Thread: All Apps close immediately, help please.
View Single Post
Old 10-11-2007, 04:39 PM   #10 (permalink)
drwatson
Registered User
 
Join Date: Oct 2007
Posts: 7
OS: Windows 2000


Re: All Apps close immediately, help please.
Here is the requested info:

ComboFix 07-10-09.3 - lcladmin 10/09/2007 23:23:26.1 - NTFSx86 NETWORK
Running from: C:\Documents and Settings\lcladmin\Desktop\ComboFix.exe
.

((((((((((((((((((((((((( Files Created from 2007-09-10 to 2007-10-10 )))))))))))))))))))))))))))))))
.

2007-10-09 23:22 51,200 --a------ C:\WINNT\NirCmd.exe
2007-10-09 23:06 <DIR> d-------- C:\Documents and Settings\lcladmin\Application Data\Talkback
2007-10-09 23:05 <DIR> d-------- C:\Documents and Settings\lcladmin\Application Data\Google
2007-10-09 21:04 <DIR> d-------- C:\Documents and Settings\Riley\Application Data\Google
2007-10-09 21:03 <DIR> d-------- C:\Documents and Settings\Riley\Application Data\Talkback
2007-10-09 20:33 <DIR> d-------- C:\Documents and Settings\All Users.WINNT\Application Data\TEMP

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-08-17 05:00 --------- d-----w C:\Program Files\RegCleaner
2007-08-17 04:54 --------- d-----w C:\Documents and Settings\cwatson.CWATSONHM\Application Data\RegistrySmart
2007-08-17 04:10 --------- d-----w C:\Documents and Settings\cwatson.CWATSONHM\Application Data\Uniblue
2007-08-13 22:16 --------- d-----w C:\Program Files\Orwell
2007-08-13 21:45 --------- d-----w C:\Documents and Settings\cwatson.CWATSONHM\Application Data\Notepad++
2007-08-11 19:38 --------- d-----w C:\Documents and Settings\cwatson.CWATSONHM\Application Data\eBookPro6
2007-08-10 01:34 --------- d-----w C:\Program Files\SEO Elite
2007-08-04 20:19 93,248 ------w C:\WINNT\Orwell Uninstaller.exe
2004-04-07 14:07 271 ---h--w C:\Program Files\DESKTOP.INI
2004-04-07 14:07 21,952 ---h--w C:\Program Files\FOLDER.HTT
2000-07-26 17:00 32,528 ----a-w C:\WINNT\inf\wbfirdma.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [12/17/03 06:40a]
"Synchronization Manager"="mobsync.exe" [06/19/03 02:05p C:\WINNT\system32\mobsync.exe]
"gcasServ"="E:\Program Files\Microsoft AntiSpyware\gcasServ.exe" [11/15/05 12:12p]
"SetDefPrt"="C:\Program Files\Brother\Brmfl04b\BrStDvPt.exe" [05/25/04 10:16a]
"InetCntrl"="C:\WINNT\system32\InetCntrl\InetCntrl.exe" [01/29/07 11:10a]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [09/01/06 04:57p]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"^SetupICWDesktop"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=interceptor.dll

*Newly Created Service* - CATCHME
.
**************************************************************************

catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-10-09 23:24:48
Windows 5.0.2195 Service Pack 4 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

**************************************************************************
.
Completion time: 10/09/2007 23:25:56
.
--- E O F ---
drwatson is offline