ComboFix 08-09-16.03 - Omistaja 2008-09-23 17:19:14.2 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1035.18.1519 [GMT 3:00] Sijainti: D:\Ohjelmat\ComboFix.exe VAROITUS - PALAUTUSKONSOLIA EI OLE ASENNETTU !! . ((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2008-08-23 to 2008-09-23 ))))))))))))))))) . 2008-09-23 11:36 . 2008-09-23 12:01 <KANSIO> d-------- C:\Documents and Settings\Omistaja\Application Data\LimeWire 2008-09-22 17:15 . 2008-09-22 17:15 <KANSIO> d-------- C:\Documents and Settings\Omistaja\Application Data\AdobeUM 2008-09-19 16:52 . 2008-09-19 16:52 <KANSIO> d-------- C:\Program Files\Games-Masters.com 2008-09-18 22:31 . 2008-09-18 22:31 <KANSIO> d-------- C:\WINDOWS\system32\Adobe 2008-09-18 06:35 . 2008-09-18 06:35 <KANSIO> d-------- C:\Program Files\Common Files\INCA Shared 2008-09-18 06:35 . 2003-07-21 06:17 5,174 --a------ C:\WINDOWS\system32\nppt9x.vxd 2008-09-18 06:35 . 2005-01-04 21:43 4,682 --a------ C:\WINDOWS\system32\npptNT2.sys 2008-09-17 15:11 . 2008-09-17 15:11 <KANSIO> d-------- C:\WINDOWS\RaidTool 2008-09-17 15:11 . 2008-09-17 15:11 <KANSIO> d-------- C:\RaidTool 2008-09-17 15:11 . 2008-09-17 15:10 1,953,792 --a------ C:\WINDOWS\system32\xRaidSetup.exe 2008-09-17 15:11 . 2008-09-17 15:10 143,360 --a------ C:\WINDOWS\system32\xRaidAPI.dll 2008-09-17 15:04 . 2008-09-17 15:04 <KANSIO> d-------- C:\WINDOWS\system32\AGEIA 2008-09-17 15:04 . 2008-09-17 15:04 <KANSIO> d-------- C:\Program Files\Common Files\Wise Installation Wizard 2008-09-17 15:04 . 2008-09-17 15:04 <KANSIO> d-------- C:\Program Files\AGEIA Technologies 2008-09-17 14:03 . 2008-08-15 23:22 198,941 --a------ C:\WINDOWS\system32\nvapps.nvb 2008-09-17 13:34 . 2008-09-17 13:34 <KANSIO> d-------- C:\WINDOWS\ERUNT 2008-09-17 13:34 . 2008-09-17 13:38 <KANSIO> d-------- C:\SDFix 2008-09-17 13:17 . 2008-09-17 13:17 <KANSIO> d-------- C:\Program Files\DNA 2008-09-17 13:17 . 2008-09-23 17:19 <KANSIO> d-------- C:\Documents and Settings\Omistaja\Application Data\DNA 2008-09-17 13:17 . 2008-09-23 17:16 <KANSIO> d-------- C:\Documents and Settings\Omistaja\Application Data\BitTorrent 2008-09-17 13:10 . 2008-09-17 13:12 <KANSIO> d-------- C:\Documents and Settings\Omistaja\Application Data\uTorrent 2008-09-16 22:01 . 2008-09-16 22:01 0 --a------ C:\WINDOWS\nsreg.dat 2008-09-16 20:03 . 2008-09-16 20:03 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\InstallShield 2008-09-16 12:21 . 2008-09-16 12:21 <KANSIO> d-------- C:\Program Files\Windows Sidebar 2008-09-16 12:21 . 2008-09-17 10:41 <KANSIO> d-------- C:\Program Files\Norton 360 2008-09-16 12:20 . 2008-09-22 17:16 <KANSIO> d-------- C:\Program Files\Symantec 2008-09-16 12:20 . 2008-09-22 17:14 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Symantec 2008-09-16 12:20 . 2008-09-22 17:16 123,952 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS 2008-09-16 12:20 . 2008-09-22 17:16 60,800 --a------ C:\WINDOWS\system32\S32EVNT1.DLL 2008-09-16 12:20 . 2008-09-22 17:16 10,671 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.CAT 2008-09-16 12:20 . 2008-09-22 17:16 805 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.INF 2008-09-16 11:54 . 2008-09-16 11:55 <KANSIO> d-------- C:\Program Files\Java 2008-09-16 11:54 . 2008-09-16 11:54 <KANSIO> d-------- C:\Program Files\Common Files\Java 2008-09-16 11:11 . 