THANK YOU! I really appreciate your help w/ this matter. Here is the latest log you requested.
ComboFix 07-10-26.4 - michelle brenczewski 2007-10-27 20:57:21.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.475 [GMT -5:00]
Running from: C:\Documents and Settings\michelle brenczewski\Desktop\ComboFix.exe
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CnsMin.zip
C:\Documents and Settings\All Users\Application Data\Starware358
C:\Documents and Settings\All Users\Application Data\Starware358\buttons\celebrity_news.bmp
C:\Documents and Settings\All Users\Application Data\Starware358\buttons\celebrity_search.bmp
C:\Documents and Settings\All Users\Application Data\Starware358\buttons\FindIt.bmp
C:\Documents and Settings\All Users\Application Data\Starware358\buttons\FindItHot.bmp
C:\Documents and Settings\All Users\Application Data\Starware358\buttons\findithotxp.png
C:\Documents and Settings\All Users\Application Data\Starware358\buttons\finditxp.png
C:\Documents and Settings\All Users\Application Data\Starware358\buttons\Highlight.bmp
C:\Documents and Settings\All Users\Application Data\Starware358\buttons\HighlightHot.bmp
C:\Documents and Settings\All Users\Application Data\Starware358\buttons\highlighthotxp.png
C:\Documents and Settings\All Users\Application Data\Starware358\buttons\highlightxp.png
C:\Documents and Settings\All Users\Application Data\Starware358\buttons\logo.bmp
C:\Documents and Settings\All Users\Application Data\Starware358\buttons\logoxp.bmp
C:\Documents and Settings\All Users\Application Data\Starware358\contexts\error.xml
C:\Documents and Settings\All Users\Application Data\Starware358\contexts\related.xml
C:\Documents and Settings\All Users\Application Data\Starware358\contexts\Travel.xml
C:\Documents and Settings\All Users\Application Data\Starware358\EntertainmentMarketingSP\images\active\EntertainmentMarketingSP0.bmp
C:\Documents and Settings\All Users\Application Data\Starware358\Games\images\active\Games0.bmp
C:\Documents and Settings\All Users\Application Data\Starware358\Movies\images\active\Movies0.bmp
C:\Documents and Settings\All Users\Application Data\Starware358\ScreensaversMarketingSitePager\images\active\ScreensaversMarketingSitePager0.bmp
C:\Documents and Settings\All Users\Application Data\Starware358\SimpleUpdate\ProductMessagingConfig.xml
C:\Documents and Settings\All Users\Application Data\Starware358\SimpleUpdate\ProductMessagingConfig.xml.backup
C:\Documents and Settings\All Users\Application Data\Starware358\SimpleUpdate\SimpleUpdateConfig.xml
C:\Documents and Settings\All Users\Application Data\Starware358\SimpleUpdate\SimpleUpdateConfig.xml.backup
C:\Documents and Settings\All Users\Application Data\Starware358\SimpleUpdate\TimerManagerConfig.xml
C:\Documents and Settings\All Users\Application Data\Starware358\SimpleUpdate\TimerManagerConfig.xml.backup
C:\Documents and Settings\All Users\Application Data\Starware358\U056C222E.exe
C:\Documents and Settings\michelle brenczewski\Application Data\macromedia\Flash Player\#SharedObjects\Y8UAD69D\www.broadcaster.com
C:\Documents and Settings\michelle brenczewski\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com
C:\Documents and Settings\michelle brenczewski\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com\settings.sol
C:\Documents and Settings\michelle brenczewski\Application Data\SMANTE~1
C:\Documents and Settings\michelle brenczewski\Application Data\Starware358
C:\Documents and Settings\michelle brenczewski\Application Data\Starware358\BrowserSearch\BrowserSearch.xml
C:\Documents and Settings\michelle brenczewski\Application Data\Starware358\BrowserSearch\BrowserSearch.xml.backup
C:\Documents and Settings\michelle brenczewski\Application Data\Starware358\CelebrityNews\CelebrityNewsOptions.xml
C:\Documents and Settings\michelle brenczewski\Application Data\Starware358\CelebrityNews\CelebrityNewsOptions.xml.backup
C:\Documents and Settings\michelle brenczewski\Application Data\Starware358\CelebritySearch\CelebritySearchOptions.xml
