Flapjack McGee

I was having problems with my browser(Firefox) being hijacked, and AVG 8.0 was catching something attempting to install a trojandownloader generic10.aniz on my computer every hour, and Windows Update fails to install its latest security updates. I purchased The Shield Deluxe 2008, and it finds explorer.exe trying to make changes to my registry, and also some other trojan downloader. Both AVG and The Shield claim my computer has been fixed, but if I turn The Shield off, or allow explorer.exe to do what it wants, AVG starts finding the trojan programs trying to download again.
here are my logs as requested in the fifth step.


Deckard's System Scanner v20071014.68
Run by Flapjack McGee on 2008-06-16 19:29:34
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
55: 2008-06-17 02:29:37 UTC - RP100 - Deckard's System Scanner Restore Point
54: 2008-06-16 13:51:17 UTC - RP99 - Software Distribution Service 3.0
53: 2008-06-16 04:47:09 UTC - RP98 - Software Distribution Service 3.0
52: 2008-06-15 19:08:34 UTC - RP97 - Installed The Shield Deluxe 2008.
51: 2008-06-15 16:51:46 UTC - RP96 - Software Distribution Service 3.0


-- First Restore Point --
1: 2008-06-14 08:55:17 UTC - RP46 - Software Distribution Service 3.0


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as Flapjack McGee.exe) --------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 7:30:30 PM, on 6/16/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\PCSecurityShield\The Shield Deluxe 2008\avp.exe
C:\Program Files\BELKIN USB Wireless Monitor\WLService.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\BELKIN USB Wireless Monitor\WLanCfgG.exe
C:\WINDOWS\system32\nvsvc32.exe
c:\program files\idt\ecsxpv_5762_010208\wdm\STacSV.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\BELKIN USB Wireless Monitor\InfoMyCa.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\PCSecurityShield\The Shield Deluxe 2008\avp.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\program files\steam\steam.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Flapjack McGee\Desktop\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
C:\Documents and Settings\Flapjack McGee\Desktop\dss.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\DOCUME~1\ALLUSE~1\DOCUME~1\Flapjack McGee.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
O2 - BHO: {cc34ac99-8f77-b9da-df84-9a91e3d81c33} - {33c18d3e-19a9-48fd-ad9b-77f899ca43cc} - C:\WINDOWS\system32\aoihuntv.dll
O2 - BHO: (no name) - {6502A2E1-29F8-4ED3-AB7F-5439A8D550D3} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: (no name) - {79076950-F022-4D2A-AF45-C9E2F0A9F931} - (no file)
O4 - HKLM\..\Run: [Getca] C:\Program Files\BELKIN USB Wireless Monitor\InfoMyCa.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [DiscWizardMonitor.exe] C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [1882dd4a] rundll32.exe "C:\WINDOWS\system32\uvbjpqun.dll",b
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\PCSecurityShield\The Shield Deluxe 2008\avp.exe"
O4 - HKLM\..\Run: [BM1bb1eed6] Rundll32.exe "C:\WINDOWS\system32\dweqcxyv.dll",s
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [MRC] "C:\Program Files\MyRegistryCleaner\MyRegistryCleaner.exe" /MBRSTART
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\PCSecurityShield\The Shield Deluxe 2008\scieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Poker.com - {4f34c291-5837-4f45-ade1-da5502c69fef} - C:\Documents and Settings\Flapjack McGee\Start Menu\Programs\Poker.com\Poker.com.lnk (HKCU)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1211859231875
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: rqRKAPHb - rqRKAPHb.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: The Shield Deluxe 2008 (AVP) - Unknown owner - C:\Program Files\PCSecurityShield\The Shield Deluxe 2008\avp.exe" -r (file missing)
O23 - Service: Belkin 54Mbps Wireless USB Network Service (Belkin 54Mbps Wireless USB) - Unknown owner - C:\Program Files\BELKIN USB Wireless Monitor\WLService.exe
O23 - Service: Belkin Wireless USB Network Adapter (Belkin Wireless USB Network Adapter Service) - Unknown owner - C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - c:\program files\idt\ecsxpv_5762_010208\wdm\STacSV.exe


-- File Associations -----------------------------------------------------------

.cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 giveio - c:\windows\system32\giveio.sys
R0 speedfan - c:\windows\system32\speedfan.sys <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver>
R0 timounter (Acronis True Image Backup Archive Explorer) - c:\windows\system32\drivers\timntr.sys <Not Verified; Acronis; Acronis True Image>
R1 PQNTDrv - c:\windows\system32\drivers\pqntdrv.sys <Not Verified; PowerQuest Corporation; PowerQuest product>
R1 ShldDrv (Panda File Shield Driver) - c:\windows\system32\drivers\shldrv51.sys (file missing)
R2 MDC8021X (AEGIS Protocol (IEEE 802.1x) v2.3.1.6) - c:\windows\system32\drivers\mdc8021x.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 2.3.1>
R2 PavProc (Panda Process Protection Driver) - c:\windows\system32\drivers\pavproc.sys (file missing)
R2 tifsfilter (Acronis True Image FS Filter) - c:\windows\system32\drivers\tifsfilt.sys <Not Verified; Acronis; Acronis True Image>
R3 RT73 (Belkin USB Network Adapter) - c:\windows\system32\drivers\rt73.sys <Not Verified; Ralink Technology, Corp.; Ralink 802.11 Wireless Adapters>

S3 AtiHdmiService (ATI Function Driver for HDMI Service) - c:\windows\system32\drivers\atihdmi.sys <Not Verified; ATI Research Inc.; Windows (R) Server 2003 DDK driver>
S3 HdAudAddService (ATI Function Driver for High Definition Audio Service) - c:\windows\system32\drivers\atihdaud.sys (file missing)
S3 NVHDA (Service for NVIDIA High Definition Audio Driver) - c:\windows\system32\drivers\nvhda32.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 Belkin 54Mbps Wireless USB (Belkin 54Mbps Wireless USB Network Service) - c:\program files\belkin usb wireless monitor\wlservice.exe
R2 Nero BackItUp Scheduler 3 - c:\program files\nero\nero8\nero backitup\nbservice.exe

