Combofix logi kone hitaalla

Discussion in 'Virukset ja haittaohjelmat - HijackThis -logit' started by Yomito, Sep 23, 2008.

  1. Yomito

    Yomito Member

    Joined:
    Jul 28, 2007
    Messages:
    59
    Likes Received:
    0
    Trophy Points:
    16
    ComboFix 08-09-16.03 - Omistaja 2008-09-23 17:19:14.2 - NTFSx86
    Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1035.18.1519 [GMT 3:00]
    Sijainti: D:\Ohjelmat\ComboFix.exe

    VAROITUS - PALAUTUSKONSOLIA EI OLE ASENNETTU !!
    .

    ((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2008-08-23 to 2008-09-23 )))))))))))))))))
    .

    2008-09-23 11:36 . 2008-09-23 12:01 <KANSIO> d-------- C:\Documents and Settings\Omistaja\Application Data\LimeWire
    2008-09-22 17:15 . 2008-09-22 17:15 <KANSIO> d-------- C:\Documents and Settings\Omistaja\Application Data\AdobeUM
    2008-09-19 16:52 . 2008-09-19 16:52 <KANSIO> d-------- C:\Program Files\Games-Masters.com
    2008-09-18 22:31 . 2008-09-18 22:31 <KANSIO> d-------- C:\WINDOWS\system32\Adobe
    2008-09-18 06:35 . 2008-09-18 06:35 <KANSIO> d-------- C:\Program Files\Common Files\INCA Shared
    2008-09-18 06:35 . 2003-07-21 06:17 5,174 --a------ C:\WINDOWS\system32\nppt9x.vxd
    2008-09-18 06:35 . 2005-01-04 21:43 4,682 --a------ C:\WINDOWS\system32\npptNT2.sys
    2008-09-17 15:11 . 2008-09-17 15:11 <KANSIO> d-------- C:\WINDOWS\RaidTool
    2008-09-17 15:11 . 2008-09-17 15:11 <KANSIO> d-------- C:\RaidTool
    2008-09-17 15:11 . 2008-09-17 15:10 1,953,792 --a------ C:\WINDOWS\system32\xRaidSetup.exe
    2008-09-17 15:11 . 2008-09-17 15:10 143,360 --a------ C:\WINDOWS\system32\xRaidAPI.dll
    2008-09-17 15:04 . 2008-09-17 15:04 <KANSIO> d-------- C:\WINDOWS\system32\AGEIA
    2008-09-17 15:04 . 2008-09-17 15:04 <KANSIO> d-------- C:\Program Files\Common Files\Wise Installation Wizard
    2008-09-17 15:04 . 2008-09-17 15:04 <KANSIO> d-------- C:\Program Files\AGEIA Technologies
    2008-09-17 14:03 . 2008-08-15 23:22 198,941 --a------ C:\WINDOWS\system32\nvapps.nvb
    2008-09-17 13:34 . 2008-09-17 13:34 <KANSIO> d-------- C:\WINDOWS\ERUNT
    2008-09-17 13:34 . 2008-09-17 13:38 <KANSIO> d-------- C:\SDFix
    2008-09-17 13:17 . 2008-09-17 13:17 <KANSIO> d-------- C:\Program Files\DNA
    2008-09-17 13:17 . 2008-09-23 17:19 <KANSIO> d-------- C:\Documents and Settings\Omistaja\Application Data\DNA
    2008-09-17 13:17 . 2008-09-23 17:16 <KANSIO> d-------- C:\Documents and Settings\Omistaja\Application Data\BitTorrent
    2008-09-17 13:10 . 2008-09-17 13:12 <KANSIO> d-------- C:\Documents and Settings\Omistaja\Application Data\uTorrent
    2008-09-16 22:01 . 2008-09-16 22:01 0 --a------ C:\WINDOWS\nsreg.dat
    2008-09-16 20:03 . 2008-09-16 20:03 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\InstallShield
    2008-09-16 12:21 . 2008-09-16 12:21 <KANSIO> d-------- C:\Program Files\Windows Sidebar
    2008-09-16 12:21 . 2008-09-17 10:41 <KANSIO> d-------- C:\Program Files\Norton 360
    2008-09-16 12:20 . 2008-09-22 17:16 <KANSIO> d-------- C:\Program Files\Symantec
    2008-09-16 12:20 . 2008-09-22 17:14 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Symantec
    2008-09-16 12:20 . 2008-09-22 17:16 123,952 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS
    2008-09-16 12:20 . 2008-09-22 17:16 60,800 --a------ C:\WINDOWS\system32\S32EVNT1.DLL
    2008-09-16 12:20 . 2008-09-22 17:16 10,671 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.CAT
    2008-09-16 12:20 . 2008-09-22 17:16 805 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.INF
    2008-09-16 11:54 . 2008-09-16 11:55 <KANSIO> d-------- C:\Program Files\Java
    2008-09-16 11:54 . 2008-09-16 11:54 <KANSIO> d-------- C:\Program Files\Common Files\Java
    2008-09-16 11:11 . 2008-09-16 12:23 <KANSIO> d-------- C:\WINDOWS\system32\CatRoot_bak
    2008-09-16 11:08 . 2008-06-14 20:59 272,128 --------- C:\WINDOWS\system32\drivers\bthport.sys
    2008-09-16 11:08 . 2008-06-14 20:59 272,128 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
    2008-09-14 18:28 . 2008-09-16 11:12 <KANSIO> d-------- C:\WINDOWS\system32\fi-fi
    2008-09-14 18:26 . 2006-03-02 15:00 49,152 --a------ C:\WINDOWS\system32\SET91.tmp
    2008-09-14 18:26 . 2006-03-02 15:00 28,672 --a--c--- C:\WINDOWS\system32\dllcache\SET9A.tmp
    2008-09-14 18:24 . 2008-06-23 19:29 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
    2008-09-14 18:24 . 2007-04-17 12:32 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
    2008-09-14 18:24 . 2007-03-08 08:10 1,011,712 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
    2008-09-14 18:24 . 2008-06-23 19:29 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
    2008-09-14 18:24 . 2008-06-23 19:29 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
    2008-09-14 18:24 . 2008-06-23 19:29 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
    2008-09-14 18:24 . 2008-06-23 19:29 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
    2008-09-14 18:24 . 2008-06-23 19:29 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
    2008-09-14 18:24 . 2008-06-23 12:20 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
    2008-09-14 18:23 . 2006-03-24 07:37 49,152 --a------ C:\WINDOWS\system32\SET8E.tmp
    2008-09-14 18:23 . 2006-06-02 22:32 33,792 --a--c--- C:\WINDOWS\system32\dllcache\SET98.tmp
    2008-09-14 18:03 . 2006-03-02 15:00 13,463,552 --a--c--- C:\WINDOWS\system32\dllcache\hwxjpn.dll
    2008-09-14 18:00 . 2001-08-18 00:59 3,072 --a------ C:\WINDOWS\system32\drivers\audstub.sys
    2008-09-14 16:21 . 2008-09-14 16:21 <KANSIO> d-------- C:\WINDOWS\system32\Futuremark
    2008-09-14 16:21 . 2008-09-14 16:21 <KANSIO> d-------- C:\Documents and Settings\Omistaja\Application Data\InstallShield
    2008-09-14 16:21 . 2007-08-20 11:05 27,672 -ra------ C:\WINDOWS\system32\drivers\Entech.sys
    2008-09-14 16:07 . 2008-09-17 15:07 <KANSIO> d-------- C:\WINDOWS\nview
    2008-09-14 16:07 . 2008-08-06 07:51 453,152 --a------ C:\WINDOWS\system32\NVUNINST.EXE
    2008-09-14 16:07 . 2008-08-12 22:58 453,152 --a------ C:\WINDOWS\system32\nvudisp.exe
    2008-09-14 16:07 . 2008-09-23 10:19 192,809 --a------ C:\WINDOWS\system32\nvapps.xml
    2008-09-14 16:07 . 2008-08-15 23:22 18,335 --a------ C:\WINDOWS\system32\nvdisp.nvu
    2008-09-14 16:06 . 2008-09-14 16:06 <KANSIO> d-------- C:\NVIDIA

