MyPCHell.com - Resurrecting PCs One At A Time

Essexboy

Administrator

Posts: 899

Re: appears AutoPlay after right click on each of Local Disks !!!!???

« Reply #15 on: March 17, 2007, 08:24:04 AM »

Bear with me while I analyse the comboscan log, may take a few hours. Glad you like Avast as I swear by it. Any problems with the programme set up then just shout..


	Logged

VISTA
XPsp2
Avast (of course)

http://spaces.msn.com/members/essexboymkn/

If ignorance is bliss why aren't more people happy?

Essexboy

Administrator

Posts: 899

Re: appears AutoPlay after right click on each of Local Disks !!!!???

« Reply #16 on: March 17, 2007, 08:28:38 AM »

ComboScan v20070306.20 run by Manifest on 2007-03-17 at 14:26:18
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- HijackThis (run as Manifest.exe) --------------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 02:26:20 È.Ù, on 2007/03/17
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Babylon\Babylon-Pro\Babylon.exe
C:\Documents and Settings\Manifest\Desktop\comboscan.exe
C:\PROGRA~1\HIJACK~1\Manifest.exe

O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe


	Logged

VISTA
XPsp2
Avast (of course)

http://spaces.msn.com/members/essexboymkn/

If ignorance is bliss why aren't more people happy?

Essexboy

Administrator

Posts: 899

Re: appears AutoPlay after right click on each of Local Disks !!!!???

« Reply #17 on: March 17, 2007, 08:29:07 AM »

-- Files created between 2007-02-17 and 2007-03-17 -----------------------------

2007-03-17 11:29:13 23352 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2007-03-17 11:29:12 43176 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2007-03-17 11:29:12 31560 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2007-03-17 11:29:11 94424 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2007-03-17 11:29:11 85952 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2007-03-17 11:29:06 348160 --a------ C:\WINDOWS\system32\MSVCR71.dll
2007-03-17 11:29:06 499712 --a------ C:\WINDOWS\system32\MSVCP71.dll
2007-03-17 11:29:06 1060864 --a------ C:\WINDOWS\system32\MFC71.dll
2007-03-17 11:29:06 90112 --a------ C:\WINDOWS\system32\AVASTSS.scr
2007-03-17 11:29:06 689280 --a------ C:\WINDOWS\system32\aswBoot.exe
2007-03-17 11:29:02 0 d-------- C:\Program Files\Alwil Software<ALWILS~1>
2007-03-16 22:16:33 0 d-------- C:\!KillBox
2007-03-16 21:53:31 0 d-------- C:\Documents and Settings\Manifest\Application Data\IDM
2007-03-16 21:53:31 0 d-------- C:\Documents and Settings\Manifest\Application Data\DMCache
2007-03-16 21:53:27 0 d-------- C:\Program Files\Internet Download Manager<INTERN~2>
2007-03-15 12:37:07 0 d-------- C:\Program Files\DFX
2007-03-15 11:28:04 0 d-------- C:\Documents and Settings\All Users\Application Data\TechSmith<TECHSM~1>
2007-03-15 11:27:59 0 d-------- C:\Program Files\TechSmith<TECHSM~1>
2007-03-15 11:26:56 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard<WISEIN~1>
2007-03-15 02:21:53 0 d-------- C:\Documents and Settings\Manifest\Application Data\ACD Systems<ACDSYS~1>
2007-03-14 22:35:30 0 d-------- C:\Program Files\EmEditor
2007-03-14 22:22:39 39 --a------ C:\WINDOWS\TDEVXCW60.DLL<TDEVXC~1.DLL>
2007-03-14 22:22:39 39 --a------ C:\WINDOWS\system32\TEVPXCW60.DLL<TEVPXC~1.DLL>
2007-03-14 22:22:24 0 d-------- C:\Program Files\TurboDemo 7.5 Trial<TURBOD~1.5TR>
2007-03-14 18:36:13 0 d--hs---- C:\WINDOWS\ftpcache
2007-03-14 18:36:06 0 d-------- C:\Program Files\PHP Expert Editor<PHPEXP~1>
2007-03-14 14:36:16 0 d-------- C:\Documents and Settings\Manifest\Application Data\Ahead
2007-03-14 14:35:56 89184 --a------ C:\WINDOWS\system32\drivers\imagedrv.sys
2007-03-14 14:35:37 38912 --a------ C:\WINDOWS\system32\picn20.dll
2007-03-14 14:35:37 283920 --a------ C:\WINDOWS\system32\ImagXpr5.dll
2007-03-14 14:35:37 544768 --a------ C:\WINDOWS\system32\imagx5.dll
2007-03-14 14:35:37 569344 --a------ C:\WINDOWS\system32\imagr5.dll
2007-03-14 14:35:36 155648 --a------ C:\WINDOWS\system32\NeroCheck.exe<NEROCH~1.EXE>
2007-03-14 14:35:36 0 d-------- C:\Program Files\Common Files\Ahead
2007-03-14 14:35:33 0 d-------- C:\Program Files\Ahead
2007-03-14 13:41:14 0 d-------- C:\Documents and Settings\Manifest\Application Data\exe
2007-03-14 13:41:04 0 d-------- C:\Program Files\exe
2007-03-14 13:07:51 0 d-------- C:\Documents and Settings\Manifest\reload
2007-03-14 13:07:04 0 d-------- C:\Program Files\ReloadTools<RELOAD~1>
2007-03-14 13:06:34 0 d--h----- C:\Program Files\Zero G Registry<ZEROGR~1>
2007-03-14 09:33:24 0 d-------- C:\Program Files\MySQL-Front<MYSQL-~1>
2007-03-13 21:13:38 0 d-------- C:\WINDOWS\speech
2007-03-13 21:09:29 0 d-------- C:\Program Files\Babylon
2007-03-13 21:09:29 0 d-------- C:\Documents and Settings\All Users\Application Data\Babylon
2007-03-13 21:09:22 0 d-------- C:\Documents and Settings\Manifest\Application Data\Babylon
2007-03-13 21:05:58 0 d-------- C:\WINDOWS\system32\SoftwareDistribution<SOFTWA~1>
2007-03-13 20:55:46 43520 --a------ C:\WINDOWS\system32\PickWord.dll
2007-03-13 20:55:46 0 d-------- C:\Program Files\Farshid
2007-03-13 20:55:41 304128 --a------ C:\WINDOWS\IsUninst.exe
2007-03-13 20:48:08 0 d-------- C:\Documents and Settings\Manifest\WINDOWS
2007-03-13 19:43:22 90112 --a------ C:\WINDOWS\unvise32.exe
2007-03-13 19:42:42 0 d-------- C:\AppServ
2007-03-13 18:01:05 0 d-------- C:\Program Files\Flash Player<FLASHP~1>
2007-03-13 17:54:44 0 d-------- C:\Documents and Settings\Manifest\Application Data\ImageFox
2007-03-13 17:53:28 0 --a------ C:\WINDOWS\nsreg.dat
2007-03-13 17:53:16 0 d-------- C:\Program Files\Mozilla Firefox<MOZILL~1>
2007-03-13 17:51:50 0 d-------- C:\Documents and Settings\Manifest\Application Data\Adobe
2007-03-13 17:51:04 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2007-03-13 17:44:39 131072 -ra------ C:\WINDOWS\system32\nvwrszht.dll
2007-03-13 17:44:39 65536 -ra------ C:\WINDOWS\system32\nvrszht.dll
2007-03-13 17:44:38 126976 -ra------ C:\WINDOWS\system32\nvwrszhc.dll
2007-03-13 17:44:38 65536 -ra------ C:\WINDOWS\system32\nvrszhc.dll
2007-03-13 17:44:37 237568 -ra------ C:\WINDOWS\system32\nvwrstr.dll
2007-03-13 17:44:37 229376 -ra------ C:\WINDOWS\system32\nvwrssv.dll
2007-03-13 17:44:37 122880 -ra------ C:\WINDOWS\system32\nvrstr.dll
2007-03-13 17:44:37 118784 -ra------ C:\WINDOWS\system32\nvrssv.dll


	Logged

VISTA
XPsp2
Avast (of course)

http://spaces.msn.com/members/essexboymkn/

If ignorance is bliss why aren't more people happy?

Essexboy

Administrator

Posts: 899

Re: appears AutoPlay after right click on each of Local Disks !!!!???