S2 Belkin Wireless USB Network Adapter Service (Belkin Wireless USB Network Adapter) - c:\program files\belkin\belkin wireless network utility\wlservice.exe (file missing)


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: SM Bus Controller
Device ID: PCI\VEN_10DE&DEV_07D8&SUBSYS_26491019&REV_A1\3&267A616A&0&19
Manufacturer:
Name: SM Bus Controller
PNP Device ID: PCI\VEN_10DE&DEV_07D8&SUBSYS_26491019&REV_A1\3&267A616A&0&19
Service:

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Ethernet Controller
Device ID: PCI\VEN_10DE&DEV_07DC&SUBSYS_26491019&REV_A2\3&267A616A&0&78
Manufacturer:
Name: Ethernet Controller
PNP Device ID: PCI\VEN_10DE&DEV_07DC&SUBSYS_26491019&REV_A2\3&267A616A&0&78
Service:


-- Scheduled Tasks -------------------------------------------------------------

2008-06-14 09:47:26 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job


-- Files created between 2008-05-16 and 2008-06-16 -----------------------------

2008-06-16 19:23:26 0 d-------- C:\Documents and Settings\All Users\Application Data\TEMP
2008-06-16 19:23:16 118784 --a------ C:\WINDOWS\system32\MSSTDFMT.DLL <Not Verified; Microsoft Corporation; MSSTDFMT Object Library>
2008-06-16 19:23:16 0 d-------- C:\Program Files\SpywareBlaster
2008-06-16 18:24:14 0 d-------- C:\Program Files\Common Files\Panda Software
2008-06-16 18:09:55 0 d-------- C:\WINDOWS\LastGood
2008-06-16 18:08:40 0 d-------- C:\Program Files\Panda Security
2008-06-15 15:26:53 0 d-------- C:\Program Files\MyRegistryCleaner
2008-06-15 12:31:31 0 dr-h----- C:\Documents and Settings\Administrator\SendTo
2008-06-15 12:31:31 0 d--h----- C:\Documents and Settings\Administrator\Recent
2008-06-15 12:31:31 0 d--h----- C:\Documents and Settings\Administrator\PrintHood
2008-06-15 12:31:31 0 d--h----- C:\Documents and Settings\Administrator\NetHood
2008-06-15 12:31:31 0 d-------- C:\Documents and Settings\Administrator\My Documents
2008-06-15 12:31:31 0 d--h----- C:\Documents and Settings\Administrator\Local Settings
2008-06-15 12:31:31 0 d-------- C:\Documents and Settings\Administrator\Favorites
2008-06-15 12:31:31 0 d-------- C:\Documents and Settings\Administrator\Desktop
2008-06-15 12:31:31 0 d---s---- C:\Documents and Settings\Administrator\Cookies
2008-06-15 12:31:31 0 dr-h----- C:\Documents and Settings\Administrator\Application Data
2008-06-15 12:31:31 0 d---s---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2008-06-15 12:31:30 0 d--h----- C:\Documents and Settings\Administrator\Templates
2008-06-15 12:31:30 0 dr------- C:\Documents and Settings\Administrator\Start Menu
2008-06-15 12:31:30 524288 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT
2008-06-15 12:09:53 96966 --a------ C:\WINDOWS\system32\drivers\klin.dat
2008-06-15 12:09:53 88774 --a------ C:\WINDOWS\system32\drivers\klick.dat
2008-06-15 12:09:02 0 d-------- C:\Program Files\PCSecurityShield
2008-06-15 12:09:02 0 d-------- C:\Documents and Settings\All Users\Application Data\PCSecurityShield
2008-06-15 12:08:49 30240 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
2008-06-15 12:08:49 1478432 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-06-15 09:39:39 89600 --a------ C:\WINDOWS\system32\nnnljjGV.dll
2008-06-14 14:56:35 0 d-------- C:\WINDOWS\Prefetch
2008-06-14 12:24:29 92672 --a------ C:\WINDOWS\system32\khfDtSjH.dll
2008-06-14 09:56:37 0 d-------- C:\Program Files\iPod
2008-06-14 09:56:31 0 d-------- C:\Program Files\iTunes
2008-06-14 09:55:21 0 d-------- C:\Program Files\QuickTime
2008-06-14 09:55:20 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-06-14 09:54:03 0 d------c- C:\WINDOWS\system32\DRVSTORE
2008-06-14 09:53:42 0 d-------- C:\Program Files\Common Files\Apple
2008-06-14 09:47:21 0 d-------- C:\Program Files\Apple Software Update
2008-06-14 09:47:21 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple
2008-06-14 02:01:07 130560 --a------ C:\WINDOWS\system32\aoihuntv.dll
2008-06-14 01:55:07 1555 --ahs---- C:\WINDOWS\system32\uCedLRqr.ini2
2008-06-13 08:50:49 89088 --a------ C:\WINDOWS\system32\wvUoPfdB.dll
2008-06-12 20:40:40 0 d-------- C:\WINDOWS\system32\netrax18
2008-06-12 20:40:31 89088 --a------ C:\WINDOWS\system32\efcARlmk.dll
2008-06-12 07:54:44 0 d-------- C:\WINDOWS\system32\netrax05
2008-06-12 07:54:44 0 d-------- C:\Temp
2008-06-12 07:44:23 0 d-------- C:\Documents and Settings\Flapjack McGee\Application Data\LimeWire
2008-06-12 07:41:48 0 d-------- C:\Program Files\Java
2008-06-12 07:41:05 0 d-------- C:\Program Files\Common Files\Java
2008-06-12 06:31:44 53 --a------ C:\smp.bat
2008-06-06 19:01:54 0 d-------- C:\INTRODUCTION_TO_BELLYNESIAN
2008-06-06 18:57:27 0 d-------- C:\Program Files\DVD Shrink
2008-06-06 18:57:27 0 d-------- C:\Documents and Settings\All Users\Application Data\DVD Shrink
2008-06-06 18:19:38 0 d-------- C:\Program Files\DVD Decrypter
2008-06-02 21:29:16 0 d--h----- C:\Documents and Settings\All Users\Application Data\CanonBJ
2008-06-02 21:29:11 0 d--h----- C:\WINDOWS\system32\CanonIJ Uninstaller Information