C:\Documents and Settings\michelle brenczewski\Application Data\Starware358\CelebritySearch\CelebritySearchOptions.xml.backup
C:\Documents and Settings\michelle brenczewski\Application Data\Starware358\Configurator\Configurator.xml
C:\Documents and Settings\michelle brenczewski\Application Data\Starware358\Configurator\Configurator.xml.backup
C:\Documents and Settings\michelle brenczewski\Application Data\Starware358\EntertainmentMarketingSP\EntertainmentMarketingSPOptions.xml
C:\Documents and Settings\michelle brenczewski\Application Data\Starware358\EntertainmentMarketingSP\EntertainmentMarketingSPOptions.xml.backup
C:\Documents and Settings\michelle brenczewski\Application Data\Starware358\ErrorSearch\ErrorSearchOptions.xml
C:\Documents and Settings\michelle brenczewski\Application Data\Starware358\ErrorSearch\ErrorSearchOptions.xml.backup
C:\Documents and Settings\michelle brenczewski\Application Data\Starware358\Games\GamesOptions.xml
C:\Documents and Settings\michelle brenczewski\Application Data\Starware358\Games\GamesOptions.xml.backup
C:\Documents and Settings\michelle brenczewski\Application Data\Starware358\Layouts\PitchLayout.xml
C:\Documents and Settings\michelle brenczewski\Application Data\Starware358\Layouts\PitchLayout.xml.backup
C:\Documents and Settings\michelle brenczewski\Application Data\Starware358\Layouts\ToolbarLayout.xml
C:\Documents and Settings\michelle brenczewski\Application Data\Starware358\Layouts\ToolbarLayout.xml.backup
C:\Documents and Settings\michelle brenczewski\Application Data\Starware358\Manager\ManagerOptions.xml
C:\Documents and Settings\michelle brenczewski\Application Data\Starware358\Manager\ManagerOptions.xml.backup
C:\Documents and Settings\michelle brenczewski\Application Data\Starware358\Movies\MoviesOptions.xml
C:\Documents and Settings\michelle brenczewski\Application Data\Starware358\Movies\MoviesOptions.xml.backup
C:\Documents and Settings\michelle brenczewski\Application Data\Starware358\RelatedSearch\RelatedSearchOptions.xml
C:\Documents and Settings\michelle brenczewski\Application Data\Starware358\RelatedSearch\RelatedSearchOptions.xml.backup
C:\Documents and Settings\michelle brenczewski\Application Data\Starware358\ScreensaversMarketingSitePager\ScreensaversMarketingSitePagerOptions.xml
C:\Documents and Settings\michelle brenczewski\Application Data\Starware358\ScreensaversMarketingSitePager\ScreensaversMarketingSitePagerOptions.xml.backup
C:\Documents and Settings\michelle brenczewski\Application Data\Starware358\SearchAssistPlus\SearchAssistPlusOptions.xml
C:\Documents and Settings\michelle brenczewski\Application Data\Starware358\SearchAssistPlus\SearchAssistPlusOptions.xml.backup
C:\Documents and Settings\michelle brenczewski\Application Data\Starware358\SearchMatch\SearchMatchOptions.xml
C:\Documents and Settings\michelle brenczewski\Application Data\Starware358\SearchMatch\SearchMatchOptions.xml.backup
C:\Documents and Settings\michelle brenczewski\Application Data\Starware358\Toolbar\TBProductsOptions.xml
C:\Documents and Settings\michelle brenczewski\Application Data\Starware358\Toolbar\TBProductsOptions.xml.backup
C:\Documents and Settings\michelle brenczewski\Application Data\Starware358\ToolbarLogo\ToolbarLogoOptions.xml
C:\Documents and Settings\michelle brenczewski\Application Data\Starware358\ToolbarLogo\ToolbarLogoOptions.xml.backup
C:\Documents and Settings\michelle brenczewski\Application Data\Starware358\ToolbarSearch\ToolbarSearchOptions.xml
C:\Documents and Settings\michelle brenczewski\Application Data\Starware358\ToolbarSearch\ToolbarSearchOptions.xml.backup
C:\Documents and Settings\michelle brenczewski\Application Data\Starware358\TravelSearch\TravelSearchOptions.xml
C:\Documents and Settings\michelle brenczewski\Application Data\Starware358\TravelSearch\TravelSearchOptions.xml.backup
C:\Documents and Settings\michelle brenczewski\Application Data\YMANTE~1
C:\Documents and Settings\michelle brenczewski\Application Data\YMANTE~1\?ymantec\
