ComboFix 11-10-28.04 - Fiona 30/10/2011  12:06:02.2.1 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.894.502 [GMT 0:00]
Running from: c:\documents and settings\Fiona\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Fiona\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Norton 360 *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton 360 *Enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_Pcouffin
.
.
(((((((((((((((((((((((((   Files Created from 2011-09-28 to 2011-10-30  )))))))))))))))))))))))))))))))
.
.
2011-10-28 18:58 . 2011-09-06 20:37	320856	----a-w-	c:\windows\system32\drivers\aswSP.sys
2011-10-28 18:58 . 2011-09-06 20:36	20568	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2011-10-28 18:58 . 2011-09-06 20:36	34392	----a-w-	c:\windows\system32\drivers\aswRdr.sys
2011-10-28 18:58 . 2011-09-06 20:38	442200	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2011-10-28 18:58 . 2011-09-06 20:36	52568	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2011-10-28 18:58 . 2011-09-06 20:36	110552	----a-w-	c:\windows\system32\drivers\aswmon2.sys
2011-10-28 18:58 . 2011-09-06 20:36	104536	----a-w-	c:\windows\system32\drivers\aswmon.sys
2011-10-28 18:58 . 2011-09-06 20:33	30808	----a-w-	c:\windows\system32\drivers\aavmker4.sys
2011-10-28 18:58 . 2011-09-06 20:45	41184	----a-w-	c:\windows\avastSS.scr
2011-10-28 18:58 . 2011-09-06 20:45	199304	----a-w-	c:\windows\system32\aswBoot.exe
2011-10-28 18:57 . 2011-10-28 18:57	--------	d-----w-	c:\program files\AVAST Software
2011-10-28 18:57 . 2011-10-28 18:57	--------	d-----w-	c:\documents and settings\All Users\Application Data\AVAST Software
2011-10-25 14:16 . 2011-10-25 14:16	--------	d-----w-	c:\documents and settings\Fiona\Application Data\Tific
2011-10-25 14:16 . 2011-10-25 14:16	--------	d-----w-	c:\documents and settings\Fiona\Local Settings\Application Data\Symantec
2011-10-24 12:52 . 2011-10-24 13:47	--------	d-----w-	c:\documents and settings\Fiona\Local Settings\Application Data\NPE
2011-10-21 13:42 . 2011-10-21 13:42	--------	d-----w-	c:\program files\Windows Sidebar
2011-10-21 12:38 . 2011-10-21 12:41	--------	d-----w-	c:\documents and settings\Fiona\Application Data\GetRightToGo
2011-10-21 11:35 . 2011-10-21 11:35	--------	d-----w-	c:\documents and settings\All Users\Application Data\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}
2011-10-21 10:19 . 2011-10-21 10:19	--------	d-----w-	c:\documents and settings\Fiona\Application Data\Uniblue
2011-10-21 10:19 . 2011-10-21 11:51	--------	dc-h--w-	c:\documents and settings\All Users\Application Data\~0
2011-10-21 10:19 . 2011-10-21 10:19	--------	d-----w-	c:\program files\Uniblue
2011-10-21 09:49 . 2009-06-30 09:37	28552	----a-w-	c:\windows\system32\drivers\pavboot.sys
2011-10-21 09:49 . 2011-10-21 09:49	--------	d-----w-	c:\program files\Panda Security
2011-10-05 12:00 . 2011-10-05 12:00	--------	d-----w-	c:\documents and settings\Fiona\Application Data\AVG8
2011-10-04 10:33 . 2011-10-04 10:33	--------	d-----w-	c:\windows\system32\wbem\Repository
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-26 10:41 . 2008-07-29 19:59	611328	----a-w-	c:\windows\system32\uiautomationcore.dll
2011-09-26 10:41 . 2004-08-04 12:00	220160	----a-w-	c:\windows\system32\oleacc.dll
2011-09-26 10:41 . 2004-08-04 12:00	20480	----a-w-	c:\windows\system32\oleaccrc.dll
2011-09-25 18:00 . 2011-09-25 18:00	56336	----a-w-	c:\windows\system32\drivers\RapportKELL.sys
2011-09-09 09:12 . 2004-08-04 12:00	599040	----a-w-	c:\windows\system32\crypt32.dll
2011-09-06 13:20 . 2004-08-04 12:00	1858944	----a-w-	c:\windows\system32\win32k.sys
2011-08-24 11:24 . 2011-08-24 11:24	0	----a-w-	c:\windows\system32\ConduitEngine.tmp
2011-08-22 23:48 . 2004-08-04 12:00	916480	----a-w-	c:\windows\system32\wininet.dll
2011-08-22 23:48 . 2004-08-04 12:00	43520	----a-w-	c:\windows\system32\licmgr10.dll
2011-08-22 23:48 . 2004-08-04 12:00	1469440	----a-w-	c:\windows\system32\inetcpl.cpl
2011-08-22 11:56 . 2004-08-04 12:00	385024	------w-	c:\windows\system32\html.iec
2011-08-17 13:49 . 2004-08-04 12:00	138496	----a-w-	c:\windows\system32\drivers\afd.sys
2011-10-16 14:02 . 2011-10-16 14:02	134104	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((   SnapShot@2011-10-28_18.18.46   )))))))))))))))))))))))))))))))))))))))))
.