2008-06-02 21:29:07 0 d--h----- C:\Program Files\CanonBJ
2008-06-02 19:41:27 0 d-------- C:\Documents and Settings\Flapjack McGee\Application Data\Intuit
2008-06-02 19:40:52 0 d-------- C:\Program Files\Common Files\AnswerWorks 4.0
2008-06-02 19:40:18 0 d-------- C:\Program Files\Common Files\Intuit
2008-06-02 19:40:18 0 d-------- C:\Documents and Settings\All Users\Application Data\Intuit
2008-06-02 19:39:53 0 d-------- C:\Program Files\TurboTax
2008-06-01 13:26:09 0 d-------- C:\Documents and Settings\Flapjack McGee\Application Data\Bioshock
2008-05-31 15:27:36 0 d-------- C:\Documents and Settings\Flapjack McGee\Application Data\Apple Computer
2008-05-31 08:47:36 0 d-------- C:\Documents and Settings\All Users\Application Data\Age of Empires 3 YPack Trial
2008-05-30 18:07:54 0 d-------- C:\Program Files\Microsoft Games
2008-05-29 19:50:17 0 d-------- C:\WINDOWS\nvidia icons
2008-05-29 19:50:05 0 d-------- C:\WINDOWS\NV37683772.TMP
2008-05-29 19:49:35 0 d-------- C:\NVIDIA
2008-05-29 19:23:18 0 d-------- C:\Program Files\Poker.com
2008-05-28 18:21:03 1630208 --a------ C:\WINDOWS\system32\nwiz.exe
2008-05-28 18:21:03 1019904 --a------ C:\WINDOWS\system32\nvwimg.dll
2008-05-28 18:21:03 1703936 --a------ C:\WINDOWS\system32\nvwdmcpl.dll
2008-05-28 18:21:03 466944 --a------ C:\WINDOWS\system32\nvshell.dll
2008-05-28 18:21:03 1486848 --a------ C:\WINDOWS\system32\nview.dll
2008-05-28 18:21:03 1339392 --a------ C:\WINDOWS\system32\nvdspsch.exe
2008-05-28 18:21:02 442368 --a------ C:\WINDOWS\system32\nvappbar.exe
2008-05-28 18:21:02 425984 --a------ C:\WINDOWS\system32\keystone.exe
2008-05-28 18:21:02 0 d-------- C:\WINDOWS\nview
2008-05-28 18:20:24 0 d-------- C:\Program Files\Nvidia Omega Drivers
2008-05-28 15:49:37 0 d-------- C:\Program Files\Lavalys
2008-05-28 15:36:40 0 d-------- C:\Program Files\SpeedFan
2008-05-28 15:05:29 0 d-------- C:\WINDOWS\system32\PreInstall
2008-05-28 07:14:44 593920 --a------ C:\WINDOWS\system32\ati2sgag.exe <Not Verified; ; ATI Smart>
2008-05-28 07:10:03 158080 --a------ C:\WINDOWS\system32\atiicdxx.dat
2008-05-27 21:07:46 0 d-------- C:\Program Files\illiminable
2008-05-27 21:04:44 0 d-------- C:\Program Files\FLAC
2008-05-27 20:46:40 0 d-------- C:\Program Files\Tag Support Plugin for Media Player
2008-05-27 19:41:26 0 dr-h----- C:\Documents and Settings\Flapjack McGee\Application Data\SecuROM
2008-05-27 19:29:06 0 d-------- C:\Program Files\Sierra Entertainment
2008-05-27 19:28:43 0 d-------- C:\Documents and Settings\Flapjack McGee\Application Data\InstallShield
2008-05-27 19:14:38 0 d-------- C:\Program Files\MultiRes
2008-05-27 19:14:28 6144 --a------ C:\WINDOWS\system32\atiicdxx.sys <Not Verified; ATI Technologies Inc.; ATI Graphics Accelerators>
2008-05-27 19:14:27 24064 --a------ C:\WINDOWS\system32\ativcoxx.dll <Not Verified; ATI Technologies, Inc.; >
2008-05-27 19:14:27 17408 --a------ C:\WINDOWS\system32\atitvo32.dll <Not Verified; ATI Technologies Inc.; ATI RageTheater/ImpacTV COM interface>
2008-05-27 19:14:27 2060288 --a------ C:\WINDOWS\system32\atipuixx.dll <Not Verified; ATI Technologies, Inc.; ATI Desktop Component>
2008-05-27 19:14:27 114688 --a------ C:\WINDOWS\system32\atippaxx.dll <Not Verified; ATI Technologies, Inc.; ATI Desktop Component>
2008-05-27 19:14:27 274432 --a------ C:\WINDOWS\system32\atipdsxx.dll <Not Verified; ATI Technologies, Inc.; ATI Desktop Component>
2008-05-27 19:14:27 5435392 --a------ C:\WINDOWS\system32\atioglxx.dll <Not Verified; ATI Technologies Inc.; ATI OpenGL driver>
2008-05-27 19:14:26 344064 --a------ C:\WINDOWS\system32\atiptaxx.exe <Not Verified; ATI Technologies, Inc.; ATI Desktop Component>
2008-05-27 19:14:26 139264 --a------ C:\WINDOWS\system32\atiprbxx.exe <Not Verified; ATI Technologies, Inc.; ATI Desktop Component>
2008-05-27 19:14:26 61440 --a------ C:\WINDOWS\system32\atiphexx.exe <Not Verified; ATI Technologies, Inc.; ATI Desktop Component>
2008-05-27 19:14:26 9535488 --a------ C:\WINDOWS\system32\atioglx2.dll <Not Verified; ATI Technologies Inc.; ATI OpenGL driver>
2008-05-27 19:14:26 36864 --a------ C:\WINDOWS\system32\atiiprxx.exe
2008-05-27 19:14:26 307200 --a------ C:\WINDOWS\system32\atiiiexx.dll <Not Verified; ATI Technologies Inc.; ATI Display Driver Utilities>
2008-05-27 19:14:26 380928 --a------ C:\WINDOWS\system32\atiicdxx.dll <Not Verified; ATI Technologies Inc.; ATI Graphics Accelerators>
2008-05-27 19:14:26 368640 --a------ C:\WINDOWS\system32\ATIDEMGX.dll <Not Verified; Advanced Micro Devices, Inc.; Catalyst® Control Centre>
2008-05-27 19:14:26 53248 --a------ C:\WINDOWS\system32\ATIDDC.DLL <Not Verified; ATI Technologies Inc.; ATI Radeon Family>
2008-05-27 19:14:26 348160 --a------ C:\WINDOWS\system32\aticds10.dll <Not Verified; ATI Technologies Inc.; ATI Graphics Accelerators>
2008-05-27 19:14:26 1830912 --a------ C:\WINDOWS\system32\atiadaxx.exe <Not Verified; ATI Technologies, Inc.; ATI Desktop Component>
2008-05-27 19:14:26 26112 --a------ C:\WINDOWS\system32\Ati2mdxx.exe <Not Verified; ATI Technologies, Inc.; ATI Default Resolution Update>