C:\Documents and Settings\michelle brenczewski\My Documents\ASEMBL~1
C:\Documents and Settings\michelle brenczewski\Start Menu\Programs\Outerinfo
C:\Documents and Settings\michelle brenczewski\Start Menu\Programs\Outerinfo\Terms.lnk
C:\Documents and Settings\michelle brenczewski\Start Menu\Programs\Outerinfo\Uninstall.lnk
C:\Documents and Settings\michelle brenczewski\Start Menu\Programs\Startup\ta_start.lnk
C:\Program Files\3721
C:\Program Files\3721\assist\asbar.dll
C:\Program Files\3721\helper.dll
C:\Program Files\Accoona
C:\Program Files\Accoona\ASearchAssist.dll
C:\Program Files\akl
C:\Program Files\akl\akl.dll
C:\Program Files\akl\akl.exe
C:\Program Files\akl\curlog.htm
C:\Program Files\akl\keylog.txt
C:\Program Files\akl\readme.txt
C:\Program Files\akl\uninstall.exe
C:\Program Files\akl\unsetup.dat
C:\Program Files\akl\unsetup.exe
C:\Program Files\amsys
C:\Program Files\amsys\awmsg.dat
C:\Program Files\amsys\guid.dat
C:\Program Files\amsys\ijl15.dll
C:\Program Files\amsys\mfc42.dll
C:\Program Files\amsys\msvcrt.dll
C:\Program Files\amsys\unins000.dat
C:\Program Files\amsys\unis000.exe
C:\Program Files\amsys\winam.dat
C:\Program Files\e-zshopper
C:\Program Files\e-zshopper\BarLcher.dll
C:\Program Files\outerinfo
C:\Program Files\outerinfo\Terms.rtf
C:\Program Files\p2pnetworks
C:\Program Files\p2pnetworks\amp2pl.exe
C:\Program Files\SecCenter
C:\Program Files\SecCenter\scprot4.exe
C:\Program Files\Starware358
C:\Program Files\Starware358\brand.bmp
C:\Program Files\Starware358\icons\star_16.ico
C:\Program Files\Starware358\Starware358Config.xml
C:\Program Files\Starware358\Starware358Uninstall.exe
C:\temp\[u]0[/u]b9
C:\temp\[u]0[/u]b9\tmpTF.log
C:\Temp\1cb
C:\Temp\1cb\syscheck.log
C:\Temp\fCOe
C:\Temp\fCOe\tOasF.log
C:\temp\tn3
C:\WINDOWS\764.exe
C:\WINDOWS\7search.dll
C:\WINDOWS\aconti.exe
C:\WINDOWS\adbar.dll
C:\WINDOWS\b122.exe
C:\WINDOWS\cbinst$.exe
C:\WINDOWS\daxtime.dll
C:\WINDOWS\dp0.dll
C:\WINDOWS\eventlowg.dll
C:\WINDOWS\fhfmm-Uninstaller.exe
C:\WINDOWS\fhfmm.exe
C:\WINDOWS\flt.dll
C:\WINDOWS\hcwprn.exe
C:\WINDOWS\hotporn.exe
C:\WINDOWS\ie_32.exe
C:\WINDOWS\iexplorr23.dll
C:\WINDOWS\jd2002.dll
C:\WINDOWS\kkcomp$.exe
C:\WINDOWS\kkcomp.dll
C:\WINDOWS\kkcomp.exe
C:\WINDOWS\kvnab$.exe
C:\WINDOWS\kvnab.dll
C:\WINDOWS\kvnab.exe
C:\WINDOWS\liqad$.exe
C:\WINDOWS\liqad.dll
C:\WINDOWS\liqad.exe
C:\WINDOWS\liqui-Uninstaller.exe
C:\WINDOWS\liqui.dll
C:\WINDOWS\liqui.exe
C:\WINDOWS\ngd.dll
C:\WINDOWS\pbar.dll
C:\WINDOWS\pbsysie.dll
C:\WINDOWS\settn.dll
C:\WINDOWS\spredirect.dll
C:\WINDOWS\system32\.exe
C:\WINDOWS\system32\bavdlpl.dll
C:\WINDOWS\system32\d3
C:\WINDOWS\system32\drivers\blank.gif
C:\WINDOWS\system32\drivers\box_1.gif
C:\WINDOWS\system32\drivers\box_2.gif
C:\WINDOWS\system32\drivers\box_3.gif
C:\WINDOWS\system32\drivers\button_buynow.gif
C:\WINDOWS\system32\drivers\button_freescan.gif
C:\WINDOWS\system32\drivers\cell_bg.gif
C:\WINDOWS\system32\drivers\cell_footer.gif
C:\WINDOWS\system32\drivers\cell_header_block.gif
C:\WINDOWS\system32\drivers\cell_header_remove.gif
C:\WINDOWS\system32\drivers\cell_header_scan.gif
C:\WINDOWS\system32\drivers\core.cache.dsk
C:\WINDOWS\system32\drivers\core.sys
C:\WINDOWS\system32\drivers\detect.htm
C:\WINDOWS\system32\drivers\download_box.gif
C:\WINDOWS\system32\drivers\download_btn.jpg
C:\WINDOWS\system32\drivers\download_now_btn.gif
C:\WINDOWS\system32\drivers\footer_back.jpg
C:\WINDOWS\system32\drivers\header_1.gif
C:\WINDOWS\system32\drivers\header_2.gif
C:\WINDOWS\system32\drivers\header_3.gif
C:\WINDOWS\system32\drivers\header_4.gif
C:\WINDOWS\system32\drivers\header_red_bg.gif
C:\WINDOWS\system32\drivers\header_red_free_scan.gif
C:\WINDOWS\system32\drivers\header_red_free_scan_bg.gif
C:\WINDOWS\system32\drivers\header_red_protect_your_pc.gif
C:\WINDOWS\system32\drivers\infected.gif
C:\WINDOWS\system32\drivers\main_back.gif
C:\WINDOWS\system32\drivers\perfect_cleaner_box.jpg
C:\WINDOWS\system32\drivers\product_1_header.gif
C:\WINDOWS\system32\drivers\product_1_name_small.gif
