Cruchie.....thanks for the reply....here's the log file from combofix:
"Owner" - 2007-07-28 23:18:42 [GMT -4:00] - ComboFix 07-07-24 - Service Pack 2 NTFS
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\DOCUME~1\Owner\APPLIC~1.\smbols~1
C:\DOCUME~1\Owner\APPLIC~1.\smbols~1\wowexec.exe
C:\DOCUME~1\Owner\APPLIC~1.\stem~1
C:\DOCUME~1\Owner\APPLIC~1\Sskknwrd.dll
C:\DOCUME~1\Owner\MYDOCU~1.\sks~1
C:\mc-110-12-0000228.exe
C:\Program Files\cas
C:\Program Files\cas\Client\hf.txt
C:\Program Files\cas\Client\sf.txt
C:\Program Files\cas\Client\Uninstall.exe
C:\Program Files\casstub
C:\Program Files\Common Files\curity~1
C:\Program Files\Common Files\ssembl~1
C:\Program Files\Common Files\uninstall information
C:\Program Files\Common Files\Yazzle1552OinAdmin.exe
C:\Program Files\Common Files\Yazzle1552OinUninstaller.exe
C:\Program Files\outerinfo
C:\Program Files\outerinfo\Terms.rtf
C:\Program Files\pecarlin
C:\Program Files\pecarlin\PECarlin.exe
C:\Program Files\pecarlin\Uninstall.exe
C:\Program Files\quick links
C:\Program Files\quick links\Uninst.log
C:\Program Files\windows
C:\Program Files\windows\WinUpdate.exe
C:\Program Files\windows\WinUpdate.fld
C:\WINDOWS\DOWNLO~1.\Cache
C:\WINDOWS\IA
C:\WINDOWS\keyboard1.dat
C:\WINDOWS\keyboard231.dat
C:\WINDOWS\msresearch1.dat
C:\WINDOWS\newname.dat
C:\WINDOWS\retadpu11.exe
C:\WINDOWS\system32\atmtd.dll.tmp
C:\WINDOWS\system32\avyp.dll
C:\WINDOWS\system32\curity~1
C:\WINDOWS\system32\mantec~1
C:\WINDOWS\system32\mantec~1\nopdb.exe
C:\WINDOWS\system32\stem~1
C:\WINDOWS\system32\stem32~1
C:\WINDOWS\system32\vidctrl
C:\WINDOWS\system32\wtsiit.exe
C:\WINDOWS\uninstall_nmon.vbs
C:\WINDOWS\wr.txt
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
-------\LEGACY_CMDSERVICE
-------\LEGACY_NETWORK_MONITOR
-------\LEGACY_WINDOWS_OVERLAY_COMPONENTS
-------\cmdService
-------\Network Monitor
-------\Windows Overlay Components
((((((((((((((((((((((((( Files Created from 2007-06-28 to 2007-07-29 )))))))))))))))))))))))))))))))
2007-07-28 23:16 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-07-15 13:36 <DIR> d-------- C:\Program Files\Handspring
2007-07-03 14:48 <DIR> d-------- C:\Program Files\MP3 Player Utilities 4.05
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-06-26 01:59:28 -------- d-----w C:\Program Files\iTunes
2007-06-26 01:59:21 -------- d-----w C:\Program Files\iPod
2007-06-26 01:56:16 -------- d-----w C:\Program Files\QuickTime
2007-06-26 01:53:03 -------- d-----w C:\Program Files\Apple Software Update
2007-06-23 20:18:02 -------- d-----w C:\Program Files\3DGroove
2007-06-18 02:15:32 664 ----a-w C:\WINDOWS\system32\d3d9caps.dat
2007-05-16 15:12:02 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-01-04 22:46:04 159,152 ----a-w C:\DOCUME~1\Owner\APPLIC~1\GDIPFONTCACHEV1.DAT
2004-12-28 23:42:31 0 --sha-w C:\WINDOWS\SMINST\HPCD.sys
2005-12-16 13:52:11 56 --sh--r C:\WINDOWS\system32\EA7E68B34D.sys
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KBD"="C:\HP\KBD\KBD.EXE" [2003-02-11 23:02]
"StorageGuard"="C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-02-13 11:01]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2003-07-24 05:36]
"nwiz"="nwiz.exe" [2003-05-03 02:19 C:\WINDOWS\system32\nwiz.exe]
"QuickFinder Scheduler"="c:\Program Files\WordPerfect Office 11\Programs\QFSCHD110.EXE" [2003-03-07 06:01]
"Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [2005-06-29 21:54]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-09-11 05:40]
"mmtask"="C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe" []
"ccApp"="c:\Program Files\Common Files\Symantec Shared\ccApp.exe" []
"SSC_UserPrompt"="C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe" []
"HostManager"="C:\Program Files\Common Files\AOL\1137265543\ee\AOLSoftware.exe" [2006-05-09 20:24]
"@"="" []
"RoxWatchTray"="C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatchTray.exe" [2006-06-13 23:58]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-04-27 09:41]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-06-01 16:51]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NVIEW"="nview.dll,nViewLoadHook" []
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 12:24]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 03:56]
"Aim6"="C:\Program Files\AIM6\aim6.exe" [2006-11-07 11:29]
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 05:40]
"Notn"="C:\WINDOWS\system32\MANTEC~1\nopdb.exe" []
"Qwsysj"="C:\Documents and Settings\Owner\Application Data\s?mbols\wowexec.exe" []
