Hope you can help me with this problem.A friend of mine tried to formatted my netbook,which was known already as having malware.
this is the log of DDS
DDS (Ver_09-06-26.01) - NTFSx86
Run by Joao at 13:50:37,40 on 19-03-2011
Internet Explorer: 8.0.6001.19019
Microsoft® Windows Vista™ Ultimate 6.0.6001.1.1252.351.1033.18.1014.139 [GMT 0:00]
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
============== Running Processes ===============
C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\Program Files\AVG\AVG10\avgemcx.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\conime.exe
C:\Windows\system32\wgaer_m.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\PROGRA~1\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\mcbuilder.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\Joao\Downloads\dds.scr
============== Pseudo HJT Report ===============
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
StartupFolder: c:\users\joao\appdata\roaming\micros~1\windows\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll
Notify: igfxcui - igfxdev.dll
================= FIREFOX ===================
FF - ProfilePath - c:\users\joao\appdata\roaming\mozilla\firefox\profiles\el0zyx9t.default\
FF - prefs.js: network.proxy.type - 0
FF - component: c:\program files\avg\avg10\firefox\components\avgssff.dll
---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.il", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgba3a4f16a", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgba3a4fra", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--wgbl6a", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", "-1");
c:\program files\mozilla firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\mozilla firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35"); // now unused
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.delay", 50);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
============= SERVICES / DRIVERS ===============
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2010-9-13 25680]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 26064]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-12-8 251728]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-11-12 299984]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2010-8-3 123472]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2010-8-3 30288]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2010-8-3 27216]
=============== Created Last 30 ================
2011-03-19 13:33 <DIR> --d----- c:\program files\Trend Micro
2011-03-17 13:32 4,152,184 a------- c:\windows\system32\wgaer_m.exe
2011-03-17 13:32 1,303 a------- c:\windows\system32\WGAScanner.xml
2011-03-17 08:43 <DIR> --d----- c:\windows\Panther
2011-03-17 08:43 8,192 a--s-r-- C:\BOOTSECT.BAK
2011-03-17 08:43 333,203 a--shr-- C:\bootmgr
2011-03-17 08:43 <DIR> --d----- C:\Boot
2011-03-17 08:19 80,896 a------- c:\windows\system32\MSNP.ax
2011-03-17 08:19 293,376 a------- c:\windows\system32\psisdecd.dll
2011-03-17 08:19 217,088 a------- c:\windows\system32\psisrndr.ax
2011-03-17 07:37 <DIR> --d----- c:\users\joao\appdata\roaming\AVG10
2011-03-17 04:40 293,376 a------- c:\windows\system32\browserchoice.exe
2011-03-17 04:05 105,016 a------- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2011-03-17 04:05 97,800 a------- c:\windows\system32\infocardapi.dll
2011-03-17 04:05 622,080 a------- c:\windows\system32\icardagt.exe
2011-03-17 04:05 43,544 a------- c:\windows\system32\PresentationHostProxy.dll
2011-03-17 04:05 37,384 a------- c:\windows\system32\infocardcpl.cpl
2011-03-17 04:05 11,264 a------- c:\windows\system32\icardres.dll
2011-03-17 04:05 781,344 a------- c:\windows\system32\PresentationNative_v0300.dll
2011-03-17 04:05 326,160 a------- c:\windows\system32\PresentationHost.exe
2011-03-17 03:53 96,760 a------- c:\windows\system32\dfshim.dll
2011-03-17 03:53 282,112 a------- c:\windows\system32\mscoree.dll
2011-03-17 03:53 41,984 a------- c:\windows\system32\netfxperf.dll
