I did as you advised and here is the new log:
ComboFix 09-05-25.A2 - Anastasia 05/26/2009 21:23.5 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.495.76 [GMT 1:00]
Running from: c:\documents and settings\Anastasia\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Anastasia\Desktop\CFScript.txt
AV: Symantec AntiVirus Corporate Edition *On-access scanning disabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C}
.
((((((((((((((((((((((((( Files Created from 2009-04-26 to 2009-05-26 )))))))))))))))))))))))))))))))
.
2009-05-26 12:44 . 2009-05-26 12:44 7406 ----a-r c:\documents and settings\Anastasia\Application Data\Microsoft\Installer\{E52C258D-DCF6-411B-B690-06DAC5009F37}\_E53F70BCBCCD78C1DEF464.exe
2009-05-26 12:44 . 2009-05-26 12:44 7406 ----a-r c:\documents and settings\Anastasia\Application Data\Microsoft\Installer\{E52C258D-DCF6-411B-B690-06DAC5009F37}\_A4F88EF26C0C581DFA4F6E.exe
2009-05-26 12:44 . 2009-05-26 12:44 7406 ----a-r c:\documents and settings\Anastasia\Application Data\Microsoft\Installer\{E52C258D-DCF6-411B-B690-06DAC5009F37}\_21F3885A18D238E15AAE81.exe
2009-05-26 12:44 . 2009-05-26 12:44 13358 ----a-r c:\documents and settings\Anastasia\Application Data\Microsoft\Installer\{E52C258D-DCF6-411B-B690-06DAC5009F37}\_1E67C2E9CE1029B3EBF75B.exe
2009-05-26 12:44 . 2009-05-26 12:44 22254 ----a-r c:\documents and settings\Anastasia\Application Data\Microsoft\Installer\{E52C258D-DCF6-411B-B690-06DAC5009F37}\_6FEFF9B68218417F98F549.exe
2009-05-26 12:44 . 2009-05-26 12:44 -------- d-----w c:\program files\Foxit Software
2009-05-26 12:29 . 2009-05-26 12:29 -------- d--h--w C:\C_DILLA
2009-05-26 12:29 . 2009-05-26 12:29 112128 ---h--r c:\windows\CdaC14BA.DLL
2009-05-26 12:29 . 2009-05-26 12:29 30720 ---h--r c:\windows\CdaC13BA.EXE
2009-05-26 12:29 . 2009-05-26 12:29 39936 ----a-w c:\windows\system32\drivers\CDAC11BA.EXE
2009-05-26 12:29 . 2009-05-26 12:29 8864 ----a-w c:\windows\system32\drivers\CDAC15BA.SYS
2009-05-25 21:16 . 2009-05-25 21:16 152576 ----a-w c:\documents and settings\Anastasia\Application Data\Sun\Java\jre1.6.0_13\lzma.dll
2009-05-25 19:30 . 2009-05-25 19:30 -------- d-----w c:\documents and settings\Anastasia\Application Data\Malwarebytes
2009-05-25 17:56 . 2009-05-25 18:01 -------- d-----w C:\USBNoRisk
2009-05-25 13:49 . 2009-04-06 14:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-05-25 13:49 . 2009-04-06 14:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-25 13:35 . 2009-05-25 13:35 -------- d-----w C:\rsit
2009-05-25 12:07 . 2009-05-25 19:31 -------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-05-25 12:07 . 2009-05-25 12:07 -------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes
2009-05-22 09:51 . 2009-05-22 09:51 -------- d-----w c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-05-22 09:32 . 2009-05-22 09:32 -------- d-----w c:\program files\Trend Micro
2009-05-21 15:01 . 2009-05-21 15:01 -------- d-sh--w c:\documents and settings\Anastasia\IECompatCache
2009-05-21 14:57 . 2009-05-21 14:57 -------- d-----w c:\program files\CCleaner
2009-05-20 15:44 . 2009-05-20 15:44 -------- d-sh--w c:\documents and settings\LocalService\PrivacIE
2009-05-20 15:44 . 2009-05-20 15:44 -------- d-sh--w c:\documents and settings\LocalService\IETldCache
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-26 20:25 . 2008-11-21 05:17 -------- d-----w c:\program files\Impulse
2009-05-26 20:25 . 2009-01-03 14:33 -------- d-----w c:\documents and settings\Anastasia\Application Data\Skype
2009-05-26 20:08 . 2008-11-21 21:31 -------- d-----w c:\program files\Symantec AntiVirus
2009-05-26 15:05 . 2009-01-03 14:36 -------- d-----w c:\documents and settings\Anastasia\Application Data\skypePM
2009-05-26 12:41 . 2008-09-05 00:02 -------- d-----w c:\documents and settings\All Users\Application Data\NOS
2009-05-26 12:41 . 2008-09-05 00:01 -------- d-----w c:\program files\NOS
2009-05-26 12:39 . 2005-01-07 23:23 -------- d-----w c:\program files\Common Files\Adobe
2009-05-26 12:20 . 2009-05-25 21:18 410984 ----a-w c:\windows\system32\deploytk.dll
2009-05-26 12:20 . 2009-05-26 12:20 -------- d-----w c:\program files\Java
2009-05-26 12:08 . 2009-05-26 12:08 -------- d-----w c:\documents and settings\Anastasia\Application Data\Foxit
2009-05-25 21:19 . 2009-05-25 21:19 57344 ----a-w c:\documents and settings\Anastasia\Application Data\Sun\Java\Deployment\cache\6.0\50\5b902232-1de359cc-n\Decora-SSE.dll
2009-05-25 21:19 . 2009-05-25 21:19 24064 ----a-w c:\documents and settings\Anastasia\Application Data\Sun\Java\Deployment\cache\6.0\15\4e09eacf-7ffeb73e-n\Decora-D3D.dll
2009-05-25 21:19 . 2009-05-25 21:19 315392 ----a-w c:\documents and settings\Anastasia\Application Data\Sun\Java\Deployment\cache\6.0\62\6baea4fe-33b046ba-n\jogl.dll
2009-05-25 21:19 . 2009-05-25 21:19 20480 ----a-w c:\documents and settings\Anastasia\Application Data\Sun\Java\Deployment\cache\6.0\62\6baea4fe-33b046ba-n\jogl_awt.dll
2009-05-25 21:19 . 2009-05-25 21:19 20480 ----a-w c:\documents and settings\Anastasia\Application Data\Sun\Java\Deployment\cache\6.0\45\4f710eed-32ebfba6-n\gluegen-rt.dll
2009-05-25 21:19 . 2009-05-25 21:19 114688 ----a-w c:\documents and settings\Anastasia\Application Data\Sun\Java\Deployment\cache\6.0\62\6baea4fe-33b046ba-n\jogl_cg.dll
2009-05-25 21:19 . 2009-05-25 21:19 499712 ----a-w c:\documents and settings\Anastasia\Application Data\Sun\Java\Deployment\cache\6.0\33\258cea61-64df4ee5-n\msvcp71.dll
2009-05-25 21:19 . 2009-05-25 21:19 499712 ----a-w c:\documents and settings\Anastasia\Application Data\Sun\Java\Deployment\cache\6.0\33\258cea61-64df4ee5-n\jmc.dll
2009-05-25 21:19 . 2009-05-25 21:19 348160 ----a-w c:\documents and settings\Anastasia\Application Data\Sun\Java\Deployment\cache\6.0\33\258cea61-64df4ee5-n\msvcr71.dll
2009-05-14 12:43 . 2009-03-17 22:31 -------- d-----w c:\program files\Common Files\Apple
2009-05-06 18:06 . 2009-05-26 01:34 4784464 ----a-w c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{B4D3EDA3-5A11-402F-B6CE-D2EE639BFEC1}\mpengine.dll
2009-04-23 19:32 . 2005-08-18 18:23 -------- d-----w c:\program files\Yahoo!
2009-04-14 00:39 . 2007-01-12 03:22 4656976 ----a-w c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2009-04-09 11:52 . 2009-04-09 11:51 -------- d-----w c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-04-09 11:52 . 2009-03-17 22:36 -------- d-----w c:\program files\iTunes
2009-04-09 11:51 . 2009-04-09 11:51 -------- d-----w c:\program files\iPod
2009-04-09 11:26 . 2009-04-09 11:26 75048 ----a-w c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.1.10\SetupAdmin.exe
2009-03-19 15:32 . 2009-03-19 15:32 23400 ----a-w c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86\x86\GEARAspiWDM.sys
2009-03-19 15:32 . 2009-03-17 22:37 23400 ----a-w c:\windows\system32\drivers\GEARAspiWDM.sys
2009-03-08 04:34 . 2005-01-07 18:03 914944 ----a-w c:\windows\system32\wininet.dll
2009-03-08 04:34 . 2005-01-07 18:03 43008 ----a-w c:\windows\system32\licmgr10.dll
2009-03-08 04:33 . 2005-01-07 18:02 18944 ----a-w c:\windows\system32\corpol.dll
2009-03-08 04:33 . 2005-01-07 18:03 420352 ----a-w c:\windows\system32\vbscript.dll
2009-03-08 04:32 . 2005-01-07 18:02 72704 ----a-w c:\windows\system32\admparse.dll
2009-03-08 04:32 . 2005-01-07 18:03 71680 ----a-w c:\windows\system32\iesetup.dll
2009-03-08 04:31 . 2005-01-07 18:03 34816 ----a-w c:\windows\system32\imgutil.dll
2009-03-08 04:31 . 2005-01-07 18:03 48128 ----a-w c:\windows\system32\mshtmler.dll
2009-03-08 04:31 . 2005-01-07 18:03 45568 ----a-w c:\windows\system32\mshta.exe
2009-03-08 04:22 . 2005-01-07 18:03 156160 ----a-w c:\windows\system32\msls31.dll
2009-03-06 14:22 . 2005-01-07 18:03 284160 ----a-w c:\windows\system32\pdh.dll
2006-10-03 01:39 . 2006-10-03 01:39 774144 ----a-w c:\program files\RngInterstitial.dll
2006-11-02 03:19 . 2006-10-06 03:01 104 --sh--r c:\windows\system32\1E3C357F32.sys
2006-12-22 01:15 . 2006-12-22 01:15 8 --sh--r c:\windows\system32\3A41D88C8D.sys
2007-03-19 18:03 . 2006-10-06 03:01 3350 --sha-w c:\windows\system32\KGyGaAvL.sys
.
((((((((((((((((((((((((((((( SnapShot@2009-05-25_18.40.32 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-05-26 12:21 . 2009-05-26 12:21 16384 c:\windows\temp\Perflib_Perfdata_1558.dat
+ 2009-05-26 13:16 . 2009-05-26 13:16 84661 c:\windows\system32\Macromed\Flash\uninstall_plugin.exe
- 2008-11-23 19:01 . 2008-11-23 19:01 84661 c:\windows\system32\Macromed\Flash\uninstall_plugin.exe
+ 2009-02-03 02:15 . 2009-02-03 02:15 240544 c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
+ 2009-05-26 12:21 . 2009-05-26 12:20 148888 c:\windows\system32\javaws.exe
+ 2009-05-26 12:21 . 2009-05-26 12:20 144792 c:\windows\system32\javaw.exe
+ 2009-05-26 12:21 . 2009-05-26 12:20 144792 c:\windows\system32\java.exe
+ 2009-02-03 02:15 . 2009-02-03 02:15 3771296 c:\windows\system32\Macromed\Flash\NPSWF32.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"Aim6"="c:\program files\AIM6\aim6.exe" [2008-10-31 50480]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-11-18 21633320]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2005-01-14 122939]
"TabletWizard"="c:\windows\help\SplshWrp.exe" [2008-04-14 16384]
"TabletTip"="c:\program files\Common Files\microsoft shared\ink\tabtip.exe" [2008-04-14 271872]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2004-10-25 155648]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2004-10-25 126976]
"SoundMAXPnP"="c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-10-14 1388544]
"00THotkey"="c:\windows\system32\
00THotkey.exe" [2004-08-11 01:21 258048]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2004-03-24 196608]
"TosRotation"="c:\program files\TOSHIBA\TOSHIBA Rotation Utility\TRot.exe" [2004-12-14 266240]
"SmoothView"="c:\program files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe" [2004-09-15 135168]
"TouchED"="c:\program files\TOSHIBA\TouchED\TouchED.Exe" [2003-01-22 126976]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2004-10-15 385024]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2006-07-20 52896]
"vptray"="c:\progra~1\SYMANT~1\VPTray.exe" [2006-09-28 125168]
"SNPSTD2"="c:\windows\vsnpstd2.exe" [2004-08-30 286720]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-26 148888]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2006-10-27 434528]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
PolicyKey.lnk - c:\program files\Impulse\PolicyKey.exe [2005-10-4 573440]
RAMASST.lnk - c:\windows\system32\RAMASST.exe [2005-1-7 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless]
2004-10-15 19:27 110592 ----a-w c:\program files\Intel\Wireless\Bin\LgNotify.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\loginkey]
2008-04-14 00:11 47104 ----a-w c:\program files\Common Files\Microsoft Shared\Ink\loginkey.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\TabBtnWL]
2002-08-29 11:41 11776 ----a-w c:\windows\system32\tabbtnwl.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tpgwlnotify]
2008-04-14 00:12 32256 ----a-w c:\windows\system32\tpgwlnot.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\ICQLite\\ICQLite.exe"=
"<NO NAME>"= :Windows Logon Service
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\AIM6\\aim6.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R0 Thpdrv;TOSHIBA HDD Protection Driver;c:\windows\system32\drivers\thpdrv.sys [12/28/2004 8:31 AM 16384]
R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\system32\drivers\Thpevm.sys [1/7/2005 11:25 PM 6144]
R1 TMEI3E;TMEI3E;c:\windows\system32\drivers\TMEI3E.sys [1/27/2005 12:06 AM 5888]
R2 SavRoam;SAVRoam;c:\program files\Symantec AntiVirus\SavRoam.exe [9/28/2006 5:33 AM 116464]
R2 Tmesbs;Tmesbs32;c:\program files\Toshiba\TME3\tmesbs32.exe [1/27/2005 12:06 AM 86016]
R2 Tmesrv;Tmesrv3;c:\program files\Toshiba\TME3\TMESRV31.exe [1/27/2005 12:06 AM 126976]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [11/13/2007 2:43 AM 24652]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [11/4/2006 3:19 AM 13592]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2/26/2009 11:13 AM 101936]
R3 TBtnKey;TOSHIBA Tablet PC Buttons Type N HID Driver;c:\windows\system32\drivers\TBtnKey.sys [1/7/2005 10:47 PM 8832]
R3 WacomPen;Wacom Serial Pen HID Driver;c:\windows\system32\drivers\wacompen.sys [1/7/2005 1:30 PM 14208]
S3 TEchoCan;Toshiba Audio Effect;c:\windows\system32\drivers\TEchoCan.sys [1/21/2005 8:18 PM 409984]
S3 TMicAry;Toshiba Audio Effect with MicArray;c:\windows\system32\drivers\TMicAry.sys [1/21/2005 8:18 PM 138240]
--- Other Services/Drivers In Memory ---
*NewlyCreated* - C-DILLACDAC11BA
*NewlyCreated* - CDAC15BA
*NewlyCreated* - JAVAQUICKSTARTERSERVICE
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]
c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,LaunchINFSectionEx c:\program files\Internet Explorer\clrtour.inf,DefaultInstall.ResetTour,,12
.
Contents of the 'Scheduled Tasks' folder
2009-05-21 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]
2009-05-25 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-04 02:20]
2009-05-26 c:\windows\Tasks\User_Feed_Synchronization-{2DD8FC14-CE1B-4232-B4C6-F6AAFDF41880}.job
- c:\windows\system32\msfeedssync.exe [2007-08-14 04:31]
.
.
------- Supplementary Scan -------
.
uStart Page =
hxxp://uk.yahoo.com/?fr=fp-yie8uSearchMigratedDefaultURL =
hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) =
hxxp://us.rd.yahoo.com/customize/ie/def ... .yahoo.comDPF: {D30CA0FD-1CA0-11D4-AC78-006008A9A8BC} -
hxxp://sav/sav/webinst.cabFF - ProfilePath - c:\documents and settings\Anastasia\Application Data\Mozilla\Firefox\Profiles\opw0uvqi.default\
FF - prefs.js: browser.startup.homepage -
hxxp://www.google.co.uk/FF - prefs.js: network.proxy.type - 1
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npPandoWebInst.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\Real\RealArcade\Plugins\Mozilla\npracplug.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-05-26 21:25
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(996)
c:\program files\Intel\Wireless\Bin\LgNotify.dll
- - - - - - - > 'explorer.exe'(3544)
c:\program files\Common Files\microsoft shared\ink\tipband.dll
c:\progra~1\WINDOW~3\wmpband.dll
c:\program files\windows journal\nbmaptip.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\OneX.DLL
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2009-05-26 21:28
ComboFix-quarantined-files.txt 2009-05-26 20:27
ComboFix2.txt 2009-05-26 11:58
ComboFix3.txt 2009-05-25 20:26
ComboFix4.txt 2009-05-25 18:43
Pre-Run: 40,309,035,008 bytes free
Post-Run: 40,291,065,856 bytes free
240 --- E O F --- 2009-05-26 01:34