    .
    (((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-09-23 14:20 --------- d-----w C:\Program Files\Common Files\Symantec Shared
    2008-09-17 13:13 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-09-17 12:10 6,912 ----a-w C:\WINDOWS\system32\drivers\JGOGO.sys
    2008-09-17 12:10 46,208 ----a-w C:\WINDOWS\system32\drivers\jraid.sys
    2008-09-16 17:01 --------- d-----w C:\Program Files\Common Files\InstallShield
    2008-09-16 11:47 --------- d-----w C:\Documents and Settings\Omistaja\Application Data\Symantec
    2008-09-14 12:46 --------- d-----w C:\Program Files\SystemRequirementsLab
    2008-09-14 12:29 --------- d-----w C:\Program Files\Common Files\Adobe
    2008-09-14 12:21 --------- d-----w C:\Program Files\ASUS
    2008-09-14 12:17 --------- d-----w C:\Program Files\Realtek
    2008-09-14 12:17 --------- d-----w C:\Program Files\Analog Devices
    2008-09-14 12:10 --------- d-----w C:\Program Files\microsoft frontpage
    2008-08-12 19:58 5,799,936 ----a-w C:\WINDOWS\system32\nvdispsr.dll
    2008-08-01 08:05 70,936 ----a-w C:\WINDOWS\system32\PhysXLoader.dll
    2008-07-30 14:42 23,888 ----a-w C:\WINDOWS\system32\drivers\COH_Mon.sys
    2008-07-30 14:28 706 ----a-w C:\WINDOWS\system32\drivers\COH_Mon.inf
    2008-07-30 14:28 10,537 ----a-w C:\WINDOWS\system32\drivers\coh_mon.cat
    2008-07-18 19:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
    2008-07-18 19:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
    2008-07-18 19:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
    2008-07-18 19:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
    2008-07-18 19:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
    2008-07-18 19:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
    2008-07-18 19:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
    2008-07-18 19:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
    2008-07-07 20:31 253,952 ----a-w C:\WINDOWS\system32\es.dll
    2008-06-24 16:23 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
    2008-06-23 16:29 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
    .

