heres the log
ComboFix 09-08-28.01 - HP_Administrator 08/28/2009 23:17.1.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1015.491 [GMT -4:00]
Running from: c:\documents and settings\HP_Administrator\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\HP_Administrator\Desktop\CFScript.txt
AV: avast! antivirus 4.8.1335 [VPS 090828-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\HP_Administrator\Application Data\Microsoft\dowasfaffsfsafnload.exe
c:\documents and settings\HP_Administrator\Application Data\Microsoft\dowasfasfsafnload.exe
c:\documents and settings\HP_Administrator\Application Data\Microsoft\dowasfasfsafnload.exeWebDL
c:\program files\AskBarDis
c:\program files\AskBarDis\bar\bin\askPopStp.dll
c:\program files\AskBarDis\bar\bin\AskService.exe
c:\program files\AskBarDis\bar\bin\AskSplash.exe
c:\program files\AskBarDis\bar\bin\AskTBApp.exe
c:\program files\AskBarDis\bar\bin\ASKUpgrade.exe
c:\program files\AskBarDis\bar\bin\psvince.dll
c:\program files\AskBarDis\bar\Settings\AskLogo.ico
c:\program files\AskBarDis\bar\Settings\config.dat
c:\program files\AskBarDis\bar\Settings\config.dat.bak
c:\program files\AskBarDis\unins000.dat
c:\program files\AskBarDis\unins000.exe
c:\program files\AskSearch\bin\DefaultSearch.dll
c:\recycler\k-1-3542-4232123213-7676767-8888886
c:\windows\system32\ps2.bat
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_IPRIP
-------\Service_Iprip
-------\Legacy_ASKService
-------\Legacy_ASKUpgrade
-------\Service_ASKService
-------\Service_ASKUpgrade
((((((((((((((((((((((((( Files Created from 2009-07-28 to 2009-08-29 )))))))))))))))))))))))))))))))
.
2009-08-28 19:52 . 2009-08-28 21:07 -------- d-----w- c:\program files\a-squared Free
2009-08-28 17:42 . 2009-08-28 17:51 -------- d-----w- c:\program files\Maxtor
2009-08-24 22:29 . 2009-08-25 00:14 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\BitTorrent
2009-08-24 22:28 . 2009-08-24 22:28 -------- d-----w- c:\documents and settings\HP_Administrator\Local Settings\Application Data\DNA
2009-08-24 22:28 . 2009-08-29 03:22 -------- d-----w- c:\program files\DNA
2009-08-24 22:28 . 2009-08-29 03:22 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\DNA
2009-08-24 14:57 . 2009-08-24 14:57 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\acccore
2009-08-24 14:57 . 2009-08-24 14:57 -------- d-----w- c:\documents and settings\HP_Administrator\Local Settings\Application Data\AOL OCP
2009-08-24 14:57 . 2009-08-24 14:57 -------- d-----w- c:\documents and settings\HP_Administrator\Local Settings\Application Data\AOL
2009-08-24 14:57 . 2009-08-29 03:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Viewpoint
2009-08-24 14:57 . 2009-08-24 14:57 -------- d-----w- c:\documents and settings\All Users\Application Data\acccore
2009-08-24 14:56 . 2009-08-24 14:58 -------- d-----w- c:\documents and settings\All Users\Application Data\AOL OCP
2009-08-24 14:56 . 2009-08-24 14:56 -------- d-----w- c:\documents and settings\All Users\Application Data\AOL
2009-08-24 14:56 . 2009-08-24 14:56 -------- d-----w- c:\program files\Common Files\AOL
2009-08-24 14:55 . 2009-08-24 14:57 -------- d-----w- c:\program files\AIM6
2009-08-12 01:10 . 2009-08-12 01:10 50 ----a-w- c:\windows\system32\BRIDF04A.dat
2009-08-12 01:10 . 2004-04-12 14:44 51200 ------w- c:\windows\system32\brinsstr.dll
2009-08-12 01:10 . 2003-05-05 23:30 65536 ------w- c:\windows\system32\Brmfrmps.exe
2009-08-12 01:09 . 2002-02-13 05:16 176128 ------w- c:\windows\system32\Pdrvinst.dll
2009-08-12 01:09 . 2002-02-05 05:08 81920 ------w- c:\windows\system32\BrWebIns.dll
2009-08-12 01:09 . 2002-02-05 05:07 65536 ------w- c:\windows\system32\Brwebup.exe
2009-08-12 01:09 . 2009-08-12 01:09 -------- d-----w- C:\Brother
2009-08-12 01:09 . 2004-04-06 05:00 126976 ------w- c:\windows\system32\BrfxD04a.dll
2009-08-12 01:09 . 2003-11-28 22:57 0 ----a-w- c:\windows\brdfxspd.dat
2009-08-12 01:09 . 2009-08-12 01:10 -------- d-----w- c:\program files\Brother
2009-08-12 01:09 . 2003-12-11 13:32 147456 ----a-w- c:\windows\brunin03.dll
2009-08-12 01:08 . 2009-08-12 01:08 -------- d-----w- c:\program files\Common Files\ScanSoft Shared
2009-08-12 01:08 . 2009-08-12 01:08 -------- d-----w- c:\documents and settings\All Users\Application Data\ScanSoft
2009-08-12 01:08 . 2009-08-12 01:08 -------- d-----w- c:\program files\ScanSoft
2009-08-12 01:07 . 2009-08-12 01:14 57 ----a-w- c:\documents and settings\All Users\Application Data\Brother\BrLog\BrCollectDir\BR_cat.bat
2009-08-12 01:07 . 2009-08-12 01:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Brother
2009-08-10 22:51 . 2009-08-13 01:22 -------- d-----w- c:\program files\Vuze
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-29 03:06 . 2009-06-18 16:07 2016 ----a-w- c:\documents and settings\HP_Administrator\Application Data\wklnhst.dat
2009-08-29 03:05 . 2005-08-16 11:39 -------- d-----w- c:\program files\Java
2009-08-29 03:01 . 2009-07-11 18:55 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-08-29 03:01 . 2009-06-18 18:21 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-08-29 02:56 . 2005-08-16 12:20 -------- d-----w- c:\program files\Common Files\Adobe
2009-08-28 21:55 . 2009-06-18 18:26 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\Media Player Classic
2009-08-28 17:52 . 2005-08-16 12:20 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-08-27 12:00 . 2009-06-18 17:25 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\Azureus
2009-08-24 03:29 . 2009-07-29 16:57 34 ----a-w- c:\documents and settings\HP_Administrator\jagex_runescape_preferences.dat
2009-08-17 15:45 . 2009-08-17 05:42 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\LimeWire
2009-08-13 14:16 . 2009-06-18 18:10 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\uTorrent
2009-08-12 01:09 . 2005-08-16 12:12 -------- d-----w- c:\program files\Common Files\InstallShield
2009-08-10 22:53 . 2009-06-18 17:43 -------- d-----w- c:\program files\iTunes
2009-08-05 01:33 . 2009-06-18 17:53 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-08-05 01:32 . 2009-07-14 06:38 3942048 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-08-03 17:36 . 2009-06-18 17:53 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-08-03 17:36 . 2009-06-18 17:53 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-07-27 15:29 . 2009-07-27 15:29 -------- d-----w- c:\documents and settings\All Users\Application Data\FLEXnet
2009-07-23 04:30 . 2009-07-23 04:30 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\AdobeUM
2009-07-14 03:40 . 2009-06-18 15:49 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\Apple Computer
2009-07-14 03:37 . 2009-06-18 17:41 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2009-07-12 04:33 . 2009-06-18 16:07 82112 ----a-w- c:\documents and settings\HP_Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-07-12 04:24 . 2009-07-12 04:24 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\com.adobe.ExMan
2009-07-12 03:57 . 2009-07-12 03:57 -------- d-----w- c:\program files\Adobe Media Player
2009-07-12 03:52 . 2009-07-12 03:52 -------- d-----w- c:\program files\Common Files\Adobe AIR
2009-07-11 19:11 . 2005-08-16 12:42 -------- d-----w- c:\program files\Google
2009-07-11 18:57 . 2009-07-11 18:57 -------- d-----w- c:\program files\Microsoft
2009-06-19 14:40 . 2009-06-19 14:40 73728 ----a-w- c:\windows\ALCFDRTM.EXE
2009-06-19 01:33 . 2009-06-19 01:33 164 ----a-w- c:\windows\install.dat
2009-06-19 01:21 . 2009-06-19 01:21 164 ----a-w- C:\install.dat
2009-06-05 15:42 . 2009-06-18 17:41 39424 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2009-06-05 15:42 . 2009-06-18 17:41 2060288 ----a-w- c:\windows\system32\usbaaplrc.dll
.
------- Sigcheck -------
[-] 2005-03-14 08:17 359936 6129E70F3D2F1E60860C930EBEAF92C2 c:\windows\$hf_mig$\KB893066\SP2QFE\tcpip.sys
[7] 2004-08-10 19:00 359040 9F4B36614A0FC234525BA224957DE55C c:\windows\$NtUninstallKB893066$\tcpip.sys
[-] 2008-04-13 19:20 361344 93EA8D04EC73A85DB02EB8805988F733 c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\tcpip.sys
[-] 2008-06-20 10:45 360320 2A5554FC5B1E04E131230E3CE035C3F9 c:\windows\SoftwareDistribution\Download\ad744bdeedce85bf37a096f34577ff3a\sp2gdr\tcpip.sys
[-] 2008-06-20 10:44 360960 744E57C99232201AE98C49168B918F48 c:\windows\SoftwareDistribution\Download\ad744bdeedce85bf37a096f34577ff3a\sp2qfe\tcpip.sys
[-] 2008-06-20 11:51 361600 9AEFA14BD6B182D61E3119FA5F436D3D c:\windows\SoftwareDistribution\Download\ad744bdeedce85bf37a096f34577ff3a\sp3gdr\tcpip.sys
[-] 2008-06-20 11:59 361600 AD978A1B783B5719720CFF204B666C8E c:\windows\SoftwareDistribution\Download\ad744bdeedce85bf37a096f34577ff3a\sp3qfe\tcpip.sys
[-] 2005-03-14 07:55 359808 0E66B538096A6529D1AC66E78EB0D5C8 c:\windows\system32\dllcache\tcpip.sys
[-] 2005-03-14 07:55 359808 0E66B538096A6529D1AC66E78EB0D5C8 c:\windows\system32\drivers\tcpip.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\documents and settings\HP_Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-06-18 133104]
"Aim6"="c:\program files\AIM6\aim6.exe" [2009-07-09 49968]
"BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2009-08-24 318272]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-10 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Persistence"="c:\windows\system32\igfxpers.exe" [2005-06-08 114688]
"HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2005-02-26 245760]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"ehTray"="c:\windows\ehome\ehtray.exe" [2004-08-11 59392]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016]
"LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2005-05-11 253952]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-02-03 233304]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2009-08-03 419088]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2004-04-14 57393]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2004-04-14 40960]
"SetDefPrt"="c:\program files\Brother\Brmfl04a\BrStDvPt.exe" [2004-05-25 49152]
"ControlCenter2.0"="c:\program files\Brother\ControlCenter2\brctrcen.exe" [2004-06-14 851968]
"mxomssmenu"="c:\program files\Maxtor\OneTouch Status\maxmenumgr.exe" [2008-07-21 169312]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-08-29 149280]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" - c:\windows\system32\HdAShCut.exe [2005-01-08 61952]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Status Monitor.lnk - c:\program files\Brother\Brmfcmon\BrMfcWnd.exe [2009-8-11 819200]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Documents and Settings\\HP_Administrator\\temp\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\Program Files\\Vuze\\Azureus.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\AIM6\\aim6.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [6/18/2009 2:21 PM 130936]
R0 ssfs0bbc;ssfs0bbc;c:\windows\system32\drivers\ssfs0bbc.sys [4/21/2009 6:27 PM 29808]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [6/18/2009 2:06 PM 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [6/18/2009 2:06 PM 20560]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [6/18/2009 1:53 PM 232720]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [6/18/2009 1:53 PM 19096]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [6/18/2009 2:20 PM 348752]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc
.
Contents of the 'Scheduled Tasks' folder
2009-08-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-205278981-4061998777-200502687-1008Core.job
- c:\documents and settings\HP_Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-06-18 17:18]
2009-08-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-205278981-4061998777-200502687-1008UA.job
- c:\documents and settings\HP_Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-06-18 17:18]
.
.
------- Supplementary Scan -------
.
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
GMER - Rootkit Detector and Remover
Rootkit scan 2009-08-28 23:22
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'explorer.exe'(368)
c:\windows\system32\msi.dll
c:\windows\system32\hnetcfg.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\system32\brss01a.exe
c:\program files\a-squared Free\a2service.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\Brmfrmps.exe
c:\windows\ehome\ehRecvr.exe
c:\windows\ehome\ehSched.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Maxtor\Sync\SyncServices.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\system32\tcpsvcs.exe
c:\program files\Webroot\WebrootSecurity\SpySweeper.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\program files\AIM6\aolsoftware.exe
c:\windows\system32\dllhost.exe
c:\windows\ehome\ehmsas.exe
.
**************************************************************************
.
Completion time: 2009-08-29 23:25 - machine was rebooted
ComboFix-quarantined-files.txt 2009-08-29 03:25
Pre-Run: 138,798,006,272 bytes free
Post-Run: 138,677,383,168 bytes free
267 --- E O F --- 2009-06-18 21:12