I'd like to add that in my ignorance to solve the problem, I shut down a process that was running, suspecting that it may have been the virus. (The virus I believe I was dealing with was Awola).
I do not recall which process I shut down, nor do I have any idea how to turn it back on. The Awola pop ups stopped when I rebooted but unfortunately, I lost my ability to get into my control panel, I had no icons on my desktop, ect. I was able to get online and downloaded the hijack this program.
Anyway, I'm in a bit of a pickle. ;)
Hope someone out there has an idea how to get my computer running again.
Thanks again in advance, it's greatly appreciated.

Hi!

Thank you so much for helping me!

I ran a fresh hijackthis, the results are below.
I could not get a log from the combo fix, unfortunately.
I ran it several times, but at the end, I would always receive an error message.
My desktop icons have returned, are functioning and I'm able to get into my control panel now, but Awola is still in my start up bar, reminding me with pop ups every five seconds that my computer is infected.
How do I get rid of it? I've tried the standard search and delete, I assume it's hiding elsewhere where I can't locate it.

I think it may be connected to internet explorer, which I would love to permanently remove from my system anyway. I've tried many times unsuccessfully. How do I do this? Can I without upsetting my system?

Also, when I purchased this used custom PC, I foolishly believed that it had anti virus protection, and it does not. What should I install on my system?
I would greatly appreciate any recommendations that you may have.

Thanks for your time and effort! It means a lot :)

Here is my fresh hijackthis log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:13, on 2007-12-10
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\M-Audio\Black Box\Install\BlackBoxInst.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\TW9t\command.exe
C:\Program Files\Digidesign\Drivers\MMERefresh.exe
C:\WINDOWS\system32\dldurlso.exe
C:\Program Files\M-Audio\Install\EvoInst.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\M-Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Network Monitor\netmon.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\M-Audio\Transit\Install\TUSBInst.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
C:\Program Files\Linksys\WUSB300N\WLService.exe
C:\Program Files\Linksys\WUSB300N\WUSB300N.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Terry\Desktop\HiJackThis.exe
C:\Documents and Settings\Terry\Desktop\HiJackThis(2).exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\ComboFix\nircmd.cfexe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\findstr.exe
C:\ComboFix\mtee.cfexe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://login.yahoo.com/config/mail?.intl=us
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - {509E863B-4CB6-4337-BF54-1656D6984C74} - C:\WINDOWS\system32\jkkjj.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: BndShell3 BHO Class - {8ABA9A9C-8791-4d61-8D5B-BCC9448EA573} - C:\Program Files\ISM\BndDrive7.dll (file missing)
O2 - BHO: BndDrive2 BHO Class - {8B27CC68-110C-46a9-80D3-F3107DE6EB98} - C:\Program Files\ISM\BndDrive3.dll (file missing)
O2 - BHO: Mirar - {9A9C9B69-F908-4AAB-8D0C-10EA8997F37E} - C:\WINDOWS\system32\WinNB58.dll