« Reply #18 on: March 17, 2007, 08:29:43 AM »

2007-03-13 17:44:36 229376 -ra------ C:\WINDOWS\system32\nvwrssl.dll
2007-03-13 17:44:36 126976 -ra------ C:\WINDOWS\system32\nvrssl.dll
2007-03-13 17:44:35 229376 -ra------ C:\WINDOWS\system32\nvwrssk.dll
2007-03-13 17:44:35 249856 -ra------ C:\WINDOWS\system32\nvwrsru.dll
2007-03-13 17:44:35 118784 -ra------ C:\WINDOWS\system32\nvrssk.dll
2007-03-13 17:44:35 126976 -ra------ C:\WINDOWS\system32\nvrsru.dll
2007-03-13 17:44:34 249856 -ra------ C:\WINDOWS\system32\nvwrsptb.dll
2007-03-13 17:44:34 131072 -ra------ C:\WINDOWS\system32\nvrsptb.dll
2007-03-13 17:44:33 253952 -ra------ C:\WINDOWS\system32\nvwrspt.dll
2007-03-13 17:44:33 229376 -ra------ C:\WINDOWS\system32\nvwrspl.dll
2007-03-13 17:44:33 126976 -ra------ C:\WINDOWS\system32\nvrspt.dll
2007-03-13 17:44:33 118784 -ra------ C:\WINDOWS\system32\nvrspl.dll
2007-03-13 17:44:32 233472 -ra------ C:\WINDOWS\system32\nvwrsno.dll
2007-03-13 17:44:32 245760 -ra------ C:\WINDOWS\system32\nvwrsnl.dll
2007-03-13 17:44:32 118784 -ra------ C:\WINDOWS\system32\nvrsno.dll
2007-03-13 17:44:32 131072 -ra------ C:\WINDOWS\system32\nvrsnl.dll
2007-03-13 17:44:31 151552 -ra------ C:\WINDOWS\system32\nvwrsko.dll
2007-03-13 17:44:31 163840 -ra------ C:\WINDOWS\system32\nvwrsja.dll
2007-03-13 17:44:31 143360 -ra------ C:\WINDOWS\system32\nvrsko.dll
2007-03-13 17:44:31 143360 -ra------ C:\WINDOWS\system32\nvrsja.dll
2007-03-13 17:44:30 249856 -ra------ C:\WINDOWS\system32\nvwrsit.dll
2007-03-13 17:44:30 135168 -ra------ C:\WINDOWS\system32\nvrsit.dll
2007-03-13 17:44:29 241664 -ra------ C:\WINDOWS\system32\nvwrshu.dll
2007-03-13 17:44:29 122880 -ra------ C:\WINDOWS\system32\nvrshu.dll
2007-03-13 17:44:28 217088 -ra------ C:\WINDOWS\system32\nvwrshe.dll
2007-03-13 17:44:28 249856 -ra------ C:\WINDOWS\system32\nvwrsfr.dll
2007-03-13 17:44:28 163840 -ra------ C:\WINDOWS\system32\nvrshe.dll
2007-03-13 17:44:28 135168 -ra------ C:\WINDOWS\system32\nvrsfr.dll
2007-03-13 17:44:27 237568 -ra------ C:\WINDOWS\system32\nvwrsfi.dll
2007-03-13 17:44:27 114688 -ra------ C:\WINDOWS\system32\nvrsfi.dll
2007-03-13 17:44:26 253952 -ra------ C:\WINDOWS\system32\nvwrsesm.dll
2007-03-13 17:44:26 262144 -ra------ C:\WINDOWS\system32\nvwrses.dll
2007-03-13 17:44:26 139264 -ra------ C:\WINDOWS\system32\nvrsesm.dll
2007-03-13 17:44:26 131072 -ra------ C:\WINDOWS\system32\nvrses.dll
2007-03-13 17:44:25 221184 -ra------ C:\WINDOWS\system32\nvwrseng.dll
2007-03-13 17:44:25 118784 -ra------ C:\WINDOWS\system32\nvrseng.dll
2007-03-13 17:44:24 262144 -ra------ C:\WINDOWS\system32\nvwrsel.dll
2007-03-13 17:44:24 241664 -ra------ C:\WINDOWS\system32\nvwrsde.dll
2007-03-13 17:44:24 131072 -ra------ C:\WINDOWS\system32\nvrsel.dll
2007-03-13 17:44:24 131072 -ra------ C:\WINDOWS\system32\nvrsde.dll
2007-03-13 17:44:23 229376 -ra------ C:\WINDOWS\system32\nvwrsda.dll
2007-03-13 17:44:23 217088 -ra------ C:\WINDOWS\system32\nvwrscs.dll
2007-03-13 17:44:23 122880 -ra------ C:\WINDOWS\system32\nvrsda.dll
2007-03-13 17:44:23 114688 -ra------ C:\WINDOWS\system32\nvrscs.dll
2007-03-13 17:44:22 221184 -ra------ C:\WINDOWS\system32\nvwrsar.dll
2007-03-13 17:44:22 172032 -ra------ C:\WINDOWS\system32\nvrsar.dll
2007-03-13 17:44:21 753664 -ra------ C:\WINDOWS\system32\nwiz.exe
2007-03-13 17:44:21 450560 -ra------ C:\WINDOWS\system32\nvshell.dll
2007-03-13 17:44:20 1007616 -ra------ C:\WINDOWS\system32\nviewimg.dll
2007-03-13 17:44:20 1175552 -ra------ C:\WINDOWS\system32\nview.dll
2007-03-13 17:44:20 397312 -ra------ C:\WINDOWS\system32\nvappbar.exe
2007-03-13 17:44:19 110592 --a------ C:\WINDOWS\system32\nvudisp.exe
2007-03-13 17:44:19 290816 -ra------ C:\WINDOWS\system32\keystone.exe
2007-03-13 17:44:19 0 d-------- C:\WINDOWS\nview
2007-03-13 17:44:18 233472 -ra------ C:\WINDOWS\system32\nvnt4cpl.dll
2007-03-13 17:44:17 1474633 -ra------ C:\WINDOWS\system32\nvwdmcpl.dll
2007-03-13 17:44:17 35840 -ra------ C:\WINDOWS\system32\nvwddi.dll
2007-03-13 17:44:16 49152 -ra------ C:\WINDOWS\system32\nvmctray.dll
2007-03-13 17:44:15 3022848 -ra------ C:\WINDOWS\system32\nvcpl.dll
2007-03-13 17:44:13 3551232 -ra------ C:\WINDOWS\system32\nvoglnt.dll
2007-03-13 17:44:10 77824 -ra------ C:\WINDOWS\system32\nvsvc32.exe
2007-03-13 17:44:10 30720 -ra------ C:\WINDOWS\system32\nvcodins.dll
2007-03-13 17:44:10 30720 -ra------ C:\WINDOWS\system32\nvcod.dll
2007-03-13 17:44:09 131072 -ra------ C:\WINDOWS\system32\nvinstnt.dll
2007-03-13 17:41:58 0 d-------- C:\Program Files\Common Files\InstallShield<INSTAL~1>
2007-03-13 17:34:44 20016 -----n--- C:\WINDOWS\system32\drivers\pxhelp20.sys
2007-03-13 17:34:26 0 d-------- C:\Program Files\Winamp
2007-03-13 17:31:38 0 d-------- C:\Program Files\ACD Systems<ACDSYS~1>
2007-03-13 17:31:38 0 d-------- C:\Documents and Settings\All Users\Application Data\ACD Systems<ACDSYS~1>
2007-03-13 17:20:58 0 d--hs---- C:\Recycled
2007-03-13 02:02:54 2883584 --ah----- C:\Documents and Settings\Manifest\NTUSER.DAT
2007-03-13 01:58:48 0 d-------- C:\WINDOWS\SoftwareDistribution<SOFTWA~1>
2007-03-13 01:58:48 0 d--hs---- C:\System Volume Information<SYSTEM~1>
2007-03-13 01:58:47 0 d-------- C:\WINDOWS\Prefetch
2007-03-13 01:58:45 229376 --ah----- C:\Documents and Settings\LocalService\NTUSER.DAT
2007-03-13 01:58:35 229376 --ah----- C:\Documents and Settings\NetworkService\NTUSER.DAT
2007-03-13 01:52:57 0 d-------- C:\WINDOWS\system32\xircom
2007-03-13 01:52:57 0 d-------- C:\Program Files\microsoft frontpage<MICROS~1>
2007-03-13 01:52:39 229376 ---h----- C:\Documents and Settings\Default User\NTUSER.DAT


	Logged

VISTA
XPsp2
Avast (of course)

http://spaces.msn.com/members/essexboymkn/

If ignorance is bliss why aren't more people happy?

Essexboy

Administrator

Posts: 899

Re: appears AutoPlay after right click on each of Local Disks !!!!???

