Tech Support Forum - View Single Post - APC performance reinstall [Moved from XP]

PROTEIGH · 06-16-2008, 07:05 AM

I recieve the performance reinstall message when I start my computer what is the reason????
I did the deckard system scanner I got this result can YOU GIVE SOME SOLUTION PLZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ

Deckard's System Scanner v20071014.68
Run by user1 on 2008-06-16 18:20:49
Computer is in Normal Mode.
--------------------------------------------------------------------------------

Percentage of Memory in Use: 87% (more than 75%).
Total Physical Memory: 224 MiB (512 MiB recommended).
System Drive C: has 0.2 GiB (less than 15%) free.

-- HijackThis (run as user1.exe) -----------------------------------------------

logfile has no content; running clone.
-- HijackThis Clone ------------------------------------------------------------

Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-06-16 18:22:56
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\eSnips\ClientGW.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
F:\Nero-8.3.2.1b_eng\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\VIA Technologies, Inc\VIA Audio Driver Setup Program\AudioDeck\AudioDeck.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\Program Files\AVG\AVG8\avgrsx.exe
C:\Program Files\AVG\AVG8\avgemc.exe
C:\Documents and Settings\user1\Desktop\dss.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 172.16.19.60:8080
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files\AVG\AVG8\avgtoolbar.dll
O2 - BHO: (no name) - {C5CBF9C8-3582-4691-81D8-A7068FCD8AF2} - C:\WINDOWS\system32\oddbse33.dll (file missing)
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files\AVG\AVG8\avgtoolbar.dll
O3 - Toolbar: eSnips - {ED1184DA-E57E-4480-99D0-A16809037F54} - C:\Program Files\eSnips\SnipBar.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "F:\Nero-8.3.2.1b_eng\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [eSnips] "C:\Program Files\eSnips\ClientGW.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Performance Center] C:\Program Files\Ascentive\Performance Center\APCMain.exe -m
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: AudioDeck.lnk = C:\Program Files\VIA Technologies, Inc\VIA Audio Driver Setup Program\AudioDeck\AudioDeck.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Snip to my eSnips account - C:\Program Files\eSnips\res\SnipIt.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} () - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get.../ultrashim.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL
O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG8\avgwdsvc.exe
O23 - Service: DirectX DLL register (dxregsvc) - Unknown owner - C:\WINDOWS\System32\dxdllreg.exe -SERVICE
O23 - Service: Nero BackItUp Scheduler 3 - Unknown owner - F:\Nero-8.3.2.1b_eng\Nero\Nero8\Nero
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe

--
End of file - 5257 bytes

-- Files created between 2008-05-16 and 2008-06-16 -----------------------------

2008-06-16 18:22:23 0 d-------- C:\Program Files\Trend Micro
2008-06-14 19:44:57 0 d-------- C:\CHASM-SW
2008-06-14 14:18:35 0 d-------- C:\Program Files\eSnips
2008-06-14 14:18:00 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-06-14 10:59:47 0 d-------- C:\unzipped
2008-06-14 10:49:06 0 d-------- C:\Program Files\Serials 2000 7.1 Plus
2008-06-14 10:22:35 20480 --a------ C:\WINDOWS\system32\SysRestore.dll <Not Verified; Ascentive LLC; prjSysRestore>
2008-06-14 10:22:35 208896 --a------ C:\WINDOWS\system32\ConTest.dll <Not Verified; Ascentive; ConnectionTester>
2008-06-14 10:22:23 0 d-------- C:\Program Files\Ascentive
2008-06-09 23:13:37 0 d-------- C:\Documents and Settings\user1\Application Data\Nero
2008-06-09 23:07:35 0 d-------- C:\Program Files\Common Files\Nero
2008-06-09 23:07:35 0 d-------- C:\Documents and Settings\All Users\Application Data\Nero
2008-06-09 20:12:35 0 d-------- C:\Documents and Settings\user1\Application Data\Help
2008-06-08 13:29:37 0 d-------- C:\Documents and Settings\user1\Application Data\Sahmon Games
2008-06-08 13:28:29 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-06-08 13:27:01 0 d-------- C:\Program Files\Shockwave.com
2008-06-07 18:35:22 0 d-------- C:\Program Files\Eidos Interactive
2008-06-07 18:35:12 283648 --a------ C:\WINDOWS\uninst.exe <Not Verified; Stirling Technologies, Inc.; InstallShield Deinstaller>
2008-06-07 18:35:06 0 d-------- C:\Documents and Settings\user1\WINDOWS
2008-06-07 00:29:30 0 d-------- C:\Documents and Settings\user1\Application Data\vlc
2008-06-06 23:19:47 0 d-------- C:\Documents and Settings\user1\Application Data\Ahead
2008-06-06 23:19:18 262144 --a------ C:\Documents and Settings\Administrator\NTUSER.DAT
2008-06-06 18:53:33 0 d-------- C:\Documents and Settings\All Users\Application Data\Trymedia
2008-06-05 20:13:59 0 d-------- C:\WINDOWS\system32\Adobe
2008-05-30 18:37:53 0 d-------- C:\Downloads
2008-05-29 20:50:12 0 d-------- C:\Program Files\MSXML 4.0
2008-05-29 20:49:42 0 d-------- C:\WINDOWS\system32\appmgmt
2008-05-24 23:08:28 0 d-------- C:\Documents and Settings\user1\Application Data\DMCache
2008-05-21 20:55:45 1291 --a------ C:\WINDOWS\mozver.dat
2008-05-20 17:45:52 0 --a------ C:\WINDOWS\nsreg.dat
2008-05-20 17:45:36 0 d-------- C:\Documents and Settings\user1\Application Data\Mozilla
2008-05-20 01:28:02 0 d-------- C:\Documents and Settings\user1\Application Data\Macromedia
2008-05-20 00:20:17 0 d-------- C:\Program Files\Apple Software Update
2008-05-20 00:20:16 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple
2008-05-20 00:09:14 0 d-------- C:\Program Files\QuickTime
2008-05-19 11:13:31 0 d---s---- C:\Documents and Settings\user1\UserData
2008-05-18 10:59:11 0 d--h----- C:\$AVG8.VAULT$
2008-05-17 20:05:01 0 d-------- C:\Documents and Settings\user1\Application Data\CyberLink
2008-05-17 18:14:49 0 d-------- C:\Documents and Settings\user1\Application Data\AdobeUM
2008-05-17 17:28:05 0 d-------- C:\Documents and Settings\All Users\Application Data\CyberLink
2008-05-17 17:27:26 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-05-17 17:27:24 0 d-------- C:\Program Files\CyberLink
2008-05-17 17:19:56 0 d-------- C:\WINDOWS\system32\drivers\Avg
2008-05-17 17:19:55 0 d-------- C:\Documents and Settings\user1\Application Data\AVGTOOLBAR
2008-05-17 17:19:45 0 d-------- C:\Program Files\AVG
2008-05-17 17:19:44 0 d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-05-17 11:20:57 0 d-------- C:\Documents and Settings\user1\Application Data\Adobe
2008-05-17 11:14:42 0 d-------- C:\WINDOWS\pss
2008-05-16 17:24:42 0 d-------- C:\WINDOWS\Provisioning
2008-05-16 17:24:42 0 d-------- C:\WINDOWS\PeerNet
2008-05-16 17:24:42 0 d-------- C:\WINDOWS\ehome
2008-05-16 16:09:35 0 d-------- C:\Program Files\Common Files\ODBC
2008-05-16 16:09:32 0 d-------- C:\Program Files\Common Files\SpeechEngines
