I hope (once again) that we're making positive progress!
Miguel V.
**********
ComboFix 09-02-24.02 - Customer 2009-02-25 15:15:50.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1015.588 [GMT -5:00]
Running from: c:\documents and settings\Customer\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated)
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((( Files Created from 2009-01-25 to 2009-02-25 )))))))))))))))))))))))))))))))
.
2009-02-15 14:47 . 2009-02-15 14:46 410,984 --a--c--- c:\windows\system32\deploytk.dll
2009-02-12 00:35 . 2009-02-12 00:35 <DIR> d----c--- c:\documents and settings\LocalService\Application Data\DivX
2009-02-11 21:56 . 2009-02-11 21:56 <DIR> d----c--- c:\documents and settings\LocalService\Application Data\Roxio
2009-02-11 21:56 . 2009-02-11 21:56 <DIR> d----c--- c:\documents and settings\Customer\Application Data\Roxio
2009-02-10 20:57 . 2009-02-10 20:57 <DIR> d----c--- c:\documents and settings\Customer\Application Data\Blackberry Desktop
2009-02-10 20:52 . 2009-02-12 20:10 256 --a--c--- c:\documents and settings\Customer\pool.bin
2009-02-10 00:10 . 2009-02-10 00:10 <DIR> d----c--- c:\documents and settings\Customer\Application Data\Sprint
2009-02-09 23:32 . 2008-10-15 11:58 27,072 --a--c--- c:\windows\system32\drivers\PCASp50.sys
2009-02-09 23:32 . 2005-03-15 11:11 17,920 --a--c--- c:\windows\system32\apintfnt.dll
2009-02-09 23:29 . 2009-02-09 23:32 <DIR> d----c--- c:\program files\Sierra Wireless
2009-02-09 23:28 . 2009-02-09 23:28 <DIR> d----c--- c:\program files\Sprint
2009-02-09 23:28 . 2009-02-09 23:28 <DIR> d----c--- c:\program files\Novatel Wireless
2009-02-09 23:28 . 2009-02-09 23:31 <DIR> d----c--- c:\program files\Common Files\Motorola Shared
2009-02-09 23:28 . 2009-02-09 23:28 <DIR> d----c--- c:\documents and settings\All Users\Application Data\Sprint
2009-02-09 23:24 . 2009-02-09 23:24 <DIR> d----c--- c:\documents and settings\Customer\Application Data\Research In Motion
2009-02-09 23:24 . 2009-02-23 22:43 256 --a--c--- c:\windows\system32\pool.bin
2009-02-09 22:54 . 2009-02-09 22:54 <DIR> d----c--- c:\documents and settings\All Users\Application Data\Sonic
2009-02-09 22:49 . 2009-02-09 22:52 <DIR> d----c--- c:\program files\Roxio
2009-02-09 22:49 . 2009-02-09 22:53 <DIR> d----c--- c:\program files\Common Files\Sonic Shared
2009-02-09 22:49 . 2009-02-09 22:51 <DIR> d----c--- c:\program files\Common Files\Roxio Shared
2009-02-09 22:49 . 2009-02-09 23:00 <DIR> d----c--- c:\documents and settings\All Users\Application Data\Roxio
2009-02-09 22:43 . 2007-01-18 10:24 26,496 -ra--c--- c:\windows\system32\drivers\RimSerial.sys
2009-02-09 22:41 . 2009-02-09 22:41 <DIR> d----c--- c:\program files\Research In Motion
2009-02-09 22:41 . 2009-02-10 21:52 <DIR> d----c--- c:\program files\Common Files\Research In Motion
2009-02-09 22:30 . 2009-02-09 22:30 <DIR> d--hsc--- c:\windows\ftpcache
2009-02-02 23:03 . 2008-12-17 00:55 195,096 --a--c--- c:\windows\system32\lvci11901262.dll
2009-02-01 03:00 . 2009-02-01 03:00 <DIR> d----c--- c:\program files\Microsoft CAPICOM 2.1.0.2
2009-01-30 18:31 . 2009-02-22 16:02 <DIR> d----c--- c:\documents and settings\Customer\Application Data\skypePM
2009-01-30 18:31 . 2009-01-30 18:31 56 --ah-c--- c:\windows\system32\ezsidmv.dat
2009-01-30 18:29 . 2009-02-22 16:52 <DIR> d----c--- c:\documents and settings\Customer\Application Data\Skype
2009-01-30 18:28 . 2009-01-30 18:29 <DIR> d----c--- c:\program files\Skype
2009-01-30 18:28 . 2009-01-30 18:28 <DIR> d----c--- c:\program files\Common Files\Skype
2009-01-30 18:28 . 2009-01-30 18:28 <DIR> d----c--- c:\documents and settings\All Users\Application Data\Skype
2009-01-30 18:16 . 2009-01-30 18:16 10,520 --a--c--- c:\windows\system32\avgrsstx.dll.prepare
2009-01-30 18:09 . 2009-01-30 18:09 127,034 -r---c--- c:\windows\bwUnin-8.1.1.50-8876480SL.exe
2009-01-30 18:05 . 2009-02-02 23:04 <DIR> d----c--- c:\program files\Common Files\LogiShrd
2009-01-30 18:05 . 2009-02-02 23:01 <DIR> d----c--- c:\documents and settings\All Users\Application Data\Logishrd
2009-01-30 18:04 . 2009-01-30 18:04 <DIR> d----c--- c:\documents and settings\All Users\Application Data\Logitech
2009-01-30 09:04 . 2009-01-30 09:04 <DIR> d--hsc--- c:\documents and settings\Customer\IECompatCache
2009-01-30 09:01 . 2009-01-30 09:01 <DIR> d--hsc--- c:\documents and settings\Customer\IETldCache
2009-01-30 08:53 . 2009-01-30 08:54 <DIR> d--h-c--- c:\windows\ie8
2009-01-30 08:49 . 2009-01-11 00:00 79,360 -----c--- c:\windows\system32\dllcache\iecompat.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-25 20:24 --------- dc----w c:\program files\DNA
2009-02-25 20:24 --------- dc----w c:\documents and settings\Customer\Application Data\DNA
2009-02-25 03:10 --------- dc----w c:\documents and settings\All Users\Application Data\Google Updater
2009-02-23 20:56 --------- dc----w c:\documents and settings\Customer\Application Data\StarOffice8
