ComboFix 10-04-07.04 - Admin 09.04.2010   1:21.1.1 - x86
Microsoft Windows XP Professional  5.1.2600.3.1251.7.1049.18.895.590 [GMT 3:00]
Running from: d:\ \ComboFix.exe
AV: ESET NOD32 Antivirus 3.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
 * Resident AV is active

.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
c:\windows\del.bat
c:\windows\system32\.scr
c:\windows\system32\ssField Lines.scr
c:\windows\system32\ssRibbons.scr
c:\windows\system32\SYSINTERNALS_BLUESCREEN.SCR
G:\AUTORUN.INF

----- BITS: Possible infected sites -----

hxxp://soft.export.yandex.ru
hxxp://download.yandex.ru
.
(((((((((((((((((((((((((   Files Created from 2010-03-08 to 2010-04-08  )))))))))))))))))))))))))))))))
.

2010-04-08 14:34 . 2010-04-08 14:34	11264	----a-w-	c:\windows\system32\drivers\uzi5ndyx.sys
2010-04-07 09:34 . 2010-04-07 09:34	--------	d-----w-	C:\QUANTBIZ
2010-04-07 09:33 . 2010-04-07 09:39	--------	d-----w-	C:\QUANTENG
2010-04-07 09:32 . 2010-04-07 09:32	--------	d-----w-	C:\QUANTTEX
2010-04-07 09:28 . 2010-04-07 09:28	--------	d-----w-	c:\program files\Common Files\Borland Shared
2010-04-06 10:00 . 2010-04-06 07:28	181440	----a-w-	c:\windows\system32\MSVCR71.dll
2010-04-05 19:04 . 2008-05-20 16:42	54272	-c--a-w-	c:\windows\system32\dllcache\vfwwdm32.dll
2010-04-05 19:04 . 2008-05-20 16:42	54272	----a-w-	c:\windows\system32\vfwwdm32.dll
2010-04-05 18:59 . 2007-11-02 08:07	6656	----a-w-	c:\windows\system32\CoInst_071029.dll
2010-04-05 18:59 . 2007-10-29 13:25	458112	----a-w-	c:\windows\system32\drivers\PAC7302.SYS
2010-04-05 18:59 . 2010-04-05 18:59	--------	d-----w-	c:\windows\Pixart
2010-04-05 18:59 . 2010-04-05 18:59	--------	d-----w-	c:\program files\KYE
2010-04-05 18:59 . 2006-11-20 06:01	163840	----a-w-	c:\windows\AMCap.exe
2010-04-05 18:46 . 2010-04-06 07:26	61440	----a-r-	c:\documents and settings\Admin\Application Data\Microsoft\Installer\{0049F6AE-4FE2-4C43-A039-60FCE98A1986}\ARPPRODUCTICON.exe
2010-04-05 18:23 . 2010-04-05 18:23	--------	d-----w-	c:\documents and settings\Admin\Local Settings\Application Data\Opera
2010-04-02 17:19 . 2010-04-02 17:19	--------	d-----w-	c:\program files\Common Files\ABBYY
2010-04-02 17:19 . 2010-04-02 17:19	--------	d-----w-	c:\documents and settings\All Users\Application Data\ABBYY
2010-04-02 17:17 . 2010-04-02 17:17	--------	d-----w-	c:\documents and settings\Admin\Local Settings\Application Data\ABBYY
2010-04-02 17:00 . 1997-06-30 22:45	250128	----a-w-	c:\windows\system32\MSEXCL35.DLL
2010-04-02 17:00 . 1997-06-22 21:06	287504	----a-w-	c:\windows\system32\MSXBSE35.DLL
2010-04-02 17:00 . 1997-06-22 21:06	252176	----a-w-	c:\windows\system32\MSRD2X35.DLL
2010-04-02 17:00 . 1997-06-22 21:06	250128	----a-w-	c:\windows\system32\MSPDOX35.DLL
2010-04-02 17:00 . 1997-06-22 21:06	166160	----a-w-	c:\windows\system32\MSLTUS35.DLL
2010-04-02 17:00 . 1997-06-22 21:06	165648	----a-w-	c:\windows\system32\MSTEXT35.DLL
2010-04-02 17:00 . 1997-07-21 04:30	1045776	----a-w-	c:\windows\system32\MSJET35.DLL
2010-04-02 17:00 . 1997-06-22 21:06	407312	----a-w-	c:\windows\system32\MSREPL35.DLL
2010-04-02 17:00 . 1997-06-22 21:06	24848	----a-w-	c:\windows\system32\MSJTER35.DLL
