I can't get rid of Autorun virus.

Page 1 of 2 1, 2  Next

View previous topic View next topic Go down

I can't get rid of Autorun virus.

Post by nneda on Mon 18 Apr 2011, 12:15 am

Hello,
I'm not really good at the technical part of computers so please forgive me if i explain anything poorly.
Its been almost a week since the infection or at least when i noticed . I had no Anti virus installed and only noticed something was wrong when after double clicking on my drives it would open in a new window and also there was an "autoplay" option on the right click menu for my drives and for each drive it was written differently, e.g. "AuToPLay", "aUtopLAY", "autoPLay". and of course the hidden "autorun" files in every drive which are not hidden any more.
I tried installing Nod32 but failed, and "Autorun Eater" just keeps popping up with the same message over and over again for each drive.



"Autorun Virus Remover" didn't work either it scans and says that it has removed autorun files but they just keep caming back. but it did remove the "AuToPLay" option from the rightclcik menu.
Also After I change the "hidden files and folders", to "show hidden files and folders" its goes back to "Do not show hidden files". When i uncheck "Hide protected operating system files" there are some weird files that return after i delete them and some i cant delete. here are a few and for each drive it's different:
ncujg, pceuf, tlskix, xnogni, and so much more.

thankyou so much for your great website. and thanks in advance for any guidance.

nneda

Newbie Surfer
Newbie Surfer

Posts : 27
Joined : 2011-04-17
Operating System : xp

View user profile

Back to top Go down

Re: I can't get rid of Autorun virus.

Post by Belahzur on Mon 18 Apr 2011, 8:46 am

Hello.

Download OTL by OldTimer to your Desktop.

  • Close all windows and double click OTL.exe
  • Click Run Scan and let the program run uninterrupted
  • It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  • You may need to use two posts to get it all.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: I can't get rid of Autorun virus.

Post by nneda on Mon 18 Apr 2011, 3:35 pm

OTL logfile created on: 4/19/2011 8:43:31 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = D:\Documents and Settings\DoucheBag\My Documents\Downloads\Programs
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 79.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 93.00% Paging File free
Paging file location(s): D:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 19.99 Gb Total Space | 11.06 Gb Free Space | 55.31% Space Free | Partition Type: FAT32
Drive D: | 19.99 Gb Total Space | 12.80 Gb Free Space | 64.03% Space Free | Partition Type: FAT32
Drive E: | 29.99 Gb Total Space | 0.58 Gb Free Space | 1.93% Space Free | Partition Type: FAT32
Drive F: | 29.99 Gb Total Space | 1.22 Gb Free Space | 4.06% Space Free | Partition Type: FAT32
Drive G: | 49.02 Gb Total Space | 2.72 Gb Free Space | 5.55% Space Free | Partition Type: FAT32

Computer Name: DOUCHEBA-F3D208 | User Name: DoucheBag | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/04/19 04:17:18 | 000,030,208 | ---- | M] () -- D:\Documents and Settings\DoucheBag\Local Settings\Temp\winvwxjgy.exe
PRC - [2011/04/19 02:31:16 | 000,012,970 | ---- | M] () -- D:\Documents and Settings\DoucheBag\Local Settings\Temp\winaqdmd.exe
PRC - [2011/04/19 02:21:02 | 000,654,848 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\DoucheBag\My Documents\Downloads\Programs\OTL.exe
PRC - [2011/04/19 02:02:24 | 002,827,696 | ---- | M] (Tonec Inc.) -- D:\Program Files\Internet Download Manager\IDMan.exe
PRC - [2010/12/03 10:36:18 | 000,830,464 | ---- | M] () -- D:\Program Files\AutorunRemover\AutorunRemover.exe
PRC - [2008/02/18 17:31:02 | 000,251,312 | ---- | M] (Tonec Inc.) -- D:\Program Files\Internet Download Manager\IEMonitor.exe
PRC - [2004/08/04 01:07:00 | 001,032,192 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2011/04/19 02:21:02 | 000,654,848 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\DoucheBag\My Documents\Downloads\Programs\OTL.exe
MOD - [2008/12/16 20:36:10 | 000,034,224 | ---- | M] (Tonec Inc.) -- D:\Program Files\Internet Download Manager\idmmkb.dll
MOD - [2004/08/04 01:07:00 | 001,050,624 | R--- | M] (Microsoft Corporation) -- D:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Running] -- -- (amsint32)
DRV - [2010/10/27 08:25:48 | 005,524,480 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009/06/16 14:45:52 | 005,095,936 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/08/05 16:40:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2006/01/04 12:11:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2004/08/13 07:26:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2004/08/04 01:07:00 | 000,012,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS)
DRV - [2004/06/17 10:05:46 | 000,136,832 | ---- | M] () [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\pfc027.sys -- (SoC PC-Camera Service)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[2011/04/17 21:14:08 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files\Mozilla Firefox\extensions
[2011/03/18 10:53:24 | 000,142,296 | ---- | M] (Mozilla Foundation) -- D:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2010/01/01 01:00:00 | 000,002,252 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\bing.xml

