Explorer.exe keeps restarting itself

Hello, first post here so excuse me if i'm breakin some (un?)written rules. I've read all the stickys and the other post concering this, and I'm still having problems

what i've done and noticed:
Run Avast many times, catching some infected .tmp files but not helping
I've tried booting into safe mood, but even then explorer.exe keeps restarting itself. Everytime it does this, windows pops up the "are you shure you want to be in safe mode?" dialog. It makes it impossible to do any kind of work in safe mode.
Run combofix.exe. Combofix on the first run caught a large number of things and got rid of them (log later). On the reboot, the system was working fine. I thought combofix fixed the problem
However, then spybot search and destroy started to report that something or other was trying to make a registry key ({B3285A3E-E762-4C8D-96BD-C71C74DB3F71}" (new data: "") added in Browser Helper Object!) over and over. It was blocking it every 4 seconds.

During this process, I decided to reinstall windows, thinking that might help (it didn't). I have to reinstall my video card drivers now, so I rebooted my system.

The problems came back. I ran combofix.exe and caught only 3 files. Then spybot started to do the same thing over and over again as it did before.

I am quite confused as to how deep this infection is - and am quite worried that safe mode itself is not working properly. Any advice would be helpful

also, logs:

--Second combo fix run--
ComboFix 07-11-06.4 - Rob 2007-11-06  8:40:16.2 - NTFSx86 
Microsoft Windows XP Home Edition  5.1.2600.2.1252.1.1033.18.1571 [GMT -5:00]
Running from: C:\Documents and Settings\Rob\Desktop\ComboFix.exe
.

    Unable to gain System Privileges

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\SYSTEM32\rtstv.bak1
C:\WINDOWS\SYSTEM32\rtstv.ini
C:\WINDOWS\system32\vtstr.dll

.
(((((((((((((((((((((((((   Files Created from 2007-10-06 to 2007-11-06  )))))))))))))))))))))))))))))))
.

2007-11-06 08:49    <DIR>    d--------   C:\VundoFix Backups
2007-11-06 07:45    51,200  --a------   C:\WINDOWS\NirCmd.exe
2007-11-05 23:45    116,224 --a--c---   C:\WINDOWS\SYSTEM32\dllcache\xrxwiadr.dll
2007-11-05 23:45    27,648  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\xrxftplt.exe
2007-11-05 23:45    23,040  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\xrxwbtmp.dll
2007-11-05 23:45    17,408  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\xrxscnui.dll
2007-11-05 23:44    99,865  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\xlog.exe
2007-11-05 23:44    19,455  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\wvchntxx.sys
2007-11-05 23:44    19,328  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\wstcodec.sys
2007-11-05 23:44    16,970  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\xem336n5.sys
2007-11-05 23:44    12,063  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\wsiintxx.sys
2007-11-05 23:44    8,832   --a--c---   C:\WINDOWS\SYSTEM32\dllcache\wmiacpi.sys
2007-11-05 23:44    8,192   --a--c---   C:\WINDOWS\SYSTEM32\dllcache\wshirda.dll
2007-11-05 23:44    4,608   --a--c---   C:\WINDOWS\SYSTEM32\dllcache\xrxflnch.exe
2007-11-05 23:30    899,146 --a--c---   C:\WINDOWS\SYSTEM32\dllcache\r2mdkxga.sys
2007-11-05 23:30    714,762 --a--c---   C:\WINDOWS\SYSTEM32\dllcache\r2mdmkxx.sys
2007-11-05 23:30    49,024  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\ql1280.sys
2007-11-05 23:30    45,312  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\ql12160.sys
2007-11-05 23:30    41,472  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\qvusd.dll
2007-11-05 23:30    40,448  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\ql1240.sys
2007-11-05 23:30    19,584  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\rasirda.sys
2007-11-05 23:30    13,776  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\recagent.sys
2007-11-05 23:30    3,328   --a--c---   C:\WINDOWS\SYSTEM32\dllcache\qv2kux.sys
2007-11-05 23:23    51,328  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\msdv.sys
2007-11-05 23:23    35,200  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\msgame.sys
2007-11-05 23:23    22,016  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\msircomm.sys
2007-11-05 23:23    17,280  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\mraid35x.sys
2007-11-05 23:23    12,416  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\msriffwv.sys
2007-11-05 23:23    6,016   --a--c---   C:\WINDOWS\SYSTEM32\dllcache\msfsio.sys
2007-11-05 23:23    2,944   --a--c---   C:\WINDOWS\SYSTEM32\dllcache\msmpu401.sys
2007-11-05 23:14    455,680 --a--c---   C:\WINDOWS\SYSTEM32\dllcache\fus2base.sys
2007-11-05 23:14    455,296 --a--c---   C:\WINDOWS\SYSTEM32\dllcache\fusbbase.sys
2007-11-05 23:14    454,912 --a--c---   C:\WINDOWS\SYSTEM32\dllcache\fxusbase.sys
2007-11-05 23:14    444,416 --a--c---   C:\WINDOWS\SYSTEM32\dllcache\fpcibase.sys
2007-11-05 23:14    442,240 --a--c---   C:\WINDOWS\SYSTEM32\dllcache\fpnpbase.sys
2007-11-05 23:14    441,728 --a--c---   C:\WINDOWS\SYSTEM32\dllcache\fpcmbase.sys
2007-11-05 23:14    92,160  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\fuusd.dll
2007-11-05 23:14    34,173  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\forehe.sys
2007-11-05 23:10    334,208 --a--c---   C:\WINDOWS\SYSTEM32\dllcache\ds1wdm.sys
2007-11-05 23:10    207,360 --a--c---   C:\WINDOWS\SYSTEM32\dllcache\dot4.sys
2007-11-05 23:10    28,062  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\dp83820.sys
2007-11-05 23:10    23,808  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\dot4usb.sys
2007-11-05 23:10    20,192  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\dpti2o.sys
2007-11-05 23:10    12,928  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\dot4prt.sys
2007-11-05 23:10    8,704   --a--c---   C:\WINDOWS\SYSTEM32\dllcache\dot4scan.sys
2007-11-05 23:00    2,180,992   --a--c---   C:\WINDOWS\SYSTEM32\dllcache\ntoskrnl.exe
2007-11-05 23:00    66,048  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\s3legacy.dll
2007-11-05 22:14    24,661  --a------   C:\WINDOWS\SYSTEM32\spxcoins.dll
2007-11-05 22:14    24,661  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\spxcoins.dll
2007-11-05 22:14    13,312  --a------   C:\WINDOWS\SYSTEM32\irclass.dll
2007-11-05 22:14    13,312  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\irclass.dll
2007-11-05 21:42    <DIR>    d----c---   C:\Documents and Settings\Administrator\Application Data\Talkback
2007-11-05 09:23    35,328  --a------   C:\WINDOWS\SYSTEM32\vtuvuvt.dll
2007-11-05 09:22    <DIR>    d--------   C:\Program Files\kdcngncr
2007-11-05 09:22    104,960 --a------   C:\WINDOWS\SYSTEM32\drvtak.dll
2007-11-05 07:31    <DIR>    d--------   C:\Program Files\kfspybmd
2007-11-05 07:31    36,864  --a------   C:\WINDOWS\SYSTEM32\cbxyvtt.dll
2007-11-04 22:30    104,960 --a------   C:\WINDOWS\SYSTEM32\drvlim.dll
2007-10-27 16:35    <DIR>    d--------   C:\Program Files\PCPitstop
2007-10-25 13:55    <DIR>    d--------   C:\Program Files\Crazy Marble 2 Demo
2007-10-25 13:55    <DIR>    d--------   C:\Program Files\Common Files\Download Manager
2007-10-18 19:32    <DIR>    d--------   C:\Program Files\EA Games
2007-10-16 15:49    <DIR>    d--------   C:\Program Files\CachemanXP
2007-10-13 11:30    <DIR>    d--------   C:\Program Files\GCFScape
2007-10-07 16:12    <DIR>    d----c---   C:\Documents and Settings\All Users\Application Data\Age of Empires 3 YPack Trial

