ComboFix 10-04-15.05 - Owner 04/17/2010 19:57:07.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1150.661 [GMT -7:00]
Running from: c:\documents and settings\Owner\Desktop\Combo-Fix.exe
Command switches used :: c:\documents and settings\Owner\Desktop\CFScript.txt
AV: Kaspersky Anti-Virus *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Anti-Virus *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
.
((((((((((((((((((((((((( Files Created from 2010-03-18 to 2010-04-18 )))))))))))))))))))))))))))))))
.
2010-04-15 00:13 . 2010-04-15 00:13 86016 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\arh.exe
2010-04-15 00:07 . 2010-04-15 00:07 -------- d-----w- c:\documents and settings\Default User\Local Settings\Application Data\Adobe
2010-04-15 00:05 . 2010-02-01 01:45 38784 ----a-w- c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-04-15 00:05 . 2010-02-01 01:45 38784 ----a-w- c:\documents and settings\Default User\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-04-15 00:05 . 2010-04-15 00:05 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-04-14 21:41 . 2010-04-14 21:41 37248 ----a-w- c:\windows\system32\drivers\isapnp.sys
2010-04-14 19:36 . 2010-04-14 19:36 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Apple Computer
2010-04-14 18:44 . 2010-04-14 18:44 -------- d-----w- c:\documents and settings\Owner\Application Data\Malwarebytes
2010-04-14 18:44 . 2010-03-30 07:46 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-14 18:44 . 2010-04-14 20:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-04-14 18:44 . 2010-04-14 18:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-04-14 18:44 . 2010-03-30 07:45 20824 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-13 18:39 . 2010-04-13 18:39 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Apple Computer
2010-04-12 23:57 . 2010-04-12 23:57 152576 ----a-w- c:\documents and settings\Owner\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2010-04-12 20:38 . 2010-04-12 20:38 -------- d-----w- c:\program files\FileZilla FTP Client
2010-04-12 18:48 . 2010-04-12 18:48 36488 ----a-w- c:\windows\system32\drivers\klmdb.sys
2010-04-12 05:43 . 2010-04-12 05:43 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2010-04-12 01:27 . 2010-04-12 01:27 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2010-04-12 01:16 . 2010-04-13 16:56 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-04-12 01:16 . 2010-04-12 01:16 552 ----a-w- c:\windows\system32\d3d8caps.dat
2010-04-12 01:16 . 2010-04-12 01:16 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Adobe
2010-03-30 21:27 . 2010-03-30 21:27 -------- d-----w- c:\documents and settings\Owner\Application Data\pdf995
2010-03-30 21:22 . 2010-04-12 00:33 -------- d-----w- c:\documents and settings\All Users\Application Data\pdf995
2010-03-30 21:22 . 2007-08-24 18:13 142 ----a-w- c:\windows\wpd99.drv
2010-03-30 21:22 . 2010-03-30 21:22 51716 ----a-w- c:\windows\system32\pdf995mon.dll
2010-03-30 21:22 . 2010-03-30 21:22 249856 ----a-w- c:\windows\system32\pdfmona.dll
2010-03-26 17:49 . 2010-03-26 17:49 -------- d-----w- C:\shop3
2010-03-22 19:27 . 2010-03-22 19:27 3743944 ----a-w- c:\documents and settings\All Users\Application Data\TaxCut\2009\Downloads\HRBlockCA.exe
2010-03-22 05:09 . 2010-03-22 05:09 -------- d-----w- c:\program files\3ivx
2010-03-22 05:09 . 2010-03-22 05:09 -------- d-----w- c:\program files\Flip Video
2010-03-22 05:09 . 2010-03-22 05:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Flip Video
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-17 16:35 . 2009-04-20 05:32 -------- d-----w- c:\documents and settings\All Users\Application Data\Viewpoint
2010-04-17 16:29 . 2009-05-05 23:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2010-04-17 16:12 . 2009-07-12 02:50 720 ----a-w- c:\documents and settings\All Users\Application Data\ArcSoft\kodak-printcreations-22-080812-oem\acforall.dll