2008-09-16 12:23 <KANSIO> d-------- C:\WINDOWS\system32\CatRoot_bak 2008-09-16 11:08 . 2008-06-14 20:59 272,128 --------- C:\WINDOWS\system32\drivers\bthport.sys 2008-09-16 11:08 . 2008-06-14 20:59 272,128 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys 2008-09-14 18:28 . 2008-09-16 11:12 <KANSIO> d-------- C:\WINDOWS\system32\fi-fi 2008-09-14 18:26 . 2006-03-02 15:00 49,152 --a------ C:\WINDOWS\system32\SET91.tmp 2008-09-14 18:26 . 2006-03-02 15:00 28,672 --a--c--- C:\WINDOWS\system32\dllcache\SET9A.tmp 2008-09-14 18:24 . 2008-06-23 19:29 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll 2008-09-14 18:24 . 2007-04-17 12:32 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat 2008-09-14 18:24 . 2007-03-08 08:10 1,011,712 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui 2008-09-14 18:24 . 2008-06-23 19:29 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll 2008-09-14 18:24 . 2008-06-23 19:29 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll 2008-09-14 18:24 . 2008-06-23 19:29 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll 2008-09-14 18:24 . 2008-06-23 19:29 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll 2008-09-14 18:24 . 2008-06-23 19:29 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll 2008-09-14 18:24 . 2008-06-23 12:20 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe 2008-09-14 18:23 . 2006-03-24 07:37 49,152 --a------ C:\WINDOWS\system32\SET8E.tmp 2008-09-14 18:23 . 2006-06-02 22:32 33,792 --a--c--- C:\WINDOWS\system32\dllcache\SET98.tmp 2008-09-14 18:03 . 2006-03-02 15:00 13,463,552 --a--c--- C:\WINDOWS\system32\dllcache\hwxjpn.dll 2008-09-14 18:00 . 2001-08-18 00:59 3,072 --a------ C:\WINDOWS\system32\drivers\audstub.sys 2008-09-14 16:21 . 2008-09-14 16:21 <KANSIO> d-------- C:\WINDOWS\system32\Futuremark 2008-09-14 16:21 . 2008-09-14 16:21 <KANSIO> d-------- C:\Documents and Settings\Omistaja\Application Data\InstallShield 2008-09-14 16:21 . 2007-08-20 11:05 27,672 -ra------ C:\WINDOWS\system32\drivers\Entech.sys 2008-09-14 16:07 . 2008-09-17 15:07 <KANSIO> d-------- C:\WINDOWS\nview 2008-09-14 16:07 . 2008-08-06 07:51 453,152 --a------ C:\WINDOWS\system32\NVUNINST.EXE 2008-09-14 16:07 . 2008-08-12 22:58 453,152 --a------ C:\WINDOWS\system32\nvudisp.exe 2008-09-14 16:07 . 2008-09-23 10:19 192,809 --a------ C:\WINDOWS\system32\nvapps.xml 2008-09-14 16:07 . 2008-08-15 23:22 18,335 --a------ C:\WINDOWS\system32\nvdisp.nvu 2008-09-14 16:06 . 2008-09-14 16:06 <KANSIO> d-------- C:\NVIDIA . (((((((((((((((((((((((((((((((((((( Find3M-raportti )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-09-23 14:20 --------- d-----w C:\Program Files\Common Files\Symantec Shared 2008-09-17 13:13 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-09-17 12:10 6,912 ----a-w C:\WINDOWS\system32\drivers\JGOGO.sys 2008-09-17 12:10 46,208 ----a-w C:\WINDOWS\system32\drivers\jraid.sys 2008-09-16 17:01 --------- d-----w C:\Program Files\Common Files\InstallShield 2008-09-16 11:47 --------- d-----w C:\Documents and Settings\Omistaja\Application Data\Symantec 2008-09-14 12:46 --------- d-----w C:\Program Files\SystemRequirementsLab 2008-09-14 12:29 --------- d-----w C:\Program Files\Common Files\Adobe 2008-09-14 12:21 --------- d-----w C:\Program