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-06 13:50    ---------   d-----w C:\Program Files\GetRight
2007-11-06 12:27    ---------   dc----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-11-05 03:39    ---------   dc----w C:\Documents and Settings\Rob\Application Data\uTorrent
2007-11-05 03:33    ---------   dc--a-w C:\Documents and Settings\All Users\Application Data\TEMP
2007-11-01 19:12    ---------   d-----w C:\Program Files\Comcast Play Games
2007-10-30 23:50    ---------   d-----w C:\Program Files\mIRC
2007-10-30 04:13    ---------   dc----w C:\Documents and Settings\Rob\Application Data\Hamachi
2007-10-30 03:56    25,280  ----a-w C:\WINDOWS\system32\drivers\hamachi.sys
2007-10-28 02:29    ---------   d-----w C:\Program Files\Tsukihime
2007-10-26 13:44    ---------   d--h--w C:\Program Files\InstallShield Installation Information
2007-10-25 16:28    ---------   dc----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2007-10-19 22:09    ---------   dc----w C:\Documents and Settings\Rob\Application Data\Dev-Cpp
2007-10-16 17:52    ---------   d-----w C:\Program Files\AIM
2007-10-13 21:53    ---------   d-----w C:\Program Files\Activision
2007-10-11 04:28    25,992  ----a-w C:\WINDOWS\SYSTEM32\pgdfgsvc.exe
2007-10-07 21:01    ---------   d-----w C:\Program Files\Microsoft Games
2007-10-06 04:22    ---------   dc----w C:\Documents and Settings\Rob\Application Data\Soldat
2007-10-06 04:12    ---------   d-----w C:\Program Files\Toribash-2.3
2007-10-04 02:01    ---------   d-----w C:\Program Files\Safer Networking
2007-10-02 13:56    ---------   d-----w C:\Program Files\Bluehell Productions
2007-09-28 03:26    ---------   dc----w C:\Documents and Settings\Ana\Application Data\Move Networks
2007-09-25 22:56    ---------   d-----w C:\Program Files\Professor Fizzwizzle
2007-09-23 07:19    ---------   d-----w C:\Program Files\SSI
2007-09-23 03:58    ---------   d-----w C:\Program Files\Combined Community Codec Pack
2007-09-23 03:51    33,533  ----a-w C:\WINDOWS\SYSTEM32\CoreVorbis-uninstall.exe
2007-09-22 23:57    ---------   d-----w C:\Program Files\eFusion
2007-09-22 18:23    43,520  ----a-w C:\WINDOWS\SYSTEM32\CmdLineExt03.dll
2007-09-22 17:13    ---------   dc----w C:\Documents and Settings\Rob\Application Data\InstallShield Installation Information
2007-09-21 18:53    ---------   dc----w C:\Documents and Settings\Rob\Application Data\Ironclad Games
2007-09-19 12:23    ---------   d-----w C:\Program Files\Common Files\Blizzard Entertainment
2007-09-18 01:41    ---------   d-----w C:\Program Files\Audacity
2007-09-17 21:49    ---------   dc----w C:\Documents and Settings\WALLA WALLA\Application Data\Big Fish Games
2007-09-17 20:37    ---------   d-----w C:\Program Files\QBeez 2
2007-09-17 17:55    ---------   d-----w C:\Program Files\MSN Games
2007-09-16 02:26    ---------   d-----w C:\Program Files\DAEMON Tools
2007-09-16 02:17    ---------   d-----w C:\Program Files\Vivendi Games
2007-09-15 22:48    ---------   d-----w C:\Program Files\Radeon Omega Drivers
2007-09-15 22:40    451,072 ----a-w C:\WINDOWS\Radeon Omega Drivers v3.8.360 Uninstall.exe
2007-09-15 22:40    ---------   d-----w C:\Program Files\MultiRes
2007-09-15 03:39    ---------   d-----w C:\Program Files\Yeti Studios
2007-09-14 11:41    ---------   dc----w C:\Documents and Settings\Rob\Application Data\U3
2007-09-12 16:47    ---------   d-----w C:\Program Files\THQ
2007-09-12 16:47    ---------   d-----w C:\Program Files\Street Hacker
2007-09-12 16:20    ---------   d-----w C:\Program Files\FizzBall DEMO
2007-09-12 02:45    ---------   d-----w C:\Program Files\SD EnterNET
2007-09-10 23:29    ---------   dc----w C:\Documents and Settings\WALLA WALLA\Application Data\PlayFirst
2007-09-10 23:29    ---------   dc----w C:\Documents and Settings\All Users\Application Data\PlayFirst
2007-09-09 22:01    ---------   d-----w C:\Program Files\Passware
2007-09-09 03:57    ---------   d-----w C:\Program Files\Motherboard Monitor 5
2007-09-08 19:24    ---------   d-----w C:\Program Files\Symantec
2007-09-07 22:32    ---------   d-----w C:\Program Files\Notepad++
2007-09-06 20:36    ---------   d-----w C:\Program Files\bfgclient
2007-09-06 10:09    801,144 ----a-w C:\WINDOWS\SYSTEM32\aswBoot.exe
2007-09-06 10:05    94,416  ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-09-06 10:05    92,848  ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-09-06 10:03    23,152  ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-09-06 10:02    42,912  ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-09-06 10:00    95,608  ----a-w C:\WINDOWS\SYSTEM32\AVASTSS.scr
2007-09-06 10:00    26,624  ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-09-02 06:48    98,304  ----a-w C:\WINDOWS\SYSTEM32\CmdLineExt.dll
2007-08-20 18:06    409,600 ----a-w C:\WINDOWS\SYSTEM32\wrap_oal.dll
2007-08-20 18:06    114,688 ----a-w C:\WINDOWS\SYSTEM32\OpenAL32.dll
2007-08-08 20:55    2,517   ----a-w C:\Program Files\INSTALL.LOG
2007-05-28 19:23    92,064  -c--a-w C:\Documents and Settings\Rob\mqdmmdm.sys
2007-05-28 19:23    9,232   -c--a-w C:\Documents and Settings\Rob\mqdmmdfl.sys
2007-05-28 19:23    79,328  -c--a-w C:\Documents and Settings\Rob\mqdmserd.sys
2007-05-28 19:23    66,656  -c--a-w C:\Documents and Settings\Rob\mqdmbus.sys
2007-05-28 19:23    6,208   -c--a-w C:\Documents and Settings\Rob\mqdmcmnt.sys
2007-05-28 19:23    5,936   -c--a-w C:\Documents and Settings\Rob\mqdmwhnt.sys
2007-05-28 19:23    4,048   -c--a-w C:\Documents and Settings\Rob\mqdmcr.sys
2007-05-28 19:23    25,600  -c--a-w C:\Documents and Settings\Rob\usbsermptxp.sys
2007-05-28 19:23    22,768  -c--a-w C:\Documents and Settings\Rob\usbsermpt.sys
2006-12-27 18:20    1   -c--a-w C:\Documents and Settings\Rob\SI.bin
2004-10-25 03:48    266 --sh--w C:\Program Files\desktop.ini
2004-10-25 03:48    11,079  ---ha-w C:\Program Files\folder.htt
2003-12-18 15:33    20,102  ----a-w C:\Program Files\Readme.txt
2003-09-03 11:46    10,960  ----a-w C:\Program Files\EULA.txt
2001-11-23 05:08    712,704 ----a-r C:\WINDOWS\INF\OTHER\AUDIO3D.DLL
.