2010-04-16 23:53 . 2009-05-05 23:20 7132192 --sha-w- c:\windows\system32\drivers\fidbox.dat
2010-04-16 23:53 . 2009-05-05 23:20 56800 --sha-w- c:\windows\system32\drivers\fidbox.idx
2010-04-16 23:53 . 2009-05-05 23:20 5420 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2010-04-16 23:53 . 2009-05-05 23:20 1269792 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2010-04-16 20:49 . 2009-06-13 23:49 -------- d-----w- c:\program files\iWin Games
2010-04-16 04:56 . 2009-08-28 23:53 -------- d-----w- c:\documents and settings\Owner\Application Data\U3
2010-04-16 04:55 . 2009-08-28 23:55 110592 ----a-w- c:\documents and settings\Owner\Application Data\U3\temp\cleanup.exe
2010-04-16 04:55 . 2009-08-28 23:53 3096576 ---ha-w- c:\documents and settings\Owner\Application Data\U3\temp\Launchpad Removal.exe
2010-04-15 23:57 . 2008-10-10 19:12 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2010-04-15 00:15 . 2008-10-10 19:15 -------- d-----w- c:\program files\Common Files\Adobe
2010-04-14 23:01 . 2010-01-04 23:23 -------- d-----w- c:\documents and settings\Owner\Application Data\FileZilla
2010-04-14 21:46 . 2010-04-14 21:46 37248 ----a-w- c:\windows\system32\drivers\OLD76.tmp
2010-04-14 21:45 . 2010-04-14 21:44 37248 ----a-w- c:\windows\system32\drivers\OLD73.tmp
2010-04-14 21:44 . 2010-04-14 21:44 37248 ----a-w- c:\windows\system32\drivers\OLD70.tmp
2010-04-14 21:42 . 2010-04-14 21:42 37248 ----a-w- c:\windows\system32\drivers\OLD6C.tmp
2010-04-14 21:40 . 2010-04-14 21:40 37248 ----a-w- c:\windows\system32\drivers\OLD65.tmp
2010-04-14 21:39 . 2010-04-14 21:39 37248 ----a-w- c:\windows\system32\drivers\OLD61.tmp
2010-04-14 21:36 . 2010-04-14 21:36 37248 ----a-w- c:\windows\system32\drivers\OLD5A.tmp
2010-04-14 21:34 . 2010-04-14 21:34 37248 ----a-w- c:\windows\system32\drivers\OLD56.tmp
2010-04-14 21:33 . 2010-04-14 21:33 37248 ----a-w- c:\windows\system32\drivers\OLD52.tmp
2010-04-14 21:30 . 2010-04-14 21:30 37248 ----a-w- c:\windows\system32\drivers\OLD4B.tmp
2010-04-14 21:27 . 2010-04-14 21:27 37248 ----a-w- c:\windows\system32\drivers\OLD47.tmp
2010-04-14 21:23 . 2010-04-14 21:23 37248 ----a-w- c:\windows\system32\drivers\OLD40.tmp
2010-04-14 21:22 . 2010-04-14 21:22 37248 ----a-w- c:\windows\system32\drivers\OLD3B.tmp
2010-04-14 21:20 . 2010-04-14 21:20 37248 ----a-w- c:\windows\system32\drivers\OLD33.tmp
2010-04-14 21:18 . 2010-04-14 21:18 37248 ----a-w- c:\windows\system32\drivers\OLD2E.tmp
2010-04-14 21:16 . 2010-04-14 21:16 37248 ----a-w- c:\windows\system32\drivers\OLD22.tmp
2010-04-14 21:14 . 2010-04-14 21:14 37248 ----a-w- c:\windows\system32\drivers\OLD1B.tmp
2010-04-14 18:44 . 2010-04-14 21:41 37248 ----a-w- c:\windows\system32\drivers\OLD69.tmp
2010-04-14 18:44 . 2010-04-14 21:17 37248 ----a-w- c:\windows\system32\drivers\OLD27.tmp
2010-04-12 23:59 . 2009-05-05 18:57 -------- d-----w- c:\program files\Java
2010-04-12 23:56 . 2009-12-01 11:31 79488 ----a-w- c:\documents and settings\Owner\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2010-04-12 18:48 . 2010-04-12 18:48 96512 ----a-w- c:\windows\system32\drivers\tskC.tmp
2010-04-12 00:52 . 2010-03-18 21:13 -------- d-----w- c:\program files\DeductionPro 2009
2010-04-12 00:33 . 2009-02-22 22:21 -------- d-----w- c:\documents and settings\Owner\Application Data\TaxCut
2010-04-10 19:26 . 2009-03-02 07:44 -------- d-----w- c:\program files\Safari
2010-04-10 19:24 . 2008-10-21 05:50 -------- d-----w- c:\program files\Common Files\Apple
2010-04-09 06:47 . 2008-10-09 20:01 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-04-08 18:18 . 2009-12-02 01:57 -------- d-----w- c:\documents and settings\Owner\Application Data\Any Audio Converter
2010-04-01 20:31 . 2009-05-31 17:30 116300 ---ha-w- c:\windows\system32\mlfcache.dat
2010-03-30 21:22 . 2009-02-22 22:15 -------- d-----w- c:\program files\PDF995
2010-03-19 17:24 . 2009-06-08 16:16 -------- d-----w- c:\program files\iWin.com
