It created a log!!!!
ComboFix 08-01-29.2 - Daniel 2008-01-29 4:50:13.11 - NTFSx86 MINIMAL
Running from: C:\Documents and Settings\Daniel\Desktop\Combo-Fix.exe
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\drivers\core.cache.dsk
C:\WINDOWS\system32\drivers\netbtt.sys
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\LEGACY_NETBTT
-------\netbtt
((((((((((((((((((((((((( Files Created from 2007-12-28 to 2008-01-29 )))))))))))))))))))))))))))))))
.
2008-01-26 14:28 . 2008-01-26 14:28 <DIR> d----c--- C:\Program Files\CCleaner
2008-01-26 01:41 . 2008-01-28 08:00 <DIR> d----c--- C:\Documents and Settings\Beth\Application Data\AVG7
2008-01-25 20:37 . 2008-01-25 20:37 <DIR> d----c--- C:\Program Files\Trend Micro
2008-01-25 20:33 . 2008-01-28 08:00 <DIR> d----c--- C:\Documents and Settings\Daniel\Application Data\AVG7
2008-01-25 20:31 . 2008-01-25 20:31 <DIR> d----c--- C:\Documents and Settings\LocalService\Application Data\AVG7
2008-01-25 20:28 . 2008-01-25 20:28 <DIR> d----c--- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-01-25 19:33 . 2008-01-26 08:00 <DIR> d----c--- C:\Documents and Settings\All Users\Application Data\Avg7
2008-01-25 11:00 . 2007-07-29 17:04 211 --a--c--- C:\Boot.bak
2008-01-25 10:59 . 2004-08-03 23:00 260,272 --a--c--- C:\cmldr
2008-01-23 16:23 . 2008-01-24 02:23 <DIR> d----c--- C:\Documents and Settings\Beth\Application Data\Spyware Terminator
2008-01-22 22:15 . 2008-01-22 22:15 138,624 --a--c--- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2008-01-22 22:10 . 2008-01-26 18:34 <DIR> d----c--- C:\Documents and Settings\Daniel\Application Data\Spyware Terminator
2008-01-22 22:10 . 2008-01-24 18:25 <DIR> d----c--- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2008-01-22 22:09 . 2008-01-26 18:34 <DIR> d----c--- C:\Program Files\Spyware Terminator
2008-01-22 21:49 . 2008-01-22 22:02 <DIR> d----c--- C:\Program Files\Shareaza
2008-01-20 17:25 . 2008-01-24 18:32 165 --a--c--- C:\WINDOWS\wininit.ini
2008-01-20 12:26 . 2008-01-20 17:44 <DIR> d----c--- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-01-19 18:50 . 2008-01-22 22:55 <DIR> d----c--- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-01-19 17:31 . 2008-01-19 17:31 <DIR> d----c--- C:\Documents and Settings\All Users\Application Data\PC Tools
2008-01-19 12:30 . 2008-01-19 12:30 <DIR> d----c--- C:\Documents and Settings\Beth\Program Files
2008-01-19 12:30 . 2008-01-19 12:43 <DIR> d----c--- C:\Documents and Settings\Beth\Application Data\uTorrent
2008-01-18 23:00 . 2008-01-22 22:58 <DIR> d-a--c--- C:\Documents and Settings\All Users\Application Data\TEMP
2008-01-18 22:55 . 2005-09-23 07:29 626,688 --a--c--- C:\WINDOWS\system32\msvcr80.dll
2008-01-18 18:14 . 2008-01-26 19:01 <DIR> d----c--- C:\Program Files\uTorrent
2008-01-18 18:14 . 2008-01-19 14:23 <DIR> d----c--- C:\Documents and Settings\Daniel\Application Data\uTorrent
2008-01-18 17:52 . 2008-01-18 17:52 <DIR> d----c--- C:\Documents and Settings\All Users\Application Data\Symantec
2008-01-18 17:34 . 2008-01-18 17:34 <DIR> d----c--- C:\Documents and Settings\Beth\Application Data\mIRC
2008-01-18 16:41 . 2008-01-18 18:07 <DIR> d----c--- C:\Documents and Settings\Daniel\Application Data\mIRC
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-06 12:44 --------- dc----w C:\Program Files\Common Files\Adobe
2012-08-06 12:43 --------- dc----w C:\Program Files\Bonjour
2008-01-29 11:12 --------- dc----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-01-28 01:38 --------- dc----w C:\Program Files\Java
2008-01-23 05:49 --------- dc----w C:\Documents and Settings\Daniel\Application Data\Shareaza
2007-11-28 23:49 --------- dc-h--w C:\Program Files\InstallShield Installation Information
2007-11-28 23:49 --------- dc----w C:\Program Files\Creative
2007-11-28 23:48 --------- dc----w C:\Program Files\Audible
2007-11-28 23:40 --------- dc----w C:\Documents and Settings\Daniel\Application Data\Creative
2007-11-28 23:38 --------- dc----w C:\Documents and Settings\All Users\Application Data\Creative
2007-06-14 07:12 76,619 -c--a-w C:\WINDOWS\Fonts\hibiscus.zip
2007-06-14 07:08 76,619 -c--a-w C:\WINDOWS\Fonts\NEWNEWNEW..zip
2007-06-04 06:15 270,336 -c--a-w C:\WINDOWS\system32\config\systemprofile\NTUSER(4).DAT
2007-06-02 05:11 266,240 -c--a-w C:\WINDOWS\system32\config\systemprofile\NTUSER(2).DAT
2007-06-01 06:16 266,240 -c--a-w C:\WINDOWS\system32\config\systemprofile\NTUSER(3).DAT
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-11 07:56 68856]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-12 05:56 15360]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 16:46 1460560]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 02:06 40048]
"LogonStudio"="D:\Program Files\LogonStudio\logonstudio.exe" [2002-09-03 17:38 987187]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-01-25 20:29 579072]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"Adobe Acrobat Updater"="buophsfjbb.exe" []
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-01-25 20:30 219136]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2004-08-12 06:01 53760 C:\WINDOWS\system32\narrator.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="C:\\WINDOWS\\system32\\logonui.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]
E:\PROGRA~1\STARDO~1\STARDO~1\WINDOW~1.1(S\WINDOW~1\fastload.dll 2001-12-20 23:34 24576 E:\PROGRA~1\STARDO~1\STARDO~1\WINDOW~1.1(S\WINDOW~1\fastload.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=wbsys.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@=""
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Google Updater.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Google Updater.lnk
backup=C:\WINDOWS\pss\Google Updater.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Photags AutoDetect.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Photags AutoDetect.lnk
backup=C:\WINDOWS\pss\Photags AutoDetect.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a--c--- 2007-06-11 07:56 68856 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
--a------ 2007-05-14 15:22 35328 E:\Winamp\winampa.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
--a--c--- 2007-07-16 14:17 4670704 C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
"CursorXP"=C:\Program Files\CursorXP\CursorXP.exe
"Aim6"=
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
"SpywareTerminator"="C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [2008-01-22 22:15]
R3 ngrpci;NETGEAR FA310TX Fast Ethernet Adapter Driver;C:\WINDOWS\system32\DRIVERS\ngrpci.sys [2001-08-17 11:12]
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-29 05:00:59
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\PROGRA~1\SPYWAR~1\sp_rsser.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
**************************************************************************
.
Completion time: 2008-01-29 5:09:46 - machine was rebooted
ComboFix-quarantined-files.txt 2008-01-29 13:09:34
.
2008-01-19 03:34:24 --- E O F ---
Thanks!