2008-05-27 19:14:24 3107788 --a------ C:\WINDOWS\system32\ativvaxx.dat
2008-05-27 19:14:24 887724 --a------ C:\WINDOWS\system32\ativva6x.dat
2008-05-27 19:14:24 3107788 --a------ C:\WINDOWS\system32\ativva5x.dat
2008-05-27 19:14:16 0 d-------- C:\Program Files\Radeon Omega Drivers
2008-05-27 18:56:00 4096 --a------ C:\WINDOWS\system32\crash
2008-05-27 18:44:22 0 d-------- C:\Program Files\Steam
2008-05-27 18:38:42 0 d-------- C:\Documents and Settings\Flapjack McGee\Application Data\Macromedia
2008-05-27 18:38:42 0 d-------- C:\Documents and Settings\Flapjack McGee\Application Data\Adobe
2008-05-27 18:00:43 0 d-------- C:\Program Files\PowerQuest
2008-05-27 16:56:12 0 d-------- C:\Program Files\IDT
2008-05-26 21:51:15 0 d-------- C:\WINDOWS\system32\scripting
2008-05-26 21:51:14 0 d-------- C:\WINDOWS\l2schemas
2008-05-26 21:51:13 0 d-------- C:\WINDOWS\system32\en
2008-05-26 21:51:13 0 d-------- C:\WINDOWS\system32\bits
2008-05-26 21:46:45 0 d-------- C:\WINDOWS\network diagnostic
2008-05-26 20:47:04 0 d--h----- C:\WINDOWS\$hf_mig$
2008-05-26 20:40:49 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2008-05-26 19:03:13 0 d-------- C:\Program Files\Windows Media Connect 2
2008-05-26 19:02:39 0 d-------- C:\ab5555acfd09b75be889dc10
2008-05-26 19:02:36 0 d-------- C:\WINDOWS\system32\LogFiles
2008-05-26 19:02:36 0 d-------- C:\WINDOWS\system32\drivers\UMDF
2008-05-26 19:00:42 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-05-26 18:52:49 0 d-------- C:\Documents and Settings\All Users\Application Data\Seagate
2008-05-26 18:41:06 0 d---s---- C:\Documents and Settings\Flapjack McGee\UserData
2008-05-26 18:32:21 94208 --a------ C:\WINDOWS\system32\GTW32N50.dll
2008-05-26 18:32:21 15872 --a------ C:\WINDOWS\system32\GTNDIS5.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>
2008-05-26 18:32:21 40960 --a------ C:\WINDOWS\system32\B11gUSB.dll
2008-05-26 18:23:28 0 d--h----- C:\$AVG8.VAULT$
2008-05-26 18:23:10 0 d-------- C:\WINDOWS\system32\Tools
2008-05-26 18:21:08 4864 -ra------ C:\WINDOWS\system32\drivers\PortIo.sys <Not Verified; Windows (R) Codename Longhorn DDK provider; Windows (R) Codename Longhorn DDK driver>
2008-05-26 17:22:37 0 d-------- C:\Documents and Settings\Flapjack McGee\Application Data\Nero
2008-05-26 17:21:24 0 d-------- C:\Program Files\Nero
2008-05-26 17:21:24 0 d-------- C:\Program Files\Common Files\Nero
2008-05-26 17:21:24 0 d-------- C:\Documents and Settings\All Users\Application Data\Nero
2008-05-26 17:18:11 0 d-------- C:\WINDOWS\RegisteredPackages
2008-05-26 16:36:21 0 d-------- C:\WINDOWS\system32\drivers\Avg
2008-05-26 16:36:21 0 d-------- C:\Documents and Settings\Flapjack McGee\Application Data\AVGTOOLBAR
2008-05-26 16:36:17 0 d-------- C:\Program Files\AVG
2008-05-26 16:36:17 0 d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-05-26 16:34:49 392320 --a------ C:\WINDOWS\system32\drivers\timntr.sys <Not Verified; Acronis; Acronis True Image>
2008-05-26 16:34:49 32768 --a------ C:\WINDOWS\system32\drivers\tifsfilt.sys <Not Verified; Acronis; Acronis True Image>
2008-05-26 16:34:31 0 d-------- C:\Program Files\Seagate
2008-05-26 16:34:31 0 d-------- C:\Program Files\Common Files\Seagate
2008-05-26 16:18:26 0 d-------- C:\Program Files\NoAdware5.0
2008-05-26 16:09:40 0 d-------- C:\Program Files\uTorrent
2008-05-26 16:09:37 0 d-------- C:\Documents and Settings\Flapjack McGee\Application Data\uTorrent
2008-05-26 16:02:27 0 d-------- C:\Documents and Settings\Flapjack McGee\Application Data\ATI
2008-05-26 16:02:27 0 d-------- C:\Documents and Settings\All Users\Application Data\ATI
2008-05-26 16:02:01 0 --a------ C:\WINDOWS\ativpsrm.bin
2008-05-26 15:54:46 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-05-26 15:46:30 0 d-------- C:\Documents and Settings\Flapjack McGee\Application Data\Talkback
2008-05-26 15:46:25 0 --a------ C:\WINDOWS\nsreg.dat
2008-05-26 15:46:24 0 d-------- C:\Documents and Settings\Flapjack McGee\Application Data\Mozilla
2008-05-26 15:39:19 0 d-------- C:\Documents and Settings\LocalService\Start Menu
2008-05-26 15:39:04 0 d-------- C:\WINDOWS\SoftwareDistribution
2008-05-26 15:34:50 2782208 --a------ C:\WINDOWS\system32\drivers\ati2mtag.sys <Not Verified; ATI Technologies Inc.; ATI Radeon WindowsNT Miniport Driver>
2008-05-26 15:34:49 1640192 --a------ C:\WINDOWS\system32\ativvaxx.dll <Not Verified; ATI Technologies Inc.; ATI Technologies Inc. Radeon Video Acceleration Universal Driver>
2008-05-26 15:34:49 3175584 --a------ C:\WINDOWS\system32\ati3duag.dll <Not Verified; ATI Technologies Inc.; ATI Technologies Inc. Radeon DirectX Universal Driver>
2008-05-26 15:34:49 269312 --a------ C:\WINDOWS\system32\ati2dvag.dll <Not Verified; ATI Technologies Inc.; ATI Radeon WindowsNT Display Driver>
2008-05-26 15:34:49 499712 --a------ C:\WINDOWS\system32\ati2cqag.dll <Not Verified; ATI Technologies Inc.; ATI Radeon Family>
2008-05-26 15:34:46 0 d-------- C:\WINDOWS\peernet