2010-04-02 17:00 . 1997-06-22 21:06	123664	----a-w-	c:\windows\system32\MSJINT35.DLL
2010-04-02 17:00 . 1996-11-07 23:48	368912	----a-w-	c:\windows\system32\VBAR332.DLL
2010-04-02 17:00 . 2010-04-02 17:29	--------	d-----w-	c:\program files\Random Password Generator-PRO
2010-04-02 16:03 . 2010-04-02 16:03	--------	d-----w-	c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2010-04-02 16:03 . 2010-04-02 16:03	--------	d-----w-	c:\program files\DAEMON Tools Toolbar
2010-04-02 16:03 . 2010-04-02 16:03	--------	d-----w-	c:\program files\DAEMON Tools Lite
2010-04-02 15:59 . 2010-04-02 16:05	--------	d-----w-	c:\documents and settings\Admin\Application Data\DAEMON Tools Lite
2010-04-02 15:11 . 2010-04-02 15:11	--------	d-----w-	c:\documents and settings\Admin\Application Data\PROject MT
2010-04-02 15:06 . 2010-04-03 17:25	--------	d-----w-	c:\program files\Passware
2010-03-26 16:36 . 2010-03-26 16:36	--------	d-----w-	c:\documents and settings\LocalService\Local Settings\Application Data\ESET
2010-03-26 12:47 . 2008-05-20 17:42	32384	-c--a-w-	c:\windows\system32\dllcache\usbccgp.sys
2010-03-26 12:47 . 2008-05-20 17:42	32384	----a-w-	c:\windows\system32\drivers\usbccgp.sys
2010-03-18 18:21 . 2010-03-18 18:21	--------	d-----w-	C:\infomartemp
2010-03-18 18:21 . 2010-03-18 18:21	--------	d-----w-	c:\program files\Infomar-Tech
2010-03-18 18:20 . 1999-03-23 06:12	299520	----a-w-	c:\windows\uninst.exe
2010-03-18 18:20 . 2010-03-18 18:20	--------	d-----w-	c:\documents and settings\Admin\WINDOWS
2010-03-18 14:31 . 2010-03-18 14:31	--------	d-----w-	c:\documents and settings\Admin\Local Settings\Application Data\Help
2010-03-18 05:56 . 2008-04-15 12:00	26624	----a-w-	c:\documents and settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2010-03-16 13:46 . 2010-03-16 13:46	--------	d-----w-	c:\documents and settings\Admin\Local Settings\Application Data\ESET
2010-03-16 13:44 . 2010-03-16 13:44	--------	d-----w-	c:\documents and settings\Admin\Application Data\Trident Software
2010-03-16 13:44 . 2010-03-16 13:44	--------	d-----w-	c:\program files\Trident Software
2010-03-16 12:14 . 2003-09-01 09:00	1021232	----a-w-	c:\documents and settings\All Users\Application Data\PRMT\8.0\PROTECT\tv_enua.exe
2010-03-16 11:58 . 2010-03-16 11:58	--------	d-----w-	c:\documents and settings\Admin\Application Data\PRMT
2010-03-16 11:47 . 2010-04-02 16:21	--------	d-----w-	c:\windows\speech
2010-03-16 11:46 . 2010-03-16 11:46	--------	d-----w-	c:\documents and settings\Admin\Local Settings\Application Data\ApplicationHistory
2010-03-16 11:46 . 2010-03-16 11:46	128	----a-w-	c:\documents and settings\Admin\Local Settings\Application Data\fusioncache.dat
2010-03-16 11:45 . 2010-04-02 16:26	--------	d-----w-	c:\program files\PRMT8
2010-03-16 11:45 . 2010-04-02 16:22	--------	d-----w-	c:\windows\Lhsp
2010-03-16 11:45 . 2010-03-16 11:45	--------	d-----w-	c:\documents and settings\All Users\Application Data\PRMT
2010-03-16 11:40 . 2010-03-16 11:40	--------	d-----w-	c:\program files\MSBuild
2010-03-16 11:39 . 2010-03-16 11:39	151024	----a-w-	c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2010-03-16 11:36 . 2010-03-16 11:36	--------	d-----w-	c:\windows\system32\XPSViewer
