Hi,
Here is the latest combofix log, per your instructions. It seemed to run just fine , though there were a number of programs that "did not shut down" properly (such as the program for the razr mouse and a few others).
ComboFix 08-11-13.02 - Primary 2008-11-15 19:57:52.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1423 [GMT -5:00]
Running from: c:\documents and settings\Primary\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Primary\Desktop\CFScript.txt
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Primary\Application Data\FrostWire
c:\documents and settings\Primary\Application Data\FrostWire\.NetworkShare\Incomplete\T-4506256-LimeWireWin4.16.6.exe
c:\documents and settings\Primary\Application Data\FrostWire\checkandupdate.txt
c:\documents and settings\Primary\Application Data\FrostWire\createtimes.cache
c:\documents and settings\Primary\Application Data\FrostWire\downloads.dat
c:\documents and settings\Primary\Application Data\FrostWire\fileurns.bak
c:\documents and settings\Primary\Application Data\FrostWire\fileurns.cache
c:\documents and settings\Primary\Application Data\FrostWire\filters.props
c:\documents and settings\Primary\Application Data\FrostWire\frostwire.props
c:\documents and settings\Primary\Application Data\FrostWire\gnutella.net
c:\documents and settings\Primary\Application Data\FrostWire\installation.props
c:\documents and settings\Primary\Application Data\FrostWire\intent.props
c:\documents and settings\Primary\Application Data\FrostWire\library.dat
c:\documents and settings\Primary\Application Data\FrostWire\mojito.props
c:\documents and settings\Primary\Application Data\FrostWire\questions.props
c:\documents and settings\Primary\Application Data\FrostWire\responses.cache
c:\documents and settings\Primary\Application Data\FrostWire\simpp.xml
c:\documents and settings\Primary\Application Data\FrostWire\spam.dat
c:\documents and settings\Primary\Application Data\FrostWire\tables.props
c:\documents and settings\Primary\Application Data\FrostWire\themes\frostwirePro_theme.fwtp
c:\documents and settings\Primary\Application Data\FrostWire\themes\frostwirePro_theme\theme.txt
c:\documents and settings\Primary\Application Data\FrostWire\themes\frostwirePro_theme\version.txt
c:\documents and settings\Primary\Application Data\FrostWire\ttrees.cache
c:\documents and settings\Primary\Application Data\FrostWire\ttroot.cache
c:\documents and settings\Primary\Application Data\FrostWire\version.xml
c:\documents and settings\Primary\Application Data\FrostWire\xml\data\audio.sxml2
.
((((((((((((((((((((((((( Files Created from 2008-10-16 to 2008-11-16 )))))))))))))))))))))))))))))))
.
2008-11-15 18:04 . 2008-11-15 18:04 <DIR> d-------- c:\windows\LastGood
2008-11-13 00:02 . 2008-11-13 00:03 1,393 --a------ c:\windows\imsins.BAK
2008-11-12 22:34 . 2008-09-04 12:15 1,106,944 -----c--- c:\windows\system32\dllcache\msxml3.dll
2008-11-12 22:34 . 2008-10-24 06:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys
2008-11-10 16:46 . 2008-11-10 16:46 <DIR> d-------- c:\windows\AiOTemp
2008-11-10 16:44 . 2008-11-10 16:45 <DIR> d-------- c:\windows\system32\Adobe
2008-11-06 00:59 . 2008-11-15 20:00 3,631,136 --ahs---- c:\windows\system32\drivers\fidbox.dat
2008-11-06 00:59 . 2008-11-15 07:35 47,096 --ahs---- c:\windows\system32\drivers\fidbox.idx
2008-11-06 00:56 . 2008-11-06 00:56 <DIR> d-------- c:\documents and settings\All Users\Application Data\MailFrontier
2008-11-06 00:56 . 2008-07-09 09:05 75,248 --a------ c:\windows\zllsputility.exe
2008-11-06 00:56 . 2004-04-27 04:40 11,264 --a------ c:\windows\system32\SpOrder.dll
2008-11-06 00:56 . 2008-11-06 00:57 4,212 ---h----- c:\windows\system32\zllictbl.dat
2008-11-06 00:55 . 2008-11-06 00:56 <DIR> d-------- c:\windows\system32\ZoneLabs
2008-11-06 00:55 . 2008-11-06 00:55 <DIR> d-------- c:\program files\Zone Labs
2008-11-06 00:55 . 2008-07-09 09:05 1,086,952 --a------ c:\windows\system32\zpeng24.dll
2008-11-06 00:55 . 2008-11-15 18:03 352,918 --a------ c:\windows\system32\vsconfig.xml
2008-11-06 00:52 . 2008-11-15 19:56 <DIR> d-------- c:\windows\Internet Logs
2008-11-06 00:44 . 2008-11-06 00:44 <DIR> d-------- c:\program files\Hitman Pro 3
2008-11-06 00:44 . 2008-11-08 16:14 <DIR> d-------- c:\documents and settings\All Users\Application Data\Hitman Pro 3
2008-11-06 00:44 . 2008-11-06 00:45 <DIR> d-------- c:\documents and settings\All Users\Application Data\Hitman Pro
2008-11-05 19:15 . 2008-11-05 19:15 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-11-05 19:15 . 2008-11-05 19:15 <DIR> d-------- c:\documents and settings\Primary\Application Data\Malwarebytes
2008-11-05 19:15 . 2008-11-05 19:15 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2008-11-05 19:15 . 2008-10-22 16:28 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-11-05 19:15 . 2008-10-22 16:28 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-11-05 18:06 . 2008-11-05 18:06 <DIR> d-------- c:\program files\SUPERAntiSpyware
2008-11-05 18:06 . 2008-11-05 18:06 <DIR> d-------- c:\documents and settings\Primary\Application Data\SUPERAntiSpyware.com
2008-11-05 18:06 . 2008-11-05 18:06 <DIR> d-------- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2008-11-05 03:05 . 2008-11-05 03:05 <DIR> d-------- c:\program files\GiPo@Utilities
2008-11-05 03:05 . 2008-11-05 03:05 <DIR> d-------- c:\program files\Common Files\Gibinsoft Shared
2008-11-05 00:06 . 2008-11-06 23:00 <DIR> d-------- c:\program files\Spybot - Search & Destroy
2008-11-02 12:36 . 2008-11-07 01:57 <DIR> d--h----- C:\$AVG8.VAULT$
2008-11-02 11:48 . 2008-11-02 11:48 <DIR> d-------- c:\program files\Lavasoft
2008-11-02 11:48 . 2008-11-02 11:49 <DIR> d-------- c:\documents and settings\All Users\Application Data\Lavasoft
2008-10-25 21:26 . 2008-10-15 11:34 337,408 -----c--- c:\windows\system32\dllcache\netapi32.dll
2008-10-22 20:20 . 2008-10-22 20:20 281 --a------ c:\windows\irremote.ini
2008-10-16 23:20 . 2008-10-16 23:20 <DIR> d-------- c:\windows\system32\AGEIA
2008-10-16 23:20 . 2008-10-16 23:20 <DIR> d-------- c:\program files\AGEIA Technologies
2008-10-16 22:58 . 2005-02-04 12:37 131,072 --a------ c:\windows\system32\hcwsched.ocx
2008-10-16 22:58 . 1998-06-25 22:00 89,600 --a------ c:\windows\system32\MSCAL.OCX
2008-10-16 22:58 . 2005-01-12 14:29 69,696 --a------ c:\windows\system32\CHSUITE.OCX
2008-10-16 22:58 . 2005-02-21 13:36 69,632 --a------ c:\windows\system32\hcwsched.dll
2008-10-16 22:58 . 2002-12-27 11:33 65,536 --a------ c:\windows\system32\dmcrypto.dll
2008-10-16 22:58 . 2001-01-12 10:02 53,248 --a------ c:\windows\system32\MDCustomPanels.ocx
2008-10-16 22:57 . 2008-10-16 22:57 <DIR> d-------- c:\windows\system32\hauppauge
2008-10-16 22:57 . 2004-02-23 08:44 236,544 --a------ c:\windows\system32\DivXdec.ax
2008-10-16 22:57 . 2002-10-31 21:32 53,248 --a------ c:\windows\system32\hcwfwrit.ax
2008-10-16 22:57 . 2008-10-16 22:57 3,070 --a------ c:\windows\HCWPNP.INI
2008-10-16 22:20 . 2008-10-16 22:20 <DIR> d-------- C:\MyVideos
2008-10-16 22:20 . 2002-12-17 10:15 77,824 --a------ c:\windows\system32\hcwsplit.ax
2008-10-16 22:20 . 2002-12-18 16:02 69,632 --a------ c:\windows\system32\hcwfread.ax
2008-10-16 21:35 . 2008-10-16 22:58 <DIR> d-------- c:\program files\WinTV
2008-10-16 21:25 . 2008-08-14 05:11 2,189,184 -----c--- c:\windows\system32\dllcache\ntoskrnl.exe
2008-10-16 21:25 . 2008-08-14 05:09 2,145,280 -----c--- c:\windows\system32\dllcache\ntkrnlmp.exe
2008-10-16 21:25 . 2008-08-14 04:33 2,066,048 -----c--- c:\windows\system32\dllcache\ntkrnlpa.exe
2008-10-16 21:25 . 2008-08-14 04:33 2,023,936 -----c--- c:\windows\system32\dllcache\ntkrpamp.exe
2008-10-16 21:25 . 2008-09-15 07:12 1,846,400 -----c--- c:\windows\system32\dllcache\win32k.sys
2008-10-16 21:25 . 2008-09-08 05:41 333,824 -----c--- c:\windows\system32\dllcache\srv.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-14 01:38 --------- d-----w c:\program files\Azureus
2008-11-12 13:08 --------- d-----w c:\program files\Google
2008-11-12 03:24 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-07 03:59 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2008-11-06 05:26 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2008-11-06 03:14 --------- d-----w c:\program files\Bonjour
2008-11-06 03:03 --------- d-----w c:\program files\Brownie
2008-11-06 01:48 --------- d-----w c:\documents and settings\Primary\Application Data\U3
2008-11-05 23:06 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2008-10-31 03:23 22,328 ----a-w c:\documents and settings\Primary\Application Data\PnkBstrK.sys
2008-10-27 23:00 --------- d-----w c:\program files\Hewlett-Packard
2008-10-24 11:21 455,296 ------w c:\windows\system32\drivers\mrxsmb.sys
2008-10-16 19:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 19:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 19:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 19:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 19:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 19:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 19:06 268,648 ----a-w c:\windows\system32\mucltui.dll
2008-10-16 19:06 208,744 ----a-w c:\windows\system32\muweb.dll
2008-10-14 22:47 --------- d-----w c:\documents and settings\Primary\Application Data\Move Networks
2008-10-07 22:34 --------- d-----w c:\documents and settings\Primary\Application Data\SystemRequirementsLab
2008-10-04 19:01 --------- d-----w c:\program files\Windows Media Connect 2
2008-09-19 02:09 --------- d-----w c:\documents and settings\All Users\Application Data\NexonUS
2008-09-15 12:12 1,846,400 ------w c:\windows\system32\win32k.sys
2008-09-12 03:15 4,166 ----a-w c:\windows\system32\ealregsnapshot1.reg
2008-09-10 01:14 1,307,648 ----a-w c:\windows\system32\msxml6.dll
2008-09-07 23:38 107,888 ----a-w c:\windows\system32\CmdLineExt.dll
2008-09-04 17:15 1,106,944 ----a-w c:\windows\system32\msxml3.dll
2008-09-04 13:31 288,024 ----a-w c:\windows\system32\PhysXCplUI.exe
2008-09-01 14:02 20 ---h--w c:\documents and settings\All Users\Application Data\PKP_DLec.DAT
2008-09-01 00:52 10,520 ----a-w c:\windows\system32\avgrsstx.dll
2008-09-01 00:41 81,984 ----a-w c:\windows\system32\bdod.bin
2008-08-29 16:06 43,520 ----a-w c:\windows\system32\CmdLineExt03.dll
2008-08-29 12:57 70,936 ----a-w c:\windows\system32\PhysXLoader.dll
2008-08-27 17:58 453,152 ----a-w c:\windows\system32\NVUNINST.EXE
2008-08-26 07:24 826,368 ----a-w c:\windows\system32\wininet.dll
2008-08-20 22:35 122,880 ----a-w c:\windows\system32\NVCOSMB.DLL
2008-06-29 16:22 66,936 --sha-w c:\windows\dlinfo_0.drv
2008-06-09 07:14 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008060920080610\index.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NBJ"="c:\program files\Ahead\Nero BackItUp\NBJ.exe" [2004-09-07 1871872]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"EPSON PictureMate 2005"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATI9ZA.EXE" [2005-02-14 98304]
"Diamondback"="c:\program files\Razer\Diamondback\razerhid.exe" [2007-02-14 147456]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-07 13574144]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-05-27 413696]
"iTunesHelper"="d:\itunes\iTunesHelper.exe" [2008-06-02 267048]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2008-09-29 1234712]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-10-07 86016]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-07-09 919016]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 c:\windows\KHALMNPR.Exe]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 c:\windows\KHALMNPR.Exe]
"nwiz"="nwiz.exe" [2008-10-07 c:\windows\system32\nwiz.exe]
"SoundMan"="SOUNDMAN.EXE" [2005-10-04 c:\windows\soundman.exe]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-04-23 29696]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-02-17 65588]
NkbMonitor.exe.lnk - d:\nikon\PictureProject\NkbMonitor.exe [2006-12-17 118784]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-07-23 16:28 352256 c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Brother\\BRCDUTL\\BRHL2040\\inthelp.exe"=
"c:\\Program Files\\AvRack\\rtlrack.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"d:\\Steam\\SteamApps\\plowenfeld@yahoo.com\\day of defeat source\\hl2.exe"=
"d:\\Steam\\SteamApps\\plowenfeld@yahoo.com\\counter-strike source\\hl2.exe"=
"d:\\Steam\\SteamApps\\plowenfeld@yahoo.com\\half-life 2 deathmatch\\hl2.exe"=
"d:\\Steam\\SteamApps\\plowenfeld@yahoo.com\\half-life deathmatch source\\hl2.exe"=
"d:\\DK2\\DKII.exe"=
"d:\\Steam\\SteamApps\\common\\red orchestra\\System\\RedOrchestra.exe"=
"d:\\Steam\\steam.exe"=
"d:\\Steam\\SteamApps\\utzzzz\\day of defeat source\\hl2.exe"=
"d:\\Sierra\\FEAR\\FEAR.exe"=
"d:\\Sierra\\FEAR\\FEARMP.exe"=
"d:\\Steam\\SteamApps\\jack1105\\counter-strike source\\hl2.exe"=
"d:\\Steam\\SteamApps\\jack1105\\half-life 2 deathmatch\\hl2.exe"=
"d:\\AIM\\aim.exe"=
"d:\\Sierra\\FEAR\\FEARServer.exe"=
"d:\\Steam\\SteamApps\\utzzzz\\half-life 2\\hl2.exe"=
"d:\\Steam\\SteamApps\\jack1105\\half-life 2\\hl2.exe"=
"d:\\Microsoft Games\\Close Combat III\\CC3.exe"=
"d:\\Steam\\SteamApps\\plowenfeld@yahoo.com\\condition zero\\hl.exe"=
"d:\\Steam\\SteamApps\\utzzzz\\counter-strike source\\hl2.exe"=
"d:\\Starcraft\\StarCraft.exe"=
"d:\\Steam\\SteamApps\\utzzzz\\counter-strike\\hl.exe"=
"d:\\Steam\\SteamApps\\plowenfeld@yahoo.com\\counter-strike\\hl.exe"=
"d:\\Ubisoft\\Faces of War\\facesofwar.exe"=
"d:\\Steam\\SteamApps\\plowenfeld@yahoo.com\\source sdk base\\hl2.exe"=
"d:\\Steam\\SteamApps\\jack1105\\source sdk base\\hl2.exe"=
"d:\\Steam\\SteamApps\\utzzzz\\day of defeat\\hl.exe"=
"d:\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"d:\\THQ\\Company of Heroes\\RelicCOH.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\3DO\\Heroes3\\Heroes3.EXE"=
"c:\\Program Files\\3DO\\Heroes3\\h3maped.exe"=
"d:\\Steam\\SteamApps\\jack1105\\day of defeat source\\hl2.exe"=
"e:\\2K Games\\Firaxis Games\\Sid Meier's Civilization 4 Gold\\Civilization4.exe"=
"e:\\2K Games\\Firaxis Games\\Sid Meier's Civilization 4 Gold\\Warlords\\Civ4Warlords.exe"=
"d:\\Steam\\SteamApps\\plowenfeld@yahoo.com\\team fortress 2\\hl2.exe"=
"d:\\Steam\\SteamApps\\plowenfeld@yahoo.com\\day of defeat source beta\\hl2.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Program Files\\Sierra Entertainment\\World in Conflict\\wic.exe"=
"d:\\Program Files\\Sierra Entertainment\\World in Conflict\\wic_online.exe"=
"d:\\Program Files\\Sierra Entertainment\\World in Conflict\\wic_ds.exe"=
"e:\\Diablo\\diablo.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"d:\\iTunes\\iTunes.exe"=
"g:\\Ubisoft\\Gearbox Software\\BrothersInArmsEiB\\System\\EiB.exe"=
"d:\\Steam\\SteamApps\\jack1105\\garrysmod\\hl2.exe"=
"g:\\THQ\\Pandemic Studios\\Full Spectrum Warrior\\Launcher.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
R0 uliagpkx;ULi AGP Bus Filter Driver;c:\windows\system32\DRIVERS\agpkx.sys [2006-12-14 45056]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [2008-08-31 97928]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-08-31 231704]
R3 HCWBT8XX;Hauppauge WinTV 848/9 WDM Video Driver;c:\windows\system32\drivers\HCWBT8XX.sys [2008-10-16 472644]
R3 Razerlow;Razerlow USB Filter Driver;c:\windows\system32\Drivers\Razerlow.sys [2007-12-30 13225]
S0 m5289;m5289;c:\windows\system32\DRIVERS\m5289.sys []
S2 ATIBTCAP;ATI TV Wonder Video Capture;c:\windows\system32\drivers\atibtcap.sys [2008-10-02 58240]
S2 ATIBTXBAR;ATI TV Wonder Video Crossbar;c:\windows\system32\drivers\atibtxbr.sys [2008-10-02 6912]
S2 ATIVTUTW;ATI TV Wonder TV Tuner;c:\windows\system32\drivers\ativtutw.sys [2008-10-02 17664]
S2 ATIVXSTW;ATI TV Wonder Audio Crossbar;c:\windows\system32\drivers\ativxstw.sys [2008-10-02 28416]
S3 AC97ALI;Service for AC'97 Driver (WDM);c:\windows\system32\drivers\ali55wdm.sys [2006-05-10 63488]
S3 hitmanpro3;Hitman Pro 3 Support Driver;\??\c:\windows\system32\drivers\hitmanpro3.sys []
S3 lac97inf;lac97inf;\??\c:\docume~1\Primary\LOCALS~1\Temp\lac97inf.sys []
S4 hpt3xx;hpt3xx; []
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\J]
\Shell\AutoRun\command - J:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fd3381c8-ab81-11dd-8976-003018a7bb96}]
\Shell\AutoRun\command - J:\LaunchU3.exe -a
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-11-15 20:00:31
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-11-15 20:01:24
ComboFix-quarantined-files.txt 2008-11-16 01:01:21
ComboFix2.txt 2008-11-06 01:54:54
Pre-Run: 6,633,033,728 bytes free
Post-Run: 6,688,206,848 bytes free
268 --- E O F --- 2008-11-13 05:05:45
Thank you again.
Peter