(((((((((((((((((((((((((((((   snapshot@2007-11-06_ 8.10.52.95   )))))))))))))))))))))))))))))))))))))))))
.
- 2004-08-04 05:56:42   229,376 ----a-w C:\WINDOWS\SYSTEM32\ati2cqag.dll
+ 2007-03-15 01:10:28   356,352 ----a-w C:\WINDOWS\SYSTEM32\ati2cqag.dll
+ 2007-03-15 01:10:28   356,352 ----a-w C:\WINDOWS\SYSTEM32\ati2cqag.dll.tmp
- 2004-08-04 05:56:42   201,728 ----a-w C:\WINDOWS\SYSTEM32\ati2dvag.dll
+ 2007-03-15 01:57:34   267,776 ----a-w C:\WINDOWS\SYSTEM32\ati2dvag.dll
+ 2007-03-15 01:57:34   267,776 ----a-w C:\WINDOWS\SYSTEM32\ati2dvag.dll.tmp
- 2004-09-16 01:10:00   516,096 ----a-w C:\WINDOWS\SYSTEM32\ati2sgag.exe
+ 2004-09-16 02:10:00   516,096 ----a-w C:\WINDOWS\SYSTEM32\ati2sgag.exe
- 2004-08-04 05:56:42   1,888,992   ----a-w C:\WINDOWS\SYSTEM32\ati3duag.dll
+ 2007-03-15 01:40:10   2,820,544   ----a-w C:\WINDOWS\SYSTEM32\ati3duag.dll
+ 2007-03-15 01:40:10   2,820,544   ----a-w C:\WINDOWS\SYSTEM32\ati3duag.dll.tmp
- 2004-08-04 05:56:42   516,768 ----a-w C:\WINDOWS\SYSTEM32\ativvaxx.dll
+ 2007-03-15 01:29:47   1,315,712   ----a-w C:\WINDOWS\SYSTEM32\ativvaxx.dll
+ 2007-03-15 01:29:47   1,315,712   ----a-w C:\WINDOWS\SYSTEM32\ativvaxx.dll.tmp
- 2004-08-04 03:29:28   701,440 ----a-w C:\WINDOWS\SYSTEM32\DRIVERS\ati2mtag.sys
+ 2007-03-15 01:57:15   1,986,560   ----a-w C:\WINDOWS\SYSTEM32\DRIVERS\ati2mtag.sys
+ 2004-08-04 05:56:42   229,376 ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]000\DriverFiles\ati2cqag.dll
+ 2004-08-04 05:56:42   201,728 ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]000\DriverFiles\ati2dvag.dll
+ 2007-03-15 01:50:12   42,496  ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]000\DriverFiles\ati2edxx.dll
+ 2007-03-15 01:14:00   49,152  ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]000\DriverFiles\ati2erec.dll
+ 2007-03-15 01:49:59   114,688 ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]000\DriverFiles\ati2evxx.dll
+ 2007-03-15 01:48:39   450,560 ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]000\DriverFiles\ati2evxx.exe
+ 2007-03-15 01:50:19   26,112  ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]000\DriverFiles\Ati2mdxx.exe
+ 2004-08-04 03:29:28   701,440 ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]000\DriverFiles\ati2mtag.sys
+ 2004-08-04 05:56:42   1,888,992   ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]000\DriverFiles\ati3duag.dll
+ 2006-02-22 00:05:00   1,830,912   ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]000\DriverFiles\atiadaxx.exe
+ 2006-02-22 07:13:48   348,160 ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]000\DriverFiles\aticds10.dll
+ 2007-03-15 01:47:52   53,248  ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]000\DriverFiles\ATIDDC.DLL
+ 2007-03-15 01:58:38   315,392 ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]000\DriverFiles\ATIDEMGX.dll
+ 2007-03-06 21:04:53   143,676 ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]000\DriverFiles\atiicdxx.dat
+ 2006-02-22 07:14:58   380,928 ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]000\DriverFiles\atiicdxx.dll
+ 2006-02-22 07:13:54   6,144   ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]000\DriverFiles\atiicdxx.sys
+ 2007-03-15 01:55:38   307,200 ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]000\DriverFiles\atiiiexx.dll
+ 2006-02-22 00:05:00   36,864  ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]000\DriverFiles\Atiiprxx.exe
+ 2007-03-15 01:16:14   258,048 ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]000\DriverFiles\atikvmag.dll
+ 2006-12-17 01:23:32   6,684,672   ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]000\DriverFiles\atioglx1.dll
+ 2007-03-15 01:19:32   5,402,624   ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]000\DriverFiles\atioglxx.dll
+ 2007-03-15 01:50:39   122,880 ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]000\DriverFiles\atipdlxx.dll
+ 2006-02-22 00:05:00   274,432 ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]000\DriverFiles\atipdsxx.dll
+ 2006-02-22 00:05:00   61,440  ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]000\DriverFiles\atiphexx.exe
+ 2006-02-22 00:05:00   114,688 ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]000\DriverFiles\atippaxx.dll
+ 2006-02-22 00:05:00   139,264 ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]000\DriverFiles\atiprbxx.exe
+ 2006-02-22 00:05:00   344,064 ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]000\DriverFiles\atiptaxx.exe
+ 2006-02-22 00:05:00   2,060,288   ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]000\DriverFiles\atipuixx.dll
+ 2007-03-15 01:14:43   17,408  ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]000\DriverFiles\atitvo32.dll
+ 2001-11-09 14:01:04   24,064  ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]000\DriverFiles\ativcoxx.dll
+ 2007-03-15 01:29:32   3,107,788   ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]000\DriverFiles\ativvaxx.dat
+ 2004-08-04 05:56:42   516,768 ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]000\DriverFiles\ativvaxx.dll
+ 2007-03-15 01:50:27   114,688 ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]000\DriverFiles\Oemdspif.dll
+ 2007-03-15 01:10:28   356,352 ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]001\DriverFiles\ati2cqag.dll
+ 2007-03-15 01:57:34   267,776 ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]001\DriverFiles\ati2dvag.dll
+ 2007-03-15 01:50:12   42,496  ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]001\DriverFiles\ati2edxx.dll
+ 2007-03-15 01:14:00   49,152  ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]001\DriverFiles\ati2erec.dll
+ 2007-03-15 01:49:59   114,688 ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]001\DriverFiles\ati2evxx.dll
+ 2007-03-15 01:48:39   450,560 ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]001\DriverFiles\ati2evxx.exe
+ 2007-03-15 01:50:19   26,112  ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]001\DriverFiles\Ati2mdxx.exe
+ 2007-03-15 01:57:15   1,986,560   ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]001\DriverFiles\ati2mtag.sys
+ 2007-03-15 01:40:10   2,820,544   ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]001\DriverFiles\ati3duag.dll
+ 2006-02-22 00:05:00   1,830,912   ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]001\DriverFiles\atiadaxx.exe
+ 2006-02-22 07:13:48   348,160 ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]001\DriverFiles\aticds10.dll
+ 2007-03-15 01:47:52   53,248  ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]001\DriverFiles\ATIDDC.DLL
+ 2007-03-15 01:58:38   315,392 ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]001\DriverFiles\ATIDEMGX.dll
+ 2007-03-06 21:04:53   143,676 ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]001\DriverFiles\atiicdxx.dat
+ 2006-02-22 07:14:58   380,928 ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]001\DriverFiles\atiicdxx.dll
+ 2006-02-22 07:13:54   6,144   ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]001\DriverFiles\atiicdxx.sys
+ 2007-03-15 01:55:38   307,200 ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]001\DriverFiles\atiiiexx.dll
+ 2006-02-22 00:05:00   36,864  ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]001\DriverFiles\Atiiprxx.exe
+ 2007-03-15 01:16:14   258,048 ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]001\DriverFiles\atikvmag.dll
+ 2006-12-17 01:23:32   6,684,672   ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]001\DriverFiles\atioglx1.dll
+ 2007-03-15 01:19:32   5,402,624   ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]001\DriverFiles\atioglxx.dll
+ 2007-03-15 01:50:39   122,880 ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]001\DriverFiles\atipdlxx.dll
+ 2006-02-22 00:05:00   274,432 ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]001\DriverFiles\atipdsxx.dll
+ 2006-02-22 00:05:00   61,440  ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]001\DriverFiles\atiphexx.exe
+ 2006-02-22 00:05:00   114,688 ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]001\DriverFiles\atippaxx.dll
+ 2006-02-22 00:05:00   139,264 ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]001\DriverFiles\atiprbxx.exe
+ 2006-02-22 00:05:00   344,064 ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]001\DriverFiles\atiptaxx.exe
+ 2006-02-22 00:05:00   2,060,288   ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]001\DriverFiles\atipuixx.dll
+ 2007-03-15 01:14:43   17,408  ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]001\DriverFiles\atitvo32.dll
+ 2001-11-09 14:01:04   24,064  ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]001\DriverFiles\ativcoxx.dll
+ 2007-03-15 01:29:32   3,107,788   ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]001\DriverFiles\ativvaxx.dat
+ 2007-03-15 01:29:47   1,315,712   ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]001\DriverFiles\ativvaxx.dll
+ 2007-03-15 01:50:27   114,688 ----a-w C:\WINDOWS\SYSTEM32\ReinstallBackups\[u]0[/u]001\DriverFiles\Oemdspif.dll
+ 2007-11-06 13:59:54   16,384  ----atw C:\WINDOWS\Temp\Perflib_Perfdata_238.dat
+ 2007-11-06 13:59:08   16,384  ----atw C:\WINDOWS\Temp\Perflib_Perfdata_7c4.dat
- 2007-11-06 13:05:56   98,304  ----a-w C:\WINDOWS\Temporary Internet Files\Content.IE5\index.dat
+ 2007-11-06 14:00:28   98,304  ----a-w C:\WINDOWS\Temporary Internet Files\Content.IE5\index.dat
.
-- Snapshot reset to current date --
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{89032A20-4370-487E-AB80-2251EC374249}]
2007-11-05 07:31    36864   --a------   C:\WINDOWS\system32\cbxyvtt.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9FE2211D-6D1C-4143-AFF7-E7B82B47D4A0}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTSysVol"="C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe" [2003-09-17 10:43]
"SmcService"="C:\PROGRA~1\Sygate\SPF\smc.exe" [2004-10-15 19:40]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 05:06]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 00:47]
"AtiPTA"="atiptaxx.exe" [2006-02-21 19:05 C:\WINDOWS\SYSTEM32\atiptaxx.exe]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-01-22 20:44]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2005-05-31 01:04]
"AtiTrayTools"="C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe" [2006-12-06 08:00]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 07:00]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-10-18 20:05]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"RunNarrator"=Narrator.exe
"tscuninstall"=%systemroot%\system32\tscupgrd.exe