2010-03-18 21:15 . 2010-03-18 21:14 21195208 ----a-w- c:\documents and settings\All Users\Application Data\TaxCut\2009\Update\US30026901xupd.exe
2010-03-18 21:13 . 2008-10-08 03:10 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-03-18 21:12 . 2010-03-18 21:11 -------- d-----w- c:\program files\HRBlock2009
2010-03-18 21:06 . 2009-02-22 22:12 -------- d-----w- c:\documents and settings\All Users\Application Data\TaxCut
2010-03-13 02:14 . 2010-03-13 02:14 20 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\bases\apu\ForDiff\apu0001.dat.exe
2010-03-12 18:50 . 2010-03-12 18:50 114330 ----a-w- c:\documents and settings\All Users\SPLD.tmp
2010-03-12 18:37 . 2010-03-12 18:37 115562 ----a-w- c:\documents and settings\All Users\SPL3ED3.tmp
2010-03-10 06:15 . 2003-07-16 20:49 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-03-08 19:26 . 2009-09-27 01:50 -------- d-----w- c:\documents and settings\Owner\Application Data\Any DVD Converter Professional
2010-03-04 11:00 . 2010-03-04 11:00 79144 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 5.31.22.7\SetupAdmin.exe
2010-02-28 00:26 . 2010-02-28 00:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Musicnotes
2010-02-28 00:15 . 2008-10-08 04:35 147584 ----a-w- c:\documents and settings\Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-02-28 00:15 . 2010-02-28 00:15 -------- d-----w- c:\documents and settings\Owner\Application Data\Sibelius Software
2010-02-28 00:15 . 2010-02-28 00:14 -------- d-----w- c:\program files\Musicnotes
2010-02-28 00:07 . 2008-10-09 20:00 -------- d-----w- c:\program files\Games
2010-02-27 23:49 . 2008-10-09 20:01 -------- d-----w- c:\documents and settings\All Users\Application Data\BigFishGamesCache
2010-02-25 06:24 . 2003-07-16 20:51 916480 ----a-w- c:\windows\system32\wininet.dll
2010-02-24 18:13 . 2008-10-13 19:24 -------- d-----w- c:\program files\WS_FTP
2010-02-24 13:11 . 2003-07-16 20:34 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-21 03:10 . 2010-02-21 03:10 13664 ----a-w- c:\documents and settings\All Users\SPL6B4.tmp
2010-02-17 16:10 . 2003-07-16 20:39 2189952 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-02-16 13:25 . 2002-08-29 01:04 2066816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-02-12 04:33 . 2003-07-16 20:23 100864 ----a-w- c:\windows\system32\6to4svc.dll
2010-02-11 12:02 . 2003-07-16 20:47 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys
2009-12-02 01:57 . 2009-12-02 01:57 15203738 ----a-w- c:\program files\any-audio-converter.exe
2009-12-02 01:49 . 2009-12-02 01:49 15386889 ----a-w- c:\program files\avc-free.exe
2009-06-05 17:40 . 2009-06-05 17:40 38709280 ----a-w- c:\program files\kav8.0.0.506en.exe
2009-05-22 20:15 . 2009-05-22 20:15 434832 ----a-w- c:\program files\switchsetup.exe
2009-05-14 18:15 . 2009-05-14 18:15 140800 ----a-w- c:\program files\ODMediaConsoleSetup.exe
2009-03-02 07:43 . 2009-03-02 07:43 26699048 ----a-w- c:\program files\SafariSetup.exe
2009-02-03 11:59 . 2009-02-03 11:59 1226 ----a-w- c:\program files\setup.reg
2008-11-14 09:52 . 2008-11-14 09:52 41937 ----a-w- c:\program files\release_notes_kav8.0cf2_en.html
2008-11-13 17:23 . 2008-11-13 17:23 40375808 ----a-w- c:\program files\kav.en.msi
2008-11-04 18:53 . 2008-11-04 18:53 5166072 ----a-w- c:\program files\msgrplus.exe
2008-10-28 17:25 . 2008-10-28 17:25 283843 ----a-w- c:\program files\youmurdererbb_tt.zip
2008-10-21 05:49 . 2008-10-21 05:49 67167528 ----a-w- c:\program files\iTunes801Setup.exe
2008-10-17 20:37 . 2008-10-15 20:40 1851544 ----a-w- c:\program files\install_flash_player.exe
2008-10-09 20:01 . 2008-10-09 20:01 0 ----a-w- c:\program files\temp01
2008-10-09 00:27 . 2008-10-09 00:27 50689960 ----a-w- c:\program files\avg_free_stf_en_8_173a1373.exe
2008-10-09 00:22 . 2008-10-09 00:22 19153264 ----a-w- c:\program files\aaw2008.exe
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