O1 HOSTS File: ([2004/08/04 01:07:00 | 000,000,734 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - D:\Program Files\Internet Download Manager\IDMIECC.dll (Tonec Inc.)
O4 - HKLM..\Run: [AutorunRemover.exe] D:\Program Files\AutorunRemover\AutorunRemover.exe ()
O4 - HKCU..\Run: [IDMan] D:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKCU..\Run: [Messenger (Yahoo!)] D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [ooVoo.exe] D:\Program Files\ooVoo\oovoo.exe (ooVoo LLC)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Download all links with IDM - D:\Program Files\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download FLV video content with IDM - D:\Program Files\Internet Download Manager\IEGetVL.htm ()
O8 - Extra context menu item: Download with IDM - D:\Program Files\Internet Download Manager\IEExt.htm ()
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - D:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: D:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: D:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/04/17 20:49:10 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2011/04/17 21:49:20 | 000,000,351 | RHS- | M] () - C:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2011/04/17 21:49:20 | 000,000,274 | RHS- | M] () - D:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2011/04/17 21:49:20 | 000,000,321 | RHS- | M] () - E:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2011/04/17 21:49:20 | 000,000,247 | RHS- | M] () - F:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2011/04/17 21:49:20 | 000,000,365 | RHS- | M] () - G:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{45def04d-6a25-11e0-b3e5-806d6172696f}\Shell\autopLay\cOmmAND - "" = C:\jsfp.exe -- [2011/04/19 01:55:16 | 000,103,140 | RHS- | M] ()
O33 - MountPoints2\{45def04d-6a25-11e0-b3e5-806d6172696f}\Shell\AutoRun\command - "" = C:\jsfp.exe -- [2011/04/19 01:55:16 | 000,103,140 | RHS- | M] ()
O33 - MountPoints2\{45def04d-6a25-11e0-b3e5-806d6172696f}\Shell\eXplOre\CommAnD - "" = C:\jsfp.exe -- [2011/04/19 01:55:16 | 000,103,140 | RHS- | M] ()
O33 - MountPoints2\{45def04d-6a25-11e0-b3e5-806d6172696f}\Shell\open\commanD - "" = C:\jsfp.exe -- [2011/04/19 01:55:16 | 000,103,140 | RHS- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/04/19 06:14:24 | 000,185,344 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\thawbrkr.dll
[2011/04/19 06:14:24 | 000,019,456 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\agt0401.dll
[2011/04/19 06:14:24 | 000,010,752 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\c_iscii.dll
[2011/04/19 06:14:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdinpun.dll
[2011/04/19 06:14:24 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdvntc.dll
[2011/04/19 06:14:24 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdintel.dll
[2011/04/19 06:14:24 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdintam.dll
[2011/04/19 06:14:24 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdinmar.dll
[2011/04/19 06:14:24 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdinkan.dll
[2011/04/19 06:14:24 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdinhin.dll
[2011/04/19 06:14:24 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdinguj.dll
[2011/04/19 06:14:24 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdindev.dll
[2011/04/19 06:14:24 | 000,005,120 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdgeo.dll
[2011/04/19 06:14:24 | 000,005,120 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdarmw.dll
[2011/04/19 06:14:24 | 000,005,120 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdarme.dll
[2011/04/19 06:14:22 | 000,019,456 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\agt040d.dll
[2011/04/19 06:14:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdusa.dll
[2011/04/19 06:14:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdurdu.dll
[2011/04/19 06:14:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2011/04/19 06:14:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2011/04/19 06:14:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdfa.dll
[2011/04/19 06:14:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbddiv2.dll
[2011/04/19 06:14:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbddiv1.dll
[2011/04/19 06:14:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbda3.dll
[2011/04/19 06:14:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbda2.dll
[2011/04/19 06:14:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbda1.dll
[2011/04/19 06:14:20 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdheb.dll
[2011/04/19 06:14:18 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdth3.dll
[2011/04/19 06:14:18 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdth2.dll
[2011/04/19 06:14:18 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdth1.dll
[2011/04/19 06:14:18 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdth0.dll
[2011/04/19 06:14:17 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\ftlx041e.dll
[2011/04/19 06:11:53 | 000,019,456 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\agt041f.dll
[2011/04/19 06:11:52 | 000,019,456 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\agt0419.dll
[2011/04/19 06:11:52 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdtuq.dll
[2011/04/19 06:11:52 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdtuf.dll
[2011/04/19 06:11:52 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdazel.dll
[2011/04/19 06:11:51 | 000,022,016 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\agt0408.dll
[2011/04/19 06:11:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdycc.dll
[2011/04/19 06:11:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbduzb.dll
[2011/04/19 06:11:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdur.dll
[2011/04/19 06:11:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdtat.dll
[2011/04/19 06:11:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdru1.dll
[2011/04/19 06:11:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdru.dll
[2011/04/19 06:11:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdmon.dll
[2011/04/19 06:11:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdkyr.dll
[2011/04/19 06:11:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdkaz.dll
[2011/04/19 06:11:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdbu.dll
[2011/04/19 06:11:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdblr.dll
[2011/04/19 06:11:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdaze.dll
[2011/04/19 06:11:50 | 000,008,192 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdhept.dll
[2011/04/19 06:11:50 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdhela3.dll
[2011/04/19 06:11:50 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdhela2.dll
[2011/04/19 06:11:50 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdgkl.dll
[2011/04/19 06:11:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdhe319.dll
[2011/04/19 06:11:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdhe220.dll
[2011/04/19 06:11:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdhe.dll
[2011/04/19 06:11:49 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdlv1.dll
[2011/04/19 06:11:49 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdlv.dll
[2011/04/19 06:11:49 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdest.dll
[2011/04/19 06:11:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdlt1.dll
[2011/04/19 06:11:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdlt.dll
[2011/04/19 06:11:48 | 000,019,968 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\agt040e.dll
[2011/04/19 06:11:48 | 000,019,456 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\agt0415.dll
[2011/04/19 06:11:48 | 000,019,456 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\agt0405.dll
[2011/04/19 06:11:47 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdcz.dll
[2011/04/19 06:11:47 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdycl.dll
[2011/04/19 06:11:47 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdsl1.dll
[2011/04/19 06:11:47 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdsl.dll
[2011/04/19 06:11:47 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdpl.dll
[2011/04/19 06:11:47 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdhu.dll
[2011/04/19 06:11:47 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdcz2.dll
[2011/04/19 06:11:47 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdcz1.dll
[2011/04/19 06:11:47 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdcr.dll
[2011/04/19 06:11:47 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdal.dll
[2011/04/19 06:11:47 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdro.dll
[2011/04/19 06:11:47 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdpl1.dll
[2011/04/19 06:11:47 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdhu1.dll
[2011/04/19 06:11:46 | 000,176,157 | ---- | C] (Digi International, Inc.) -- D:\WINDOWS\System32\dllcache\dgrpsetu.dll
[2011/04/19 06:11:46 | 000,085,020 | ---- | C] (Digi International) -- D:\WINDOWS\System32\dllcache\dgsetup.dll
[2011/04/19 06:11:46 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- D:\WINDOWS\System32\dllcache\spxcoins.dll
[2011/04/19 06:11:46 | 000,013,312 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\irclass.dll
[2011/04/19 06:11:45 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- D:\WINDOWS\System32\dllcache\eqnclass.dll
[2011/04/19 06:11:44 | 000,015,360 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\taskman.exe
[2011/04/19 06:11:44 | 000,011,264 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\irenum.sys
[2011/04/19 06:11:44 | 000,008,704 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\batt.dll
[2011/04/19 02:24:32 | 000,000,000 | ---D | C] -- D:\Documents and Settings\DoucheBag\Application Data\ooVoo Details
[2011/04/19 02:24:25 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\AutorunRemover
[2011/04/19 02:23:22 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\ooVoo
[2011/04/19 02:23:19 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Yahoo! Messenger
[2011/04/19 02:23:18 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users.WINDOWS\Application Data\Yahoo!
[2011/04/19 02:15:25 | 000,005,504 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mstee.sys
[2011/04/19 02:15:24 | 000,016,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\ipsink.ax
[2011/04/19 02:15:24 | 000,016,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\ipsink.ax
[2011/04/19 02:15:24 | 000,015,360 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\streamip.sys
[2011/04/19 02:15:24 | 000,010,880 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\ndisip.sys
[2011/04/19 02:15:23 | 000,011,136 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\slip.sys
[2011/04/19 02:15:22 | 000,019,328 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wstcodec.sys
[2011/04/19 02:15:20 | 000,085,376 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\nabtsfec.sys
[2011/04/19 02:15:19 | 000,017,024 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\ccdecode.sys
[2011/04/19 02:15:16 | 000,090,624 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kswdmcap.ax
[2011/04/19 02:15:16 | 000,090,624 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kswdmcap.ax
[2011/04/19 02:15:16 | 000,061,952 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kstvtune.ax
[2011/04/19 02:15:16 | 000,061,952 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kstvtune.ax
[2011/04/19 02:15:16 | 000,028,672 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\vidcap.ax
[2011/04/19 02:15:16 | 000,028,672 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\vidcap.ax
[2011/04/19 02:15:15 | 000,053,760 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\vfwwdm32.dll
[2011/04/19 02:15:15 | 000,053,760 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\vfwwdm32.dll
[2011/04/19 02:15:15 | 000,043,008 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\ksxbar.ax
[2011/04/19 02:15:15 | 000,043,008 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\ksxbar.ax
[2011/04/19 02:13:25 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\PC Camera
[2011/04/19 02:07:41 | 000,171,776 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kmixer.sys
[2011/04/19 02:07:40 | 000,060,800 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sysaudio.sys
[2011/04/19 02:07:40 | 000,002,944 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\drmkaud.sys
[2011/04/19 02:07:39 | 000,007,552 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mskssrv.sys
[2011/04/19 02:07:38 | 000,004,992 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mspqm.sys
[2011/04/19 02:07:37 | 000,005,376 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mspclock.sys
[2011/04/19 02:07:28 | 000,000,000 | ---D | C] -- D:\Documents and Settings\DoucheBag\My Documents\The KMPlayer
[2011/04/19 02:07:06 | 000,130,048 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\ksproxy.ax
[2011/04/19 02:07:06 | 000,130,048 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\ksproxy.ax
[2011/04/19 02:07:06 | 000,060,288 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\drivers\drmk.sys
[2011/04/19 02:07:06 | 000,060,288 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\drmk.sys
[2011/04/19 02:07:06 | 000,004,096 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\ksuser.dll
[2011/04/19 02:07:06 | 000,004,096 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\ksuser.dll
[2011/04/19 02:06:45 | 000,000,000 | ---D | C] -- D:\Documents and Settings\DoucheBag\Start Menu\Programs\The KMPlayer
[2011/04/19 02:06:33 | 000,022,752 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\spupdsvc.exe
[2011/04/19 02:06:27 | 000,290,816 | ---- | C] (Realtek Semiconductor Crop.) -- D:\WINDOWS\vncutil.exe
[2011/04/19 02:06:27 | 000,151,552 | ---- | C] (Realtek Semiconductor Corp.) -- D:\WINDOWS\SOUNDMAN.EXE
[2011/04/19 02:06:26 | 001,482,752 | ---- | C] (Realtek Semiconductor Corp.) -- D:\WINDOWS\RtlUpd.exe
[2011/04/19 02:06:26 | 000,880,640 | ---- | C] (Realtek Semiconductor Corp.) -- D:\WINDOWS\System32\RTSndMgr.CPL
[2011/04/19 02:06:26 | 000,122,880 | ---- | C] (Realtek Semiconductor) -- D:\WINDOWS\RtkAudioService.exe
[2011/04/19 02:06:26 | 000,037,376 | ---- | C] (Realtek Semiconductor Corp.) -- D:\WINDOWS\System32\RtkCoInstXP.dll
[2011/04/19 02:06:25 | 009,715,200 | ---- | C] (Realtek Semiconductor Corp.) -- D:\WINDOWS\RTLCPL.EXE
[2011/04/19 02:06:24 | 005,095,936 | ---- | C] (Realtek Semiconductor Corp.) -- D:\WINDOWS\System32\drivers\RtkHDAud.sys
[2011/04/19 02:06:22 | 001,389,056 | ---- | C] (Creative Technology Ltd.) -- D:\WINDOWS\System32\drivers\Monfilt.sys
[2011/04/19 02:06:21 | 002,168,320 | ---- | C] (Realtek Semiconductor Corp.) -- D:\WINDOWS\MicCal.exe
[2011/04/19 02:06:20 | 000,131,072 | ---- | C] (Realtek Semiconductor Corp.) -- D:\WINDOWS\ALCMTR.EXE
[2011/04/19 02:06:19 | 002,808,832 | ---- | C] (RealTek Semicoductor Corp.) -- D:\WINDOWS\ALCWZRD.EXE
[2011/04/19 02:06:19 | 001,684,736 | ---- | C] (Creative) -- D:\WINDOWS\System32\drivers\Ambfilt.sys
[2011/04/19 02:06:19 | 000,278,528 | ---- | C] (Realtek Semiconductor Corp.) -- D:\WINDOWS\System32\ALSNDMGR.CPL
[2011/04/19 02:06:10 | 000,540,672 | R--- | C] (Realtek Semiconductor Corp.) -- D:\WINDOWS\RtlExUpd.dll
[2011/04/19 02:01:56 | 000,000,000 | ---D | C] -- D:\Documents and Settings\DoucheBag\Application Data\IDM
[2011/04/19 02:01:56 | 000,000,000 | ---D | C] -- D:\Documents and Settings\DoucheBag\My Documents\Downloads
[2011/04/19 02:01:56 | 000,000,000 | ---D | C] -- D:\Documents and Settings\DoucheBag\Application Data\DMCache
[2011/04/19 02:01:55 | 000,000,000 | ---D | C] -- D:\Documents and Settings\DoucheBag\Start Menu\Programs\Internet Download Manager
[2011/04/19 02:01:55 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Internet Download Manager
[2011/04/19 02:01:16 | 000,311,296 | R--- | C] (ATI Technologies Inc.) -- D:\WINDOWS\System32\atiiiexx.dll
[2011/04/19 02:01:15 | 000,450,560 | R--- | C] (Advanced Micro Devices, Inc.) -- D:\WINDOWS\System32\ATIDEMGX.dll
[2011/04/19 02:01:14 | 000,704,512 | ---- | C] (ATI Technologies Inc.) -- D:\WINDOWS\System32\dllcache\ati2cqag.dll
[2011/04/19 02:01:14 | 000,704,512 | ---- | C] (ATI Technologies Inc.) -- D:\WINDOWS\System32\ati2cqag.dll
[2011/04/19 02:01:14 | 000,155,648 | ---- | C] (ATI Technologies, Inc.) -- D:\WINDOWS\System32\Oemdspif.dll
[2011/04/19 02:01:13 | 002,671,744 | ---- | C] (Advanced Micro Devices, Inc. ) -- D:\WINDOWS\System32\dllcache\ativvaxx.dll
[2011/04/19 02:01:13 | 002,671,744 | ---- | C] (Advanced Micro Devices, Inc. ) -- D:\WINDOWS\System32\ativvaxx.dll
[2011/04/19 02:01:13 | 000,057,344 | ---- | C] (Advanced Micro Devices Inc.) -- D:\WINDOWS\System32\aticalrt.dll
[2011/04/19 02:01:13 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- D:\WINDOWS\System32\ati2edxx.dll
[2011/04/19 02:01:13 | 000,017,408 | ---- | C] (ATI Technologies Inc.) -- D:\WINDOWS\System32\atitvo32.dll
[2011/04/19 02:01:12 | 004,489,216 | ---- | C] (Advanced Micro Devices Inc.) -- D:\WINDOWS\System32\aticaldd.dll
[2011/04/19 02:01:12 | 000,301,056 | ---- | C] (ATI Technologies Inc.) -- D:\WINDOWS\System32\dllcache\ati2dvag.dll
[2011/04/19 02:01:12 | 000,301,056 | ---- | C] (ATI Technologies Inc.) -- D:\WINDOWS\System32\ati2dvag.dll
[2011/04/19 02:01:12 | 000,159,744 | ---- | C] (ATI Technologies Inc.) -- D:\WINDOWS\System32\ati2evxx.dll
[2011/04/19 02:01:12 | 000,118,784 | ---- | C] (Advanced Micro Devices, Inc.) -- D:\WINDOWS\System32\atibtmon.exe
[2011/04/19 02:01:12 | 000,095,744 | ---- | C] (ATI Technologies, Inc.) -- D:\WINDOWS\System32\Ati2mdxx.exe
[2011/04/19 02:01:12 | 000,064,512 | ---- | C] (Advanced Micro Devices, Inc. ) -- D:\WINDOWS\System32\atimpc32.dll
[2011/04/19 02:01:12 | 000,064,512 | ---- | C] (Advanced Micro Devices, Inc. ) -- D:\WINDOWS\System32\amdpcom32.dll
[2011/04/19 02:01:12 | 000,053,248 | ---- | C] ( ATI Technologies Inc.) -- D:\WINDOWS\System32\ATIDDC.DLL
[2011/04/19 02:01:12 | 000,045,056 | ---- | C] (Advanced Micro Devices, Inc.) -- D:\WINDOWS\System32\ATIODCLI.exe
[2011/04/19 02:01:12 | 000,024,064 | ---- | C] (ATI Technologies, Inc.) -- D:\WINDOWS\System32\ativcoxx.dll
[2011/04/19 02:01:10 | 016,330,752 | ---- | C] (Advanced Micro Devices, Inc.) -- D:\WINDOWS\System32\atioglxx.dll
[2011/04/19 02:01:10 | 003,958,784 | ---- | C] (ATI Technologies Inc. ) -- D:\WINDOWS\System32\dllcache\ati3duag.dll
[2011/04/19 02:01:10 | 003,958,784 | ---- | C] (ATI Technologies Inc. ) -- D:\WINDOWS\System32\ati3duag.dll
[2011/04/19 02:01:10 | 000,393,216 | ---- | C] (Advanced Micro Devices, Inc.) -- D:\WINDOWS\System32\atiok3x2.dll
[2011/04/19 02:01:10 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- D:\WINDOWS\System32\drivers\ati2erec.dll
[2011/04/19 02:01:09 | 005,524,480 | ---- | C] (ATI Technologies Inc.) -- D:\WINDOWS\System32\drivers\ati2mtag.sys
[2011/04/19 02:01:09 | 005,524,480 | ---- | C] (ATI Technologies Inc.) -- D:\WINDOWS\System32\dllcache\ati2mtag.sys
[2011/04/19 02:01:09 | 000,212,992 | ---- | C] (ATI Technologies, Inc.) -- D:\WINDOWS\System32\atipdlxx.dll
[2011/04/19 02:01:09 | 000,196,608 | ---- | C] (Advanced Micro Devices, Inc.) -- D:\WINDOWS\System32\atiadlxx.dll
[2011/04/19 02:01:09 | 000,143,360 | ---- | C] (Advanced Micro Devices, Inc.) -- D:\WINDOWS\System32\atiapfxx.exe
[2011/04/19 02:01:09 | 000,053,248 | ---- | C] (Advanced Micro Devices Inc.) -- D:\WINDOWS\System32\aticalcl.dll
[2011/04/19 02:01:08 | 000,651,264 | ---- | C] (ATI Technologies Inc.) -- D:\WINDOWS\System32\atikvmag.dll
[2011/04/19 02:01:08 | 000,294,912 | ---- | C] (Advanced Micro Devices, Inc.) -- D:\WINDOWS\System32\ATIODE.exe
[2011/04/19 01:53:32 | 000,000,000 | ---D | C] -- D:\Documents and Settings\DoucheBag\Application Data\Identities
[2011/04/19 01:53:29 | 000,000,000 | R--D | C] -- D:\Documents and Settings\DoucheBag\My Documents\My Pictures
[2011/04/19 01:53:29 | 000,000,000 | R--D | C] -- D:\Documents and Settings\DoucheBag\My Documents\My Music
[2011/04/19 01:53:27 | 000,000,000 | --SD | C] -- D:\Documents and Settings\DoucheBag\Application Data\Microsoft
[2011/04/19 01:53:27 | 000,000,000 | --SD | C] -- D:\Documents and Settings\DoucheBag\Cookies
[2011/04/19 01:53:27 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\DoucheBag\SendTo
[2011/04/19 01:53:27 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\DoucheBag\Recent
[2011/04/19 01:53:27 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\DoucheBag\Application Data
[2011/04/19 01:53:27 | 000,000,000 | R--D | C] -- D:\Documents and Settings\DoucheBag\Start Menu\Programs\Startup
[2011/04/19 01:53:27 | 000,000,000 | R--D | C] -- D:\Documents and Settings\DoucheBag\Start Menu
[2011/04/19 01:53:27 | 000,000,000 | R--D | C] -- D:\Documents and Settings\DoucheBag\My Documents
[2011/04/19 01:53:27 | 000,000,000 | R--D | C] -- D:\Documents and Settings\DoucheBag\Favorites
[2011/04/19 01:53:27 | 000,000,000 | R--D | C] -- D:\Documents and Settings\DoucheBag\Start Menu\Programs\Accessories
[2011/04/19 01:53:27 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\DoucheBag\Templates
[2011/04/19 01:53:27 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\DoucheBag\PrintHood
[2011/04/19 01:53:27 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\DoucheBag\NetHood
[2011/04/19 01:53:27 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\DoucheBag\Local Settings
[2011/04/19 01:53:27 | 000,000,000 | ---D | C] -- D:\Documents and Settings\DoucheBag\Local Settings\Application Data\Microsoft
[2011/04/19 01:53:27 | 000,000,000 | ---D | C] -- D:\Documents and Settings\DoucheBag\Desktop
[2011/04/19 01:51:30 | 000,156,672 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\winzm.ime
[2011/04/19 01:51:30 | 000,156,672 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\winsp.ime
[2011/04/19 01:51:30 | 000,156,672 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\winpy.ime
[2011/04/19 01:51:29 | 000,079,360 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\winar30.ime
[2011/04/19 01:51:29 | 000,069,120 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wingb.ime
[2011/04/19 01:51:29 | 000,065,536 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\winime.ime
[2011/04/19 01:51:29 | 000,031,232 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\weitekp9.sys
[2011/04/19 01:51:28 | 000,363,520 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\w3svc.dll
[2011/04/19 01:51:28 | 000,076,800 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wam51.dll
[2011/04/19 01:51:28 | 000,053,248 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wamreg51.dll
[2011/04/19 01:51:28 | 000,041,600 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\weitekp9.dll
[2011/04/19 01:51:28 | 000,009,216 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wamps51.dll
[2011/04/19 01:51:27 | 000,086,073 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\voicesub.dll
[2011/04/19 01:51:27 | 000,073,728 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\w3ext.dll
[2011/04/19 01:51:27 | 000,048,256 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\w32.dll
[2011/04/19 01:51:27 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\w3svapi.dll
[2011/04/19 01:51:27 | 000,004,608 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2011/04/19 01:51:26 | 000,426,041 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\voicepad.dll
[2011/04/19 01:51:26 | 000,076,288 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\uniime.dll
[2011/04/19 01:51:26 | 000,065,024 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\unicdime.ime
[2011/04/19 01:51:25 | 000,103,424 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\uihelper.dll
[2011/04/19 01:51:25 | 000,031,232 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tools.dll
[2011/04/19 01:51:25 | 000,014,336 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tsprof.exe
[2011/04/19 01:51:25 | 000,010,240 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tmigrate.dll
[2011/04/19 01:51:24 | 000,571,392 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tintlgnt.ime
[2011/04/19 01:51:24 | 000,455,168 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tintsetp.exe
[2011/04/19 01:51:24 | 000,044,032 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tintlphr.exe
[2011/04/19 01:51:24 | 000,019,464 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tdspx.sys
[2011/04/19 01:51:23 | 000,046,592 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\svcext51.dll
[2011/04/19 01:51:23 | 000,021,896 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tdipx.sys
[2011/04/19 01:51:23 | 000,013,192 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tdasync.sys
[2011/04/19 01:51:22 | 000,101,376 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\srusbusd.dll
[2011/04/19 01:51:22 | 000,046,592 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sspifilt.dll
[2011/04/19 01:51:22 | 000,045,056 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\ssinc51.dll
[2011/04/19 01:51:22 | 000,016,896 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\status.dll