« Reply #19 on: March 17, 2007, 08:30:05 AM »

2007-03-13 01:52:30 0 -rahs---- C:\MSDOS.SYS
2007-03-13 01:52:30 0 -rahs---- C:\IO.SYS
2007-03-13 01:52:30 0 --a------ C:\CONFIG.SYS
2007-03-13 01:52:30 0 --a------ C:\AUTOEXEC.BAT
2007-03-13 01:52:07 112128 --a------ C:\WINDOWS\system32\mapi32.dll
2007-03-13 01:51:11 0 d--hs---- C:\Documents and Settings\All Users\DRM
2007-03-13 01:50:58 0 dr------- C:\WINDOWS\Offline Web Pages<OFFLIN~1>
2007-03-13 01:50:58 0 d---s---- C:\WINDOWS\Downloaded Program Files<DOWNLO~1>
2007-03-13 01:50:44 0 d--h----- C:\Program Files\WindowsUpdate<WINDOW~3>
2007-03-13 01:50:24 0 d-------- C:\WINDOWS\system32\DirectX
2007-03-13 01:50:04 11264 --a------ C:\WINDOWS\system32\atrace.dll
2007-03-13 01:49:54 12288 --a------ C:\WINDOWS\system32\nmevtmsg.dll
2007-03-13 01:49:53 64512 --a------ C:\WINDOWS\system32\acctres.dll
2007-03-13 01:49:50 0 d---s---- C:\WINDOWS\Tasks
2007-03-13 01:49:50 16384 --a------ C:\WINDOWS\system32\icfgnt5.dll
2007-03-13 01:49:49 0 d-------- C:\Program Files\Common Files\MSSoap
2007-03-13 01:49:45 0 d-------- C:\WINDOWS\srchasst
2007-03-13 01:49:44 0 d-------- C:\WINDOWS\system32\Macromed
2007-03-13 01:49:41 173536 --a------ C:\WINDOWS\system32\wuweb.dll
2007-03-13 01:49:41 127256 --a------ C:\WINDOWS\system32\wucltui.dll
2007-03-13 01:49:41 6656 --a------ C:\WINDOWS\system32\wuauserv.dll
2007-03-13 01:49:41 194328 --a------ C:\WINDOWS\system32\wuaueng1.dll
2007-03-13 01:49:40 41240 --a------ C:\WINDOWS\system32\wups.dll
2007-03-13 01:49:40 1343768 --a------ C:\WINDOWS\system32\wuaueng.dll
2007-03-13 01:49:40 172312 --a------ C:\WINDOWS\system32\wuauclt1.exe
2007-03-13 01:49:40 124184 --a------ C:\WINDOWS\system32\wuauclt.exe
2007-03-13 01:49:40 465176 --a------ C:\WINDOWS\system32\wuapi.dll
2007-03-13 01:49:40 7168 --a------ C:\WINDOWS\system32\bitsprx3.dll
2007-03-13 01:49:40 8192 --a------ C:\WINDOWS\system32\bitsprx2.dll
2007-03-13 01:49:39 18944 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2007-03-13 01:49:39 382464 --a------ C:\WINDOWS\system32\qmgr.dll
2007-03-13 01:49:36 0 d-------- C:\Program Files\Movie Maker<MOVIEM~1>
2007-03-13 01:49:32 45568 --a------ C:\WINDOWS\system32\safrslv.dll
2007-03-13 01:49:32 29696 --a------ C:\WINDOWS\system32\safrdm.dll
2007-03-13 01:49:32 43520 --a------ C:\WINDOWS\system32\safrcdlg.dll
2007-03-13 01:49:32 43520 --a------ C:\WINDOWS\system32\racpldlg.dll
2007-03-13 01:49:28 22528 --a------ C:\WINDOWS\system32\fltMc.exe
2007-03-13 01:49:28 16896 --a------ C:\WINDOWS\system32\fltlib.dll
2007-03-13 01:49:28 124800 --a------ C:\WINDOWS\system32\drivers\fltMgr.sys
2007-03-13 01:49:27 170496 --a------ C:\WINDOWS\system32\srsvc.dll
2007-03-13 01:49:27 239104 --a------ C:\WINDOWS\system32\srrstr.dll
2007-03-13 01:49:27 67584 --a------ C:\WINDOWS\system32\srclient.dll
2007-03-13 01:49:27 0 d-------- C:\WINDOWS\system32\Restore
2007-03-13 01:49:27 73472 --a------ C:\WINDOWS\system32\drivers\sr.sys
2007-03-13 01:49:26 28672 --a------ C:\WINDOWS\system32\nmmkcert.dll
2007-03-13 01:49:26 69632 --a------ C:\WINDOWS\system32\msconf.dll
2007-03-13 01:49:26 32768 --a------ C:\WINDOWS\system32\mnmsrvc.exe
2007-03-13 01:49:26 34560 --a------ C:\WINDOWS\system32\mnmdd.dll
2007-03-13 01:49:26 32768 --a------ C:\WINDOWS\system32\isrdbg32.dll
2007-03-13 01:49:26 81920 --a------ C:\WINDOWS\system32\ils.dll
2007-03-13 01:49:23 105984 --a------ C:\WINDOWS\system32\msoert2.dll
2007-03-13 01:49:23 252928 --a------ C:\WINDOWS\system32\msoeacct.dll
2007-03-13 01:49:22 48128 --a------ C:\WINDOWS\system32\inetres.dll
2007-03-13 01:49:21 678400 --a------ C:\WINDOWS\system32\inetcomm.dll
2007-03-13 01:49:20 190976 --a------ C:\WINDOWS\system32\schedsvc.dll
2007-03-13 01:49:20 12288 --a------ C:\WINDOWS\system32\mstinit.exe
2007-03-13 01:49:19 274944 --a------ C:\WINDOWS\system32\mstask.dll
2007-03-13 01:49:19 81920 --a------ C:\WINDOWS\system32\isign32.dll
2007-03-13 01:49:19 274432 --a------ C:\WINDOWS\system32\inetcfg.dll
2007-03-13 01:49:19 65536 --a------ C:\WINDOWS\system32\icwphbk.dll
2007-03-13 01:49:19 73728 --a------ C:\WINDOWS\system32\icwdial.dll
2007-03-13 01:48:29 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat<EMPTYR~1.DAT>
2007-03-13 01:48:07 0 d-------- C:\WINDOWS\Registration<REGIST~1>
2007-03-13 01:47:58 0 d-------- C:\Program Files\Online Services<ONLINE~1>
2007-03-13 01:47:50 0 d-------- C:\Program Files\Messenger<MESSEN~1>
2007-03-13 01:47:47 5632 --a------ C:\WINDOWS\system32\write.exe
2007-03-13 01:47:47 0 d-------- C:\Program Files\MSN Gaming Zone<MSNGAM~1>
2007-03-13 01:47:39 138752 --a------ C:\WINDOWS\system32\sndvol32.exe
2007-03-13 01:47:39 44544 --a------ C:\WINDOWS\system32\hticons.dll
2007-03-13 01:47:39 73216 --a------ C:\WINDOWS\system32\avwav.dll
2007-03-13 01:47:39 227840 --a------ C:\WINDOWS\system32\avtapi.dll
2007-03-13 01:47:39 16384 --a------ C:\WINDOWS\system32\avmeter.dll


	Logged

VISTA
XPsp2
Avast (of course)

http://spaces.msn.com/members/essexboymkn/

If ignorance is bliss why aren't more people happy?

Essexboy

Administrator

Posts: 899

Re: appears AutoPlay after right click on each of Local Disks !!!!???