O2 - BHO: {b5672177-ad2e-86d8-8fd4-65614b7983d9} - {9d3897b4-1656-4df8-8d68-e2da7712765b} - C:\WINDOWS\system32\tnmiscpm.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: (no name) - {BBB05D9E-0297-404D-A6BF-D8F2876B84A6} - C:\WINDOWS\system32\ddcdede.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Mirar - {9A9C9B68-F908-4AAB-8D0C-10EA8997F37E} - C:\WINDOWS\system32\WinNB58.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [M-Audio Taskbar Icon] C:\WINDOWS\System32\M-AudioTaskBarIcon.exe
O4 - HKLM\..\Run: [MAFWTaskbarApp] C:\WINDOWS\system32\MAFWTray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NexusServer] "C:\Program Files\Common Files\Canopus Shared\ProCoder 2\Kernel\PNXSERVR.exe" -SelfLaunch
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [DigidesignMMERefresh] C:\Program Files\Digidesign\Drivers\MMERefresh.exe
O4 - HKLM\..\Run: [SoundMan] soundman.exe
O4 - HKLM\..\Run: [meven] C:\Program Files\Messenger\meven77798.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [402d6dfe] rundll32.exe "C:\WINDOWS\system32\ydbpoywy.dll",b
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [DNA] "C:\Program Files\BitTorrent_DNA\dna.exe"
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Tjda] "C:\Documents and Settings\Terry\My Documents\??crosoft.NET\n?pdb.exe"
O4 - HKCU\..\Run: [ziri] C:\PROGRA~1\COMMON~1\ziri\zirim.exe
O4 - HKCU\..\Run: [Vbloii] C:\WINDOWS\??sembly\e?plorer.exe
O4 - HKCU\..\Run: [Microsft Windows Adapter 5.1.3013] C:\Documents and Settings\Terry\Application Data\qpwgcypuvwn.exe
O4 - HKCU\..\Run: [Awola] "C:\Documents and Settings\Terry\Application Data\Awola\Awola.exe" /MIN
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: IEEE 802.11g USB Wireless LAN Utility.lnk = C:\Program Files\IEEE 802.11g USB Wireless LAN\Wireless LAN\WlanUtil.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://click.getmirar.com (HKLM)
O15 - Trusted Zone: http://click.mirarsearch.com (HKLM)
O15 - Trusted Zone: http://redirect.mirarsearch.com (HKLM)
O15 - Trusted Zone: http://awbeta.net-nucleus.com (HKLM)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.adobe.com/pub/shockwave/cabs/flash/swflash.cab
O20 - Winlogon Notify: ddcdede - C:\WINDOWS\SYSTEM32\ddcdede.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Black Box Installer (BlackBoxInstallerService) - Unknown owner - C:\Program Files\M-Audio\Black Box\Install\BlackBoxInst.exe
O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\TW9t\command.exe
O23 - Service: Digidesign MME Refresh Service (DigiRefresh) - Digidesign, A Division of Avid Technology, Inc. - C:\Program Files\Digidesign\Drivers\MMERefresh.exe
O23 - Service: digiSPTIService - Digidesign, A Division of Avid Technology, Inc. - C:\Program Files\Digidesign\Pro Tools\digiSPTIService.exe
O23 - Service: DomainService - - C:\WINDOWS\system32\dldurlso.exe
O23 - Service: M-Audio Installer (EvoInstallerService) - Unknown owner - C:\Program Files\M-Audio\Install\EvoInst.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: M-Audio Series II MIDI Installer (MA_CMIDI_InstallerService) - Unknown owner - C:\Program Files\M-Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: M-Audio Transit Installer (TransitInstallerService) - M-Audio - C:\Program Files\M-Audio\Transit\Install\TUSBInst.exe
O23 - Service: WMP54Gv4SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
O23 - Service: WUSB300NSvc - Unknown owner - C:\Program Files\Linksys\WUSB300N\WLService.exe
O24 - Desktop Component 0: (no name) - C:\Program Files\WindowsUpdate\rtejegacaz.html