2008-05-16 16:09:31 0 dr------- C:\Program Files
2008-05-16 16:09:31 0 d-------- C:\Program Files\Common Files
2008-05-16 16:09:08 0 d--h----- C:\Documents and Settings\All Users\Templates
2008-05-16 16:09:08 0 dr------- C:\Documents and Settings\All Users\Start Menu
2008-05-16 16:09:08 0 d-------- C:\Documents and Settings\All Users\Favorites
2008-05-16 16:09:08 0 dr------- C:\Documents and Settings\All Users\Documents
2008-05-16 16:09:08 0 d-------- C:\Documents and Settings\All Users\Desktop
2008-05-16 16:09:07 0 d--h----- C:\Documents and Settings\Default User\Templates
2008-05-16 16:09:07 0 dr------- C:\Documents and Settings\Default User\Start Menu
2008-05-16 16:09:07 0 dr-h----- C:\Documents and Settings\Default User\SendTo
2008-05-16 16:09:07 0 d--h----- C:\Documents and Settings\Default User\Recent
2008-05-16 16:09:07 0 d--h----- C:\Documents and Settings\Default User\PrintHood
2008-05-16 16:09:07 0 d--h----- C:\Documents and Settings\Default User\NetHood
2008-05-16 16:09:07 0 d-------- C:\Documents and Settings\Default User\My Documents
2008-05-16 16:09:07 0 dr-h----- C:\Documents and Settings\Default User\Local Settings
2008-05-16 16:09:07 0 d-------- C:\Documents and Settings\Default User\Favorites
2008-05-16 16:09:07 0 d-------- C:\Documents and Settings\Default User\Desktop
2008-05-16 16:09:07 0 d---s---- C:\Documents and Settings\Default User\Cookies
2008-05-16 16:08:54 0 d-------- C:\WINDOWS\system32\CatRoot2
2008-05-16 16:08:54 0 d-------- C:\WINDOWS\system32\CatRoot
2008-05-16 16:08:48 0 dr-h----- C:\Documents and Settings\Default User\Application Data
2008-05-16 16:08:48 0 d---s---- C:\Documents and Settings\Default User\Application Data\Microsoft
2008-05-16 16:08:48 0 dr-h----- C:\Documents and Settings\All Users\Application Data
2008-05-16 16:08:48 0 d---s---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-05-16 16:08:31 0 d-------- C:\Documents and Settings
2008-05-16 16:03:21 0 d-------- C:\WINDOWS
2008-05-16 16:03:21 0 d-------- C:\WINDOWS\WinSxS
2008-05-16 16:03:21 0 dr------- C:\WINDOWS\Web
2008-05-16 16:03:21 0 d-------- C:\WINDOWS\twain_32
2008-05-16 16:03:21 0 d-------- C:\WINDOWS\system32
2008-05-16 16:03:21 0 d-------- C:\WINDOWS\system32\wins
2008-05-16 16:03:21 0 d-------- C:\WINDOWS\system32\wbem
2008-05-16 16:03:21 0 d-------- C:\WINDOWS\system32\usmt
2008-05-16 16:03:21 0 d-------- C:\WINDOWS\system32\spool
2008-05-16 16:03:21 0 d-------- C:\WINDOWS\system32\ShellExt
2008-05-16 16:03:21 0 d-------- C:\WINDOWS\system32\Setup
2008-05-16 16:03:21 0 d-------- C:\WINDOWS\system32\ras
2008-05-16 16:03:21 0 d-------- C:\WINDOWS\system32\oobe
2008-05-16 16:03:21 0 d-------- C:\WINDOWS\system32\npp
2008-05-16 16:03:21 0 d-------- C:\WINDOWS\system32\mui
2008-05-16 16:03:21 0 d-------- C:\WINDOWS\system32\inetsrv
2008-05-16 16:03:21 0 d-------- C:\WINDOWS\system32\IME
2008-05-16 16:03:21 0 d-------- C:\WINDOWS\system32\icsxml
2008-05-16 16:03:21 0 d-------- C:\WINDOWS\system32\ias
2008-05-16 16:03:21 0 d-------- C:\WINDOWS\system32\export
2008-05-16 16:03:21 0 d-------- C:\WINDOWS\system32\drivers
2008-05-16 16:03:21 0 d-------- C:\WINDOWS\system32\drivers\etc
2008-05-16 16:03:21 0 d-------- C:\WINDOWS\system32\drivers\disdn
2008-05-16 16:03:21 0 dr-hs--c- C:\WINDOWS\system32\dllcache
2008-05-16 16:03:21 0 d-------- C:\WINDOWS\system32\dhcp
2008-05-16 16:03:21 0 d-------- C:\WINDOWS\system32\config
2008-05-16 16:03:21 0 d-------- C:\WINDOWS\system32\3com_dmi
2008-05-16 16:03:21 0 d-------- C:\WINDOWS\system32\3076
2008-05-16 16:03:21 0 d-------- C:\WINDOWS\system32\2052
2008-05-16 16:03:21 0 d-------- C:\WINDOWS\system32\1054
2008-05-16 16:03:21 0 d-------- C:\WINDOWS\system32\1042
2008-05-16 16:03:21 0 d-------- C:\WINDOWS\system32\1041
2008-05-16 16:03:21 0 d-------- C:\WINDOWS\system32\1037
2008-05-16 16:03:21 0 d-------- C:\WINDOWS\system32\1033
2008-05-16 16:03:21 0 d-------- C:\WINDOWS\system32\1031
2008-05-16 16:03:21 0 d-------- C:\WINDOWS\system32\1028