C:\Documents and Settings\Ana\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 20:24:54]

C:\Documents and Settings\WALLA WALLA\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 20:24:54]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"RunStartupScriptSync"=1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoBrowserOptions"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoBrowserOptions"=0 (0x0)
"NoSMBalloonTip"=1 (0x1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{89032A20-4370-487E-AB80-2251EC374249}"= C:\WINDOWS\system32\cbxyvtt.dll [2007-11-05 07:31 36864]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cbxyvtt] 
cbxyvtt.dll 2007-11-05 07:31 36864 C:\WINDOWS\SYSTEM32\cbxyvtt.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winmbj32] 
winmbj32.dll 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\vtstr.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^ATI CATALYST System Tray.lnk]
backup=C:\WINDOWS\pss\ATI CATALYST System Tray.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^EPSON Status Monitor 3 Environment Check 2.lnk]
backup=C:\WINDOWS\pss\EPSON Status Monitor 3 Environment Check 2.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
backup=C:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Image Zone Fast Start.lnk]
backup=C:\windows\pss\HP Image Zone Fast Start.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Rob^Start Menu^Programs^Startup^Adobe Gamma.lnk]
backup=C:\windows\pss\Adobe Gamma.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Rob^Start Menu^Programs^Startup^Adware Filter.lnk]
backup=C:\WINDOWS\pss\Adware Filter.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Rob^Start Menu^Programs^Startup^ATI Tray Tools.lnk]
backup=C:\WINDOWS\pss\ATI Tray Tools.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Rob^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=C:\Documents and Settings\Rob\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=C:\WINDOWS\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Rob^Start Menu^Programs^Startup^Phoenix RPG Mod 1.91 - Auto Update.lnk]
backup=C:\WINDOWS\pss\Phoenix RPG Mod 1.91 - Auto Update.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Rob^Start Menu^Programs^Startup^Xfire.lnk]
backup=C:\WINDOWS\pss\Xfire.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\7ee8c064.exe]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AIM]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIModeChange]
Ati2mdxx.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtiPTA]
atiptaxx.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtiTrayTools]
"C:\Program Files\Radeon Omega Drivers\v3.8.252\ATI Tray Tools\atitray.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C-Media Mixer]
Mixer.exe /startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTDVDDET]
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
"C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FLMOFFICE4DMOUSE]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FreeRAM XP]
"\FreeRAM XP Pro.exe" -win

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\gcasServ]
"C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
"C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
"C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMEKRMIG6.1]
C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Internet Optimizer]
"C:\Program Files\Internet Optimizer\optimize.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
c:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
"c:\program files\common files\installshield\updateservice\issch.exe" -start

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
%systemroot%\system32\dumprep 0 -k

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002]
C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MultiRes]
C:\Program Files\MultiRes\MultiRes.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SBDrvDet]
C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
"C:\Program Files\Steam\Steam.exe" -silent

