So after admitting defeat against this nasty guy I decided to reinstall xp. Well, atm Im having issues with that. So I figured I'd give it one more go and enlist everyone's help here.
Before I begin I tried running GMER.exe. Unfortunately, nothing. Won't open :/
Anyway this virus has hijacked iexplore.exe It opens in the backround and streams audio commercials (which can be annoying at 3am when you have your sound system still on.)
DDS (Ver_09-07-30.01) - NTFSx86
Run by ke6qis.main at 20:24:25.17 on Thu 09/03/2009
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_15
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1409 [GMT -7:00]
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\stsystra.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Dell Photo AIO Printer 966\dlcqmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Internet Explorer\Iexplore.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\ke6qis.main\Desktop\dds.pif
C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = 127.0.0.1;localhost
uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
uURLSearchHooks: H - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SidebarAutoLaunch Class: {f2aa9440-6328-4933-b7c9-a6ccdf9cbf6d} - c:\program files\yahoo!\browser\YSidebarIEBHO.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
TB: Foxit Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll
uRun: [LDM] c:\program files\logitech\desktop messenger\8876480\program\BackWeb-8876480.exe
uRun: [DellSupport-] "c:\program files\dellsupport\DSAgnt.exe" /startup
uRun: [WinMem] c:\program files\blcorp\wccsc\winmem\WinMem.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [NVIDIA nTune] "c:\program files\nvidia corporation\ntune\nTuneCmd.exe" clear
uRun: [BitTorrent DNA] "c:\program files\dna\btdna.exe"
uRun: [ICQ] "c:\program files\icq6.5\ICQ.exe" silent
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [zBrowser Launcher] c:\program files\logitech\itouch\iTouch.exe
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [Symantec PIF AlertEng] "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe" /a /m "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\AlertEng.dll"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [dlcqmon.exe] "c:\program files\dell photo aio printer 966\dlcqmon.exe"
mRun: [DLCQCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\DLCQtime.dll,_RunDLLEntry@16
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [boincmgr] "c:\program files\boinc\boincmgr.exe" /a /s
mRun: [boinctray] "c:\program files\boinc\boinctray.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\progra~1\yahoo!\common\yiesrvc.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: avgrsstarter - avgrsstx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: {38101905-d80f-4788-96f6-986a8186178a} - c:\windows\system32\flashd32.dll
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\ke6qis~1.mai\applic~1\mozilla\firefox\profiles\ezpoxjls.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - plugin: c:\program files\mozilla firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
============= SERVICES / DRIVERS ===============
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-8-6 64160]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-7-17 335240]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-7-17 27784]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-7-17 108552]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-7-17 297752]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-7-3 1029456]
R3 dfmirage;dfmirage;c:\windows\system32\drivers\dfmirage.sys [2008-6-6 34128]
S3 LCcfltr;Logitech USB Filter Driver;c:\windows\system32\drivers\LCcfltr.sys [2008-4-4 13724]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
=============== Created Last 30 ================
2009-09-03 20:23 <DIR> --d-h--- c:\windows\PIF
2009-09-03 20:16 <DIR> --d----- c:\program files\RegZooka
2009-08-25 22:49 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Blizzard Entertainment
2009-08-25 20:38 210 a------- c:\windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
2009-08-25 20:38 <DIR> --d----- c:\program files\Ventrilo
2009-08-17 08:16 <DIR> --d----- C:\409068e106d5e8015e
2009-08-17 08:05 <DIR> --d----- c:\program files\Wizards of the Coast