C:\WINDOWS\system32\drivers\product_2_header.gif
C:\WINDOWS\system32\drivers\product_2_name_small.gif
C:\WINDOWS\system32\drivers\product_3_header.gif
C:\WINDOWS\system32\drivers\product_3_name_small.gif
C:\WINDOWS\system32\drivers\product_features.gif
C:\WINDOWS\system32\drivers\pt.htm
C:\WINDOWS\system32\drivers\rating.gif
C:\WINDOWS\system32\drivers\s_detect.htm
C:\WINDOWS\system32\drivers\screenshot.jpg
C:\WINDOWS\system32\drivers\sep_hor.gif
C:\WINDOWS\system32\drivers\sep_vert.gif
C:\WINDOWS\system32\drivers\shadow.jpg
C:\WINDOWS\system32\drivers\shadow_bg.gif
C:\WINDOWS\system32\drivers\spacer.gif
C:\WINDOWS\system32\drivers\spy_away_box.jpg
C:\WINDOWS\system32\drivers\star.gif
C:\WINDOWS\system32\drivers\star_gray.gif
C:\WINDOWS\system32\drivers\star_gray_small.gif
C:\WINDOWS\system32\drivers\star_small.gif
C:\WINDOWS\system32\drivers\style.css
C:\WINDOWS\system32\drivers\v.gif
C:\WINDOWS\system32\drivers\warning_icon.gif
C:\WINDOWS\system32\drivers\win_logo.gif
C:\WINDOWS\system32\drivers\x.gif
C:\WINDOWS\system32\drvkulr.dll
C:\WINDOWS\system32\ESHOPEE.exe
C:\WINDOWS\system32\f22
C:\WINDOWS\system32\fkmdvbtn
C:\WINDOWS\system32\fkmdvbtn\bg1.gif
C:\WINDOWS\system32\fkmdvbtn\bgtop.gif
C:\WINDOWS\system32\fkmdvbtn\bottom1.gif
C:\WINDOWS\system32\fkmdvbtn\essentials.gif
C:\WINDOWS\system32\fkmdvbtn\fkmdvbtn1.exe
C:\WINDOWS\system32\fkmdvbtn\fkmdvbtn2.exe
C:\WINDOWS\system32\fkmdvbtn\fkmdvbtn3.exe
C:\WINDOWS\system32\fkmdvbtn\icon1.ico
C:\WINDOWS\system32\fkmdvbtn\install1.gif
C:\WINDOWS\system32\fkmdvbtn\left1.gif
C:\WINDOWS\system32\fkmdvbtn\li.gif
C:\WINDOWS\system32\fkmdvbtn\logo.gif
C:\WINDOWS\system32\fkmdvbtn\main.htm
C:\WINDOWS\system32\fkmdvbtn\mainframe.htm
C:\WINDOWS\system32\fkmdvbtn\reinstall1.gif
C:\WINDOWS\system32\fkmdvbtn\right1.gif
C:\WINDOWS\system32\fkmdvbtn\s1.htm
C:\WINDOWS\system32\fkmdvbtn\s2.htm
C:\WINDOWS\system32\fkmdvbtn\s3.htm
C:\WINDOWS\system32\fkmdvbtn\SMTop1.gif
C:\WINDOWS\system32\fkmdvbtn\SMTop2.gif
C:\WINDOWS\system32\fkmdvbtn\SMTop3.gif
C:\WINDOWS\system32\fkmdvbtn\SMTop4.gif
C:\WINDOWS\system32\fkmdvbtn\soft1_off.gif
C:\WINDOWS\system32\fkmdvbtn\soft1_off_ext.gif
C:\WINDOWS\system32\fkmdvbtn\soft1_on.gif
C:\WINDOWS\system32\fkmdvbtn\soft1_on_ext.gif
C:\WINDOWS\system32\fkmdvbtn\soft2_off.gif
C:\WINDOWS\system32\fkmdvbtn\soft2_off_ext.gif
C:\WINDOWS\system32\fkmdvbtn\soft2_on.gif
C:\WINDOWS\system32\fkmdvbtn\soft2_on_ext.gif
C:\WINDOWS\system32\fkmdvbtn\soft3_off.gif
C:\WINDOWS\system32\fkmdvbtn\soft3_off_ext.gif
C:\WINDOWS\system32\fkmdvbtn\soft3_on.gif
C:\WINDOWS\system32\fkmdvbtn\soft3_on_ext.gif
C:\WINDOWS\system32\fkmdvbtn\softbottom_off.gif
C:\WINDOWS\system32\fkmdvbtn\softbottom_on.gif
C:\WINDOWS\system32\fkmdvbtn\softleft_off.gif
C:\WINDOWS\system32\fkmdvbtn\softleft_on.gif
C:\WINDOWS\system32\fkmdvbtn\top1.gif
C:\WINDOWS\system32\fkmdvbtn\top2.gif
C:\WINDOWS\system32\fkmdvbtn\turnoff1.gif
C:\WINDOWS\system32\fkmdvbtn\turnon1.gif
C:\WINDOWS\system32\kernelw.sys
C:\WINDOWS\system32\ldinfo.ldr
C:\WINDOWS\system32\msnav32.ax
C:\WINDOWS\system32\msole32.exe
C:\WINDOWS\system32\nusrmgr.exe
C:\WINDOWS\system32\oTt06e
C:\WINDOWS\system32\oTt08e
C:\WINDOWS\system32\p8
C:\WINDOWS\system32\p8\stallbb1.exe
C:\WINDOWS\system32\pac.txt
C:\WINDOWS\system32\s2
C:\WINDOWS\system32\s2\EMDT83122.exe
C:\WINDOWS\system32\T3
C:\WINDOWS\system32\T4
C:\WINDOWS\system32\T6
C:\WINDOWS\system32\T7
C:\WINDOWS\system32\T7\icm.exe
C:\WINDOWS\system32\T9
C:\WINDOWS\system32\v1
C:\WINDOWS\system32\vxddsk.exe
C:\WINDOWS\system32\wml.exe
C:\WINDOWS\system32\wtsisvit.exe
C:\WINDOWS\vxddsk.exe
C:\WINDOWS\wbeCheck.exe
C:\WINDOWS\wbeInst$.exe
C:\WINDOWS\wml.exe
C:\WINDOWS\xadbrk.dll
C:\WINDOWS\xadbrk.exe
C:\WINDOWS\xadbrk_.exe
C:\WINDOWS\xxxvideo.exe
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\LEGACY_CORE
-------\LEGACY_DRIVER
-------\LEGACY_NETWORK_MONITOR
-------\core
-------\Driver
((((((((((((((((((((((((( Files Created from 2007-09-28 to 2007-10-28 )))))))))))))))))))))))))))))))
.