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SystemTray]
SysTray.Exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Tsa2]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Tweak UI]
RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg]
C:\WINDOWS\UpdReg.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VVSN]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WildTangent CDA]
"C:\Program Files\WildTangent\Apps\CDA\GameDrvr.exe" /startup "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0500.dll"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows AdStatus]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
"C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\zanu]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ZESOFT"=2 (0x2)
"NVSvc"=2 (0x2)
"VETMSGNT"=2 (0x2)
"SandraTheSrv"=3 (0x3)
"SandraDataSrv"=3 (0x3)
"ose"=3 (0x3)
"Macromedia Licensing Service"=3 (0x3)
"iPodService"=3 (0x3)
"Iomsyxxvam"=3 (0x3)
"IDriverT"=3 (0x3)
"Groove Games Licensing Service"=3 (0x3)
"EPSONStatusAgent2"=2 (0x2)
"Creative Service for CDROM Access"=2 (0x2)
"Ati HotKey Poller"=2 (0x2)
"Adobe LM Service"=3 (0x3)
"ATI Smart"=2 (0x2)
"avast! Mail Scanner"=3 (0x3)
"rpcapd"=3 (0x3)
"NBService"=3 (0x3)
"WMPNetworkSvc"=2 (0x2)
"odserv"=3 (0x3)
"Microsoft Office Groove Audit Service"=3 (0x3)
"CachemanXPService"=2 (0x2)
"avast! Web Scanner"=3 (0x3)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"AIM"=C:\PROGRAM FILES\AIM\aim.exe -cnetwait.odl
"Steam"=
"NVIEW"=rundll32.exe nview.dll,nViewLoadHook

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"ScanRegistry"=C:\WINDOWS\scanregw.exe /autorun
"TaskMonitor"=C:\WINDOWS\taskmon.exe
"LoadPowerProfile"=Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
"NvCplDaemon"=RUNDLL32.EXE C:\WINDOWS\SYSTEM32\nvcpl.dll,NvStartup
"nwiz"=nwiz.exe /install
"NvMediaCenter"=RUNDLL32.EXE C:\WINDOWS\SYSTEM32\nvmctray.dll,NvTaskbarInit
"C-Media Mixer"=Mixer.exe /startup
"tgcmd"="C:\Program Files\support.com\bin\tgcmd.exe" /server
"CriticalUpdate"=C:\WINDOWS\SYSTEM32\WUCRTUPD.EXE -startup
"EM_EXEC"=C:\PROGRA~1\LOGITECH\MOUSEW~1\SYSTEM\EM_EXEC.EXE
"kdx"=C:\WINDOWS\KDX\KHOST.EXE
"QuickTime Task"="C:\WINDOWS\SYSTEM32\qttask.exe" -atboottime
"ICSMGR"=ICSMGR.EXE
"TBPS"=C:\PROGRA~1\TOOLBAR\TBPS.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\setup\disabledrunkeys]
"SmcService"=C:\PROGRA~1\SYGATE\SPF\SMC.EXE -startgui
"Tweak UI"=RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
"NvCplDaemon"=RUNDLL32.EXE C:\WINDOWS\SYSTEM32\nvcpl.dll,NvStartup
"QuickTime Task"="C:\WINDOWS\SYSTEM32\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices-]
"LoadPowerProfile"=Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
"SchedulingAgent"=C:\WINDOWS\SYSTEM\mstask.exe

R1 ATITool;ATITool Overclocking Utility;C:\WINDOWS\system32\DRIVERS\ATITool.sys
R1 atitray;atitray;\??\C:\Program Files\Ray Adams\ATI Tray Tools\atitray.sys
R2 PfDetNT;PfDetNT;\??\C:\WINDOWS\system32\drivers\PfModNT.sys
R2 X4HSX32;X4HSX32;\??\C:\Program Files\Comcast Games on Demand\X4HSX32.Sys
R2 xinstall;xinstall;\??\C:\WINDOWS\system32\drivers\xinstall.sys
S0 d117bus;d117bus;C:\WINDOWS\system32\DRIVERS\d117bus.sys
S0 d117prt;d117prt;C:\WINDOWS\system32\Drivers\d117prt.sys
S0 d343bus;d343bus;C:\WINDOWS\system32\DRIVERS\d343bus.sys
S0 d343prt;d343prt;C:\WINDOWS\system32\Drivers\d343prt.sys
S2 SVKP;SVKP;\??\C:\windows\system32\SVKP.sys
S3 ES1370;Creative AudioPCI (ES1370), SB PCI 64/128 (WDM);C:\WINDOWS\system32\drivers\ES1370MP.sys
S3 motmodem;Motorola USB CDC ACM Driver;C:\WINDOWS\system32\DRIVERS\motmodem.sys
S3 naecd;naecd;\??\C:\DOCUME~1\Rob\LOCALS~1\Temp\naecd.sys
S3 nocashio;nocashio;C:\WINDOWS\system32\drivers\nocashio.sys
S3 NPF;NetGroup Packet Filter Driver;C:\WINDOWS\system32\drivers\npf.sys
S3 p2pgasvc;Peer Networking Group Authentication;C:\WINDOWS\system32\svchost.exe -k p2psvc
S3 p2pimsvc;Peer Networking Identity Manager;C:\WINDOWS\system32\svchost.exe -k p2psvc
S3 p2psvc;Peer Networking;C:\WINDOWS\system32\svchost.exe -k p2psvc
S3 pnicml;pnicml;\??\C:\DOCUME~1\Rob\LOCALS~1\Temp\pnicml.sys
S3 PNRPSvc;Peer Name Resolution Protocol;C:\WINDOWS\system32\svchost.exe -k p2psvc
S3 SMIHardwareMonitor;SMI Hardware Monitor Driver 1.0;\??\C:\WINDOWS\system32\smidriver.sys
S3 tj2knd5;Terayon Cable Modem (NDIS);C:\WINDOWS\system32\DRIVERS\tj2knd5.sys
S3 tj2kunic;Terayon Cable Modem (WDM);C:\WINDOWS\system32\DRIVERS\tj2kunic.sys
S3 usbprint;Microsoft USB PRINTER Class;C:\WINDOWS\system32\DRIVERS\usbprint.sys
S3 XDva011;XDva011;\??\C:\WINDOWS\system32\XDva011.sys

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc  p2psvc p2pimsvc p2pgasvc PNRPSvc

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{19f6db62-111a-11da-b3be-00e06f9398a3}]
\Shell\AutoRun\command - F:\SETUP.EXE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6cc598ba-11b0-11da-b3c4-00e06f9398a3}]
\Shell\AutoRun\command - F:\setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6ffaf618-0a2d-11da-b388-00e06f9398a3}]
\Shell\AutoRun\command - F:\AUTORUN.EXE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d0d86118-3548-11dc-a208-0015f2a634d8}]
\Shell\AutoRun\command - I:\autorun.exe


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9EF0045A-CDD9-438e-95E6-02B9AFEC8E11}]
C:\WINDOWS\SYSTEM32\updcrl.exe -e -u C:\WINDOWS\SYSTEM\verisignpub1.crl
.
**************************************************************************

catchme 0.3.1250 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [url]http://www.gmer.net[/url]
Rootkit scan 2007-11-06 09:01:46
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ... 

scanning hidden autostart entries ...

scanning hidden files ... 

scan completed successfully 
hidden files: 0 

**************************************************************************
.
Completion time: 2007-11-06  9:07:29 - machine was rebooted 
C:\ComboFix2.txt ... 2007-11-06 08:13
.
    --- E O F ---






--First ComboFix run--







ComboFix 07-11-06.4 - Rob 2007-11-06  7:50:11.1 - NTFSx86 
Microsoft Windows XP Home Edition  5.1.2600.2.1252.1.1033.18.1605 [GMT -5:00]
Running from: C:\Documents and Settings\Rob\Desktop\ComboFix.exe
 * Created a new restore point
.