--
End of file - 9419 bytes

I was able to do a system restore and I think I may have solved the Awola issue. I ran combo fix again and was able to get a log.

I think my issue may be resolved. I've included the log in this post just in case it's still there and hiding.

I do still need to install an anti virus program and would like to get rid of internet explorer.
Suggestions?

Thanks again!!

xoxo

ComboFix 07-12-09.1 - Pipeline 2007-12-10 14:43:21.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.643 [GMT -8:00]
Running from: C:\Documents and Settings\Terry\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\LocalService\Application Data\NetMon
C:\Documents and Settings\LocalService\Application Data\NetMon\domains.txt
C:\Documents and Settings\LocalService\Application Data\NetMon\log.txt
C:\Documents and Settings\Terry\Application Data\SMBOLS~1
C:\Program Files\Common Files\sks~1
C:\Program Files\Common Files\smante~1
C:\Program Files\Common Files\Yazzle1122OinAdmin.exe
C:\Program Files\Common Files\Yazzle1122OinUninstaller.exe
C:\Program Files\Common Files\ziri\ziria.exe
C:\Program Files\Common Files\ziri\ziria.lck
C:\Program Files\Common Files\ziri\zirid\ziric.dll
C:\Program Files\Common Files\ziri\ziril.exe
C:\Program Files\Common Files\ziri\ziril.lck
C:\Program Files\Common Files\ziri\zirim.exe
C:\Program Files\Common Files\ziri\zirim.lck
C:\Program Files\Common Files\ziri\zirip.exe
C:\Program Files\Common Files\ziri\zirip.lck
C:\Program Files\curity~1
C:\Program Files\fnts~1
C:\Program Files\inetget2
C:\Program Files\inetget2\emg.exe
C:\Program Files\Insider
C:\Program Files\Insider\Insider.exe
C:\Program Files\Insider\UnInstall.exe
C:\Program Files\ISM2
C:\Program Files\ISM2\adhydraupd.exe
C:\Program Files\ISM2\ISMPack7.exe
C:\Program Files\network monitor
C:\Program Files\network monitor\netmon.exe
C:\Program Files\Temporary
C:\Program Files\WinAble
C:\Program Files\WinAble\winable.exe
C:\Program Files\WindowsUpdate\rtejegacaz.html
C:\Program Files\ystem~1
C:\WINDOWS\b103.exe
C:\WINDOWS\b104.exe
C:\WINDOWS\b111.exe
C:\WINDOWS\b122.exe
C:\WINDOWS\b128.exe
C:\WINDOWS\b138.exe
C:\WINDOWS\b143.exe
C:\WINDOWS\b147.exe
C:\WINDOWS\b148.exe
C:\WINDOWS\cookies.ini
C:\WINDOWS\mbols~1
C:\WINDOWS\mrofinu.exe
C:\WINDOWS\sembly~1
C:\WINDOWS\stem~1
C:\WINDOWS\system32\atmtd.dll
C:\WINDOWS\system32\btllrduq.dll
C:\WINDOWS\system32\ddcdede.dll
C:\WINDOWS\system32\dldurlso.exe
C:\WINDOWS\system32\dtkfkays.dll
C:\WINDOWS\system32\galidnfa.exe
C:\WINDOWS\system32\hwcvvhjt.dll
C:\WINDOWS\system32\jjkkj.ini
C:\WINDOWS\system32\jkkjj.dll
C:\WINDOWS\system32\qudrlltb.ini
C:\WINDOWS\system32\smbols~1
C:\WINDOWS\system32\tsuninst.exe
C:\WINDOWS\system32\winnb58.dll
C:\WINDOWS\system32\wyeeqlox.exe
C:\WINDOWS\system32\xyysijkm.exe
C:\WINDOWS\TW9t\
C:\WINDOWS\TW9t\\asappsrv.dll
C:\WINDOWS\TW9t\\command.exe
C:\WINDOWS\TW9t\\nq6Q.vbs
C:\WINDOWS\TW9t\command.exe
C:\WINDOWS\uninstall_nmon.vbs
.
---- Previous Run -------
.
C:\A.tmp
C:\C.tmp
C:\Documents and Settings\LocalService\Application Data\NetMon