2011-03-17 03:53 158,720 a------- c:\windows\system32\mscorier.dll
2011-03-17 03:53 83,968 a------- c:\windows\system32\mscories.dll
2011-03-17 03:47 24,064 a------- c:\windows\system32\nshhttp.dll
2011-03-17 03:47 411,136 a------- c:\windows\system32\drivers\http.sys
2011-03-17 03:47 31,232 a------- c:\windows\system32\httpapi.dll
2011-03-17 03:46 231,936 a------- c:\windows\system32\msshsq.dll
2011-03-17 03:42 2,048 a------- c:\windows\system32\winrsmgr.dll
2011-03-17 03:37 409,600 a------- c:\windows\system32\odbc32.dll
2011-03-17 03:37 2,927,104 a------- c:\windows\explorer.exe
2011-03-17 03:37 213,504 a------- c:\windows\system32\msv1_0.dll
2011-03-17 03:37 1,399,296 a------- c:\windows\system32\msxml6.dll
2011-03-17 03:36 104,960 a------- c:\windows\system32\netiohlp.dll
2011-03-17 03:36 27,136 a------- c:\windows\system32\NETSTAT.EXE
2011-03-17 03:36 19,968 a------- c:\windows\system32\ARP.EXE
2011-03-17 03:36 17,920 a------- c:\windows\system32\ROUTE.EXE
2011-03-17 03:36 17,920 a------- c:\windows\system32\netevent.dll
2011-03-17 03:36 11,264 a------- c:\windows\system32\MRINFO.EXE
2011-03-17 03:36 10,240 a------- c:\windows\system32\finger.exe
2011-03-17 03:36 9,728 a------- c:\windows\system32\TCPSVCS.EXE
2011-03-17 03:36 8,704 a------- c:\windows\system32\HOSTNAME.EXE
2011-03-17 03:36 2,868,224 a------- c:\windows\system32\mf.dll
2011-03-17 03:34 2,038,784 a------- c:\windows\system32\win32k.sys
2011-03-17 03:34 241,152 a------- c:\windows\system32\PortableDeviceApi.dll
2011-03-17 03:34 376,832 a------- c:\windows\system32\winhttp.dll
2011-03-17 03:34 81,920 a------- c:\windows\system32\iccvid.dll
2011-03-17 03:34 274,432 a------- c:\windows\system32\schannel.dll
2011-03-17 03:34 126,464 a------- c:\windows\system32\spoolsv.exe
2011-03-17 03:34 296,960 a------- c:\windows\system32\gdi32.dll
2011-03-17 03:34 67,072 a------- c:\windows\system32\asycfilt.dll
2011-03-17 03:34 738,304 a------- c:\windows\system32\inetcomm.dll
2011-03-17 03:34 562,176 a------- c:\windows\system32\msdtcprx.dll
2011-03-17 03:34 38,912 a------- c:\windows\system32\xolehlp.dll
2011-03-17 03:33 71,680 a------- c:\windows\system32\atl.dll
2011-03-17 03:33 160,256 a------- c:\windows\system32\wkssvc.dll
2011-03-17 03:32 28,672 a------- c:\windows\system32\Apphlpdm.dll
2011-03-17 03:32 4,240,384 a------- c:\windows\system32\GameUXLegacyGDFs.dll
2011-03-17 03:32 499,712 a------- c:\windows\system32\kerberos.dll
2011-03-17 03:32 175,104 a------- c:\windows\system32\wdigest.dll
2011-03-17 03:32 1,256,448 a------- c:\windows\system32\lsasrv.dll
2011-03-17 03:32 439,896 a------- c:\windows\system32\drivers\ksecdd.sys
2011-03-17 03:32 72,704 a------- c:\windows\system32\secur32.dll
2011-03-17 03:32 9,728 a------- c:\windows\system32\lsass.exe
2011-03-17 03:31 636,928 a------- c:\windows\system32\localspl.dll
2011-03-17 03:31 2,048 a------- c:\windows\system32\tzres.dll
2011-03-17 03:31 36,352 a------- c:\windows\system32\rtutils.dll
2011-03-17 03:29 329,216 a------- c:\windows\system32\msdrm.dll
2011-03-17 03:29 151,040 a------- c:\windows\system32\secproc_ssp_isv.dll
2011-03-17 03:29 151,040 a------- c:\windows\system32\secproc_ssp.dll
2011-03-17 03:21 898,952 a------- c:\windows\system32\drivers\tcpip.sys
2011-03-17 03:18 996,352 a------- c:\windows\system32\WMNetMgr.dll
2011-03-17 03:18 94,720 a------- c:\windows\system32\logagent.exe
2011-03-17 03:18 313,344 a------- c:\windows\system32\wmpdxm.dll
2011-03-17 03:18 43,520 a------- c:\windows\system32\msdxm.tlb
2011-03-17 03:18 18,432 a------- c:\windows\system32\amcompat.tlb
2011-03-17 03:18 13,824 a------- c:\windows\system32\apilogen.dll
2011-03-17 03:16 351,232 a------- c:\windows\system32\WSDApi.dll
2011-03-17 03:09 <DIR> --d-h--- c:\programdata\Common Files
2011-03-17 03:09 <DIR> --d-h--- c:\progra~2\Common Files
2011-03-17 03:05 <DIR> --d----- c:\windows\system32\drivers\AVG
2011-03-17 03:05 <DIR> --d----- c:\programdata\AVG10
2011-03-17 03:05 <DIR> --d----- c:\progra~2\AVG10
