here's the log. thank you so much for your guidance
ComboFix 10-04-29.01 - alexandra arad 04/29/2010 11:51:46.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2046.1460 [GMT -7:00]
Running from: c:\documents and settings\alexandra arad\Desktop\ComboFix.exe
AV: PC-cillin Internet Security - Virus Protection *On-access scanning disabled* (Updated) {7D2296BC-32CC-4519-917E-52E652474AF5}
FW: PC-cillin Internet Security - Firewall *disabled* {3E790E9E-6A5D-4303-A7F9-185EC20F3EB6}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\All Users\Application Data\fiosejgfse.dll
c:\documents and settings\All Users\Application Data\pragmamfeklnmal.dll
c:\documents and settings\All Users\Favorites\_favdata.dat
c:\program files\Digital Protection
c:\program files\Digital Protection\about.ico
c:\program files\Digital Protection\activate.ico
c:\program files\Digital Protection\buy.ico
c:\program files\Digital Protection\dig.db
c:\program files\Digital Protection\digext.dll
c:\program files\Digital Protection\dighook.dll
c:\program files\Digital Protection\digprot.exe
c:\program files\Digital Protection\help.ico
c:\program files\Digital Protection\scan.ico
c:\program files\Digital Protection\settings.ico
c:\program files\Digital Protection\splash.mp3
c:\program files\Digital Protection\Uninstall.exe
c:\program files\Digital Protection\update.ico
c:\program files\Digital Protection\virus.mp3
c:\windows\PRAGMAptiomkplow
c:\windows\PRAGMAptiomkplow\PRAGMAc.dll
c:\windows\PRAGMAptiomkplow\PRAGMAcfg.ini
c:\windows\PRAGMAptiomkplow\PRAGMAd.sys
c:\windows\system32\drivers\ckrntfd.sys
c:\windows\system32\drivers\jsqtvgq.sys
c:\windows\system32\pragmabbr.dll
c:\windows\system32\pragmaserf.dll
c:\windows\system32\PRAGMAsrcr.dat
c:\windows\system32\sqlite3.dll
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_PRAGMAptiomkplow
-------\Legacy_PRAGMAptiomkplow
-------\Legacy_fnswgkv
-------\Legacy_jmyxh
-------\Service_fnswgkv
-------\Service_jmyxh
((((((((((((((((((((((((( Files Created from 2010-03-28 to 2010-04-29 )))))))))))))))))))))))))))))))
.
2010-04-29 17:46 . 2010-04-29 17:46 -------- d-----w- c:\documents and settings\alexandra arad\Application Data\Malwarebytes
2010-04-29 17:46 . 2010-03-30 07:46 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-29 17:46 . 2010-04-29 17:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-04-29 17:46 . 2010-04-29 17:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-04-29 17:46 . 2010-03-30 07:45 20824 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-21 16:38 . 2010-04-13 00:29 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-04-03 17:46 . 2010-04-03 17:46 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-04-01 18:58 . 2010-04-29 18:48 -------- d-----w- c:\documents and settings\alexandra arad\Local Settings\Application Data\PMB Files
2010-04-01 18:58 . 2010-04-01 18:58 -------- d-----w- c:\documents and settings\All Users\Application Data\PMB Files
2010-04-01 18:58 . 2010-04-01 18:58 -------- d-----w- c:\program files\Pando Networks
2010-03-31 12:15 . 2010-03-31 12:15 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Temp
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-29 19:10 . 2009-10-01 18:00 -------- d-----w- c:\documents and settings\alexandra arad\Application Data\Skype
2010-04-29 19:09 . 2009-04-12 19:27 -------- d-----w- c:\program files\IDrive
2010-04-26 05:49 . 2009-03-21 01:06 -------- d-----w- c:\program files\Matrix60
2010-04-22 03:19 . 2009-03-20 23:58 -------- d-----w- c:\program files\Google
2010-04-21 16:38 . 2009-03-12 11:47 -------- d-----w- c:\program files\Java
2010-04-06 17:30 . 2009-03-12 11:34 28190 ----a-w- c:\windows\system32\nvModes.dat
2010-03-31 18:55 . 2009-03-12 11:47 -------- d-----w- c:\program files\Common Files\Java
2010-03-26 07:25 . 2010-03-26 07:23 -------- d-----w- c:\program files\iTunes