2008-05-26 15:34:45 0 d-------- C:\WINDOWS\provisioning
2008-05-26 15:34:10 0 d-------- C:\WINDOWS\ServicePackFiles
2008-05-26 15:33:28 0 d-------- C:\WINDOWS\system32\ReinstallBackups
2008-05-26 15:32:59 0 d-------- C:\WINDOWS\EHome
2008-05-26 14:38:07 232192 --a------ C:\WINDOWS\system32\drivers\rt73.sys <Not Verified; Ralink Technology, Corp.; Ralink 802.11 Wireless Adapters>
2008-05-26 13:35:51 147456 --a------ C:\WINDOWS\system32\ssleay32.dll
2008-05-26 13:35:51 651264 --a------ C:\WINDOWS\system32\libeay32.dll
2008-05-26 13:35:51 15781 --a------ C:\WINDOWS\system32\drivers\mdc8021x.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 2.3.1>
2008-05-26 13:35:51 507904 --a------ C:\WINDOWS\system32\AegisE5.dll <Not Verified; Meetinghouse Data Communications; AEGIS Client API>
2008-05-26 13:35:51 0 d-------- C:\Program Files\BELKIN USB Wireless Monitor
2008-05-26 13:35:44 0 d-------- C:\Program Files\Common Files\InstallShield
2008-05-26 13:25:29 0 d---s---- C:\WINDOWS\system32\Microsoft
2008-05-26 13:07:50 0 d--hs---- C:\WINDOWS\Installer
2008-05-26 13:07:49 0 d-------- C:\Documents and Settings\Flapjack McGee\Application Data\Identities
2008-05-26 13:07:39 0 d--h----- C:\Documents and Settings\Flapjack McGee\Templates
2008-05-26 13:07:39 0 dr------- C:\Documents and Settings\Flapjack McGee\Start Menu
2008-05-26 13:07:39 0 dr-h----- C:\Documents and Settings\Flapjack McGee\SendTo
2008-05-26 13:07:39 0 dr-h----- C:\Documents and Settings\Flapjack McGee\Recent
2008-05-26 13:07:39 0 d--h----- C:\Documents and Settings\Flapjack McGee\PrintHood
2008-05-26 13:07:39 2097152 --a------ C:\Documents and Settings\Flapjack McGee\NTUSER.DAT
2008-05-26 13:07:39 0 d--h----- C:\Documents and Settings\Flapjack McGee\NetHood
2008-05-26 13:07:39 0 dr------- C:\Documents and Settings\Flapjack McGee\My Documents
2008-05-26 13:07:39 0 d--h----- C:\Documents and Settings\Flapjack McGee\Local Settings
2008-05-26 13:07:39 0 dr------- C:\Documents and Settings\Flapjack McGee\Favorites
2008-05-26 13:07:39 0 d-------- C:\Documents and Settings\Flapjack McGee\Desktop
2008-05-26 13:07:39 0 d---s---- C:\Documents and Settings\Flapjack McGee\Cookies
2008-05-26 13:07:39 0 d--h----- C:\Documents and Settings\Flapjack McGee\Application Data
2008-05-26 1359 0 d--hs---- C:\System Volume Information
2008-05-26 1357 229376 --a------ C:\Documents and Settings\NetworkService\NTUSER.DAT
2008-05-26 1357 0 d--h----- C:\Documents and Settings\NetworkService\Local Settings
2008-05-26 1357 0 d---s---- C:\Documents and Settings\NetworkService\Cookies
2008-05-26 1357 0 d-------- C:\Documents and Settings\NetworkService\Application Data
2008-05-26 1357 0 d---s---- C:\Documents and Settings\NetworkService\Application Data\Microsoft
2008-05-26 1357 229376 --a------ C:\Documents and Settings\LocalService\NTUSER.DAT
2008-05-26 1357 0 d--h----- C:\Documents and Settings\LocalService\Local Settings
2008-05-26 1357 0 d---s---- C:\Documents and Settings\LocalService\Cookies
2008-05-26 1357 0 d-------- C:\Documents and Settings\LocalService\Application Data
2008-05-26 1357 0 d---s---- C:\Documents and Settings\LocalService\Application Data\Microsoft
2008-05-26 13:04:42 0 d-------- C:\WINDOWS\system32\xircom
2008-05-26 13:04:42 0 d-------- C:\Program Files\microsoft frontpage
2008-05-26 13:04:40 262144 --ah----- C:\Documents and Settings\Default User\NTUSER.DAT
2008-05-26 13:04:40 0 d-------- C:\DELL
2008-05-26 13:04:32 0 -rahs---- C:\MSDOS.SYS
2008-05-26 13:04:32 0 -rahs---- C:\IO.SYS
2008-05-26 13:04:32 0 --a------ C:\CONFIG.SYS
2008-05-26 13:04:32 0 --a------ C:\AUTOEXEC.BAT
2008-05-26 13:04:05 0 d--hs---- C:\Documents and Settings\All Users\DRM
2008-05-26 13:04:01 0 dr------- C:\WINDOWS\Offline Web Pages
2008-05-26 13:04:01 0 d---s---- C:\WINDOWS\Downloaded Program Files
2008-05-26 13:03:46 0 d-------- C:\WINDOWS\system32\DirectX
2008-05-26 13:03:10 0 d---s---- C:\WINDOWS\Tasks
2008-05-26 13:03:07 0 d-------- C:\Program Files\Common Files\MSSoap
2008-05-26 13:03:04 0 d-------- C:\WINDOWS\srchasst
2008-05-26 13:03:03 0 d-------- C:\WINDOWS\system32\Macromed
2008-05-26 13:03:02 0 d-------- C:\Program Files\Movie Maker
2008-05-26 13:02:59 0 d-------- C:\WINDOWS\system32\Restore
2008-05-26 13:02:59 0 d-------- C:\WINDOWS\PCHealth
2008-05-26 13:02:47 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat
2008-05-26 13:02:45 0 d-------- C:\WINDOWS\Registration
2008-05-26 13:02:35 0 d--h----- C:\Program Files\WindowsUpdate
2008-05-26 13:02:35 0 d-------- C:\Program Files\Online Services
2008-05-26 13:02:33 0 d-------- C:\Program Files\Messenger
2008-05-26 13:02:29 0 d-------- C:\Program Files\MSN Gaming Zone
2008-05-26 13:02:01 0 d-------- C:\Program Files\Windows NT
2008-05-26 13:01:58 0 d-------- C:\WINDOWS\system32\MsDtc
2008-05-26 13:01:58 0 d-------- C:\WINDOWS\system32\Com
2008-05-26 05:58:35 0 d-------- C:\Program Files\Common Files\ODBC
2008-05-26 05:58:33 0 d-------- C:\Program Files\Common Files\SpeechEngines
2008-05-26 05:58:32 0 dr------- C:\Program Files
