Inactive [InActive] Probably USB Infection (HJT Log is in here)

m3ow · 2008/12/22

I refer to my previous post "Is this page contain virus" post, noahdfear (dave) says that my flash drive infected and it may cause my desktop too, this is my HJT log
NOTE: i already run the file Flash Disinfector

info.txt logfile of random's system information tool 1.05 2008-12-23 03:14:34

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0
ATI Catalyst Registration-->MsiExec.exe /X{72736F5F-520D-472A-88CC-7B02872FD34E}
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_classISPLAY -clean
AVG Free 8.0-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
BitComet 1.07-->E:\Program Files\BitComet\uninst.exe
Call of Duty 4 - Modern Warfare-->MsiExec.exe /I{B904FB0B-86BE-4EB8-B64B-0F3DB58B506A}
Catalyst Control Center - Branding-->MsiExec.exe /I{D3B1C799-CB73-42DE-BA0F-2344793A095C}
Dell Resource CD-->MsiExec.exe /X{FCD9CD52-7222-4672-94A0-A722BA702FD0}
High Definition Audio Driver Package - KB835221-->C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
HijackThis 2.0.2--> "C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=" "
Hotfix for Windows Media Format 11 SDK (KB929399)--> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe "
Hotfix for Windows Media Player 11 (KB939683)--> "C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe "
Hotfix for Windows XP (KB915800-v4)--> "C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe "
Hotfix for Windows XP (KB952287)--> "C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe "
Intel(R) Graphics Media Accelerator Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_2776 PCI\VEN_8086&DEV_2772
Intel(R) PRO Network Connections Drivers-->Prounstl.exe
Kane and Lynch: Dead Men-->MsiExec.exe /X{A66C4716-7E10-4A53-8101-00C3C11D6A9C}
Microsoft .NET Framework 1.1 Hotfix (KB928366)--> "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp "
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Compression Client Pack 1.0 for Windows XP--> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe "
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{D1B01DC9-CBAF-45F9-A387-7D00C11B630E}
Microsoft Internationalized Domain Names Mitigation APIs--> "C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe "
Microsoft National Language Support Downlevel APIs--> "C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe "
Microsoft User-Mode Driver Framework Feature Pack 1.0--> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe "
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
MSXML 6.0 Parser (KB925673)-->MsiExec.exe /I{FE9126DB-5F84-495A-BB46-3C724F1C2D08}
OpenAL--> "C:\Program Files\OpenAL\oalinst.exe" /U
Security Update for Windows Internet Explorer 7 (KB938127-v2)--> "C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 7 (KB956390)--> "C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 7 (KB958215)--> "C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 7 (KB960714)--> "C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe "
Security Update for Windows Media Player (KB952069)--> "C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe "
Security Update for Windows Media Player 11 (KB936782)--> "C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe "
Security Update for Windows Media Player 11 (KB954154)--> "C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe "
Security Update for Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Security Update for Windows XP (KB938464)--> "C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe "
Security Update for Windows XP (KB941569)--> "C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe "
Security Update for Windows XP (KB946648)--> "C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe "
Security Update for Windows XP (KB950762)--> "C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe "
Security Update for Windows XP (KB950974)--> "C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951066)--> "C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951376-v2)--> "C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951698)--> "C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe "
Security Update for Windows XP (KB952954)--> "C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe "
Security Update for Windows XP (KB954211)--> "C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe "
Security Update for Windows XP (KB954459)--> "C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe "
Security Update for Windows XP (KB954600)--> "C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe "
Security Update for Windows XP (KB955069)--> "C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe "
Security Update for Windows XP (KB956391)--> "C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe "
Security Update for Windows XP (KB956802)--> "C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe "
Security Update for Windows XP (KB956803)--> "C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe "
Security Update for Windows XP (KB956841)--> "C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe "
Security Update for Windows XP (KB957095)--> "C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe "
Security Update for Windows XP (KB957097)--> "C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe "
Security Update for Windows XP (KB958644)--> "C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe "
SigmaTel Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}\setup.exe" -l0x9 -remove -removeonly
Update for Windows XP (KB898461)--> "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe "
Update for Windows XP (KB951978)--> "C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe "
Update for Windows XP (KB955839)--> "C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe "
VC 9.0 Runtime-->MsiExec.exe /I{A040AC77-C1AA-4CC9-8931-9F648AF178F6}
Windows Internet Explorer 7--> "C:\WINDOWS\ie7\spuninst\spuninst.exe "
Windows Media Format 11 runtime--> "C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime--> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe "
Windows Media Player 11--> "C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11--> "C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe "
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Search 4.0--> "C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe "
Windows XP Service Pack 3--> "C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe "
ZoneAlarm Spy Blocker-->rundll32 C:\PROGRA~1\ZONEAL~1\bar\1.bin\SpyBlock.dll,O
ZoneAlarm-->C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe

======Security center information======

AV: AVG Anti-Virus Free
FW: ZoneAlarm Firewall (disabled)

System event log

Computer Name: M3OW-PC
Event Code: 4377
Message: Windows XP Hotfix KB912812 was installed.

Record Number: 5
Source Name: NtServicePack
Time Written: 20081221135636.000000+480
Event Type: information
User: NT AUTHORITY\SYSTEM

Computer Name: M3OW-PC
Event Code: 15007
Message: Reservation for namespace identified by URL prefix http://*:2869/ was successfully added.

Record Number: 4
Source Name: HTTP
Time Written: 20081221135514.000000+480
Event Type: information
User:

Computer Name: M3OW-PC
Event Code: 6011
Message: The NetBIOS name and DNS host name of this machine have been changed from MACHINENAME to M3OW-PC.

Record Number: 3
Source Name: EventLog
Time Written: 20081221135142.000000+480
Event Type: information
User:

Computer Name: MACHINENAME
Event Code: 6005
Message: The Event log service was started.

Record Number: 2
Source Name: EventLog
Time Written: 20081221214744.000000+480
Event Type: information
User:

Computer Name: MACHINENAME
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 2 Multiprocessor Free.

Record Number: 1
Source Name: EventLog
Time Written: 20081221214744.000000+480
Event Type: information
User:

Application event log

Computer Name: M3OW-PC
Event Code: 1000
Message: Performance counters for the ContentIndex (ContentIndex) service were loaded successfully.
The Record Data contains the new index values assigned
to this service.

Record Number: 5
Source Name: LoadPerf
Time Written: 20081221135318.000000+480
Event Type: information
User:

Computer Name: M3OW-PC
Event Code: 1000
Message: Performance counters for the TermService (Terminal Services) service were loaded successfully.
The Record Data contains the new index values assigned
to this service.

Record Number: 4
Source Name: LoadPerf
Time Written: 20081221135316.000000+480
Event Type: information
User:

Computer Name: M3OW-PC
Event Code: 1000
Message: Performance counters for the RemoteAccess (Routing and Remote Access) service were loaded successfully.
The Record Data contains the new index values assigned
to this service.

Record Number: 3
Source Name: LoadPerf
Time Written: 20081221135213.000000+480
Event Type: information
User:

Computer Name: M3OW-PC
Event Code: 1000
Message: Performance counters for the PSched (PSched) service were loaded successfully.
The Record Data contains the new index values assigned
to this service.

Record Number: 2
Source Name: LoadPerf
Time Written: 20081221135151.000000+480
Event Type: information
User:

Computer Name: M3OW-PC
Event Code: 1000
Message: Performance counters for the RSVP (QoS RSVP) service were loaded successfully.
The Record Data contains the new index values assigned
to this service.

Record Number: 1
Source Name: LoadPerf
Time Written: 20081221135150.000000+480
Event Type: information
User:

======Environment variables======

"ComSpec "=%SystemRoot%\system32\cmd.exe
"Path "=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static
"windir "=%SystemRoot%
"FP_NO_HOST_CHECK "=NO
"OS "=Windows_NT
"PROCESSOR_ARCHITECTURE "=x86
"PROCESSOR_LEVEL "=15
"PROCESSOR_IDENTIFIER "=x86 Family 15 Model 6 Stepping 4, GenuineIntel
"PROCESSOR_REVISION "=0604
"NUMBER_OF_PROCESSORS "=2
"PATHEXT "=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP "=%SystemRoot%\TEMP
"TMP "=%SystemRoot%\TEMP
"tvdumpflags "=8

-----------------EOF-----------------

m3ow · 2008/12/22

Logfile of random's system information tool 1.05 (written by random/random)
Run by m3ow at 2008-12-23 03:14:07
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 32 GB (65%) free of 50 GB
Total RAM: 2046 MB (72% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:14:31 AM, on 12/23/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\stsystra.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\igfxsrvc.exe
E:\Program Files\BitComet\BitComet.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\m3ow\Desktop\RSIT.exe
C:\Program Files\trend micro\m3ow.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.atcomet.com/b/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - E:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe "
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe "
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitComet] "E:\Program Files\BitComet\BitComet.exe" /tray
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://E:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://E:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://E:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://E:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1229843945718
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 5395 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - E:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll [2008-08-11 656696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2008-12-21 455960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2008-12-21 2055960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}]
ZoneAlarm Spy Blocker BHO - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL [2008-12-21 262144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - ZoneAlarm Spy Blocker - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL [2008-12-21 262144]
{A057A204-BACC-4D26-9990-79A187E2698E} - AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2008-12-21 2055960]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"igfxtray "=C:\WINDOWS\system32\igfxtray.exe [2005-10-14 94208]
"igfxhkcmd "=C:\WINDOWS\system32\hkcmd.exe [2005-10-14 77824]
"igfxpers "=C:\WINDOWS\system32\igfxpers.exe [2005-10-14 114688]
"SigmatelSysTrayApp "=C:\WINDOWS\stsystra.exe [2006-02-10 282624]
"ZoneAlarm Client "=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2008-11-13 981904]
"AVG8_TRAY "=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2008-12-21 1261336]
"StartCCC "=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-08-29 61440]
"ATICustomerCare "=C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe [2007-10-04 307200]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe "=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"BitComet "=E:\Program Files\BitComet\BitComet.exe [2008-12-03 2514744]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS "= "avgrsstx.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-12-02 143360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-10-14 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5} "=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2008-05-26 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername "=0
"legalnoticecaption "=
"legalnoticetext "=
"shutdownwithoutlogon "=1
"undockwithoutlogon "=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun "=36
"NoDriveAutoRun "=FFFFFFFF

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "
"C:\Program Files\AVG\AVG8\avgemc.exe "= "C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe "
"C:\Program Files\AVG\AVG8\avgupd.exe "= "C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe "
"E:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe "= "E:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:iw3mp "
"E:\Program Files\Eidos\Kane and Lynch Dead Men\kaneandlynch.exe "= "E:\Program Files\Eidos\Kane and Lynch Dead Men\kaneandlynch.exe:*:Enabled:Kane & Lynch: Dead Men "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "

m3ow · 2008/12/22

======List of files/folders created in the last 3 months======

2008-12-23 03:14:07 ----D---- C:\rsit
2008-12-23 03:14:07 ----D---- C:\Program Files\trend micro
2008-12-23 03:12:04 ----RASHD---- C:\autorun.inf
2008-12-22 20:38:25 ----RHD---- C:\Documents and Settings\m3ow\Application Data\SecuROM
2008-12-22 20:38:25 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2008-12-22 20:27:53 ----D---- C:\Program Files\OpenAL
2008-12-22 20:27:53 ----A---- C:\WINDOWS\system32\wrap_oal.dll
2008-12-22 20:27:53 ----A---- C:\WINDOWS\system32\OpenAL32.dll
2008-12-22 20:26:18 ----D---- C:\WINDOWS\LastGood
2008-12-22 20:26:13 ----D---- C:\WINDOWS\system32\xlive
2008-12-21 23:53:45 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2008-12-21 23:53:10 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
2008-12-21 23:34:29 ----D---- C:\Downloads
2008-12-21 23:18:12 ----D---- C:\Documents and Settings\m3ow\Application Data\Macromedia
2008-12-21 23:17:29 ----D---- C:\Documents and Settings\m3ow\Application Data\Adobe
2008-12-21 21:51:25 ----A---- C:\WINDOWS\system32\h323log.txt
2008-12-21 21:49:45 ----A---- C:\WINDOWS\system32\usbui.dll
2008-12-21 21:48:48 ----A---- C:\WINDOWS\imsins.BAK
2008-12-21 21:48:47 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-12-21 21:48:46 ----SHD---- C:\WINDOWS\Installer
2008-12-21 21:48:46 ----D---- C:\Program Files\Common Files\ODBC
2008-12-21 21:48:46 ----A---- C:\WINDOWS\ODBCINST.INI
2008-12-21 21:48:43 ----D---- C:\Program Files\Common Files\SpeechEngines
2008-12-21 21:48:42 ----RD---- C:\Program Files
2008-12-21 21:48:42 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-12-21 21:48:42 ----D---- C:\Program Files\Common Files
2008-12-21 21:48:40 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2008-12-21 21:48:40 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2008-12-21 21:48:39 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2008-12-21 21:48:38 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2008-12-21 21:48:38 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2008-12-21 21:48:38 ----RA---- C:\WINDOWS\system32\kbdur.dll
2008-12-21 21:48:38 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2008-12-21 21:48:38 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2008-12-21 21:48:38 ----RA---- C:\WINDOWS\system32\kbdru.dll
2008-12-21 21:48:38 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2008-12-21 21:48:38 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2008-12-21 21:48:38 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2008-12-21 21:48:38 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2008-12-21 21:48:38 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2008-12-21 21:48:37 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2008-12-21 21:48:36 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2008-12-21 21:48:36 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2008-12-21 21:48:36 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2008-12-21 21:48:36 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2008-12-21 21:48:36 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2008-12-21 21:48:36 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2008-12-21 21:48:36 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2008-12-21 21:48:34 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2008-12-21 21:48:34 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2008-12-21 21:48:34 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2008-12-21 21:48:34 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2008-12-21 21:48:34 ----RA---- C:\WINDOWS\system32\kbdest.dll
2008-12-21 21:48:32 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2008-12-21 21:48:32 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2008-12-21 21:48:32 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2008-12-21 21:48:32 ----RA---- C:\WINDOWS\system32\kbdro.dll
2008-12-21 21:48:32 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2008-12-21 21:48:32 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2008-12-21 21:48:32 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2008-12-21 21:48:32 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2008-12-21 21:48:32 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2008-12-21 21:48:32 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2008-12-21 21:48:32 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2008-12-21 21:48:32 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2008-12-21 21:48:32 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2008-12-21 21:48:30 ----A---- C:\WINDOWS\system32\spxcoins.dll
2008-12-21 21:48:30 ----A---- C:\WINDOWS\system32\irclass.dll
2008-12-21 21:48:30 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2008-12-21 21:48:30 ----A---- C:\WINDOWS\system32\dgsetup.dll
2008-12-21 21:48:30 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2008-12-21 21:48:28 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2008-12-21 21:48:28 ----A---- C:\WINDOWS\TASKMAN.EXE
2008-12-21 21:48:27 ----A---- C:\WINDOWS\system32\batt.dll
2008-12-21 21:48:27 ----A---- C:\WINDOWS\notepad.exe
2008-12-21 21:48:26 ----A---- C:\WINDOWS\system32\storprop.dll
2008-12-21 21:48:20 ----RA---- C:\WINDOWS\SET26.tmp
2008-12-21 21:48:20 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2008-12-21 21:48:19 ----RA---- C:\WINDOWS\SET25.tmp
2008-12-21 21:48:17 ----RA---- C:\WINDOWS\SET8.tmp
2008-12-21 21:48:14 ----RA---- C:\WINDOWS\SET4.tmp
2008-12-21 21:48:13 ----RA---- C:\WINDOWS\SET3.tmp
2008-12-21 21:48:09 ----D---- C:\WINDOWS\system32\CatRoot2
2008-12-21 21:48:09 ----D---- C:\WINDOWS\system32\CatRoot
2008-12-21 21:48:03 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-12-21 21:47:41 ----A---- C:\WINDOWS\setuplog.txt
2008-12-21 21:47:38 ----SHD---- C:\System Volume Information
2008-12-21 21:47:38 ----D---- C:\Documents and Settings
2008-12-21 21:47:02 ----SH---- C:\boot.ini
2008-12-21 21:41:41 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-12-21 21:41:41 ----RSD---- C:\WINDOWS\Fonts
2008-12-21 21:41:41 ----RD---- C:\WINDOWS\Web
2008-12-21 21:41:41 ----HD---- C:\WINDOWS\inf
2008-12-21 21:41:41 ----D---- C:\WINDOWS\WinSxS
2008-12-21 21:41:41 ----D---- C:\WINDOWS\twain_32
2008-12-21 21:41:41 ----D---- C:\WINDOWS\Temp
2008-12-21 21:41:41 ----D---- C:\WINDOWS\system32\wins
2008-12-21 21:41:41 ----D---- C:\WINDOWS\system32\wbem
2008-12-21 21:41:41 ----D---- C:\WINDOWS\system32\usmt
2008-12-21 21:41:41 ----D---- C:\WINDOWS\system32\spool
2008-12-21 21:41:41 ----D---- C:\WINDOWS\system32\ShellExt
2008-12-21 21:41:41 ----D---- C:\WINDOWS\system32\Setup
2008-12-21 21:41:41 ----D---- C:\WINDOWS\system32\ras
2008-12-21 21:41:41 ----D---- C:\WINDOWS\system32\oobe
2008-12-21 21:41:41 ----D---- C:\WINDOWS\system32\npp
2008-12-21 21:41:41 ----D---- C:\WINDOWS\system32\mui
2008-12-21 21:41:41 ----D---- C:\WINDOWS\system32\inetsrv
2008-12-21 21:41:41 ----D---- C:\WINDOWS\system32\IME
2008-12-21 21:41:41 ----D---- C:\WINDOWS\system32\icsxml
2008-12-21 21:41:41 ----D---- C:\WINDOWS\system32\ias
2008-12-21 21:41:41 ----D---- C:\WINDOWS\system32\export
2008-12-21 21:41:41 ----D---- C:\WINDOWS\system32\drivers
2008-12-21 21:41:41 ----D---- C:\WINDOWS\system32\dhcp
2008-12-21 21:41:41 ----D---- C:\WINDOWS\system32\config
2008-12-21 21:41:41 ----D---- C:\WINDOWS\system32\3com_dmi
2008-12-21 21:41:41 ----D---- C:\WINDOWS\system32\3076
2008-12-21 21:41:41 ----D---- C:\WINDOWS\system32\2052
2008-12-21 21:41:41 ----D---- C:\WINDOWS\system32\1054
2008-12-21 21:41:41 ----D---- C:\WINDOWS\system32\1042
2008-12-21 21:41:41 ----D---- C:\WINDOWS\system32\1041
2008-12-21 21:41:41 ----D---- C:\WINDOWS\system32\1037
2008-12-21 21:41:41 ----D---- C:\WINDOWS\system32\1033
2008-12-21 21:41:41 ----D---- C:\WINDOWS\system32\1031
2008-12-21 21:41:41 ----D---- C:\WINDOWS\system32\1028
2008-12-21 21:41:41 ----D---- C:\WINDOWS\system32\1025
2008-12-21 21:41:41 ----D---- C:\WINDOWS\system32
2008-12-21 21:41:41 ----D---- C:\WINDOWS\system
2008-12-21 21:41:41 ----D---- C:\WINDOWS\security
2008-12-21 21:41:41 ----D---- C:\WINDOWS\Resources
2008-12-21 21:41:41 ----D---- C:\WINDOWS\repair
2008-12-21 21:41:41 ----D---- C:\WINDOWS\Provisioning
2008-12-21 21:41:41 ----D---- C:\WINDOWS\PeerNet
2008-12-21 21:41:41 ----D---- C:\WINDOWS\pchealth
2008-12-21 21:41:41 ----D---- C:\WINDOWS\mui
2008-12-21 21:41:41 ----D---- C:\WINDOWS\msapps
2008-12-21 21:41:41 ----D---- C:\WINDOWS\msagent
2008-12-21 21:41:41 ----D---- C:\WINDOWS\Media
2008-12-21 21:41:41 ----D---- C:\WINDOWS\java
2008-12-21 21:41:41 ----D---- C:\WINDOWS\ime
2008-12-21 21:41:41 ----D---- C:\WINDOWS\Help
2008-12-21 21:41:41 ----D---- C:\WINDOWS\Driver Cache
2008-12-21 21:41:41 ----D---- C:\WINDOWS\dell
2008-12-21 21:41:41 ----D---- C:\WINDOWS\Debug
2008-12-21 21:41:41 ----D---- C:\WINDOWS\Cursors
2008-12-21 21:41:41 ----D---- C:\WINDOWS\Connection Wizard
2008-12-21 21:41:41 ----D---- C:\WINDOWS\Config
2008-12-21 21:41:41 ----D---- C:\WINDOWS\AppPatch
2008-12-21 21:41:41 ----D---- C:\WINDOWS\addins
2008-12-21 21:41:41 ----D---- C:\WINDOWS
2008-12-21 19:45:19 ----D---- C:\Documents and Settings\m3ow\Application Data\ATI
2008-12-21 19:45:19 ----D---- C:\Documents and Settings\All Users\Application Data\ATI
2008-12-21 19:43:43 ----D---- C:\Program Files\ATI
2008-12-21 19:42:33 ----N---- C:\WINDOWS\system32\ati2sgag.exe
2008-12-21 19:42:17 ----D---- C:\Program Files\ATI Technologies
2008-12-21 19:41:41 ----D---- C:\ATI
2008-12-21 19:34:54 ----HD---- C:\$AVG8.VAULT$
2008-12-21 18:37:33 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2008-12-21 18:37:33 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2008-12-21 18:37:32 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2008-12-21 18:37:31 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2008-12-21 18:37:31 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2008-12-21 18:37:31 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2008-12-21 18:37:31 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2008-12-21 18:37:30 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2008-12-21 18:37:30 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2008-12-21 18:37:30 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2008-12-21 18:37:29 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2008-12-21 18:37:29 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2008-12-21 18:37:28 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2008-12-21 18:37:28 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2008-12-21 18:37:28 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2008-12-21 18:37:27 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2008-12-21 18:37:27 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2008-12-21 18:37:27 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2008-12-21 18:37:27 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2008-12-21 18:37:26 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2008-12-21 18:37:25 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2008-12-21 18:37:25 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2008-12-21 18:37:24 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2008-12-21 18:37:24 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2008-12-21 18:37:24 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2008-12-21 18:37:23 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2008-12-21 18:37:23 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2008-12-21 18:37:22 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2008-12-21 18:37:22 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2008-12-21 18:37:21 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2008-12-21 18:37:20 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2008-12-21 18:37:20 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2008-12-21 18:37:20 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2008-12-21 18:37:19 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2008-12-21 18:37:19 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2008-12-21 18:37:19 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2008-12-21 18:37:18 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2008-12-21 18:37:18 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2008-12-21 18:37:17 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2008-12-21 18:37:17 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2008-12-21 18:37:16 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2008-12-21 18:37:15 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2008-12-21 18:37:15 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2008-12-21 18:37:14 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2008-12-21 18:37:14 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2008-12-21 18:37:13 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2008-12-21 18:37:13 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2008-12-21 18:37:12 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2008-12-21 18:37:12 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2008-12-21 18:37:12 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2008-12-21 18:37:11 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2008-12-21 18:37:11 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2008-12-21 18:37:10 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2008-12-21 18:37:10 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2008-12-21 18:37:10 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2008-12-21 18:37:07 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2008-12-21 18:37:07 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2008-12-21 18:37:07 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2008-12-21 18:37:06 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2008-12-21 18:37:06 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2008-12-21 18:37:05 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2008-12-21 18:37:05 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2008-12-21 18:37:05 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2008-12-21 18:37:04 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2008-12-21 18:37:03 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2008-12-21 18:29:49 ----HD---- C:\WINDOWS\msdownld.tmp
2008-12-21 18:29:41 ----D---- C:\WINDOWS\Logs
2008-12-21 18:13:34 ----D---- C:\8e08df5e750175a9160720431a62d6
2008-12-21 18:13:22 ----D---- C:\WINDOWS\SxsCaPendDel
2008-12-21 17:32:10 ----D---- C:\Program Files\MSBuild
2008-12-21 17:30:34 ----D---- C:\WINDOWS\system32\XPSViewer
2008-12-21 17:30:11 ----D---- C:\Program Files\Reference Assemblies
2008-12-21 17:29:37 ----N---- C:\WINDOWS\system32\spmsg2.dll
2008-12-21 17:05:08 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2008-12-21 17:05:05 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2008-12-21 17:04:50 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$
2008-12-21 17:04:36 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2008-12-21 17:04:22 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2008-12-21 17:00:16 ----N---- C:\WINDOWS\system32\spmsg.dll
2008-12-21 17:00:15 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2008-12-21 16:59:54 ----D---- C:\Program Files\Windows Media Connect 2
2008-12-21 16:59:45 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2008-12-21 16:58:51 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2008-12-21 16:58:30 ----D---- C:\WINDOWS\system32\LogFiles
2008-12-21 16:58:26 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2008-12-21 16:51:07 ----D---- C:\Documents and Settings\m3ow\Application Data\Windows Search
2008-12-21 16:49:37 ----D---- C:\Documents and Settings\m3ow\Application Data\Windows Desktop Search
2008-12-21 16:49:17 ----D---- C:\WINDOWS\system32\GroupPolicy
2008-12-21 16:49:17 ----D---- C:\Program Files\Windows Desktop Search
2008-12-21 16:49:05 ----HDC---- C:\WINDOWS\$NtUninstallKB940157$
2008-12-21 16:48:58 ----HDC---- C:\WINDOWS\$NtUninstallKB915800-v4$
2008-12-21 16:08:26 ----RSD---- C:\WINDOWS\assembly
2008-12-21 16:08:26 ----D---- C:\WINDOWS\Microsoft.NET
2008-12-21 16:08:25 ----D---- C:\WINDOWS\system32\URTTemp
2008-12-21 15:57:23 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2008-12-21 15:57:17 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2008-12-21 15:57:12 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2008-12-21 15:57:06 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2008-12-21 15:57:03 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2008-12-21 15:56:58 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2008-12-21 15:56:53 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2008-12-21 15:56:48 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-12-21 15:56:44 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-12-21 15:56:38 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-12-21 15:56:34 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-12-21 15:56:29 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-12-21 15:56:25 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-12-21 15:56:22 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-12-21 15:56:17 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-12-21 15:56:13 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-12-21 15:56:09 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-12-21 15:56:05 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-12-21 15:56:01 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-12-21 15:55:51 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-12-21 15:55:46 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-12-21 15:55:42 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-12-21 15:55:36 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-12-21 15:39:34 ----D---- C:\WINDOWS\ie7updates
2008-12-21 15:39:15 ----D---- C:\WINDOWS\WBEM
2008-12-21 15:38:23 ----HDC---- C:\WINDOWS\ie7
2008-12-21 15:38:11 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2008-12-21 15:37:54 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2008-12-21 15:36:05 ----A---- C:\WINDOWS\system32\MRT.exe
2008-12-21 15:23:31 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-12-21 15:22:58 ----D---- C:\WINDOWS\system32\PreInstall
2008-12-21 15:22:57 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2008-12-21 15:20:05 ----A---- C:\WINDOWS\system32\wups2.dll
2008-12-21 15:20:05 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2008-12-21 15:20:04 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2008-12-21 15:20:04 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2008-12-21 15:20:04 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2008-12-21 15:12:47 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2008-12-21 15:12:41 ----D---- C:\Documents and Settings\m3ow\Application Data\AVGTOOLBAR
2008-12-21 15:12:36 ----D---- C:\Program Files\AVG
2008-12-21 15:12:36 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2008-12-21 15:04:47 ----A---- C:\WINDOWS\system32\zpeng25.dll
2008-12-21 14:30:06 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2008-12-21 14:26:06 ----D---- C:\Program Files\ZoneAlarmSB
2008-12-21 14:24:52 ----D---- C:\Documents and Settings\All Users\Application Data\MailFrontier
2008-12-21 14:24:47 ----A---- C:\WINDOWS\zllsputility.exe
2008-12-21 14:24:46 ----A---- C:\WINDOWS\system32\SpOrder.dll
2008-12-21 14:24:41 ----A---- C:\WINDOWS\system32\vsregexp.dll
2008-12-21 14:24:41 ----A---- C:\WINDOWS\system32\libeay32_0.9.6l.dll
2008-12-21 14:24:40 ----A---- C:\WINDOWS\system32\zlcommdb.dll
2008-12-21 14:24:40 ----A---- C:\WINDOWS\system32\zlcomm.dll
2008-12-21 14:24:38 ----D---- C:\WINDOWS\system32\ZoneLabs
2008-12-21 14:24:38 ----D---- C:\Program Files\Zone Labs
2008-12-21 14:24:38 ----A---- C:\WINDOWS\system32\vsxml.dll
2008-12-21 14:24:38 ----A---- C:\WINDOWS\system32\vswmi.dll
2008-12-21 14:24:38 ----A---- C:\WINDOWS\system32\vspubapi.dll
2008-12-21 14:24:38 ----A---- C:\WINDOWS\system32\vsmonapi.dll
2008-12-21 14:24:00 ----D---- C:\WINDOWS\Internet Logs
2008-12-21 14:24:00 ----A---- C:\WINDOWS\system32\vsutil.dll
2008-12-21 14:24:00 ----A---- C:\WINDOWS\system32\vsinit.dll
2008-12-21 14:24:00 ----A---- C:\WINDOWS\system32\vsdata.dll
2008-12-21 14:22:20 ----SHD---- C:\RECYCLER
2008-12-21 14:21:19 ----D---- C:\WINDOWS\Prefetch
2008-12-21 14:18:02 ----N---- C:\WINDOWS\system32\msxml6r.dll
2008-12-21 14:18:02 ----A---- C:\WINDOWS\system32\msxml6.dll
2008-12-21 14:17:56 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2008-12-21 14:17:56 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2008-12-21 14:17:56 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2008-12-21 14:17:56 ----N---- C:\WINDOWS\system32\aaclient.dll
2008-12-21 14:17:56 ----A---- C:\WINDOWS\system32\ativvaxx.dll
2008-12-21 14:17:56 ----A---- C:\WINDOWS\system32\ati3duag.dll
2008-12-21 14:17:56 ----A---- C:\WINDOWS\system32\ati2dvag.dll
2008-12-21 14:17:56 ----A---- C:\WINDOWS\system32\ati2cqag.dll
2008-12-21 14:17:55 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2008-12-21 14:17:55 ----N---- C:\WINDOWS\system32\eapsvc.dll
2008-12-21 14:17:55 ----N---- C:\WINDOWS\system32\eapqec.dll
2008-12-21 14:17:55 ----N---- C:\WINDOWS\system32\eappprxy.dll
2008-12-21 14:17:55 ----N---- C:\WINDOWS\system32\eapphost.dll
2008-12-21 14:17:55 ----N---- C:\WINDOWS\system32\eappgnui.dll
2008-12-21 14:17:55 ----N---- C:\WINDOWS\system32\eappcfg.dll
2008-12-21 14:17:55 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2008-12-21 14:17:55 ----N---- C:\WINDOWS\system32\eapolqec.dll
2008-12-21 14:17:55 ----N---- C:\WINDOWS\system32\dot3ui.dll
2008-12-21 14:17:55 ----N---- C:\WINDOWS\system32\dot3svc.dll
2008-12-21 14:17:55 ----N---- C:\WINDOWS\system32\dot3msm.dll
2008-12-21 14:17:55 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2008-12-21 14:17:55 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2008-12-21 14:17:55 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2008-12-21 14:17:55 ----N---- C:\WINDOWS\system32\dot3api.dll
2008-12-21 14:17:55 ----N---- C:\WINDOWS\system32\dimsroam.dll
2008-12-21 14:17:55 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2008-12-21 14:17:55 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2008-12-21 14:17:55 ----N---- C:\WINDOWS\system32\credssp.dll
2008-12-21 14:17:55 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2008-12-21 14:17:55 ----N---- C:\WINDOWS\system32\azroles.dll
2008-12-21 14:17:54 ----N---- C:\WINDOWS\system32\napstat.exe
2008-12-21 14:17:54 ----N---- C:\WINDOWS\system32\napmontr.dll
2008-12-21 14:17:54 ----N---- C:\WINDOWS\system32\napipsec.dll
2008-12-21 14:17:54 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2008-12-21 14:17:54 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2008-12-21 14:17:54 ----N---- C:\WINDOWS\system32\mssha.dll
2008-12-21 14:17:54 ----N---- C:\WINDOWS\system32\mmcperf.exe
2008-12-21 14:17:54 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2008-12-21 14:17:54 ----N---- C:\WINDOWS\system32\mmcex.dll
2008-12-21 14:17:54 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2008-12-21 14:17:54 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2008-12-21 14:17:54 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2008-12-21 14:17:54 ----N---- C:\WINDOWS\system32\kmsvc.dll
2008-12-21 14:17:54 ----N---- C:\WINDOWS\system32\kbdpash.dll
2008-12-21 14:17:54 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2008-12-21 14:17:54 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2008-12-21 14:17:54 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2008-12-21 14:17:53 ----N---- C:\WINDOWS\system32\wmphoto.dll
2008-12-21 14:17:53 ----N---- C:\WINDOWS\system32\wlanapi.dll
2008-12-21 14:17:53 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2008-12-21 14:17:53 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2008-12-21 14:17:53 ----N---- C:\WINDOWS\system32\verclsid.exe
2008-12-21 14:17:53 ----N---- C:\WINDOWS\system32\tzchange.exe
2008-12-21 14:17:53 ----N---- C:\WINDOWS\system32\tspkg.dll
2008-12-21 14:17:53 ----N---- C:\WINDOWS\system32\tsgqec.dll
2008-12-21 14:17:53 ----N---- C:\WINDOWS\system32\slserv.exe
2008-12-21 14:17:53 ----N---- C:\WINDOWS\system32\slrundll.exe
2008-12-21 14:17:53 ----N---- C:\WINDOWS\system32\slgen.dll
2008-12-21 14:17:53 ----N---- C:\WINDOWS\system32\slextspk.dll
2008-12-21 14:17:53 ----N---- C:\WINDOWS\system32\slcoinst.dll
2008-12-21 14:17:53 ----N---- C:\WINDOWS\system32\setupn.exe
2008-12-21 14:17:53 ----N---- C:\WINDOWS\system32\s3gnb.dll
2008-12-21 14:17:53 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2008-12-21 14:17:53 ----N---- C:\WINDOWS\system32\rasqec.dll
2008-12-21 14:17:53 ----N---- C:\WINDOWS\system32\qutil.dll
2008-12-21 14:17:53 ----N---- C:\WINDOWS\system32\qcliprov.dll
2008-12-21 14:17:53 ----N---- C:\WINDOWS\system32\qagentrt.dll
2008-12-21 14:17:53 ----N---- C:\WINDOWS\system32\qagent.dll
2008-12-21 14:17:53 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2008-12-21 14:17:53 ----N---- C:\WINDOWS\system32\onex.dll
2008-12-21 14:17:53 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2008-12-21 14:17:52 ----N---- C:\WINDOWS\system32\xmllite.dll
2008-12-21 14:17:52 ----N---- C:\WINDOWS\slrundll.exe
2008-12-21 14:17:52 ----D---- C:\WINDOWS\system32\scripting
2008-12-21 14:17:52 ----D---- C:\WINDOWS\system32\en-us
2008-12-21 14:17:51 ----D---- C:\WINDOWS\system32\en
2008-12-21 14:17:51 ----D---- C:\WINDOWS\system32\bits
2008-12-21 14:17:51 ----D---- C:\WINDOWS\l2schemas
2008-12-21 14:16:59 ----D---- C:\WINDOWS\ServicePackFiles
2008-12-21 14:15:56 ----D---- C:\WINDOWS\network diagnostic
2008-12-21 14:15:06 ----A---- C:\WINDOWS\002604_.tmp
2008-12-21 14:14:53 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2008-12-21 14:13:36 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-12-21 14:13:36 ----D---- C:\WINDOWS\EHome
2008-12-21 14:10:01 ----A---- C:\WINDOWS\system32\stlang.dll
2008-12-21 14:10:01 ----A---- C:\WINDOWS\stsystra.exe
2008-12-21 14:10:00 ----A---- C:\WINDOWS\system32\ksuser.dll
2008-12-21 14:09:58 ----A---- C:\WINDOWS\system32\staco.dll
2008-12-21 14:09:47 ----HDC---- C:\WINDOWS\$NtUninstallKB835221WXP$
2008-12-21 14:09:44 ----HD---- C:\Program Files\InstallShield Installation Information
2008-12-21 14:09:44 ----D---- C:\Program Files\SigmaTel
2008-12-21 14:09:44 ----A---- C:\WINDOWS\system32\stacapi.dll
2008-12-21 14:08:20 ----A---- C:\WINDOWS\system32\igfxres.dll
2008-12-21 14:07:27 ----A---- C:\WINDOWS\system32\iglicd32.dll
2008-12-21 14:07:27 ----A---- C:\WINDOWS\system32\igldev32.dll
2008-12-21 14:07:27 ----A---- C:\WINDOWS\system32\igfxzoom.exe
2008-12-21 14:07:27 ----A---- C:\WINDOWS\system32\igfxtray.exe
2008-12-21 14:07:27 ----A---- C:\WINDOWS\system32\igfxsrvc.exe
2008-12-21 14:07:27 ----A---- C:\WINDOWS\system32\igfxsrvc.dll
2008-12-21 14:07:26 ----A---- C:\WINDOWS\system32\igfxress.dll
2008-12-21 14:07:26 ----A---- C:\WINDOWS\system32\igfxpph.dll
2008-12-21 14:07:26 ----A---- C:\WINDOWS\system32\igfxpers.exe
2008-12-21 14:07:26 ----A---- C:\WINDOWS\system32\igfxext.exe
2008-12-21 14:07:26 ----A---- C:\WINDOWS\system32\igfxexps.dll
2008-12-21 14:07:26 ----A---- C:\WINDOWS\system32\igfxdo.dll
2008-12-21 14:07:26 ----A---- C:\WINDOWS\system32\igfxdev.dll
2008-12-21 14:07:26 ----A---- C:\WINDOWS\system32\igfxcfg.exe
2008-12-21 14:07:26 ----A---- C:\WINDOWS\system32\ialmuTRK.dll
2008-12-21 14:07:26 ----A---- C:\WINDOWS\system32\ialmuTHA.dll
2008-12-21 14:07:26 ----A---- C:\WINDOWS\system32\ialmuSVE.dll
2008-12-21 14:07:26 ----A---- C:\WINDOWS\system32\ialmuRUS.dll
2008-12-21 14:07:26 ----A---- C:\WINDOWS\system32\ialmuPTG.dll
2008-12-21 14:07:26 ----A---- C:\WINDOWS\system32\ialmuPTB.dll
2008-12-21 14:07:26 ----A---- C:\WINDOWS\system32\ialmuPLK.dll
2008-12-21 14:07:26 ----A---- C:\WINDOWS\system32\ialmuNOR.dll
2008-12-21 14:07:26 ----A---- C:\WINDOWS\system32\ialmuNLD.dll
2008-12-21 14:07:26 ----A---- C:\WINDOWS\system32\ialmuKOR.dll
2008-12-21 14:07:26 ----A---- C:\WINDOWS\system32\ialmuJPN.dll
2008-12-21 14:07:26 ----A---- C:\WINDOWS\system32\ialmuITA.dll
2008-12-21 14:07:26 ----A---- C:\WINDOWS\system32\ialmuHUN.dll
2008-12-21 14:07:26 ----A---- C:\WINDOWS\system32\ialmuHEB.dll
2008-12-21 14:07:26 ----A---- C:\WINDOWS\system32\ialmuFRC.dll
2008-12-21 14:07:26 ----A---- C:\WINDOWS\system32\ialmuFRA.dll
2008-12-21 14:07:26 ----A---- C:\WINDOWS\system32\ialmuFIN.dll
2008-12-21 14:07:26 ----A---- C:\WINDOWS\system32\ialmuESP.dll
2008-12-21 14:07:26 ----A---- C:\WINDOWS\system32\ialmuENG.dll
2008-12-21 14:07:26 ----A---- C:\WINDOWS\system32\ialmuELL.dll
2008-12-21 14:07:26 ----A---- C:\WINDOWS\system32\ialmudlg.exe
2008-12-21 14:07:26 ----A---- C:\WINDOWS\system32\ialmuDEU.dll
2008-12-21 14:07:26 ----A---- C:\WINDOWS\system32\ialmuDAN.dll
2008-12-21 14:07:26 ----A---- C:\WINDOWS\system32\ialmuCSY.dll
2008-12-21 14:07:26 ----A---- C:\WINDOWS\system32\ialmuCHT.dll
2008-12-21 14:07:26 ----A---- C:\WINDOWS\system32\ialmuCHS.dll
2008-12-21 14:07:26 ----A---- C:\WINDOWS\system32\ialmuARB.dll
2008-12-21 14:07:26 ----A---- C:\WINDOWS\system32\ialmuARA.dll
2008-12-21 14:07:26 ----A---- C:\WINDOWS\system32\ialmrnt5.dll
2008-12-21 14:07:26 ----A---- C:\WINDOWS\system32\ialmrem.dll
2008-12-21 14:07:26 ----A---- C:\WINDOWS\system32\ialmdnt5.dll
2008-12-21 14:07:26 ----A---- C:\WINDOWS\system32\ialmdev5.dll
2008-12-21 14:07:26 ----A---- C:\WINDOWS\system32\ialmdd5.dll
2008-12-21 14:07:26 ----A---- C:\WINDOWS\system32\iAlmCoIn_v4410.dll
2008-12-21 14:07:26 ----A---- C:\WINDOWS\system32\hkcmd.exe
2008-12-21 14:07:26 ----A---- C:\WINDOWS\system32\hccutils.dll
2008-12-21 14:06:24 ----D---- C:\drvrtmp
2008-12-21 14:06:24 ----A---- C:\WINDOWS\system32\Prounstl.exe
2008-12-21 14:06:24 ----A---- C:\WINDOWS\system32\IntelNic.dll
2008-12-21 14:06:24 ----A---- C:\WINDOWS\system32\e100bmsg.dll
2008-12-21 14:04:32 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-12-21 14:04:30 ----D---- C:\Program Files\Intel
2008-12-21 14:03:34 ----D---- C:\WINDOWS\system32\vmm32
2008-12-21 14:03:34 ----D---- C:\Program Files\Dell
2008-12-21 14:03:21 ----D---- C:\Program Files\Common Files\InstallShield
2008-12-21 14:01:48 ----D---- C:\Documents and Settings\m3ow\Application Data\Identities
2008-12-21 14:01:46 ----HD---- C:\Program Files\Uninstall Information
2008-12-21 14:01:41 ----SD---- C:\Documents and Settings\m3ow\Application Data\Microsoft
2008-12-21 14:01:41 ----ASH---- C:\Documents and Settings\m3ow\Application Data\desktop.ini
2008-12-21 14:01:12 ----D---- C:\WINDOWS\SoftwareDistribution
2008-12-21 14:01:11 ----SD---- C:\WINDOWS\system32\Microsoft
2008-12-21 14:01:11 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-12-21 13:56:44 ----D---- C:\WINDOWS\system32\xircom
2008-12-21 13:56:44 ----D---- C:\Program Files\xerox
2008-12-21 13:56:44 ----D---- C:\Program Files\microsoft frontpage
2008-12-21 13:56:42 ----D---- C:\DELL
2008-12-21 13:56:33 ----HD---- C:\WINDOWS\$hf_mig$
2008-12-21 13:56:32 ----N---- C:\WINDOWS\system32\xpsp3res.dll
2008-12-21 13:56:21 ----A---- C:\WINDOWS\control.ini
2008-12-21 13:56:21 ----A---- C:\AUTOEXEC.BAT
2008-12-21 13:56:12 ----A---- C:\WINDOWS\OEWABLog.txt
2008-12-21 13:56:09 ----A---- C:\WINDOWS\system32\mapi32.dll
2008-12-21 13:55:24 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-12-21 13:55:24 ----RD---- C:\WINDOWS\Offline Web Pages
2008-12-21 13:55:24 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2008-12-21 13:55:19 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2008-12-21 13:55:15 ----HD---- C:\Program Files\WindowsUpdate
2008-12-21 13:54:59 ----D---- C:\WINDOWS\system32\DirectX
2008-12-21 13:54:42 ----A---- C:\WINDOWS\system32\atrace.dll
2008-12-21 13:54:39 ----A---- C:\WINDOWS\system32\desktop.ini
2008-12-21 13:54:39 ----A---- C:\WINDOWS\desktop.ini
2008-12-21 13:54:34 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2008-12-21 13:54:33 ----A---- C:\WINDOWS\system32\acctres.dll
2008-12-21 13:54:32 ----D---- C:\Program Files\Common Files\Services
2008-12-21 13:54:30 ----SD---- C:\WINDOWS\Tasks
2008-12-21 13:54:30 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2008-12-21 13:54:29 ----D---- C:\Program Files\Common Files\MSSoap
2008-12-21 13:54:26 ----D---- C:\WINDOWS\srchasst
2008-12-21 13:54:25 ----D---- C:\WINDOWS\system32\Macromed
2008-12-21 13:54:23 ----A---- C:\WINDOWS\system32\wuweb.dll
2008-12-21 13:54:23 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-12-21 13:54:23 ----A---- C:\WINDOWS\system32\wuauserv.dll
2008-12-21 13:54:23 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2008-12-21 13:54:22 ----A---- C:\WINDOWS\system32\wups.dll
2008-12-21 13:54:22 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-12-21 13:54:22 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2008-12-21 13:54:22 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-12-21 13:54:22 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-12-21 13:54:22 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2008-12-21 13:54:22 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2008-12-21 13:54:21 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2008-12-21 13:54:21 ----A---- C:\WINDOWS\system32\qmgr.dll
2008-12-21 13:54:18 ----D---- C:\Program Files\Movie Maker
2008-12-21 13:54:15 ----A---- C:\WINDOWS\system32\safrslv.dll
2008-12-21 13:54:15 ----A---- C:\WINDOWS\system32\safrdm.dll
2008-12-21 13:54:15 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2008-12-21 13:54:15 ----A---- C:\WINDOWS\system32\racpldlg.dll
2008-12-21 13:54:12 ----A---- C:\WINDOWS\system32\fltmc.exe
2008-12-21 13:54:12 ----A---- C:\WINDOWS\system32\fltlib.dll
2008-12-21 13:54:11 ----D---- C:\WINDOWS\system32\Restore
2008-12-21 13:54:11 ----A---- C:\WINDOWS\system32\srsvc.dll
2008-12-21 13:54:11 ----A---- C:\WINDOWS\system32\srrstr.dll
2008-12-21 13:54:11 ----A---- C:\WINDOWS\system32\srclient.dll
2008-12-21 13:54:11 ----A---- C:\WINDOWS\system32\mnmdd.dll
2008-12-21 13:54:11 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2008-12-21 13:54:11 ----A---- C:\WINDOWS\system32\ils.dll
2008-12-21 13:54:10 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2008-12-21 13:54:10 ----A---- C:\WINDOWS\system32\msconf.dll
2008-12-21 13:54:10 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2008-12-21 13:54:08 ----D---- C:\Program Files\NetMeeting
2008-12-21 13:54:08 ----A---- C:\WINDOWS\system32\msoert2.dll
2008-12-21 13:54:08 ----A---- C:\WINDOWS\system32\msoeacct.dll
2008-12-21 13:54:07 ----A---- C:\WINDOWS\system32\inetres.dll
2008-12-21 13:54:06 ----A---- C:\WINDOWS\system32\inetcomm.dll
2008-12-21 13:54:05 ----D---- C:\Program Files\Outlook Express
2008-12-21 13:54:05 ----A---- C:\WINDOWS\system32\schedsvc.dll
2008-12-21 13:54:05 ----A---- C:\WINDOWS\system32\mstinit.exe
2008-12-21 13:54:05 ----A---- C:\WINDOWS\system32\mstask.dll
2008-12-21 13:54:04 ----A---- C:\WINDOWS\system32\isign32.dll
2008-12-21 13:54:04 ----A---- C:\WINDOWS\system32\inetcfg.dll
2008-12-21 13:54:04 ----A---- C:\WINDOWS\system32\icwphbk.dll
2008-12-21 13:54:04 ----A---- C:\WINDOWS\system32\icwdial.dll
2008-12-21 13:53:59 ----D---- C:\Program Files\Common Files\System
2008-12-21 13:53:57 ----D---- C:\Program Files\Internet Explorer
2008-12-21 13:53:46 ----D---- C:\Program Files\ComPlus Applications
2008-12-21 13:53:44 ----A---- C:\WINDOWS\vbaddin.ini
2008-12-21 13:53:44 ----A---- C:\WINDOWS\vb.ini
2008-12-21 13:53:40 ----D---- C:\WINDOWS\Registration
2008-12-21 13:53:16 ----D---- C:\Program Files\Windows Media Player
2008-12-21 13:53:16 ----D---- C:\Program Files\Online Services
2008-12-21 13:53:12 ----D---- C:\Program Files\Messenger
2008-12-21 13:53:09 ----D---- C:\Program Files\MSN Gaming Zone
2008-12-21 13:53:09 ----A---- C:\WINDOWS\system32\write.exe
2008-12-21 13:53:00 ----A---- C:\WINDOWS\system32\winchat.exe
2008-12-21 13:53:00 ----A---- C:\WINDOWS\system32\sndvol32.exe
2008-12-21 13:53:00 ----A---- C:\WINDOWS\system32\hticons.dll
2008-12-21 13:53:00 ----A---- C:\WINDOWS\system32\avwav.dll
2008-12-21 13:53:00 ----A---- C:\WINDOWS\system32\avtapi.dll
2008-12-21 13:53:00 ----A---- C:\WINDOWS\system32\avmeter.dll
2008-12-21 13:52:54 ----A---- C:\WINDOWS\system32\getuname.dll
2008-12-21 13:52:54 ----A---- C:\WINDOWS\system32\charmap.exe
2008-12-21 13:52:54 ----A---- C:\WINDOWS\system32\calc.exe
2008-12-21 13:52:53 ----A---- C:\WINDOWS\system32\winmine.exe
2008-12-21 13:52:53 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2008-12-21 13:52:53 ----A---- C:\WINDOWS\system32\tskill.exe
2008-12-21 13:52:53 ----A---- C:\WINDOWS\system32\sol.exe
2008-12-21 13:52:53 ----A---- C:\WINDOWS\system32\reset.exe
2008-12-21 13:52:53 ----A---- C:\WINDOWS\system32\mshearts.exe
2008-12-21 13:52:53 ----A---- C:\WINDOWS\system32\freecell.exe
2008-12-21 13:52:52 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2008-12-21 13:52:52 ----A---- C:\WINDOWS\system32\tslabels.ini
2008-12-21 13:52:52 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2008-12-21 13:52:52 ----A---- C:\WINDOWS\system32\tscon.exe
2008-12-21 13:52:52 ----A---- C:\WINDOWS\system32\shadow.exe
2008-12-21 13:52:52 ----A---- C:\WINDOWS\system32\rwinsta.exe
2008-12-21 13:52:52 ----A---- C:\WINDOWS\system32\regini.exe
2008-12-21 13:52:52 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2008-12-21 13:52:52 ----A---- C:\WINDOWS\system32\qwinsta.exe
2008-12-21 13:52:52 ----A---- C:\WINDOWS\system32\qappsrv.exe
2008-12-21 13:52:52 ----A---- C:\WINDOWS\system32\msg.exe
2008-12-21 13:52:52 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2008-12-21 13:52:52 ----A---- C:\WINDOWS\system32\logoff.exe
2008-12-21 13:52:52 ----A---- C:\WINDOWS\system32\cdmodem.dll
2008-12-21 13:52:51 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2008-12-21 13:52:51 ----A---- C:\WINDOWS\system32\mtxex.dll
2008-12-21 13:52:51 ----A---- C:\WINDOWS\system32\mtxdm.dll
2008-12-21 13:52:51 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2008-12-21 13:52:51 ----A---- C:\WINDOWS\system32\comrepl.dll
2008-12-21 13:52:51 ----A---- C:\WINDOWS\system32\comaddin.dll
2008-12-21 13:52:50 ----A---- C:\WINDOWS\system32\stclient.dll
2008-12-21 13:52:50 ----A---- C:\WINDOWS\system32\comsnap.dll
2008-12-21 13:52:46 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2008-12-21 13:52:33 ----D---- C:\Program Files\MSN
2008-12-21 13:52:33 ----A---- C:\WINDOWS\system32\accwiz.exe
2008-12-21 13:52:32 ----A---- C:\WINDOWS\system32\sndrec32.exe
2008-12-21 13:52:32 ----A---- C:\WINDOWS\system32\mplay32.exe
2008-12-21 13:52:32 ----A---- C:\WINDOWS\system32\hypertrm.dll
2008-12-21 13:52:31 ----D---- C:\Program Files\Windows NT
2008-12-21 13:52:31 ----A---- C:\WINDOWS\system32\spider.exe
2008-12-21 13:52:31 ----A---- C:\WINDOWS\system32\mspaint.exe
2008-12-21 13:52:31 ----A---- C:\WINDOWS\system32\clipbrd.exe
2008-12-21 13:52:30 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2008-12-21 13:52:30 ----A---- C:\WINDOWS\system32\remotepg.dll
2008-12-21 13:52:30 ----A---- C:\WINDOWS\system32\rdshost.exe
2008-12-21 13:52:30 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2008-12-21 13:52:30 ----A---- C:\WINDOWS\system32\mstscax.dll
2008-12-21 13:52:30 ----A---- C:\WINDOWS\system32\mstsc.exe
2008-12-21 13:52:29 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2008-12-21 13:52:29 ----A---- C:\WINDOWS\system32\termsrv.dll
2008-12-21 13:52:29 ----A---- C:\WINDOWS\system32\sessmgr.exe
2008-12-21 13:52:29 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2008-12-21 13:52:29 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2008-12-21 13:52:29 ----A---- C:\WINDOWS\system32\rdpclip.exe
2008-12-21 13:52:29 ----A---- C:\WINDOWS\system32\rdchost.dll
2008-12-21 13:52:29 ----A---- C:\WINDOWS\system32\qprocess.exe
2008-12-21 13:52:29 ----A---- C:\WINDOWS\system32\icaapi.dll
2008-12-21 13:52:28 ----D---- C:\WINDOWS\system32\MsDtc
2008-12-21 13:52:28 ----A---- C:\WINDOWS\system32\mtxoci.dll
2008-12-21 13:52:28 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2008-12-21 13:52:28 ----A---- C:\WINDOWS\system32\msdtctm.dll
2008-12-21 13:52:28 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2008-12-21 13:52:28 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2008-12-21 13:52:27 ----A---- C:\WINDOWS\system32\xolehlp.dll
2008-12-21 13:52:27 ----A---- C:\WINDOWS\system32\msdtclog.dll
2008-12-21 13:52:27 ----A---- C:\WINDOWS\system32\msdtc.exe
2008-12-21 13:52:26 ----D---- C:\WINDOWS\system32\Com
2008-12-21 13:52:26 ----A---- C:\WINDOWS\system32\colbact.dll
2008-12-21 13:52:26 ----A---- C:\WINDOWS\system32\clbcatex.dll
2008-12-21 13:52:26 ----A---- C:\WINDOWS\system32\catsrvut.dll
2008-12-21 13:52:26 ----A---- C:\WINDOWS\system32\catsrvps.dll
2008-12-21 13:52:26 ----A---- C:\WINDOWS\system32\catsrv.dll
2008-12-21 13:52:25 ----A---- C:\WINDOWS\system32\comuid.dll
2008-12-21 13:52:25 ----A---- C:\WINDOWS\system32\comsvcs.dll
2008-12-21 13:52:24 ----A---- C:\WINDOWS\system32\clbcatq.dll
2008-12-21 13:52:19 ----A---- C:\WINDOWS\system32\servdeps.dll
2008-12-21 13:52:19 ----A---- C:\WINDOWS\system32\mmfutil.dll
2008-12-21 13:52:19 ----A---- C:\WINDOWS\system32\licwmi.dll
2008-12-21 13:52:19 ----A---- C:\WINDOWS\system32\cmprops.dll
2008-12-02 04:52:52 ----A---- C:\WINDOWS\system32\ATIDEMGX.dll
2008-12-02 04:46:17 ----A---- C:\WINDOWS\system32\atioglxx.dll
2008-12-02 04:41:02 ----A---- C:\WINDOWS\system32\atipdlxx.dll
2008-12-02 04:40:49 ----A---- C:\WINDOWS\system32\Oemdspif.dll
2008-12-02 04:40:41 ----A---- C:\WINDOWS\system32\Ati2mdxx.exe
2008-12-02 04:40:32 ----A---- C:\WINDOWS\system32\ati2edxx.dll
2008-12-02 04:40:14 ----A---- C:\WINDOWS\system32\ati2evxx.dll
2008-12-02 04:38:42 ----A---- C:\WINDOWS\system32\ati2evxx.exe
2008-12-02 04:37:21 ----A---- C:\WINDOWS\system32\ATIDDC.DLL
2008-12-02 04:19:53 ----A---- C:\WINDOWS\system32\atiiiexx.dll
2008-12-02 03:57:33 ----A---- C:\WINDOWS\system32\amdpcom32.dll
2008-12-02 03:53:36 ----A---- C:\WINDOWS\system32\atikvmag.dll
2008-12-02 03:53:16 ----A---- C:\WINDOWS\system32\amdcalrt.dll
2008-12-02 03:53:07 ----A---- C:\WINDOWS\system32\amdcalcl.dll
2008-12-02 03:52:12 ----A---- C:\WINDOWS\system32\atiadlxx.dll
2008-12-02 03:52:02 ----A---- C:\WINDOWS\system32\atitvo32.dll
2008-12-02 03:50:52 ----A---- C:\WINDOWS\system32\atiok3x2.dll
2008-12-02 03:50:36 ----A---- C:\WINDOWS\system32\Amdcaldd.dll
2008-10-22 02:51:43 ----A---- C:\WINDOWS\system32\atibrtmon.exe
2008-10-22 01:40:00 ----A---- C:\WINDOWS\system32\ATIODE.exe
2008-10-22 01:40:00 ----A---- C:\WINDOWS\system32\ATIODCLI.exe
2008-10-04 05:48:01 ----A---- C:\WINDOWS\system32\ATIODE.exe.manifest
2008-09-30 05:22:29 ----A---- C:\WINDOWS\system32\ATIODCLI.exe.manifest

======List of files/folders modified in the last 3 months======

2008-12-21 21:48:42 ----A---- C:\WINDOWS\system.ini
2008-12-21 17:00:03 ----A---- C:\WINDOWS\win.ini
2008-12-13 14:40:02 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-10-23 20:36:14 ----A---- C:\WINDOWS\system32\gdi32.dll
2008-10-17 04:38:40 ----A---- C:\WINDOWS\system32\wininet.dll
2008-10-17 04:38:39 ----N---- C:\WINDOWS\system32\pngfilt.dll
2008-10-17 04:38:39 ----N---- C:\WINDOWS\system32\occache.dll
2008-10-17 04:38:39 ----N---- C:\WINDOWS\system32\mstime.dll
2008-10-17 04:38:39 ----A---- C:\WINDOWS\system32\webcheck.dll
2008-10-17 04:38:39 ----A---- C:\WINDOWS\system32\urlmon.dll
2008-10-17 04:38:39 ----A---- C:\WINDOWS\system32\url.dll
2008-10-17 04:38:38 ----N---- C:\WINDOWS\system32\msrating.dll
2008-10-17 04:38:38 ----N---- C:\WINDOWS\system32\mshtmled.dll
2008-10-17 04:38:37 ----N---- C:\WINDOWS\system32\jsproxy.dll
2008-10-17 04:38:37 ----N---- C:\WINDOWS\system32\iernonce.dll
2008-10-17 04:38:37 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2008-10-17 04:38:37 ----A---- C:\WINDOWS\system32\msfeeds.dll
2008-10-17 04:38:37 ----A---- C:\WINDOWS\system32\iertutil.dll
2008-10-17 04:38:37 ----A---- C:\WINDOWS\system32\ieframe.dll
2008-10-17 04:38:35 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2008-10-17 04:38:35 ----N---- C:\WINDOWS\system32\ieaksie.dll
2008-10-17 04:38:35 ----N---- C:\WINDOWS\system32\ieakeng.dll
2008-10-17 04:38:35 ----N---- C:\WINDOWS\system32\extmgr.dll
2008-10-17 04:38:35 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2008-10-17 04:38:35 ----A---- C:\WINDOWS\system32\icardie.dll
2008-10-17 04:38:34 ----N---- C:\WINDOWS\system32\dxtrans.dll
2008-10-17 04:38:34 ----N---- C:\WINDOWS\system32\dxtmsft.dll
2008-10-17 04:38:34 ----A---- C:\WINDOWS\system32\advpack.dll
2008-10-16 21:11:09 ----N---- C:\WINDOWS\system32\ie4uinit.exe
2008-10-16 21:11:09 ----A---- C:\WINDOWS\system32\ieudinit.exe
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\cdm.dll
2008-10-16 00:34:24 ----A---- C:\WINDOWS\system32\netapi32.dll
2008-10-15 15:04:53 ----N---- C:\WINDOWS\system32\ieakui.dll
2008-10-03 18:02:42 ----A---- C:\WINDOWS\system32\strmdll.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2008-12-21 97928]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2008-12-21 26824]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2008-11-13 353680]
R2 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2008-12-21 76040]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-12-02 3452928]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2007-07-20 84992]
R3 E100B;Intel(R) PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2005-06-13 162816]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-04 12160]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2006-02-10 1107224]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-10-14 1302812]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-12-02 598016]
R2 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-12-21 875288]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-12-21 231704]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2008-12-21 66872]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2008-12-01 593920]
S2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2008-11-13 2405776]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------[/PHP]

noahdfear · 2008/12/22

No sign of the infection here.

m3ow · 2008/12/23

WAH LAH~

thanks dave! this thread can be deleted any time.

noahdfear · 2008/12/23

We don't delete them. I'll mark it inactive.

Log in or Sign up

Inactive [InActive] Probably USB Infection (HJT Log is in here)

m3ow Inactive Thread Starter

m3ow Inactive Thread Starter

m3ow Inactive Thread Starter

noahdfear Inactive

m3ow Inactive Thread Starter

noahdfear Inactive

Share This Page

Log in or Sign up

Inactive [InActive] Probably USB Infection (HJT Log is in here)

m3ow Inactive Thread Starter

m3ow Inactive Thread Starter

m3ow Inactive Thread Starter

noahdfear Inactive

m3ow Inactive Thread Starter

noahdfear Inactive

Share This Page

Useful Searches