ComboFix 07-08-16.3 - "bpr" 2007-08-16 19:04:03.2 - [color=red][b]FAT32[/b][/color]x86 
Microsoft Windows 2000 Professional  5.0.2195.4.1252.1.1033.18.286 [GMT -7:00]


(((((((((((((((((((((((((   Files Created from 2007-07-17 to 2007-08-17  )))))))))))))))))))))))))))))))


2007-08-16 19:04	16,384	--a----t-	C:\WINNT\SYSTEM32\Perflib_Perfdata_3b8.dat
2007-08-16 18:59	16,384	--a----t-	C:\WINNT\SYSTEM32\Perflib_Perfdata_340.dat
2007-08-16 18:55	<DIR>	d--------	C:\WINNT\ERUNT
2007-08-16 17:12	16,384	--a------	C:\WINNT\SYSTEM32\Perflib_Perfdata_334.dat
2007-08-16 17:09	10,872	--a------	C:\WINNT\SYSTEM32\DRIVERS\AvgAsCln.sys
2007-08-16 17:03	<DIR>	d--------	C:\Program Files\SUPERAntiSpyware
2007-08-16 17:03	<DIR>	d--------	C:\DOCUME~1\bpr.MHL\APPLIC~1\SUPERAntiSpyware.com
2007-08-16 17:03	<DIR>	d--------	C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com
2007-08-16 15:49	53,248	--a------	C:\WINNT\SYSTEM32\Process.exe
2007-08-16 15:49	51,200	--a------	C:\WINNT\SYSTEM32\dumphive.exe
2007-08-16 15:49	288,417	--a------	C:\WINNT\SYSTEM32\SrchSTS.exe
2007-08-16 15:49	1,768	--a------	C:\WINNT\SYSTEM32\tmp.reg
2007-08-16 15:40	16,384	--a------	C:\WINNT\SYSTEM32\Perflib_Perfdata_33c.dat
2007-08-16 15:38	8,192	--a------	C:\WINNT\SYSTEM32\default_user_class.dat
2007-08-16 15:36	51,200	--a------	C:\WINNT\nircmd.exe
2007-08-15 18:52	<DIR>	d--------	C:\Program Files\MemInfo
2007-08-11 11:46	<DIR>	d--------	C:\WINNT\$regcmp$
2007-08-11 11:46	<DIR>	d--------	C:\Program Files\Registry Clean Expert
2007-08-11 10:23	<DIR>	d--------	C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Drivers Headquarters
2007-08-11 10:21	<DIR>	d--------	C:\Program Files\PC Drivers HeadQuarters
2007-08-11 09:36	<DIR>	d--------	C:\Program Files\ToniArts
2007-08-11 09:25	<DIR>	d--------	C:\DOCUME~1\bpr.MHL\APPLIC~1\Uniblue
2007-08-10 22:48	<DIR>	d--------	C:\Program Files\Free&Easy Font Viewer
2007-08-02 21:15	<DIR>	d--------	C:\Program Files\Microsoft Student
2007-08-02 21:15	<DIR>	d--------	C:\Program Files\Learning Essentials


((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))

07-06-30 13:49 	---------	d--------	C:\Program Files\IDA
07-06-30 13:49 	---------	d--------	C:\DOCUME~1\bpr.MHL\APPLIC~1\Internet Download Accelerator
07-06-22 21:25 	---------	d--------	C:\DOCUME~1\bpr.MHL\APPLIC~1\MSNInstaller
07-06-21 14:41 	---------	d--------	C:\Program Files\UPHClean
07-06-21 14:26 	---------	d--------	C:\Program Files\MSECache
07-06-20 22:03 	---------	d--------	C:\DOCUME~1\bpr.MHL\APPLIC~1\MSN6
07-06-20 19:54 	---------	d--------	C:\Program Files\Qwest
07-06-20 19:54 	---------	d--------	C:\Program Files\Common Files\supportsoft
07-06-20 19:54 	---------	d--------	C:\Program Files\Actiontec
07-06-20 19:54 	---------	d--------	C:\Program Files\2Wire_USB_Drivers
01-06-19 13:05 	271	--ah-----	C:\Program Files\DESKTOP.INI
01-06-19 13:05 	21952	--ah-----	C:\Program Files\FOLDER.HTT
01-05-08 07:00 	32528	--a------	C:\WINNT\inf\WBFIRDMA.SYS
00-04-19 08:09 	61510	--a------	C:\WINNT\inf\probedis.exe
00-04-19 07:58 	69702	--a------	C:\WINNT\inf\3cshtdwn.exe
00-04-19 07:56 	49152	--a------	C:\WINNT\inf\3cmlink.exe


