ComboFix 11-05-18.01 - Jack Menashe 05/19/2011   2:25.4.1 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.502.264 [GMT -4:00]
Running from: c:\documents and settings\Jack Menashe\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
\\.\PhysicalDrive0 - Bootkit TDL4 was found and disinfected
.
(((((((((((((((((((((((((   Files Created from 2011-04-19 to 2011-05-19  )))))))))))))))))))))))))))))))
.
.
2011-05-19 06:09 . 2011-04-11 07:04	7071056	----a-w-	c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{EE596210-FEFC-4212-964B-A46E37576200}\mpengine.dll
2011-05-18 20:20 . 2011-05-18 20:24	--------	d-----w-	c:\windows\Symbols
2011-05-18 16:49 . 2011-05-18 20:31	--------	d-----w-	c:\program files\Debugging Tools for Windows (x86)
2011-05-18 14:17 . 2010-12-20 22:08	20952	----a-w-	c:\windows\system32\drivers\mbam.sys
2011-05-18 13:42 . 2011-05-18 13:42	--------	d--h--w-	c:\documents and settings\Admin\Application Data\Apple Computer
2011-05-18 13:42 . 2011-05-18 13:42	--------	d--h--w-	c:\documents and settings\Admin\Local Settings\Application Data\Apple Computer
2011-05-18 13:42 . 2011-05-18 13:42	--------	d--h--w-	c:\documents and settings\Admin\Local Settings\Application Data\Google
2011-05-18 13:42 . 2011-05-18 13:42	--------	d-sh--w-	c:\documents and settings\Admin\IETldCache
2011-05-10 16:10 . 2011-05-10 16:10	--------	d-----w-	c:\program files\iPod
2011-05-10 15:52 . 2011-05-10 15:52	--------	d-----w-	c:\program files\Bonjour
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-18 16:51 . 2010-07-02 04:55	137656	----a-w-	c:\windows\system32\drivers\avipbb.sys
2011-04-11 07:04 . 2009-05-13 14:14	7071056	----a-w-	c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2011-04-06 20:20 . 2011-04-06 20:20	91424	----a-w-	c:\windows\system32\dnssd.dll
2011-04-06 20:20 . 2011-04-06 20:20	197920	----a-w-	c:\windows\system32\dnssdX.dll
2011-04-06 20:20 . 2011-04-06 20:20	107808	----a-w-	c:\windows\system32\dns-sd.exe
2011-03-09 03:13 . 2010-07-02 04:55	61960	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2011-03-07 05:33 . 2004-08-04 11:00	692736	----a-w-	c:\windows\system32\inetcomm.dll
2011-03-04 06:37 . 2004-08-04 11:00	420864	----a-w-	c:\windows\system32\vbscript.dll
2011-03-03 13:21 . 2004-08-04 11:00	1857920	----a-w-	c:\windows\system32\win32k.sys
2011-02-22 23:06 . 2004-08-04 11:00	916480	----a-w-	c:\windows\system32\wininet.dll
2011-02-22 23:06 . 2004-08-04 11:00	43520	----a-w-	c:\windows\system32\licmgr10.dll
2011-02-22 23:06 . 2004-08-04 11:00	1469440	------w-	c:\windows\system32\inetcpl.cpl
2011-02-22 11:41 . 2004-08-04 11:00	385024	----a-w-	c:\windows\system32\html.iec
2010-04-13 16:46 . 2010-04-13 16:34	271060312	----a-w-	c:\program files\501_b049_multilanguage.exe
2009-01-25 00:36 . 2009-01-25 00:35	2851216	----a-w-	c:\program files\PlaxoInstall_en.exe
2008-07-30 19:28 . 2008-07-30 19:27	133227519	-c--a-w-	c:\program files\OOo_2.4.1_Win32Intel_install_wJRE_en-US.exe
2007-09-05 21:43 . 2007-09-05 21:43	50009400	-c--a-w-	c:\program files\iTunesSetup.exe
2007-08-27 15:55 . 2007-08-27 15:55	1305088	-c--a-w-	c:\program files\Netflix_Movie_Viewer_Installer.msi
2007-08-16 18:42 . 2007-08-16 18:42	15732984	-c--a-w-	c:\program files\Google_Earth_BZXD.exe
2007-06-01 02:52 . 2007-06-01 02:52	2168968	-c--a-w-	c:\program files\Vindigo_PPC.exe
2007-05-31 20:56 . 2007-05-31 20:56	5248120	-c--a-w-	c:\program files\AgPPCEN.exe
2007-05-31 20:42 . 2007-05-31 20:39	4018320	-c--a-w-	c:\program files\msasync31.exe
2006-11-08 04:06 . 2006-10-22 13:48	17533000	-c--a-w-	c:\program files\ie7setup_mail.exe
2006-10-20 01:27 . 2006-10-20 01:27	408024	-c--a-w-	c:\program files\DNLDSSC.exe
2007-08-01 15:43 . 2007-06-14 02:22	135680	-c--a-w-	c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Creative Detector"="c:\program files\Creative\MediaSource\Detector\CTDetect.exe" [2004-12-02 102400]
"CTSyncU.exe"="c:\program files\Creative\Sync Manager Unicode\CTSyncU.exe" [2006-11-23 851968]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2004-08-20 155648]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2004-08-20 118784]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-07 57344]
"RealTray"="c:\program files\Real\RealPlayer\RealPlay.exe" [2006-09-29 26112]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-07-06 30192]
"USB Storage Toolbox"="c:\windows\UMStor\Res.EXE" [2005-09-15 65536]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-03-09 281768]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2011-02-18 49208]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-04-27 421160]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-22 39264]
.
c:\documents and settings\EDDIE\Start Menu\Programs\Startup\
Internet Explorer.lnk - c:\program files\Internet Explorer\iexplore.exe [2004-8-4 638816]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Acrobat Assistant.lnk - c:\program files\Adobe\Acrobat 6.0\Distillr\acrotray.exe [2003-10-24 217194]
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-24 29696]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-10-16 214360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Image Zone Fast Start.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk
backup=c:\windows\pss\HP Image Zone Fast Start.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk
backup=c:\windows\pss\Kodak EasyShare software.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^KODAK Software Updater.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\KODAK Software Updater.lnk
backup=c:\windows\pss\KODAK Software Updater.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Jack Menashe^Start Menu^Programs^Startup^OpenOffice.org 2.4.lnk]
path=c:\documents and settings\Jack Menashe\Start Menu\Programs\Startup\OpenOffice.org 2.4.lnk
backup=c:\windows\pss\OpenOffice.org 2.4.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOL Spyware Protection]
2004-10-18 21:42	79448	----a-w-	c:\progra~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLDialer]
2006-10-23 12:50	71216	------r-	c:\program files\Common Files\AOL\ACS\AOLDial.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]
2006-09-26 00:52	50736	----a-w-	c:\program files\Common Files\AOL\1159491445\EE\aolsoftware.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-04-27 05:22	421160	----a-w-	c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Canon\\CSCLIB\\CDPROCMN.exe"=
"c:\\Program Files\\Canon\\CSCLIB\\CDPROC.exe"=
"c:\\WINDOWS\\SYSTEM32\\msiexec.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\AIM\\aim.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=
"c:\\Program Files\\America Online 9.0\\waol.exe"=
"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe"=
"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe"=
"c:\\Program Files\\Common Files\\AOL\\1159491445\\EE\\AOLServiceHost.exe"=
"c:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"=
"c:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\AOLSP Scheduler.exe"=
"c:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\asp.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Common Files\\AOL\\1159491445\\EE\\aolsoftware.exe"=
"c:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"=
"c:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"=
"c:\\Program Files\\AIM6\\aim6.exe"=
"c:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\WINDOWS\\SYSTEM32\\fxsclnt.exe"=
"c:\\StubInstaller.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\{0BC1A5B2-79A1-4716-B3E5-4071E9AB6F43}\\setup\\hpznui01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqcopy2.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=
"c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Smart Web Printing\\SmartWebPrintExe.exe"=
"c:\\Program Files\\Research In Motion\\BlackBerry Desktop\\Rim.Desktop.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"427:UDP"= 427:UDP:SLP_Port(427)
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [7/2/2010 12:55 AM 136360]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [11/3/2006 7:19 PM 13592]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [3/13/2009 4:19 PM 30192]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\SYSTEM32\DRIVERS\mbamswissarmy.sys [6/28/2010 9:49 PM 38224]
S3 MR97310_VGA_DUAL_CAMERA;VGA Dual-Mode Camera;c:\windows\SYSTEM32\DRIVERS\mr97310v.sys [3/30/2004 12:29 PM 118106]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
HPService	REG_MULTI_SZ   	HPSLPSVC
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2011-05-10 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 15:50]
.
2011-05-19 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 23:20]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.my.yahoo.com/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=yie7c
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: &AIM Search - c:\program files\AIM Toolbar\AIMBar.dll/aimsearch.htm
IE: &eBay Search - c:\program files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
IE: &Yahoo! Search - file:///c:\program files\Yahoo!\Common/ycsrch.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Yahoo! &Dictionary - file:///c:\program files\Yahoo!\Common/ycdict.htm
IE: Yahoo! &Maps - file:///c:\program files\Yahoo!\Common/ycmap.htm
IE: Yahoo! &SMS - file:///c:\program files\Yahoo!\Common/ycsms.htm
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{5BF4467F-BCB3-40F6-B6E3-C27900811DAC} - c:\program files\AddThis\AddThis Toolbar\AddThisToolBar.dll
Toolbar-{3710D257-884E-4CD0-B562-EE94AC159107} - c:\program files\AddThis\AddThis Toolbar\AddThisToolBar.dll
HKLM-Run-SunJavaUpdateSched - c:\program files\Java\jre6\bin\jusched.exe
MSConfigStartUp-AppleSyncNotifier - c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
AddRemove-InstallShield_{25D24E84-64A9-40D2-85CF-540B1C4A6D52} - c:\program files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe
AddRemove-InstallShield_{2C164906-E68F-462A-9010-70DD022223EF} - c:\program files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe
AddRemove-InstallShield_{2E086814-7392-4E0F-ADB8-54A81E47406C} - c:\program files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe
AddRemove-InstallShield_{9518F764-C54D-47B2-9E73-154B21E79FD2} - c:\program files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe
AddRemove-InstallShield_{C3E1AA89-B370-46F4-AEBD-F4EBE7BE38A1} - c:\program files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe
AddRemove-InstallShield_{DE286975-ACF1-45B8-9EF7-34E162B2C817} - c:\program files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe
AddRemove-InstallShield_{EF4C7EB0-D71B-43A3-9552-8053DE4B0401} - c:\program files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe
AddRemove-InstallShield_{F37942A8-B21B-4C5A-A1D2-B676BF55EAE0} - c:\program files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-05-19 02:54
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...  
.
scanning hidden autostart entries ... 
.
scanning hidden files ...  
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\df3f5d80]
"imagepath"="\??\c:\windows\TEMP\413.tmp"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(1608)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Common Files\aolshare\aolshcpy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\brss01a.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\AOL\ACS\AOLAcsd.exe
c:\program files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe
c:\windows\system32\basfipm.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\CTsvcCDA.EXE
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files\Windows Media Player\WMPNetwk.exe
c:\windows\system32\wscntfy.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2011-05-19  03:02:30 - machine was rebooted
ComboFix-quarantined-files.txt  2011-05-19 07:02
ComboFix2.txt  2009-04-06 18:12
.
Pre-Run: 4,067,799,040 bytes free
Post-Run: 4,192,604,160 bytes free
.
- - End Of File - - D5BF7BA2212B1EBAF7C1A6167DA6C650