2008-05-16 16:03:21 0 d-------- C:\WINDOWS\system32\1025
2008-05-16 16:03:21 0 d-------- C:\WINDOWS\system
2008-05-16 16:03:21 0 d-------- C:\WINDOWS\security
2008-05-16 16:03:21 0 d-------- C:\WINDOWS\Resources
2008-05-16 16:03:21 0 d-------- C:\WINDOWS\repair
2008-05-16 16:03:21 0 d-------- C:\WINDOWS\mui
2008-05-16 16:03:21 0 d-------- C:\WINDOWS\msapps
2008-05-16 16:03:21 0 d-------- C:\WINDOWS\msagent
2008-05-16 16:03:21 0 d-------- C:\WINDOWS\Media
2008-05-16 16:03:21 0 d-------- C:\WINDOWS\java
2008-05-16 16:03:21 0 d--h----- C:\WINDOWS\inf
2008-05-16 16:03:21 0 d-------- C:\WINDOWS\ime
2008-05-16 16:03:21 0 d-------- C:\WINDOWS\Help
2008-05-16 16:03:21 0 dr--s---- C:\WINDOWS\Fonts
2008-05-16 16:03:21 0 d-------- C:\WINDOWS\Driver Cache
2008-05-16 16:03:21 0 d-------- C:\WINDOWS\Debug
2008-05-16 16:03:21 0 d-------- C:\WINDOWS\Cursors
2008-05-16 16:03:21 0 d-------- C:\WINDOWS\Connection Wizard
2008-05-16 16:03:21 0 d-------- C:\WINDOWS\Config
2008-05-16 16:03:21 0 d-------- C:\WINDOWS\AppPatch
2008-05-16 16:03:21 0 d-------- C:\WINDOWS\addins
2008-05-16 12:20:26 0 d-------- C:\Documents and Settings\user1\Application Data\Real
2008-05-16 12:20:11 0 d-------- C:\Documents and Settings\user1\Application Data\Identities
2008-05-16 12:19:58 0 d--h----- C:\Documents and Settings\user1\Templates
2008-05-16 12:19:58 0 dr------- C:\Documents and Settings\user1\Start Menu
2008-05-16 12:19:58 0 dr-h----- C:\Documents and Settings\user1\SendTo
2008-05-16 12:19:58 0 dr-h----- C:\Documents and Settings\user1\Recent
2008-05-16 12:19:58 0 d--h----- C:\Documents and Settings\user1\PrintHood
2008-05-16 12:19:58 0 d--h----- C:\Documents and Settings\user1\NetHood
2008-05-16 12:19:58 0 dr------- C:\Documents and Settings\user1\My Documents
2008-05-16 12:19:58 0 d--h----- C:\Documents and Settings\user1\Local Settings
2008-05-16 12:19:58 0 dr------- C:\Documents and Settings\user1\Favorites
2008-05-16 12:19:58 0 d-------- C:\Documents and Settings\user1\Desktop
2008-05-16 12:19:58 0 d---s---- C:\Documents and Settings\user1\Cookies
2008-05-16 12:19:58 0 dr-h----- C:\Documents and Settings\user1\Application Data
2008-05-16 12:19:57 3670016 --ah----- C:\Documents and Settings\user1\NTUSER.DAT
2008-05-16 12:18:48 0 d-------- C:\WINDOWS\SoftwareDistribution
2008-05-16 12:18:45 0 d-------- C:\WINDOWS\Prefetch
2008-05-16 11:52:20 0 d---s---- C:\WINDOWS\system32\Microsoft
2008-05-16 11:49:27 32768 --a------ C:\WINDOWS\system32\UnAudioNT.dll
2008-05-16 11:49:27 3351 --a------ C:\WINDOWS\system32\drivers\vsp.sys
2008-05-16 11:49:26 0 d-------- C:\Program Files\VIA Technologies, Inc
2008-05-16 11:48:30 306688 --a------ C:\WINDOWS\IsUninst.exe <Not Verified; InstallShield Software Corporation; InstallShield® unInstaller>
2008-05-16 11:48:28 0 d-------- C:\Documents and Settings\Administrator\WINDOWS
2008-05-16 11:47:03 0 d-------- C:\Program Files\Common Files\InstallShield
2008-05-16 11:44:32 0 d-------- C:\Program Files\Common Files\xing shared
2008-05-16 11:44:13 0 d-------- C:\Program Files\Real
2008-05-16 11:44:11 0 d-------- C:\Program Files\Common Files\Real
2008-05-16 11:44:11 0 d-------- C:\Documents and Settings\Administrator\Application Data\Real
2008-05-16 11:37:28 0 d-------- C:\Documents and Settings\Administrator\Application Data\Ahead
2008-05-16 11:37:13 0 d-------- C:\Documents and Settings\All Users\Application Data\Ahead
2008-05-16 11:34:14 0 d-------- C:\Program Files\Nero
2008-05-16 11:34:14 0 d-------- C:\Program Files\Common Files\Ahead
2008-05-16 11:32:06 0 d-------- C:\WINDOWS\RegisteredPackages
2008-05-16 11:29:38 0 d--h---c- C:\WINDOWS\$MSI30UninstallMSI30-KB884016$
2008-05-16 11:28:17 0 d-------- C:\Documents and Settings\Administrator\Application Data\Adobe
2008-05-16 11:27:37 0 d-------- C:\Program Files\Common Files\Adobe
2008-05-16 11:27:31 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2008-05-16 11:20:45 0 d-------- C:\Program Files\Winamp
2008-05-16 11:10:12 0 d-------- C:\Program Files\Baraha 6.0
2008-05-16 11

