Isn't spybot and adaware and programs like them anti virus? I use them regularly.
ComboFix 08-01-03.4 - Chad Irwin 2008-01-03 6:34:30.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1557 [GMT -5:00]
Running from: C:\Documents and Settings\Chad Irwin\Desktop\ComboFix.exe
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\kdgzu.exe
.
((((((((((((((((((((((((( Files Created from 2007-12-03 to 2008-01-03 )))))))))))))))))))))))))))))))
.
2008-01-03 06:33 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-02 21:44 . 2008-01-02 21:44 <DIR> d-------- C:\Deckard
2008-01-02 18:48 . 2008-01-02 18:52 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2008-01-02 18:48 . 2008-01-02 18:48 <DIR> d-------- C:\Documents and Settings\Chad Irwin\Application Data\SUPERAntiSpyware.com
2008-01-02 18:48 . 2008-01-02 18:48 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2007-12-30 19:16 . 2007-12-31 09:28 <DIR> d-------- C:\Documents and Settings\Chad Irwin\Application Data\Move Networks
2007-12-25 20:24 . 2005-05-03 05:43 69,632 -r------- C:\WINDOWS\Alcmtr.exe
2007-12-15 17:41 . 2007-12-29 19:35 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2007-12-15 17:41 . 2007-12-15 17:41 1,409 --a------ C:\WINDOWS\QTFont.for
2007-12-03 17:58 . 2007-12-03 18:28 <DIR> d-------- C:\Documents and Settings\Chad Irwin\Application Data\Creative
2007-12-03 17:55 . 2000-05-22 03:58 647,872 --------- C:\WINDOWS\system32\Mscomct2.ocx
2007-12-03 17:55 . 1999-10-10 12:00 41,984 --------- C:\WINDOWS\Ctregrun.exe
2007-12-03 17:55 . 2007-12-03 17:55 183 --a------ C:\WINDOWS\setuplog
2007-12-03 17:54 . 2007-12-03 17:55 <DIR> d-------- C:\Program Files\Creative
2007-12-03 17:54 . 1999-12-12 12:01 44,032 --------- C:\WINDOWS\system32\CTSVCCDA.EXE
2007-12-03 17:54 . 1999-11-17 12:00 25,088 --------- C:\WINDOWS\system32\CTSVCCTL.EXE
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2008-01-03 02:42 --------- d-----w C:\Documents and Settings\Chad Irwin\Application Data\OpenOffice.org2
2008-01-02 23:48 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-01-02 23:07 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-12-26 01:24 --------- d-----w C:\Program Files\Realtek
2007-12-23 13:12 --------- d-----w C:\Program Files\Finale NotePad 2007
2007-12-20 22:52 --------- d-s---w C:\Program Files\Xfire
2007-12-20 02:16 --------- d-----w C:\Documents and Settings\Chad Irwin\Application Data\Xfire
2007-12-14 00:12 --------- d-----w C:\Documents and Settings\Chad Irwin\Application Data\FrostWire
2007-12-03 22:55 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-11-27 23:00 --------- d-----w C:\Program Files\Real
2007-11-27 22:58 --------- d-----w C:\Program Files\Common Files\Real
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-10-29 22:43 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-27 22:40 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"Creative Detector"="C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" [2004-12-02 18:23 102400]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-06-21 14:06 1318912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"SkyTel"="SkyTel.EXE" [2006-05-16 05:04 2879488 C:\WINDOWS\SkyTel.exe]
"JMB36X Configure"="C:\WINDOWS\system32\JMRaidTool.exe" [2006-07-12 04:47 352256]
"GW Port Controller"="C:\Program Files\Samsung\SmarThru\PORTCTRL.EXE" [2003-06-03 13:05 163840]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 02:06 40048]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0\bin\jusched.exe" [2007-09-09 12:10 77824]
"RTHDCPL"="RTHDCPL.EXE" [2006-07-21 03:56 16261632 C:\WINDOWS\RTHDCPL.exe]
[hkey_local_machine\software\microsoft\windows\curr entversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Chad Irwin^Start Menu^Programs^Startup^OpenOffice.org 2.2.lnk]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\MSMSGS.EXE /background
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe -atboottime
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2003-10-31 18:42 32768 --a------ C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files\Valve\Steam\\Steam.exe -silent
.
************************************************** ************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2008-01-03 06:38:14
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
************************************************** ************************
.
Completion time: 2008-01-03 6:39:47 - machine was rebooted
ComboFix-quarantined-files.txt 2008-01-03 11:39:45
.
2007-12-21 11:29:23 --- E O F ---