2010-03-16 11:35 . 2010-03-16 11:35	--------	d-----w-	c:\program files\Reference Assemblies
2010-03-16 11:35 . 2006-10-14 13:43	27648	----a-w-	c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-03-16 11:35 . 2006-06-29 10:07	22752	----a-w-	c:\windows\system32\spupdsvc.exe
2010-03-16 11:35 . 2006-06-29 10:07	14048	------w-	c:\windows\system32\spmsg2.dll
2010-03-15 11:04 . 2010-03-15 11:46	214412080	----a-w-	c:\documents and settings\Admin\Application Data\Opera\Opera\PROMT8_Professional_Rus_ERE.exe
2010-03-13 17:34 . 2010-03-13 17:34	--------	d-----w-	c:\documents and settings\Admin\Application Data\Media Player Classic
2010-03-13 17:04 . 2010-03-13 17:04	--------	d-----w-	c:\program files\ESET
2010-03-13 17:04 . 2010-03-13 17:04	--------	d-----w-	c:\documents and settings\All Users\Application Data\ESET
2010-03-13 17:03 . 2010-03-13 17:03	--------	d-----w-	c:\documents and settings\Admin\Local Settings\Application Data\Yandex
2010-03-13 17:03 . 2010-03-13 17:03	--------	d-----w-	c:\documents and settings\All Users\Application Data\Yandex
2010-03-13 17:03 . 2010-03-13 17:03	--------	d-----w-	c:\documents and settings\Admin\Application Data\Yandex
2010-03-13 17:03 . 2010-03-13 17:03	--------	d-----w-	c:\program files\Yandex
2010-03-13 17:03 . 2010-03-13 17:03	--------	d-----w-	c:\documents and settings\Admin\Local Settings\Application Data\Google
2010-03-13 17:00 . 2010-03-13 17:00	--------	d-----w-	c:\program files\uTorrent
2010-03-13 17:00 . 2010-04-08 14:43	--------	d-----w-	c:\documents and settings\Admin\Application Data\skypePM
2010-03-13 17:00 . 2010-03-13 17:00	56	---ha-w-	c:\windows\system32\ezsidmv.dat
2010-03-13 17:00 . 2010-03-13 17:00	--------	d-----w-	c:\program files\Common Files\Skype
2010-03-13 17:00 . 2010-03-13 17:00	--------	d-----w-	c:\documents and settings\All Users\Application Data\Skype
2010-03-13 16:56 . 2010-03-13 16:56	--------	d-----w-	c:\documents and settings\Admin\Application Data\InstallShield
2010-03-13 16:56 . 2010-03-13 16:56	--------	d-----w-	c:\documents and settings\All Users\Application Data\Panda Security
2010-03-13 16:56 . 2010-04-08 14:42	--------	d-----w-	c:\program files\Panda USB Vaccine
2010-03-13 16:56 . 2010-03-13 16:56	--------	d-----w-	c:\documents and settings\Admin\Application Data\TeamViewer
2010-03-13 16:56 . 2010-03-13 16:56	--------	d-----w-	c:\program files\TeamViewer
2010-03-13 16:54 . 2010-04-08 22:11	--------	d-----w-	c:\documents and settings\Admin\Application Data\uTorrent
2010-03-13 16:10 . 2010-03-13 16:10	--------	d-----w-	c:\documents and settings\Admin\Application Data\vlc
2010-03-13 16:08 . 2010-04-08 22:11	--------	d-----w-	c:\documents and settings\Admin\Application Data\Skype
2010-03-13 15:53 . 2005-07-12 11:00	51328	----a-r-	c:\windows\system32\drivers\rimsptsk.sys
2010-03-13 15:53 . 2004-09-03 04:00	90112	----a-r-	c:\windows\system32\snymsico.dll
2010-03-13 15:51 . 2000-03-03 03:16	7424	----a-r-	c:\windows\system32\drivers\MMIOPORT.SYS
2010-03-13 15:46 . 2008-06-13 03:39	223616	----a-r-	c:\windows\system32\drivers\RTL8187B.sys
2010-03-13 15:45 . 2008-05-20 16:42	26368	-c--a-w-	c:\windows\system32\dllcache\usbstor.sys