2008-05-26 05:58:32 0 d-------- C:\Program Files\Common Files
2008-05-26 05:58:16 0 d--h----- C:\Documents and Settings\Default User\Templates
2008-05-26 05:58:16 0 dr------- C:\Documents and Settings\Default User\Start Menu
2008-05-26 05:58:16 0 dr-h----- C:\Documents and Settings\Default User\SendTo
2008-05-26 05:58:16 0 d--h----- C:\Documents and Settings\Default User\Recent
2008-05-26 05:58:16 0 d--h----- C:\Documents and Settings\Default User\PrintHood
2008-05-26 05:58:16 0 d--h----- C:\Documents and Settings\Default User\NetHood
2008-05-26 05:58:16 0 d-------- C:\Documents and Settings\Default User\My Documents
2008-05-26 05:58:16 0 dr-h----- C:\Documents and Settings\Default User\Local Settings
2008-05-26 05:58:16 0 d-------- C:\Documents and Settings\Default User\Favorites
2008-05-26 05:58:16 0 d-------- C:\Documents and Settings\Default User\Desktop
2008-05-26 05:58:16 0 d---s---- C:\Documents and Settings\Default User\Cookies
2008-05-26 05:58:16 0 d--h----- C:\Documents and Settings\All Users\Templates
2008-05-26 05:58:16 0 dr------- C:\Documents and Settings\All Users\Start Menu
2008-05-26 05:58:16 0 d-------- C:\Documents and Settings\All Users\Favorites
2008-05-26 05:58:16 0 dr------- C:\Documents and Settings\All Users\Documents
2008-05-26 05:58:16 0 d-------- C:\Documents and Settings\All Users\Desktop
2008-05-26 05:57:39 0 d-------- C:\WINDOWS\system32\CatRoot2
2008-05-26 05:57:39 0 d-------- C:\WINDOWS\system32\CatRoot
2008-05-26 05:57:34 0 dr-h----- C:\Documents and Settings\Default User\Application Data
2008-05-26 05:57:34 0 d---s---- C:\Documents and Settings\Default User\Application Data\Microsoft
2008-05-26 05:57:34 0 dr-h----- C:\Documents and Settings\All Users\Application Data
2008-05-26 05:57:34 0 d---s---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-05-26 05:57:22 0 d-------- C:\Documents and Settings
2008-05-26 05:53:41 0 d-------- C:\WINDOWS
2008-05-26 05:53:41 0 d-------- C:\WINDOWS\WinSxS
2008-05-26 05:53:41 0 dr------- C:\WINDOWS\Web
2008-05-26 05:53:41 0 d-------- C:\WINDOWS\twain_32
2008-05-26 05:53:41 0 d-------- C:\WINDOWS\system32
2008-05-26 05:53:41 0 d-------- C:\WINDOWS\system32\wins
2008-05-26 05:53:41 0 d-------- C:\WINDOWS\system32\wbem
2008-05-26 05:53:41 0 d-------- C:\WINDOWS\system32\usmt
2008-05-26 05:53:41 0 d-------- C:\WINDOWS\system32\spool
2008-05-26 05:53:41 0 d-------- C:\WINDOWS\system32\ShellExt
2008-05-26 05:53:41 0 d-------- C:\WINDOWS\system32\Setup
2008-05-26 05:53:41 0 d-------- C:\WINDOWS\system32\ras
2008-05-26 05:53:41 0 d-------- C:\WINDOWS\system32\oobe
2008-05-26 05:53:41 0 d-------- C:\WINDOWS\system32\npp
2008-05-26 05:53:41 0 d-------- C:\WINDOWS\system32\mui
2008-05-26 05:53:41 0 d-------- C:\WINDOWS\system32\inetsrv
2008-05-26 05:53:41 0 d-------- C:\WINDOWS\system32\IME
2008-05-26 05:53:41 0 d-------- C:\WINDOWS\system32\icsxml
2008-05-26 05:53:41 0 d-------- C:\WINDOWS\system32\ias
2008-05-26 05:53:41 0 d-------- C:\WINDOWS\system32\export
2008-05-26 05:53:41 0 d-------- C:\WINDOWS\system32\drivers
2008-05-26 05:53:41 0 d-------- C:\WINDOWS\system32\drivers\etc
2008-05-26 05:53:41 0 d-------- C:\WINDOWS\system32\drivers\disdn
2008-05-26 05:53:41 0 dr-hs--c- C:\WINDOWS\system32\dllcache
2008-05-26 05:53:41 0 d-------- C:\WINDOWS\system32\dhcp
2008-05-26 05:53:41 0 d-------- C:\WINDOWS\system32\config
2008-05-26 05:53:41 0 d-------- C:\WINDOWS\system32\3com_dmi
2008-05-26 05:53:41 0 d-------- C:\WINDOWS\system32\3076
2008-05-26 05:53:41 0 d-------- C:\WINDOWS\system32\2052
2008-05-26 05:53:41 0 d-------- C:\WINDOWS\system32\1054
2008-05-26 05:53:41 0 d-------- C:\WINDOWS\system32\1042
2008-05-26 05:53:41 0 d-------- C:\WINDOWS\system32\1041
2008-05-26 05:53:41 0 d-------- C:\WINDOWS\system32\1037
2008-05-26 05:53:41 0 d-------- C:\WINDOWS\system32\1033
2008-05-26 05:53:41 0 d-------- C:\WINDOWS\system32\1031
2008-05-26 05:53:41 0 d-------- C:\WINDOWS\system32\1028
2008-05-26 05:53:41 0 d-------- C:\WINDOWS\system32\1025
2008-05-26 05:53:41 0 d-------- C:\WINDOWS\system
2008-05-26 05:53:41 0 d-------- C:\WINDOWS\security
2008-05-26 05:53:41 0 d-------- C:\WINDOWS\Resources
2008-05-26 05:53:41 0 d-------- C:\WINDOWS\repair
2008-05-26 05:53:41 0 d-------- C:\WINDOWS\mui
2008-05-26 05:53:41 0 d-------- C:\WINDOWS\msapps
2008-05-26 05:53:41 0 d-------- C:\WINDOWS\msagent
2008-05-26 05:53:41 0 d-------- C:\WINDOWS\Media
2008-05-26 05:53:41 0 d-------- C:\WINDOWS\java
2008-05-26 05:53:41 0 d--h----- C:\WINDOWS\inf
2008-05-26 05:53:41 0 d-------- C:\WINDOWS\ime
2008-05-26 05:53:41 0 d-------- C:\WINDOWS\Help
2008-05-26 05:53:41 0 dr--s---- C:\WINDOWS\Fonts
2008-05-26 05:53:41 0 d-------- C:\WINDOWS\Driver Cache
2008-05-26 05:53:41 0 d-------- C:\WINDOWS\Debug
2008-05-26 05:53:41 0 d-------- C:\WINDOWS\Cursors
2008-05-26 05:53:41 0 d-------- C:\WINDOWS\Connection Wizard
2008-05-26 05:53:41 0 d-------- C:\WINDOWS\Config
2008-05-26 05:53:41 0 d-------- C:\WINDOWS\AppPatch
2008-05-26 05:53:41 0 d-------- C:\WINDOWS\addins