    Unable to gain System Privileges

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\windows adstatus
C:\Program Files\windows adstatus\Info.txt
C:\WINDOWS\boot.ini
C:\WINDOWS\hosts
C:\WINDOWS\start.exe
C:\WINDOWS\system32\.exe
C:\WINDOWS\system32\drvlimr.dll
C:\WINDOWS\system32\drvtakr.dll
C:\WINDOWS\system32\jkkjk.dll
C:\WINDOWS\system32\jkkll.dll
C:\WINDOWS\SYSTEM32\kjkkj.bak1
C:\WINDOWS\SYSTEM32\kjkkj.bak2
C:\WINDOWS\SYSTEM32\kjkkj.ini
C:\WINDOWS\SYSTEM32\llkkj.bak1
C:\WINDOWS\SYSTEM32\llkkj.ini
C:\WINDOWS\SYSTEM32\qttss.ini
C:\WINDOWS\SYSTEM32\qttss.ini2
C:\WINDOWS\system32\ssttq.dll
C:\WINDOWS\system32\winuqw32.dll

.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\LEGACY_IPRIP
-------\Iprip


(((((((((((((((((((((((((   Files Created from 2007-10-06 to 2007-11-06  )))))))))))))))))))))))))))))))
.

2007-11-06 07:45    51,200  --a------   C:\WINDOWS\NirCmd.exe
2007-11-05 23:45    116,224 --a--c---   C:\WINDOWS\SYSTEM32\dllcache\xrxwiadr.dll
2007-11-05 23:45    27,648  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\xrxftplt.exe
2007-11-05 23:45    23,040  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\xrxwbtmp.dll
2007-11-05 23:45    17,408  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\xrxscnui.dll
2007-11-05 23:44    99,865  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\xlog.exe
2007-11-05 23:44    19,455  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\wvchntxx.sys
2007-11-05 23:44    19,328  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\wstcodec.sys
2007-11-05 23:44    16,970  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\xem336n5.sys
2007-11-05 23:44    12,063  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\wsiintxx.sys
2007-11-05 23:44    8,832   --a--c---   C:\WINDOWS\SYSTEM32\dllcache\wmiacpi.sys
2007-11-05 23:44    8,192   --a--c---   C:\WINDOWS\SYSTEM32\dllcache\wshirda.dll
2007-11-05 23:44    4,608   --a--c---   C:\WINDOWS\SYSTEM32\dllcache\xrxflnch.exe
2007-11-05 23:30    899,146 --a--c---   C:\WINDOWS\SYSTEM32\dllcache\r2mdkxga.sys
2007-11-05 23:30    714,762 --a--c---   C:\WINDOWS\SYSTEM32\dllcache\r2mdmkxx.sys
2007-11-05 23:30    49,024  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\ql1280.sys
2007-11-05 23:30    45,312  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\ql12160.sys
2007-11-05 23:30    41,472  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\qvusd.dll
2007-11-05 23:30    40,448  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\ql1240.sys
2007-11-05 23:30    19,584  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\rasirda.sys
2007-11-05 23:30    13,776  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\recagent.sys
2007-11-05 23:30    3,328   --a--c---   C:\WINDOWS\SYSTEM32\dllcache\qv2kux.sys
2007-11-05 23:23    51,328  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\msdv.sys
2007-11-05 23:23    35,200  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\msgame.sys
2007-11-05 23:23    22,016  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\msircomm.sys
2007-11-05 23:23    17,280  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\mraid35x.sys
2007-11-05 23:23    12,416  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\msriffwv.sys
2007-11-05 23:23    6,016   --a--c---   C:\WINDOWS\SYSTEM32\dllcache\msfsio.sys
2007-11-05 23:23    2,944   --a--c---   C:\WINDOWS\SYSTEM32\dllcache\msmpu401.sys
2007-11-05 23:14    455,680 --a--c---   C:\WINDOWS\SYSTEM32\dllcache\fus2base.sys
2007-11-05 23:14    455,296 --a--c---   C:\WINDOWS\SYSTEM32\dllcache\fusbbase.sys
2007-11-05 23:14    454,912 --a--c---   C:\WINDOWS\SYSTEM32\dllcache\fxusbase.sys
2007-11-05 23:14    444,416 --a--c---   C:\WINDOWS\SYSTEM32\dllcache\fpcibase.sys
2007-11-05 23:14    442,240 --a--c---   C:\WINDOWS\SYSTEM32\dllcache\fpnpbase.sys
2007-11-05 23:14    441,728 --a--c---   C:\WINDOWS\SYSTEM32\dllcache\fpcmbase.sys
2007-11-05 23:14    92,160  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\fuusd.dll
2007-11-05 23:14    34,173  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\forehe.sys
2007-11-05 23:10    334,208 --a--c---   C:\WINDOWS\SYSTEM32\dllcache\ds1wdm.sys
2007-11-05 23:10    207,360 --a--c---   C:\WINDOWS\SYSTEM32\dllcache\dot4.sys
2007-11-05 23:10    28,062  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\dp83820.sys
2007-11-05 23:10    23,808  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\dot4usb.sys
2007-11-05 23:10    20,192  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\dpti2o.sys
2007-11-05 23:10    12,928  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\dot4prt.sys
2007-11-05 23:10    8,704   --a--c---   C:\WINDOWS\SYSTEM32\dllcache\dot4scan.sys
2007-11-05 23:00    2,180,992   --a--c---   C:\WINDOWS\SYSTEM32\dllcache\ntoskrnl.exe
2007-11-05 23:00    66,048  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\s3legacy.dll
2007-11-05 22:14    24,661  --a------   C:\WINDOWS\SYSTEM32\spxcoins.dll
2007-11-05 22:14    24,661  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\spxcoins.dll
2007-11-05 22:14    13,312  --a------   C:\WINDOWS\SYSTEM32\irclass.dll
2007-11-05 22:14    13,312  --a--c---   C:\WINDOWS\SYSTEM32\dllcache\irclass.dll
2007-11-05 21:42    <DIR>    d----c---   C:\Documents and Settings\Administrator\Application Data\Talkback
2007-11-05 09:23    35,328  --a------   C:\WINDOWS\SYSTEM32\vtuvuvt.dll
2007-11-05 09:22    <DIR>    d--------   C:\Program Files\kdcngncr
2007-11-05 09:22    104,960 --a------   C:\WINDOWS\SYSTEM32\drvtak.dll
2007-11-05 07:31    <DIR>    d--------   C:\Program Files\kfspybmd
2007-11-05 07:31    36,864  --a------   C:\WINDOWS\SYSTEM32\cbxyvtt.dll
2007-11-04 22:30    104,960 --a------   C:\WINDOWS\SYSTEM32\drvlim.dll
2007-10-27 16:35    <DIR>    d--------   C:\Program Files\PCPitstop
2007-10-25 13:55    <DIR>    d--------   C:\Program Files\Crazy Marble 2 Demo
2007-10-25 13:55    <DIR>    d--------   C:\Program Files\Common Files\Download Manager
2007-10-18 19:32    <DIR>    d--------   C:\Program Files\EA Games
2007-10-16 15:49    <DIR>    d--------   C:\Program Files\CachemanXP
2007-10-13 11:30    <DIR>    d--------   C:\Program Files\GCFScape
2007-10-07 16:12    <DIR>    d----c---   C:\Documents and Settings\All Users\Application Data\Age of Empires 3 YPack Trial