[2011/04/19 01:51:21 | 000,143,422 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\softkey.dll
[2011/04/19 01:51:21 | 000,040,448 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\snmpthrd.dll
[2011/04/19 01:51:21 | 000,008,704 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\snmptrap.exe
[2011/04/19 01:51:21 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2011/04/19 01:51:20 | 000,358,400 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\snmpincl.dll
[2011/04/19 01:51:20 | 000,259,072 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\snmpcl.dll
[2011/04/19 01:51:20 | 000,188,416 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\snmpsmir.dll
[2011/04/19 01:51:20 | 000,010,240 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\snmpstup.dll
[2011/04/19 01:51:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\snmpmib.dll
[2011/04/19 01:51:19 | 000,456,704 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\smtpsvc.dll
[2011/04/19 01:51:19 | 000,032,768 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\snmp.exe
[2011/04/19 01:51:19 | 000,012,288 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2011/04/19 01:51:19 | 000,010,752 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\smtpapi.dll
[2011/04/19 01:51:19 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\smimsgif.dll
[2011/04/19 01:51:18 | 000,236,544 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\smi2smir.exe
[2011/04/19 01:51:18 | 000,031,744 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\smb6w.dll
[2011/04/19 01:51:18 | 000,031,744 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sma3w.dll
[2011/04/19 01:51:18 | 000,015,872 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\smierrsm.dll
[2011/04/19 01:51:18 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\smierrsy.dll
[2011/04/19 01:51:17 | 000,038,912 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm9aw.dll
[2011/04/19 01:51:17 | 000,029,184 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm8cw.dll
[2011/04/19 01:51:17 | 000,026,624 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm93w.dll
[2011/04/19 01:51:17 | 000,026,624 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm92w.dll
[2011/04/19 01:51:17 | 000,026,112 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm90w.dll
[2011/04/19 01:51:17 | 000,026,112 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm8dw.dll
[2011/04/19 01:51:16 | 000,030,208 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm87w.dll
[2011/04/19 01:51:16 | 000,030,208 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm81w.dll
[2011/04/19 01:51:16 | 000,026,112 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm8aw.dll
[2011/04/19 01:51:16 | 000,026,112 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm89w.dll
[2011/04/19 01:51:16 | 000,025,088 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm59w.dll
[2011/04/19 01:51:16 | 000,018,944 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\simptcp.dll
[2011/04/19 01:51:14 | 000,221,696 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\seo.dll
[2011/04/19 01:51:14 | 000,026,112 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2011/04/19 01:51:13 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rwia330.dll
[2011/04/19 01:51:13 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rwia001.dll
[2011/04/19 01:51:13 | 000,057,856 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2011/04/19 01:51:13 | 000,026,624 | ---- | C] (Ricoh Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rw330ext.dll
[2011/04/19 01:51:13 | 000,009,728 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\rwnh.dll
[2011/04/19 01:51:12 | 000,026,112 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\romanime.ime
[2011/04/19 01:51:12 | 000,024,576 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\rw001ext.dll
[2011/04/19 01:51:12 | 000,023,040 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2011/04/19 01:51:12 | 000,004,096 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\rpcref.dll
[2011/04/19 01:51:11 | 000,077,824 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\quick.ime
[2011/04/19 01:51:11 | 000,020,736 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\ramdisk.sys
[2011/04/19 01:51:11 | 000,016,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\quser.exe
[2011/04/19 01:51:11 | 000,014,848 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\register.exe
[2011/04/19 01:51:10 | 000,009,728 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\query.exe
[2011/04/19 01:51:10 | 000,007,680 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\pwsdata.dll
[2011/04/19 01:51:09 | 000,131,584 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\pmxviceo.dll
[2011/04/19 01:51:09 | 000,067,584 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\pmigrate.dll
[2011/04/19 01:51:09 | 000,011,264 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\pmxmcro.dll
[2011/04/19 01:51:09 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\pmxgl.dll
[2011/04/19 01:51:08 | 000,482,304 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\pintlgnt.ime
[2011/04/19 01:51:08 | 000,079,360 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\phon.ime
[2011/04/19 01:51:08 | 000,070,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\pintlphr.exe
[2011/04/19 01:51:08 | 000,053,760 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\pintlcsd.dll
[2011/04/19 01:51:07 | 000,036,927 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\padrs411.dll
[2011/04/19 01:51:07 | 000,031,744 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\pagecnt.dll
[2011/04/19 01:51:07 | 000,020,992 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\permchk.dll
[2011/04/19 01:51:07 | 000,015,360 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\padrs804.dll
[2011/04/19 01:51:07 | 000,014,336 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\padrs412.dll
[2011/04/19 01:51:06 | 000,015,872 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\padrs404.dll
[2011/04/19 01:51:05 | 000,053,248 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\nextlink.dll
[2011/04/19 01:51:05 | 000,044,544 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\nsepm.dll
[2011/04/19 01:51:05 | 000,038,912 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2011/04/19 01:51:04 | 000,229,439 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\multibox.dll
[2011/04/19 01:51:04 | 000,111,104 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mtstocom.exe
[2011/04/19 01:51:03 | 000,040,960 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msiregmv.exe
[2011/04/19 01:51:02 | 001,875,968 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msir3jp.lex
[2011/04/19 01:51:02 | 000,098,304 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msir3jp.dll
[2011/04/19 01:51:00 | 000,007,680 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\migregdb.exe
[2011/04/19 01:50:59 | 000,092,416 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mga.sys
[2011/04/19 01:50:59 | 000,092,032 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mga.dll
[2011/04/19 01:50:59 | 000,085,504 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\metada51.dll
[2011/04/19 01:50:59 | 000,037,888 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\md5filt.dll
[2011/04/19 01:50:59 | 000,026,624 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mdsync.dll
[2011/04/19 01:50:58 | 000,065,536 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2011/04/19 01:50:58 | 000,022,528 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\lpdsvc.dll
[2011/04/19 01:50:58 | 000,018,944 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\lprmon.dll
[2011/04/19 01:50:58 | 000,013,312 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\lonsint.dll
[2011/04/19 01:50:57 | 000,033,792 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\lmmib2.dll
[2011/04/19 01:50:57 | 000,022,016 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\logscrpt.dll
[2011/04/19 01:50:56 | 000,070,656 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\korwbrkr.dll
[2011/04/19 01:50:56 | 000,009,216 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdnecat.dll
[2011/04/19 01:50:56 | 000,007,680 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2011/04/19 01:50:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdnec95.dll
[2011/04/19 01:50:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdibm02.dll
[2011/04/19 01:50:55 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdlk41a.dll
[2011/04/19 01:50:55 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdlk41j.dll
[2011/04/19 01:50:54 | 000,018,432 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\jupiw.dll
[2011/04/19 01:50:54 | 000,009,216 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iwrps.dll
[2011/04/19 01:50:54 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdax2.dll
[2011/04/19 01:50:54 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbd106n.dll
[2011/04/19 01:50:54 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbd101a.dll
[2011/04/19 01:50:54 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbd101.dll
[2011/04/19 01:50:53 | 000,257,024 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\infocomm.dll
[2011/04/19 01:50:53 | 000,035,328 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iprip.dll
[2011/04/19 01:50:53 | 000,026,624 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iscomlog.dll
[2011/04/19 01:50:53 | 000,008,704 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\infoctrs.dll
[2011/04/19 01:50:53 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\isapips.dll
[2011/04/19 01:50:52 | 000,471,102 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imskdic.dll
[2011/04/19 01:50:52 | 000,315,452 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imskf.dll
[2011/04/19 01:50:52 | 000,015,872 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\inetin51.exe
[2011/04/19 01:50:51 | 000,274,489 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjputyc.dll
[2011/04/19 01:50:51 | 000,262,200 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjputy.exe
[2011/04/19 01:50:51 | 000,102,456 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imlang.dll
[2011/04/19 01:50:51 | 000,059,904 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imkrinst.exe
[2011/04/19 01:50:51 | 000,045,109 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjpuex.exe
[2011/04/19 01:50:50 | 000,233,527 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjprw.exe
[2011/04/19 01:50:50 | 000,208,952 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjpmig.exe
[2011/04/19 01:50:50 | 000,155,705 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2011/04/19 01:50:49 | 000,716,856 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjpcus.dll
[2011/04/19 01:50:49 | 000,368,696 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjpcic.dll
[2011/04/19 01:50:49 | 000,307,257 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjpdct.exe
[2011/04/19 01:50:49 | 000,081,976 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjpdct.dll
[2011/04/19 01:50:49 | 000,057,398 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjpdadm.exe
[2011/04/19 01:50:48 | 000,811,064 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjp81k.dll
[2011/04/19 01:50:48 | 000,340,023 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjp81.ime
[2011/04/19 01:50:48 | 000,311,359 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imepadsv.exe
[2011/04/19 01:50:48 | 000,102,463 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imepadsm.dll
[2011/04/19 01:50:47 | 000,106,496 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imekrcic.dll
[2011/04/19 01:50:47 | 000,094,720 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imekr61.ime
[2011/04/19 01:50:47 | 000,086,016 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imekrmbx.dll
[2011/04/19 01:50:47 | 000,044,032 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imekrmig.exe
[2011/04/19 01:50:46 | 000,145,408 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iische51.dll
[2011/04/19 01:50:46 | 000,079,872 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iislog51.dll
[2011/04/19 01:50:46 | 000,060,928 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iisclex4.dll
[2011/04/19 01:50:46 | 000,019,456 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iiscrmap.dll
[2011/04/19 01:50:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iisfecnv.dll
[2011/04/19 01:50:46 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iissync.exe
[2011/04/19 01:50:46 | 000,003,584 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iismui.dll
[2011/04/19 01:50:45 | 000,025,088 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iisadmin.dll
[2011/04/19 01:50:42 | 010,129,408 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\hwxkor.dll
[2011/04/19 01:50:36 | 010,096,640 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\hwxcht.dll
[2011/04/19 01:50:36 | 000,268,288 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\httpext.dll
[2011/04/19 01:50:36 | 000,061,440 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\httpod51.dll
[2011/04/19 01:50:36 | 000,008,192 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\httpmb51.dll
[2011/04/19 01:50:35 | 000,039,936 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\hostmib.dll
[2011/04/19 01:50:35 | 000,036,864 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\hanjadic.dll
[2011/04/19 01:50:34 | 000,400,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxsxp32.dll
[2011/04/19 01:50:34 | 000,192,512 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxswzrd.dll
[2011/04/19 01:50:34 | 000,154,112 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxsui.dll
[2011/04/19 01:50:34 | 000,032,256 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\gzip.dll
[2011/04/19 01:50:33 | 000,562,176 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxsst.dll
[2011/04/19 01:50:33 | 000,397,312 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxstiff.dll
[2011/04/19 01:50:33 | 000,267,776 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxssvc.exe
[2011/04/19 01:50:33 | 000,246,272 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxst30.dll
[2011/04/19 01:50:33 | 000,031,744 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxsroute.dll
[2011/04/19 01:50:33 | 000,011,264 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxssend.exe
[2011/04/19 01:50:32 | 000,055,296 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxsevent.dll
[2011/04/19 01:50:32 | 000,023,552 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxsmon.dll
[2011/04/19 01:50:32 | 000,023,552 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxsext32.dll
[2011/04/19 01:50:32 | 000,008,704 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxsperf.dll
[2011/04/19 01:50:32 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxsres.dll
[2011/04/19 01:50:31 | 000,285,184 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxscomex.dll
[2011/04/19 01:50:31 | 000,229,376 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxscover.exe
[2011/04/19 01:50:31 | 000,143,360 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxsclnt.exe
[2011/04/19 01:50:31 | 000,132,608 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxsclntr.dll
[2011/04/19 01:50:31 | 000,072,192 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxscom.dll
[2011/04/19 01:50:31 | 000,027,136 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxsdrv.dll
[2011/04/19 01:50:30 | 000,452,096 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxsapi.dll
[2011/04/19 01:50:30 | 000,125,952 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\ftpsv251.dll
[2011/04/19 01:50:30 | 000,111,104 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2011/04/19 01:50:30 | 000,007,680 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\ftpctrs2.dll
[2011/04/19 01:50:30 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\ftpmib.dll
[2011/04/19 01:50:29 | 000,043,520 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2011/04/19 01:50:29 | 000,024,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fpadmcgi.exe
[2011/04/19 01:50:29 | 000,020,541 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fpadmdll.dll
[2011/04/19 01:50:29 | 000,014,848 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\flattemp.exe
[2011/04/19 01:50:28 | 000,101,888 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\evntagnt.dll
[2011/04/19 01:50:28 | 000,092,160 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\evntwin.exe
[2011/04/19 01:50:28 | 000,024,064 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\evntcmd.exe
[2011/04/19 01:50:28 | 000,014,336 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\exstrace.dll
[2011/04/19 01:50:28 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\f3ahvoas.dll
[2011/04/19 01:50:27 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- D:\WINDOWS\System32\dllcache\esuimgd.dll
[2011/04/19 01:50:27 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- D:\WINDOWS\System32\dllcache\esunid.dll
[2011/04/19 01:50:27 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- D:\WINDOWS\System32\dllcache\esucmd.dll
[2011/04/19 01:50:27 | 000,025,856 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\et4000.sys
[2011/04/19 01:50:26 | 000,514,587 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\edb500.dll
[2011/04/19 01:50:24 | 000,078,848 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\dayi.ime
[2011/04/19 01:50:24 | 000,042,496 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\davcdata.exe
[2011/04/19 01:50:24 | 000,018,944 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\cprofile.exe
[2011/04/19 01:50:23 | 000,057,399 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\cplexe.exe
[2011/04/19 01:50:23 | 000,056,320 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\convlog.exe
[2011/04/19 01:50:23 | 000,033,792 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\controt.dll
[2011/04/19 01:50:23 | 000,024,064 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\compfilt.dll
[2011/04/19 01:50:23 | 000,020,480 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\counters.dll
[2011/04/19 01:50:22 | 000,480,256 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\cintsetp.exe
[2011/04/19 01:50:22 | 000,198,656 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\cintime.dll
[2011/04/19 01:50:22 | 000,021,504 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\cintlgnt.ime
[2011/04/19 01:50:21 | 000,838,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\chtbrkr.dll
[2011/04/19 01:50:21 | 000,097,792 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\chtmbx.dll
[2011/04/19 01:50:21 | 000,056,320 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\chtskdic.dll
[2011/04/19 01:50:20 | 001,677,824 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\chsbrkr.dll
[2011/04/19 01:50:20 | 000,015,872 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\chgport.exe
[2011/04/19 01:50:20 | 000,014,336 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\chgusr.exe
[2011/04/19 01:50:20 | 000,013,312 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\chglogon.exe
[2011/04/19 01:50:19 | 000,078,336 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\chajei.ime
[2011/04/19 01:50:19 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- D:\WINDOWS\System32\dllcache\cap7146.sys
[2011/04/19 01:50:19 | 000,009,728 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\change.exe
[2011/04/19 01:50:18 | 000,218,112 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\c_g18030.dll
[2011/04/19 01:50:18 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\c_is2022.dll
[2011/04/19 01:50:09 | 000,045,568 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\browscap.dll
[2011/04/19 01:50:08 | 000,369,664 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\asp51.dll
[2011/04/19 01:50:08 | 000,029,184 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\asptxn.dll
[2011/04/19 01:50:08 | 000,010,240 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\aspperf.dll
[2011/04/19 01:50:08 | 000,009,216 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\authfilt.dll
[2011/04/19 01:50:07 | 000,331,264 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\aqueue.dll
[2011/04/19 01:50:07 | 000,108,544 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\appconf.dll
[2011/04/19 01:50:07 | 000,045,056 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2011/04/19 01:50:07 | 000,019,456 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\agt0804.dll
[2011/04/19 01:50:07 | 000,019,456 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\agt0412.dll
[2011/04/19 01:50:06 | 000,019,456 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\agt0411.dll
[2011/04/19 01:50:06 | 000,019,456 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\agt0404.dll
[2011/04/19 01:50:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2011/04/19 01:50:05 | 000,049,664 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\adrot.dll
[2011/04/19 01:50:05 | 000,029,696 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\admexs.dll
[2011/04/19 01:50:05 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\admxprox.dll
[2011/04/19 01:50:04 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wamregps.dll
[2011/04/19 01:50:03 | 002,134,528 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\smtpsnap.dll
[2011/04/19 01:50:03 | 000,189,440 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\smtpadm.dll
[2011/04/19 01:50:03 | 000,032,827 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tcptest.exe
[2011/04/19 01:50:03 | 000,016,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tcptsat.dll
[2011/04/19 01:50:03 | 000,008,192 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\staxmem.dll
[2011/04/19 01:50:02 | 000,020,536 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\shtml.dll
[2011/04/19 01:50:02 | 000,016,437 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\shtml.exe
[2011/04/19 01:50:00 | 000,829,440 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\inetmgr.dll
[2011/04/19 01:50:00 | 000,076,800 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\logui.ocx
[2011/04/19 01:50:00 | 000,068,608 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\isatq.dll
[2011/04/19 01:50:00 | 000,019,968 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\inetsloc.dll
[2011/04/19 01:50:00 | 000,013,312 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\infoadmn.dll
[2011/04/19 01:50:00 | 000,007,680 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\inetmgr.exe
[2011/04/19 01:49:59 | 000,169,984 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iisui.dll
[2011/04/19 01:49:59 | 000,133,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iisrtl.dll
[2011/04/19 01:49:59 | 000,068,608 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iisext51.dll
[2011/04/19 01:49:59 | 000,064,512 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iismap.dll
[2011/04/19 01:49:59 | 000,030,720 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iisrstas.exe
[2011/04/19 01:49:59 | 000,014,336 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iisreset.exe
[2011/04/19 01:49:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iisrstap.dll
[2011/04/19 01:49:58 | 000,598,071 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fpmmc.dll
[2011/04/19 01:49:58 | 000,208,896 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fpmmcsat.dll
[2011/04/19 01:49:58 | 000,188,494 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fpcount.exe
[2011/04/19 01:49:58 | 000,020,541 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fpexedll.dll
[2011/04/19 01:49:58 | 000,020,538 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fpremadm.exe
[2011/04/19 01:49:58 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2011/04/19 01:49:57 | 000,876,653 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fp4awel.dll
[2011/04/19 01:49:57 | 000,109,328 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fp98swin.exe
[2011/04/19 01:49:57 | 000,102,509 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fp4atxt.dll
[2011/04/19 01:49:57 | 000,049,212 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fp4awebs.dll
[2011/04/19 01:49:57 | 000,049,210 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fp4areg.dll
[2011/04/19 01:49:57 | 000,041,020 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fp4avnb.dll
[2011/04/19 01:49:57 | 000,032,826 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fp4avss.dll
[2011/04/19 01:49:57 | 000,014,608 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fp98sadm.exe
[2011/04/19 01:49:56 | 000,275,968 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\certwiz.ocx
[2011/04/19 01:49:56 | 000,188,480 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\cfgwiz.exe
[2011/04/19 01:49:56 | 000,184,435 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fp4amsft.dll
[2011/04/19 01:49:56 | 000,147,513 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fp4apws.dll
[2011/04/19 01:49:56 | 000,082,035 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fp4anscp.dll