37 0 d-------- C:\Program Files\Common Files\L&H
2008-05-16 11

25 0 d-------- C:\Program Files\Microsoft.NET
2008-05-16 11

14 0 d-------- C:\Program Files\Microsoft ActiveSync
2008-05-16 11:05:27 0 d-------- C:\Program Files\Microsoft Works
2008-05-16 11:05:00 0 d--h----- C:\WINDOWS\ShellNew
2008-05-16 10:59:57 0 dr-h----- C:\MSOCache
2008-05-16 10:56:06 0 d--hs---- C:\WINDOWS\Installer
2008-05-16 10:56:02 0 d-------- C:\Documents and Settings\Administrator\Application Data\Identities
2008-05-16 10:55:45 0 dr------- C:\Documents and Settings\Administrator\Favorites
2008-05-16 10:55:45 0 d-------- C:\Documents and Settings\Administrator\Desktop
2008-05-16 10:55:45 0 d---s---- C:\Documents and Settings\Administrator\Cookies
2008-05-16 10:55:45 0 dr-h----- C:\Documents and Settings\Administrator\Application Data
2008-05-16 10:55:45 0 d---s---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2008-05-16 10:55:44 0 d--h----- C:\Documents and Settings\Administrator\Templates
2008-05-16 10:55:44 0 dr------- C:\Documents and Settings\Administrator\Start Menu
2008-05-16 10:55:44 0 dr-h----- C:\Documents and Settings\Administrator\SendTo
2008-05-16 10:55:44 0 dr-h----- C:\Documents and Settings\Administrator\Recent
2008-05-16 10:55:44 0 d--h----- C:\Documents and Settings\Administrator\PrintHood
2008-05-16 10:55:44 0 d--h----- C:\Documents and Settings\Administrator\NetHood
2008-05-16 10:55:44 0 dr------- C:\Documents and Settings\Administrator\My Documents
2008-05-16 10:55:44 0 d--h----- C:\Documents and Settings\Administrator\Local Settings
2008-05-16 10:55:37 0 d--hs---- C:\System Volume Information
2008-05-16 10:55:35 229376 --ah----- C:\Documents and Settings\LocalService\NTUSER.DAT
2008-05-16 10:55:35 0 d--h----- C:\Documents and Settings\LocalService\Local Settings
2008-05-16 10:55:35 0 d---s---- C:\Documents and Settings\LocalService\Cookies
2008-05-16 10:55:35 0 d-------- C:\Documents and Settings\LocalService\Application Data
2008-05-16 10:55:35 0 d---s---- C:\Documents and Settings\LocalService\Application Data\Microsoft
2008-05-16 10:55:34 229376 --ah----- C:\Documents and Settings\NetworkService\NTUSER.DAT
2008-05-16 10:55:34 0 d--h----- C:\Documents and Settings\NetworkService\Local Settings
2008-05-16 10:55:34 0 d---s---- C:\Documents and Settings\NetworkService\Cookies
2008-05-16 10:55:34 0 d-------- C:\Documents and Settings\NetworkService\Application Data
2008-05-16 10:55:34 0 d---s---- C:\Documents and Settings\NetworkService\Application Data\Microsoft
2008-05-16 10:51:07 0 d-------- C:\WINDOWS\system32\xircom
2008-05-16 10:51:07 0 d-------- C:\Program Files\microsoft frontpage
2008-05-16 10:50:42 229376 ---h----- C:\Documents and Settings\Default User\NTUSER.DAT
2008-05-16 10:50:36 0 -rahs---- C:\MSDOS.SYS
2008-05-16 10:50:36 0 -rahs---- C:\IO.SYS
2008-05-16 10:50:36 0 --a------ C:\CONFIG.SYS
2008-05-16 10:50:36 0 --a------ C:\AUTOEXEC.BAT
2008-05-16 10:49:17 0 d--hs---- C:\Documents and Settings\All Users\DRM
2008-05-16 10:49:03 0 dr------- C:\WINDOWS\Offline Web Pages
2008-05-16 10:49:03 0 d---s---- C:\WINDOWS\Downloaded Program Files
2008-05-16 10:48:28 0 d-------- C:\WINDOWS\system32\DirectX
2008-05-16 10:47:48 0 d---s---- C:\WINDOWS\Tasks
2008-05-16 10:47:46 0 d-------- C:\Program Files\Common Files\MSSoap
2008-05-16 10:47:42 0 d-------- C:\WINDOWS\srchasst
2008-05-16 10:47:41 0 d-------- C:\WINDOWS\system32\Macromed
2008-05-16 10:47:40 0 d-------- C:\Program Files\Movie Maker
2008-05-16 10:47:36 0 d-------- C:\WINDOWS\PCHealth
2008-05-16 10:47:35 0 d-------- C:\WINDOWS\system32\Restore
2008-05-16 10:46:38 22720 --a------ C:\WINDOWS\system32\emptyregdb.dat
2008-05-16 10:46:22 0 d-------- C:\WINDOWS\Registration
2008-05-16 10:46:15 0 d--h----- C:\Program Files\WindowsUpdate
2008-05-16 10:46:15 0 d-------- C:\Program Files\Online Services
2008-05-16 10:46:07 0 d-------- C:\Program Files\Messenger
2008-05-16 10:46:02 0 d-------- C:\Program Files\MSN Gaming Zone
2008-05-16 10:45:27 0 d-------- C:\Program Files\Windows NT
2008-05-16 10:45:24 0 d-------- C:\WINDOWS\system32\MsDtc
2008-05-16 10:45:24 0 d-------- C:\WINDOWS\system32\Com