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-06 12:45    ---------   d-----w C:\Program Files\GetRight
2007-11-06 12:27    ---------   dc----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-11-05 03:39    ---------   dc----w C:\Documents and Settings\Rob\Application Data\uTorrent
2007-11-05 03:33    ---------   dc--a-w C:\Documents and Settings\All Users\Application Data\TEMP
2007-11-01 19:12    ---------   d-----w C:\Program Files\Comcast Play Games
2007-10-30 23:50    ---------   d-----w C:\Program Files\mIRC
2007-10-30 04:13    ---------   dc----w C:\Documents and Settings\Rob\Application Data\Hamachi
2007-10-30 03:56    25,280  ----a-w C:\WINDOWS\system32\drivers\hamachi.sys
2007-10-28 02:29    ---------   d-----w C:\Program Files\Tsukihime
2007-10-26 13:44    ---------   d--h--w C:\Program Files\InstallShield Installation Information
2007-10-25 16:28    ---------   dc----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2007-10-19 22:09    ---------   dc----w C:\Documents and Settings\Rob\Application Data\Dev-Cpp
2007-10-16 17:52    ---------   d-----w C:\Program Files\AIM
2007-10-13 21:53    ---------   d-----w C:\Program Files\Activision
2007-10-11 04:28    25,992  ----a-w C:\WINDOWS\SYSTEM32\pgdfgsvc.exe
2007-10-07 21:01    ---------   d-----w C:\Program Files\Microsoft Games
2007-10-06 04:22    ---------   dc----w C:\Documents and Settings\Rob\Application Data\Soldat
2007-10-06 04:12    ---------   d-----w C:\Program Files\Toribash-2.3
2007-10-04 02:01    ---------   d-----w C:\Program Files\Safer Networking
2007-10-02 13:56    ---------   d-----w C:\Program Files\Bluehell Productions
2007-09-28 03:26    ---------   dc----w C:\Documents and Settings\Ana\Application Data\Move Networks
2007-09-25 22:56    ---------   d-----w C:\Program Files\Professor Fizzwizzle
2007-09-23 07:19    ---------   d-----w C:\Program Files\SSI
2007-09-23 03:58    ---------   d-----w C:\Program Files\Combined Community Codec Pack
2007-09-23 03:51    33,533  ----a-w C:\WINDOWS\SYSTEM32\CoreVorbis-uninstall.exe
2007-09-22 23:57    ---------   d-----w C:\Program Files\eFusion
2007-09-22 18:23    43,520  ----a-w C:\WINDOWS\SYSTEM32\CmdLineExt03.dll
2007-09-22 17:13    ---------   dc----w C:\Documents and Settings\Rob\Application Data\InstallShield Installation Information
2007-09-21 18:53    ---------   dc----w C:\Documents and Settings\Rob\Application Data\Ironclad Games
2007-09-19 12:23    ---------   d-----w C:\Program Files\Common Files\Blizzard Entertainment
2007-09-18 01:41    ---------   d-----w C:\Program Files\Audacity
2007-09-17 21:49    ---------   dc----w C:\Documents and Settings\WALLA WALLA\Application Data\Big Fish Games
2007-09-17 20:37    ---------   d-----w C:\Program Files\QBeez 2
2007-09-17 17:55    ---------   d-----w C:\Program Files\MSN Games
2007-09-16 02:26    ---------   d-----w C:\Program Files\DAEMON Tools
2007-09-16 02:17    ---------   d-----w C:\Program Files\Vivendi Games
2007-09-15 22:48    ---------   d-----w C:\Program Files\Radeon Omega Drivers
2007-09-15 22:40    451,072 ----a-w C:\WINDOWS\Radeon Omega Drivers v3.8.360 Uninstall.exe
2007-09-15 22:40    ---------   d-----w C:\Program Files\MultiRes
2007-09-15 03:39    ---------   d-----w C:\Program Files\Yeti Studios
2007-09-14 11:41    ---------   dc----w C:\Documents and Settings\Rob\Application Data\U3
2007-09-12 16:47    ---------   d-----w C:\Program Files\THQ
2007-09-12 16:47    ---------   d-----w C:\Program Files\Street Hacker
2007-09-12 16:20    ---------   d-----w C:\Program Files\FizzBall DEMO
2007-09-12 02:45    ---------   d-----w C:\Program Files\SD EnterNET
2007-09-10 23:29    ---------   dc----w C:\Documents and Settings\WALLA WALLA\Application Data\PlayFirst
2007-09-10 23:29    ---------   dc----w C:\Documents and Settings\All Users\Application Data\PlayFirst
2007-09-09 22:01    ---------   d-----w C:\Program Files\Passware
2007-09-09 03:57    ---------   d-----w C:\Program Files\Motherboard Monitor 5
2007-09-08 19:24    ---------   d-----w C:\Program Files\Symantec
2007-09-07 22:32    ---------   d-----w C:\Program Files\Notepad++
2007-09-06 20:36    ---------   d-----w C:\Program Files\bfgclient
2007-09-06 10:09    801,144 ----a-w C:\WINDOWS\SYSTEM32\aswBoot.exe
2007-09-06 10:05    94,416  ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-09-06 10:05    92,848  ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-09-06 10:03    23,152  ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-09-06 10:02    42,912  ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-09-06 10:00    95,608  ----a-w C:\WINDOWS\SYSTEM32\AVASTSS.scr
2007-09-06 10:00    26,624  ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-09-02 06:48    98,304  ----a-w C:\WINDOWS\SYSTEM32\CmdLineExt.dll
2007-08-20 18:06    409,600 ----a-w C:\WINDOWS\SYSTEM32\wrap_oal.dll
2007-08-20 18:06    114,688 ----a-w C:\WINDOWS\SYSTEM32\OpenAL32.dll
2007-08-08 20:55    2,517   ----a-w C:\Program Files\INSTALL.LOG
2007-05-28 19:23    92,064  -c--a-w C:\Documents and Settings\Rob\mqdmmdm.sys
2007-05-28 19:23    9,232   -c--a-w C:\Documents and Settings\Rob\mqdmmdfl.sys
2007-05-28 19:23    79,328  -c--a-w C:\Documents and Settings\Rob\mqdmserd.sys
2007-05-28 19:23    66,656  -c--a-w C:\Documents and Settings\Rob\mqdmbus.sys
2007-05-28 19:23    6,208   -c--a-w C:\Documents and Settings\Rob\mqdmcmnt.sys
2007-05-28 19:23    5,936   -c--a-w C:\Documents and Settings\Rob\mqdmwhnt.sys
2007-05-28 19:23    4,048   -c--a-w C:\Documents and Settings\Rob\mqdmcr.sys
2007-05-28 19:23    25,600  -c--a-w C:\Documents and Settings\Rob\usbsermptxp.sys
2007-05-28 19:23    22,768  -c--a-w C:\Documents and Settings\Rob\usbsermpt.sys
2006-12-27 18:20    1   -c--a-w C:\Documents and Settings\Rob\SI.bin
2004-10-25 03:48    266 --sh--w C:\Program Files\desktop.ini
2004-10-25 03:48    11,079  ---ha-w C:\Program Files\folder.htt
2003-12-18 15:33    20,102  ----a-w C:\Program Files\Readme.txt
2003-09-03 11:46    10,960  ----a-w C:\Program Files\EULA.txt
2001-11-23 05:08    712,704 ----a-r C:\WINDOWS\INF\OTHER\AUDIO3D.DLL
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{89032A20-4370-487E-AB80-2251EC374249}]
2007-11-05 07:31    36864   --a------   C:\WINDOWS\system32\cbxyvtt.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9FE2211D-6D1C-4143-AFF7-E7B82B47D4A0}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTSysVol"="C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe" [2003-09-17 10:43]
"SmcService"="C:\PROGRA~1\Sygate\SPF\smc.exe" [2004-10-15 19:40]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 05:06]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 00:47]
"AtiPTA"="atiptaxx.exe" [2006-02-21 19:05 C:\WINDOWS\SYSTEM32\atiptaxx.exe]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-01-22 20:44]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2005-05-31 01:04]
"AtiTrayTools"="C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe" [2006-12-06 08:00]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 07:00]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-10-18 20:05]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"RunNarrator"=Narrator.exe
"tscuninstall"=%systemroot%\system32\tscupgrd.exe

