Windows Theme Changed to Classic and no Internet Connection

This is my HIJACKTHIS file

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:44:40 PM, on 8/17/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\NotifyPhoneBook.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\services.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [RAV008C] C:\WINDOWS\system32\RAV008C.exe
O4 - HKLM\..\Run: [Microsoft Autorun4] C:\WINDOWS\system32\dllhost32.exe
O4 - HKLM\..\Run: [Microsoft Autorun5] C:\WINDOWS\system32\mosou.exe
O4 - HKLM\..\Run: [RAV009B] C:\WINDOWS\system32\RAV009B.exe
O4 - HKLM\..\Run: [QQREST] C:\WINDOWS\system\SMSS.exe
O4 - HKLM\..\Run: [RAV00AE] C:\WINDOWS\system32\RAV00AE.exe
O4 - HKLM\..\Run: [Microsoft Autorun11] C:\WINDOWS\system32\nwizwlwzs.exe
O4 - HKLM\..\Run: [Microsoft Autorun10] C:\WINDOWS\system32\nwizwmgjs.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AME_CSA] rundll32 amecsa.cpl,RUN_DLL
O4 - HKLM\..\Run: [NVDispDrv] C:\WINDOWS\xstvgs.exe
O4 - HKLM\..\Run: [RAVMHMON] C:\WINDOWS\Fonts\RAVMHMON.exe
O4 - HKLM\..\Run: [RAVMSMON] C:\WINDOWS\Fonts\RAVMSMON.exe
O4 - HKLM\..\Run: [RAVQJMON] C:\WINDOWS\Fonts\RAVQJMON.exe
O4 - HKLM\..\Run: [RAVZTMON] C:\WINDOWS\system32\RAVZTMON.exe
O4 - HKLM\..\Run: [RAVZXMON] C:\WINDOWS\system32\RAVZXMON.exe
O4 - HKLM\..\Run: [RAV00A3] C:\WINDOWS\system32\RAV00A3.exe
O4 - HKLM\..\Run: [RAV0091] C:\WINDOWS\system32\RAV0091.exe
O4 - HKLM\..\Run: [RAV00B2] C:\WINDOWS\system32\RAV00B2.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [NTService] C:\Program Files\Common Files\System\MSOSV.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\mssql.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\mssql.dll
O20 - AppInit_DLLs: mydpri.dll
O23 - Service: A6049A5A - Unknown owner - C:\WINDOWS\system32\113DCAE7.EXE (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--
End of file - 5073 bytes

This is my COMBOFIX file
ComboFix 07-08-14.4 - "LeoNa" 2005-08-17 21:29:27.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.206 [GMT 8:00]
* Created a new restore point

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

C:\Autorun.inf
C:\WINDOWS\services.exe
C:\WINDOWS\system\smss.exe
C:\WINDOWS\system32\113DCAE7.EXE
C:\WINDOWS\system32\dllhost32.exe
C:\WINDOWS\system32\mosou.dll
C:\WINDOWS\system32\mosou.exe
C:\WINDOWS\system32\mssock.sys
C:\WINDOWS\system32\nwiztlbb.dll
C:\WINDOWS\system32\nwiztlbu.exe
C:\WINDOWS\system32\nwizzhuxians.dll
C:\WINDOWS\system32\nwizzhuxians.exe
D:\Autorun.inf

((((((((((((((((((((((((( Files Created from 2005-07-17 to 2005-08-17 )))))))))))))))))))))))))))))))