Files\ASUS 2008-09-14 12:17 --------- d-----w C:\Program Files\Realtek 2008-09-14 12:17 --------- d-----w C:\Program Files\Analog Devices 2008-09-14 12:10 --------- d-----w C:\Program Files\microsoft frontpage 2008-08-12 19:58 5,799,936 ----a-w C:\WINDOWS\system32\nvdispsr.dll 2008-08-01 08:05 70,936 ----a-w C:\WINDOWS\system32\PhysXLoader.dll 2008-07-30 14:42 23,888 ----a-w C:\WINDOWS\system32\drivers\COH_Mon.sys 2008-07-30 14:28 706 ----a-w C:\WINDOWS\system32\drivers\COH_Mon.inf 2008-07-30 14:28 10,537 ----a-w C:\WINDOWS\system32\drivers\coh_mon.cat 2008-07-18 19:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll 2008-07-18 19:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe 2008-07-18 19:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll 2008-07-18 19:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll 2008-07-18 19:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll 2008-07-18 19:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll 2008-07-18 19:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll 2008-07-18 19:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll 2008-07-07 20:31 253,952 ----a-w C:\WINDOWS\system32\es.dll 2008-06-24 16:23 74,240 ----a-w C:\WINDOWS\system32\mscms.dll 2008-06-23 16:29 826,368 ----a-w C:\WINDOWS\system32\wininet.dll . ((((((((((((((((((((((((((((( snapshot@2008-09-17_13.27.29.07 ))))))))))))))))))))))))))))))))))))))))) . + 2006-10-12 13:55:59 42,496 ----a-w C:\WINDOWS\$hf_mig$\KB920213\SP2QFE\agentdp2.dll + 2006-10-12 13:55:59 57,344 ----a-w C:\WINDOWS\$hf_mig$\KB920213\SP2QFE\agentdpv.dll + 2006-10-12 11:54:07 256,512 ----a-w C:\WINDOWS\$hf_mig$\KB920213\SP2QFE\agentsvr.exe + 2006-10-16 11:19:07 254,464 ----a-w C:\WINDOWS\$hf_mig$\KB920213\SP2QFE\spru040b.dll + 2005-10-12 23:18:02 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB920213\spmsg.dll + 2005-10-12 23:18:03 214,752 ----a-w C:\WINDOWS\$hf_mig$\KB920213\spuninst.exe + 2005-10-12 23:18:02 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB920213\update\spcustom.dll + 2005-10-12 23:18:05 717,536 ----a-w C:\WINDOWS\$hf_mig$\KB920213\update\update.exe + 2005-10-12 23:18:08 380,640 ----a-w C:\WINDOWS\$hf_mig$\KB920213\update\updspapi.dll + 2008-09-17 11:18:16 27,136 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\c6772fd12a581ad3be49e3f2a80b5622\Accessibility.ni.dll + 2008-09-17 11:18:19 884,736 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\a1d353edc300e3aff0784202f68a657b\AspNetMMCExt.ni.dll + 2008-09-17 11:18:19 237,568 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\c10ec9b4de2b366236ec83237dc31281\CustomMarshalers.ni.dll + 2008-09-17 11:18:19 15,360 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\dfsvc\837fe02bdcf637d5bf1e5ffb935ebb80\dfsvc.ni.exe + 2008-09-17 11:18:21 876,544 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\9710a3c0d11dd264c3a6b88977699e9b\Microsoft.Build.Engine.ni.dll + 2008-09-17 11:18:21 81,920 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e2858a45971fb30b0c0523dbb52c1d4e\Microsoft.Build.Framework.ni.dll + 2008-09-17 11:18:23 1,695,744 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\63d69ffdf3c640d2d104a4b74e8115f8\Microsoft.Build.Tasks.ni.dll + 2008-09-17 11:18:23 167,936 