2011-03-17 03:03 <DIR> --d----- c:\program files\AVG
2011-03-17 03:02 31,744 a------- c:\windows\system32\msvidc32.dll
2011-03-17 03:02 50,176 a------- c:\windows\system32\iyuv_32.dll
2011-03-17 03:02 22,528 a------- c:\windows\system32\msyuv.dll
2011-03-17 03:02 13,312 a------- c:\windows\system32\msrle32.dll
2011-03-17 03:02 11,776 a------- c:\windows\system32\tsbyuv.dll
2011-03-17 03:02 123,904 a------- c:\windows\system32\msvfw32.dll
2011-03-17 03:02 91,136 a------- c:\windows\system32\avifil32.dll
2011-03-17 03:02 82,944 a------- c:\windows\system32\mciavi32.dll
2011-03-17 03:02 65,024 a------- c:\windows\system32\avicap32.dll
2011-03-17 02:11 310,784 a------- c:\windows\system32\unregmp2.exe
2011-03-17 02:11 7,680 a------- c:\windows\system32\spwmp.dll
2011-03-17 02:11 4,096 a------- c:\windows\system32\msdxm.ocx
2011-03-17 02:11 4,096 a------- c:\windows\system32\dxmasf.dll
2011-03-17 02:09 604,672 a------- c:\windows\system32\WMSPDMOD.DLL
2011-03-17 02:06 <DIR> --d----- c:\programdata\MFAData
2011-03-17 02:06 <DIR> --d----- c:\progra~2\MFAData
2011-03-17 01:56 <DIR> --dsh--- C:\$RECYCLE.BIN
2011-03-17 01:39 256,512 a------- c:\windows\PEV.exe
2011-03-17 01:39 161,792 a------- c:\windows\SWREG.exe
2011-03-17 01:39 98,816 a------- c:\windows\sed.exe
2011-03-17 01:39 89,088 a------- c:\windows\MBR.exe
2011-03-17 01:33 171,520 a------- c:\windows\system32\wintrust.dll
2011-03-17 01:33 98,304 a------- c:\windows\system32\cabview.dll
2011-03-17 01:17 2,421,760 a------- c:\windows\system32\wucltux.dll
2011-03-17 01:16 87,552 a------- c:\windows\system32\wudriver.dll
2011-03-17 01:16 171,608 a------- c:\windows\system32\wuwebv.dll
2011-03-17 01:16 33,792 a------- c:\windows\system32\wuapp.exe
2011-03-17 01:07 156,771 a------- c:\windows\system32\netathr.inf
2011-03-17 01:07 49,217 a------- c:\windows\system32\athrext.cat
2011-03-17 01:07 1,183,744 a------- c:\windows\system32\drivers\athr.sys
2011-03-17 01:07 1,183,744 a------- c:\windows\system32\athr.sys
2011-03-17 01:07 397,312 a------- c:\windows\system32\athihvs.dll
2011-03-17 01:07 61,440 a------- c:\windows\system32\athihvui.dll
2011-03-17 01:07 <DIR> --d----- c:\windows\system32\nn-NO
2011-03-17 01:07 <DIR> --d----- c:\program files\Atheros
2011-03-17 01:07 <DIR> --d----- c:\program files\Cisco
2011-03-17 01:06 <DIR> --dsh--- c:\windows\Installer
2011-03-17 01:06 <DIR> --d----- c:\programdata\Atheros
2011-03-17 01:06 <DIR> --d----- c:\progra~2\Atheros
2011-03-17 01:05 14,592 a------- c:\windows\system32\results.xml
2011-03-17 01:02 1,002,008 a------- c:\windows\system32\igxpun.exe
2011-03-17 01:02 319,456 a------- c:\windows\system32\difxapi.dll
2011-03-17 01:02 <DIR> --d----- c:\windows\system32\Lang
2011-03-17 01:02 <DIR> --d----- C:\Intel
2011-03-17 00:56 <DIR> --d----- c:\users\Joao
2011-03-17 00:50 0 a---h--- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
==================== Find3M ====================
2011-03-17 01:08 51,200 a------- c:\windows\inf\infpub.dat
2011-03-17 01:08 86,016 a------- c:\windows\inf\infstrng.dat
2011-03-17 01:08 86,016 a------- c:\windows\inf\infstor.dat
2011-01-08 07:50 34,304 a------- c:\windows\system32\atmlib.dll
2011-01-08 05:57 292,352 a------- c:\windows\system32\atmfd.dll
2010-12-29 17:41 323,072 a------- c:\windows\system32\sbe.dll
2010-12-29 17:41 153,088 a------- c:\windows\system32\sbeio.dll
2010-12-29 17:41 429,056 a------- c:\windows\system32\EncDec.dll
2008-06-12 00:03 665,600 a------- c:\windows\inf\drvindex.dat
2008-01-21 02:41 174 a--sh--- c:\program files\desktop.ini
2006-11-02 12:40 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 12:40 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 12:40 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 12:40 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 09:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
2008-04-09 23:35 8,192 a--sh--- c:\windows\users\default\NTUSER.DAT
============= FINISH: 13:57:05,99 ===============