From: "Kimmo Jaskari" <kimmo dot jaskari at gmail dot com>
> On 8/3/06, Ryan L. Rodrigue <Ebay at aarelectronics dot com> wrote:

>> did you try yanking the HD out of the machine and adding it to another 
>> machine as a spare > and running the virus and malware scans?  I have 
>> done this and am yet to get a virus I have > not been able to get rid of.

> Anyone administrating boxes (be they Windows or any other kind) should
> have a bootable CD to run antivirus etc scans from. One a Windows box
> is rooted, it's completely untrustworthy until you zap the drive and
> reinstall from scratch (more so than a Windows box is usually, I
> mean.)

Pebuilder is nice, but UBCD 4 Win is a configured PE Builder that is as 
simple to make as can be.  http://www.ubcd4win.com/  Several malware and 
virus scanners.  But no help in this case.

For the record, the only odd thing I have found is with filemon.  I have no 
clue what this means, and there is now good string to search...  Several 
pages if this in several directories as soon as I one one.

353 1:23:58 PM explorer.exe:1256 OPEN C:\Documents and 
Settings\Cap'n\Desktop\Scooby\AWD.jpg\:Docf_QebiesnrMkudrfcoIaamtykdDa:$DATA 
NOT FOUND Options: Open  Access: Read
354 1:23:58 PM explorer.exe:1256 OPEN C:\Documents and 
Settings\Cap'n\Desktop\Scooby\AWD.jpg\:QebiesnrMkudrfcoIaamtykdDa:$DATA NOT 
FOUND Options: Open  Access: Read
355 1:23:58 PM explorer.exe:1256 OPEN C:\Documents and 
Settings\Cap'n\Desktop\Scooby\AWD.jpg\:Docf_QebiesnrMkudrfcoIaamtykdDa:$DATA 
NOT FOUND Options: Open  Access: Read