2005-08-17 21:27 51,200 --a------ C:\WINDOWS\nircmd.exe
2005-08-17 20:11 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2005-08-17 20:08 14,336 --a------ C:\WINDOWS\NVDispDrv.exe
2005-08-13 20:26 1,632 --a------ C:\WINDOWS\system32\d3d8caps.dat
2005-08-13 20:17 <DIR> C:\,I,O,E,ú?I,Š,‡,A,-,ú
2005-08-13 11:42 16,843 ---h----- C:\auto.exe
2005-08-13 10:53 <DIR> d-------- C:\Program Files\Trend Micro
2005-08-13 10:25 13,824 --a------ C:\WINDOWS\xnvxkr.exe
2005-08-06 17:48 30,474 --------- C:\WINDOWS\system32\drivers\mscnr.sys
2005-08-06 17:48 30,378 --------- C:\WINDOWS\system32\drivers\StMp3Rec.sys
2005-08-06 17:48 151,552 --------- C:\WINDOWS\system32\mscnh.dll
2005-08-06 17:48 <DIR> d-------- C:\Program Files\MP3Player
2005-07-24 10:52 90,112 --a------ C:\WINDOWS\system32\AMEUninst2000.exe
2005-07-24 10:52 81,920 --a------ C:\WINDOWS\system32\NotifyPhoneBook.exe
2005-07-24 10:52 77,824 --------- C:\WINDOWS\system32\DSLTest.exe
2005-07-24 10:52 65,536 --a------ C:\WINDOWS\system32\RasXP.exe
2005-07-24 10:52 6,511 --a------ C:\WINDOWS\system32\drivers\StrFilter.sys
2005-07-24 10:52 45,056 --a------ C:\WINDOWS\system32\InstallHardware.exe
2005-07-24 10:52 45,056 --a------ C:\WINDOWS\system32\GainSettings.exe
2005-07-24 10:52 36,864 --a------ C:\WINDOWS\system32\Ras2000.exe
2005-07-24 10:52 36,864 --a------ C:\WINDOWS\system32\CustomizeNdisParams.exe
2005-07-24 10:52 36,864 --a------ C:\WINDOWS\system32\AMEInstall.exe
2005-07-24 10:52 36,864 --------- C:\WINDOWS\system32\Api32.dll
2005-07-24 10:52 32,768 --a------ C:\WINDOWS\system32\SetIpConfig2000Xp.exe
2005-07-24 10:52 32,768 --a------ C:\WINDOWS\system32\RemDial.exe
2005-07-24 10:52 319,488 --------- C:\WINDOWS\system32\MultLang.dll
2005-07-24 10:52 305,192 --a------ C:\WINDOWS\system32\drivers\fw-usb.bin
2005-07-24 10:52 305,192 --------- C:\WINDOWS\system32\fw-usb.bin
2005-07-24 10:52 28,672 --a------ C:\WINDOWS\system32\RShort2k.exe
2005-07-24 10:52 28,672 --a------ C:\WINDOWS\system32\RemoveElan.exe
2005-07-24 10:52 28,672 --a------ C:\WINDOWS\system32\PnpFix.exe
2005-07-24 10:52 28,672 --a------ C:\WINDOWS\system32\AMELaunchUninst.exe
2005-07-24 10:52 24,576 --a------ C:\WINDOWS\system32\AMECSARemove.exe
2005-07-24 10:52 24,576 --------- C:\WINDOWS\system32\RenCSA.exe
2005-07-24 10:52 24,576 --------- C:\WINDOWS\system32\DelCSA.exe
2005-07-24 10:52 204,800 --------- C:\WINDOWS\system32\WaitMsg.exe
2005-07-24 10:52 12,507 --------- C:\WINDOWS\system32\Snetcfg.exe
2005-07-24 10:52 118,391 --a------ C:\WINDOWS\system32\drivers\ameatmpc.sys
2005-07-24 10:52 118,391 --------- C:\WINDOWS\system32\ameatmpc.sys
2005-07-24 10:52 110,592 --------- C:\WINDOWS\system32\Utility.exe
2005-07-24 10:52 106,496 --------- C:\WINDOWS\system32\Cleanup.exe
2005-07-24 10:52 1,208 --a------ C:\WINDOWS\system32\INIT-USB.BIN
2005-07-24 10:52 1,208 --a------ C:\WINDOWS\system32\drivers\init-usb.bin
2005-07-24 10:52 <DIR> d--h----- C:\Program Files\InstallShield Installation Information
2005-07-18 14:43 <DIR> d-------- C:\Program Files\Common Files\Nero
2005-07-18 14:42 <DIR> d-------- C:\Program Files\Common Files\LightScribe
2005-07-18 14:37 476,320 --------- C:\WINDOWS\system32\ImagXpr7.dll
2005-07-18 14:37 471,040 --------- C:\WINDOWS\system32\ImagXRA7.dll
2005-07-18 14:37 262,144 --------- C:\WINDOWS\system32\ImagXR7.dll
2005-07-18 14:37 155,648 --a------ C:\WINDOWS\system32\NeroCheck.exe
2005-07-18 14:37 106,496 --a------ C:\WINDOWS\system32\TwnLib20.dll
2005-07-18 14:37 1,568,768 --------- C:\WINDOWS\system32\ImagX7.dll
2005-07-18 14:37 <DIR> d-------- C:\Program Files\Common Files\Ahead
2005-07-18 14:37 <DIR> d-------- C:\Program Files\Ahead
2005-07-18 13:57 <DIR> d-------- C:\Program Files\Combined Community Codec Pack