--- c:\windows\system32\drivers\isapnp.sys ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File size: 37248
Created time: 2010-04-14 21:41
Modified time: 2010-04-14 21:41
MD5: A1CB15AB32964320AD96FAB749D30BD4
SHA1: D8E29A451EA55547EB05B92941270F8507EEAEAD
((((((((((((((((((((((((((((( SnapShot@2010-04-16_20.53.25 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-04-17 16:13 . 2010-04-17 16:13 16384 c:\windows\Temp\Perflib_Perfdata_24c.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"eFax 4.4"="c:\program files\eFax Messenger 4.4\J2GDllCmd.exe" [2008-10-07 95744]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\System32\igfxtray.exe" [2003-10-02 155648]
"HotKeysCmds"="c:\windows\System32\hkcmd.exe" [2003-10-02 118784]
"YBrowser"="c:\progra~1\Yahoo!\browser\ybrwicon.exe" [2006-07-21 129536]
"BJCFD"="c:\program files\BroadJump\Client Foundation\CFD.exe" [2002-09-11 368706]
"IPInSightLAN 01"="c:\program files\Visual Networks\Visual IP InSight\SBC\IPClient.exe" [2003-06-11 380928]
"IPInSightMonitor 01"="c:\program files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe" [2003-06-11 122880]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-06 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-01-06 290088]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" [2009-07-21 208616]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2009-10-10 203264]
"lxdwmon.exe"="c:\program files\Lexmark 7600 Series\lxdwmon.exe" [2008-09-10 676520]
"lxdwamon"="c:\program files\Lexmark 7600 Series\lxdwamon.exe" [2008-09-10 16040]
"Lexmark 7600 Series Fax Server"="c:\program files\Lexmark 7600 Series\fm3032.exe" [2008-09-10 311976]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
c:\documents and settings\Owner\Start Menu\Programs\Startup\
eFax 4.4.lnk - c:\program files\eFax Messenger 4.4\J2GTray.exe [2008-10-7 656896]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-10-14 113664]
Event Reminder.lnk - c:\program files\Broderbund\PrintMaster\pmremind.exe [2009-2-17 331776]
Kodak EasyShare software.lnk - c:\program files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2008-10-30 282624]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\WS_FTP\\WS_FTP95.exe"=
"c:\\wamp\\bin\\apache\\Apache2.2.11\\bin\\httpd.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"c:\\WINDOWS\\system32\\lxdwcoms.exe"=
"c:\\Program Files\\iWin Games\\iWinGames.exe"=
"c:\\Program Files\\iWin Games\\WebUpdater.exe"=
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [1/29/2008 5:29 PM 33808]
R2 iWinTrusted;iWinTrusted;c:\program files\iWin Games\iWinTrusted.exe [1/21/2010 12:12 PM 78104]
R2 lxdw_device;lxdw_device;c:\windows\system32\lxdwcoms.exe -service --> c:\windows\system32\lxdwcoms.exe -service [?]
R2 lxdwCATSCustConnectService;lxdwCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxdwserv.exe [8/7/2009 1:01 PM 98984]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [4/30/2008 5:06 PM 24592]
S3 klmd21;klmd21;c:\windows\system32\drivers\klmd.sys --> c:\windows\system32\drivers\klmd.sys [?]
--- Other Services/Drivers In Memory ---
*NewlyCreated* - KGTYQPOB
*Deregistered* - IPVNMon
*Deregistered* - kgtyqpob
.
Contents of the 'Scheduled Tasks' folder
2010-04-17 c:\windows\Tasks\User_Feed_Synchronization-{54802705-6404-494B-8E69-3EC5B0EF9994}.job
- c:\windows\system32\msfeedssync.exe [2007-08-14 11:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
.
- - - - ORPHANS REMOVED - - - -
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-17 20:06
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-527237240-115176313-839522115-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'explorer.exe'(660)
c:\windows\system32\WININET.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2010-04-17 20:09:44
ComboFix-quarantined-files.txt 2010-04-18 03:09
ComboFix2.txt 2010-04-16 21:10
Pre-Run: 279,855,607,808 bytes free
Post-Run: 279,810,387,968 bytes free
- - End Of File - - C3DF4C43869B78239D06D54DF55EBA36