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-07 08:31 . 2008-12-11 16:49	--------	d-----w-	c:\program files\Opera
2010-04-05 18:59 . 2008-12-11 16:48	--------	d--h--w-	c:\program files\InstallShield Installation Information
2010-04-02 15:59 . 2008-12-11 16:39	721904	----a-w-	c:\windows\system32\drivers\sptd.sys
2010-03-28 21:18 . 2008-04-15 12:00	84858	----a-w-	c:\windows\system32\perfc019.dat
2010-03-28 21:18 . 2008-04-15 12:00	485480	----a-w-	c:\windows\system32\perfh019.dat
2010-03-15 11:36 . 2008-12-11 16:32	86327	----a-w-	c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-03-13 17:00 . 2008-12-11 16:49	--------	d-----r-	c:\program files\Skype
.

------- Sigcheck -------

[-] 2008-05-20 . 030DC4D48CC2B894FEE2F390D8E66AD5 . 361344 . . [5.1.2600.5512] . . c:\windows\system32\drivers\tcpip.sys

[-] 2008-05-20 . 5F38B1B965527C6F5C30DEDAB0AB0550 . 80216 . . [7.0.6000.381] . . c:\windows\system32\wuauclt.exe

[-] 2008-05-20 . 23B7D3F3F5EC8FEEA75EC381C71CBD5E . 579072 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll

[-] 2008-05-20 . 7A737E1453D01FF94801272F13497362 . 952320 . . [7.00.6000.20772] . . c:\windows\system32\wininet.dll

[-] 2008-05-20 . DC5D73A9809B66026231A9D49DE6987F . 1721344 . . [6.00.2900.5512] . . c:\windows\explorer.exe

[-] 2008-05-20 . 46D60730EE2DF438750B38370425BC74 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll

[-] 2008-05-20 . AE0DB25EE10900C73D923AD5880564CF . 30208 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{1208AB5D-4748-49fe-A74A-484AE2FA5D34}"= "c:\program files\Yandex\YandexBarIE\bars\barietorrent\yndbar.dll" [2010-02-05 8887624]

[HKEY_CLASSES_ROOT\clsid\{1208ab5d-4748-49fe-a74a-484ae2fa5d34}]
[HKEY_CLASSES_ROOT\YandexTorrent.Toolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{50EBFBE3-CEAE-4567-884E-C58C12E91F4C}]
[HKEY_CLASSES_ROOT\YandexTorrent.Toolbar]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{1208AB5D-4748-49fe-A74A-484AE2FA5D34}"= "c:\program files\Yandex\YandexBarIE\bars\barietorrent\yndbar.dll" [2010-02-05 8887624]