2010-03-26 07:24 . 2010-03-26 07:24 -------- d-----w- c:\program files\iPod
2010-03-26 07:24 . 2009-05-10 05:17 -------- d-----w- c:\program files\Common Files\Apple
2010-03-26 07:14 . 2009-03-21 00:18 -------- d-----w- c:\program files\QuickTime
2010-03-26 07:10 . 2009-06-10 05:47 -------- d-----w- c:\program files\Safari
2010-03-09 11:09 . 2004-08-10 18:51 430080 ----a-w- c:\windows\system32\vbscript.dll
2010-02-26 05:43 . 2004-08-10 18:51 667136 ----a-w- c:\windows\system32\wininet.dll
2010-02-26 05:43 . 2004-08-10 18:51 81920 ----a-w- c:\windows\system32\ieencode.dll
2010-02-24 13:11 . 2004-08-10 18:51 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-16 14:08 . 2004-08-10 18:51 2146304 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-02-16 13:25 . 2004-08-04 04:59 2024448 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-02-12 04:33 . 2004-08-10 18:50 100864 ----a-w- c:\windows\system32\6to4svc.dll
2010-02-11 12:02 . 2004-08-10 18:51 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys
2010-01-31 20:01 . 2009-03-25 02:15 24356 ---ha-w- c:\windows\system32\mlfcache.dat
2009-10-29 15:43 . 2009-03-20 23:58 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Gadwin PrintScreen"="c:\program files\Gadwin Systems\PrintScreen\PrintScreen.exe" [2008-12-09 495616]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-06-19 39408]
"OE_OEM"="c:\program files\Trend Micro\Internet Security 14\TMAS_OE\TMAS_OEMon.exe" [2006-08-04 321040]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-09-03 25626408]
"IDriveE Startup"="c:\program files\IDrive\IDrvieEStartup.exe" [2009-09-22 173520]
"Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2010-04-01 2937528]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-07-10 851968]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-06-06 8429568]
"nwiz"="nwiz.exe" [2007-06-06 1626112]
"NVHotkey"="nvHotkey.dll" [2007-06-06 67584]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-06-06 81920]
"OEM02Mon.exe"="c:\windows\OEM02Mon.exe" [2007-08-28 36864]
"Dell QuickSet"="c:\program files\Dell\QuickSet\quickset.exe" [2008-02-22 1245184]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2008-12-16 2289664]
"SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\stsystra.exe" [2008-03-31 405504]
"KADxMain"="c:\windows\system32\KADxMain.exe" [2006-11-02 282624]
"PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2007-11-01 189736]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-10-29 30192]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2006-10-23 620152]
"AirPort Base Station Agent"="c:\program files\AirPort\APAgent.exe" [2009-05-27 753664]
"pccguide.exe"="c:\program files\Trend Micro\Internet Security 14\pccguide.exe" [2006-11-21 1807960]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-11-02 2508104]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-11 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-02-16 141608]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2010-02-18 177472]
"Malwarebytes Anti-Malware (rootkit-scan)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-03-30 1086856]
c:\documents and settings\alexandra arad\Start Menu\Programs\Startup\
IDrive Tray.lnk - c:\program files\IDrive\IDriveEReg2ini.exe [2009-10-16 282624]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Acrobat Speed Launcher.lnk - c:\windows\Installer\{AC76BA86-1033-0000-7760-000000000003}\_SC_Acrobat.exe [2009-3-20 295606]
Adobe Acrobat Synchronizer.lnk - c:\program files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe [2006-10-23 734872]
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 40048]
Adobe Reader Synchronizer.lnk - c:\program files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 734872]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2009-3-12 50688]
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Dell\\MediaDirect\\PCMService.exe"=
