Hi SuperDave,
Computer running much faster and smoother now since deleting those all those old picture files that were hogging up all the memory. No shut downs either today and used it for work today with several windows running abd streaming data with an application.
Here is the new Combo log:
ComboFix 11-04-08.02 - Glenda Pagan 04/09/2011 0:49.3.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1280.676 [GMT -4:00]
Running from: c:\documents and settings\Glenda Pagan\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Online Armor Firewall *Enabled* {B797DAA0-7E2E-4711-8BB3-D12744F1922A}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Default User\WINDOWS
c:\documents and settings\Glenda Pagan\WINDOWS
c:\windows\system32\config\systemprofile\WINDOWS
.
.
((((((((((((((((((((((((( Files Created from 2011-03-09 to 2011-04-09 )))))))))))))))))))))))))))))))
.
.
2011-04-09 04:41 . 2011-04-09 04:45 -------- dc----r- C:\32788R22FWJFW
2011-04-04 03:07 . 2011-04-04 03:07 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2011-04-03 18:48 . 2008-02-04 05:10 237776 ----a-w- c:\windows\system32\tpuninst.exe
2011-04-03 05:47 . 2011-04-03 17:33 -------- d-----w- c:\documents and settings\All Users\Application Data\OnlineArmor
2011-04-03 05:47 . 2011-04-03 05:47 -------- d-----w- c:\documents and settings\Glenda Pagan\Application Data\OnlineArmor
2011-04-03 05:46 . 2011-03-30 23:32 39048 ----a-w- c:\windows\system32\drivers\oahlp32.sys
2011-04-03 05:46 . 2011-03-30 23:32 29464 ----a-w- c:\windows\system32\drivers\OAnet.sys
2011-04-03 05:46 . 2011-03-30 23:32 25192 ----a-w- c:\windows\system32\drivers\OAmon.sys
2011-04-03 05:46 . 2011-03-30 23:32 205992 ----a-w- c:\windows\system32\drivers\OADriver.sys
2011-04-03 02:26 . 2011-04-03 02:26 -------- d-----w- c:\documents and settings\Glenda Pagan\Application Data\SUPERAntiSpyware.com
2011-04-03 01:14 . 2011-04-03 01:14 -------- d-----w- c:\documents and settings\Glenda Pagan\Application Data\ErrorExpert
2011-04-03 00:25 . 2011-04-03 00:25 -------- d-----w- c:\program files\Common Files\Adobe AIR
2011-04-01 21:57 . 2011-04-01 21:57 -------- d-----w- c:\program files\AMD APP
2011-03-21 23:56 . 2011-03-21 23:56 59904 ----a-w- c:\windows\system32\OVDecode.dll
2011-03-21 23:55 . 2011-03-21 23:55 12385792 ----a-w- c:\windows\system32\amdocl.dll
2011-03-13 18:40 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2011-03-13 18:36 . 2011-03-13 18:36 -------- d-----w- c:\program files\Common Files\Java
2011-03-13 18:31 . 2011-03-13 18:31 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2011-03-11 20:14 . 2011-02-23 14:56 371544 ----a-w- c:\windows\system32\drivers\aswSnx.sys
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-23 15:04 . 2010-10-15 23:28 40648 ----a-w- c:\windows\avastSS.scr
2011-02-23 15:04 . 2010-03-22 00:18 190016 ----a-w- c:\windows\system32\aswBoot.exe
2011-02-23 14:56 . 2010-03-22 00:19 301528 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-02-23 14:55 . 2010-03-22 00:19 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-02-23 14:55 . 2010-03-22 00:19 102232 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-02-23 14:55 . 2010-03-22 00:19 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-02-23 14:55 . 2010-03-22 00:19 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-02-23 14:54 . 2010-03-22 00:19 30680 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-02-23 14:54 . 2010-03-22 00:19 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-02-09 13:53 . 2002-12-19 15:32 270848 ------w- c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2002-12-19 15:32 186880 ------w- c:\windows\system32\encdec.dll
2011-02-03 01:40 . 2010-11-24 21:04 472808 -c--a-w- c:\windows\system32\deployJava1.dll
2011-02-02 23:19 . 2009-02-22 14:59 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-02-02 07:58 . 2002-12-19 15:32 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 11:57 . 2002-12-19 15:32 677888 ------w- c:\windows\system32\mstsc.exe
2011-01-21 14:44 . 2002-12-19 15:33 439296 ------w- c:\windows\system32\shimgvw.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-04-04_21.28.13 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-04-08 13:01 . 2011-04-08 13:01 16384 c:\windows\Temp\Perflib_Perfdata_7c4.dat
+ 2011-04-05 15:17 . 2004-11-05 20:35 13104 c:\windows\system32\ReinstallBackups\0018\DriverFiles\L8042Kbd.sys
+ 2011-04-05 15:17 . 2008-04-13 19:39 24576 c:\windows\system32\ReinstallBackups\0018\DriverFiles\i386\kbdclass.sys