nneda

Newbie Surfer
Newbie Surfer

Posts : 27
Joined : 2011-04-17
Operating System : xp

View user profile

Back to top Go down

Re: I can't get rid of Autorun virus.

Post by nneda on Mon 18 Apr 2011, 4:01 pm

[2011/04/19 01:49:56 | 000,076,288 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\cnfgprts.ocx
[2011/04/19 01:49:56 | 000,046,592 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\coadmin.dll
[2011/04/19 01:49:55 | 000,290,816 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\adsiis51.dll
[2011/04/19 01:49:55 | 000,094,720 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\certmap.ocx
[2011/04/19 01:49:55 | 000,043,520 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\admwprox.dll
[2011/04/19 01:49:55 | 000,020,540 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\author.dll
[2011/04/19 01:49:55 | 000,016,439 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\author.exe
[2011/04/19 01:49:54 | 000,020,540 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\admin.dll
[2011/04/19 01:49:54 | 000,016,439 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\admin.exe
[2011/04/19 01:49:31 | 000,112,128 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\mapi32.dll
[2011/04/19 01:49:05 | 000,000,000 | -HSD | C] -- D:\Documents and Settings\All Users.WINDOWS\DRM
[2011/04/19 01:48:29 | 000,028,160 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msoobe.exe
[2011/04/19 01:48:28 | 000,099,840 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\helphost.exe
[2011/04/19 01:48:28 | 000,035,328 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\notiflag.exe
[2011/04/19 01:48:28 | 000,021,504 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\brpinfo.dll
[2011/04/19 01:48:28 | 000,011,264 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\atrace.dll
[2011/04/19 01:48:28 | 000,011,264 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\atrace.dll
[2011/04/19 01:48:28 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\hcappres.dll
[2011/04/19 01:48:22 | 000,047,104 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\srdiag.exe
[2011/04/19 01:48:21 | 000,064,512 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\acctres.dll
[2011/04/19 01:48:21 | 000,064,512 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\acctres.dll
[2011/04/19 01:48:21 | 000,012,288 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\nmevtmsg.dll
[2011/04/19 01:48:21 | 000,012,288 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\nmevtmsg.dll
[2011/04/19 01:48:20 | 000,016,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\icfgnt5.dll
[2011/04/19 01:48:20 | 000,016,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\icfgnt5.dll
[2011/04/19 01:48:19 | 000,725,566 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\srchui.dll
[2011/04/19 01:48:19 | 000,058,434 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\srchctls.dll
[2011/04/19 01:48:18 | 003,166,208 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msgr3en.dll
[2011/04/19 01:48:17 | 001,134,592 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wuaueng.dll
[2011/04/19 01:48:17 | 000,430,592 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\wuapi.dll
[2011/04/19 01:48:17 | 000,430,592 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wuapi.dll
[2011/04/19 01:48:17 | 000,183,296 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\wuaueng1.dll
[2011/04/19 01:48:17 | 000,183,296 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wuaueng1.dll
[2011/04/19 01:48:17 | 000,165,888 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\wuauclt1.exe
[2011/04/19 01:48:17 | 000,165,888 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wuauclt1.exe
[2011/04/19 01:48:17 | 000,162,304 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2011/04/19 01:48:17 | 000,120,320 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wuweb.dll
[2011/04/19 01:48:17 | 000,112,640 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\wucltui.dll
[2011/04/19 01:48:17 | 000,112,640 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wucltui.dll
[2011/04/19 01:48:17 | 000,111,104 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wuauclt.exe
[2011/04/19 01:48:17 | 000,036,864 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\wups.dll
[2011/04/19 01:48:17 | 000,036,864 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wups.dll
[2011/04/19 01:48:17 | 000,018,944 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\qmgrprxy.dll
[2011/04/19 01:48:17 | 000,018,944 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\qmgrprxy.dll
[2011/04/19 01:48:17 | 000,008,192 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\bitsprx2.dll
[2011/04/19 01:48:17 | 000,008,192 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\bitsprx2.dll
[2011/04/19 01:48:17 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\bitsprx3.dll
[2011/04/19 01:48:17 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\bitsprx3.dll
[2011/04/19 01:48:17 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wuauserv.dll
[2011/04/19 01:48:16 | 000,382,464 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\qmgr.dll
[2011/04/19 01:48:15 | 000,561,664 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msobmain.dll
[2011/04/19 01:48:15 | 000,122,368 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msobcomm.dll
[2011/04/19 01:48:15 | 000,051,200 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\oobebaln.exe
[2011/04/19 01:48:15 | 000,030,720 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msobshel.dll
[2011/04/19 01:48:15 | 000,018,944 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msobweb.dll
[2011/04/19 01:48:15 | 000,016,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msobdl.dll
[2011/04/19 01:48:14 | 000,150,528 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\uploadm.exe
[2011/04/19 01:48:14 | 000,045,568 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\safrslv.dll
[2011/04/19 01:48:14 | 000,045,568 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\safrslv.dll
[2011/04/19 01:48:14 | 000,043,520 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\safrcdlg.dll
[2011/04/19 01:48:14 | 000,043,520 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\safrcdlg.dll
[2011/04/19 01:48:14 | 000,043,520 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\racpldlg.dll
[2011/04/19 01:48:14 | 000,043,520 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\racpldlg.dll
[2011/04/19 01:48:14 | 000,029,696 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\safrdm.dll
[2011/04/19 01:48:14 | 000,029,696 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\safrdm.dll
[2011/04/19 01:48:13 | 000,102,400 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\pchshell.dll
[2011/04/19 01:48:13 | 000,038,912 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\pchsvc.dll
[2011/04/19 01:48:12 | 000,158,208 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msconfig.exe
[2011/04/19 01:48:12 | 000,018,944 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\hscupd.exe
[2011/04/19 01:48:11 | 000,768,512 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\helpctr.exe
[2011/04/19 01:48:11 | 000,743,936 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\helpsvc.exe
[2011/04/19 01:48:11 | 000,380,416 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\rstrui.exe
[2011/04/19 01:48:11 | 000,124,800 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fltmgr.sys
[2011/04/19 01:48:11 | 000,022,528 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\fltMc.exe
[2011/04/19 01:48:11 | 000,022,528 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fltmc.exe
[2011/04/19 01:48:11 | 000,016,896 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fltlib.dll
[2011/04/19 01:48:10 | 000,239,104 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\srrstr.dll
[2011/04/19 01:48:10 | 000,239,104 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\srrstr.dll
[2011/04/19 01:48:10 | 000,170,496 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\srsvc.dll
[2011/04/19 01:48:10 | 000,081,920 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\ils.dll
[2011/04/19 01:48:10 | 000,081,920 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\ils.dll
[2011/04/19 01:48:10 | 000,073,472 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sr.sys
[2011/04/19 01:48:10 | 000,067,584 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\srclient.dll
[2011/04/19 01:48:10 | 000,034,560 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\mnmdd.dll
[2011/04/19 01:48:10 | 000,034,560 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mnmdd.dll
[2011/04/19 01:48:10 | 000,032,768 | ---- | C] (Intel Corporation) -- D:\WINDOWS\System32\isrdbg32.dll
[2011/04/19 01:48:10 | 000,032,768 | ---- | C] (Intel Corporation) -- D:\WINDOWS\System32\dllcache\isrdbg32.dll
[2011/04/19 01:48:10 | 000,028,672 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\nmmkcert.dll
[2011/04/19 01:48:10 | 000,028,672 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\nmmkcert.dll
[2011/04/19 01:48:09 | 000,678,400 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\inetcomm.dll
[2011/04/19 01:48:09 | 000,252,928 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\msoeacct.dll
[2011/04/19 01:48:09 | 000,252,928 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msoeacct.dll
[2011/04/19 01:48:09 | 000,190,976 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\schedsvc.dll
[2011/04/19 01:48:09 | 000,105,984 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\msoert2.dll
[2011/04/19 01:48:09 | 000,105,984 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msoert2.dll
[2011/04/19 01:48:09 | 000,069,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\msconf.dll
[2011/04/19 01:48:09 | 000,069,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msconf.dll
[2011/04/19 01:48:09 | 000,048,128 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\inetres.dll
[2011/04/19 01:48:09 | 000,048,128 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\inetres.dll
[2011/04/19 01:48:09 | 000,032,768 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mnmsrvc.exe
[2011/04/19 01:48:08 | 000,274,944 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mstask.dll
[2011/04/19 01:48:08 | 000,274,432 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\inetcfg.dll
[2011/04/19 01:48:08 | 000,274,432 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\inetcfg.dll
[2011/04/19 01:48:08 | 000,081,920 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\isign32.dll
[2011/04/19 01:48:08 | 000,081,920 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\isign32.dll
[2011/04/19 01:48:08 | 000,073,728 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\icwdial.dll
[2011/04/19 01:48:08 | 000,073,728 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\icwdial.dll
[2011/04/19 01:48:08 | 000,065,536 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\icwphbk.dll
[2011/04/19 01:48:08 | 000,065,536 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\icwphbk.dll
[2011/04/19 01:48:08 | 000,012,288 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\mstinit.exe
[2011/04/19 01:48:08 | 000,012,288 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mstinit.exe
[2011/04/19 01:48:04 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users.WINDOWS\Documents\My Pictures
[2011/04/19 01:47:53 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Games
[2011/04/19 01:47:33 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Administrative Tools
[2011/04/19 01:47:28 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users.WINDOWS\Documents\My Music
[2011/04/19 01:47:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\write.exe
[2011/04/19 01:47:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\write.exe
[2011/04/19 01:47:21 | 000,227,840 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\avtapi.dll
[2011/04/19 01:47:21 | 000,227,840 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\avtapi.dll
[2011/04/19 01:47:21 | 000,138,752 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\sndvol32.exe
[2011/04/19 01:47:21 | 000,138,752 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sndvol32.exe
[2011/04/19 01:47:21 | 000,073,216 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\avwav.dll
[2011/04/19 01:47:21 | 000,073,216 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\avwav.dll
[2011/04/19 01:47:21 | 000,044,544 | ---- | C] (Hilgraeve, Inc.) -- D:\WINDOWS\System32\hticons.dll
[2011/04/19 01:47:21 | 000,016,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\avmeter.dll
[2011/04/19 01:47:21 | 000,016,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\avmeter.dll
[2011/04/19 01:47:20 | 000,035,328 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\winchat.exe
[2011/04/19 01:47:20 | 000,035,328 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\winchat.exe
[2011/04/19 01:47:16 | 000,605,696 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\getuname.dll
[2011/04/19 01:47:16 | 000,605,696 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\getuname.dll
[2011/04/19 01:47:16 | 000,080,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\charmap.exe
[2011/04/19 01:47:16 | 000,080,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\charmap.exe
[2011/04/19 01:47:15 | 000,126,976 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\mshearts.exe
[2011/04/19 01:47:15 | 000,126,976 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mshearts.exe
[2011/04/19 01:47:15 | 000,119,808 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\winmine.exe
[2011/04/19 01:47:15 | 000,119,808 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\winmine.exe
[2011/04/19 01:47:15 | 000,114,688 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\calc.exe
[2011/04/19 01:47:15 | 000,114,688 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\calc.exe
[2011/04/19 01:47:15 | 000,056,832 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\sol.exe
[2011/04/19 01:47:15 | 000,056,832 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sol.exe
[2011/04/19 01:47:15 | 000,055,296 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\freecell.exe
[2011/04/19 01:47:15 | 000,055,296 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\freecell.exe
[2011/04/19 01:47:15 | 000,009,728 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\reset.exe
[2011/04/19 01:47:15 | 000,009,728 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\reset.exe
[2011/04/19 01:47:14 | 000,033,792 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\regini.exe
[2011/04/19 01:47:14 | 000,033,792 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\regini.exe
[2011/04/19 01:47:14 | 000,022,016 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\qwinsta.exe
[2011/04/19 01:47:14 | 000,022,016 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\qwinsta.exe
[2011/04/19 01:47:14 | 000,020,992 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\msg.exe
[2011/04/19 01:47:14 | 000,020,992 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msg.exe
[2011/04/19 01:47:14 | 000,016,896 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\tsshutdn.exe
[2011/04/19 01:47:14 | 000,016,896 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tsshutdn.exe
[2011/04/19 01:47:14 | 000,016,896 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\qappsrv.exe
[2011/04/19 01:47:14 | 000,016,896 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\qappsrv.exe
[2011/04/19 01:47:14 | 000,016,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\tskill.exe
[2011/04/19 01:47:14 | 000,016,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tskill.exe
[2011/04/19 01:47:14 | 000,015,872 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\rwinsta.exe
[2011/04/19 01:47:14 | 000,015,872 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\rwinsta.exe
[2011/04/19 01:47:14 | 000,015,872 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\cdmodem.dll
[2011/04/19 01:47:14 | 000,015,872 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\cdmodem.dll
[2011/04/19 01:47:14 | 000,015,360 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\logoff.exe
[2011/04/19 01:47:14 | 000,015,360 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\logoff.exe
[2011/04/19 01:47:14 | 000,014,848 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\tsdiscon.exe
[2011/04/19 01:47:14 | 000,014,848 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tsdiscon.exe
[2011/04/19 01:47:14 | 000,014,848 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\tscon.exe
[2011/04/19 01:47:14 | 000,014,848 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tscon.exe
[2011/04/19 01:47:14 | 000,014,848 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\shadow.exe
[2011/04/19 01:47:14 | 000,014,848 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\shadow.exe
[2011/04/19 01:47:14 | 000,004,096 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\rdpcfgex.dll
[2011/04/19 01:47:14 | 000,004,096 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\rdpcfgex.dll
[2011/04/19 01:47:13 | 000,082,432 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\comrepl.dll
[2011/04/19 01:47:13 | 000,082,432 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\comrepl.dll
[2011/04/19 01:47:13 | 000,054,272 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\stclient.dll
[2011/04/19 01:47:13 | 000,054,272 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\stclient.dll
[2011/04/19 01:47:13 | 000,025,600 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\comaddin.dll
[2011/04/19 01:47:13 | 000,025,600 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\comaddin.dll
[2011/04/19 01:47:13 | 000,025,088 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\mtxlegih.dll
[2011/04/19 01:47:13 | 000,025,088 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mtxlegih.dll
[2011/04/19 01:47:13 | 000,020,480 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\mtxdm.dll
[2011/04/19 01:47:13 | 000,020,480 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mtxdm.dll
[2011/04/19 01:47:13 | 000,019,456 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mtsadmin.tlb
[2011/04/19 01:47:13 | 000,005,120 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\dcomcnfg.exe
[2011/04/19 01:47:13 | 000,005,120 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dcomcnfg.exe
[2011/04/19 01:47:13 | 000,005,120 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\comrereg.exe
[2011/04/19 01:47:13 | 000,004,096 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\mtxex.dll
[2011/04/19 01:47:13 | 000,004,096 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mtxex.dll
[2011/04/19 01:47:12 | 000,147,456 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\comsnap.dll
[2011/04/19 01:47:12 | 000,147,456 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\comsnap.dll
[2011/04/19 01:47:12 | 000,045,568 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmi2xml.dll
[2011/04/19 01:47:10 | 000,273,920 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msiprov.dll
[2011/04/19 01:47:10 | 000,116,224 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\updprov.dll
[2011/04/19 01:47:10 | 000,075,264 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmipicmp.dll
[2011/04/19 01:47:10 | 000,061,952 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tmplprov.dll
[2011/04/19 01:47:10 | 000,061,440 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmimsg.dll
[2011/04/19 01:47:10 | 000,059,904 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wbemdisp.tlb
[2011/04/19 01:47:10 | 000,059,904 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\trnsprov.dll
[2011/04/19 01:47:10 | 000,052,224 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmitimep.dll
[2011/04/19 01:47:10 | 000,040,960 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\smtpcons.dll
[2011/04/19 01:47:10 | 000,031,232 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wbemads.tlb
[2011/04/19 01:47:10 | 000,016,896 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\unsecapp.exe
[2011/04/19 01:47:10 | 000,016,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\winmgmtr.dll
[2011/04/19 01:47:10 | 000,013,312 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\winmgmt.exe
[2011/04/19 01:47:10 | 000,012,288 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wbemads.dll
[2011/04/19 01:47:09 | 000,120,320 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\dsprov.dll
[2011/04/19 01:47:09 | 000,053,248 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fwdprov.dll
[2011/04/19 01:47:04 | 000,183,808 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\accwiz.exe
[2011/04/19 01:47:04 | 000,183,808 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\accwiz.exe
[2011/04/19 01:47:04 | 000,068,608 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\access.cpl
[2011/04/19 01:47:04 | 000,068,608 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\access.cpl
[2011/04/19 01:47:03 | 000,538,624 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\spider.exe
[2011/04/19 01:47:03 | 000,538,624 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\spider.exe
[2011/04/19 01:47:03 | 000,345,088 | ---- | C] (Hilgraeve, Inc.) -- D:\WINDOWS\System32\hypertrm.dll
[2011/04/19 01:47:03 | 000,343,040 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\mspaint.exe
[2011/04/19 01:47:03 | 000,343,040 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mspaint.exe
[2011/04/19 01:47:03 | 000,131,584 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\sndrec32.exe
[2011/04/19 01:47:03 | 000,131,584 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sndrec32.exe
[2011/04/19 01:47:03 | 000,123,392 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\mplay32.exe
[2011/04/19 01:47:03 | 000,123,392 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mplay32.exe
[2011/04/19 01:47:03 | 000,102,912 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\clipbrd.exe
[2011/04/19 01:47:03 | 000,102,912 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\clipbrd.exe
[2011/04/19 01:47:02 | 000,655,360 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mstscax.dll
[2011/04/19 01:47:02 | 000,407,552 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mstsc.exe
[2011/04/19 01:47:02 | 000,147,968 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\rdchost.dll
[2011/04/19 01:47:02 | 000,147,968 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\rdchost.dll
[2011/04/19 01:47:02 | 000,140,800 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sessmgr.exe
[2011/04/19 01:47:02 | 000,139,400 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\rdpwd.sys
[2011/04/19 01:47:02 | 000,093,696 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\tscfgwmi.dll
[2011/04/19 01:47:02 | 000,093,696 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tscfgwmi.dll
[2011/04/19 01:47:02 | 000,067,072 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\rdshost.exe
[2011/04/19 01:47:02 | 000,067,072 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\rdshost.exe
[2011/04/19 01:47:02 | 000,060,416 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\remotepg.dll
[2011/04/19 01:47:02 | 000,044,544 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\tscupgrd.exe
[2011/04/19 01:47:02 | 000,044,544 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tscupgrd.exe
[2011/04/19 01:47:02 | 000,021,896 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tdtcp.sys
[2011/04/19 01:47:02 | 000,013,824 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\rdsaddin.exe
[2011/04/19 01:47:02 | 000,013,824 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\rdsaddin.exe
[2011/04/19 01:47:02 | 000,012,040 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tdpipe.sys
[2011/04/19 01:47:01 | 000,425,472 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\msdtcprx.dll
[2011/04/19 01:47:01 | 000,425,472 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msdtcprx.dll
[2011/04/19 01:47:01 | 000,295,424 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\termsrv.dll
[2011/04/19 01:47:01 | 000,161,280 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\msdtcuiu.dll
[2011/04/19 01:47:01 | 000,161,280 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msdtcuiu.dll
[2011/04/19 01:47:01 | 000,090,112 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\mtxoci.dll
[2011/04/19 01:47:01 | 000,090,112 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mtxoci.dll
[2011/04/19 01:47:01 | 000,087,176 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\rdpwsx.dll
[2011/04/19 01:47:01 | 000,087,176 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\rdpwsx.dll
[2011/04/19 01:47:01 | 000,062,464 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\rdpclip.exe
[2011/04/19 01:47:01 | 000,062,464 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\rdpclip.exe
[2011/04/19 01:47:01 | 000,038,912 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\cfgbkend.dll
[2011/04/19 01:47:01 | 000,038,912 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\cfgbkend.dll
[2011/04/19 01:47:01 | 000,020,480 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\qprocess.exe
[2011/04/19 01:47:01 | 000,020,480 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\qprocess.exe
[2011/04/19 01:47:01 | 000,019,968 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\rdpsnd.dll
[2011/04/19 01:47:01 | 000,019,968 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\rdpsnd.dll
[2011/04/19 01:47:01 | 000,011,264 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\icaapi.dll
[2011/04/19 01:47:01 | 000,011,264 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\icaapi.dll
[2011/04/19 01:47:00 | 000,949,248 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\msdtctm.dll
[2011/04/19 01:47:00 | 000,949,248 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msdtctm.dll
[2011/04/19 01:47:00 | 000,195,584 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\comadmin.dll
[2011/04/19 01:47:00 | 000,058,880 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\msdtclog.dll
[2011/04/19 01:47:00 | 000,058,880 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msdtclog.dll
[2011/04/19 01:47:00 | 000,011,776 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\xolehlp.dll
[2011/04/19 01:47:00 | 000,011,776 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\xolehlp.dll
[2011/04/19 01:47:00 | 000,009,728 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\comrepl.exe
[2011/04/19 01:47:00 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msdtc.exe
[2011/04/19 01:46:59 | 001,251,840 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\comsvcs.dll
[2011/04/19 01:46:59 | 001,251,840 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\comsvcs.dll
[2011/04/19 01:46:59 | 000,628,224 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\catsrvut.dll
[2011/04/19 01:46:59 | 000,628,224 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\catsrvut.dll
[2011/04/19 01:46:59 | 000,540,160 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\comuid.dll
[2011/04/19 01:46:59 | 000,540,160 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\comuid.dll
[2011/04/19 01:46:59 | 000,229,888 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\catsrv.dll
[2011/04/19 01:46:59 | 000,229,888 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\catsrv.dll
[2011/04/19 01:46:59 | 000,110,080 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\clbcatex.dll
[2011/04/19 01:46:59 | 000,110,080 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\clbcatex.dll
[2011/04/19 01:46:59 | 000,085,504 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\catsrvps.dll
[2011/04/19 01:46:59 | 000,085,504 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\catsrvps.dll
[2011/04/19 01:46:59 | 000,062,464 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\colbact.dll
[2011/04/19 01:46:59 | 000,062,464 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\colbact.dll
[2011/04/19 01:46:58 | 000,501,248 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\clbcatq.dll
[2011/04/19 01:46:57 | 000,358,912 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmic.exe
[2011/04/19 01:46:57 | 000,273,920 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wbemess.dll
[2011/04/19 01:46:57 | 000,197,120 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wbemupgd.dll
[2011/04/19 01:46:57 | 000,196,608 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmiadap.exe
[2011/04/19 01:46:57 | 000,156,672 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmipcima.dll
[2011/04/19 01:46:57 | 000,144,896 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmisvc.dll
[2011/04/19 01:46:57 | 000,144,896 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmiprov.dll