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-08-12 17:44 58 --a------ C:\WINDOWS\system32\mydini.dll
2007-08-10 17:00 --------- d-------- C:\DOCUME~1\LeoNa\APPLIC~1\WinRAR
2007-07-15 11:33 --------- d-------- C:\DOCUME~1\LeoNa\APPLIC~1\HP
2007-07-15 11:27 --------- d-------- C:\Program Files\HP
2007-07-15 11:26 --------- d-------- C:\Program Files\Common Files\Sonic Shared
2007-07-15 11:25 --------- d-------- C:\Program Files\Common Files\HP
2007-07-15 11:22 --------- d-------- C:\Program Files\Hewlett-Packard
2007-07-15 11:18 --------- d-------- C:\Program Files\Common Files\Hewlett-Packard
2007-07-15 10:53 --------- d-------- C:\Program Files\Microsoft ActiveSync
2007-07-14 23:47 --------- d-------- C:\DOCUME~1\LeoNa\APPLIC~1\Media Player Classic
2007-07-14 23:45 --------- d-------- C:\Program Files\Real Alternative
2007-07-14 23:45 --------- d-------- C:\Program Files\Media Player Classic
2007-07-14 23:39 --------- d-------- C:\Program Files\MSN Messenger
2007-07-14 23:08 --------- d-------- C:\DOCUME~1\LeoNa\APPLIC~1\vlc
2007-07-14 23:07 --------- d-------- C:\Program Files\VideoLAN
2007-07-14 09:19 2722 --a------ C:\WINDOWS\pchealth\helpctr\PackageStore\SkuStore.bin
2007-07-14 09:09 8972 --a------ C:\WINDOWS\pchealth\helpctr\Config\Cntstore.bin
2007-07-14 08:39 --------- d-------- C:\Program Files\Azureus
2007-07-14 08:29 --------- d-------- C:\Program Files\Common Files\InstallShield
2007-07-14 08:19 --------- d-------- C:\Program Files\microsoft frontpage
2007-07-14 08:18 0 -rahs---- C:\MSDOS.SYS
2007-07-14 08:18 0 -rahs---- C:\IO.SYS
2007-07-14 08:18 0 --a------ C:\CONFIG.SYS
2007-07-14 08:18 0 --a------ C:\AUTOEXEC.BAT
2007-07-14 08:15 --------- d--h----- C:\Program Files\WindowsUpdate
2007-07-14 08:15 --------- d-------- C:\Program Files\Online Services
2007-07-14 08:14 --------- d-------- C:\Program Files\Movie Maker
2007-07-14 08:14 --------- d-------- C:\Program Files\Common Files\MSSoap
2007-07-14 08:12 --------- d-------- C:\Program Files\MSN Gaming Zone
2007-07-14 08:12 --------- d-------- C:\Program Files\Messenger
2007-07-14 08:11 --------- d-------- C:\Program Files\Windows NT
2006-01-24 11:34 118784 --a------ C:\WINDOWS\system32\sirenacm.dll
2005-08-17 21:37 16896 --a------ C:\WINDOWS\system32\NVDispDrv.dll
2005-08-17 21:37 11776 --a------ C:\WINDOWS\system32\nwizwlwzs.dll
2005-08-17 21:37 10752 --a------ C:\WINDOWS\system32\nwizwmgjs.dll
2005-08-17 20:08 9216 --a------ C:\WINDOWS\system32\mh104.dll
2005-08-17 16:17 10834 --a------ C:\WINDOWS\system32\811D40DF.DLL
2005-08-14 20:10 --------- d-------- C:\DOCUME~1\LeoNa\APPLIC~1\Azureus
2005-08-13 11:03 11776 --ahs---- C:\pagefiles.pif
2005-08-13 10:51 8796 --ah----- C:\WINDOWS\system32\mssql.dll
2005-08-13 10:50 9696 --a------ C:\WINDOWS\system32\RAVZXMON.exe
2005-08-13 10:50 14480 --a------ C:\WINDOWS\Fonts.\RAVMHMON.exe
2005-08-13 10:50 14336 --a------ C:\WINDOWS\xstvgs.exe
2005-08-13 10:50 12952 --a------ C:\WINDOWS\Fonts.\RAVMSMON.exe
2005-08-13 10:50 12672 --a------ C:\WINDOWS\Fonts.\RAVQJMON.exe
2005-08-13 10:50 10952 --a------ C:\WINDOWS\system32\RAVZTMON.exe
2005-07-31 20:27 9860 --a------ C:\WINDOWS\system32\RAV00A3.exe
2005-07-31 20:27 9704 --a------ C:\WINDOWS\system32\RAV00B2.exe
2005-07-31 20:27 9648 --a------ C:\WINDOWS\system32\RAV0091.exe
2005-07-31 20:27 10256 --a------ C:\WINDOWS\system32\RAV00AE.exe
2005-07-25 20:17 --------- d-------- C:\DOCUME~1\LeoNa\APPLIC~1\Real
2005-07-25 00:56 --------- d-------- C:\DOCUME~1\LeoNa\APPLIC~1\dvdcss
2005-07-18 14:08 9676 --a------ C:\WINDOWS\system32\RAV008C.exe
2005-07-18 14:08 9404 --a------ C:\WINDOWS\system32\RAV009B.exe
2005-07-18 14:08 8572 --a------ C:\WINDOWS\system32\nwizwlwzs.exe
2005-07-18 14:08 8072 --a------ C:\WINDOWS\system32\nwizwmgjs.exe
2005-07-15 20:21 5632 --a------ C:\WINDOWS\system\fOxkb.sys
2005-07-15 20:21 24576 --a------ C:\WINDOWS\system\hook.dll
2005-07-13 16:41 --------- d-------- C:\Program Files\Common Files\SpeechEngines
2005-07-13 16:41 --------- d-------- C:\Program Files\Common Files\ODBC
2005-05-11 23:36 12288 --a------ C:\WINDOWS\Fonts.\RandFont.dll