    ((((((((((((((((((((((((((((( snapshot@2008-09-17_13.27.29.07 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2006-10-12 13:55:59 42,496 ----a-w C:\WINDOWS\$hf_mig$\KB920213\SP2QFE\agentdp2.dll
    + 2006-10-12 13:55:59 57,344 ----a-w C:\WINDOWS\$hf_mig$\KB920213\SP2QFE\agentdpv.dll
    + 2006-10-12 11:54:07 256,512 ----a-w C:\WINDOWS\$hf_mig$\KB920213\SP2QFE\agentsvr.exe
    + 2006-10-16 11:19:07 254,464 ----a-w C:\WINDOWS\$hf_mig$\KB920213\SP2QFE\spru040b.dll
    + 2005-10-12 23:18:02 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB920213\spmsg.dll
    + 2005-10-12 23:18:03 214,752 ----a-w C:\WINDOWS\$hf_mig$\KB920213\spuninst.exe
    + 2005-10-12 23:18:02 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB920213\update\spcustom.dll
    + 2005-10-12 23:18:05 717,536 ----a-w C:\WINDOWS\$hf_mig$\KB920213\update\update.exe
    + 2005-10-12 23:18:08 380,640 ----a-w C:\WINDOWS\$hf_mig$\KB920213\update\updspapi.dll
    + 2008-09-17 11:18:16 27,136 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\c6772fd12a581ad3be49e3f2a80b5622\Accessibility.ni.dll
    + 2008-09-17 11:18:19 884,736 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\a1d353edc300e3aff0784202f68a657b\AspNetMMCExt.ni.dll
    + 2008-09-17 11:18:19 237,568 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\c10ec9b4de2b366236ec83237dc31281\CustomMarshalers.ni.dll
    + 2008-09-17 11:18:19 15,360 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\dfsvc\837fe02bdcf637d5bf1e5ffb935ebb80\dfsvc.ni.exe
    + 2008-09-17 11:18:21 876,544 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\9710a3c0d11dd264c3a6b88977699e9b\Microsoft.Build.Engine.ni.dll
    + 2008-09-17 11:18:21 81,920 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e2858a45971fb30b0c0523dbb52c1d4e\Microsoft.Build.Framework.ni.dll
    + 2008-09-17 11:18:23 1,695,744 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\63d69ffdf3c640d2d104a4b74e8115f8\Microsoft.Build.Tasks.ni.dll
    + 2008-09-17 11:18:23 167,936 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\11cb5418c06e30100616fbf205588489\Microsoft.Build.Utilities.ni.dll
    + 2008-09-17 11:18:25 1,740,800 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\923bd55258380eae77353d36a5a1b08f\Microsoft.VisualBasic.ni.dll
    + 2008-09-17 11:18:26 1,011,712 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\eee9b48577689e92db5a7b5c5de98d9b\System.Configuration.ni.dll
    + 2008-09-17 11:18:27 1,798,144 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Deployment\c7dea4895e1fa33d65e448c03de48d26\System.Deployment.ni.dll
    + 2008-09-17 11:18:28 1,224,704 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\914668b240550f529e54bb772c6fc881\System.DirectoryServices.ni.dll
    + 2008-09-17 11:18:28 512,000 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\f11bc82c09955cb8438d3885a99c297d\System.DirectoryServices.Protocols.ni.dll
    + 2008-09-17 11:18:29 659,456 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\646131eda5f21f4e6216733d49c22c56\System.EnterpriseServices.ni.dll
    + 2008-09-17 11:18:29 294,912 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\646131eda5f21f4e6216733d49c22c56\System.EnterpriseServices.Wrapper.dll
    + 2008-09-17 11:18:30 733,184 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Security\2b5994269cc5b996231c9b21afea9a91\System.Security.ni.dll
    + 2008-09-17 11:18:30 233,472 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\193ac978af569ad9ee45110b359961b9\System.ServiceProcess.ni.dll
    + 2008-09-17 11:18:31 679,936 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\12e0aa1030badf4524f897e3f57b037a\System.Transactions.ni.dll
    + 2008-09-17 11:18:41 2,342,912 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\37d87b3cab1c66ec4430ebb2abeaa570\System.Web.Mobile.ni.dll
    + 2008-09-17 11:18:41 237,568 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\b5b81faf46fc63c20d5339b36edd02fa\System.Web.RegularExpressions.ni.dll
    + 2008-09-17 11:18:43 1,986,560 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\38991368499e2109ea4099a0fe29c5a3\System.Web.Services.ni.dll
    + 2008-09-17 11:18:39 12,509,184 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\67cfb70213562afe2ca9b9066764af3a\System.Web.ni.dll
    + 2008-08-07 13:27:04 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE
    + 2008-09-17 10:34:41 1,122,304 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\00000001\NTUSER.DAT
    + 2008-09-17 10:34:41 163,840 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\00000002\UsrClass.dat
    + 2008-08-07 13:27:04 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.EXE
    + 2008-09-17 10:34:36 1,122,304 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000001\NTUSER.DAT
    + 2008-09-17 10:34:36 163,840 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000002\UsrClass.dat
    - 2006-03-02 12:00:00 41,984 ----a-w C:\WINDOWS\msagent\agentdp2.dll
    + 2006-10-12 14:04:15 42,496 ----a-w C:\WINDOWS\msagent\agentdp2.dll
    - 2006-03-02 12:00:00 256,512 ----a-w C:\WINDOWS\msagent\agentsvr.exe
    + 2006-10-12 11:09:53 256,512 ----a-w C:\WINDOWS\msagent\agentsvr.exe
    - 2008-09-14 12:10:09 8,738 ----a-w C:\WINDOWS\pchealth\helpctr\Config\Cntstore.bin
    + 2008-09-18 14:31:36 8,972 ----a-w C:\WINDOWS\pchealth\helpctr\Config\Cntstore.bin
    - 2008-09-14 12:10:08 76,487 ----a-w C:\WINDOWS\pchealth\helpctr\OfflineCache\index.dat
    + 2008-09-18 14:32:40 76,487 ----a-w C:\WINDOWS\pchealth\helpctr\OfflineCache\index.dat
    - 2008-09-14 12:10:09 2,072 ----a-w C:\WINDOWS\pchealth\helpctr\PackageStore\SkuStore.bin
    + 2008-09-18 14:32:40 2,378 ----a-w C:\WINDOWS\pchealth\helpctr\PackageStore\SkuStore.bin
    + 2008-09-17 12:10:37 32,768 ----a-w C:\WINDOWS\RaidTool\IDEDrvSetup.exe
    + 2008-09-17 12:10:38 2,560 ----a-w C:\WINDOWS\RaidTool\xIDESetup.exe
    + 2008-09-17 12:10:38 20,992 ----a-w C:\WINDOWS\RaidTool\xInsDrv.dll
    + 2008-09-17 12:10:38 36,864 ----a-w C:\WINDOWS\RaidTool\xInsIDE.exe
    + 2008-08-06 13:22:02 114,688 ----a-w C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
    + 2008-08-06 13:30:48 202,168 ----a-w C:\WINDOWS\system32\Adobe\Director\SwDir.dll
    + 2008-08-06 13:22:42 499,712 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\Control.dll
    + 2008-08-06 12:45:40 1,798,144 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\dirapi.dll
    + 2008-08-06 13:22:44 9,216 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\DynaPlayer.dll
    + 2008-08-06 12:35:52 706,048 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\gi.dll
    + 2008-08-06 12:35:52 1,145,896 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\gt.exe
    + 2008-08-06 12:35:52 52,288 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\gtapi.dll
    + 2008-08-06 12:42:04 892,928 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\iml32.dll
    + 2008-08-06 12:35:52 54,656 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\pccuapi.dll
    + 2008-08-06 13:21:14 266,240 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\Plugin.dll
    + 2008-08-06 13:24:14 446,464 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\Proj.dll
    + 2008-08-06 13:30:30 447,928 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1100465.exe
    + 2008-08-06 13:24:56 114,688 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\SwInit.exe
    + 2008-08-06 13:21:04 94,208 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\SwMenu.dll
    + 2008-08-06 12:35:52 50,808 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\SYMCCHECKER.DLL
    + 1999-06-25 07:55:30 149,504 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\UNWISE.EXE
    - 2006-08-16 14:56:42 45,056 ----a-w C:\WINDOWS\system32\AgCPanelFrench.dll
    + 2008-06-11 06:02:32 58,648 ----a-w C:\WINDOWS\system32\AgCPanelFrench.dll
    - 2006-08-16 14:56:42 45,056 ----a-w C:\WINDOWS\system32\AgCPanelGerman.dll
    + 2008-06-11 06:02:32 58,648 ----a-w C:\WINDOWS\system32\AgCPanelGerman.dll
    - 2006-08-16 14:56:42 45,056 ----a-w C:\WINDOWS\system32\AgCPanelJapanese.dll
    + 2008-06-11 06:02:32 58,648 ----a-w C:\WINDOWS\system32\AgCPanelJapanese.dll
    - 2006-08-16 14:56:42 45,056 ----a-w C:\WINDOWS\system32\AgCPanelKorean.dll
    + 2008-06-11 06:02:34 58,648 ----a-w C:\WINDOWS\system32\AgCPanelKorean.dll
    - 2006-08-16 14:56:42 45,056 ----a-w C:\WINDOWS\system32\AgCPanelPortugese.dll
    + 2008-06-11 06:02:34 58,648 ----a-w C:\WINDOWS\system32\AgCPanelPortugese.dll
    - 2006-08-16 14:56:42 45,056 ----a-w C:\WINDOWS\system32\AgCPanelSimplifiedChinese.dll
    + 2008-06-11 06:02:34 58,648 ----a-w C:\WINDOWS\system32\AgCPanelSimplifiedChinese.dll
    - 2006-08-16 14:56:42 45,056 ----a-w C:\WINDOWS\system32\AgCPanelSpanish.dll
    + 2008-06-11 06:02:34 58,648 ----a-w C:\WINDOWS\system32\AgCPanelSpanish.dll
    - 2006-08-16 14:56:42 45,056 ----a-w C:\WINDOWS\system32\AgCPanelSwedish.dll
    + 2008-06-11 06:02:34 58,648 ----a-w C:\WINDOWS\system32\AgCPanelSwedish.dll
    - 2006-08-16 14:56:42 45,056 ----a-w C:\WINDOWS\system32\AgCPanelTraditionalChinese.dll
    + 2008-06-11 06:02:34 58,648 ----a-w C:\WINDOWS\system32\AgCPanelTraditionalChinese.dll
    + 2007-07-23 06:02:42 199,885 ----a-w C:\WINDOWS\system32\AGEIA\AG1011\app.bin
    + 2008-02-29 07:18:36 119,473 ----a-w C:\WINDOWS\system32\AGEIA\AG1011\diag.bin
    + 2008-02-29 07:18:36 214,629 ----a-w C:\WINDOWS\system32\AGEIA\AG1021\app.bin
    + 2008-03-20 05:24:14 116,977 ----a-w C:\WINDOWS\system32\AGEIA\AG1021\diag.bin
    - 2006-03-02 12:00:00 41,984 -c--a-w C:\WINDOWS\system32\dllcache\agentdp2.dll
    + 2006-10-12 14:04:15 42,496 -c--a-w C:\WINDOWS\system32\dllcache\agentdp2.dll
    - 2006-03-02 12:00:00 256,512 -c--a-w C:\WINDOWS\system32\dllcache\agentsvr.exe
    + 2006-10-12 11:09:53 256,512 -c--a-w C:\WINDOWS\system32\dllcache\agentsvr.exe
    - 2007-07-30 16:19:20 92,504 -c--a-w C:\WINDOWS\system32\dllcache\cdm.dll
    + 2008-07-18 19:10:48 94,920 -c--a-w C:\WINDOWS\system32\dllcache\cdm.dll
    - 2007-07-30 16:19:36 549,720 -c--a-w C:\WINDOWS\system32\dllcache\wuapi.dll
    + 2008-07-18 19:09:44 563,912 -c--a-w C:\WINDOWS\system32\dllcache\wuapi.dll
    - 2007-07-30 16:19:16 53,080 -c--a-w C:\WINDOWS\system32\dllcache\wuauclt.exe
    + 2008-07-18 19:10:42 53,448 -c--a-w C:\WINDOWS\system32\dllcache\wuauclt.exe
    - 2007-07-30 16:19:42 1,712,984 -c--a-w C:\WINDOWS\system32\dllcache\wuaueng.dll
    + 2008-07-18 19:09:42 1,811,656 -c--a-w C:\WINDOWS\system32\dllcache\wuaueng.dll
    - 2007-07-30 16:19:32 325,976 -c--a-w C:\WINDOWS\system32\dllcache\wucltui.dll
    + 2008-07-18 19:09:46 325,832 -c--a-w C:\WINDOWS\system32\dllcache\wucltui.dll
    - 2007-07-30 16:18:40 33,624 -c--a-w C:\WINDOWS\system32\dllcache\wups.dll
    + 2008-07-18 19:10:20 36,552 -c--a-w C:\WINDOWS\system32\dllcache\wups.dll
    - 2007-07-30 16:19:28 203,096 -c--a-w C:\WINDOWS\system32\dllcache\wuweb.dll
    + 2008-07-18 19:09:44 205,000 -c--a-w C:\WINDOWS\system32\dllcache\wuweb.dll
    - 2008-05-16 11:01:00 6,557,408 ----a-w C:\WINDOWS\system32\drivers\nv4_mini.sys
    + 2008-08-15 20:22:00 6,121,504 ----a-w C:\WINDOWS\system32\drivers\nv4_mini.sys
    - 2008-02-05 19:34:43 13,616 ----a-w C:\WINDOWS\system32\drivers\symdns.sys
    + 2008-06-13 11:13:38 13,616 ----a-w C:\WINDOWS\system32\drivers\symdns.sys
    - 2008-02-05 19:34:43 96,432 ----a-w C:\WINDOWS\system32\drivers\symfw.sys
    + 2008-06-13 11:13:38 96,432 ----a-w C:\WINDOWS\system32\drivers\symfw.sys
    - 2008-02-05 19:34:43 38,576 ----a-w C:\WINDOWS\system32\drivers\symids.sys
    + 2008-06-13 11:13:38 38,576 ----a-w C:\WINDOWS\system32\drivers\symids.sys
    - 2008-02-06 21:43:53 31,408 ----a-w C:\WINDOWS\system32\drivers\SymIM.sys
    + 2008-06-13 11:14:02 31,280 ----a-w C:\WINDOWS\system32\drivers\SymIM.sys
    - 2008-02-05 19:34:43 37,424 ----a-w C:\WINDOWS\system32\drivers\symndis.sys
    + 2008-06-13 11:13:38 37,424 ----a-w C:\WINDOWS\system32\drivers\symndis.sys
    - 2008-02-05 19:34:43 41,008 ----a-w C:\WINDOWS\system32\drivers\symndisv.sys
    + 2008-06-13 11:13:40 41,008 ----a-w C:\WINDOWS\system32\drivers\symndisv.sys
    - 2008-02-05 19:34:43 22,320 ----a-w C:\WINDOWS\system32\drivers\symredrv.sys
    + 2008-06-13 11:13:38 22,320 ----a-w C:\WINDOWS\system32\drivers\symredrv.sys
    - 2008-02-05 19:34:43 188,464 ----a-w C:\WINDOWS\system32\drivers\symtdi.sys
    + 2008-06-13 11:13:40 184,240 ----a-w C:\WINDOWS\system32\drivers\symtdi.sys
    - 2008-09-17 10:02:37 98,256 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
    + 2008-09-18 14:01:28 99,048 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
    - 2008-05-16 11:01:00 425,984 ----a-w C:\WINDOWS\system32\keystone.exe
    + 2008-08-15 20:22:00 436,768 ----a-w C:\WINDOWS\system32\keystone.exe
    + 2008-03-25 03:21:18 2,889,088 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
    + 2008-03-25 03:21:20 218,496 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
    + 2008-09-17 12:40:35 70,264 ----a-w C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    - 2008-05-16 11:01:00 6,108,928 ----a-w C:\WINDOWS\system32\nv4_disp.dll
    + 2008-08-15 20:22:00 6,049,536 ----a-w C:\WINDOWS\system32\nv4_disp.dll
    - 2008-05-16 11:01:00 425,984 ----a-w C:\WINDOWS\system32\nvapi.dll
    + 2008-08-15 20:22:00 475,136 ----a-w C:\WINDOWS\system32\nvapi.dll
    - 2008-05-16 11:01:00 442,368 ----a-w C:\WINDOWS\system32\nvappbar.exe
    + 2008-08-15 20:22:00 449,056 ----a-w C:\WINDOWS\system32\nvappbar.exe
    - 2008-05-16 11:01:00 114,688 ----a-w C:\WINDOWS\system32\nvcod.dll
    + 2008-08-15 20:22:00 122,880 ----a-w C:\WINDOWS\system32\nvcod.dll
    - 2008-05-16 11:01:00 114,688 ----a-w C:\WINDOWS\system32\nvcodins.dll
    + 2008-08-15 20:22:00 122,880 ----a-w C:\WINDOWS\system32\nvcodins.dll
    - 2008-05-16 11:01:00 147,456 ----a-w C:\WINDOWS\system32\nvcolor.exe
    + 2008-08-15 20:22:00 143,360 ----a-w C:\WINDOWS\system32\nvcolor.exe
    - 2008-05-16 11:01:00 13,529,088 ----a-w C:\WINDOWS\system32\nvcpl.dll
    + 2008-08-15 20:22:00 13,570,048 ----a-w C:\WINDOWS\system32\nvcpl.dll
    - 2008-05-16 11:01:00 768,544 ----a-w C:\WINDOWS\system32\nvcplui.exe
    + 2008-08-15 20:22:00 797,216 ----a-w C:\WINDOWS\system32\nvcplui.exe
    - 2008-05-16 11:01:00 1,079,840 ----a-w C:\WINDOWS\system32\nvcpluir.dll
    + 2008-08-12 19:58:00 1,108,512 ----a-w C:\WINDOWS\system32\nvcpluir.dll
    - 2008-05-16 11:01:00 1,241,088 ----a-w C:\WINDOWS\system32\nvcuda.dll
    + 2008-08-15 20:22:00 1,368,064 ----a-w C:\WINDOWS\system32\nvcuda.dll
    - 2008-05-16 11:01:00 6,582,272 ----a-w C:\WINDOWS\system32\nvdisps.dll
    + 2008-08-15 20:22:00 3,989,504 ----a-w C:\WINDOWS\system32\nvdisps.dll
    - 2008-05-16 11:01:00 1,339,392 ----a-w C:\WINDOWS\system32\nvdspsch.exe
    + 2008-08-15 20:22:00 1,346,080 ----a-w C:\WINDOWS\system32\nvdspsch.exe
    - 2008-05-16 11:01:00 3,391,488 ----a-w C:\WINDOWS\system32\nvgames.dll
    + 2008-08-15 20:22:00 3,440,640 ----a-w C:\WINDOWS\system32\nvgames.dll
    - 2008-05-16 11:01:00 3,424,256 ----a-w C:\WINDOWS\system32\nvgamesr.dll
    + 2008-08-12 19:58:00 3,457,024 ----a-w C:\WINDOWS\system32\nvgamesr.dll
    - 2008-05-16 11:01:00 1,486,848 ----a-w C:\WINDOWS\system32\nview.dll
    + 2008-08-15 20:22:00 1,499,136 ----a-w C:\WINDOWS\system32\nview.dll
    - 2008-05-16 11:01:00 1,630,208 ----a-w C:\WINDOWS\system32\nwiz.exe
    + 2008-08-15 20:22:00 1,657,376 ----a-w C:\WINDOWS\system32\nwiz.exe
    - 2008-05-16 11:01:00 229,376 ----a-w C:\WINDOWS\system32\nvmccs.dll
    + 2008-08-15 20:22:00 229,376 ----a-w C:\WINDOWS\system32\nvmccs.dll
    - 2008-05-16 11:01:00 45,056 ----a-w C:\WINDOWS\system32\nvmccsrs.dll
    + 2008-08-15 20:22:00 45,056 ----a-w C:\WINDOWS\system32\nvmccsrs.dll
    - 2008-05-16 11:01:00 188,416 ----a-w C:\WINDOWS\system32\nvmccss.dll
    + 2008-08-15 20:22:00 188,416 ----a-w C:\WINDOWS\system32\nvmccss.dll
    - 2008-05-16 11:01:00 458,752 ----a-w C:\WINDOWS\system32\nvmccssr.dll
    + 2008-08-12 19:58:00 458,752 ----a-w C:\WINDOWS\system32\nvmccssr.dll
    - 2008-05-16 11:01:00 86,016 ----a-w C:\WINDOWS\system32\nvmctray.dll
    + 2008-08-15 20:22:00 86,016 ----a-w C:\WINDOWS\system32\nvmctray.dll
    - 2008-05-16 11:01:00 1,257,472 ----a-w C:\WINDOWS\system32\nvmobls.dll
    + 2008-08-15 20:22:00 1,257,472 ----a-w C:\WINDOWS\system32\nvmobls.dll
    - 2008-05-16 11:01:00 2,854,912 ----a-w C:\WINDOWS\system32\nvmoblsr.dll
    + 2008-08-12 19:58:00 2,854,912 ----a-w C:\WINDOWS\system32\nvmoblsr.dll
    - 2008-05-16 11:01:00 286,720 ----a-w C:\WINDOWS\system32\nvnt4cpl.dll
    + 2008-08-15 20:22:00 286,720 ----a-w C:\WINDOWS\system32\nvnt4cpl.dll
    - 2008-05-16 11:01:00 8,769,536 ----a-w C:\WINDOWS\system32\nvoglnt.dll
    + 2008-08-15 20:22:00 8,822,784 ----a-w C:\WINDOWS\system32\nvoglnt.dll
    - 2008-05-16 11:01:00 327,680 ----a-w C:\WINDOWS\system32\nvrsar.dll
    + 2008-08-12 19:58:00 331,776 ----a-w C:\WINDOWS\system32\nvrsar.dll
    - 2008-05-16 11:01:00 249,856 ----a-w C:\WINDOWS\system32\nvrscs.dll
    + 2008-08-12 19:58:00 245,760 ----a-w C:\WINDOWS\system32\nvrscs.dll
    - 2008-05-16 11:01:00 253,952 ----a-w C:\WINDOWS\system32\nvrsda.dll
    + 2008-08-12 19:58:00 253,952 ----a-w C:\WINDOWS\system32\nvrsda.dll
    - 2008-05-16 11:01:00 278,528 ----a-w C:\WINDOWS\system32\nvrsde.dll
    + 2008-08-12 19:58:00 278,528 ----a-w C:\WINDOWS\system32\nvrsde.dll
    - 2008-05-16 11:01:00 282,624 ----a-w C:\WINDOWS\system32\nvrsel.dll
    + 2008-08-12 19:58:00 282,624 ----a-w C:\WINDOWS\system32\nvrsel.dll
    - 2008-05-16 11:01:00 249,856 ----a-w C:\WINDOWS\system32\nvrseng.dll
    + 2008-08-12 19:58:00 245,760 ----a-w C:\WINDOWS\system32\nvrseng.dll
    - 2008-05-16 11:01:00 282,624 ----a-w C:\WINDOWS\system32\nvrses.dll
    + 2008-08-12 19:58:00 282,624 ----a-w C:\WINDOWS\system32\nvrses.dll
    - 2008-05-16 11:01:00 274,432 ----a-w C:\WINDOWS\system32\nvrsesm.dll
    + 2008-08-12 19:58:00 274,432 ----a-w C:\WINDOWS\system32\nvrsesm.dll
    - 2008-05-16 11:01:00 249,856 ----a-w C:\WINDOWS\system32\nvrsfi.dll
    + 2008-08-12 19:58:00 249,856 ----a-w C:\WINDOWS\system32\nvrsfi.dll
    - 2008-05-16 11:01:00 286,720 ----a-w C:\WINDOWS\system32\nvrsfr.dll
    + 2008-08-12 19:58:00 282,624 ----a-w C:\WINDOWS\system32\nvrsfr.dll
    - 2008-05-16 11:01:00 327,680 ----a-w C:\WINDOWS\system32\nvrshe.dll
    + 2008-08-12 19:58:00 331,776 ----a-w C:\WINDOWS\system32\nvrshe.dll
    - 2008-05-16 11:01:00 258,048 ----a-w C:\WINDOWS\system32\nvrshu.dll
    + 2008-08-12 19:58:00 258,048 ----a-w C:\WINDOWS\system32\nvrshu.dll
    - 2008-05-16 11:01:00 282,624 ----a-w C:\WINDOWS\system32\nvrsit.dll
    + 2008-08-12 19:58:00 278,528 ----a-w C:\WINDOWS\system32\nvrsit.dll
    - 2008-05-16 11:01:00 266,240 ----a-w C:\WINDOWS\system32\nvrsja.dll
    + 2008-08-12 19:58:00 270,336 ----a-w C:\WINDOWS\system32\nvrsja.dll
    - 2008-05-16 11:01:00 258,048 ----a-w C:\WINDOWS\system32\nvrsko.dll
    + 2008-08-12 19:58:00 262,144 ----a-w C:\WINDOWS\system32\nvrsko.dll
    - 2008-05-16 11:01:00 274,432 ----a-w C:\WINDOWS\system32\nvrsnl.dll
    + 2008-08-12 19:58:00 274,432 ----a-w C:\WINDOWS\system32\nvrsnl.dll
    - 2008-05-16 11:01:00 253,952 ----a-w C:\WINDOWS\system32\nvrsno.dll
    + 2008-08-12 19:58:00 253,952 ----a-w C:\WINDOWS\system32\nvrsno.dll
    - 2008-05-16 11:01:00 258,048 ----a-w C:\WINDOWS\system32\nvrspl.dll
    + 2008-08-12 19:58:00 253,952 ----a-w C:\WINDOWS\system32\nvrspl.dll
    - 2008-05-16 11:01:00 274,432 ----a-w C:\WINDOWS\system32\nvrspt.dll
    + 2008-08-12 19:58:00 270,336 ----a-w C:\WINDOWS\system32\nvrspt.dll
    - 2008-05-16 11:01:00 266,240 ----a-w C:\WINDOWS\system32\nvrsptb.dll
    + 2008-08-12 19:58:00 266,240 ----a-w C:\WINDOWS\system32\nvrsptb.dll
    - 2008-05-16 11:01:00 270,336 ----a-w C:\WINDOWS\system32\nvrsru.dll
    + 2008-08-12 19:58:00 266,240 ----a-w C:\WINDOWS\system32\nvrsru.dll
    - 2008-05-16 11:01:00 258,048 ----a-w C:\WINDOWS\system32\nvrssk.dll
    + 2008-08-12 19:58:00 258,048 ----a-w C:\WINDOWS\system32\nvrssk.dll
    - 2008-05-16 11:01:00 258,048 ----a-w C:\WINDOWS\system32\nvrssl.dll
    + 2008-08-12 19:58:00 258,048 ----a-w C:\WINDOWS\system32\nvrssl.dll
    - 2008-05-16 11:01:00 253,952 ----a-w C:\WINDOWS\system32\nvrssv.dll
    + 2008-08-12 19:58:00 253,952 ----a-w C:\WINDOWS\system32\nvrssv.dll
    - 2008-05-16 11:01:00 253,952 ----a-w C:\WINDOWS\system32\nvrsth.dll
    + 2008-08-12 19:58:00 253,952 ----a-w C:\WINDOWS\system32\nvrsth.dll
    - 2008-05-16 11:01:00 258,048 ----a-w C:\WINDOWS\system32\nvrstr.dll
    + 2008-08-12 19:58:00 253,952 ----a-w C:\WINDOWS\system32\nvrstr.dll
    - 2008-05-16 11:01:00 225,280 ----a-w C:\WINDOWS\system32\nvrszhc.dll
    + 2008-08-12 19:58:00 225,280 ----a-w C:\WINDOWS\system32\nvrszhc.dll
    - 2008-05-16 11:01:00 126,976 ----a-w C:\WINDOWS\system32\nvrszht.dll
    + 2008-08-12 19:58:00 122,880 ----a-w C:\WINDOWS\system32\nvrszht.dll
    - 2008-05-16 11:01:00 466,944 ----a-w C:\WINDOWS\system32\nvshell.dll
    + 2008-08-15 20:22:00 466,944 ----a-w C:\WINDOWS\system32\nvshell.dll
    - 2008-05-16 11:01:00 159,812 ----a-w C:\WINDOWS\system32\nvsvc32.exe
    + 2008-08-15 20:22:00 163,908 ----a-w C:\WINDOWS\system32\nvsvc32.exe
    - 2008-05-16 11:01:00 81,920 ----a-w C:\WINDOWS\system32\nvwddi.dll
    + 2008-08-15 20:22:00 81,920 ----a-w C:\WINDOWS\system32\nvwddi.dll
    - 2008-05-16 11:01:00 1,703,936 ----a-w C:\WINDOWS\system32\nvwdmcpl.dll
    + 2008-08-15 20:22:00 1,724,416 ----a-w C:\WINDOWS\system32\nvwdmcpl.dll
    - 2008-05-16 11:01:00 1,019,904 ----a-w C:\WINDOWS\system32\nvwimg.dll
    + 2008-08-15 20:22:00 1,101,824 ----a-w C:\WINDOWS\system32\nvwimg.dll
    - 2008-05-16 11:01:00 3,776,512 ----a-w C:\WINDOWS\system32\nvvitvs.dll
    + 2008-08-15 20:22:00 3,764,224 ----a-w C:\WINDOWS\system32\nvvitvs.dll
    - 2008-05-16 11:01:00 4,136,960 ----a-w C:\WINDOWS\system32\nvvitvsr.dll
    + 2008-08-12 19:58:00 4,149,248 ----a-w C:\WINDOWS\system32\nvvitvsr.dll
    - 2008-05-16 11:01:00 282,624 ----a-w C:\WINDOWS\system32\nvwrsar.dll
    + 2008-08-12 19:58:00 282,624 ----a-w C:\WINDOWS\system32\nvwrsar.dll
    - 2008-05-16 11:01:00 286,720 ----a-w C:\WINDOWS\system32\nvwrscs.dll
    + 2008-08-12 19:58:00 286,720 ----a-w C:\WINDOWS\system32\nvwrscs.dll
    - 2008-05-16 11:01:00 294,912 ----a-w C:\WINDOWS\system32\nvwrsda.dll
    + 2008-08-12 19:58:00 294,912 ----a-w C:\WINDOWS\system32\nvwrsda.dll
    - 2008-05-16 11:01:00 311,296 ----a-w C:\WINDOWS\system32\nvwrsde.dll
    + 2008-08-12 19:58:00 311,296 ----a-w C:\WINDOWS\system32\nvwrsde.dll
    - 2008-05-16 11:01:00 335,872 ----a-w C:\WINDOWS\system32\nvwrsel.dll
    + 2008-08-12 19:58:00 335,872 ----a-w C:\WINDOWS\system32\nvwrsel.dll
    - 2008-05-16 11:01:00 286,720 ----a-w C:\WINDOWS\system32\nvwrseng.dll
    + 2008-08-12 19:58:00 286,720 ----a-w C:\WINDOWS\system32\nvwrseng.dll
    - 2008-05-16 11:01:00 335,872 ----a-w C:\WINDOWS\system32\nvwrses.dll
    + 2008-08-12 19:58:00 335,872 ----a-w C:\WINDOWS\system32\nvwrses.dll
    - 2008-05-16 11:01:00 327,680 ----a-w C:\WINDOWS\system32\nvwrsesm.dll
    + 2008-08-12 19:58:00 327,680 ----a-w C:\WINDOWS\system32\nvwrsesm.dll
    - 2008-05-16 11:01:00 303,104 ----a-w C:\WINDOWS\system32\nvwrsfi.dll
    + 2008-08-12 19:58:00 303,104 ----a-w C:\WINDOWS\system32\nvwrsfi.dll
    - 2008-05-16 11:01:00 327,680 ----a-w C:\WINDOWS\system32\nvwrsfr.dll
    + 2008-08-12 19:58:00 327,680 ----a-w C:\WINDOWS\system32\nvwrsfr.dll
    - 2008-05-16 11:01:00 278,528 ----a-w C:\WINDOWS\system32\nvwrshe.dll
    + 2008-08-12 19:58:00 278,528 ----a-w C:\WINDOWS\system32\nvwrshe.dll
    - 2008-05-16 11:01:00 315,392 ----a-w C:\WINDOWS\system32\nvwrshu.dll
    + 2008-08-12 19:58:00 315,392 ----a-w C:\WINDOWS\system32\nvwrshu.dll
    - 2008-05-16 11:01:00 323,584 ----a-w C:\WINDOWS\system32\nvwrsit.dll
    + 2008-08-12 19:58:00 323,584 ----a-w C:\WINDOWS\system32\nvwrsit.dll
    - 2008-05-16 11:01:00 212,992 ----a-w C:\WINDOWS\system32\nvwrsja.dll
    + 2008-08-12 19:58:00 212,992 ----a-w C:\WINDOWS\system32\nvwrsja.dll
    - 2008-05-16 11:01:00 196,608 ----a-w C:\WINDOWS\system32\nvwrsko.dll
    + 2008-08-12 19:58:00 196,608 ----a-w C:\WINDOWS\system32\nvwrsko.dll
    - 2008-05-16 11:01:00 319,488 ----a-w C:\WINDOWS\system32\nvwrsnl.dll
    + 2008-08-12 19:58:00 319,488 ----a-w C:\WINDOWS\system32\nvwrsnl.dll
    - 2008-05-16 11:01:00 299,008 ----a-w C:\WINDOWS\system32\nvwrsno.dll
    + 2008-08-12 19:58:00 299,008 ----a-w C:\WINDOWS\system32\nvwrsno.dll
    - 2008-05-16 11:01:00 294,912 ----a-w C:\WINDOWS\system32\nvwrspl.dll
    + 2008-08-12 19:58:00 294,912 ----a-w C:\WINDOWS\system32\nvwrspl.dll
    - 2008-05-16 11:01:00 323,584 ----a-w C:\WINDOWS\system32\nvwrspt.dll
    + 2008-08-12 19:58:00 323,584 ----a-w C:\WINDOWS\system32\nvwrspt.dll
    - 2008-05-16 11:01:00 319,488 ----a-w C:\WINDOWS\system32\nvwrsptb.dll
    + 2008-08-12 19:58:00 319,488 ----a-w C:\WINDOWS\system32\nvwrsptb.dll
    - 2008-05-16 11:01:00 315,392 ----a-w C:\WINDOWS\system32\nvwrsru.dll
    + 2008-08-12 19:58:00 315,392 ----a-w C:\WINDOWS\system32\nvwrsru.dll
    - 2008-05-16 11:01:00 299,008 ----a-w C:\WINDOWS\system32\nvwrssk.dll
    + 2008-08-12 19:58:00 299,008 ----a-w C:\WINDOWS\system32\nvwrssk.dll
    - 2008-05-16 11:01:00 303,104 ----a-w C:\WINDOWS\system32\nvwrssl.dll
    + 2008-08-12 19:58:00 303,104 ----a-w C:\WINDOWS\system32\nvwrssl.dll
    - 2008-05-16 11:01:00 294,912 ----a-w C:\WINDOWS\system32\nvwrssv.dll
    + 2008-08-12 19:58:00 294,912 ----a-w C:\WINDOWS\system32\nvwrssv.dll
    - 2008-05-16 11:01:00 290,816 ----a-w C:\WINDOWS\system32\nvwrsth.dll
    + 2008-08-12 19:58:00 290,816 ----a-w C:\WINDOWS\system32\nvwrsth.dll
    - 2008-05-16 11:01:00 303,104 ----a-w C:\WINDOWS\system32\nvwrstr.dll
    + 2008-08-12 19:58:00 303,104 ----a-w C:\WINDOWS\system32\nvwrstr.dll
    - 2008-05-16 11:01:00 163,840 ----a-w C:\WINDOWS\system32\nvwrszhc.dll
    + 2008-08-12 19:58:00 163,840 ----a-w C:\WINDOWS\system32\nvwrszhc.dll
    - 2008-05-16 11:01:00 167,936 ----a-w C:\WINDOWS\system32\nvwrszht.dll
    + 2008-08-12 19:58:00 167,936 ----a-w C:\WINDOWS\system32\nvwrszht.dll
    - 2008-05-16 11:01:00 2,629,632 ----a-w C:\WINDOWS\system32\nvwss.dll
    + 2008-08-15 20:22:00 2,686,976 ----a-w C:\WINDOWS\system32\nvwss.dll
    - 2008-05-16 11:01:00 2,670,592 ----a-w C:\WINDOWS\system32\nvwssr.dll
    + 2008-08-12 19:58:00 2,981,888 ----a-w C:\WINDOWS\system32\nvwssr.dll
    - 2008-09-17 10:07:05 59,916 ----a-w C:\WINDOWS\system32\perfc009.dat
    + 2008-09-17 10:40:04 59,916 ----a-w C:\WINDOWS\system32\perfc009.dat
    - 2008-09-17 10:07:05 73,016 ----a-w C:\WINDOWS\system32\perfc00B.dat
    + 2008-09-17 10:40:04 73,016 ----a-w C:\WINDOWS\system32\perfc00B.dat
    - 2008-09-17 10:07:05 397,696 ----a-w C:\WINDOWS\system32\perfh009.dat
    + 2008-09-17 10:40:04 397,696 ----a-w C:\WINDOWS\system32\perfh009.dat
    - 2008-09-17 10:07:05 372,472 ----a-w C:\WINDOWS\system32\perfh00B.dat
    + 2008-09-17 10:40:04 372,472 ----a-w C:\WINDOWS\system32\perfh00B.dat
    + 2008-06-05 05:58:26 197,912 ----a-w C:\WINDOWS\system32\physxcudart_20.dll
    + 2008-08-12 19:58:00 6,053,504 ----a-w C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\nv4_disp.dll
    + 2008-08-12 19:58:00 6,113,760 ----a-w C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\nv4_mini.sys
    + 2008-08-12 19:58:00 475,136 ----a-w C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\nvapi.dll
    + 2008-08-12 19:58:00 122,880 ----a-w C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\nvcod.dll
    + 2008-08-12 19:58:00 13,570,048 ----a-w C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\nvcpl.dll
    + 2008-08-12 19:58:00 1,368,064 ----a-w C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\nvcuda.dll
    + 2008-08-12 19:58:00 3,989,504 ----a-w C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\nvdisps.dll
    + 2008-08-12 19:58:00 5,799,936 ----a-w C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\nvdispsr.dll
    + 2008-08-12 19:58:00 3,440,640 ----a-w C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\nvgames.dll
    + 2008-08-12 19:58:00 3,457,024 ----a-w C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\nvgamesr.dll
    + 2008-08-12 19:58:00 229,376 ----a-w C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\nvmccs.dll
    + 2008-08-12 19:58:00 188,416 ----a-w C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\nvmccss.dll
    + 2008-08-12 19:58:00 458,752 ----a-w C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\nvmccssr.dll
    + 2008-08-12 19:58:00 86,016 ----a-w C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\nvmctray.dll
    + 2008-08-12 19:58:00 1,257,472 ----a-w C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\nvmobls.dll
    + 2008-08-12 19:58:00 2,854,912 ----a-w C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\nvmoblsr.dll
    + 2008-08-12 19:58:00 286,720 ----a-w C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\nvnt4cpl.dll
    + 2008-08-12 19:58:00 9,281,536 ----a-w C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\nvoglnt.dll
    + 2008-08-12 19:58:00 163,908 ----a-w C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\nvsvc32.exe
    + 2008-08-12 19:58:00 81,920 ----a-w C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\nvwddi.dll
    + 2008-08-12 19:58:00 3,764,224 ----a-w C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\nvvitvs.dll
    + 2008-08-12 19:58:00 4,149,248 ----a-w C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\nvvitvsr.dll
    + 2008-08-12 19:58:00 2,686,976 ----a-w C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\nvwss.dll
    + 2008-08-12 19:58:00 2,981,888 ----a-w C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\nvwssr.dll
    + 2008-07-18 19:10:20 36,552 ----a-w C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.2.6001.784\wups.dll
    + 2008-07-18 19:10:40 45,768 ----a-w C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.2.6001.784\wups2.dll
    - 2008-02-20 01:06:11 579,464 ----a-w C:\WINDOWS\system32\SymNeti.dll
    + 2008-06-13 11:45:48 579,464 ----a-w C:\WINDOWS\system32\SymNeti.dll
    - 2008-02-20 01:06:11 207,240 ----a-w C:\WINDOWS\system32\SymRedir.dll
    + 2008-06-13 11:45:44 207,240 ----a-w C:\WINDOWS\system32\SymRedir.dll
    + 2008-09-23 07:18:38 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_664.dat
    .
    -- Snapshot reset to current date --
    .
    (((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä
    REGEDIT4

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayExcluded]
    @="{4433A54A-1AC8-432F-90FC-85F045CF383C}"
    [HKEY_CLASSES_ROOT\CLSID\{4433A54A-1AC8-432F-90FC-85F045CF383C}]
    2008-02-26 11:34 576352 --a------ C:\Program Files\Common Files\Symantec Shared\Backup\buShell.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayPending]
    @="{F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225}"
    [HKEY_CLASSES_ROOT\CLSID\{F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225}]
    2008-02-26 11:34 576352 --a------ C:\Program Files\Common Files\Symantec Shared\Backup\buShell.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayProtected]
    @="{476D0EA3-80F9-48B5-B70B-05E677C9C148}"
    [HKEY_CLASSES_ROOT\CLSID\{476D0EA3-80F9-48B5-B70B-05E677C9C148}]
    2008-02-26 11:34 576352 --a------ C:\Program Files\Common Files\Symantec Shared\Backup\buShell.dll

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 15360]
    "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 1694208]
    "BitTorrent DNA"="C:\Program Files\DNA\btdna.exe" [2008-09-17 289088]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" [2006-03-02 208952]
    "PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2006-03-02 455168]
    "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2006-03-02 455168]
    "SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2006-12-18 868352]
    "AsusServiceProvider"="C:\Program Files\ASUS\AASP\1.00.23\aaCenter.exe" [2007-01-05 597504]
    "AsusStartupHelp"="C:\Program Files\ASUS\AASP\1.00.23\AsRunHelp.exe" [2006-12-29 363008]
    "Ai Nap"="C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe" [2007-01-11 1423360]
    "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-08-15 13570048]
    "ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2008-02-18 51048]
    "osCheck"="C:\Program Files\Norton 360\osCheck.exe" [2008-02-26 988512]
    "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2008-08-15 86016]
    "JMB36X IDE Setup"="C:\WINDOWS\RaidTool\xInsIDE.exe" [2008-09-17 36864]
    "36X Raid Configurer"="C:\WINDOWS\system32\xRaidSetup.exe" [2008-09-17 1953792]
    "nwiz"="nwiz.exe" [2008-08-15 C:\WINDOWS\system32\nwiz.exe]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 15360]

    C:\Documents and Settings\All Users\K„ynnist„-valikko\Ohjelmat\K„ynnistys\
    Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Program Files\\DNA\\btdna.exe"=
    "D:\\Ohjelmat\\Torrent\\BitTorrent\\bittorrent.exe"=
    "C:\\Program Files\\Messenger\\msmsgs.exe"=

    R2 LiveUpdate Notice;LiveUpdate Notice;C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-02-18 149352]
    R3 COH_Mon;COH_Mon;C:\WINDOWS\system32\Drivers\COH_Mon.sys [2008-07-30 23888]

    *Newly Created Service* - COMHOST
    .
    .
    ------- Täydentävä tarkistus -------
    .
    FireFox -: Profile - C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\sjyz7jnx.default\
    FF -: plugin - C:\Program Files\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll
    FF -: plugin - C:\Program Files\DNA\plugins\npbtdna.dll
    FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
    .

    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-09-23 17:20:16
    Windows 5.1.2600 Service Pack 2 NTFS

    tarkistaa piilotettuja prosesseja ...

    tarkistaa piilotettuja käynnistysarvoja ...

    tarkistaa piilotettuja tiedostoja ...

    tarkistus on valmis
    piilotetut tiedostot: 0

    **************************************************************************
    .
    Valmistumisajankohta: 2008-09-23 17:20:37
    ComboFix-quarantined-files.txt 2008-09-23 14:20:35
    ComboFix2.txt 2008-09-17 10:27:37

    Pre-Run: 36,190,576,640 tavua vapaana
    Post-Run: 36,194,463,744 tavua vapaana

    540 --- E O F --- 2008-09-18 03:59:29
     
  2. Hujo

    Hujo Guest

    Lataa TÄSTÄ HJTInstall.exe

    * Tallenna HJTInstall.exe työpöydällesi.
    * Tuplaklikkaa HJTInstall.exe-kuvaketta työpöydälläsi.
    * Oletuksena se asentaa itsensä hakemistoon C:\Program Files\Trend Micro\HijackThis.
    * Klikkaa Install.
    * Asennusohjelma luo HijackThis-kuvakkeen työpöydälle.
    * Kun asennus on valmis, se käynnistää HijackThisin.
    * Klikkaa Do a system scan and save a logfile-painiketta. Ohjelma aloittaa skannauksen ja lokin pitäisi avautua Muistioon.
    * Klikkaa ensin "Muokkaa > Valitse kaikki" sitten "Muokkaa > Kopioi" kopioidaksesi koko lokin sisällön.
    * Liitä lokin sisältö seuraavaan vastaukseesi.
    * ÄLÄ käytä Analyse This-nappulaa, sen löydöt ovat vaarallisia väärinymmärrettyinä.
    * ÄLÄ fixaa HijackThis-ohjelmalla vielä mitään. Suurin osa sen löydöistä ovat joko harmittomia tai jopa tarpeellisia.
     

Share This Page