C:\Documents and Settings\LocalService\Application Data\NetMon\domains.txt
C:\Documents and Settings\LocalService\Application Data\NetMon\log.txt
C:\Documents and Settings\Terry\Application Data\SMBOLS~1
C:\Documents and Settings\Terry\My Documents\CROSOF~1.NET
C:\Documents and Settings\Terry\My Documents\MANTEC~1
C:\Documents and Settings\Terry\My Documents\MBOLS~1
C:\Documents and Settings\Terry\My Documents\SMBOLS~1
C:\Documents and Settings\Terry\My Documents\YSTEM~1
C:\F.tmp
C:\Program Files\Common Files\sks~1
C:\Program Files\Common Files\smante~1
C:\Program Files\Common Files\Yazzle1122OinAdmin.exe
C:\Program Files\Common Files\Yazzle1122OinUninstaller.exe
C:\Program Files\Common Files\ziri
C:\Program Files\Common Files\ziri\ziria.exe
C:\Program Files\Common Files\ziri\ziria.lck
C:\Program Files\Common Files\ziri\zirid\class-barrel
C:\Program Files\Common Files\ziri\zirid\vocabulary
C:\Program Files\Common Files\ziri\zirid\ziric.dll
C:\Program Files\Common Files\ziri\zirih
C:\Program Files\Common Files\ziri\ziril.exe
C:\Program Files\Common Files\ziri\ziril.lck
C:\Program Files\Common Files\ziri\zirim.exe
C:\Program Files\Common Files\ziri\zirim.lck
C:\Program Files\Common Files\ziri\zirip.exe
C:\Program Files\Common Files\ziri\zirip.lck
C:\Program Files\curity~1
C:\Program Files\fnts~1
C:\Program Files\inetget2
C:\Program Files\inetget2\emg.exe
C:\Program Files\Insider
C:\Program Files\Insider\Insider.exe
C:\Program Files\Insider\UnInstall.exe
C:\Program Files\ISM2
C:\Program Files\ISM2\adhydraupd.exe
C:\Program Files\ISM2\dictionary.gz
C:\Program Files\ISM2\ISMPack7.exe
C:\Program Files\ISM2\targets.gz
C:\Program Files\network monitor
C:\Program Files\network monitor\netmon.exe
C:\Program Files\Temporary
C:\Program Files\WinAble
C:\Program Files\WinAble\winable.exe
C:\Program Files\WindowsUpdate\rtejegacaz.html
C:\Program Files\ystem~1
C:\WINDOWS\b103.exe
C:\WINDOWS\b104.exe
C:\WINDOWS\b111.exe
C:\WINDOWS\b122.exe
C:\WINDOWS\b128.exe
C:\WINDOWS\b128.exe.bin
C:\WINDOWS\b138.exe
C:\WINDOWS\b143.exe
C:\WINDOWS\b147.exe
C:\WINDOWS\b148.exe
C:\WINDOWS\cookies.ini
C:\WINDOWS\mbols~1
C:\WINDOWS\mrofinu.exe
C:\WINDOWS\sembly~1
C:\WINDOWS\stem~1
C:\WINDOWS\system32\atmtd.dll
C:\WINDOWS\system32\atmtd.dll._
C:\WINDOWS\system32\ddcdede.dll
C:\WINDOWS\system32\dldurlso.exe
C:\WINDOWS\system32\dtkfkays.dll
C:\WINDOWS\system32\feskqfox.dll
C:\WINDOWS\system32\galidnfa.exe
C:\WINDOWS\system32\hwcvvhjt.dll
C:\WINDOWS\system32\jjkkj.bak1
C:\WINDOWS\system32\jjkkj.bak2
C:\WINDOWS\system32\jjkkj.ini
C:\WINDOWS\system32\jkkjj.dll
C:\WINDOWS\system32\smbols~1
C:\WINDOWS\system32\tnmiscpm.dll
C:\WINDOWS\system32\toonaqku.dll
C:\WINDOWS\system32\tsuninst.exe
C:\WINDOWS\system32\winnb58.dll
C:\WINDOWS\system32\wyeeqlox.exe
C:\WINDOWS\system32\xyysijkm.exe
C:\WINDOWS\system32\ydbpoywy.dll
C:\WINDOWS\system32\ywyopbdy.ini
C:\WINDOWS\TW9t\
C:\WINDOWS\TW9t\\asappsrv.dll
C:\WINDOWS\TW9t\\command.exe
C:\WINDOWS\TW9t\\nq6Q.vbs
C:\WINDOWS\TW9t\command.exe
C:\WINDOWS\uninstall_nmon.vbs
C:\WINDOWS\ziri
C:\WINDOWS\ziri\wu
C:\WINDOWS\ziri\ziri.dat