- 2004-08-04 12:00 . 2011-10-12 09:17	86444              c:\windows\system32\perfc009.dat
+ 2004-08-04 12:00 . 2011-10-30 08:43	86444              c:\windows\system32\perfc009.dat
+ 2004-08-04 12:00 . 2011-10-30 08:43	482434              c:\windows\system32\perfh009.dat
- 2004-08-04 12:00 . 2011-10-12 09:17	482434              c:\windows\system32\perfh009.dat
+ 2011-10-30 11:45 . 2011-10-30 11:45	814080              c:\windows\Installer\3618f.msi
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 20:45	122512	----a-w-	c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="c:\program files\Google\Gmail Notifier\gnotify.exe" [2005-07-15 479232]
"DLSService"="c:\program files\DYMO\DYMO Label Software\DLSService.exe" [2009-10-28 55808]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2007-10-11 29984]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2007-10-11 46368]
"PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-08-31 328992]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2011-07-05 421888]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-10-17 113664]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21	548352	----a-w-	c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
backup=c:\windows\pss\WinZip Quick Pick.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Fiona^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
path=c:\documents and settings\Fiona\Start Menu\Programs\Startup\LimeWire On Startup.lnk
backup=c:\windows\pss\LimeWire On Startup.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Fiona^Start Menu^Programs^Startup^OpenOffice.org 3.0.lnk]
path=c:\documents and settings\Fiona\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk
backup=c:\windows\pss\OpenOffice.org 3.0.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2011-04-20 11:48	58656	----a-w-	c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlackBerryAutoUpdate]
2009-07-01 22:12	623960	----a-w-	c:\program files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrMfcWnd]
2008-02-19 07:22	1089536	----a-r-	c:\program files\Brother\Brmfcmon\BrMfcWnd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter3]
2007-12-21 16:57	86016	----a-w-	c:\program files\Brother\ControlCenter3\BrCtrCen.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DymoQuickPrint]
2009-10-29 00:09	1885944	----a-w-	c:\program files\DYMO\DYMO Label Software\DymoQuickPrint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2009-05-07 12:35	133104	-----tw-	c:\documents and settings\Fiona\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-08-19 00:07	421736	----a-w-	c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\O2]
2008-03-28 21:47	198184	------w-	c:\program files\O2\bin\sprtcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoboForm]
2009-12-26 11:10	160592	----a-w-	c:\program files\Siber Systems\AI RoboForm\robotaskbaricon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray]
2009-04-11 13:17	236016	----a-w-	c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
2006-10-25 08:03	210472	----a-w-	c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-06-09 12:06	254696	----a-w-	c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2011-02-18 19:05	2423752	----a-w-	c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"MSSQL$AUTODESKVAULT"=2 (0x2)
"KService"=2 (0x2)
"Autodesk Licensing Service"=3 (0x3)
"Autodesk EDM Server"=2 (0x2)
"Autodesk Data Management Job Dispatch"=2 (0x2)
"WMPNetworkSvc"=3 (0x3)
"wlidsvc"=2 (0x2)
"SupportSoft RemoteAssist"=2 (0x2)
"SQLWriter"=2 (0x2)
"SQLBrowser"=2 (0x2)
"sprtsvc_O2"=2 (0x2)
"RoxWatch9"=2 (0x2)
"RoxMediaDB9"=3 (0x3)
"RoxLiveShare9"=2 (0x2)
"Roxio Upnp Server 9"=2 (0x2)
"Roxio UPnP Renderer 9"=3 (0x3)
"RapportMgmtService"=2 (0x2)
"MSK80Service"=2 (0x2)
"MpfService"=2 (0x2)
"McSysmon"=3 (0x3)
"McShield"=2 (0x2)
"McProxy"=2 (0x2)
"McODS"=3 (0x3)
"McNASvc"=2 (0x2)
"mcmscsvc"=2 (0x2)
"McComponentHostService"=3 (0x3)
"JavaQuickStarterService"=2 (0x2)
"iPod Service"=3 (0x3)
"idsvc"=3 (0x3)
"IDriverT"=3 (0x3)
"EPSON_PM_RPCV4_01"=2 (0x2)
"EPSON_EB_RPCV4_01"=2 (0x2)
"EpsonBidirectionalService"=2 (0x2)
"Bonjour Service"=2 (0x2)
"ATI Smart"=2 (0x2)
"Ati HotKey Poller"=2 (0x2)
"Apple Mobile Device"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\StubInstaller.exe"=
"c:\\Program Files\\Lionhead Studios Ltd\\Black & White\\runblack.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\iCatcher\\iCatcherTools.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\Kontiki\\KService.exe"=
"c:\\Program Files\\O2\\bin\\wificfg.exe"=
"c:\\Program Files\\O2\\agent\\bin\\bcont.exe"=
"c:\\Program Files\\Common Files\\SupportSoft\\bin\\ssrc.exe"=
"c:\\Program Files\\O2\\agent\\bin\\bcont_nm.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