"c:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS3\\Server\\bin\\VersionCueCS3.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\AirPort\\APAgent.exe"=
"c:\\WINDOWS\\Blitz\\WinNotif.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Rosetta Stone\\Rosetta Stone Version 3\\support\\bin\\win\\RosettaStoneLtdServices.exe"=
"c:\\Program Files\\Rosetta Stone\\Rosetta Stone Version 3\\RosettaStoneVersion3.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3703:TCP"= 3703:TCP:Adobe Version Cue CS3 Server
"3704:TCP"= 3704:TCP:Adobe Version Cue CS3 Server
"50900:TCP"= 50900:TCP:Adobe Version Cue CS3 Server
"50901:TCP"= 50901:TCP:Adobe Version Cue CS3 Server
"5353:UDP"= 5353:UDP:Bonjour
"58814:TCP"= 58814:TCP:Pando Media Booster
"58814:UDP"= 58814:UDP:Pando Media Booster
R2 CEEBC40A-FDED-4C59-B354-939132350B01;Roxio File Backup Service;c:\program files\Roxio\BackOnTrack\File Backup\FileBackupSVC.exe [5/28/2008 10:07 AM 92656]
R2 IDriveE Service;IDriveE Service;c:\program files\IDrive\IDriveE Service.exe [10/16/2009 9:26 AM 143360]
R2 IDriveWebM;IDrive WebManager;c:\program files\IDrive\IDriveWebM.exe [10/16/2009 9:26 AM 118784]
R2 Tmntsrv;Trend Micro Real-time Service;c:\progra~1\TRENDM~1\INTERN~1\Tmntsrv.exe [9/18/2006 2:50 PM 345696]
R2 TmPfw;Trend Micro Personal Firewall;c:\progra~1\TRENDM~1\INTERN~1\TmPfw.exe [8/29/2006 1:54 PM 923216]
R2 tmpreflt;tmpreflt;c:\windows\system32\drivers\tmpreflt.sys [9/11/2006 4:11 PM 36368]
R2 tmproxy;Trend Micro Proxy Service;c:\progra~1\TRENDM~1\INTERN~1\tmproxy.exe [8/29/2006 1:55 PM 566872]
R3 tmcfw;Trend Micro Common Firewall Service;c:\windows\system32\drivers\TM_CFW.sys [8/29/2006 1:54 PM 280392]
S2 ASTSRV;ASTSRV;c:\windows\system32\AstSrv.exe [5/4/2009 10:54 PM 57344]
S2 gupdate1c9f116e7e2e130;Google Update Service (gupdate1c9f116e7e2e130);c:\program files\Google\Update\GoogleUpdate.exe [6/19/2009 12:48 PM 133104]
S3 GoogleDesktopManager-093009-130223;Google Desktop Manager 5.9.909.30391;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [3/20/2009 4:58 PM 30192]
.
Contents of the 'Scheduled Tasks' folder
2010-03-28 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 19:34]
2010-04-29 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-25 19:47]
2010-04-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-19 19:48]
2010-04-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-19 19:48]
.
.
------- Supplementary Scan -------
.
uStart Page =
hxxp://www.google.com/mStart Page =
hxxp://www.dell.comuInternet Connection Wizard,ShellNext =
hxxp://www.dell.com/uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) =
hxxp://www.google.com/search/?q=%sIE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
FF - ProfilePath - c:\documents and settings\alexandra arad\Application Data\Mozilla\Firefox\Profiles\ceen4st8.default\
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1601.7122\npCIDetect13.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npPandoWebInst.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2010-04-29 12:06
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
c:\windows\System32\WLTRYSVC.EXE
c:\windows\System32\bcmwltry.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\crypserv.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\progra~1\TRENDM~1\INTERN~1\PcCtlCom.exe
c:\progra~1\TRENDM~1\INTERN~1\PccGuide.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\RUNDLL32.EXE
c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\IDrive\IDriveETray.exe
c:\program files\IDrive\IDriveEBackground.exe
.
**************************************************************************
.
Completion time: 2010-04-29 12:16:35 - machine was rebooted
ComboFix-quarantined-files.txt 2010-04-29 19:16
Pre-Run: 4,651,819,008 bytes free
Post-Run: 6,129,270,784 bytes free
- - End Of File - - 4005EB78B152839208DBC6F2A8880820