2009-08-13 21:56 <DIR> -cd----- c:\docume~1\alluse~1\applic~1\{F9ABF6FF-B068-4877-9373-3B5353A65A36}
2009-08-11 15:39 411,368 a------- c:\windows\system32\deploytk.dll
2009-08-11 00:32 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SecTaskMan
2009-08-11 00:32 <DIR> --d----- c:\program files\Security Task Manager
2009-08-06 20:17 578,560 ac------ c:\windows\system32\dllcache\user32.dll
2009-08-06 20:04 <DIR> --d----- c:\windows\ERUNT
2009-08-06 18:54 <DIR> --d----- c:\program files\Trend Micro
2009-08-06 18:52 38,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-08-06 18:52 19,096 a------- c:\windows\system32\drivers\mbam.sys
2009-08-06 18:52 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-08-06 18:52 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-08-06 18:39 15,688 a------- c:\windows\system32\lsdelete.exe
2009-08-06 18:32 64,160 a------- c:\windows\system32\drivers\Lbd.sys
2009-08-06 18:31 <DIR> -cd-h--- c:\docume~1\alluse~1\applic~1\{EF63305C-BAD7-4144-9208-D65528260864}
2009-08-06 18:31 <DIR> --d----- c:\program files\Lavasoft
2009-08-06 18:07 <DIR> --d----- c:\program files\Spybot - Search & Destroy
2009-08-06 18:07 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2009-08-04 20:34 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Blizzard
==================== Find3M ====================
2009-08-23 09:13 335,240 a------- c:\windows\system32\drivers\avgldx86.sys
2009-08-23 09:13 11,952 a------- c:\windows\system32\avgrsstx.dll
2009-07-22 19:04 22,328 a------- c:\docume~1\ke6qis~1.mai\applic~1\PnkBstrK.sys
2009-07-20 15:03 34 a------- c:\documents and settings\ke6qis.main\jagex_runescape_preferences.dat
2009-07-17 21:50 108,552 a------- c:\windows\system32\drivers\avgtdix.sys
2009-06-10 11:05 828,160 a------- c:\windows\boinc.scr
2008-07-18 21:50 32 ac---r-- c:\documents and settings\all users\hash.dat
2007-11-18 11:28 6,787,081 -c------ c:\documents and settings\ke6qis.main\CC2update.exe
2009-05-11 15:02 0 a--sh--- c:\windows\system32\gahejeyu.dll
2009-05-11 15:02 0 a--sh--- c:\windows\system32\gifepujo.dll
2009-05-11 15:02 0 a--sh--- c:\windows\system32\leliwuwu.dll
2008-05-12 18:13 32,768 ac-sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008051220080513\index.dat
============= FINISH: 20:27:35.48 ===============
Before I begin I tried running GMER.exe. Unfortunately, nothing. Won't open :/
Anyway this virus has hijacked iexplore.exe It opens in the backround and streams audio commercials (which can be annoying at 3am when you have your sound system still on.)
DDS (Ver_09-07-30.01) - NTFSx86
Run by ke6qis.main at 20:24:25.17 on Thu 09/03/2009
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_15
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1409 [GMT -7:00]
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\stsystra.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Dell Photo AIO Printer 966\dlcqmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Internet Explorer\Iexplore.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\ke6qis.main\Desktop\dds.pif
C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = 127.0.0.1;localhost
uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
uURLSearchHooks: H - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SidebarAutoLaunch Class: {f2aa9440-6328-4933-b7c9-a6ccdf9cbf6d} - c:\program files\yahoo!\browser\YSidebarIEBHO.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
TB: Foxit Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll
uRun: [LDM] c:\program files\logitech\desktop messenger\8876480\program\BackWeb-8876480.exe
uRun: [DellSupport-] "c:\program files\dellsupport\DSAgnt.exe" /startup
uRun: [WinMem] c:\program files\blcorp\wccsc\winmem\WinMem.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [NVIDIA nTune] "c:\program files\nvidia corporation\ntune\nTuneCmd.exe" clear
uRun: [BitTorrent DNA] "c:\program files\dna\btdna.exe"
uRun: [ICQ] "c:\program files\icq6.5\ICQ.exe" silent
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [zBrowser Launcher] c:\program files\logitech\itouch\iTouch.exe
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [Symantec PIF AlertEng] "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe" /a /m "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\AlertEng.dll"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [dlcqmon.exe] "c:\program files\dell photo aio printer 966\dlcqmon.exe"