2009-02-23 20:40 --------- dc----w c:\documents and settings\Customer\Application Data\U3
2009-02-15 19:46 --------- dc----w c:\program files\Java
2009-02-11 08:02 --------- dc----w c:\documents and settings\All Users\Application Data\Microsoft Help
2009-02-11 01:51 --------- dc----w c:\documents and settings\Customer\Application Data\InstallShield
2009-02-10 07:04 0 -c--a-w c:\windows\system32\drivers\lvuvc.hs
2009-02-10 05:05 0 -c--a-w c:\windows\system32\drivers\logiflt.iad
2009-02-08 23:22 --------- dc----w c:\documents and settings\All Users\Application Data\BiblePro
2009-02-03 04:01 --------- dc----w c:\program files\Logitech
2009-02-01 22:40 --------- dc-h--w c:\program files\InstallShield Installation Information
2009-01-30 23:16 325,128 -c--a-w c:\windows\system32\drivers\avgldx86.sys
2009-01-30 23:12 --------- dc----w c:\documents and settings\All Users\Application Data\avg8
2009-01-21 15:19 --------- dc----w c:\program files\BibleMax
2009-01-21 15:17 --------- dc----w c:\program files\BiblePro
2009-01-03 21:42 --------- dc----w c:\program files\Notebook Maximizer
2008-12-28 00:16 --------- dc----w c:\program files\Opera
2008-12-25 03:19 --------- dc----w c:\program files\Nitro PDF
2008-10-22 03:17 122,880 -c--a-w c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
2008-05-09 04:58 32,768 -csha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008050920080510\index.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{CF070CB8-F02F-4af4-A7B7-8D45CAD4BB54}]
2008-12-22 13:07 451928 --a--c--- c:\program files\Nitro PDF\PDF Download\NitroPDF.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2008-12-21 342848]
"Google Update"="c:\documents and settings\Customer\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2008-10-05 133104]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Tvs"="c:\program files\Toshiba\Tvs\TvsTray.exe" [2005-04-05 73728]
"THotkey"="c:\program files\Toshiba\Toshiba Applet\thotkey.exe" [2005-08-10 356352]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2004-10-14 98394]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2004-10-14 688218]
"PadTouch"="c:\program files\TOSHIBA\Touch and Launch\PadExe.exe" [2004-09-07 1077301]
"SmoothView"="c:\program files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe" [2005-04-26 122880]
"Pinger"="c:\toshiba\ivp\ism\pinger.exe" [2005-03-17 151552]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2004-10-15 385024]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-02-15 136600]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"Notebook Maximizer"="c:\program files\Notebook Maximizer\maximizer_startup.exe" [2004-05-25 28672]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-01-30 1601304]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-01-13 131072]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-01-13 163840]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-01-13 135168]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-10-01 111936]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-10-21 29744]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-11-04 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2008-12-20 2656528]
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2007-08-16 236016]
"Sprint SmartView"="c:\program files\Sprint\Sprint SmartView\SprintSV.exe" [2008-10-15 17664]
"AGRSMMSG"="AGRSMMSG.exe" [2005-04-12 c:\windows\agrsmmsg.exe]
"TFncKy"="TFncKy.exe" [BU]
"TPSMain"="TPSMain.exe" [2005-05-31 c:\windows\system32\TPSMain.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"MySpaceIM"="c:\program files\MySpace\IM\MySpaceIM.exe" [2008-04-17 9117696]
c:\documents and settings\Customer\Start Menu\Programs\Startup\
Logitech . Product Registration.lnk - c:\program files\Logitech\QuickCam\eReg.exe [2008-11-07 517384]
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2007-12-07 101440]
StarOffice 8.lnk - c:\program files\Sun\StarOffice 8\program\quickstart.exe [2008-01-21 122880]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2009-01-30 66864]
RAMASST.lnk - c:\windows\system32\RAMASST.exe [2005-07-28 155648]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-05-26 123904]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless]
2004-10-15 13:27 110592 c:\program files\Intel\Wireless\Bin\LgNotify.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-01-30 18:11 10520 c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.wmv3"= c:\progra~1\COMBIN~1\Filters\wmv9vcm.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^ WinCinema Manager.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\ WinCinema Manager.lnk
backup=c:\windows\pss\ WinCinema Manager.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
-----c--- 2008-04-13 19:12 1695232 c:\program files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a--c--- 2008-11-04 10:30 413696 c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