(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
 
 
*Note* empty entries & legit default entries are not shown 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Synchronization Manager"="mobsync.exe" [03-06-19 11:05  C:\WINNT\SYSTEM32\mobsync.exe]
"NetscapeClient"="" []
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [06-11-03 18:20 ]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [07-06-11 02:25 ]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="ctfmon.exe" [01-02-20 13:09  C:\WINNT\SYSTEM32\CTFMON.EXE]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [07-02-27 11:39 ]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" /background

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [06-12-20 12:55  77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 07-02-27 11:39  282624 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sglfb.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tga.sys]
@="Driver"

R0 fasttrak;fasttrak;C:\WINNT\system32\DRIVERS\fasttrak.sys
R0 Fd16_700;Fd16_700;C:\WINNT\system32\DRIVERS\fd16_700.sys
R0 IntelATA;Intel Ultra ATA Controller;C:\WINNT\system32\DRIVERS\IntelAta.sys
R0 mraid2k;mraid2k;C:\WINNT\system32\DRIVERS\mraid2k.sys
R1 cdrbsvsd;cdrbsvsd;C:\WINNT\system32\drivers\cdrbsvsd.sys
R1 cmosa;cmosa;C:\WINNT\system32\DRIVERS\cmosa.sys
R1 msikbd2k;Multimedia Keyboard Filter Driver;C:\WINNT\system32\DRIVERS\msikbd2k.sys
R2 ATNT40K;ActiveTouch NT Appsharing Driver;C:\WINNT\system32\DRIVERS\ATNT40K.SYS
R2 atnthost;AT Host Service;"C:\WINNT\DOWNLO~1\WebEx\319\atnthost.exe"
R2 ATNTWINK;ActiveTouch Remote Control Driver;C:\WINNT\system32\DRIVERS\ATNTWINK.SYS
R2 nhksrv;Netropa NHK Server;C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
R3 3c1807pd;U.S. Robotics 56K Fax Win Int;C:\WINNT\system32\DRIVERS\3c1807pd.sys
R3 ati2mtaa;ati2mtaa;C:\WINNT\system32\DRIVERS\ati2mtaa.sys
R3 L8042mou;Logitech SetPoint PS/2 Mouse Filter Driver;C:\WINNT\system32\DRIVERS\L8042mou.Sys
S3 EL90BC;3Com EtherLink XL B/C Adapter Driver;C:\WINNT\system32\DRIVERS\el90xbc5.sys
S3 ichaud;Service for AC'97 Driver (WDM);C:\WINNT\system32\drivers\ichaud.sys
S3 JL2005;JL2005A Toy Camera;C:\WINNT\system32\Drivers\toywdm.sys


Contents of the 'Scheduled Tasks' folder
2007-08-17 02:03:12 C:\WINNT\Tasks\MP Scheduled Scan.job - C:\Program Files\Windows Defender\MpCmdRun.exe
2007-08-11 16:25:20 C:\WINNT\Tasks\Uniblue SpeedUpMyPC.job - C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
2007-08-11 16:25:20 C:\WINNT\Tasks\Uniblue SpeedUpMyPC Nag.job - C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
2007-08-15 09:30:02 C:\WINNT\Tasks\DAILY.job - C:\Program Files\StompSoft\Backup MyPC 6\System\sbestart.exe
2007-08-15 02:55:02 C:\WINNT\Tasks\AppleSoftwareUpdate.job 

**************************************************************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-08-16 19:04:50
Windows 5.0.2195 Service Pack 4 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2007-08-16 19:05:19
C:\ComboFix-quarantined-files.txt ... 07-08-16 19:05 
C:\ComboFix2.txt ... 07-08-16 15:41 

	--- E O F ---