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 23:12]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00]
"RAV008C"="C:\WINDOWS\system32\RAV008C.exe" [2005-07-18 14:08]
"Microsoft Autorun4"="C:\WINDOWS\system32\dllhost32.exe" []
"Microsoft Autorun5"="C:\WINDOWS\system32\mosou.exe" []
"RAV009B"="C:\WINDOWS\system32\RAV009B.exe" [2005-07-18 14:08]
"QQREST"="C:\WINDOWS\system\SMSS.exe" []
"RAV00AE"="C:\WINDOWS\system32\RAV00AE.exe" [2005-07-31 20:27]
"Microsoft Autorun11"="C:\WINDOWS\system32\nwizwlwzs.exe" [2005-07-18 14:08]
"Microsoft Autorun10"="C:\WINDOWS\system32\nwizwmgjs.exe" [2005-07-18 14:08]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50]
"AME_CSA"="amecsa.cpl" [2003-01-29 14:16 C:\WINDOWS\system32\AmeCSA.cpl]
"NVDispDrv"="C:\WINDOWS\xstvgs.exe" [2005-08-13 10:50]
"RAVMHMON"="C:\WINDOWS\Fonts\RAVMHMON.exe" [2005-08-13 10:50]
"RAVMSMON"="C:\WINDOWS\Fonts\RAVMSMON.exe" [2005-08-13 10:50]
"RAVQJMON"="C:\WINDOWS\Fonts\RAVQJMON.exe" [2005-08-13 10:50]
"RAVZTMON"="C:\WINDOWS\system32\RAVZTMON.exe" [2005-08-13 10:50]
"RAVZXMON"="C:\WINDOWS\system32\RAVZXMON.exe" [2005-08-13 10:50]
"RAV00A3"="C:\WINDOWS\system32\RAV00A3.exe" [2005-07-31 20:27]
"RAV0091"="C:\WINDOWS\system32\RAV0091.exe" [2005-07-31 20:27]
"RAV00B2"="C:\WINDOWS\system32\RAV00B2.exe" [2005-07-31 20:27]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2006-10-07 20:20]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2006-01-24 11:37]
"NTService"="C:\Program Files\Common Files\System\MSOSV.EXE" [2004-08-04 20:00]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-11 23:23:26]
HP Image Zone Fast Start.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [2005-05-12 00:49:24]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{4562452F-FA36-BA4F-892A-FF5FBBAC5314}"= C:\WINDOWS\system32\mydpri.dll [2004-08-04 17:44 20015]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=mydpri.dll