[HKEY_CLASSES_ROOT\clsid\{1208ab5d-4748-49fe-a74a-484ae2fa5d34}]
[HKEY_CLASSES_ROOT\YandexTorrent.Toolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{50EBFBE3-CEAE-4567-884E-C58C12E91F4C}]
[HKEY_CLASSES_ROOT\YandexTorrent.Toolbar]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VistaIcon"="c:\program files\VistaDriveIcon\VistaDrv.exe" [2008-01-02 132096]
"LClock"="c:\program files\LClock\LClock.exe" [2007-12-14 86016]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-03-09 26100520]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-03-13 319792]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HControl"="c:\windows\ATK0100\HControl.exe" [2006-10-14 110592]
"RTHDCPL"="RTHDCPL.EXE" [2008-04-10 16861184]
"AmlMaple"="c:\program files\AmlMaple\AmlMaple.exe" [2008-04-24 91648]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2006-01-12 155648]
"SMSERIAL"="sm56hlpr.exe" [2006-01-20 544768]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-03-13 1443072]
"Pragma"="c:\progra~1\TRIDEN~1\Pragma\pragma.exe" [2005-08-15 204800]
"Lingvo Launcher"="d:\program files\ABBYY Lingvo x3\LvAgent.exe" [2009-05-12 1774856]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-05-20 30208]
"VistaIcon"="c:\program files\VistaDriveIcon\VistaDrv.exe" [2008-01-02 132096]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IE7_011"="shell32" [X]
"ZZZZ2_FirstLogonSetting"="advpack.dll" [2008-05-20 124928]
"IE7_012"="advpack.dll" [2008-05-20 124928]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMConfigurePrograms"= 1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMConfigurePrograms"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
"UpdatesOverride"=dword:00000001
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Opera\\Opera.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [13.03.2008 16:52 33800]
R1 uzi5ndyx;AVZ-RK Kernel Driver;c:\windows\system32\drivers\uzi5ndyx.sys [08.04.2010 17:34 11264]
R2 ABBYY.Licensing.Lingvo.Desktop.14.0;  ABBYY Lingvo x3;c:\program files\Common Files\ABBYY\Lingvo\14.0\Licensing\NetworkLicenseServer.exe [17.04.2009 12:18 816416]
R2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [13.03.2008 16:49 472320]
R2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [11.02.2010 14:42 172328]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187B.sys [13.03.2010 18:46 223616]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [11.12.2008 19:39 721904]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\drivers\teamviewervpn.sys [09.11.2009 20:12 25088]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - SRSERVICE
.
Contents of the 'Scheduled Tasks' folder

2010-04-08 c:\windows\Tasks\PandaUSBVaccine.job
- c:\program files\Panda USB Vaccine\RunInteractiveWin.exe [2010-03-13 13:45]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yandex.ru/?clid=142336
uInternet Connection Wizard,ShellNext = hxxp://ui.skype.com/ui/0/3.8.0.115/ru/passwordreminder/sashag.g
IE: &  Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Online- - c:\program files\PRMT8\PRMTIE\oda.htm
IE:     - c:\program files\PRMT8\PRMTIE\aot.htm
IE:     Download Master - c:\program files\Download Master\dmieall.htm
IE:    Download Master - c:\program files\Download Master\dmie.htm
IE:    - c:\program files\PRMT8\PRMTIE\options.htm
IE:   - c:\program files\PRMT8\PRMTIE\infopanel.htm
IE:    - c:\program files\PRMT8\PRMTIE\addentry.htm
IE:  - c:\program files\PRMT8\PRMTIE\translat.htm
IE:    ABBYY Lingvo x&3 - d:\program files\ABBYY Lingvo x3\Lingvo.exe/3000
IE:   - c:\program files\PRMT8\PRMTIE\page.htm
IE:    - c:\program files\PRMT8\PRMTIE\search.htm
IE: {{4034D172-4C52-49de-A6A1-E75F8F591FEC} - c:\program files\PRMT8\PRMTIE\options.htm
IE: {{A2DA13D5-AC77-43b7-963B-40445EBCB8E0} - c:\program files\PRMT8\PRMTIE\prmtie5.htm
.
- - - - ORPHANS REMOVED - - - -

AddRemove-DAEMON Tools Toolbar - c:\program files\DAEMON Tools Toolbar\uninst.exe
AddRemove-HijackThis - c:\documents and settings\Admin\ \HijackThis.exe
AddRemove-VLC - c:\program files\VLC\Uninstall.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-09 01:26
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...  

scanning hidden autostart entries ... 

scanning hidden files ...  

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(872)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\cscui.dll

- - - - - - - > 'lsass.exe'(928)
c:\windows\system32\SETUPAPI.dll
.
Completion time: 2010-04-09  01:27:34
ComboFix-quarantined-files.txt  2010-04-08 22:27

Pre-Run: 5039710208  
Post-Run: 5641007104  

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional RU" /execute /fastdetect

- - End Of File - - A234BACCAEC70874629AAFC694537D54