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\LEGACY_CMDSERVICE
-------\LEGACY_DOMAINSERVICE
-------\LEGACY_NETWORK_MONITOR
-------\cmdService
-------\DomainService
-------\Network Monitor

-------\LEGACY_CMDSERVICE
-------\LEGACY_DOMAINSERVICE
-------\LEGACY_NETWORK_MONITOR
-------\cmdService
-------\DomainService
-------\Network Monitor

-------\LEGACY_CMDSERVICE
-------\LEGACY_DOMAINSERVICE
-------\LEGACY_NETWORK_MONITOR
-------\cmdService
-------\DomainService
-------\Network Monitor

((((((((((((((((((((((((( Files Created from 2007-11-10 to 2007-12-10 )))))))))))))))))))))))))))))))
.

2007-12-10 14:35 . 2007-12-10 14:35 d-------- C:\WINDOWS\ziri
2007-12-09 21:08 . 2007-12-09 22:36 d-------- C:\Program Files\Enigma Software Group
2007-12-09 20:59 . 2007-12-09 20:59 0 --ahs---- C:\Documents and Settings\Terry\Application Data\fce5fdab156bd88783e251422e52ecd50d8a7395.dat
2007-12-08 11:57 . 2007-12-10 14:35 d-------- C:\Program Files\WinZip Self-Extractor
2007-12-03 11:10 . 2007-08-03 10:10 185,960 -ra------ C:\UNRAR.DLL
2007-11-30 14:01 . 2007-11-30 18:41 793,682 ---hs---- C:\WINDOWS\system32\vmtylewj.ini
2007-11-15 03:14 . 2007-11-15 03:14 d-------- C:\Documents and Settings\LocalService\Application Data\Talkback
2007-11-12 20:41 . 2007-11-12 20:41 25 --a------ C:\WINDOWS\mixerdef.ini
2007-11-12 13:51 . 2004-08-03 23:08 10,624 --a------ C:\WINDOWS\system32\drivers\gameenum.sys
2007-11-12 13:51 . 2004-08-03 23:08 10,624 --a--c--- C:\WINDOWS\system32\dllcache\gameenum.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-10 22:45 --------- d-----w C:\Documents and Settings\Terry\Application Data\DNA
2007-11-18 19:01 --------- d-----w C:\Program Files\RegistrySmart
2007-11-12 08:14 --------- d-----w C:\Documents and Settings\Terry\Application Data\BitTorrent
2007-11-02 01:04 --------- d-----w C:\Documents and Settings\Terry\Application Data\RegistrySmart
2007-10-11 22:28 --------- d-----w C:\Program Files\IrfanView
2007-10-11 22:09 --------- d-----w C:\Program Files\Java
2007-10-11 21:48 --------- d-----w C:\Program Files\FriendBlasterPro
2007-10-11 18:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\WinZip
2007-10-11 01:58 --------- d-----w C:\Documents and Settings\Terry\Application Data\MSN6
2007-10-10 18:46 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-03-07 01:18 48,034 -c--a-w C:\Program Files\uninstal_msi.log
2007-03-07 01:18 23,307 -c--a-w C:\Program Files\setuplog.txt
2007-03-06 23:59 20,521 -c--a-w C:\Program Files\EthnoInstr_uninstal.log
2003-11-04 00:07 499,712 -c--a-w C:\Program Files\msvcp71.dll
2003-11-04 00:07 348,160 -c--a-w C:\Program Files\msvcr71.dll
2003-05-30 16:22 344,064 -c--a-r C:\Program Files\msvcr70.dll
2003-03-21 20:37 16,056 -c--a-w C:\Program Files\owcstp16.dll
2002-01-05 10:40 487,424 -c--a-w C:\Program Files\msvcp70.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8ABA9A9C-8791-4d61-8D5B-BCC9448EA573}]
C:\Program Files\ISM\BndDrive7.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8B27CC68-110C-46a9-80D3-F3107DE6EB98}]
C:\Program Files\ISM\BndDrive3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{9A9C9B68-F908-4AAB-8D0C-10EA8997F37E}"= C:\WINDOWS\system32\WinNB58.dll [ ]