mRun: [DLCQCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\DLCQtime.dll,_RunDLLEntry@16
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [boincmgr] "c:\program files\boinc\boincmgr.exe" /a /s
mRun: [boinctray] "c:\program files\boinc\boinctray.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\progra~1\yahoo!\common\yiesrvc.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: avgrsstarter - avgrsstx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: {38101905-d80f-4788-96f6-986a8186178a} - c:\windows\system32\flashd32.dll
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\ke6qis~1.mai\applic~1\mozilla\firefox\profiles\ezpoxjls.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - plugin: c:\program files\mozilla firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
============= SERVICES / DRIVERS ===============
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-8-6 64160]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-7-17 335240]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-7-17 27784]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-7-17 108552]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-7-17 297752]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-7-3 1029456]
R3 dfmirage;dfmirage;c:\windows\system32\drivers\dfmirage.sys [2008-6-6 34128]
S3 LCcfltr;Logitech USB Filter Driver;c:\windows\system32\drivers\LCcfltr.sys [2008-4-4 13724]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
=============== Created Last 30 ================
2009-09-03 20:23 <DIR> --d-h--- c:\windows\PIF
2009-09-03 20:16 <DIR> --d----- c:\program files\RegZooka
2009-08-25 22:49 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Blizzard Entertainment
2009-08-25 20:38 210 a------- c:\windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
2009-08-25 20:38 <DIR> --d----- c:\program files\Ventrilo
2009-08-17 08:16 <DIR> --d----- C:\409068e106d5e8015e
2009-08-17 08:05 <DIR> --d----- c:\program files\Wizards of the Coast
2009-08-13 21:56 <DIR> -cd----- c:\docume~1\alluse~1\applic~1\{F9ABF6FF-B068-4877-9373-3B5353A65A36}
2009-08-11 15:39 411,368 a------- c:\windows\system32\deploytk.dll
2009-08-11 00:32 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SecTaskMan
2009-08-11 00:32 <DIR> --d----- c:\program files\Security Task Manager
2009-08-06 20:17 578,560 ac------ c:\windows\system32\dllcache\user32.dll
2009-08-06 20:04 <DIR> --d----- c:\windows\ERUNT
2009-08-06 18:54 <DIR> --d----- c:\program files\Trend Micro
2009-08-06 18:52 38,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-08-06 18:52 19,096 a------- c:\windows\system32\drivers\mbam.sys
2009-08-06 18:52 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-08-06 18:52 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-08-06 18:39 15,688 a------- c:\windows\system32\lsdelete.exe
2009-08-06 18:32 64,160 a------- c:\windows\system32\drivers\Lbd.sys
2009-08-06 18:31 <DIR> -cd-h--- c:\docume~1\alluse~1\applic~1\{EF63305C-BAD7-4144-9208-D65528260864}
2009-08-06 18:31 <DIR> --d----- c:\program files\Lavasoft
2009-08-06 18:07 <DIR> --d----- c:\program files\Spybot - Search & Destroy
2009-08-06 18:07 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2009-08-04 20:34 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Blizzard
==================== Find3M ====================
2009-08-23 09:13 335,240 a------- c:\windows\system32\drivers\avgldx86.sys
2009-08-23 09:13 11,952 a------- c:\windows\system32\avgrsstx.dll
2009-07-22 19:04 22,328 a------- c:\docume~1\ke6qis~1.mai\applic~1\PnkBstrK.sys
2009-07-20 15:03 34 a------- c:\documents and settings\ke6qis.main\jagex_runescape_preferences.dat
2009-07-17 21:50 108,552 a------- c:\windows\system32\drivers\avgtdix.sys
2009-06-10 11:05 828,160 a------- c:\windows\boinc.scr
2008-07-18 21:50 32 ac---r-- c:\documents and settings\all users\hash.dat
2007-11-18 11:28 6,787,081 -c------ c:\documents and settings\ke6qis.main\CC2update.exe
2009-05-11 15:02 0 a--sh--- c:\windows\system32\gahejeyu.dll
2009-05-11 15:02 0 a--sh--- c:\windows\system32\gifepujo.dll
2009-05-11 15:02 0 a--sh--- c:\windows\system32\leliwuwu.dll
2008-05-12 18:13 32,768 ac-sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008051220080513\index.dat
============= FINISH: 20:27:35.48 ===============
Attachment attached to this post.