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\11cb5418c06e30100616fbf205588489\Microsoft.Build.Utilities.ni.dll + 2008-09-17 11:18:25 1,740,800 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\923bd55258380eae77353d36a5a1b08f\Microsoft.VisualBasic.ni.dll + 2008-09-17 11:18:26 1,011,712 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\eee9b48577689e92db5a7b5c5de98d9b\System.Configuration.ni.dll + 2008-09-17 11:18:27 1,798,144 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Deployment\c7dea4895e1fa33d65e448c03de48d26\System.Deployment.ni.dll + 2008-09-17 11:18:28 1,224,704 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\914668b240550f529e54bb772c6fc881\System.DirectoryServices.ni.dll + 2008-09-17 11:18:28 512,000 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\f11bc82c09955cb8438d3885a99c297d\System.DirectoryServices.Protocols.ni.dll + 2008-09-17 11:18:29 659,456 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\646131eda5f21f4e6216733d49c22c56\System.EnterpriseServices.ni.dll + 2008-09-17 11:18:29 294,912 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\646131eda5f21f4e6216733d49c22c56\System.EnterpriseServices.Wrapper.dll + 2008-09-17 11:18:30 733,184 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Security\2b5994269cc5b996231c9b21afea9a91\System.Security.ni.dll + 2008-09-17 11:18:30 233,472 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\193ac978af569ad9ee45110b359961b9\System.ServiceProcess.ni.dll + 2008-09-17 11:18:31 679,936 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\12e0aa1030badf4524f897e3f57b037a\System.Transactions.ni.dll + 2008-09-17 11:18:41 2,342,912 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\37d87b3cab1c66ec4430ebb2abeaa570\System.Web.Mobile.ni.dll + 2008-09-17 11:18:41 237,568 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\b5b81faf46fc63c20d5339b36edd02fa\System.Web.RegularExpressions.ni.dll + 2008-09-17 11:18:43 1,986,560 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\38991368499e2109ea4099a0fe29c5a3\System.Web.Services.ni.dll + 2008-09-17 11:18:39 12,509,184 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\67cfb70213562afe2ca9b9066764af3a\System.Web.ni.dll + 2008-08-07 13:27:04 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE + 2008-09-17 10:34:41 1,122,304 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\00000001\NTUSER.DAT + 2008-09-17 10:34:41 163,840 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\00000002\UsrClass.dat + 2008-08-07 13:27:04 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.EXE + 2008-09-17 10:34:36 1,122,304 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000001\NTUSER.DAT + 2008-09-17 10:34:36 163,840 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000002\UsrClass.dat - 2006-03-02 12:00:00 41,984 ----a-w C:\WINDOWS\msagent\agentdp2.dll + 2006-10-12 14:04:15 42,496 ----a-w C:\WINDOWS\msagent\agentdp2.dll - 2006-03-02 12:00:00 256,512 ----a-w C:\WINDOWS\msagent\agentsvr.exe + 2006-10-12 11:09:53 256,512 ----a-w C:\WINDOWS\msagent\agentsvr.exe - 2008-09-14 12:10:09 8,738 ----a-w C:\WINDOWS\pchealth\helpctr\Config\Cntstore.bin + 2008-09-18 14:31:36 8,972 ----a-w C:\WINDOWS\pchealth\helpctr\Config\Cntstore.bin - 2008-09-14 12:10:08 76,487 ----a-w C:\WINDOWS\pchealth\helpctr\OfflineCache\index.dat + 2008-09-18 14:32:40 76,487 ----a-w C:\WINDOWS\pchealth\helpctr\OfflineCache\index.dat - 2008-09-14 12:10:09 2,072 ----a-w C:\WINDOWS\pchealth\helpctr\PackageStore\SkuStore.bin + 2008-09-18 14:32:40 2,378 ----a-w C:\WINDOWS\pchealth\helpctr\PackageStore\SkuStore.bin + 2008-09-17 12:10:37 32,768 ----a-w C:\WINDOWS\RaidTool\IDEDrvSetup.exe + 2008-09-17 12:10:38 2,560 ----a-w C:\WINDOWS\RaidTool\xIDESetup.exe + 2008-09-17 12:10:38 20,992 ----a-w C:\WINDOWS\RaidTool\xInsDrv.dll + 2008-09-17 12:10:38 36,864 ----a-w C:\WINDOWS\RaidTool\xInsIDE.exe + 2008-08-06 13:22:02 114,688 ----a-w C:\WINDOWS\system32\Adobe\Director\np32dsw.dll + 2008-08-06 13:30:48 202,168 ----a-w C:\WINDOWS\system32\Adobe\Director\SwDir.dll + 2008-08-06 13:22:42 499,712 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\Control.dll + 2008-08-06 12:45:40 1,798,144 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\dirapi.dll + 2008-08-06 13:22:44 9,216 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\DynaPlayer.dll + 2008-08-06 12:35:52 706,048 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\gi.dll + 2008-08-06 12:35:52 1,145,896 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\gt.exe + 2008-08-06 12:35:52 52,288 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\gtapi.dll + 2008-08-06 12:42:04 892,928 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\iml32.dll + 2008-08-06 12:35:52 54,656 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\pccuapi.dll + 2008-08-06 13:21:14 266,240 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\Plugin.dll + 2008-08-06 13:24:14 446,464 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\Proj.dll + 2008-08-06 13:30:30 447,928 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1100465.exe + 2008-08-06 13:24:56 114,688 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\SwInit.exe + 2008-08-06 13:21:04 94,208 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\SwMenu.dll + 2008-08-06 12:35:52 50,808 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\SYMCCHECKER.DLL + 1999-06-25 07:55:30 149,504 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\UNWISE.EXE - 2006-08-16 14:56:42 45,056 ----a-w C:\WINDOWS\system32\AgCPanelFrench.dll + 2008-06-11 06:02:32 58,648 ----a-w C:\WINDOWS\system32\AgCPanelFrench.dll - 2006-08-16 14:56:42 45,056 ----a-w C:\WINDOWS\system32\AgCPanelGerman.dll + 2008-06-11 06:02:32 58,648 ----a-w C:\WINDOWS\system32\AgCPanelGerman.dll - 2006-08-16 14:56:42 45,056 ----a-w C:\WINDOWS\system32\AgCPanelJapanese.dll + 2008-06-11 06:02:32 58,648 ----a-w C:\WINDOWS\system32\AgCPanelJapanese.dll - 2006-08-16 14:56:42 45,056 ----a-w C:\WINDOWS\system32\AgCPanelKorean.dll + 2008-06-11 06:02:34 58,648 ----a-w C:\WINDOWS\system32\AgCPanelKorean.dll - 2006-08-16 14:56:42 45,056 ----a-w C:\WINDOWS\system32\AgCPanelPortugese.dll + 2008-06-11 06:02:34 58,648 ----a-w C:\WINDOWS\system32\AgCPanelPortugese.dll - 2006-08-16 14:56:42 45,056 ----a-w C:\WINDOWS\system32\AgCPanelSimplifiedChinese.dll + 2008-06-11 06:02:34 58,648 ----a-w C:\WINDOWS\system32\AgCPanelSimplifiedChinese.dll - 2006-08-16 14:56:42 45,056 ----a-w C:\WINDOWS\system32\AgCPanelSpanish.dll + 2008-06-11 06:02:34 58,648 ----a-w C:\WINDOWS\system32\AgCPanelSpanish.dll - 2006-08-16 14:56:42 45,056 ----a-w C:\WINDOWS\system32\AgCPanelSwedish.dll + 2008-06-11 06:02:34 58,648 ----a-w C:\WINDOWS\system32\AgCPanelSwedish.dll - 2006-08-16 14:56:42 45,056 ----a-w C:\WINDOWS\system32\AgCPanelTraditionalChinese.dll + 2008-06-11 06:02:34 58,648 ----a-w C:\WINDOWS\system32\AgCPanelTraditionalChinese.dll + 2007-07-23 06:02:42 199,885 ----a-w C:\WINDOWS\system32\AGEIA\AG1011\app.bin + 2008-02-29 07:18:36 119,473 ----a-w C:\WINDOWS\system32\AGEIA\AG1011\diag.bin + 2008-02-29 07:18:36 214,629 ----a-w C:\WINDOWS\system32\AGEIA\AG1021\app.bin + 2008-03-20 05:24:14 116,977 ----a-w C:\WINDOWS\system32\AGEIA\AG1021\diag.bin - 2006-03-02 12:00:00 41,984 -c--a-w C:\WINDOWS\system32\dllcache\agentdp2.dll + 2006-10-12 14:04:15 42,496 -c--a-w C:\WINDOWS\system32\dllcache\agentdp2.dll - 2006-03-02 12:00:00 256,512 -c--a-w C:\WINDOWS\system32\dllcache\agentsvr.exe + 2006-10-12 11:09:53 256,512 -c--a-w C:\WINDOWS\system32\dllcache\agentsvr.exe - 2007-07-30 16:19:20 92,504 -c--a-w C:\WINDOWS\system32\dllcache\cdm.dll + 2008-07-18 19:10:48 94,920 -c--a-w C:\WINDOWS\system32\dllcache\cdm.dll - 2007-07-30 16:19:36 549,720 -c--a-w C:\WINDOWS\system32\dllcache\wuapi.dll + 2008-07-18 19:09:44 563,912 -c--a-w C:\WINDOWS\system32\dllcache\wuapi.dll - 2007-07-30 16:19:16 53,080 -c--a-w C:\WINDOWS\system32\dllcache\wuauclt.exe + 2008-07-18 19:10:42 53,448 -c--a-w C:\WINDOWS\system32\dllcache\wuauclt.exe - 2007-07-30 16:19:42 1,712,984 -c--a-w C:\WINDOWS\system32\dllcache\wuaueng.dll + 2008-07-18 19:09:42 1,811,656 -c--a-w C:\WINDOWS\system32\dllcache\wuaueng.dll - 2007-07-30 16:19:32 325,976 -c--a-w C:\WINDOWS\system32\dllcache\wucltui.dll + 2008-07-18 19:09:46 325,832 -c--a-w C:\WINDOWS\system32\dllcache\wucltui.dll - 2007-07-30 16:18:40 33,624 -c--a-w C:\WINDOWS\system32\dllcache\wups.dll + 2008-07-18 19:10:20 36,552 -c--a-w C:\WINDOWS\system32\dllcache\wups.dll - 2007-07-30 16:19:28 203,096 -c--a-w C:\WINDOWS\system32\dllcache\wuweb.dll + 2008-07-18 19:09:44 205,000 -c--a-w C:\WINDOWS\system32\dllcache\wuweb.dll - 2008-05-16 11:01:00 6,557,408 ----a-w C:\WINDOWS\system32\drivers\nv4_mini.sys + 2008-08-15 20:22:00 6,121,504 ----a-w C:\WINDOWS\system32\drivers\nv4_mini.sys - 2008-02-05 19:34:43 13,616 ----a-w C:\WINDOWS\system32\drivers\symdns.sys + 2008-06-13 11:13:38 13,616 ----a-w C:\WINDOWS\system32\drivers\symdns.sys - 2008-02-05 19:34:43 96,432 ----a-w C:\WINDOWS\system32\drivers\symfw.sys + 2008-06-13 11:13:38 96,432 ----a-w C:\WINDOWS\system32\drivers\symfw.sys - 2008-02-05 19:34:43 38,576 ----a-w C:\WINDOWS\system32\drivers\symids.sys + 2008-06-13 11:13:38 38,576 ----a-w C:\WINDOWS\system32\drivers\symids.sys - 2008-02-06 21:43:53 31,408 ----a-w C:\WINDOWS\system32\drivers\SymIM.sys + 2008-06-13 11:14:02 31,280 ----a-w C:\WINDOWS\system32\drivers\SymIM.sys - 2008-02-05 19:34:43 37,424 ----a-w C:\WINDOWS\system32\drivers\symndis.sys + 2008-06-13 11:13:38 37,424 ----a-w C:\WINDOWS\system32\drivers\symndis.sys - 2008-02-05 19:34:43 41,008 ----a-w C:\WINDOWS\system32\drivers\symndisv.sys + 2008-06-13 11:13:40 41,008 ----a-w C:\WINDOWS\system32\drivers\symndisv.sys - 2008-02-05 19:34:43 22,320 ----a-w C:\WINDOWS\system32\drivers\symredrv.sys + 2008-06-13 11:13:38 22,320 ----a-w C:\WINDOWS\system32\drivers\symredrv.sys - 2008-02-05 19:34:43 188,464 ----a-w C:\WINDOWS\system32\drivers\symtdi.sys + 