[HKEY_CLASSES_ROOT\clsid\{9a9c9b68-f908-4aab-8d0c-10ea8997f37e}]
[HKEY_CLASSES_ROOT\TypeLib\{566DEDE9-9ED8-45DA-9BE6-9B2EEAB17F49}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 08:24]
"NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2005-10-11 19:25]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-02 12:08]
"DNA"="C:\Program Files\BitTorrent_DNA\dna.exe" [2007-06-06 21:42]
"BitTorrent"="C:\Program Files\BitTorrent\bittorrent.exe" [2007-03-01 15:11]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:56]
"Tjda"="C:\Documents and Settings\Terry\My Documents\??crosoft.NET\n?pdb.exe" []
"Vbloii"="C:\WINDOWS\??sembly\e?plorer.exe" []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-10-25 18:58]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2006-10-30 09:36]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11]
"M-Audio Taskbar Icon"="C:\WINDOWS\System32\M-AudioTaskBarIcon.exe" [2005-10-18 10:00]
"MAFWTaskbarApp"="C:\WINDOWS\system32\MAFWTray.exe" [2005-09-20 18:17]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2006-01-12 16:40]
"H2O"="C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe" [2005-05-11 02:46]
"NvCplDaemon"="RUNDLL32.exe" [2004-08-04 00:56 C:\WINDOWS\system32\rundll32.exe]
"nwiz"="nwiz.exe" [2006-10-22 12:22 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="RUNDLL32.exe" [2004-08-04 00:56 C:\WINDOWS\system32\rundll32.exe]
"NexusServer"="C:\Program Files\Common Files\Canopus Shared\ProCoder 2\Kernel\PNXSERVR.exe" [2004-04-28 00:41]
"PinnacleDriverCheck"="C:\WINDOWS\system32\PSDrvCheck.exe" [2004-03-10 15:26]
"DigidesignMMERefresh"="C:\Program Files\Digidesign\Drivers\MMERefresh.exe" [2006-02-14 23:31]
"SoundMan"="soundman.exe" [2005-06-20 05:42 C:\WINDOWS\soundman.exe]
"meven"="C:\Program Files\Messenger\meven77798.exe" [2007-08-07 12:30]
"C-Media Mixer"="Mixer.exe" [2002-10-15 18:00 C:\WINDOWS\mixer.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2006-10-04 00:48 C:\WINDOWS\system32\narrator.exe]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
IEEE 802.11g USB Wireless LAN Utility.lnk - C:\Program Files\IEEE 802.11g USB Wireless LAN\Wireless LAN\WlanUtil.exe [2006-12-22 15:23:25]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 00:01:04]
WinZip Quick Pick.lnk - C:\WZQKPICK.EXE [2007-08-03 10:10:00]

R0 DigiFilter;DigiFilter;C:\WINDOWS\system32\drivers\DigiFilt.sys
R2 BlackBoxInstallerService;Black Box Installer;C:\Program Files\M-Audio\Black Box\Install\BlackBoxInst.exe
R2 EvoInstallerService;M-Audio Installer;C:\Program Files\M-Audio\Install\EvoInst.exe
R2 TransitInstallerService;M-Audio Transit Installer;C:\Program Files\M-Audio\Transit\Install\TUSBInst.exe
R2 WUSB300NSvc;WUSB300NSvc;"C:\Program Files\Linksys\WUSB300N\WLService.exe" "WUSB300N.exe"
R3 CLEDX;Team H2O CLEDX service;C:\WINDOWS\system32\DRIVERS\cledx.sys
S3 BRGSp50;BRGSp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\BRGSp50.sys
S3 EVOLUSB;%EVOL_USB.SvcDesc%;C:\WINDOWS\system32\drivers\evolusb.sys
S3 iLokDrvr;iLok;C:\WINDOWS\system32\DRIVERS\iLokDrvr.sys
S3 MA_CMIDI;M-Audio USB Driver;C:\WINDOWS\system32\drivers\ma_cmidi.sys
S3 ma763006;M-Audio Transit USB;C:\WINDOWS\system32\drivers\MA763006.sys
S3 MADFU006;MADFU006;C:\WINDOWS\system32\DRIVERS\MADFU006.sys
S3 ZD1211BU(WLAN);IEEE 802.11g USB Wireless LAN(WLAN);C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys

*Newly Created Service* - GTNDIS5

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA844-CC51-11CF-AAFA-00AA00B6015C}]
rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\CChat25.inf,PerUserAdd.NT
.
Contents of the 'Scheduled Tasks' folder
"2007-12-03 14:07:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\Explorer.EXE [6.00.2900.3156]
-> C:\DOCUME~1\Terry\LOCALS~1\Temp\cjelyjqo.dll
.
**************************************************************************

catchme 0.3.1331 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-10 14:47:42
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

C:\WINDOWS\QTFont.for 1409 bytes
C:\WINDOWS\QTFont.qfn 54156 bytes

scan completed successfully
hidden files: 2

**************************************************************************
.
Completion time: 2007-12-10 14:48:18 - machine was rebooted
.
--- E O F ---