-- Find3M Report ---------------------------------------------------------------

2008-05-26 05:58:16 62 --ahs---- C:\Documents and Settings\Flapjack McGee\Application Data\desktop.ini


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{33c18d3e-19a9-48fd-ad9b-77f899ca43cc}]
06/14/2008 02:01 AM 130560 --a------ C:\WINDOWS\system32\aoihuntv.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6502A2E1-29F8-4ED3-AB7F-5439A8D550D3}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{79076950-F022-4D2A-AF45-C9E2F0A9F931}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Getca"="C:\Program Files\BELKIN USB Wireless Monitor\InfoMyCa.exe" [03/10/2004 08:57 PM]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [05/30/2008 03:42 PM]
"DiscWizardMonitor.exe"="C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe" [04/19/2007 09:24 PM]
"AcronisTimounterMonitor"="C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe" [04/19/2007 09:38 PM]
"Acronis Scheduler2 Service"="C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe" [04/19/2007 09:29 PM]
"NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [03/01/2007 02:57 PM]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [12/03/2007 02:21 PM]
"SysTrayApp"="C:\Program Files\IDT\WDM\sttray.exe" [12/14/2007 12:26 PM]
"AtiPTA"="atiptaxx.exe" [02/21/2006 06:05 PM C:\WINDOWS\system32\atiptaxx.exe]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [05/02/2008 10:46 PM]
"nwiz"="nwiz.exe" [05/02/2008 10:46 PM C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [05/02/2008 10:46 PM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [03/25/2008 04:28 AM]
"1882dd4a"="C:\WINDOWS\system32\uvbjpqun.dll" []
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [05/27/2008 10:50 AM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [06/02/2008 11:13 AM]
"AVP"="C:\Program Files\PCSecurityShield\The Shield Deluxe 2008\avp.exe" [08/23/2007 02:16 PM]
"BM1bb1eed6"="C:\WINDOWS\system32\dweqcxyv.dll" []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [12/13/2007 07:10 PM]
"Steam"="c:\program files\steam\steam.exe" [05/27/2008 06:44 PM]
"MRC"="C:\Program Files\MyRegistryCleaner\MyRegistryCleaner.exe" [06/04/2007 01:15 AM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"=1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"=1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
C:\WINDOWS\System32\dimsntfy.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\rqRKAPHb]
rqRKAPHb.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 relog_ap C:\WINDOWS\system32\rqRLdeCu

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
eapsvcs eaphost
dot3svc dot3svc

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
napagent
hkmsvc


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3b9d57c2-2b23-11dd-9fe7-806d6172696f}]
AutoRun\command- D:\setup.exe

*Newly Created Service* - PAVPROC
*Newly Created Service* - PAVPRSRV
*Newly Created Service* - RKPAVPROC
*Newly Created Service* - SHLDDRV