2007-10-27 21:10 <DIR> d-------- C:\Program Files\p2pnetworks
2007-10-27 21:10 <DIR> d-------- C:\Program Files\e-zshopper
2007-10-27 21:10 <DIR> d-------- C:\Program Files\amsys
2007-10-27 21:10 <DIR> d-------- C:\Program Files\akl
2007-10-27 21:10 <DIR> d-------- C:\Program Files\Accoona
2007-10-27 21:10 <DIR> d-------- C:\Program Files\3721
2007-10-27 20:55 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-10-27 19:25 <DIR> d-------- C:\Documents and Settings\michelle brenczewski\Application Data\Grisoft
2007-10-27 19:25 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-10-27 18:24 <DIR> d-------- C:\Documents and Settings\michelle brenczewski\Application Data\AVG7
2007-10-27 18:23 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\AVG7
2007-10-27 18:23 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-10-27 17:19 <DIR> d-------- C:\Program Files\Trend Micro
2007-10-27 17:12 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2007-10-27 17:12 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2007-10-27 17:12 53,248 --a------ C:\WINDOWS\system32\Process.exe
2007-10-27 17:12 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-10-27 17:12 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2007-10-27 17:12 3,176 --a------ C:\WINDOWS\system32\tmp.reg
2007-10-27 14:27 <DIR> d-------- C:\WINDOWS\pss
2007-10-27 14:10 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Avg7
2007-10-27 14:09 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
2007-10-27 09:55 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2007-10-27 09:50 <DIR> d-------- C:\WINDOWS\system32\ZoneLabs
2007-10-27 09:50 1,086,952 --a------ C:\WINDOWS\system32\zpeng24.dll
2007-10-27 09:47 <DIR> d-------- C:\WINDOWS\Internet Logs
2007-10-27 07:13 18,432 --a------ C:\WINDOWS\fkwggshm.exe
2007-10-27 06:52 15,104 --a------ C:\WINDOWS\system32\ace16win.dll
2007-10-26 21:19 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-10-26 21:01 4 --a------ C:\WINDOWS\system32\stfv.bin
2007-10-26 11:12 <DIR> d-------- C:\WINDOWS\system32\acespy
2007-10-26 11:10 12 --a------ C:\WINDOWS\system32\dpqaqlqx.bin
2007-10-26 10:35 6,470 ---hs---- C:\WINDOWS\system32\gjkkj.bak1
2007-10-26 10:33 <DIR> d-------- C:\Program Files\Pyvddqjn
2007-10-26 10:32 <DIR> d-------- C:\Program Files\MalwareAlarm
2007-10-26 10:31 <DIR> d-------- C:\Program Files\grezcdwv
2007-10-26 10:31 123,910 --a------ C:\WINDOWS\system32\vvgeowbv.exe
2007-10-26 10:31 21,504 --a------ C:\WINDOWS\system32\aivskurq.dll
2007-10-26 10:30 41 --a------ C:\WINDOWS\plite731_uninstaller_.bat
2007-10-26 10:26 <DIR> d--hs---- C:\WINDOWS\bWljaGVsbGUgYnJlbmN6ZXdza2k
2007-10-10 00:50 582,656 --------- C:\WINDOWS\system32\dllcache\rpcrt4.dll
2007-10-02 16:53 <DIR> d-------- C:\Program Files\Infogrames Interactive
2007-09-28 09:29 <DIR> d-------- C:\Quicken Back-up
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-10-28 10:04 6,720 ----a-w C:\WINDOWS\system32\kernelw.sys
2007-10-28 02:09 9,984 ----a-w C:\WINDOWS\flt.dll
2007-10-28 02:09 8,192 ----a-w C:\WINDOWS\ngd.dll
2007-10-28 02:09 32,512 ----a-w C:\WINDOWS\wbeCheck.exe
2007-10-28 02:09 32,512 ----a-w C:\WINDOWS\fhfmm.exe
2007-10-28 02:09 32,000 ----a-w C:\WINDOWS\kkcomp.exe
2007-10-28 02:09 31,488 ----a-w C:\WINDOWS\liqad$.exe
2007-10-28 02:09 30,976 ----a-w C:\WINDOWS\liqui.exe
2007-10-28 02:09 30,464 ----a-w C:\WINDOWS\liqui.dll
2007-10-28 02:09 30,464 ----a-w C:\WINDOWS\daxtime.dll
2007-10-28 02:09 29,952 ----a-w C:\WINDOWS\kvnab.exe
2007-10-28 02:09 28,672 ----a-w C:\WINDOWS\settn.dll
2007-10-28 02:09 28,672 ----a-w C:\WINDOWS\hotporn.exe
2007-10-28 02:09 28,160 ----a-w C:\WINDOWS\eventlowg.dll
2007-10-28 02:09 26,880 ----a-w C:\WINDOWS\xxxvideo.exe
2007-10-28 02:09 26,112 ----a-w C:\WINDOWS\pbsysie.dll
2007-10-28 02:09 25,600 ----a-w C:\WINDOWS\xadbrk.dll
2007-10-28 02:09 25,344 ----a-w C:\WINDOWS\wbeInst$.exe
2007-10-28 02:09 25,088 ----a-w C:\WINDOWS\liqad.exe
2007-10-28 02:09 22,528 ----a-w C:\WINDOWS\liqad.dll
2007-10-28 02:09 21,760 ----a-w C:\WINDOWS\cbinst$.exe
2007-10-28 02:09 21,504 ----a-w C:\WINDOWS\system32\msole32.exe
2007-10-28 02:09 21,248 ----a-w C:\WINDOWS\iexplorr23.dll
2007-10-28 02:09 21,248 ----a-w C:\WINDOWS\aconti.exe
2007-10-28 02:09 20,736 ----a-w C:\WINDOWS\xadbrk_.exe
2007-10-28 02:09 18,944 ----a-w C:\WINDOWS\pbar.dll
2007-10-28 02:09 18,432 ----a-w C:\WINDOWS\spredirect.dll
2007-10-28 02:09 17,920 ----a-w C:\WINDOWS\vxddsk.exe
2007-10-28 02:09 17,664 ----a-w C:\WINDOWS\7search.dll
2007-10-28 02:09 17,152 ----a-w C:\WINDOWS\xadbrk.exe
2007-10-28 02:09 17,152 ----a-w C:\WINDOWS\wml.exe
2007-10-28 02:09 17,152 ----a-w C:\WINDOWS\adbar.dll