« Reply #20 on: March 17, 2007, 08:30:39 AM »

2007-03-13 01:47:38 35328 --a------ C:\WINDOWS\system32\winchat.exe
2007-03-13 01:47:33 605696 --a------ C:\WINDOWS\system32\getuname.dll
2007-03-13 01:47:33 80384 --a------ C:\WINDOWS\system32\charmap.exe
2007-03-13 01:47:33 114688 --a------ C:\WINDOWS\system32\calc.exe
2007-03-13 01:47:32 119808 --a------ C:\WINDOWS\system32\winmine.exe
2007-03-13 01:47:32 56832 --a------ C:\WINDOWS\system32\sol.exe
2007-03-13 01:47:32 9728 --a------ C:\WINDOWS\system32\reset.exe
2007-03-13 01:47:32 126976 --a------ C:\WINDOWS\system32\mshearts.exe
2007-03-13 01:47:32 55296 --a------ C:\WINDOWS\system32\freecell.exe
2007-03-13 01:47:31 1161 --a------ C:\WINDOWS\system32\usrlogon.cmd
2007-03-13 01:47:31 16896 --a------ C:\WINDOWS\system32\tsshutdn.exe
2007-03-13 01:47:31 16384 --a------ C:\WINDOWS\system32\tskill.exe
2007-03-13 01:47:31 14848 --a------ C:\WINDOWS\system32\tsdiscon.exe
2007-03-13 01:47:31 14848 --a------ C:\WINDOWS\system32\tscon.exe
2007-03-13 01:47:31 14848 --a------ C:\WINDOWS\system32\shadow.exe
2007-03-13 01:47:31 15872 --a------ C:\WINDOWS\system32\rwinsta.exe
2007-03-13 01:47:31 33792 --a------ C:\WINDOWS\system32\regini.exe
2007-03-13 01:47:31 4096 --a------ C:\WINDOWS\system32\rdpcfgex.dll
2007-03-13 01:47:31 22016 --a------ C:\WINDOWS\system32\qwinsta.exe
2007-03-13 01:47:31 16896 --a------ C:\WINDOWS\system32\qappsrv.exe
2007-03-13 01:47:31 20992 --a------ C:\WINDOWS\system32\msg.exe
2007-03-13 01:47:31 15360 --a------ C:\WINDOWS\system32\logoff.exe
2007-03-13 01:47:31 15872 --a------ C:\WINDOWS\system32\cdmodem.dll
2007-03-13 01:47:30 25088 --a------ C:\WINDOWS\system32\mtxlegih.dll
2007-03-13 01:47:30 4096 --a------ C:\WINDOWS\system32\mtxex.dll
2007-03-13 01:47:30 20480 --a------ C:\WINDOWS\system32\mtxdm.dll
2007-03-13 01:47:30 5120 --a------ C:\WINDOWS\system32\dcomcnfg.exe
2007-03-13 01:47:30 25600 --a------ C:\WINDOWS\system32\comaddin.dll
2007-03-13 01:47:29 54272 --a------ C:\WINDOWS\system32\stclient.dll
2007-03-13 01:47:29 147456 --a------ C:\WINDOWS\system32\comsnap.dll
2007-03-13 01:47:29 82432 --a------ C:\WINDOWS\system32\comrepl.dll
2007-03-13 01:47:11 131584 --a------ C:\WINDOWS\system32\sndrec32.exe
2007-03-13 01:47:11 123392 --a------ C:\WINDOWS\system32\mplay32.exe
2007-03-13 01:47:11 183808 --a------ C:\WINDOWS\system32\accwiz.exe
2007-03-13 01:47:10 343040 --a------ C:\WINDOWS\system32\mspaint.exe
2007-03-13 01:47:10 345088 --a------ C:\WINDOWS\system32\hypertrm.dll
2007-03-13 01:47:10 0 d-------- C:\Program Files\Windows NT<WINDOW~1>
2007-03-13 01:47:09 538624 --a------ C:\WINDOWS\system32\spider.exe
2007-03-13 01:47:09 102912 --a------ C:\WINDOWS\system32\clipbrd.exe
2007-03-13 01:47:08 93696 --a------ C:\WINDOWS\system32\tscfgwmi.dll
2007-03-13 01:47:08 655360 --a------ C:\WINDOWS\system32\mstscax.dll
2007-03-13 01:47:08 407552 --a------ C:\WINDOWS\system32\mstsc.exe
2007-03-13 01:47:08 21896 --a------ C:\WINDOWS\system32\drivers\tdtcp.sys
2007-03-13 01:47:08 12040 --a------ C:\WINDOWS\system32\drivers\tdpipe.sys
2007-03-13 01:47:08 139400 --a------ C:\WINDOWS\system32\drivers\rdpwd.sys
2007-03-13 01:47:07 44544 --a------ C:\WINDOWS\system32\tscupgrd.exe
2007-03-13 01:47:07 295424 --a------ C:\WINDOWS\system32\termsrv.dll
2007-03-13 01:47:07 140800 --a------ C:\WINDOWS\system32\sessmgr.exe
2007-03-13 01:47:07 60416 --a------ C:\WINDOWS\system32\remotepg.dll
2007-03-13 01:47:07 67072 --a------ C:\WINDOWS\system32\rdshost.exe
2007-03-13 01:47:07 13824 --a------ C:\WINDOWS\system32\rdsaddin.exe
2007-03-13 01:47:07 87176 --a------ C:\WINDOWS\system32\rdpwsx.dll
2007-03-13 01:47:07 147968 --a------ C:\WINDOWS\system32\rdchost.dll
2007-03-13 01:47:06 19968 --a------ C:\WINDOWS\system32\rdpsnd.dll
2007-03-13 01:47:06 62464 --a------ C:\WINDOWS\system32\rdpclip.exe
2007-03-13 01:47:06 20480 --a------ C:\WINDOWS\system32\qprocess.exe
2007-03-13 01:47:06 90112 --a------ C:\WINDOWS\system32\mtxoci.dll
2007-03-13 01:47:06 161280 --a------ C:\WINDOWS\system32\msdtcuiu.dll
2007-03-13 01:47:06 0 d-------- C:\WINDOWS\system32\MsDtc
2007-03-13 01:47:06 11264 --a------ C:\WINDOWS\system32\icaapi.dll
2007-03-13 01:47:06 38912 --a------ C:\WINDOWS\system32\cfgbkend.dll
2007-03-13 01:47:05 11776 --a------ C:\WINDOWS\system32\xolehlp.dll
2007-03-13 01:47:05 949248 --a------ C:\WINDOWS\system32\msdtctm.dll
2007-03-13 01:47:05 425472 --a------ C:\WINDOWS\system32\msdtcprx.dll
2007-03-13 01:47:05 58880 --a------ C:\WINDOWS\system32\msdtclog.dll
2007-03-13 01:47:05 6144 --a------ C:\WINDOWS\system32\msdtc.exe
2007-03-13 01:47:04 0 d-------- C:\WINDOWS\system32\Com
2007-03-13 01:47:04 62464 --a------ C:\WINDOWS\system32\colbact.dll
2007-03-13 01:47:04 85504 --a------ C:\WINDOWS\system32\catsrvps.dll
2007-03-13 01:47:03 110080 --a------ C:\WINDOWS\system32\clbcatex.dll
2007-03-13 01:47:03 628224 --a------ C:\WINDOWS\system32\catsrvut.dll
2007-03-13 01:47:03 229888 --a------ C:\WINDOWS\system32\catsrv.dll
2007-03-13 01:47:02 540160 --a------ C:\WINDOWS\system32\comuid.dll
2007-03-13 01:47:02 1251840 --a------ C:\WINDOWS\system32\comsvcs.dll
2007-03-13 01:47:02 501248 --a------ C:\WINDOWS\system32\clbcatq.dll
2007-03-13 01:46:55 56320 --a------ C:\WINDOWS\system32\servdeps.dll
2007-03-13 01:46:55 17408 --a------ C:\WINDOWS\system32\mmfutil.dll
2007-03-13 01:46:54 58880 --a------ C:\WINDOWS\system32\licwmi.dll
2007-03-13 01:46:54 185344 --a------ C:\WINDOWS\system32\cmprops.dll
2007-03-13 01:46:52 40840 --a------ C:\WINDOWS\system32\drivers\termdd.sys
2007-03-13 01:46:52 196864 --a------ C:\WINDOWS\system32\drivers\rdpdr.sys
2007-03-13 01:39:58 185344 --a------ C:\WINDOWS\system32\Thawbrkr.dll
2007-03-13 01:39:58 5632 -ra------ C:\WINDOWS\system32\kbdvntc.dll
2007-03-13 01:39:58 5632 -ra------ C:\WINDOWS\system32\kbdintel.dll
2007-03-13 01:39:58 5632 -ra------ C:\WINDOWS\system32\kbdintam.dll
2007-03-13 01:39:58 6144 -ra------ C:\WINDOWS\system32\kbdinpun.dll
2007-03-13 01:39:58 5632 -ra------ C:\WINDOWS\system32\kbdinmar.dll
2007-03-13 01:39:58 5632 -ra------ C:\WINDOWS\system32\kbdinkan.dll
2007-03-13 01:39:58 5632 -ra------ C:\WINDOWS\system32\kbdinhin.dll
2007-03-13 01:39:58 5632 -ra------ C:\WINDOWS\system32\kbdinguj.dll
2007-03-13 01:39:58 5632 -ra------ C:\WINDOWS\system32\kbdindev.dll
2007-03-13 01:39:58 5120 -ra------ C:\WINDOWS\system32\kbdgeo.dll
2007-03-13 01:39:58 5120 -ra------ C:\WINDOWS\system32\kbdarmw.dll
2007-03-13 01:39:58 5120 -ra------ C:\WINDOWS\system32\kbdarme.dll
2007-03-13 01:39:58 10752 --a------ C:\WINDOWS\system32\c_iscii.dll
2007-03-13 01:39:55 5632 --a------ C:\WINDOWS\system32\kbdusa.dll
2007-03-13 01:39:55 5632 -ra------ C:\WINDOWS\system32\kbdurdu.dll
2007-03-13 01:39:55 5632 -ra------ C:\WINDOWS\system32\kbdsyr2.dll


	Logged

VISTA
XPsp2
Avast (of course)

http://spaces.msn.com/members/essexboymkn/

If ignorance is bliss why aren't more people happy?