2008-06-13 11:13:40 184,240 ----a-w C:\WINDOWS\system32\drivers\symtdi.sys - 2008-09-17 10:02:37 98,256 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT + 2008-09-18 14:01:28 99,048 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT - 2008-05-16 11:01:00 425,984 ----a-w C:\WINDOWS\system32\keystone.exe + 2008-08-15 20:22:00 436,768 ----a-w C:\WINDOWS\system32\keystone.exe + 2008-03-25 03:21:18 2,889,088 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll + 2008-03-25 03:21:20 218,496 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe + 2008-09-17 12:40:35 70,264 ----a-w C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe - 2008-05-16 11:01:00 6,108,928 ----a-w C:\WINDOWS\system32\nv4_disp.dll + 2008-08-15 20:22:00 6,049,536 ----a-w C:\WINDOWS\system32\nv4_disp.dll - 2008-05-16 11:01:00 425,984 ----a-w C:\WINDOWS\system32\nvapi.dll + 2008-08-15 20:22:00 475,136 ----a-w C:\WINDOWS\system32\nvapi.dll - 2008-05-16 11:01:00 442,368 ----a-w C:\WINDOWS\system32\nvappbar.exe + 2008-08-15 20:22:00 449,056 ----a-w C:\WINDOWS\system32\nvappbar.exe - 2008-05-16 11:01:00 114,688 ----a-w C:\WINDOWS\system32\nvcod.dll + 2008-08-15 20:22:00 122,880 ----a-w C:\WINDOWS\system32\nvcod.dll - 2008-05-16 11:01:00 114,688 ----a-w C:\WINDOWS\system32\nvcodins.dll + 2008-08-15 20:22:00 122,880 ----a-w C:\WINDOWS\system32\nvcodins.dll - 2008-05-16 11:01:00 147,456 ----a-w C:\WINDOWS\system32\nvcolor.exe + 2008-08-15 20:22:00 143,360 ----a-w C:\WINDOWS\system32\nvcolor.exe - 2008-05-16 11:01:00 13,529,088 ----a-w C:\WINDOWS\system32\nvcpl.dll + 2008-08-15 20:22:00 13,570,048 ----a-w C:\WINDOWS\system32\nvcpl.dll - 2008-05-16 11:01:00 768,544 ----a-w C:\WINDOWS\system32\nvcplui.exe + 2008-08-15 20:22:00 797,216 ----a-w C:\WINDOWS\system32\nvcplui.exe - 2008-05-16 11:01:00 1,079,840 ----a-w C:\WINDOWS\system32\nvcpluir.dll + 2008-08-12 19:58:00 1,108,512 ----a-w C:\WINDOWS\system32\nvcpluir.dll - 2008-05-16 11:01:00 1,241,088 ----a-w C:\WINDOWS\system32\nvcuda.dll + 2008-08-15 20:22:00 1,368,064 ----a-w C:\WINDOWS\system32\nvcuda.dll - 2008-05-16 11:01:00 6,582,272 ----a-w C:\WINDOWS\system32\nvdisps.dll + 2008-08-15 20:22:00 3,989,504 ----a-w C:\WINDOWS\system32\nvdisps.dll - 2008-05-16 11:01:00 1,339,392 ----a-w C:\WINDOWS\system32\nvdspsch.exe + 2008-08-15 20:22:00 1,346,080 ----a-w C:\WINDOWS\system32\nvdspsch.exe - 2008-05-16 11:01:00 3,391,488 ----a-w C:\WINDOWS\system32\nvgames.dll + 2008-08-15 20:22:00 3,440,640 ----a-w C:\WINDOWS\system32\nvgames.dll - 2008-05-16 11:01:00 3,424,256 ----a-w C:\WINDOWS\system32\nvgamesr.dll + 2008-08-12 19:58:00 3,457,024 ----a-w C:\WINDOWS\system32\nvgamesr.dll - 2008-05-16 11:01:00 1,486,848 ----a-w C:\WINDOWS\system32\nview.dll + 2008-08-15 20:22:00 1,499,136 ----a-w C:\WINDOWS\system32\nview.dll - 2008-05-16 11:01:00 1,630,208 ----a-w C:\WINDOWS\system32\nwiz.exe + 2008-08-15 20:22:00 1,657,376 ----a-w C:\WINDOWS\system32\nwiz.exe - 2008-05-16 11:01:00 229,376 ----a-w C:\WINDOWS\system32\nvmccs.dll + 2008-08-15 20:22:00 229,376 ----a-w C:\WINDOWS\system32\nvmccs.dll - 2008-05-16 11:01:00 45,056 ----a-w C:\WINDOWS\system32\nvmccsrs.dll + 2008-08-15 20:22:00 45,056 ----a-w C:\WINDOWS\system32\nvmccsrs.dll - 2008-05-16 11:01:00 188,416 ----a-w C:\WINDOWS\system32\nvmccss.dll + 2008-08-15 20:22:00 