[2011/04/19 01:46:57 | 000,140,800 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmidcprv.dll
[2011/04/19 01:46:57 | 000,132,096 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmipdskq.dll
[2011/04/19 01:46:57 | 000,126,464 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmiapsrv.exe
[2011/04/19 01:46:57 | 000,116,224 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wbemtest.exe
[2011/04/19 01:46:57 | 000,095,232 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmiutils.dll
[2011/04/19 01:46:57 | 000,089,088 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmiaprpl.dll
[2011/04/19 01:46:57 | 000,062,976 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmipjobj.dll
[2011/04/19 01:46:57 | 000,062,464 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmipiprt.dll
[2011/04/19 01:46:57 | 000,060,928 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmicookr.dll
[2011/04/19 01:46:57 | 000,043,520 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wbemsvc.dll
[2011/04/19 01:46:57 | 000,041,472 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmipsess.dll
[2011/04/19 01:46:57 | 000,018,944 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wbemprox.dll
[2011/04/19 01:46:57 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmiapres.dll
[2011/04/19 01:46:56 | 000,530,944 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wbemcore.dll
[2011/04/19 01:46:56 | 000,237,056 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\provthrd.dll
[2011/04/19 01:46:56 | 000,214,528 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wbemcomn.dll
[2011/04/19 01:46:56 | 000,196,608 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wbemcntl.dll
[2011/04/19 01:46:56 | 000,178,176 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wbemdisp.dll
[2011/04/19 01:46:56 | 000,177,152 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\repdrvfs.dll
[2011/04/19 01:46:56 | 000,131,584 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\viewprov.dll
[2011/04/19 01:46:56 | 000,092,672 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\policman.dll
[2011/04/19 01:46:56 | 000,086,528 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\stdprov.dll
[2011/04/19 01:46:56 | 000,071,680 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wbemcons.dll
[2011/04/19 01:46:56 | 000,036,864 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\scrcons.exe
[2011/04/19 01:46:55 | 000,247,808 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\esscli.dll
[2011/04/19 01:46:55 | 000,212,992 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\ntevt.dll
[2011/04/19 01:46:55 | 000,185,856 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\framedyn.dll
[2011/04/19 01:46:55 | 000,123,904 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mofd.dll
[2011/04/19 01:46:55 | 000,047,104 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\ncprov.dll
[2011/04/19 01:46:55 | 000,024,576 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\krnlprov.dll
[2011/04/19 01:46:55 | 000,016,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mofcomp.exe
[2011/04/19 01:46:54 | 001,352,192 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\cimwin32.dll
[2011/04/19 01:46:54 | 000,185,344 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\cmprops.dll
[2011/04/19 01:46:54 | 000,185,344 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\cmprops.dll
[2011/04/19 01:46:54 | 000,058,880 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\licwmi.dll
[2011/04/19 01:46:54 | 000,058,880 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\licwmi.dll
[2011/04/19 01:46:54 | 000,056,320 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\servdeps.dll
[2011/04/19 01:46:54 | 000,056,320 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\servdeps.dll
[2011/04/19 01:46:54 | 000,017,408 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\mmfutil.dll
[2011/04/19 01:46:54 | 000,017,408 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mmfutil.dll
[2011/04/19 01:46:49 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users.WINDOWS\Documents\My Videos
[2011/04/19 01:46:38 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Accessories
[2011/04/19 01:44:24 | 000,185,344 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\Thawbrkr.dll
[2011/04/19 01:44:24 | 000,010,752 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\c_iscii.dll
[2011/04/19 01:44:24 | 000,006,144 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdinpun.dll
[2011/04/19 01:44:24 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdvntc.dll
[2011/04/19 01:44:24 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdintel.dll
[2011/04/19 01:44:24 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdintam.dll
[2011/04/19 01:44:24 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdinmar.dll
[2011/04/19 01:44:24 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdinkan.dll
[2011/04/19 01:44:24 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdinhin.dll
[2011/04/19 01:44:24 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdinguj.dll
[2011/04/19 01:44:24 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdindev.dll
[2011/04/19 01:44:24 | 000,005,120 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdgeo.dll
[2011/04/19 01:44:24 | 000,005,120 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdarmw.dll
[2011/04/19 01:44:24 | 000,005,120 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdarme.dll
[2011/04/19 01:44:22 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdurdu.dll
[2011/04/19 01:44:22 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdsyr2.dll
[2011/04/19 01:44:22 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdsyr1.dll
[2011/04/19 01:44:22 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdfa.dll
[2011/04/19 01:44:22 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbddiv2.dll
[2011/04/19 01:44:22 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbddiv1.dll
[2011/04/19 01:44:22 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbda3.dll
[2011/04/19 01:44:22 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbda2.dll
[2011/04/19 01:44:22 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbda1.dll
[2011/04/19 01:44:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdusa.dll
[2011/04/19 01:44:20 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdheb.dll
[2011/04/19 01:44:18 | 000,006,144 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdth3.dll
[2011/04/19 01:44:18 | 000,006,144 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdth2.dll
[2011/04/19 01:44:18 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdth1.dll
[2011/04/19 01:44:18 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdth0.dll
[2011/04/19 01:44:17 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\ftlx041e.dll
[2011/04/19 01:42:45 | 000,086,016 | ---- | C] (Conexant) -- D:\WINDOWS\System32\mdmxsdk.dll
[2011/04/19 01:42:45 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- D:\WINDOWS\System32\HSFCISP2.dll
[2011/04/19 01:42:38 | 000,074,240 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\usbui.dll
[2011/04/19 01:41:52 | 000,006,144 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdtuq.dll
[2011/04/19 01:41:52 | 000,006,144 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdtuf.dll
[2011/04/19 01:41:52 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdazel.dll
[2011/04/19 01:41:51 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdycc.dll
[2011/04/19 01:41:51 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbduzb.dll
[2011/04/19 01:41:51 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdur.dll
[2011/04/19 01:41:51 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdtat.dll
[2011/04/19 01:41:51 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdru1.dll
[2011/04/19 01:41:51 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdru.dll
[2011/04/19 01:41:51 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdmon.dll
[2011/04/19 01:41:51 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdkyr.dll
[2011/04/19 01:41:51 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdkaz.dll
[2011/04/19 01:41:51 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdbu.dll
[2011/04/19 01:41:51 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdblr.dll
[2011/04/19 01:41:51 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdaze.dll
[2011/04/19 01:41:50 | 000,008,192 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdhept.dll
[2011/04/19 01:41:50 | 000,006,656 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdhela3.dll
[2011/04/19 01:41:50 | 000,006,144 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdhela2.dll
[2011/04/19 01:41:50 | 000,006,144 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdgkl.dll
[2011/04/19 01:41:50 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdhe319.dll
[2011/04/19 01:41:50 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdhe220.dll
[2011/04/19 01:41:50 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdhe.dll
[2011/04/19 01:41:49 | 000,006,144 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdlv1.dll
[2011/04/19 01:41:49 | 000,006,144 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdlv.dll
[2011/04/19 01:41:49 | 000,006,144 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdest.dll
[2011/04/19 01:41:49 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdlt1.dll
[2011/04/19 01:41:49 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdlt.dll
[2011/04/19 01:41:47 | 000,007,168 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdcz.dll
[2011/04/19 01:41:47 | 000,006,656 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdycl.dll
[2011/04/19 01:41:47 | 000,006,656 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdsl1.dll
[2011/04/19 01:41:47 | 000,006,656 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdsl.dll
[2011/04/19 01:41:47 | 000,006,656 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdpl.dll
[2011/04/19 01:41:47 | 000,006,656 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdhu.dll
[2011/04/19 01:41:47 | 000,006,656 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdcz2.dll
[2011/04/19 01:41:47 | 000,006,656 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdcz1.dll
[2011/04/19 01:41:47 | 000,006,656 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdcr.dll
[2011/04/19 01:41:47 | 000,006,656 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\KBDAL.DLL
[2011/04/19 01:41:47 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdro.dll
[2011/04/19 01:41:47 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdpl1.dll
[2011/04/19 01:41:47 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdhu1.dll
[2011/04/19 01:41:46 | 000,176,157 | ---- | C] (Digi International, Inc.) -- D:\WINDOWS\System32\dgrpsetu.dll
[2011/04/19 01:41:46 | 000,085,020 | ---- | C] (Digi International) -- D:\WINDOWS\System32\dgsetup.dll
[2011/04/19 01:41:46 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- D:\WINDOWS\System32\spxcoins.dll
[2011/04/19 01:41:46 | 000,013,312 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\irclass.dll
[2011/04/19 01:41:45 | 000,126,912 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\MSVIDEO.DLL
[2011/04/19 01:41:45 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- D:\WINDOWS\System32\EqnClass.Dll
[2011/04/19 01:41:45 | 000,082,944 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\OLECLI.DLL
[2011/04/19 01:41:45 | 000,073,376 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\MCIAVI.DRV
[2011/04/19 01:41:45 | 000,028,160 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\MCIWAVE.DRV
[2011/04/19 01:41:45 | 000,025,264 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\MCISEQ.DRV
[2011/04/19 01:41:45 | 000,024,064 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\OLESVR.DLL
[2011/04/19 01:41:45 | 000,019,200 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\TAPI.DLL
[2011/04/19 01:41:45 | 000,013,600 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\WFWNET.DRV
[2011/04/19 01:41:45 | 000,009,008 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\VER.DLL
[2011/04/19 01:41:45 | 000,005,120 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\SHELL.DLL
[2011/04/19 01:41:45 | 000,004,048 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\TIMER.DRV
[2011/04/19 01:41:45 | 000,003,360 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\SYSTEM.DRV
[2011/04/19 01:41:45 | 000,002,176 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\VGA.DRV
[2011/04/19 01:41:45 | 000,002,032 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\MOUSE.DRV
[2011/04/19 01:41:45 | 000,002,000 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\KEYBOARD.DRV
[2011/04/19 01:41:45 | 000,001,744 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\SOUND.DRV
[2011/04/19 01:41:45 | 000,001,152 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\MMTASK.TSK
[2011/04/19 01:41:44 | 000,146,432 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\WINSPOOL.DRV
[2011/04/19 01:41:44 | 000,109,456 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\AVIFILE.DLL
[2011/04/19 01:41:44 | 000,069,584 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\AVICAP.DLL
[2011/04/19 01:41:44 | 000,032,816 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\COMMDLG.DLL
[2011/04/19 01:41:44 | 000,015,360 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\TASKMAN.EXE
[2011/04/19 01:41:44 | 000,009,936 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\LZEXPAND.DLL
[2011/04/19 01:41:44 | 000,008,704 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\batt.dll
[2011/04/19 01:41:43 | 000,074,752 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\storprop.dll
[2011/04/19 01:41:43 | 000,068,768 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\MMSYSTEM.DLL
[2011/04/19 01:41:39 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup
[2011/04/19 01:41:39 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users.WINDOWS\Start Menu
[2011/04/19 01:41:39 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users.WINDOWS\Documents
[2011/04/19 01:41:39 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\All Users.WINDOWS\Templates
[2011/04/19 01:41:39 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users.WINDOWS\Favorites
[2011/04/19 01:41:39 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users.WINDOWS\Desktop
[2011/04/19 01:41:24 | 000,000,000 | --SD | C] -- D:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft
[2011/04/19 01:41:24 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\All Users.WINDOWS\Application Data
[2011/04/19 00:12:06 | 000,000,000 | ---D | C] -- D:\Program Files\Yahoo!
[2011/04/17 23:47:46 | 000,000,000 | ---D | C] -- D:\Program Files\Conduit
[2011/04/17 23:47:45 | 000,000,000 | ---D | C] -- D:\Program Files\ConduitEngine
[2011/04/17 23:47:43 | 000,000,000 | ---D | C] -- D:\Program Files\ooVoo_Video_Chat
[2011/04/17 23:25:50 | 000,000,000 | ---D | C] -- D:\Program Files\ooVoo
[2011/04/17 22:47:24 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\PCCamera
[2011/04/17 22:47:24 | 000,000,000 | ---D | C] -- D:\Program Files\PC Camera
[2011/04/17 22:47:24 | 000,000,000 | ---D | C] -- D:\WINDOWS\PAC207
[2011/04/17 22:20:49 | 000,077,824 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\spcommon.dll
[2011/04/17 22:20:49 | 000,061,440 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\spcplui.dll
[2011/04/17 22:20:48 | 000,774,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\spttseng.dll
[2011/04/17 22:20:48 | 000,155,648 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sapi.cpl
[2011/04/17 22:20:48 | 000,036,864 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sapisvr.exe
[2011/04/17 22:20:47 | 000,741,376 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sapi.dll
[2011/04/17 21:45:25 | 000,000,000 | ---D | C] -- D:\Program Files\The KMPlayer
[2011/04/17 21:43:27 | 000,000,000 | ---D | C] -- D:\WINDOWS\ERDNT
[2011/04/17 21:36:53 | 000,000,000 | ---D | C] -- D:\Program Files\Internet Download Manager
[2011/04/17 19:49:26 | 000,000,000 | ---D | C] -- D:\Program Files\Autorun Eater
[2011/04/17 19:24:44 | 000,000,000 | ---D | C] -- D:\Program Files\Mozilla Firefox
[2011/04/17 18:50:59 | 000,000,000 | ---D | C] -- D:\Program Files\WinRAR
[2011/04/17 18:42:23 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Symantec Shared
[2011/04/17 18:41:45 | 000,000,000 | ---D | C] -- D:\Program Files\Norton Internet Security
[2011/04/17 18:39:19 | 000,000,000 | ---D | C] -- D:\Program Files\NortonInstaller
[2011/04/17 18:35:31 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers\INF
[2011/04/17 18:35:30 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers\system32
[2011/04/17 18:35:30 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers\system32\drivers
[2011/04/17 18:33:40 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\ReinstallBackups
[2011/04/17 18:33:38 | 000,000,000 | ---D | C] -- D:\Program Files\Intel
[2011/04/17 18:33:21 | 000,000,000 | ---D | C] -- D:\Intel
[2011/04/17 18:32:51 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Lang
[2011/04/17 18:30:44 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\RTCOM
[2011/04/17 18:29:11 | 000,000,000 | ---D | C] -- D:\Program Files\Realtek
[2011/04/17 18:22:22 | 000,000,000 | ---D | C] -- D:\Program Files\AutorunRemover
[2011/04/17 18:18:34 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\DRVSTORE
[2011/04/17 18:17:32 | 000,000,000 | R-SD | C] -- D:\WINDOWS\assembly
[2011/04/17 18:17:23 | 000,000,000 | ---D | C] -- D:\WINDOWS\Microsoft.NET
[2011/04/17 18:16:36 | 000,000,000 | ---D | C] -- D:\Program Files\ATI
[2011/04/17 18:16:00 | 000,000,000 | ---D | C] -- D:\Program Files\ATI Technologies
[2011/04/17 18:14:23 | 000,000,000 | -H-D | C] -- D:\Program Files\InstallShield Installation Information
[2011/04/17 18:13:35 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\InstallShield
[2011/04/17 18:13:35 | 000,000,000 | ---D | C] -- D:\WINDOWS\Downloaded Installations
[2011/04/17 18:13:14 | 000,000,000 | -HSD | C] -- D:\Recycled
[2011/04/17 18:11:33 | 000,000,000 | -H-D | C] -- D:\Program Files\Uninstall Information
[2011/04/17 18:10:54 | 000,000,000 | --SD | C] -- D:\System Volume Information
[2011/04/17 18:10:54 | 000,000,000 | ---D | C] -- D:\WINDOWS\SoftwareDistribution
[2011/04/17 18:10:53 | 000,000,000 | --SD | C] -- D:\WINDOWS\System32\Microsoft
[2011/04/17 18:10:53 | 000,000,000 | ---D | C] -- D:\WINDOWS\Prefetch
[2011/04/17 18:10:52 | 000,000,000 | --SD | C] -- D:\Documents and Settings\LocalService\Application Data\Microsoft
[2011/04/17 18:10:52 | 000,000,000 | ---D | C] -- D:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2011/04/17 18:10:38 | 000,000,000 | --SD | C] -- D:\Documents and Settings\NetworkService\Application Data\Microsoft
[2011/04/17 18:10:38 | 000,000,000 | ---D | C] -- D:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2011/04/17 18:08:04 | 000,618,605 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fp4autl.dll
[2011/04/17 18:07:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\xircom
[2011/04/17 18:07:26 | 000,000,000 | ---D | C] -- D:\Program Files\xerox
[2011/04/17 18:07:26 | 000,000,000 | ---D | C] -- D:\Program Files\microsoft frontpage
[2011/04/17 18:06:36 | 000,000,000 | --SD | C] -- D:\WINDOWS\Downloaded Program Files
[2011/04/17 18:06:36 | 000,000,000 | R--D | C] -- D:\WINDOWS\Offline Web Pages
[2011/04/17 18:06:30 | 000,000,000 | -H-D | C] -- D:\Program Files\WindowsUpdate
[2011/04/17 18:06:18 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\DirectX
[2011/04/17 18:05:56 | 000,039,936 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msinfo32.exe
[2011/04/17 18:05:56 | 000,012,288 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wb32.exe
[2011/04/17 18:05:56 | 000,012,288 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\cb32.exe
[2011/04/17 18:05:55 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Services
[2011/04/17 18:05:53 | 000,235,520 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mssoap1.dll
[2011/04/17 18:05:53 | 000,073,728 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\icwtutor.exe
[2011/04/17 18:05:53 | 000,061,440 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\icwres.dll
[2011/04/17 18:05:53 | 000,040,960 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\trialoc.dll
[2011/04/17 18:05:53 | 000,025,088 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wisc10.dll
[2011/04/17 18:05:53 | 000,023,552 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mssoapr.dll
[2011/04/17 18:05:53 | 000,016,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\isignup.exe
[2011/04/17 18:05:53 | 000,000,000 | --SD | C] -- D:\WINDOWS\Tasks
[2011/04/17 18:05:53 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\MSSoap
[2011/04/17 18:05:52 | 000,093,184 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\ieinfo5.ocx
[2011/04/17 18:05:50 | 000,848,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\vgx.dll
[2011/04/17 18:05:50 | 000,000,000 | ---D | C] -- D:\WINDOWS\srchasst
[2011/04/17 18:05:49 | 000,774,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\setup_wm.exe
[2011/04/17 18:05:49 | 000,098,304 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmpband.dll
[2011/04/17 18:05:49 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Macromed
[2011/04/17 18:05:48 | 000,786,432 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\migrate.exe
[2011/04/17 18:05:48 | 000,368,640 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mpvis.dll
[2011/04/17 18:05:48 | 000,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- D:\WINDOWS\System32\dllcache\npdsplay.dll
[2011/04/17 18:05:48 | 000,226,816 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\npdrmv2.dll
[2011/04/17 18:05:48 | 000,221,184 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmpns.dll
[2011/04/17 18:05:48 | 000,073,728 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmplayer.exe
[2011/04/17 18:05:48 | 000,028,672 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\custsat.dll
[2011/04/17 18:05:48 | 000,010,240 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2011/04/17 18:05:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmm2res2.dll
[2011/04/17 18:05:45 | 000,004,096 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmm2eres.dll
[2011/04/17 18:05:44 | 004,256,768 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmm2res.dll
[2011/04/17 18:05:44 | 000,502,272 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmm2fxa.dll
[2011/04/17 18:05:44 | 000,402,432 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmm2filt.dll
[2011/04/17 18:05:44 | 000,325,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmm2fxb.dll
[2011/04/17 18:05:44 | 000,167,936 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmm2ae.dll
[2011/04/17 18:05:44 | 000,007,680 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wmm2ext.dll
[2011/04/17 18:05:43 | 003,555,328 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\moviemk.exe
[2011/04/17 18:05:43 | 000,000,000 | ---D | C] -- D:\Program Files\Movie Maker
[2011/04/17 18:05:37 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Restore
[2011/04/17 18:05:36 | 000,229,376 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\nmas.dll
[2011/04/17 18:05:36 | 000,040,960 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\dcap32.dll
[2011/04/17 18:05:36 | 000,028,672 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\nmasnt.dll
[2011/04/17 18:05:35 | 000,385,024 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\callcont.dll
[2011/04/17 18:05:35 | 000,274,432 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mst120.dll
[2011/04/17 18:05:35 | 000,221,184 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\nac.dll
[2011/04/17 18:05:35 | 000,081,920 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\nmchat.dll
[2011/04/17 18:05:35 | 000,077,824 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\nmcom.dll
[2011/04/17 18:05:35 | 000,061,440 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\rrcm.dll
[2011/04/17 18:05:35 | 000,057,344 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mst123.dll
[2011/04/17 18:05:35 | 000,057,344 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\h323cc.dll
[2011/04/17 18:05:35 | 000,045,056 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\confmrsl.dll
[2011/04/17 18:05:34 | 001,032,192 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\conf.exe
[2011/04/17 18:05:34 | 000,188,416 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\nmwb.dll
[2011/04/17 18:05:34 | 000,172,032 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\nmoldwb.dll
[2011/04/17 18:05:34 | 000,151,552 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\nmft.dll
[2011/04/17 18:05:34 | 000,084,992 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wabimp.dll
[2011/04/17 18:05:34 | 000,046,080 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wab.exe
[2011/04/17 18:05:34 | 000,032,768 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wabfind.dll
[2011/04/17 18:05:34 | 000,030,208 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wabmig.exe
[2011/04/17 18:05:34 | 000,000,000 | ---D | C] -- D:\Program Files\NetMeeting
[2011/04/17 18:05:33 | 000,504,832 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wab32.dll
[2011/04/17 18:05:33 | 000,249,856 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wab32res.dll
[2011/04/17 18:05:33 | 000,104,448 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\oeimport.dll
[2011/04/17 18:05:33 | 000,081,408 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\directdb.dll
[2011/04/17 18:05:33 | 000,060,416 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msimn.exe
[2011/04/17 18:05:32 | 002,479,616 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msoeres.dll
[2011/04/17 18:05:32 | 000,073,216 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\setup50.exe
[2011/04/17 18:05:32 | 000,060,416 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\oemig50.exe
[2011/04/17 18:05:32 | 000,035,328 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\oemiglib.dll
[2011/04/17 18:05:32 | 000,000,000 | ---D | C] -- D:\Program Files\Outlook Express
[2011/04/17 18:05:30 | 000,561,179 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\dao360.dll
[2011/04/17 18:05:30 | 000,217,088 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sqlxmlx.dll
[2011/04/17 18:05:30 | 000,214,528 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\icwconn1.exe
[2011/04/17 18:05:30 | 000,172,032 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\icwhelp.dll
[2011/04/17 18:05:30 | 000,086,016 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\icwconn2.exe
[2011/04/17 18:05:30 | 000,061,440 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\icwconn.dll
[2011/04/17 18:05:30 | 000,049,152 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\icwutil.dll
[2011/04/17 18:05:30 | 000,032,768 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\icwdl.dll
[2011/04/17 18:05:30 | 000,024,576 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\icwrmind.exe
[2011/04/17 18:05:30 | 000,020,480 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\inetwiz.exe
[2011/04/17 18:05:29 | 000,487,424 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\oledb32.dll
[2011/04/17 18:05:29 | 000,315,392 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msdasql.dll
[2011/04/17 18:05:29 | 000,233,472 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msdaora.dll
[2011/04/17 18:05:29 | 000,204,800 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msdaps.dll
[2011/04/17 18:05:29 | 000,094,208 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msdatl3.dll
[2011/04/17 18:05:29 | 000,077,824 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msdaosp.dll
[2011/04/17 18:05:29 | 000,065,536 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\oledb32r.dll
[2011/04/17 18:05:29 | 000,024,576 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msxactps.dll
[2011/04/17 18:05:29 | 000,020,480 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msdatt.dll
[2011/04/17 18:05:29 | 000,016,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msdasqlr.dll
[2011/04/17 18:05:29 | 000,016,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msdaorar.dll
[2011/04/17 18:05:29 | 000,004,096 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msdaurl.dll
[2011/04/17 18:05:29 | 000,004,096 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msdasc.dll
[2011/04/17 18:05:29 | 000,004,096 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msdaer.dll
[2011/04/17 18:05:29 | 000,004,096 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msdaenum.dll