Essexboy

Administrator

Posts: 899

Re: appears AutoPlay after right click on each of Local Disks !!!!???

« Reply #21 on: March 17, 2007, 08:31:11 AM »

2007-03-13 01:39:55 5632 -ra------ C:\WINDOWS\system32\kbdsyr1.dll
2007-03-13 01:39:55 5632 -ra------ C:\WINDOWS\system32\kbdfa.dll
2007-03-13 01:39:55 5632 -ra------ C:\WINDOWS\system32\kbddiv2.dll
2007-03-13 01:39:55 5632 -ra------ C:\WINDOWS\system32\kbddiv1.dll
2007-03-13 01:39:55 5632 -ra------ C:\WINDOWS\system32\kbda3.dll
2007-03-13 01:39:55 5632 -ra------ C:\WINDOWS\system32\kbda2.dll
2007-03-13 01:39:55 5632 -ra------ C:\WINDOWS\system32\kbda1.dll
2007-03-13 01:39:52 5632 -ra------ C:\WINDOWS\system32\kbdheb.dll
2007-03-13 01:39:48 6144 -ra------ C:\WINDOWS\system32\kbdth3.dll
2007-03-13 01:39:48 6144 -ra------ C:\WINDOWS\system32\kbdth2.dll
2007-03-13 01:39:48 5632 -ra------ C:\WINDOWS\system32\kbdth1.dll
2007-03-13 01:39:48 5632 -ra------ C:\WINDOWS\system32\kbdth0.dll
2007-03-13 01:39:48 6144 --a------ C:\WINDOWS\system32\ftlx041e.dll
2007-03-13 01:39:02 2944 --a------ C:\WINDOWS\system32\drivers\drmkaud.sys
2007-03-13 01:39:01 4992 --a------ C:\WINDOWS\system32\drivers\MSPQM.sys
2007-03-13 01:38:59 82944 --a------ C:\WINDOWS\system32\drivers\wdmaud.sys
2007-03-13 01:38:57 171776 --a------ C:\WINDOWS\system32\drivers\kmixer.sys
2007-03-13 01:38:56 6400 --a------ C:\WINDOWS\system32\drivers\splitter.sys
2007-03-13 01:38:54 142464 --a------ C:\WINDOWS\system32\drivers\aec.sys
2007-03-13 01:38:53 60800 --a------ C:\WINDOWS\system32\drivers\sysaudio.sys
2007-03-13 01:38:51 5376 --a------ C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2007-03-13 01:38:49 7552 --a------ C:\WINDOWS\system32\drivers\MSKSSRV.sys
2007-03-13 01:38:47 54272 --a------ C:\WINDOWS\system32\drivers\swmidi.sys
2007-03-13 01:38:45 52864 --a------ C:\WINDOWS\system32\drivers\DMusic.sys
2007-03-13 01:38:41 3072 --a------ C:\WINDOWS\system32\drivers\audstub.sys
2007-03-13 01:38:29 10624 --a------ C:\WINDOWS\system32\drivers\gameenum.sys
2007-03-13 01:38:07 57472 --a------ C:\WINDOWS\system32\drivers\redbook.sys
2007-03-13 01:38:00 4323968 -ra------ C:\WINDOWS\system32\nv4_disp.dll
2007-03-13 01:38:00 1618939 -ra------ C:\WINDOWS\system32\drivers\nv4_mini.sys
2007-03-13 01:37:57 4096 --a------ C:\WINDOWS\system32\ksuser.dll
2007-03-13 01:37:57 145792 --a------ C:\WINDOWS\system32\drivers\portcls.sys
2007-03-13 01:37:57 40704 --a------ C:\WINDOWS\system32\drivers\es1371mp.sys
2007-03-13 01:37:56 60288 --a------ C:\WINDOWS\system32\drivers\drmk.sys
2007-03-13 01:37:52 86016 --a------ C:\WINDOWS\system32\mdmxsdk.dll
2007-03-13 01:37:52 32285 --a------ C:\WINDOWS\system32\HSFCISP2.dll
2007-03-13 01:37:52 11868 --a------ C:\WINDOWS\system32\drivers\mdmxsdk.sys
2007-03-13 01:37:52 685056 --a------ C:\WINDOWS\system32\drivers\HSFCXTS2.sys
2007-03-13 01:37:52 220032 --a------ C:\WINDOWS\system32\drivers\HSFBS2S2.sys
2007-03-13 01:37:51 1041536 --a------ C:\WINDOWS\system32\drivers\HSFDPSP2.sys
2007-03-13 01:37:22 74240 --a------ C:\WINDOWS\system32\usbui.dll
2007-03-13 01:37:09 42368 --a------ C:\WINDOWS\system32\drivers\AGP440.SYS
2007-03-13 01:35:54 0 d--hs---- C:\WINDOWS\Installer<INSTAL~1>
2007-03-13 01:35:53 0 d-------- C:\Program Files\Common Files\ODBC
2007-03-13 01:35:49 0 dr------- C:\Program Files<PROGRA~1>
2007-03-13 01:35:49 0 d-------- C:\Program Files\Common Files\SpeechEngines<SPEECH~1>
2007-03-13 01:35:46 6144 -ra------ C:\WINDOWS\system32\kbdtuq.dll
2007-03-13 01:35:46 6144 -ra------ C:\WINDOWS\system32\kbdtuf.dll
2007-03-13 01:35:46 5632 -ra------ C:\WINDOWS\system32\kbdazel.dll
2007-03-13 01:35:44 5632 -ra------ C:\WINDOWS\system32\kbdmon.dll
2007-03-13 01:35:44 5632 -ra------ C:\WINDOWS\system32\kbdkyr.dll
2007-03-13 01:35:43 8192 -ra------ C:\WINDOWS\system32\kbdhept.dll
2007-03-13 01:35:43 6656 -ra------ C:\WINDOWS\system32\kbdhela3.dll
2007-03-13 01:35:43 6144 -ra------ C:\WINDOWS\system32\kbdhela2.dll
2007-03-13 01:35:43 5632 -ra------ C:\WINDOWS\system32\kbdhe319.dll
2007-03-13 01:35:43 5632 -ra------ C:\WINDOWS\system32\kbdhe220.dll
2007-03-13 01:35:42 5632 -ra------ C:\WINDOWS\system32\kbdhe.dll
2007-03-13 01:35:42 6144 -ra------ C:\WINDOWS\system32\kbdgkl.dll
2007-03-13 01:35:41 6144 -ra------ C:\WINDOWS\system32\kbdlv1.dll
2007-03-13 01:35:41 6144 -ra------ C:\WINDOWS\system32\kbdlv.dll
2007-03-13 01:35:41 5632 -ra------ C:\WINDOWS\system32\kbdlt1.dll
2007-03-13 01:35:41 5632 -ra------ C:\WINDOWS\system32\kbdlt.dll
2007-03-13 01:35:41 6144 -ra------ C:\WINDOWS\system32\kbdest.dll
2007-03-13 01:35:40 6656 -ra------ C:\WINDOWS\system32\kbdsl1.dll
2007-03-13 01:35:40 6656 -ra------ C:\WINDOWS\system32\kbdsl.dll
2007-03-13 01:35:40 5632 -ra------ C:\WINDOWS\system32\kbdro.dll
2007-03-13 01:35:39 6656 -ra------ C:\WINDOWS\system32\kbdycl.dll
2007-03-13 01:35:39 5632 -ra------ C:\WINDOWS\system32\kbdpl1.dll
2007-03-13 01:35:39 6656 -ra------ C:\WINDOWS\system32\kbdpl.dll
2007-03-13 01:35:39 5632 -ra------ C:\WINDOWS\system32\kbdhu1.dll
2007-03-13 01:35:39 6656 -ra------ C:\WINDOWS\system32\kbdhu.dll
2007-03-13 01:35:39 6656 -ra------ C:\WINDOWS\system32\kbdcz2.dll
2007-03-13 01:35:39 6656 -ra------ C:\WINDOWS\system32\kbdcz1.dll
2007-03-13 01:35:39 7168 -ra------ C:\WINDOWS\system32\kbdcz.dll
2007-03-13 01:35:39 6656 -ra------ C:\WINDOWS\system32\kbdcr.dll
2007-03-13 01:35:39 6656 -ra------ C:\WINDOWS\system32\KBDAL.DLL
2007-03-13 01:35:37 24661 --a------ C:\WINDOWS\system32\spxcoins.dll
2007-03-13 01:35:37 13312 --a------ C:\WINDOWS\system32\irclass.dll
2007-03-13 01:35:37 85020 --a------ C:\WINDOWS\system32\dgsetup.dll
2007-03-13 01:35:37 176157 --a------ C:\WINDOWS\system32\dgrpsetu.dll
2007-03-13 01:35:36 103424 --a------ C:\WINDOWS\system32\EqnClass.Dll
2007-03-13 01:35:36 9008 --a------ C:\WINDOWS\system\VER.DLL
2007-03-13 01:35:36 19200 --a------ C:\WINDOWS\system\TAPI.DLL
2007-03-13 01:35:36 5120 --a------ C:\WINDOWS\system\SHELL.DLL
2007-03-13 01:35:36 24064 --a------ C:\WINDOWS\system\OLESVR.DLL
2007-03-13 01:35:36 82944 --a------ C:\WINDOWS\system\OLECLI.DLL
2007-03-13 01:35:36 126912 --a------ C:\WINDOWS\system\MSVIDEO.DLL
2007-03-13 01:35:35 15360 --a------ C:\WINDOWS\TASKMAN.EXE
2007-03-13 01:35:35 9936 --a------ C:\WINDOWS\system\LZEXPAND.DLL
2007-03-13 01:35:35 32816 --a------ C:\WINDOWS\system\COMMDLG.DLL
2007-03-13 01:35:35 109456 --a------ C:\WINDOWS\system\AVIFILE.DLL
2007-03-13 01:35:35 69584 --a------ C:\WINDOWS\system\AVICAP.DLL
2007-03-13 01:35:34 11264 --a------ C:\WINDOWS\system32\drivers\irenum.sys
2007-03-13 01:35:34 8704 --a------ C:\WINDOWS\system32\batt.dll
2007-03-13 01:35:34 68768 --a------ C:\WINDOWS\system\MMSYSTEM.DLL
2007-03-13 01:35:34 69120 --a------ C:\WINDOWS\NOTEPAD.EXE
2007-03-13 01:35:33 74752 --a------ C:\WINDOWS\system32\storprop.dll
2007-03-13 01:35:24 0 dr------- C:\Documents and Settings\All Users\Documents<DOCUME~1>
2007-03-13 01:35:08 0 d-------- C:\WINDOWS\system32\CatRoot2
2007-03-13 01:35:08 0 d-------- C:\WINDOWS\system32\CatRoot