-- End of Deckard's System Scanner: finished at 2008-06-16 19:32:54 ------------

;***********************************************************************************************************************************************************************************
ANALYSIS: 2008-06-16 19:20:12
PROTECTIONS: 2
MALWARE: 18
SUSPECTS: 0
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
AVG Anti-Virus 8.0 Yes Yes
The Shield Deluxe 2008 6.0.2.621 No Yes
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Flapjack McGee\Cookies\flapjack mcgee@casalemedia[2].txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Flapjack McGee\Cookies\flapjack mcgee@doubleclick[1].txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Flapjack McGee\Application Data\Mozilla\Firefox\Profiles\dhesjek7.default\cookies.txt[.doubleclick.net/]
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Flapjack McGee\Cookies\flapjack mcgee@atdmt[2].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Flapjack McGee\Application Data\Mozilla\Firefox\Profiles\dhesjek7.default\cookies.txt[.atdmt.com/]
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Flapjack McGee\Cookies\flapjack mcgee@247realmedia[1].txt
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Flapjack McGee\Cookies\flapjack mcgee@fastclick[2].txt
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Flapjack McGee\Application Data\Mozilla\Firefox\Profiles\dhesjek7.default\cookies.txt[.tribalfusion.com/]
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Flapjack McGee\Application Data\Mozilla\Firefox\Profiles\dhesjek7.default\cookies.txt[.tribalfusion.com/]
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Flapjack McGee\Application Data\Mozilla\Firefox\Profiles\dhesjek7.default\cookies.txt[.tribalfusion.com/]
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Flapjack McGee\Cookies\flapjack mcgee@tribalfusion[1].txt
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Flapjack McGee\Application Data\Mozilla\Firefox\Profiles\dhesjek7.default\cookies.txt[.tribalfusion.com/]
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Flapjack McGee\Application Data\Mozilla\Firefox\Profiles\dhesjek7.default\cookies.txt[.mediaplex.com/]
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Flapjack McGee\Cookies\flapjack mcgee@mediaplex[1].txt
00147824 Cookie/Clickbank TrackingCookie No 0 Yes No C:\Documents and Settings\Flapjack McGee\Cookies\flapjack mcgee@clickbank[1].txt
00147824 Cookie/Clickbank TrackingCookie No 0 Yes No C:\Documents and Settings\Flapjack McGee\Cookies\flapjack mcgee@clickbank[2].txt
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\Flapjack McGee\Cookies\flapjack mcgee@com[1].txt
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\Flapjack McGee\Application Data\Mozilla\Firefox\Profiles\dhesjek7.default\cookies.txt[.com.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Flapjack McGee\Cookies\flapjack mcgee@ad.yieldmanager[1].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\Flapjack McGee\Cookies\flapjack mcgee@apmebf[1].txt
00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Documents and Settings\Flapjack McGee\Cookies\flapjack mcgee@burstnet[2].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Flapjack McGee\Cookies\flapjack mcgee@advertising[2].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Flapjack McGee\Application Data\Mozilla\Firefox\Profiles\dhesjek7.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Flapjack McGee\Application Data\Mozilla\Firefox\Profiles\dhesjek7.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Flapjack McGee\Cookies\flapjack mcgee@advertising[1].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Flapjack McGee\Application Data\Mozilla\Firefox\Profiles\dhesjek7.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Flapjack McGee\Application Data\Mozilla\Firefox\Profiles\dhesjek7.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Flapjack McGee\Application Data\Mozilla\Firefox\Profiles\dhesjek7.default\cookies.txt[.advertising.com/]
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Flapjack McGee\Application Data\Mozilla\Firefox\Profiles\dhesjek7.default\cookies.txt[.realmedia.com/]
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Flapjack McGee\Application Data\Mozilla\Firefox\Profiles\dhesjek7.default\cookies.txt[.realmedia.com/]
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Flapjack McGee\Application Data\Mozilla\Firefox\Profiles\dhesjek7.default\cookies.txt[.realmedia.com/]
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Flapjack McGee\Cookies\flapjack mcgee@realmedia[2].txt
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\Flapjack McGee\Application Data\Mozilla\Firefox\Profiles\dhesjek7.default\cookies.txt[.questionmarket.com/]
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\Flapjack McGee\Application Data\Mozilla\Firefox\Profiles\dhesjek7.default\cookies.txt[.questionmarket.com/]
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Flapjack McGee\Cookies\flapjack mcgee@zedo[1].txt
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Flapjack McGee\Cookies\flapjack mcgee@adrevolver[2].txt
02918782 Generic Trojan Virus/Trojan No 0 No No C:\System Volume Information\_restore{AB973A48-A4C7-46DE-B301-19672B0ED636}\RP94\A0017839.exe[spydb.exe][helper.dll]
;===================================================================================================================================================================================
SUSPECTS
Sent Location 
;===================================================================================================================================================================================
;===================================================================================================================================================================================
VULNERABILITIES
Id Severity Description 
;===================================================================================================================================================================================
;===================================================================================================================================================================================


Thank you in advance for any help you can offer.

Attached Files

New Text Document.txt (10.9 KB, 2 views)

Flapjack McGee

Got Spyware Doctor, fixed all problems.

tetonbob

Thanks for letting us know. Unfortunately, this forum is incredibly busy, and we don't have the hands to get to all the threads.

One thing I'd like to point out:

You have more than one AntiVirus application installed.

AVG Anti-Virus 8.0
The Shield Deluxe 2008

While this may seem like greater protection, it can cause problems including slowdowns, system hangs or even crashes. This can happen if both AntiVirus applications attempt to access the same file at the same time. This may cause the applications to interfere with each other, or cause the system to lock up. It can also be a drain on system resources, making a machine run slower than it should.

Therefore, uninstall all but one AntiVirus application using the Add or Remove Programs in the Control Panel before posting your logs. Be sure to leave one up-to-date AntiVirus application installed.

I will mark this thread as solved. If you want a review of your current situation, post a new dss.exe main.txt log, after uninstalling one of the AntiVirus applications.

__________________

** PC Safety and Security--What Do I Need? **

Proud Member of ASAP since 2005
Proud Member of UNITE since 2006