-- Find3M Report ---------------------------------------------------------------

2008-05-16 12:03:03 62 --ahs---- C:\Documents and Settings\user1\Application Data\desktop.ini

-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
05/17/2008 05:19 PM 2050816 --a------ C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C5CBF9C8-3582-4691-81D8-A7068FCD8AF2}]
C:\WINDOWS\system32\oddbse33.dll

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{A057A204-BACC-4D26-9990-79A187E2698E}"= C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [05/17/2008 05:19 PM 2050816]

[-HKEY_CLASSES_ROOT\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}]
[HKEY_CLASSES_ROOT\avgtoolbar.AVGTOOLBAR]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [05/16/2008 11:44 AM]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [05/17/2008 05:19 PM]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [11/02/2004 08:24 PM]
"NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [04/28/2008 05:14 PM]
"NBKeyScan"="F:\Nero-8.3.2.1b_eng\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [02/18/2008 05:29 PM]
"ClientGW"="" []
"eSnips"="C:\Program Files\eSnips\ClientGW.exe" [12/10/2007 02:07 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 12:56 AM]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" []
"Performance Center"="C:\Program Files\Ascentive\Performance Center\APCMain.exe" [04/29/2008 01:14 PM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [9/23/2005 10:05:26 PM]
AudioDeck.lnk - C:\Program Files\VIA Technologies, Inc\VIA Audio Driver Setup Program\AudioDeck\AudioDeck.exe [5/16/2008 11:49:27 AM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=avgrsstx.dll

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{177158a0-2551-11dd-b0e3-00079550923e}]
AutoRun\command- H:\kinza.exe
explore\Command- H:\kinza.exe
open\Command- H:\kinza.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6d284aa0-2748-11dd-b0ec-00079550923e}]
Auto\command- J:\autorun.exe
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL autorun.exe

-- End of Deckard's System Scanner: finished at 2008-06-16 18:26:39 ------------