	Logged

VISTA
XPsp2
Avast (of course)

http://spaces.msn.com/members/essexboymkn/

If ignorance is bliss why aren't more people happy?

Essexboy

Administrator

Posts: 899

Re: appears AutoPlay after right click on each of Local Disks !!!!???

« Reply #22 on: March 17, 2007, 08:31:41 AM »

2007-03-13 01:34:37 0 d-------- C:\Documents and Settings<DOCUME~1>
2007-03-13 01:29:58 0 d-------- C:\WINDOWS
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\WinSxS
2007-03-13 01:29:58 0 dr------- C:\WINDOWS\Web
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\twain_32
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\system32
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\system32\wins
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\system32\wbem
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\system32\usmt
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\system32\spool
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\system32\ShellExt
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\system32\Setup
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\system32\ras
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\system32\oobe
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\system32\npp
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\system32\mui
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\system32\inetsrv
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\system32\IME
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\system32\icsxml
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\system32\ias
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\system32\export
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\system32\drivers
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\system32\drivers\etc
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\system32\drivers\disdn
2007-03-13 01:29:58 0 dr-hs---- C:\WINDOWS\system32\dllcache
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\system32\dhcp
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\system32\config
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\system32\3com_dmi
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\system32\3076
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\system32\2052
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\system32\1054
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\system32\1042
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\system32\1041
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\system32\1037
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\system32\1033
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\system32\1031
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\system32\1028
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\system32\1025
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\system
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\security
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\Resources<RESOUR~1>
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\repair
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\Provisioning<PROVIS~1>
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\PeerNet
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\pchealth
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\mui
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\msapps
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\msagent
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\Media
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\java
2007-03-13 01:29:58 0 d--h----- C:\WINDOWS\inf
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\ime
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\Help
2007-03-13 01:29:58 0 dr--s---- C:\WINDOWS\Fonts
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\ehome
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\Driver Cache<DRIVER~1>
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\Debug
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\Cursors
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\Connection Wizard<CONNEC~1>
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\Config
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\AppPatch
2007-03-13 01:29:58 0 d-------- C:\WINDOWS\addins

-- Find3M Report ---------------------------------------------------------------

2007-03-13 19:43:12 1516 --a------ C:\WINDOWS\unappsrv.bat
2007-03-13 18:02:16 0 d-------- C:\Documents and Settings\Manifest\Application Data\Macromedia<MACROM~1>
2007-03-13 17:53:24 0 d-------- C:\Documents and Settings\Manifest\Application Data\Mozilla
2007-03-13 02:03:06 0 d-------- C:\Documents and Settings\Manifest\Application Data\Identities<IDENTI~1>
2007-03-13 01:35:26 62 --ahs---- C:\Documents and Settings\Manifest\Application Data\desktop.ini
2007-03-13 01:35:04 0 d---s---- C:\Documents and Settings\Manifest\Application Data\Microsoft<MICROS~1>

-- Registry Dump ---------------------------------------------------------------

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"IDMan"="C:\\Program Files\\Internet Download Manager\\IDMan.exe /onboot"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"


[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter   REG_MULTI_SZ     HTTPFilter\0\0
LocalService   REG_MULTI_SZ     Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService   REG_MULTI_SZ     DnsCache\0\0
DcomLaunch   REG_MULTI_SZ     DcomLaunch\0TermService\0\0
rpcss   REG_MULTI_SZ     RpcSs\0\0
imgsvc   REG_MULTI_SZ     StiSvc\0\0
termsvcs   REG_MULTI_SZ     TermService\0\0

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{26600ac7-d101-11db-8095-806d6172696f}]
Shell\AutoRun\command   C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{26600ac8-d101-11db-8095-806d6172696f}]
Shell\AutoRun\command   C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{26600ac9-d101-11db-8095-806d6172696f}]
Shell\AutoRun\command   C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{26600aca-d101-11db-8095-806d6172696f}]
Shell\AutoRun\command   C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{26600acb-d101-11db-8095-806d6172696f}]
Shell\AutoRun\command   C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{50681856-d161-11db-8de4-d18c96dc95af}]
Shell\AutoRun\command   C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe

-- End of ComboScan: finished at 2007-03-17 at 14:26:43 ------------------------


	Logged

VISTA
XPsp2
Avast (of course)

http://spaces.msn.com/members/essexboymkn/

If ignorance is bliss why aren't more people happy?

Essexboy

Administrator

Posts: 899

Re: appears AutoPlay after right click on each of Local Disks !!!!???