nneda

Newbie Surfer
Newbie Surfer

Posts : 27
Joined : 2011-04-17
Operating System : xp

View user profile

Back to top Go down

Re: I can't get rid of Autorun virus.

Post by nneda on Mon 18 Apr 2011, 4:22 pm

[2011/04/17 18:05:29 | 000,004,096 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msdadc.dll
[2011/04/17 18:05:28 | 000,536,576 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msado15.dll
[2011/04/17 18:05:28 | 000,200,704 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msdaprst.dll
[2011/04/17 18:05:28 | 000,200,704 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msadox.dll
[2011/04/17 18:05:28 | 000,180,224 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msadomd.dll
[2011/04/17 18:05:28 | 000,155,648 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msadds.dll
[2011/04/17 18:05:28 | 000,143,360 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msadco.dll
[2011/04/17 18:05:28 | 000,118,784 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msdarem.dll
[2011/04/17 18:05:28 | 000,102,400 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msjro.dll
[2011/04/17 18:05:28 | 000,081,920 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msado27.tlb
[2011/04/17 18:05:28 | 000,081,920 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msado26.tlb
[2011/04/17 18:05:28 | 000,081,920 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msado25.tlb
[2011/04/17 18:05:28 | 000,061,440 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msado21.tlb
[2011/04/17 18:05:28 | 000,061,440 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msado20.tlb
[2011/04/17 18:05:28 | 000,061,440 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msadcf.dll
[2011/04/17 18:05:28 | 000,057,344 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msadrh15.dll
[2011/04/17 18:05:28 | 000,057,344 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msador15.dll
[2011/04/17 18:05:28 | 000,053,248 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msadcs.dll
[2011/04/17 18:05:28 | 000,036,864 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msdfmap.dll
[2011/04/17 18:05:28 | 000,024,576 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msader15.dll
[2011/04/17 18:05:28 | 000,024,576 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msaddsr.dll
[2011/04/17 18:05:28 | 000,016,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msdaremr.dll
[2011/04/17 18:05:28 | 000,016,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msdaprsr.dll
[2011/04/17 18:05:28 | 000,016,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msadcor.dll
[2011/04/17 18:05:28 | 000,016,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msadcfr.dll
[2011/04/17 18:05:27 | 000,331,776 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msadce.dll
[2011/04/17 18:05:27 | 000,038,912 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\hmmapi.dll
[2011/04/17 18:05:27 | 000,020,480 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msadcer.dll
[2011/04/17 18:05:27 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\System
[2011/04/17 18:05:26 | 000,093,184 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iexplore.exe
[2011/04/17 18:05:26 | 000,018,432 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iedw.exe
[2011/04/17 18:05:26 | 000,000,000 | ---D | C] -- D:\Program Files\Internet Explorer
[2011/04/17 18:05:02 | 000,000,000 | ---D | C] -- D:\Program Files\ComPlus Applications
[2011/04/17 18:04:58 | 000,000,000 | ---D | C] -- D:\WINDOWS\Registration
[2011/04/17 18:04:53 | 000,000,000 | ---D | C] -- D:\Program Files\Windows Media Player
[2011/04/17 18:04:53 | 000,000,000 | ---D | C] -- D:\Program Files\Online Services
[2011/04/17 18:04:49 | 000,000,000 | ---D | C] -- D:\Program Files\Messenger
[2011/04/17 18:04:48 | 002,178,131 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\shvlres.dll
[2011/04/17 18:04:48 | 001,817,687 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\bckgres.dll
[2011/04/17 18:04:48 | 000,780,885 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\chkrres.dll
[2011/04/17 18:04:48 | 000,753,236 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\rvseres.dll
[2011/04/17 18:04:48 | 000,082,501 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\bckg.dll
[2011/04/17 18:04:48 | 000,066,113 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\shvl.dll
[2011/04/17 18:04:48 | 000,048,706 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\rvse.dll
[2011/04/17 18:04:48 | 000,042,577 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\bckgzm.exe
[2011/04/17 18:04:48 | 000,042,575 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\chkrzm.exe
[2011/04/17 18:04:48 | 000,042,574 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\rvsezm.exe
[2011/04/17 18:04:48 | 000,042,573 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\shvlzm.exe
[2011/04/17 18:04:48 | 000,040,515 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\chkr.dll
[2011/04/17 18:04:47 | 001,175,635 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\hrtzres.dll
[2011/04/17 18:04:47 | 001,039,955 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\cmnresm.dll
[2011/04/17 18:04:47 | 000,113,222 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\zoneclim.dll
[2011/04/17 18:04:47 | 000,057,409 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\hrtz.dll
[2011/04/17 18:04:47 | 000,042,573 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\hrtzzm.exe
[2011/04/17 18:04:47 | 000,041,029 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\zcorem.dll
[2011/04/17 18:04:47 | 000,032,339 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\uniansi.dll
[2011/04/17 18:04:47 | 000,013,894 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\zonelibm.dll
[2011/04/17 18:04:47 | 000,004,677 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\zeeverm.dll
[2011/04/17 18:04:46 | 000,217,160 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\cmnclim.dll
[2011/04/17 18:04:46 | 000,036,937 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\zclientm.exe
[2011/04/17 18:04:46 | 000,029,760 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\znetm.dll
[2011/04/17 18:04:46 | 000,000,000 | ---D | C] -- D:\Program Files\MSN Gaming Zone
[2011/04/17 18:04:40 | 000,013,312 | ---- | C] (Hilgraeve, Inc.) -- D:\WINDOWS\System32\dllcache\htrn_jis.dll
[2011/04/17 18:04:20 | 000,000,000 | ---D | C] -- D:\Program Files\MSN
[2011/04/17 18:04:19 | 000,539,136 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\dialer.exe
[2011/04/17 18:04:19 | 000,281,088 | ---- | C] (Cinematronics) -- D:\WINDOWS\System32\dllcache\pinball.exe
[2011/04/17 18:04:18 | 000,000,000 | ---D | C] -- D:\Program Files\Windows NT
[2011/04/17 18:04:16 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\MsDtc
[2011/04/17 18:04:14 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Com
[2011/04/17 17:50:50 | 000,000,000 | -HSD | C] -- D:\WINDOWS\Installer
[2011/04/17 17:50:50 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\ODBC
[2011/04/17 17:50:48 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\SpeechEngines
[2011/04/17 17:50:47 | 000,000,000 | R--D | C] -- D:\Program Files
[2011/04/17 17:50:47 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Microsoft Shared
[2011/04/17 17:50:47 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files
[2011/04/17 17:50:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\CatRoot2
[2011/04/17 17:50:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\CatRoot
[2011/04/17 17:50:01 | 000,000,000 | ---D | C] -- D:\Documents and Settings
[2011/04/17 17:45:38 | 000,000,000 | R-SD | C] -- D:\WINDOWS\Fonts
[2011/04/17 17:45:38 | 000,000,000 | RHSD | C] -- D:\WINDOWS\System32\dllcache
[2011/04/17 17:45:38 | 000,000,000 | R--D | C] -- D:\WINDOWS\Web
[2011/04/17 17:45:38 | 000,000,000 | -H-D | C] -- D:\WINDOWS\inf
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\WinSxS
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\wins
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\wbem
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\usmt
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\twain_32
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\Temp
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\system32
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\system
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\spool
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\ShellExt
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Setup
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\security
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\Resources
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\repair
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\ras
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\Provisioning
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\PeerNet
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\pchealth
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\oobe
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\npp
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\mui
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\mui
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\msapps
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\msagent
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\Media
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\java
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\inetsrv
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\IME
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\ime
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\icsxml
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\ias
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\Help
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\export
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers\etc
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\ehome
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\Driver Cache
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers\disdn
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\dhcp
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\Debug
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\Cursors
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\Connection Wizard
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\config
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\Config
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\AppPatch
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\addins
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\3com_dmi
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\3076
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\2052
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1054
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1042
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1041
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1037
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1033
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1031
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1028
[2011/04/17 17:45:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1025
[3 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
[1 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/04/19 02:28:10 | 000,103,140 | RHS- | M] () -- D:\habeoo.pif
[2011/04/19 02:27:24 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat
[2011/04/19 02:24:26 | 000,000,638 | ---- | M] () -- D:\Documents and Settings\All Users.WINDOWS\Desktop\AutorunRemover.lnk
[2011/04/19 02:23:24 | 000,001,508 | ---- | M] () -- D:\Documents and Settings\All Users.WINDOWS\Desktop\ooVoo.lnk
[2011/04/19 02:23:20 | 000,000,734 | ---- | M] () -- D:\Documents and Settings\DoucheBag\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2011/04/19 02:23:20 | 000,000,716 | ---- | M] () -- D:\Documents and Settings\All Users.WINDOWS\Desktop\Yahoo! Messenger.lnk
[2011/04/19 02:18:32 | 000,007,168 | ---- | M] () -- D:\Documents and Settings\DoucheBag\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/19 02:12:56 | 000,392,296 | ---- | M] () -- D:\WINDOWS\System32\perfh009.dat
[2011/04/19 02:12:56 | 000,058,596 | ---- | M] () -- D:\WINDOWS\System32\perfc009.dat
[2011/04/19 02:09:06 | 000,940,794 | ---- | M] () -- D:\WINDOWS\System32\LoopyMusic.wav
[2011/04/19 02:09:06 | 000,146,650 | ---- | M] () -- D:\WINDOWS\System32\BuzzingBee.wav
[2011/04/19 02:06:46 | 000,000,614 | ---- | M] () -- D:\Documents and Settings\DoucheBag\Desktop\KMPlayer.lnk
[2011/04/19 02:06:08 | 000,001,769 | ---- | M] () -- D:\WINDOWS\Language_trs.ini
[2011/04/19 02:05:08 | 000,020,092 | ---- | M] () -- D:\WINDOWS\Ascd_tmp.ini
[2011/04/19 02:01:22 | 000,000,000 | ---- | M] () -- D:\WINDOWS\ativpsrm.bin
[2011/04/19 01:55:16 | 000,103,140 | RHS- | M] () -- D:\mrjv.pif
[2011/04/19 01:53:38 | 000,000,683 | ---- | M] () -- D:\Documents and Settings\DoucheBag\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/04/19 01:53:38 | 000,000,079 | ---- | M] () -- D:\Documents and Settings\DoucheBag\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2011/04/19 01:53:28 | 000,002,206 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl
[2011/04/19 01:52:40 | 000,008,192 | ---- | M] () -- D:\WINDOWS\REGLOCS.OLD
[2011/04/19 01:52:34 | 000,151,584 | ---- | M] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2011/04/19 01:51:42 | 000,004,382 | ---- | M] () -- D:\WINDOWS\imsins.BAK
[2011/04/19 01:51:40 | 000,000,261 | ---- | M] () -- D:\WINDOWS\System32\$winnt$.inf
[2011/04/19 01:49:40 | 000,002,577 | ---- | M] () -- D:\WINDOWS\System32\CONFIG.NT
[2011/04/19 01:49:38 | 000,316,640 | ---- | M] () -- D:\WINDOWS\WMSysPr9.prx
[2011/04/19 01:49:38 | 000,023,392 | ---- | M] () -- D:\WINDOWS\System32\nscompat.tlb
[2011/04/19 01:49:38 | 000,016,832 | ---- | M] () -- D:\WINDOWS\System32\amcompat.tlb
[2011/04/19 01:49:32 | 000,004,161 | ---- | M] () -- D:\WINDOWS\ODBCINST.INI
[2011/04/19 01:47:54 | 000,021,640 | ---- | M] () -- D:\WINDOWS\System32\emptyregdb.dat
[2011/04/17 21:49:22 | 000,103,140 | RHS- | M] () -- D:\viulsg.pif
[2011/04/17 21:49:20 | 000,000,274 | RHS- | M] () -- D:\autorun.inf
[2011/04/17 21:15:52 | 000,103,140 | ---- | M] () -- D:\tntw.exe
[2011/04/17 18:33:24 | 000,103,140 | RHS- | M] () -- D:\jqkjm.exe
[2011/04/17 18:24:56 | 000,103,140 | RHS- | M] () -- D:\xnogni.pif
[2011/04/17 18:24:30 | 000,103,140 | RHS- | M] () -- D:\sfldq.pif
[3 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
[1 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/04/19 02:28:28 | 000,000,274 | RHS- | C] () -- D:\autorun.inf
[2011/04/19 02:28:09 | 000,103,140 | RHS- | C] () -- D:\habeoo.pif
[2011/04/19 02:24:25 | 000,000,638 | ---- | C] () -- D:\Documents and Settings\All Users.WINDOWS\Desktop\AutorunRemover.lnk
[2011/04/19 02:23:22 | 000,001,508 | ---- | C] () -- D:\Documents and Settings\All Users.WINDOWS\Desktop\ooVoo.lnk
[2011/04/19 02:23:19 | 000,000,734 | ---- | C] () -- D:\Documents and Settings\DoucheBag\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2011/04/19 02:23:19 | 000,000,716 | ---- | C] () -- D:\Documents and Settings\All Users.WINDOWS\Desktop\Yahoo! Messenger.lnk
[2011/04/19 02:09:04 | 000,940,794 | ---- | C] () -- D:\WINDOWS\System32\LoopyMusic.wav
[2011/04/19 02:09:04 | 000,146,650 | ---- | C] () -- D:\WINDOWS\System32\BuzzingBee.wav
[2011/04/19 02:06:45 | 000,000,614 | ---- | C] () -- D:\Documents and Settings\DoucheBag\Desktop\KMPlayer.lnk
[2011/04/19 02:05:03 | 000,005,810 | R--- | C] () -- D:\WINDOWS\System32\drivers\ASACPI.sys
[2011/04/19 02:05:01 | 000,001,769 | ---- | C] () -- D:\WINDOWS\Language_trs.ini
[2011/04/19 02:04:53 | 000,020,092 | ---- | C] () -- D:\WINDOWS\Ascd_tmp.ini
[2011/04/19 02:04:52 | 000,010,296 | ---- | C] () -- D:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2011/04/19 02:03:09 | 000,007,168 | ---- | C] () -- D:\Documents and Settings\DoucheBag\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/19 02:01:20 | 000,000,000 | ---- | C] () -- D:\WINDOWS\ativpsrm.bin
[2011/04/19 02:01:16 | 000,022,190 | R--- | C] () -- D:\WINDOWS\atiogl.xml
[2011/04/19 02:01:15 | 000,887,724 | R--- | C] () -- D:\WINDOWS\System32\ativva6x.dat
[2011/04/19 02:01:15 | 000,223,990 | R--- | C] () -- D:\WINDOWS\System32\atiicdxx.dat
[2011/04/19 02:01:15 | 000,099,504 | R--- | C] () -- D:\WINDOWS\System32\atiapfxx.blb
[2011/04/19 02:01:15 | 000,000,003 | R--- | C] () -- D:\WINDOWS\System32\ativva5x.dat
[2011/04/19 02:01:13 | 000,532,480 | ---- | C] () -- D:\WINDOWS\System32\ativvaxx.cap
[2011/04/19 01:55:14 | 000,103,140 | RHS- | C] () -- D:\mrjv.pif
[2011/04/19 01:53:36 | 000,000,079 | ---- | C] () -- D:\Documents and Settings\DoucheBag\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2011/04/19 01:53:32 | 000,000,642 | ---- | C] () -- D:\Documents and Settings\DoucheBag\Start Menu\Programs\Outlook Express.lnk
[2011/04/19 01:53:31 | 000,000,683 | ---- | C] () -- D:\Documents and Settings\DoucheBag\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/04/19 01:53:31 | 000,000,671 | ---- | C] () -- D:\Documents and Settings\DoucheBag\Start Menu\Programs\Internet Explorer.lnk
[2011/04/19 01:53:27 | 000,001,503 | ---- | C] () -- D:\Documents and Settings\DoucheBag\Start Menu\Programs\Remote Assistance.lnk
[2011/04/19 01:53:27 | 000,000,696 | ---- | C] () -- D:\Documents and Settings\DoucheBag\Start Menu\Programs\Windows Media Player.lnk
[2011/04/19 01:52:39 | 000,008,192 | ---- | C] () -- D:\WINDOWS\REGLOCS.OLD
[2011/04/19 01:51:39 | 000,002,048 | --S- | C] () -- D:\WINDOWS\bootstat.dat
[2011/04/19 01:51:08 | 000,175,104 | ---- | C] () -- D:\WINDOWS\System32\dllcache\pintlcsa.dll
[2011/04/19 01:50:56 | 001,158,818 | ---- | C] () -- D:\WINDOWS\System32\dllcache\korwbrkr.lex
[2011/04/19 01:50:52 | 000,059,392 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imscinst.exe
[2011/04/19 01:50:50 | 000,196,665 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imjpinst.exe
[2011/04/19 01:50:47 | 000,134,339 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imekr.lex
[2011/04/19 01:50:39 | 013,463,552 | ---- | C] () -- D:\WINDOWS\System32\dllcache\hwxjpn.dll
[2011/04/19 01:50:35 | 000,108,827 | ---- | C] () -- D:\WINDOWS\System32\dllcache\hanja.lex
[2011/04/19 01:50:30 | 000,094,208 | ---- | C] () -- D:\WINDOWS\System32\dllcache\fpencode.dll
[2011/04/19 01:50:21 | 000,173,568 | ---- | C] () -- D:\WINDOWS\System32\dllcache\chtskf.dll
[2011/04/19 01:49:39 | 000,002,577 | ---- | C] () -- D:\WINDOWS\System32\CONFIG.NT
[2011/04/19 01:49:37 | 000,023,392 | ---- | C] () -- D:\WINDOWS\System32\nscompat.tlb
[2011/04/19 01:49:37 | 000,016,832 | ---- | C] () -- D:\WINDOWS\System32\amcompat.tlb
[2011/04/19 01:49:36 | 000,316,640 | ---- | C] () -- D:\WINDOWS\WMSysPr9.prx
[2011/04/19 01:48:54 | 000,000,690 | ---- | C] () -- D:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Windows Movie Maker.lnk
[2011/04/19 01:48:47 | 004,399,505 | ---- | C] () -- D:\WINDOWS\System32\dllcache\nls302en.lex
[2011/04/19 01:48:26 | 000,048,680 | -HS- | C] () -- D:\WINDOWS\winnt256.bmp
[2011/04/19 01:48:26 | 000,048,680 | -HS- | C] () -- D:\WINDOWS\winnt.bmp
[2011/04/19 01:48:22 | 000,000,984 | ---- | C] () -- D:\WINDOWS\System32\dllcache\srframe.mmf
[2011/04/19 01:48:12 | 000,376,320 | ---- | C] () -- D:\WINDOWS\System32\dllcache\msinfo.dll
[2011/04/19 01:47:53 | 000,000,609 | ---- | C] () -- D:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Windows Messenger.lnk
[2011/04/19 01:47:52 | 000,021,640 | ---- | C] () -- D:\WINDOWS\System32\emptyregdb.dat
[2011/04/19 01:47:29 | 000,001,890 | ---- | C] () -- D:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\MSN.lnk
[2011/04/19 01:47:17 | 000,065,978 | ---- | C] () -- D:\WINDOWS\Soap Bubbles.bmp
[2011/04/19 01:47:17 | 000,065,954 | ---- | C] () -- D:\WINDOWS\Prairie Wind.bmp
[2011/04/19 01:47:17 | 000,065,832 | ---- | C] () -- D:\WINDOWS\Santa Fe Stucco.bmp
[2011/04/19 01:47:17 | 000,026,680 | ---- | C] () -- D:\WINDOWS\River Sumida.bmp
[2011/04/19 01:47:17 | 000,026,582 | ---- | C] () -- D:\WINDOWS\Greenstone.bmp
[2011/04/19 01:47:17 | 000,017,362 | ---- | C] () -- D:\WINDOWS\Rhododendron.bmp
[2011/04/19 01:47:17 | 000,017,336 | ---- | C] () -- D:\WINDOWS\Gone Fishing.bmp
[2011/04/19 01:47:17 | 000,017,062 | ---- | C] () -- D:\WINDOWS\Coffee Bean.bmp
[2011/04/19 01:47:17 | 000,016,730 | ---- | C] () -- D:\WINDOWS\FeatherTexture.bmp
[2011/04/19 01:47:17 | 000,009,522 | ---- | C] () -- D:\WINDOWS\Zapotec.bmp
[2011/04/19 01:47:16 | 000,001,272 | ---- | C] () -- D:\WINDOWS\Blue Lace 16.bmp
[2011/04/19 01:47:14 | 000,003,286 | ---- | C] () -- D:\WINDOWS\System32\tslabels.h
[2011/04/19 01:47:14 | 000,001,161 | ---- | C] () -- D:\WINDOWS\System32\usrlogon.cmd
[2011/04/19 01:47:14 | 000,000,768 | ---- | C] () -- D:\WINDOWS\System32\msdtcprf.h
[2011/04/19 01:47:09 | 000,063,488 | ---- | C] () -- D:\WINDOWS\System32\wmimgmt.msc
[2011/04/19 01:42:45 | 000,129,045 | ---- | C] () -- D:\WINDOWS\System32\drivers\cxthsfS2.cty
[2011/04/19 01:41:57 | 000,004,382 | ---- | C] () -- D:\WINDOWS\imsins.BAK
[2011/04/19 01:41:55 | 000,004,161 | ---- | C] () -- D:\WINDOWS\ODBCINST.INI
[2011/04/19 01:41:44 | 000,001,688 | ---- | C] () -- D:\WINDOWS\System32\AUTOEXEC.NT
[2011/04/19 01:41:39 | 001,042,903 | ---- | C] () -- D:\WINDOWS\System32\dllcache\SP2.CAT
[2011/04/19 01:41:39 | 000,797,189 | ---- | C] () -- D:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2011/04/19 01:41:39 | 000,399,645 | ---- | C] () -- D:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2011/04/19 01:41:39 | 000,141,702 | ---- | C] () -- D:\WINDOWS\System32\dllcache\netfx.cat
[2011/04/19 01:41:39 | 000,110,116 | ---- | C] () -- D:\WINDOWS\System32\dllcache\tabletpc.cat
[2011/04/19 01:41:39 | 000,037,484 | ---- | C] () -- D:\WINDOWS\System32\dllcache\MW770.CAT
[2011/04/19 01:41:39 | 000,031,965 | ---- | C] () -- D:\WINDOWS\System32\dllcache\mediactr.cat
[2011/04/19 01:41:39 | 000,031,281 | ---- | C] () -- D:\WINDOWS\System32\dllcache\FP4.CAT
[2011/04/19 01:41:39 | 000,024,209 | ---- | C] () -- D:\WINDOWS\System32\dllcache\msn7.cat
[2011/04/19 01:41:39 | 000,013,753 | ---- | C] () -- D:\WINDOWS\System32\dllcache\IMS.CAT
[2011/04/19 01:41:39 | 000,013,472 | ---- | C] () -- D:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2011/04/19 01:41:39 | 000,011,651 | ---- | C] () -- D:\WINDOWS\System32\dllcache\msn9.cat
[2011/04/19 01:41:39 | 000,009,581 | ---- | C] () -- D:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2011/04/19 01:41:39 | 000,008,574 | ---- | C] () -- D:\WINDOWS\System32\dllcache\IASNT4.CAT
[2011/04/19 01:41:39 | 000,007,382 | ---- | C] () -- D:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2011/04/19 01:41:39 | 000,007,334 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmerrenu.cat
[2011/04/19 01:41:39 | 000,007,245 | ---- | C] () -- D:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2011/04/19 01:41:38 | 002,012,670 | ---- | C] () -- D:\WINDOWS\System32\dllcache\NT5.CAT
[2011/04/19 01:41:38 | 000,502,724 | ---- | C] () -- D:\WINDOWS\System32\dllcache\NT5INF.CAT
[2011/04/19 01:41:09 | 000,151,584 | ---- | C] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2011/04/19 01:40:10 | 000,000,261 | ---- | C] () -- D:\WINDOWS\System32\$winnt$.inf
[2011/04/17 22:20:48 | 001,685,606 | ---- | C] () -- D:\WINDOWS\System32\dllcache\sam.spd
[2011/04/17 22:20:48 | 000,643,717 | ---- | C] () -- D:\WINDOWS\System32\dllcache\ltts1033.lxa
[2011/04/17 22:20:48 | 000,605,050 | ---- | C] () -- D:\WINDOWS\System32\dllcache\r1033tts.lxa
[2011/04/17 22:20:48 | 000,000,888 | ---- | C] () -- D:\WINDOWS\System32\dllcache\sam.sdf
[2011/04/17 21:49:20 | 000,103,140 | RHS- | C] () -- D:\viulsg.pif
[2011/04/17 21:15:23 | 000,103,140 | ---- | C] () -- D:\tntw.exe
[2011/04/17 18:33:22 | 000,103,140 | RHS- | C] () -- D:\jqkjm.exe
[2011/04/17 18:24:55 | 000,103,140 | RHS- | C] () -- D:\xnogni.pif
[2011/04/17 18:24:28 | 000,103,140 | RHS- | C] () -- D:\sfldq.pif
[2011/04/17 18:05:47 | 000,004,639 | ---- | C] () -- D:\WINDOWS\System32\dllcache\mplayer2.exe
[2004/08/04 01:07:00 | 013,107,200 | ---- | C] () -- D:\WINDOWS\System32\oembios.bin
[2004/08/04 01:07:00 | 000,673,088 | ---- | C] () -- D:\WINDOWS\System32\mlang.dat
[2004/08/04 01:07:00 | 000,392,296 | ---- | C] () -- D:\WINDOWS\System32\perfh009.dat
[2004/08/04 01:07:00 | 000,272,128 | ---- | C] () -- D:\WINDOWS\System32\perfi009.dat
[2004/08/04 01:07:00 | 000,218,003 | ---- | C] () -- D:\WINDOWS\System32\dssec.dat
[2004/08/04 01:07:00 | 000,081,920 | ---- | C] () -- D:\WINDOWS\System32\ieencode.dll
[2004/08/04 01:07:00 | 000,058,596 | ---- | C] () -- D:\WINDOWS\System32\perfc009.dat
[2004/08/04 01:07:00 | 000,046,258 | ---- | C] () -- D:\WINDOWS\System32\mib.bin
[2004/08/04 01:07:00 | 000,028,626 | ---- | C] () -- D:\WINDOWS\System32\perfd009.dat
[2004/08/04 01:07:00 | 000,027,440 | ---- | C] () -- D:\WINDOWS\System32\drivers\secdrv.sys
[2004/08/04 01:07:00 | 000,004,569 | ---- | C] () -- D:\WINDOWS\System32\secupd.dat
[2004/08/04 01:07:00 | 000,004,463 | ---- | C] () -- D:\WINDOWS\System32\oembios.dat
[2004/08/04 01:07:00 | 000,001,788 | ---- | C] () -- D:\WINDOWS\System32\Dcache.bin
[2004/08/04 01:07:00 | 000,000,741 | ---- | C] () -- D:\WINDOWS\System32\noise.dat
[2004/06/17 10:05:46 | 000,136,832 | ---- | C] () -- D:\WINDOWS\System32\drivers\pfc027.sys
[2004/01/08 10:30:22 | 000,011,170 | ---- | C] () -- D:\WINDOWS\System32\PA207Usd.dll