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"PECarlin"="C:\Program Files\PECarlin\PECarlin.exe"
C:\Documents and Settings\Owner\Start Menu\Programs\Startup\
HotSync Manager.lnk - C:\Program Files\Handspring\HOTSYNC.EXE [2003-10-09 14:54:58]
spamsubtract.lnk - C:\Program Files\interMute\SpamSubtract\SpamSubtract.exe [2003-07-26 04:57:44]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 23:05:26]
Compaq Connections.lnk - C:\Program Files\Compaq Connections\1940576\Program\BackWeb-1940576.exe [2003-07-24 06:03:28]
KODAK Software Updater.lnk - C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\backWeb-7288971.exe [2004-11-27 11:52:12]
LUMIX Simple Viewer.lnk - C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe [2006-06-22 15:17:29]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 02:01:04]
Quicken Scheduled Updates.lnk - C:\Program Files\Quicken\bagent.exe [2002-09-20 22:20:02]
Sonic CinePlayer Quick Launch.lnk - C:\Program Files\Common Files\Sonic Shared\CineTray.exe [2006-05-26 03:01:00]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
"bgtxdii.exe"=C:\WINDOWS\system\bgtxdii.exe
"eiicupd.exe"=C:\WINDOWS\system\eiicupd.exe
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer\Run]
"WinUpdate.exe"=C:\Program Files\Windows\WinUpdate.exe
R0 fasttx2k;fasttx2k;C:\WINDOWS\system32\DRIVERS\fasttx2k.sys
R1 cdrbsdrv;cdrbsdrv;C:\WINDOWS\system32\drivers\cdrbsdrv.sys
R1 DcCam;Kodak Camera Proxy;C:\WINDOWS\system32\DRIVERS\DcCam.sys
R1 DLACDBHM;DLACDBHM;C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
R1 DLARTL_N;DLARTL_N;C:\WINDOWS\system32\Drivers\DLARTL_N.SYS
R1 ewido security suite driver;ewido security suite driver;\??\C:\Program Files\ewido\security suite\guard.sys
R2 DCFS2K;DCFS2K;C:\WINDOWS\system32\drivers\dcfs2k.sys
R2 DLABOIOM;DLABOIOM;C:\WINDOWS\system32\DLA\DLABOIOM.SYS
R2 DLADResN;DLADResN;C:\WINDOWS\system32\DLA\DLADResN.SYS
R2 DLAIFS_M;DLAIFS_M;C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
R2 DLAOPIOM;DLAOPIOM;C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
R2 DLAPoolM;DLAPoolM;C:\WINDOWS\system32\DLA\DLAPoolM.SYS
R2 DLAUDF_M;DLAUDF_M;C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
R2 DLAUDFAM;DLAUDFAM;C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
R2 DRVNDDM;DRVNDDM;C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
R3 Afc;PPdus ASPI Shell;C:\WINDOWS\system32\drivers\Afc.sys
R3 ltmodem5;Lucent Modem Driver;C:\WINDOWS\system32\DRIVERS\ltmdmnt.sys
R3 Ps2;PS2;C:\WINDOWS\system32\DRIVERS\PS2.sys
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver;C:\WINDOWS\system32\DRIVERS\usbehci.sys
R3 usbhub;USB2 Enabled Hub;C:\WINDOWS\system32\DRIVERS\usbhub.sys
R3 usbprint;Microsoft USB PRINTER Class;C:\WINDOWS\system32\DRIVERS\usbprint.sys
R3 USBSTOR;USB Mass Storage Driver;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver;C:\WINDOWS\system32\DRIVERS\usbuhci.sys
S1 Exportit;Exportit;C:\WINDOWS\system32\DRIVERS\exportit.sys
S3 DcFpoint;DcFpoint;C:\WINDOWS\system32\DRIVERS\DcFpoint.sys
S3 DcLps;Legacy Polling Service;C:\WINDOWS\system32\DRIVERS\DcLps.sys
S3 DcPTP;dcptp;C:\WINDOWS\system32\DRIVERS\DcPTP.sys
S3 Fax;Fax;C:\WINDOWS\system32\fxssvc.exe
S3 hp4200c;%usbscan.SvcDesc%;C:\WINDOWS\system32\DRIVERS\hp4200c.sys
S3 PalmUSBD;PalmUSBD;C:\WINDOWS\system32\drivers\PalmUSBD.sys
S3 usbohci;Microsoft USB Open Host Controller Miniport Driver;C:\WINDOWS\system32\DRIVERS\usbohci.sys
S3 usbscan;USB Scanner Driver;C:\WINDOWS\system32\DRIVERS\usbscan.sys
S3 WpdUsb;WpdUsb;C:\WINDOWS\system32\Drivers\wpdusb.sys
S4 WMIPerAddOn;Microsoft WMI Performance Adapter AddOn;"C:\WINDOWS\wmiapsrv.exe"
Contents of the 'Scheduled Tasks' folder
2007-07-15 20:50:01 C:\WINDOWS\tasks\AppleSoftwareUpdate.job
2007-07-28 00:00:00 C:\WINDOWS\tasks\McAfee.com Scan for Viruses - My Computer (YOUR-LK4RLMSU41-Owner).job
2007-07-29 03:30:40 C:\WINDOWS\tasks\RUTASK.job
**************************************************************************
catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2007-07-28 23:31:01
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden registry entries ...
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\CancelAutoplay\CLSID]
"\30 A?E?2?A?E?D?8?F?-?5?6?9?5?-?4?a?6?d?-?9?7?0?9?-?1?4?E?5?1?C?D?1?7?B?1?C?'?"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher]
"TracesProcessed"=dword:00000181
scanning hidden files ...
**************************************************************************
Completion time: 2007-07-28 23:35:17 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-07-28 23:34
--- E O F ---
Unsolved 
JD
Offline 