2007-10-28 02:09 16,896 ----a-w C:\WINDOWS\jd2002.dll
2007-10-28 02:09 16,128 ----a-w C:\WINDOWS\ie_32.exe
2007-10-28 02:09 14,592 ----a-w C:\WINDOWS\liqui-Uninstaller.exe
2007-10-28 02:09 14,080 ----a-w C:\WINDOWS\kvnab$.exe
2007-10-28 02:09 13,824 ----a-w C:\WINDOWS\kkcomp$.exe
2007-10-28 02:09 12,288 ----a-w C:\WINDOWS\kvnab.dll
2007-10-28 02:09 11,776 ----a-w C:\WINDOWS\kkcomp.dll
2007-10-28 02:09 11,264 ----a-w C:\WINDOWS\system32\ESHOPEE.exe
2007-10-28 02:09 11,264 ----a-w C:\WINDOWS\fhfmm-Uninstaller.exe
2007-10-28 02:09 11,008 ----a-w C:\WINDOWS\dp0.dll
2007-10-28 02:09 10,240 ----a-w C:\WINDOWS\hcwprn.exe
2007-10-28 02:04 9,984 ----a-w C:\WINDOWS\764.exe
2007-10-27 19:10 --------- d-----w C:\Program Files\PokerStars
2007-10-20 18:03 4,184 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
2007-10-02 21:53 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-09-01 19:41 --------- d-----w C:\Program Files\ProjectionsDominator
2007-08-21 06:15 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-08-21 06:15 683,520 ------w C:\WINDOWS\system32\dllcache\inetcomm.dll
2007-08-20 10:04 824,832 ----a-w C:\WINDOWS\system32\dllcache\wininet.dll
2007-08-20 10:04 671,232 ----a-w C:\WINDOWS\system32\dllcache\mstime.dll
2007-08-20 10:04 63,488 ------w C:\WINDOWS\system32\dllcache\icardie.dll
2007-08-20 10:04 6,058,496 ------w C:\WINDOWS\system32\dllcache\ieframe.dll
2007-08-20 10:04 52,224 ------w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2007-08-20 10:04 477,696 ----a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
2007-08-20 10:04 459,264 ------w C:\WINDOWS\system32\dllcache\msfeeds.dll
2007-08-20 10:04 44,544 ------w C:\WINDOWS\system32\dllcache\iernonce.dll
2007-08-20 10:04 384,512 ------w C:\WINDOWS\system32\dllcache\iedkcs32.dll
2007-08-20 10:04 383,488 ------w C:\WINDOWS\system32\dllcache\ieapfltr.dll
2007-08-20 10:04 3,584,512 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2007-08-20 10:04 27,648 ----a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
2007-08-20 10:04 267,776 ------w C:\WINDOWS\system32\dllcache\iertutil.dll
2007-08-20 10:04 232,960 ------w C:\WINDOWS\system32\dllcache\webcheck.dll
2007-08-20 10:04 230,400 ------w C:\WINDOWS\system32\dllcache\ieaksie.dll
2007-08-20 10:04 214,528 ----a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
2007-08-20 10:04 193,024 ----a-w C:\WINDOWS\system32\dllcache\msrating.dll
2007-08-20 10:04 153,088 ------w C:\WINDOWS\system32\dllcache\ieakeng.dll
2007-08-20 10:04 132,608 ----a-w C:\WINDOWS\system32\dllcache\extmgr.dll
2007-08-20 10:04 124,928 ------w C:\WINDOWS\system32\dllcache\advpack.dll
2007-08-20 10:04 105,984 ------w C:\WINDOWS\system32\dllcache\url.dll
2007-08-20 10:04 102,400 ------w C:\WINDOWS\system32\dllcache\occache.dll
2007-08-20 10:04 1,152,000 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll
2007-08-17 10:21 625,152 ------w C:\WINDOWS\system32\dllcache\iexplore.exe
2007-08-17 10:20 63,488 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2007-08-17 10:20 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-08-17 07:34 161,792 ------w C:\WINDOWS\system32\dllcache\ieakui.dll
2007-07-31 00:19 92,504 ----a-w C:\WINDOWS\system32\dllcache\cdm.dll
2007-07-31 00:19 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
2007-07-31 00:19 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll
2007-07-31 00:19 549,720 ----a-w C:\WINDOWS\system32\dllcache\wuapi.dll
2007-07-31 00:19 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe
2007-07-31 00:19 53,080 ----a-w C:\WINDOWS\system32\dllcache\wuauclt.exe
2007-07-31 00:19 43,352 ----a-w C:\WINDOWS\system32\wups2.dll
2007-07-31 00:19 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll
2007-07-31 00:19 325,976 ----a-w C:\WINDOWS\system32\dllcache\wucltui.dll
2007-07-31 00:19 271,224 ----a-w C:\WINDOWS\system32\mucltui.dll
2007-07-31 00:19 207,736 ----a-w C:\WINDOWS\system32\muweb.dll
2007-07-31 00:19 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll
2007-07-31 00:19 203,096 ----a-w C:\WINDOWS\system32\dllcache\wuweb.dll
2007-07-31 00:19 1,712,984 ----a-w C:\WINDOWS\system32\wuaueng.dll
2007-07-31 00:19 1,712,984 ----a-w C:\WINDOWS\system32\dllcache\wuaueng.dll
2007-07-31 00:18 33,624 ----a-w C:\WINDOWS\system32\wups.dll
2007-07-31 00:18 33,624 ----a-w C:\WINDOWS\system32\dllcache\wups.dll
2005-08-02 21:58:38 293,888 --sha-r C:\WINDOWS\bWljaGVsbGUgYnJlbmN6ZXdza2k\command.exe
2005-07-29 21:24:26 472 --sha-r C:\WINDOWS\bWljaGVsbGUgYnJlbmN6ZXdza2k\vq53u3pPv3o0sBL5vAhdtrxWuZ4.vbs