+ 2011-04-05 15:17 . 2004-08-04 06:14 52736 c:\windows\system32\ReinstallBackups\0018\DriverFiles\i386\i8042prt.sys
- 2010-05-26 18:36 . 2004-08-04 06:14 52736 c:\windows\system32\ReinstallBackups\0018\DriverFiles\i386\i8042prt.sys
- 2001-08-17 13:47 . 2008-04-13 19:39 23040 c:\windows\system32\drivers\mouclass.sys
+ 2001-08-17 13:47 . 2004-08-04 05:58 23040 c:\windows\system32\drivers\mouclass.sys
+ 2001-08-17 13:47 . 2008-04-13 18:39 24576 c:\windows\system32\drivers\kbdclass.sys
- 2001-08-17 13:47 . 2008-04-13 19:39 24576 c:\windows\system32\drivers\kbdclass.sys
- 2001-08-17 13:47 . 2008-04-13 19:39 23040 c:\windows\system32\dllcache\mouclass.sys
+ 2001-08-17 13:47 . 2004-08-04 05:58 23040 c:\windows\system32\dllcache\mouclass.sys
- 2001-08-17 13:47 . 2008-04-13 19:39 24576 c:\windows\system32\dllcache\kbdclass.sys
+ 2001-08-17 13:47 . 2008-04-13 18:39 24576 c:\windows\system32\dllcache\kbdclass.sys
+ 2002-12-19 15:33 . 2008-04-14 00:12 7168 c:\windows\system32\dllcache\sensapi.dll
+ 2010-03-14 19:02 . 2011-04-08 20:26 2644 c:\windows\system32\d3d9caps.dat
- 2010-03-14 19:02 . 2011-04-03 05:36 2644 c:\windows\system32\d3d9caps.dat
+ 2002-04-24 18:30 . 2001-08-18 12:00 163328 c:\windows\system32\dllcache\oleacc.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-02-23 15:04 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LDM"="d:\desktop messenger\8876480\Program\BackWeb-8876480.exe" [2005-07-03 20480]
"ATI Launchpad"="c:\program files\ATI Multimedia\main\LaunchPd.exe" [2006-04-06 102400]
"ATI DeviceDetect"="c:\program files\ATI Multimedia\main\ATIDtct.EXE" [2006-04-06 57344]
"SUPERAntiSpyware"="D:\SUPERAntiSpyware.exe" [2011-03-16 2423752]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="NvQTwk" [X]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb07.exe" [2002-11-22 188416]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2004-12-02 37888]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-03-19 421888]
"ZTgServerSwitch"="c:\program files\support.com\client\bin\tgcmd.exe" [2002-04-04 1417216]
"Net-It Launcher"="c:\windows\System32\NILaunch.exe" [1998-02-05 24576]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-07-11 339968]
"AdaptecDirectCD"="c:\program files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe" [2003-11-08 684032]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-07-17 288080]
"ATICustomerCare"="c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-05-04 311296]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"HydraVisionDesktopManager"="c:\program files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe" [2003-09-16 270336]
"HydraVisionViewport"="c:\program files\ATI Technologies\ATI HYDRAVISION\HydraMD.exe" [2003-09-16 364544]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "D:\SASSEH.DLL" [2008-05-13 77824]
"{4F07DA45-8170-4859-9B5F-037EF2970034}"= "d:\online armor\oaevent.dll" [2011-03-30 354720]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 -c--a-w- D:\SASWINLO.DLL
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.exe.lnk]
backup=c:\windows\pss\Adobe Gamma Loader.exe.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Alarm Manager.LNK]
backup=c:\windows\pss\Alarm Manager.LNKCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^BTTray.lnk]
backup=c:\windows\pss\BTTray.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
backup=c:\windows\pss\Logitech SetPoint.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^MozyHome Status.lnk]
backup=c:\windows\pss\MozyHome Status.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^VAIO Action Setup (Server).lnk]
backup=c:\windows\pss\VAIO Action Setup (Server).lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Glenda Pagan^Start Menu^Programs^Startup^HotSync Manager.lnk]
backup=c:\windows\pss\HotSync Manager.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"Share-to-Web Namespace Daemon"=c:\program files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
"LTSMMSG"=LTSMMSG.exe
"HPHUPD04"="c:\program files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"d:\\Desktop Messenger\\8876480\\Program\\backWeb-8876480.exe"=
"c:\\Program Files\\support.com\\client\\bin\\tgcmd.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"d:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"d:\\ScottradeELITE\\Scottrader.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
"443:TCP"= 443:TCP:ScottradeElite