« Reply #23 on: March 17, 2007, 08:51:07 AM »

First we will get rid of the blatant copy.exe error

WARNING these fixes are designed for this user only and may cause damage if run on an uninfected machine

First we must back up the entire registry.To do this

REGISTRY BACKUP

Go START > RUN and type in REGEDIT then press your enter key.
When Regedit is open ensure that 'my computer' is highlighted in the left pane.
Go to FILE and select EXPORT.
Check the 'all' button at the bottom of the screen to backup the entire registry.
You will need to select a location to save the exported registry (it will be saved as a single file) I would suggest the Desktop
Choose the FILE NAME as Oldreg
In the drop down box called SAVE AS TYPE select registration files (*.reg).
Then click SAVE
This will create a file on your desktop called Oldreg.reg

REGISTRY FIX

Quote

REGEDIT4

[-HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{26600ac7-d101-11db-8095-806d6172696f}]

[-HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{26600ac8-d101-11db-8095-806d6172696f}]

[-HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{26600ac9-d101-11db-8095-806d6172696f}]

[-HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{26600aca-d101-11db-8095-806d6172696f}]

[-HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{26600acb-d101-11db-8095-806d6172696f}]

[-HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{50681856-d161-11db-8de4-d18c96dc95af}]

[-HKEY_CLASSES_ROOT\CLSID\{26600ac8-d101-11db-8095-806d6172696f}]

[-HKEY_CLASSES_ROOT\CLSID\{26600ac9-d101-11db-8095-806d6172696f}]

[-HKEY_CLASSES_ROOT\CLSID\{26600ac7-d101-11db-8095-806d6172696f}]

[-HKEY_CLASSES_ROOT\CLSID\{26600aca-d101-11db-8095-806d6172696f}]

[-HKEY_CLASSES_ROOT\CLSID\{26600acb-d101-11db-8095-806d6172696f}]

[-HKEY_CLASSES_ROOT\CLSID\{50681856-d161-11db-8de4-d18c96dc95af}]

Next you will need to create the repair registry fix to do that copy and paste ALL of the above in the quote box to a notepad file. Ensure there is no space above the REGEDIT4.
Then in notepad go to FILE > SAVE AS and in the dropdown box select SAVE AS TYPE to ALL FILES
Then in the FILE NAME box type fix.reg
This will create a fix.reg file on your desktop

To use this file you will need to right click the icon and select merge, accept the warning if it appears and you are done.

Please download the Killbox by Option^Explicit.

Note: In the event you already have Killbox, this is a new version that I need you to download.

Save it to your desktop.
Please double-click Killbox.exe to run it.
Select:
- Delete on Reboot
- then Click on the All Files button.
Please copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy):

C:\Program Files\exe
Return to Killbox, go to the File menu, and choose Paste from Clipboard.
Click the red-and-white Delete File button. Click Yes at the Delete on Reboot prompt. Click OK at any PendingFileRenameOperations prompt (and please let me know if you receive this message!).

If your computer does not restart automatically, please restart it manually.

If you receive a message such as: "Component 'MsComCtl.ocx' or one of its dependencies not correctly registered: a file is missing or invalid." when trying to run Killbox, click here to download and run missingfilesetup.exe. Then try Killbox again.

Getting there

Download ComboFix from http://www.techsupportforum.com/sectools/sUBs/ComboFix.exe or http://download.bleepingcomputer.com/sUBs/ComboFix.exe to your Desktop.

Double click combofix.exe and follow the prompts.
When finished, it shall produce a log for you. Post that log and a HiJackthis log in your next reply

Note: Do not mouseclick combofix's window while its running. That may cause it to stall

You may need to break the posts into segments to get the data in


	Logged

VISTA
XPsp2
Avast (of course)

http://spaces.msn.com/members/essexboymkn/

If ignorance is bliss why aren't more people happy?

omid020

Contributor

Posts: 16

Re: appears AutoPlay after right click on each of Local Disks !!!!???

« Reply #24 on: March 17, 2007, 11:39:47 AM »

This one was really perfect glupek2

. Thanks again .Now AutoPlay is removed.
and my drives open easily . Just one little problem .In Windows Taskbar , Language
selection tab in right side of bar is removed and I don`t know how recover it , Of course
languages change with Alt+Shift command .
And these are logs for ComboFix & HiJackThis :

"Manifest" - 07-03-17 18:28:58 Service Pack 2
ComboFix 07-03-15.2 - Running from: "C:\Documents and Settings\Manifest\Desktop"

(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

c:\autorun.inf
d:\autorun.inf
e:\autorun.inf
f:\autorun.inf
g:\autorun.inf
j:\autorun.inf
C:\autorun.inf
C:\WINDOWS\autorun.inf

((((((((((((((((((((((((((((((( Files Created from 2007-02-17 to 2007-03-17 ))))))))))))))))))))))))))))))))))

2007-03-17 17:49   <DIR>   d--------   C:\Program Files\Yahoo!
2007-03-17 15:55   <DIR>   d--------   C:\Program Files\Common Files\Adobe
2007-03-17 15:55   <DIR>   d--------   C:\DOCUME~1\Manifest\APPLIC~1\AdobeUM
2007-03-17 15:52   <DIR>   d--------   C:\WINDOWS\Cache
2007-03-17 15:20   1,168   --a------   C:\WINDOWS\mozver.dat
2007-03-17 11:29   94,424   --a------   C:\WINDOWS\system32\drivers\aswmon2.sys
2007-03-17 11:29   90,112   --a------   C:\WINDOWS\system32\AVASTSS.scr
2007-03-17 11:29   85,952   --a------   C:\WINDOWS\system32\drivers\aswmon.sys
2007-03-17 11:29   689,280   --a------   C:\WINDOWS\system32\aswBoot.exe
2007-03-17 11:29   499,712   --a------   C:\WINDOWS\system32\MSVCP71.dll
2007-03-17 11:29   43,176   --a------   C:\WINDOWS\system32\drivers\aswTdi.sys
2007-03-17 11:29   348,160   --a------   C:\WINDOWS\system32\MSVCR71.dll
2007-03-17 11:29   31,560   --a------   C:\WINDOWS\system32\drivers\aavmker4.sys
2007-03-17 11:29   23,352   --a------   C:\WINDOWS\system32\drivers\aswRdr.sys
2007-03-17 11:29   1,060,864   --a------   C:\WINDOWS\system32\MFC71.dll
2007-03-17 11:29   <DIR>   d--------   C:\Program Files\Alwil Software
2007-03-16 22:16   <DIR>   d--------   C:\!KillBox
2007-03-16 21:53   <DIR>   d--------   C:\Program Files\Internet Download Manager
2007-03-16 21:53   <DIR>   d--------   C:\DOCUME~1\Manifest\APPLIC~1\IDM
2007-03-16 21:53   <DIR>   d--------   C:\DOCUME~1\Manifest\APPLIC~1\DMCache
2007-03-15 12:37   <DIR>   d--------   C:\Program Files\DFX
2007-03-15 11:28   <DIR>   d--------   C:\DOCUME~1\ALLUSE~1\APPLIC~1\TechSmith
2007-03-15 11:27   <DIR>   d--------   C:\Program Files\TechSmith
2007-03-15 11:26   <DIR>   d--------   C:\Program Files\Common Files\Wise Installation Wizard
2007-03-15 02:21   <DIR>   d--------   C:\DOCUME~1\Manifest\APPLIC~1\ACD Systems
2007-03-14 22:35   <DIR>   d--------   C:\Program Files\EmEditor
2007-03-14 22:22   39   --a------   C:\WINDOWS\TDEVXCW60.DLL
2007-03-14 22:22   39   --a------   C:\WINDOWS\system32\TEVPXCW60.DLL
2007-03-14 22:22   <DIR>   d--------   C:\Program Files\TurboDemo 7.5 Trial
2007-03-14 18:36   <DIR>   d--hs----   C:\WINDOWS\ftpcache
2007-03-14 18:36   <DIR>   d--------   C:\Program Files\PHP Expert Editor
2007-03-14 14:36   <DIR>   d--------   C:\DOCUME~1\Manifest\APPLIC~1\Ahead
2007-03-14 14:35   89,184   --a------   C:\WINDOWS\system32\drivers\imagedrv.sys
2007-03-14 14:35   569,344   --a------   C:\WINDOWS\system32\imagr5.dll
2007-03-14 14:35   544,768   --a------   C:\WINDOWS\system32\imagx5.dll
2007-03-14 14:35   38,912   --a------   C:\WINDOWS\system32\picn20.dll
2007-03-14 14:35   283,920   --a------   C:\WINDOWS\system32\ImagXpr5.dll
2007-03-14 14:35   155,648   --a------   C:\WINDOWS\system32\NeroCheck.exe
2007-03-14 14:35   <DIR>   d--------   C:\Program Files\Common Files\Ahead
2007-03-14 14:35   <DIR>   d--------   C:\Program Files\Ahead
2007-03-14 13:41   <DIR>   d--------   C:\Program Files\exe
2007-03-14 13:41   <DIR>   d--------   C:\DOCUME~1\Manifest\APPLIC~1\exe
2007-03-14 13:07   <DIR>   d--------   C:\Program Files\ReloadTools
2007-03-14 13:07   <DIR>   d--------   C:\DOCUME~1\Manifest\reload
2007-03-14 13:06   <DIR>   d--h-----   C:\Program Files\Zero G Registry
2007-03-14 09:33   <DIR>   d--------   C:\Program Files\MySQL-Front
2007-03-13 21:13   <DIR>   d--------   C:\WINDOWS\speech
2007-03-13 21:09   <DIR>   d--------   C:\Program Files\Babylon
2007-03-13 21:09   <DIR>   d--------   C:\DOCUME~1\Manifest\APPLIC~1\Babylon
2007-03-13 21:09   <DIR>   d--------   C:\DOCUME~1\ALLUSE~1\APPLIC~1\Babylon
2007-03-13 21:05   <DIR>   d--------   C:\WINDOWS\system32\SoftwareDistribution
2007-03-13 20:55   43,520   --a------   C:\WINDOWS\system32\PickWord.dll
2007-03-13 20:55   304,128   --a------   C:\WINDOWS\IsUninst.exe
2007-03-13 20:55   <DIR>   d--------   C:\Program Files\Farshid
2007-03-13 20:48   <DIR>   d--------   C:\DOCUME~1\Manifest\WINDOWS
2007-03-13 19:43   90,112   --a------   C:\WINDOWS\unvise32.exe
2007-03-13 19:42   <DIR>   d--------   C:\AppServ
2007-03-13 18:01   <DIR>   d--------   C:\Program Files\Flash Player
2007-03-13 17:54   <DIR>   d--------   C:\DOCUME~1\Manifest\APPLIC~1\ImageFox
2007-03-13 17:53   0   --a------   C:\WINDOWS\nsreg.dat
2007-03-13 17:51   <DIR>   d--------   C:\DOCUME~1\Manifest\APPLIC~1\Adobe
2007-03-13 17:51   <DIR>   d--------   C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
2007-03-13 17:44   77,824   -ra------   C:\WINDOWS\system32\nvsvc32.exe
2007-03-13 17:44   753,664   -ra------   C:\WINDOWS\system32\nwiz.exe
2007-03-13 17:44   65,536   -ra------   C:\WINDOWS\system32\nvrszht.dll
2007-03-13 17:44   65,536   -ra------   C:\WINDOWS\system32\nvrszhc.dll
2007-03-13 17:44   49,152   -ra------   C:\WINDOWS\system32\nvmctray.dll
2007-03-13 17:44   450,560   -ra------   C:\WINDOWS\system32\nvshell.dll
2007-03-13 17:44   397,312   -ra------   C:\WINDOWS\system32\nvappbar.exe
2007-03-13 17:44   35,840   -ra------   C:\WINDOWS\system32\nvwddi.dll
2007-03-13 17:44   30,720   -ra------   C:\WINDOWS\system32\nvcodins.dll
2007-03-13 17:44   30,720   -ra------   C:\WINDOWS\system32\nvcod.dll
2007-03-13 17:44   3,551,232   -ra------   C:\WINDOWS\system32\nvoglnt.dll
2007-03-13 17:44   3,022,848   -ra------   C:\WINDOWS\system32\nvcpl.dll
2007-03-13 17:44   290,816   -ra------   C:\WINDOWS\system32\keystone.exe
2007-03-13 17:44   262,144   -ra------   C:\WINDOWS\system32\nvwrses.dll
2007-03-13 17:44   262,144   -ra------   C:\WINDOWS\system32\nvwrsel.dll
2007-03-13 17:44   253,952   -ra------   C:\WINDOWS\system32\nvwrspt.dll
2007-03-13 17:44   253,952   -ra------   C:\WINDOWS\system32\nvwrsesm.dll
2007-03-13 17:44   249,856   -ra------   C:\WINDOWS\system32\nvwrsru.dll
2007-03-13 17:44   249,856   -ra------   C:\WINDOWS\system32\nvwrsptb.dll
2007-03-13 17:44   249,856   -ra------   C:\WINDOWS\system32\nvwrsit.dll
2007-03-13 17:44   249,856   -ra------   C:\WINDOWS\system32\nvwrsfr.dll
2007-03-13 17:44   245,760   -ra------   C:\WINDOWS\system32\nvwrsnl.dll
2007-03-13 17:44   241,664   -ra------   C:\WINDOWS\system32\nvwrshu.dll
2007-03-13 17:44   241,664   -ra------   C:\WINDOWS\system32\nvwrsde.dll
2007-03-13 17:44   237,568   -ra------   C:\WINDOWS\system32\nvwrstr.dll
2007-03-13 17:44   237,568   -ra------   C:\WINDOWS\system32\nvwrsfi.dll
2007-03-13 17:44   233,472   -ra------   C:\WINDOWS\system32\nvwrsno.dll
2007-03-13 17:44   233,472   -ra------   C:\WINDOWS\system32\nvnt4cpl.dll
2007-03-13 17:44   229,376   -ra------   C:\WINDOWS\system32\nvwrssv.dll
2007-03-13 17:44   229,376   -ra------   C:\WINDOWS\system32\nvwrssl.dll
2007-03-13 17:44   229,376   -ra------   C:\WINDOWS\system32\nvwrssk.dll
2007-03-13 17:44   229,376   -ra------   C:\WINDOWS\system32\nvwrspl.dll
2007-03-13 17:44   229,376   -ra------   C:\WINDOWS\system32\nvwrsda.dll
2007-03-13 17:44   221,184   -ra------   C:\WINDOWS\system32\nvwrseng.dll
2007-03-13 17:44   221,184   -ra------   C:\WINDOWS\system32\nvwrsar.dll
2007-03-13 17:44   217,088   -ra------   C:\WINDOWS\system32\nvwrshe.dll
2007-03-13 17:44   217,088   -ra------   C:\WINDOWS\system32\nvwrscs.dll
2007-03-13 17:44   172,032   -ra------   C:\WINDOWS\system32\nvrsar.dll
2007-03-13 17:44   163,840   -ra------   C:\WINDOWS\system32\nvwrsja.dll
2007-03-13 17:44   163,840   -ra------   C:\WINDOWS\system32\nvrshe.dll
2007-03-13 17:44   151,552   -ra------   C:\WINDOWS\system32\nvwrsko.dll
2007-03-13 17:44   143,360   -ra------   C:\WINDOWS\system32\nvrsko.dll
2007-03-13 17:44   143,360   -ra------   C:\WINDOWS\system32\nvrsja.dll
2007-03-13 17:44   139,264   -ra------   C:\WINDOWS\system32\nvrsesm.dll
2007-03-13 17:44   135,168   -ra------   C:\WINDOWS\system32\nvrsit.dll
2007-03-13 17:44   135,168   -ra------   C:\WINDOWS\system32\nvrsfr.dll
2007-03-13 17:44   131,072   -ra------   C:\WINDOWS\system32\nvwrszht.dll
2007-03-13 17:44   131,072   -ra------   C:\WINDOWS\system32\nvrsptb.dll
2007-03-13 17:44   131,072   -ra------   C:\WINDOWS\system32\nvrsnl.dll
2007-03-13 17:44   131,072   -ra------   C:\WINDOWS\system32\nvrses.dll
2007-03-13 17:44   131,072   -ra------   C:\WINDOWS\system32\nvrsel.dll
2007-03-13 17:44   131,072   -ra------   C:\WINDOWS\system32\nvrsde.dll
2007-03-13 17:44   131,072   -ra------   C:\WINDOWS\system32\nvinstnt.dll
2007-03-13 17:44   126,976   -ra------   C:\WINDOWS\system32\nvwrszhc.dll
2007-03-13 17:44   126,976   -ra------   C:\WINDOWS\system32\nvrssl.dll
2007-03-13 17:44   126,976   -ra------   C:\WINDOWS\system32\nvrsru.dll
2007-03-13 17:44   126,976   -ra------   C:\WINDOWS\system32\nvrspt.dll
2007-03-13 17:44   122,880   -ra------   C:\WINDOWS\system32\nvrstr.dll
2007-03-13 17:44   122,880   -ra------   C:\WINDOWS\system32\nvrshu.dll
2007-03-13 17:44   122,880   -ra------   C:\WINDOWS\system32\nvrsda.dll
2007-03-13 17:44   118,784   -ra------   C:\WINDOWS\system32\nvrssv.dll
2007-03-13 17:44   118,784   -ra------   C:\WINDOWS\system32\nvrssk.dll
2007-03-13 17:44   118,784   -ra------   C:\WINDOWS\system32\nvrspl.dll
2007-03-13 17:44   118,784   -ra------   C:\WINDOWS\system32\nvrsno.dll
2007-03-13 17:44   118,784   -ra------   C:\WINDOWS\system32\nvrseng.dll
2007-03-13 17:44   114,688   -ra------   C:\WINDOWS\system32\nvrsfi.dll
2007-03-13 17:44   114,688   -ra------   C:\WINDOWS\system32\nvrscs.dll
2007-03-13 17:44   110,592   --a------   C:\WINDOWS\system32\nvudisp.exe
2007-03-13 17:44   1,474,633   -ra------   C:\W