R0 hotcore3;hotcore3;c:\windows\system32\drivers\hotcore3.sys [19/05/2007 15:05 38448]
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [21/10/2011 09:49 28552]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [28/10/2011 18:58 442200]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [28/10/2011 18:58 320856]
R1 MultiCam;MultiCam for Picolo;c:\windows\system32\drivers\multicam.sys [10/05/2006 14:42 196192]
R1 RapportCerberus_29574;RapportCerberus_29574;c:\documents and settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\29574\RapportCerberus32_29574.sys [07/08/2011 15:06 216912]
R1 RapportEI;RapportEI;c:\program files\Trusteer\Rapport\bin\RapportEI.sys [25/09/2011 18:00 70416]
R1 RapportPG;RapportPG;c:\program files\Trusteer\Rapport\bin\RapportPG.sys [25/09/2011 18:00 161936]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [17/02/2010 18:25 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [10/05/2010 18:41 67656]
R1 UniMC;Unified MultiCam;c:\windows\system32\drivers\UniMC.sys [04/05/2006 13:56 35328]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [28/10/2011 18:58 20568]
S1 PicoloPro;PICOLO drivers;c:\windows\system32\drivers\McPicolo.sys [04/05/2006 13:56 53248]
S3 RapportKELL;RapportKELL;c:\windows\system32\drivers\RapportKELL.sys [25/09/2011 18:00 56336]
S3 s115bus;Sony Ericsson Device 115 driver (WDM);c:\windows\system32\drivers\s115bus.sys [23/04/2007 12:54 83208]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter;c:\windows\system32\drivers\s115mdfl.sys [23/04/2007 12:54 15112]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver;c:\windows\system32\drivers\s115mdm.sys [23/04/2007 12:54 108680]
S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s115mgmt.sys [23/04/2007 12:54 100488]
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface;c:\windows\system32\drivers\s115obex.sys [23/04/2007 12:54 98568]
S4 RapportMgmtService;Rapport Management Service;c:\program files\Trusteer\Rapport\bin\RapportMgmtService.exe [25/09/2011 17:59 919352]
S4 sprtsvc_O2;SupportSoft Sprocket Service (O2);c:\program files\O2\bin\sprtsvc.exe [07/06/2007 15:19 202280]
.
Contents of the 'Scheduled Tasks' folder
.
2011-10-08 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 16:57]
.
2011-10-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-73586283-484061587-725345543-1004Core.job
- c:\documents and settings\Fiona\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-05-07 12:35]
.
2011-10-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-73586283-484061587-725345543-1004UA.job
- c:\documents and settings\Fiona\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-05-07 12:35]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.co.uk/
uInternet Settings,ProxyOverride = *.local
IE: Customize Menu - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Fill Forms - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: RoboForm Toolbar - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: Save Forms - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
Trusted Zone: internet
Trusted Zone: mcafee.com
Trusted Zone: o2.co.uk\*.broadband
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\documents and settings\Fiona\Application Data\Mozilla\Firefox\Profiles\yt4maupx.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine -   
FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&q=
FF - user.js: capability.policy.policynames - localfilelinks
FF - user.js: capability.policy.localfilelinks.checkloaduri.enabled - allAccess
FF - user.js: capability.policy.localfilelinks.sites - hxxp://s1.travian.com http://s2.travian.com http://s3.travian.com http://s4.travian.com
FF - user.js: dom.disable_open_during_load - true // Popupblocker control handled by McAfee Privacy Service
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-McAfee Virtual Technician - c:\program files\McAfee\Supportability\MVT\MVTInstaller.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-10-30 12:26
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...  
.
scanning hidden autostart entries ... 
.
scanning hidden files ...  
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(604)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(356)
c:\windows\system32\WININET.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\AVAST Software\Avast\setup\avast.setup
.
**************************************************************************
.
Completion time: 2011-10-30  12:33:14 - machine was rebooted
ComboFix-quarantined-files.txt  2011-10-30 12:33
ComboFix2.txt  2011-10-28 18:25
.
Pre-Run: 151,317,090,304 bytes free
Post-Run: 151,519,408,128 bytes free
.
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - C1B560DC81E0B58E9D3DC68B670B5B43