"443:UDP"= 443:UDP:ScottradeElite
"27895:TCP"= 27895:TCP:Gnutella
"27895:UDP"= 27895:UDP:Gnutella
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [3/11/2011 4:14 PM 371544]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [3/21/2010 8:19 PM 301528]
R1 OADevice;OADriver;c:\windows\system32\drivers\OADriver.sys [4/3/2011 1:46 AM 205992]
R1 oahlpXX;Online Armor helper driver;c:\windows\system32\drivers\oahlp32.sys [4/3/2011 1:46 AM 39048]
R1 OAmon;OAmon;c:\windows\system32\drivers\OAmon.sys [4/3/2011 1:46 AM 25192]
R1 OAnet;OAnet;c:\windows\system32\drivers\OAnet.sys [4/3/2011 1:46 AM 29464]
R1 SASDIFSV;SASDIFSV;D:\sasdifsv.sys [2/17/2010 2:25 PM 12872]
R1 SASKUTIL;SASKUTIL;D:\SASKUTIL.SYS [5/10/2010 2:41 PM 67656]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [3/21/2010 8:19 PM 19544]
R2 LogWatch;Event Log Watch;c:\windows\LogWatNT.exe [6/8/2000 2:15 PM 50176]
R2 mrtRate;mrtRate;c:\windows\system32\drivers\MrtRate.sys [4/25/2002 6:13 PM 34712]
R2 OAcat;Online Armor Helper Service;d:\online armor\oacat.exe [4/3/2011 1:46 AM 381512]
R2 portD;CMS PortIO Service;c:\windows\system32\drivers\portd2k.sys [7/24/2003 10:09 PM 9292]
R3 LHidPPKE;Logitech SetPoint HID Function Driver;c:\windows\system32\drivers\LHidPPKE.Sys [5/26/2010 2:36 PM 22497]
R3 SiS7012;Service for AC'97 Sample Driver (WDM);c:\windows\system32\drivers\sis7012.sys [4/24/2002 2:30 PM 267136]
S3 ICDUSB;Sony IC Recorder;c:\windows\system32\drivers\ICDUSB.sys [4/16/2003 2:55 PM 26409]
S3 LucentSoftModem;Lucent Technologies Soft Modem;c:\windows\system32\drivers\LTSM.sys [4/24/2002 2:31 PM 807917]
S3 SMBE;Sony MPEG2 Encoder Board (WDM);c:\windows\system32\drivers\Smbe.sys [4/24/2002 2:31 PM 594668]
S3 SvcOnlineArmor;Online Armor;d:\online armor\oasrv.exe [4/3/2011 1:46 AM 4325960]
S3 UltraMonMirror;UltraMonMirror;c:\windows\system32\DRIVERS\UltraMonMirror.sys --> c:\windows\system32\DRIVERS\UltraMonMirror.sys [?]
S4 CWShredder Service;CWShredder Service;c:\docume~1\GLENDA~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\89U3SLMN\cwshredder[1].exe service --> c:\docume~1\GLENDA~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\89U3SLMN\cwshredder[1].exe service [?]
.
Contents of the 'Scheduled Tasks' folder
.
2011-04-09 c:\windows\Tasks\User_Feed_Synchronization-{5B5D6917-909B-4733-9654-DF5E30BA0BE5}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 09:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.nytimes.com/
uInternet Settings,ProxyOverride = 127.0.0.1;localhost;*.local
IE: &Add animation to IncrediMail Style Box - c:\progra~1\INCRED~1\bin\resources\WebMenuImg.htm
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: Open Client to monitor &1 - c:\windows\web\AOpenClient.htm
IE: Open Client to monitor &4 - c:\windows\web\AOpenClient.htm
IE: Send To &Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} - hxxp://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-iTunesHelper - c:\program files\iTunes\iTunesHelper.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2011-04-09 01:01
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
"ImagePath"="c:\docume~1\GLENDA~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\89U3SLMN\cwshredder
[1].exe service"
.
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\CWShredder Service]
"ImagePath"="c:\docume~1\GLENDA~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\89U3SLMN\cwshredder
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(468)
D:\SASWINLO.DLL
c:\windows\system32\WININET.dll
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'Explorer.EXE'(2684)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
D:\SASSEH.DLL
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
c:\progra~1\WINZIP\WZSHLSTB.DLL
D:\SASCTXMN.DLL
c:\program files\Malwarebytes' Anti-Malware\mbamext.dll
c:\program files\ATI Multimedia\mlibrary\MLShell.dll
c:\program files\ATI Multimedia\atisserv.dll
c:\program files\ATI Multimedia\mlibrary\mlenu.rsc
c:\windows\system32\btncopy.dll
c:\windows\system32\jscript.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll
c:\windows\Microsoft.NET\Framework\v2.0.50727\Fusion.dll
c:\windows\System32\inetres.dll
c:\windows\system32\wmvcore.dll
c:\windows\system32\WMASF.DLL
.
Completion time: 2011-04-09 01:08:39
ComboFix-quarantined-files.txt 2011-04-09 05:08
ComboFix2.txt 2011-04-04 21:34
.
Pre-Run: 3,015,954,432 bytes free
Post-Run: 3,050,127,360 bytes free
.
- - End Of File - - 784B92D8EEB167CA42875F2D5502548A