2006-06-15 23:03:12 88 --sh--r C:\WINDOWS\system32\32593B2C62.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{00000000-d9e3-4bc6-a0bd-3d0ca4be5271}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{00000012-890e-4aac-afd9-eff6954a34dd}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{029e02f0-a0e5-4b19-b958-7bf2db29fb13}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{06dfedaa-6196-11d5-bfc8-00508b4a487d}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1adbcce8-cf84-441e-9b38-afc7a19c06a4}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2A8C2C57-93A7-0675-5A40-098909C6F6CC}]
C:\Program Files\Pyvddqjn\qavhytbh.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2d7cb618-cc1c-4126-a7e3-f5b12d3bcf71}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{51641ef3-8a7a-4d84-8659-b0911e947cc8}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{53C330D6-A4AB-419B-B45D-FD4411C1FEF4}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{54645654-2225-4455-44A1-9F4543D34546}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{669695bc-a811-4a9d-8cdf-ba8c795f261e}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6abc861a-31e7-4d91-b43b-d3c98f22a5c0}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{813F3562-5D8D-451F-2E82-98DB074E0935}]
C:\Program Files\Windows Media Player\lavuqafut557.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{944864a5-3916-46e2-96a9-a2e84f3f1208}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a4a435cf-3583-11d4-91bd-0048546a1450}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A6E432B4-D4C2-43B3-BF55-C364F8F7362A}]
2007-10-26 10:32 21504 --a------ C:\WINDOWS\system32\aivskurq.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{b8875bfe-b021-11d4-bfa8-00508b8e9bd3}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{c2680e10-1655-4a0e-87f8-4259325a84b7}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{c4ca6559-2cf1-48b6-96b2-8340a06fd129}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{c5af2622-8c75-4dfb-9693-23ab7686a456}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ca1d1b05-9c66-11d5-a009-000103c1e50b}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{CA7FC111-0689-49F1-91B3-C3BB5BC07B1A}]
C:\WINDOWS\system32\jkkjg.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{d8efadf1-9009-11d6-8c73-608c5dc19089}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e9147a0a-a866-4214-b47c-da821891240f}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e9306072-417e-43e3-81d5-369490beef7c}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 19:42]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2005-04-05 19:22]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2005-04-05 19:19]
"Persistence"="C:\WINDOWS\system32\igfxpers.exe" [2005-04-05 19:23]
"DMXLauncher"="C:\Program Files\Dell\Media Experience\DMXLauncher.exe" [2005-10-05 03:12]
"ISUSPM Startup"="c:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 10:44]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 10:44]
"DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2005-09-08 05:20]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-08-15 07:05]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-06-12 21:55]
"EPSON Stylus Photo 825"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.exe" [2002-04-09 14:04]
"MSKDetectorExe"="C:\Program Files\McAfee\SpamKiller\MSKDetct.exe" [2005-08-12 16:16]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-11-03 19:20]
"{04-45-52-23-ZN}"="C:\Documents and Settings\michelle brenczewski\Local Settings\Temp\T0CHD001.exe" []
"Windows Update Check"="C:\WINDOWS\system32\syslodr.exe" [2007-10-26 10:28]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-10-27 18:23]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 04:25]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 11:24]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 05:00]
"@BackupScheduler"="C:\Program Files\Online Backup\OnlineBackup.exe" [2007-02-28 02:36]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 23:05:26]
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2006-06-12 21:51:50]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\xxyawtq]
xxyawtq.dll
R0 ACPI;Microsoft ACPI Driver;C:\WINDOWS\system32\DRIVERS\ACPI.sys
R0 Disk;Disk Driver;C:\WINDOWS\system32\DRIVERS\disk.sys
R0 Ftdisk;Volume Manager Driver;C:\WINDOWS\system32\DRIVERS\ftdisk.sys
R0 isapnp;PnP ISA/EISA Bus Driver;C:\WINDOWS\system32\DRIVERS\isapnp.sys
R0 NDIS;NDIS System Driver;C:\WINDOWS\system32\drivers\NDIS.sys
R0 PCI;PCI Bus Driver;C:\WINDOWS\system32\DRIVERS\pci.sys
R0 sr;System Restore Filter Driver;C:\WINDOWS\system32\DRIVERS\sr.sys
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver;C:\WINDOWS\system32\DRIVERS\WudfPf.sys