< End of report >






sorry the OTL.txt was very long, here is the Extras.txt



OTL Extras logfile created on: 4/19/2011 8:43:31 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = D:\Documents and Settings\DoucheBag\My Documents\Downloads\Programs
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 79.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 93.00% Paging File free
Paging file location(s): D:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 19.99 Gb Total Space | 11.06 Gb Free Space | 55.31% Space Free | Partition Type: FAT32
Drive D: | 19.99 Gb Total Space | 12.80 Gb Free Space | 64.03% Space Free | Partition Type: FAT32
Drive E: | 29.99 Gb Total Space | 0.58 Gb Free Space | 1.93% Space Free | Partition Type: FAT32
Drive F: | 29.99 Gb Total Space | 1.22 Gb Free Space | 4.06% Space Free | Partition Type: FAT32
Drive G: | 49.02 Gb Total Space | 2.72 Gb Free Space | 5.55% Space Free | Partition Type: FAT32

Computer Name: DOUCHEBA-F3D208 | User Name: DoucheBag | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 1
"FirewallOverride" = 1
"UacDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"FirewallOverride" = 1
"UpdatesDisableNotify" = 1
"UacDisableNotify" = 1

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe" = D:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe:*:Enabled:ipsec -- ()
"E:\gcud.pif" = E:\gcud.pif:*:Enabled:ipsec -- ()
"D:\DOCUME~1\DOUCHE~1\LOCALS~1\Temp\tdreg.exe" = D:\DOCUME~1\DOUCHE~1\LOCALS~1\Temp\tdreg.exe:*:Enabled:ipsec
"D:\DOCUME~1\DOUCHE~1\LOCALS~1\Temp\xrfg.exe" = D:\DOCUME~1\DOUCHE~1\LOCALS~1\Temp\xrfg.exe:*:Enabled:ipsec
"D:\DOCUME~1\DOUCHE~1\LOCALS~1\Temp\winkgmrwx.exe" = D:\DOCUME~1\DOUCHE~1\LOCALS~1\Temp\winkgmrwx.exe:*:Enabled:ipsec
"D:\Program Files\Internet Download Manager\IDMan.exe" = D:\Program Files\Internet Download Manager\IDMan.exe:*:Enabled:ipsec -- (Tonec Inc.)
"D:\DOCUME~1\DOUCHE~1\LOCALS~1\Temp\egnvrg.exe" = D:\DOCUME~1\DOUCHE~1\LOCALS~1\Temp\egnvrg.exe:*:Enabled:ipsec
"D:\DOCUME~1\DOUCHE~1\LOCALS~1\Temp\winrcqm.exe" = D:\DOCUME~1\DOUCHE~1\LOCALS~1\Temp\winrcqm.exe:*:Enabled:ipsec
"D:\DOCUME~1\DOUCHE~1\LOCALS~1\Temp\winiymxqq.exe" = D:\DOCUME~1\DOUCHE~1\LOCALS~1\Temp\winiymxqq.exe:*:Enabled:ipsec
"D:\DOCUME~1\DOUCHE~1\LOCALS~1\Temp\winaqdmd.exe" = D:\DOCUME~1\DOUCHE~1\LOCALS~1\Temp\winaqdmd.exe:*:Enabled:ipsec -- ()
"D:\DOCUME~1\DOUCHE~1\LOCALS~1\Temp\winketr.exe" = D:\DOCUME~1\DOUCHE~1\LOCALS~1\Temp\winketr.exe:*:Enabled:ipsec
"D:\DOCUME~1\DOUCHE~1\LOCALS~1\Temp\windisn.exe" = D:\DOCUME~1\DOUCHE~1\LOCALS~1\Temp\windisn.exe:*:Enabled:ipsec
"D:\DOCUME~1\DOUCHE~1\LOCALS~1\Temp\winsaupvr.exe" = D:\DOCUME~1\DOUCHE~1\LOCALS~1\Temp\winsaupvr.exe:*:Enabled:ipsec
"D:\DOCUME~1\DOUCHE~1\LOCALS~1\Temp\wingdsb.exe" = D:\DOCUME~1\DOUCHE~1\LOCALS~1\Temp\wingdsb.exe:*:Enabled:ipsec
"D:\DOCUME~1\DOUCHE~1\LOCALS~1\Temp\cswl.exe" = D:\DOCUME~1\DOUCHE~1\LOCALS~1\Temp\cswl.exe:*:Enabled:ipsec
"D:\DOCUME~1\DOUCHE~1\LOCALS~1\Temp\winvwxjgy.exe" = D:\DOCUME~1\DOUCHE~1\LOCALS~1\Temp\winvwxjgy.exe:*:Enabled:ipsec -- ()
"D:\DOCUME~1\DOUCHE~1\LOCALS~1\Temp\favp.exe" = D:\DOCUME~1\DOUCHE~1\LOCALS~1\Temp\favp.exe:*:Enabled:ipsec
"D:\DOCUME~1\DOUCHE~1\LOCALS~1\Temp\winegngbd.exe" = D:\DOCUME~1\DOUCHE~1\LOCALS~1\Temp\winegngbd.exe:*:Enabled:ipsec
"D:\DOCUME~1\DOUCHE~1\LOCALS~1\Temp\winvwvn.exe" = D:\DOCUME~1\DOUCHE~1\LOCALS~1\Temp\winvwvn.exe:*:Enabled:ipsec
"D:\DOCUME~1\DOUCHE~1\LOCALS~1\Temp\kldy.exe" = D:\DOCUME~1\DOUCHE~1\LOCALS~1\Temp\kldy.exe:*:Enabled:ipsec
"D:\DOCUME~1\DOUCHE~1\LOCALS~1\Temp\wingkjr.exe" = D:\DOCUME~1\DOUCHE~1\LOCALS~1\Temp\wingkjr.exe:*:Enabled:ipsec
"D:\DOCUME~1\DOUCHE~1\LOCALS~1\Temp\winjagcvu.exe" = D:\DOCUME~1\DOUCHE~1\LOCALS~1\Temp\winjagcvu.exe:*:Enabled:ipsec
"D:\DOCUME~1\DOUCHE~1\LOCALS~1\Temp\dpsdiq.exe" = D:\DOCUME~1\DOUCHE~1\LOCALS~1\Temp\dpsdiq.exe:*:Enabled:ipsec
"D:\DOCUME~1\DOUCHE~1\LOCALS~1\Temp\winugqtta.exe" = D:\DOCUME~1\DOUCHE~1\LOCALS~1\Temp\winugqtta.exe:*:Enabled:ipsec
"D:\DOCUME~1\DOUCHE~1\LOCALS~1\Temp\winsrdbai.exe" = D:\DOCUME~1\DOUCHE~1\LOCALS~1\Temp\winsrdbai.exe:*:Enabled:ipsec
"D:\DOCUME~1\DOUCHE~1\LOCALS~1\Temp\ctifc.exe" = D:\DOCUME~1\DOUCHE~1\LOCALS~1\Temp\ctifc.exe:*:Enabled:ipsec
"D:\DOCUME~1\DOUCHE~1\LOCALS~1\Temp\winsncwqu.exe" = D:\DOCUME~1\DOUCHE~1\LOCALS~1\Temp\winsncwqu.exe:*:Enabled:ipsec
"D:\DOCUME~1\DOUCHE~1\LOCALS~1\Temp\winttpa.exe" = D:\DOCUME~1\DOUCHE~1\LOCALS~1\Temp\winttpa.exe:*:Enabled:ipsec
"D:\DOCUME~1\DOUCHE~1\LOCALS~1\Temp\jtybt.exe" = D:\DOCUME~1\DOUCHE~1\LOCALS~1\Temp\jtybt.exe:*:Enabled:ipsec
"D:\DOCUME~1\DOUCHE~1\LOCALS~1\Temp\winegblg.exe" = D:\DOCUME~1\DOUCHE~1\LOCALS~1\Temp\winegblg.exe:*:Enabled:ipsec


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{016BE60E-27DD-4AD0-814C-3A1C3C0A0B68}" = SMC ADSL2 Barricade
"{20B9BC7F-BB40-4A4F-95D6-91E4D8FBE5AF}" = PC CameraN
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{436811A5-21BF-7826-7792-FD69BABD20AB}" = ATI Catalyst Install Manager
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{F11DE228-1D4D-2FAC-15B2-6041A68ABE05}" = Catalyst Control Center InstallProxy
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}" = ooVoo
"InstallShield_{016BE60E-27DD-4AD0-814C-3A1C3C0A0B68}" = SMC ADSL2 Barricade
"InstallShield_{20B9BC7F-BB40-4A4F-95D6-91E4D8FBE5AF}" = PC CameraN
"Internet Download Manager" = Internet Download Manager
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"The KMPlayer" = The KMPlayer (remove only)
"Yahoo! Messenger" = Yahoo! Messenger

========== Last 10 Event Log Errors ==========

[ System Events ]
Error - 4/18/2011 5:53:19 PM | Computer Name = DOUCHEBA-F3D208 | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe.
Reference
error message: The operation completed successfully. .