C:\Documents and Settings\Ana\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 20:24:54]

C:\Documents and Settings\WALLA WALLA\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 20:24:54]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"RunStartupScriptSync"=1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoBrowserOptions"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoBrowserOptions"=0 (0x0)
"NoSMBalloonTip"=1 (0x1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{89032A20-4370-487E-AB80-2251EC374249}"= C:\WINDOWS\system32\cbxyvtt.dll [2007-11-05 07:31 36864]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cbxyvtt] 
cbxyvtt.dll 2007-11-05 07:31 36864 C:\WINDOWS\SYSTEM32\cbxyvtt.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winmbj32] 
winmbj32.dll 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\jkkjk.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^ATI CATALYST System Tray.lnk]
backup=C:\WINDOWS\pss\ATI CATALYST System Tray.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^EPSON Status Monitor 3 Environment Check 2.lnk]
backup=C:\WINDOWS\pss\EPSON Status Monitor 3 Environment Check 2.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
backup=C:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Image Zone Fast Start.lnk]
backup=C:\windows\pss\HP Image Zone Fast Start.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Rob^Start Menu^Programs^Startup^Adobe Gamma.lnk]
backup=C:\windows\pss\Adobe Gamma.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Rob^Start Menu^Programs^Startup^Adware Filter.lnk]
backup=C:\WINDOWS\pss\Adware Filter.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Rob^Start Menu^Programs^Startup^ATI Tray Tools.lnk]
backup=C:\WINDOWS\pss\ATI Tray Tools.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Rob^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=C:\Documents and Settings\Rob\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=C:\WINDOWS\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Rob^Start Menu^Programs^Startup^Phoenix RPG Mod 1.91 - Auto Update.lnk]
backup=C:\WINDOWS\pss\Phoenix RPG Mod 1.91 - Auto Update.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Rob^Start Menu^Programs^Startup^Xfire.lnk]
backup=C:\WINDOWS\pss\Xfire.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\7ee8c064.exe]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AIM]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIModeChange]
Ati2mdxx.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtiPTA]
atiptaxx.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtiTrayTools]
"C:\Program Files\Radeon Omega Drivers\v3.8.252\ATI Tray Tools\atitray.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C-Media Mixer]
Mixer.exe /startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTDVDDET]
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
"C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FLMOFFICE4DMOUSE]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FreeRAM XP]
"\FreeRAM XP Pro.exe" -win

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\gcasServ]
"C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
"C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
"C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMEKRMIG6.1]
C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Internet Optimizer]
"C:\Program Files\Internet Optimizer\optimize.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
c:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
"c:\program files\common files\installshield\updateservice\issch.exe" -start

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
%systemroot%\system32\dumprep 0 -k

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002]
C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MultiRes]
C:\Program Files\MultiRes\MultiRes.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SBDrvDet]
C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
"C:\Program Files\Steam\Steam.exe" -silent

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SystemTray]
SysTray.Exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Tsa2]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Tweak UI]
RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg]
C:\WINDOWS\UpdReg.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VVSN]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WildTangent CDA]
"C:\Program Files\WildTangent\Apps\CDA\GameDrvr.exe" /startup "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0500.dll"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows AdStatus]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
"C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\zanu]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ZESOFT"=2 (0x2)
"NVSvc"=2 (0x2)
"VETMSGNT"=2 (0x2)
"SandraTheSrv"=3 (0x3)
"SandraDataSrv"=3 (0x3)
"ose"=3 (0x3)
"Macromedia Licensing Service"=3 (0x3)
"iPodService"=3 (0x3)
"Iomsyxxvam"=3 (0x3)
"IDriverT"=3 (0x3)
"Groove Games Licensing Service"=3 (0x3)
"EPSONStatusAgent2"=2 (0x2)
"Creative Service for CDROM Access"=2 (0x2)
"Ati HotKey Poller"=2 (0x2)
"Adobe LM Service"=3 (0x3)
"ATI Smart"=2 (0x2)
"avast! Mail Scanner"=3 (0x3)
"rpcapd"=3 (0x3)
"NBService"=3 (0x3)
"WMPNetworkSvc"=2 (0x2)
"odserv"=3 (0x3)
"Microsoft Office Groove Audit Service"=3 (0x3)
"CachemanXPService"=2 (0x2)
"avast! Web Scanner"=3 (0x3)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"AIM"=C:\PROGRAM FILES\AIM\aim.exe -cnetwait.odl
"Steam"=
"NVIEW"=rundll32.exe nview.dll,nViewLoadHook

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"ScanRegistry"=C:\WINDOWS\scanregw.exe /autorun
"TaskMonitor"=C:\WINDOWS\taskmon.exe
"LoadPowerProfile"=Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
"NvCplDaemon"=RUNDLL32.EXE C:\WINDOWS\SYSTEM32\nvcpl.dll,NvStartup
"nwiz"=nwiz.exe /install
"NvMediaCenter"=RUNDLL32.EXE C:\WINDOWS\SYSTEM32\nvmctray.dll,NvTaskbarInit
"C-Media Mixer"=Mixer.exe /startup
"tgcmd"="C:\Program Files\support.com\bin\tgcmd.exe" /server
"CriticalUpdate"=C:\WINDOWS\SYSTEM32\WUCRTUPD.EXE -startup
"EM_EXEC"=C:\PROGRA~1\LOGITECH\MOUSEW~1\SYSTEM\EM_EXEC.EXE
"kdx"=C:\WINDOWS\KDX\KHOST.EXE
"QuickTime Task"="C:\WINDOWS\SYSTEM32\qttask.exe" -atboottime
"ICSMGR"=ICSMGR.EX