R1 AVG Anti-Spyware Driver;AVG Anti-Spyware Driver;\??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys
R1 Avg7RsW;AVG7 Wrap Driver;C:\WINDOWS\system32\Drivers\avg7rsw.sys
R1 AvgAsCln;AVG Anti-Spyware Clean Driver;C:\WINDOWS\system32\DRIVERS\AvgAsCln.sys
R1 AvgClean;AVG7 Clean Driver;C:\WINDOWS\system32\Drivers\avgclean.sys
R1 Cdrom;CD-ROM Driver;C:\WINDOWS\system32\DRIVERS\cdrom.sys
R1 Imapi;CD-Burning Filter Driver;C:\WINDOWS\system32\DRIVERS\imapi.sys
R1 intelppm;Intel Processor Driver;C:\WINDOWS\system32\DRIVERS\intelppm.sys
R1 IPSec;IPSEC driver;C:\WINDOWS\system32\DRIVERS\ipsec.sys
R1 Kbdclass;Keyboard Class Driver;C:\WINDOWS\system32\DRIVERS\kbdclass.sys
R1 kbdhid;Keyboard HID Driver;C:\WINDOWS\system32\DRIVERS\kbdhid.sys
R1 Mouclass;Mouse Class Driver;C:\WINDOWS\system32\DRIVERS\mouclass.sys
R1 RasAcd;Remote Access Auto Connection Driver;C:\WINDOWS\system32\DRIVERS\rasacd.sys
R1 redbook;Digital CD Audio Playback Filter Driver;C:\WINDOWS\system32\DRIVERS\redbook.sys
R1 Serial;Serial port driver;C:\WINDOWS\system32\DRIVERS\serial.sys
R1 Tcpip;TCP/IP Protocol Driver;C:\WINDOWS\system32\DRIVERS\tcpip.sys
R1 TermDD;Terminal Device Driver;C:\WINDOWS\system32\DRIVERS\termdd.sys
R2 IpFilterDriver;IP Traffic Filter Driver;C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
R3 audstub;Audio Stub Driver;C:\WINDOWS\system32\DRIVERS\audstub.sys
R3 E100B;Intel(R) PRO Adapter Driver;C:\WINDOWS\system32\DRIVERS\e100b325.sys
R3 HidUsb;Microsoft HID Class Driver;C:\WINDOWS\system32\DRIVERS\hidusb.sys
R3 mouhid;Mouse HID Driver;C:\WINDOWS\system32\DRIVERS\mouhid.sys
R3 mssmbios;Microsoft System Management BIOS Driver;C:\WINDOWS\system32\DRIVERS\mssmbios.sys
R3 NdisTapi;Remote Access NDIS TAPI Driver;C:\WINDOWS\system32\DRIVERS\ndistapi.sys
R3 NdisWan;Remote Access NDIS WAN Driver;C:\WINDOWS\system32\DRIVERS\ndiswan.sys
R3 Parport;Parallel port driver;C:\WINDOWS\system32\DRIVERS\parport.sys
R3 Ptilink;Direct Parallel Link Driver;C:\WINDOWS\system32\DRIVERS\ptilink.sys
R3 RasPppoe;Remote Access PPPOE Driver;C:\WINDOWS\system32\DRIVERS\raspppoe.sys
R3 serenum;Serenum Filter Driver;C:\WINDOWS\system32\DRIVERS\serenum.sys
R3 swenum;Software Bus Driver;C:\WINDOWS\system32\DRIVERS\swenum.sys
R3 Update;Microcode Update Driver;C:\WINDOWS\system32\DRIVERS\update.sys
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver;C:\WINDOWS\system32\DRIVERS\usbehci.sys
R3 usbhub;Microsoft USB Standard Hub Driver;C:\WINDOWS\system32\DRIVERS\usbhub.sys
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver;C:\WINDOWS\system32\DRIVERS\usbuhci.sys
R3 Wanarp;Remote Access IP ARP Driver;C:\WINDOWS\system32\DRIVERS\wanarp.sys
R3 wdmaud;Microsoft WINMM WDM Audio Compatibility Driver;C:\WINDOWS\system32\drivers\wdmaud.sys
S1 i8042prt;i8042 Keyboard and PS/2 Mouse Port Driver;C:\WINDOWS\system32\DRIVERS\i8042prt.sys
S3 AsyncMac;RAS Asynchronous Media Driver;C:\WINDOWS\system32\DRIVERS\asyncmac.sys
S3 Fdc;Floppy Disk Controller Driver;C:\WINDOWS\system32\DRIVERS\fdc.sys
S3 Flpydisk;Floppy Disk Driver;C:\WINDOWS\system32\DRIVERS\flpydisk.sys
S3 Ip6Fw;IPv6 Windows Firewall Driver;C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
S3 IpInIp;IP in IP Tunnel Driver;C:\WINDOWS\system32\DRIVERS\ipinip.sys
S3 NwlnkFlt;IPX Traffic Filter Driver;C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
S3 NwlnkFwd;IPX Traffic Forwarder Driver;C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
S3 rdpdr;Terminal Server Device Redirector Driver;C:\WINDOWS\system32\DRIVERS\rdpdr.sys
S3 RIOUNIV;Rio universal USB driver;C:\WINDOWS\system32\Drivers\RIOUNIV.sys
S3 usbscan;USB Scanner Driver;C:\WINDOWS\system32\DRIVERS\usbscan.sys
S3 USBSTOR;USB Mass Storage Driver;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
S4 amdagp;AMD AGP Bus Filter Driver;C:\WINDOWS\system32\DRIVERS\amdagp.sys
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0b5f1a70-20dc-11db-89ce-0016767d980a}]
AutoRun\command - F:\LaunchU3.exe
*Newly Created Service* - AVGASCLN
*Newly Created Service* - DRIVER
.
Contents of the 'Scheduled Tasks' folder
"2007-10-28 06:31:00 C:\WINDOWS\Tasks\MP Scheduled Scan.job"
.
**************************************************************************
catchme 0.3.1232 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-10-28 05:05:18
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
C:\WINDOWS\system32\syslodr.exe [3624] 0x8588E510
scanning hidden autostart entries ...
scanning hidden files ...
C:\WINDOWS\system32\syslodr.exe 11264 bytes executable
**************************************************************************
.
Completion time: 2007-10-28 5:07:02 - machine was rebooted
.
--- E O F ---