R2 Atmuni;ATM Call Manager;C:\WINDOWS\system32\DRIVERS\atmuni.sys
R2 Rawwan;RAW WAN Driver;C:\WINDOWS\system32\DRIVERS\rawwan.sys
R3 AmeAtmPc;AmeAtmPc;C:\WINDOWS\system32\DRIVERS\AmeAtmPc.sys
S2 A6049A5A;A6049A5A;C:\WINDOWS\system32\113DCAE7.EXE -k
S3 AtmElan;ATM Emulated LAN;C:\WINDOWS\system32\DRIVERS\atmlane.sys
S3 AtmLane;ATM LAN Emulation;C:\WINDOWS\system32\DRIVERS\atmlane.sys
S3 fOxkb;fOxkb;\??\C:\WINDOWS\system\fOxkb.sys
S3 NtApm;NT Apm/Legacy Interface Driver;C:\WINDOWS\system32\DRIVERS\NtApm.sys

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e8fecc84-31a0-11dc-a01c-00300a0d9367}]
Auto\command- G:\auto.exe
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL auto.exe
explorer\command- G:\pagefiles.pif
open\command- G:\pagefiles.pif

*Newly Created Service* - AVGASCLN

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{81716107-A10D-11cf-64CD-11115FE1CF41}]
C:\WINDOWS\system32\nwizzhuxians.exe

**************************************************************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2005-08-17 21:37:32
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
NTService = C:\Program Files\Common Files\System\MSOSV.EXE?|????????????1??|??Rt???????|????????????x????D?|p??|???|?D?|?5?|?C?|????h??????????????????? &w????D?&wF??????????|????V?????&w??&w &w??????????????????????&w??&wt??????????????|??&w????h??????|??&w???????????

scanning hidden files ...

**************************************************************************

Completion time: 2005-08-17 21:40:10 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2005-08-17 21:39

--- E O F ---

This is my ROOTCHK file
********************************* ROOTCHK-(15-08-07)-LOG, by ejvindh
Wed 08/17/2005 21:41:23.92

The rootkits that are detected by this tool were not found.

********************************* ROOTCHK-LOG-end

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2005-08-17 21:41:24
Windows 5.1.2600 Service Pack 2
scanning hidden processes ...

scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager]

scanning hidden registry entries ...

scanning hidden files ...

hidden processes: 0
hidden files: 0

1. Download AVG Anti-Virus Free Edition