Error - 4/18/2011 5:53:35 PM | Computer Name = DOUCHEBA-F3D208 | Source = SideBySide | ID = 16842784
Description = Dependent Assembly Microsoft.VC80.CRT could not be found and Last
Error was The referenced assembly is not installed on your system.

Error - 4/18/2011 5:53:35 PM | Computer Name = DOUCHEBA-F3D208 | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error
message: The referenced assembly is not installed on your system. .

Error - 4/18/2011 5:53:35 PM | Computer Name = DOUCHEBA-F3D208 | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe.
Reference
error message: The operation completed successfully. .

Error - 4/18/2011 5:57:25 PM | Computer Name = DOUCHEBA-F3D208 | Source = SideBySide | ID = 16842784
Description = Dependent Assembly Microsoft.VC80.CRT could not be found and Last
Error was The referenced assembly is not installed on your system.

Error - 4/18/2011 5:57:25 PM | Computer Name = DOUCHEBA-F3D208 | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error
message: The referenced assembly is not installed on your system. .

Error - 4/18/2011 5:57:25 PM | Computer Name = DOUCHEBA-F3D208 | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe.
Reference
error message: The operation completed successfully. .

Error - 4/18/2011 6:02:24 PM | Computer Name = DOUCHEBA-F3D208 | Source = Service Control Manager | ID = 7023
Description = The Computer Browser service terminated with the following error:
%%1460

Error - 4/18/2011 9:50:15 PM | Computer Name = DOUCHEBA-F3D208 | Source = SideBySide | ID = 16842784
Description = Dependent Assembly Microsoft.VC80.CRT could not be found and Last
Error was The referenced assembly is not installed on your system.

Error - 4/18/2011 9:50:15 PM | Computer Name = DOUCHEBA-F3D208 | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error
message: The referenced assembly is not installed on your system. .


< End of report >



i'm really really sorry about the Computer name , my friend changed it after installing a new windows, he thinks he's real funny.

thankyou so much for your help

nneda

Newbie Surfer
Newbie Surfer

Posts : 27
Joined : 2011-04-17
Operating System : xp

View user profile

Back to top Go down

Re: I can't get rid of Autorun virus.

Post by Belahzur on Tue 19 Apr 2011, 9:33 am

Hello.

Please run OTL.exe.

  • Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):


    :OTL
    PRC - [2011/04/19 04:17:18 | 000,030,208 | ---- | M] () -- D:\Documents and Settings\DoucheBag\Local Settings\Temp\winvwxjgy.exe
    PRC - [2011/04/19 02:31:16 | 000,012,970 | ---- | M] () -- D:\Documents and Settings\DoucheBag\Local Settings\Temp\winaqdmd.exe
    O32 - AutoRun File - [2011/04/17 21:49:20 | 000,000,351 | RHS- | M] () - C:\autorun.inf -- [ FAT32 ]
    O32 - AutoRun File - [2011/04/17 21:49:20 | 000,000,274 | RHS- | M] () - D:\autorun.inf -- [ FAT32 ]
    O32 - AutoRun File - [2011/04/17 21:49:20 | 000,000,321 | RHS- | M] () - E:\autorun.inf -- [ FAT32 ]
    O32 - AutoRun File - [2011/04/17 21:49:20 | 000,000,247 | RHS- | M] () - F:\autorun.inf -- [ FAT32 ]
    O32 - AutoRun File - [2011/04/17 21:49:20 | 000,000,365 | RHS- | M] () - G:\autorun.inf -- [ FAT32 ]
    O33 - MountPoints2\{45def04d-6a25-11e0-b3e5-806d6172696f}\Shell\autopLay\cOmmAND - "" = C:\jsfp.exe -- [2011/04/19 01:55:16 | 000,103,140 | RHS- | M] ()
    O33 - MountPoints2\{45def04d-6a25-11e0-b3e5-806d6172696f}\Shell\AutoRun\command - "" = C:\jsfp.exe -- [2011/04/19 01:55:16 | 000,103,140 | RHS- | M] ()
    O33 - MountPoints2\{45def04d-6a25-11e0-b3e5-806d6172696f}\Shell\eXplOre\CommAnD - "" = C:\jsfp.exe -- [2011/04/19 01:55:16 | 000,103,140 | RHS- | M] ()
    O33 - MountPoints2\{45def04d-6a25-11e0-b3e5-806d6172696f}\Shell\open\commanD - "" = C:\jsfp.exe -- [2011/04/19 01:55:16 | 000,103,140 | RHS- | M] ()


  • Return to OTL, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.

  • Click the red Run Fix button.
  • A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTL.exe
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: I can't get rid of Autorun virus.

Post by nneda on Tue 19 Apr 2011, 7:59 pm

========== OTL ==========
No active process named winvwxjgy.exe was found!
No active process named winaqdmd.exe was found!
File move failed. C:\autorun.inf scheduled to be moved on reboot.
File move failed. D:\autorun.inf scheduled to be moved on reboot.
File move failed. E:\autorun.inf scheduled to be moved on reboot.
File move failed. F:\autorun.inf scheduled to be moved on reboot.
File move failed. G:\autorun.inf scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{45def04d-6a25-11e0-b3e5-806d6172696f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{45def04d-6a25-11e0-b3e5-806d6172696f}\ not found.
C:\jsfp.exe moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{45def04d-6a25-11e0-b3e5-806d6172696f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{45def04d-6a25-11e0-b3e5-806d6172696f}\ not found.
File C:\jsfp.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{45def04d-6a25-11e0-b3e5-806d6172696f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{45def04d-6a25-11e0-b3e5-806d6172696f}\ not found.
File C:\jsfp.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{45def04d-6a25-11e0-b3e5-806d6172696f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{45def04d-6a25-11e0-b3e5-806d6172696f}\ not found.
File C:\jsfp.exe not found.

OTL by OldTimer - Version 3.2.22.3 log created on 04202011_145034

Files\Folders moved on Reboot...
C:\autorun.inf moved successfully.
D:\autorun.inf moved successfully.
E:\autorun.inf moved successfully.
F:\autorun.inf moved successfully.
G:\autorun.inf moved successfully.

Registry entries deleted on Reboot...

nneda

Newbie Surfer
Newbie Surfer

Posts : 27
Joined : 2011-04-17
Operating System : xp

View user profile

Back to top Go down

Re: I can't get rid of Autorun virus.

Post by Belahzur on Wed 20 Apr 2011, 6:55 am

Hello.

  • Download combofix from here
    Link 1

    1. If you are using Firefox, make sure that your download settings are as follows:

    * Tools->Options->Main tab
    * Set to "Always ask me where to Save the files".

    2. During the download, rename Combofix to Combo-Fix as follows:





    3. It is important you rename Combofix during the download, but not after.
    4. Please do not rename Combofix to other names, but only to the one indicated.
    5. Close any open browsers.
    6. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

  • We need to disable your local AV (Anti-virus) before running Combofix.
  • See HERE for how to disable your AV.
  • Double click on ComboFix.exe.
  • Follow the prompts. NOTE:
  • ComboFix will check to see if the Microsoft Windows Recovery Console is installed.
    ***It's strongly recommended to have the Recovery Console installed before doing any malware removal.***

    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will automatically proceed with its scan.


  • The Recovery Console provides a recovery/repair mode should a problem occur during a Combofix run.



  • Allow ComboFix to download the Recovery Console.
  • Accept the End-User License Agreement.
  • The Recovery Console will be installed.
  • You will then get this next prompt that asks if you want to continue the malware scan, select yes



  • Allow combofix to run
  • Post C:\combofix.txt back here.

    Note:
    Do not mouseclick combofix's window whilst it's running. That may cause it to stall.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: I can't get rid of Autorun virus.

Post by nneda on Wed 20 Apr 2011, 4:49 pm

Hi,
I let Combe-fix run for almost a day but it did not get passed the scanning for malware part, it said it will take 10 mins or more but it never got passed that. there are some new files and folders created by combofix, like "Combo-Fix16456C" and "Qoobox". but there was no combofix.txt.

nneda

Newbie Surfer
Newbie Surfer

Posts : 27
Joined : 2011-04-17
Operating System : xp

View user profile

Back to top Go down

Re: I can't get rid of Autorun virus.

Post by Belahzur on Thu 21 Apr 2011, 8:42 am

Okay, try running Combofix again.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: I can't get rid of Autorun virus.

Post by Belahzur on Thu 21 Apr 2011, 8:42 am

Okay, try running Combofix again.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: I can't get rid of Autorun virus.

Post by nneda on Mon 25 Apr 2011, 6:48 pm

Hi, i let combofix run for a whole day with no interruptions at all, but there was no progress. it did not stall but it was on the part where it says, it will take only ten minutes or more.., but after 24 hours it did not progress from that.
please help is there any other way?
thanks

nneda

Newbie Surfer
Newbie Surfer

Posts : 27
Joined : 2011-04-17
Operating System : xp

View user profile

Back to top Go down

Re: I can't get rid of Autorun virus.

Post by Belahzur on Tue 26 Apr 2011, 5:57 am

Hello.
Okay dump Combofix for now, lets try this.

Please download TDSSKiller from here and save it to your Desktop.

  • Doubleclick TDSSKiller.exe to run the tool
  • Click the Start Scan button
  • After the scan has finished, click the Close button
  • Click the Report button and copy/paste the contents of it into your next reply
Note:It will also create a log in the C:\ directory.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: I can't get rid of Autorun virus.

Post by nneda on Thu 28 Apr 2011, 7:20 am

sorry to bother you, but i couldn't download TDSSKiller.exe from the link you gave me and i tried looking for it on other sites but couldn't find anything i could trust, could you please give me another link.
thanks a lot for all your help

nneda

Newbie Surfer
Newbie Surfer

Posts : 27
Joined : 2011-04-17
Operating System : xp

View user profile

Back to top Go down

Re: I can't get rid of Autorun virus.

Post by Belahzur on Fri 29 Apr 2011, 3:33 am

Let me check something.

Please download aswMBR from here

  • Save aswMBR.exe to your Desktop
  • Double click aswMBR.exe to run it
  • Click the Scan button to start the scan as illustrated below



Note: Do not take action against any **Rootkit** entries until I have reviewed the log. Often there are false positives

  • Once the scan finishes click Save log to save the log to your Desktop


  • Copy and paste the contents of aswMBR.txt back here for review


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: I can't get rid of Autorun virus.

Post by nneda on Fri 29 Apr 2011, 4:32 pm

hi


aswMBR version 0.9.5 Copyright(c) 2011 AVAST Software
Run date: 2011-04-30 09:57:48
-----------------------------
09:57:48.015 OS Version: Windows 5.1.2600 Service Pack 2
09:57:48.015 Number of processors: 2 586 0x170A
09:57:48.015 ComputerName: NIANOOR-D0193FA UserName: Nianoor
09:57:48.328 Initialize success
09:57:59.671 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T1L0-10
09:57:59.671 Disk 0 Vendor: MAXTOR_STM3160815AS 4.AAB Size: 152624MB BusType: 3
09:58:01.671 Disk 0 MBR read successfully
09:58:01.671 Disk 0 MBR scan
09:58:03.671 Disk 0 scanning sectors +312576705
09:58:04.156 Disk 0 scanning C:\windows\system32\drivers
09:58:05.359 Service scanning
09:58:06.062 Disk 0 trace - called modules:
09:58:06.062 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
09:58:06.062 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x89d89ab8]
09:58:06.078 3 CLASSPNP.SYS[ba0e905b] -> nt!IofCallDriver -> \Device\00000064[0x89d969e8]
09:58:06.078 5 ACPI.sys[b9f7f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP3T1L0-10[0x89dcf940]
09:58:06.078 Scan finished successfully
09:58:44.890 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Nianoor\Desktop\MBR.dat"
09:58:44.906 The log file has been saved successfully to "C:\Documents and Settings\Nianoor\Desktop\aswMBR.txt"



nneda

Newbie Surfer
Newbie Surfer

Posts : 27
Joined : 2011-04-17
Operating System : xp

View user profile

Back to top Go down

Re: I can't get rid of Autorun virus.

Post by Belahzur on Sat 30 Apr 2011, 8:43 am

Hmm.

Download the GMER Rootkit Scanner. Unzip it to your Desktop.

Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while the scan is being performed. Do not use your computer for anything else during the scan.

Double-click gmer.exe. The program will begin to run.

**Caution**
These types of scans can produce false positives. Do NOT take any action on any
"<--- ROOKIT" entries unless advised!

If possible rootkit activity is found, you will be asked if you would like to perform a full scan.

  • Click NO
  • In the right panel, you will see a bunch of boxes that have been checked ... leave everything checked and ensure the Show all box is un-checked.
  • Now click the Scan button.
    Once the scan is complete, you may receive another notice about rootkit activity.
  • Click OK.
  • GMER will produce a log. Click on the [Save..] button, and in the File name area, type in "GMER.txt"
  • Save it where you can easily find it, such as your desktop.

Post the contents of GMER.txt in your next reply.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: I can't get rid of Autorun virus.

Post by nneda on Sat 30 Apr 2011, 5:29 pm

here's the log file

GMER 1.0.15.15572 - [You must be registered and logged in to see this link.]
Rootkit scan 2011-05-01 10:54:59
Windows 5.1.2600 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T1L0-10 MAXTOR_STM3160815AS rev.4.AAB
Running: gmer.exe; Driver: C:\DOCUME~1\Nianoor\LOCALS~1\Temp\pgrdyfod.sys


---- Kernel code sections - GMER 1.0.15 ----

.text C:\windows\system32\DRIVERS\ati2mtag.sys section is writeable [0xB987B000, 0x27EFD7, 0xE8000020]
? C:\windows\system32\drivers\kjnoon.sys The system cannot find the file specified. !

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Tcpip \Device\Tcp idmtdi.sys (Internet Download Manager TDI Driver/Tonec Inc.)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@DeviceNotSelectedTimeout 15
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@GDIProcessHandleQuota 10000
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@Spooler yes
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@swapdisk
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@TransmissionRetryTimeout 90
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@USERProcessHandleQuota 10000

---- EOF - GMER 1.0.15 ----

nneda

Newbie Surfer
Newbie Surfer

Posts : 27
Joined : 2011-04-17
Operating System : xp

View user profile

Back to top Go down

Re: I can't get rid of Autorun virus.

Post by Belahzur on Sun 01 May 2011, 12:07 am

Hello.
It looks like a possible TDL infection, but I want to try and get Combofix going.

Please download ComboFix from BleepingComputer.com

Alternate link: GeeksToGo.com


Rename ComboFix.exe to commy.exe before you save it to your Desktop

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found here
  • Click Start then copy paste the following command into the search box & hit enter: "%userprofile%\desktop\commy.exe" /stepdel
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. This will not install in Vista. Just continue scanning, and skip the console install.
  • When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: I can't get rid of Autorun virus.

Post by nneda on Mon 02 May 2011, 8:29 am

Hello,
Combofix.exe certainly does not like me, i let it run all day again but to no avail. maybe i'm doing something wrong. here's what i did:

1- i saved combofix to desktop after renaming to commy.exe.
2- i doubled click on the combofix icon on my desktop to let it run, it asked a few questions and i chose ok/yes and i also let it install Recovery Console.
3- After the Recovery Console is installed, "a message appears on the blue screen that says it will take ten minutes but for badly infected computers the time could easily be doubled" and under this message the "indicator (-)" just blinks and it does not get passed that point.
after letting it run for half a day i came to see my computer had stalled this time.
there was nothing i could do but restart my computer. does that cause damage?
thanks for all the help.



nneda

Newbie Surfer
Newbie Surfer

Posts : 27
Joined : 2011-04-17
Operating System : xp

View user profile

Back to top Go down

Re: I can't get rid of Autorun virus.

Post by Belahzur on Tue 03 May 2011, 4:03 am

Hmm.

This could be an older version of TDL.

Submit a file for analysis.

  1. Please visit this website: Jotti's Malware Scanner
  2. Press the "Browse" button and locate the following file in bold:
    C:\WINDOWS\system32\drivers\ati2mtag.sys
  3. Press the "Submit File button to submit the file for analysis.
  4. Allow it to be scanned, it could take a few minutes depending on server load.
  5. Copy and paste the result back here.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: I can't get rid of Autorun virus.

Post by nneda on Mon 09 May 2011, 10:00 pm

I've been trying to open the link to Jotti's Malware Scanner for a few days, i don't know if the sever is busy or if my connection is too slow , I can't open the link.

nneda

Newbie Surfer
Newbie Surfer

Posts : 27
Joined : 2011-04-17
Operating System : xp

View user profile

Back to top Go down

Re: I can't get rid of Autorun virus.

Post by Belahzur on Tue 10 May 2011, 6:42 am

Try Virustotal.
[You must be registered and logged in to see this link.]

If it says the file has been scanned before, select a new scan.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: I can't get rid of Autorun virus.

Post by nneda on Sat 14 May 2011, 3:50 am

Hi,
I'm really sorry but I couldn't access this site either

nneda

Newbie Surfer
Newbie Surfer

Posts : 27
Joined : 2011-04-17
Operating System : xp

View user profile

Back to top Go down

Re: I can't get rid of Autorun virus.

Post by Belahzur on Sat 14 May 2011, 7:16 am

Please delete your copy of aswmbr and re-download it, a new version and run it again, post the new log when done.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: I can't get rid of Autorun virus.

Post by Sponsored content Today at 6:08 pm


Sponsored content


Back to top Go down

Page 1 of 2 1, 2  Next

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum