- C:\Documents and Settings\Alan\Application Data\SUPERAntiSpyware.com
2007-12-31 21:26:12 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-12-31 21:12:51 0 d-------- C:\Documents and Settings\Administrator\Application Data\acccore
-- Find3M Report ---------------------------------------------------------------
2008-01-28 15:52:46 0 d-------- C:\Documents and Settings\Alan\Application Data\AVG7
2008-01-24 23:35:03 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-01-21 14:55:37 0 d-------- C:\Program Files\Common Files
2007-12-25 08:45:39 0 d-------- C:\Program Files\Traktor DJ Studio
2007-12-25 04:35:50 0 d-------- C:\Documents and Settings\Alan\Application Data\Adobe
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="C:\Program Files\Apoint\Apoint.exe" [11/07/2003 05:21 PM]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [04/27/2004 08:10 PM]
"Mouse Suite 98 Daemon"="ICO.EXE" []
"VAIO Recovery"="C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe" [04/19/2003 09:08 PM]
"SonyPowerCfg"="C:\Program Files\Sony\VAIO Power Management\SPMgr.exe" [12/11/2003 10:03 PM]
"HKSERV.EXE"="C:\Program Files\Sony\HotKey Utility\HKserv.exe" [02/12/2004 10:01 PM]
"VAIO Update 2"="C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" [01/17/2004 02:36 AM]
"ezShieldProtector for Px"="C:\WINDOWS\System32\ezSP_Px.exe" [08/20/2002 10:29 AM]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [12/12/2005 02:37 PM]
"URLLSTCK.exe"="C:\Program Files\Norton Internet Security\UrlLstCk.exe" [12/11/2003 06:35 PM]
"VMConsole.exe"="C:\Program Files\sony\vaio media integrated server\Platform\VMConsole.exe" [02/25/2004 05:08 AM]
"P2P Networking"="C:\WINDOWS\System32\P2P Networking\P2P Networking.exe" []
"SbUsb AudCtrl"="sbusbdll.dll" [07/08/2004 06:27 PM C:\WINDOWS\system32\sbusbdll.dll]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [05/11/2000 01:00 AM]
"Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [11/25/2005 03:01 PM]
"CTSysVol"="C:\Program Files\Creative\SBLive 24-Bit External\Surround Mixer\CTSysVol.exe" [09/17/2003 10:43 AM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe" [04/13/2005 02:48 AM]
"BJCFD"="C:\Program Files\BroadJump\Client Foundation\CFD.exe" [09/10/2002 09:26 PM]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [12/09/2006 04:25 PM]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [12/09/2006 04:34 PM]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [01/14/2008 07:39 PM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [10/13/2004 08:24 AM]
"RemoteCenter"="C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE" [06/25/2004 10:21 AM]
"Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" [07/05/2006 07:29 AM]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [08/09/2007 09:14 PM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/03/2004 11:56 PM]
"Aim6"="C:\Program Files\AIM6\aim6.exe" [12/18/2007 11:04 AM]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"Symantec NetDriver Warning"=C:\PROGRA~1\SYMNET~1\SNDWarn.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [9/23/2005 9:05:26 PM]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [2/17/1999 10:05:56 AM]
Quicken Scheduled Updates.lnk - C:\Program Files\Quicken\bagent.exe [10/2/2003 1:08:08 PM]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
"{402528E8-0AE7-1033-0519-040404230001}"="C:\Program Files\Common Files\{402528E8-0AE7-1033-0519-040404230001}\Update.exe" mc-110-12-0000140
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [12/20/2006 12:55 PM 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 02/27/2007 11:39 AM 282624 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders "msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"\0\0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{36b96ad6-a097-11dc-9bf0-b049a0c8caff}]
AutoRun\command- G:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5aebcc43-2b0d-11da-9b48-000e9b42a799}]
AutoRun\command- G:\
open\Command- BC175E47.exe
-- End of Deckard's System Scanner: finished at 2008-01-28 16:05:40 ------------