--a--c--- 2007-06-11 19:16 4670968 c:\program files\Yahoo!\Messenger\YahooMessenger.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\TOSHIBA\\ivp\\NetInt\\Netint.exe"=
"c:\\TOSHIBA\\Ivp\\ISM\\pinger.exe"= c:\\TOSHIBA\\IVP\\ISM\\pinger.exe
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Program Files\\Roxio\\Media Manager 9\\MediaManager9.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-05-24 325128]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-01-30 298264]
S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2008-10-21 29744]
S3 samhid;samhid;c:\windows\system32\drivers\samhid.sys --> c:\windows\system32\drivers\samhid.sys [?]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2ddc8773-e309-11dd-b409-0013ce9162ed}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL system.exe
\Shell\Explore\command - E:\system.exe
\Shell\Open\command - E:\system.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2ddc8778-e309-11dd-b409-0013ce9162ed}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL system.exe
\Shell\Explore\command - E:\system.exe
\Shell\Open\command - E:\system.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{77a77d08-1ac1-11dc-b3af-0013ce9162ed}]
\Shell\AutoRun\command - G:\LaunchU3.exe -a
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder
2009-02-19 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
2009-02-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1751850180-2582646365-3272313239-1006.job
- c:\documents and settings\Customer\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-10-05 21:44]
2009-02-25 c:\windows\Tasks\User_Feed_Synchronization-{6AFD7730-34C2-457B-96E8-B56EDACA0C02}.job
- c:\windows\system32\msfeedssync.exe [2009-01-15 02:01]
.
- - - - ORPHANS REMOVED - - - -
HKCU-Run-Start WingMan Profiler - (no file)
MSConfigStartUp-EA Core - c:\program files\Electronic Arts\EA Link\Core.exe
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.uta.edu/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = *.local
IE: Add to EverNote - c:\program files\EverNote\EverNote\enbar.dll/2000
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Lookup on CD - c:\ahd4withthesaurus\ahd.htm
IE: Save Page As PDF ... - file://c:\program files\Nitro PDF\PDF Download\nitroweb.htm
IE: {{AD9E6088-E00B-42f9-9F0C-8480525D234E} - {FF5073C0-28A0-4223-9BDF-59FF020FE77C} - c:\program files\Nitro PDF\PDF Download\NitroPDF.dll
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FF - ProfilePath - c:\documents and settings\Customer\Application Data\Mozilla\Firefox\Profiles\riwov295.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: network.proxy.type - 1
FF - component: c:\documents and settings\Customer\Application Data\Mozilla\Firefox\Profiles\riwov295.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}\platform\WINNT\components\FoxyTunes.dll
FF - component: c:\documents and settings\Customer\Application Data\Mozilla\Firefox\Profiles\riwov295.default\extensions\piclens@cooliris.com\components\coolirisstub.dll
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\documents and settings\Customer\Local Settings\Application Data\Google\Update\1.2.141.5\npGoogleOneClick7.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1368.5602\npCIDetect13.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\Opera\program\plugins\npdivx32.dll
FF - plugin: c:\program files\Picasa2\npPicasa2.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-25 15:24:15
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(1044)
c:\program files\Intel\Wireless\Bin\LgNotify.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\program files\Intel\Wireless\Bin\S24EvMon.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe
c:\windows\system32\DVDRAMSV.exe
c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\program files\Intel\Wireless\Bin\ZCfgSvc.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\program files\AVG\AVG8\avgrsx.exe
c:\progra~1\Intel\Wireless\Bin\1XConfig.exe
c:\program files\Analog Devices\SoundMAX\SMAgent.exe
c:\toshiba\IVP\swupdate\swupdtmr.exe
c:\program files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
c:\windows\system32\searchindexer.exe
c:\windows\system32\TPSBattM.exe
c:\program files\Sun\StarOffice 8\program\soffice.exe
c:\program files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
c:\program files\Sun\StarOffice 8\program\soffice.bin
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\searchprotocolhost.exe
c:\windows\system32\searchfilterhost.exe
.
**************************************************************************
.
Completion time: 2009-02-25 15:31:03 - machine was rebooted
ComboFix-quarantined-files.txt 2009-02-25 20:29:44
Pre-Run: 33,589,624,832 bytes free
Post-Run: 33,849,147,392 bytes free
267 --- E O F --- 2009-02-11 08:07:10