188,416 ----a-w C:\WINDOWS\system32\nvmccss.dll - 2008-05-16 11:01:00 458,752 ----a-w C:\WINDOWS\system32\nvmccssr.dll + 2008-08-12 19:58:00 458,752 ----a-w C:\WINDOWS\system32\nvmccssr.dll - 2008-05-16 11:01:00 86,016 ----a-w C:\WINDOWS\system32\nvmctray.dll + 2008-08-15 20:22:00 86,016 ----a-w C:\WINDOWS\system32\nvmctray.dll - 2008-05-16 11:01:00 1,257,472 ----a-w C:\WINDOWS\system32\nvmobls.dll + 2008-08-15 20:22:00 1,257,472 ----a-w C:\WINDOWS\system32\nvmobls.dll - 2008-05-16 11:01:00 2,854,912 ----a-w C:\WINDOWS\system32\nvmoblsr.dll + 2008-08-12 19:58:00 2,854,912 ----a-w C:\WINDOWS\system32\nvmoblsr.dll - 2008-05-16 11:01:00 286,720 ----a-w C:\WINDOWS\system32\nvnt4cpl.dll + 2008-08-15 20:22:00 286,720 ----a-w C:\WINDOWS\system32\nvnt4cpl.dll - 2008-05-16 11:01:00 8,769,536 ----a-w C:\WINDOWS\system32\nvoglnt.dll + 2008-08-15 20:22:00 8,822,784 ----a-w C:\WINDOWS\system32\nvoglnt.dll - 2008-05-16 11:01:00 327,680 ----a-w C:\WINDOWS\system32\nvrsar.dll + 2008-08-12 19:58:00 331,776 ----a-w C:\WINDOWS\system32\nvrsar.dll - 2008-05-16 11:01:00 249,856 ----a-w C:\WINDOWS\system32\nvrscs.dll + 2008-08-12 19:58:00 245,760 ----a-w C:\WINDOWS\system32\nvrscs.dll - 2008-05-16 11:01:00 253,952 ----a-w C:\WINDOWS\system32\nvrsda.dll + 2008-08-12 19:58:00 253,952 ----a-w C:\WINDOWS\system32\nvrsda.dll - 2008-05-16 11:01:00 278,528 ----a-w C:\WINDOWS\system32\nvrsde.dll + 2008-08-12 19:58:00 278,528 ----a-w C:\WINDOWS\system32\nvrsde.dll - 2008-05-16 11:01:00 282,624 ----a-w C:\WINDOWS\system32\nvrsel.dll + 2008-08-12 19:58:00 282,624 ----a-w C:\WINDOWS\system32\nvrsel.dll - 2008-05-16 11:01:00 249,856 ----a-w C:\WINDOWS\system32\nvrseng.dll + 2008-08-12 19:58:00 245,760 ----a-w C:\WINDOWS\system32\nvrseng.dll - 2008-05-16 11:01:00 282,624 ----a-w C:\WINDOWS\system32\nvrses.dll + 2008-08-12 19:58:00 282,624 ----a-w C:\WINDOWS\system32\nvrses.dll - 2008-05-16 11:01:00 274,432 ----a-w C:\WINDOWS\system32\nvrsesm.dll + 2008-08-12 19:58:00 274,432 ----a-w C:\WINDOWS\system32\nvrsesm.dll - 2008-05-16 11:01:00 249,856 ----a-w C:\WINDOWS\system32\nvrsfi.dll + 2008-08-12 19:58:00 249,856 ----a-w C:\WINDOWS\system32\nvrsfi.dll - 2008-05-16 11:01:00 286,720 ----a-w C:\WINDOWS\system32\nvrsfr.dll + 2008-08-12 19:58:00 282,624 ----a-w C:\WINDOWS\system32\nvrsfr.dll - 2008-05-16 11:01:00 327,680 ----a-w C:\WINDOWS\system32\nvrshe.dll + 2008-08-12 19:58:00 331,776 ----a-w C:\WINDOWS\system32\nvrshe.dll - 2008-05-16 11:01:00 258,048 ----a-w C:\WINDOWS\system32\nvrshu.dll + 2008-08-12 19:58:00 258,048 ----a-w C:\WINDOWS\system32\nvrshu.dll - 2008-05-16 11:01:00 282,624 ----a-w C:\WINDOWS\system32\nvrsit.dll + 2008-08-12 19:58:00 278,528 ----a-w C:\WINDOWS\system32\nvrsit.dll - 2008-05-16 11:01:00 266,240 ----a-w C:\WINDOWS\system32\nvrsja.dll + 2008-08-12 19:58:00 270,336 ----a-w C:\WINDOWS\system32\nvrsja.dll - 2008-05-16 11:01:00 258,048 ----a-w C:\WINDOWS\system32\nvrsko.dll + 2008-08-12 19:58:00 262,144 ----a-w C:\WINDOWS\system32\nvrsko.dll - 2008-05-16 11:01:00 274,432 ----a-w C:\WINDOWS\system32\nvrsnl.dll + 2008-08-12 19:58:00 274,432 ----a-w C:\WINDOWS\system32\nvrsnl.dll - 2008-05-16 11:01:00 253,952 ----a-w C:\WINDOWS\system32\nvrsno.dll + 2008-08-12 19:58:00 253,952 ----a-w C:\WINDOWS\system32\nvrsno.dll - 2008-05-16 11:01:00 258,048 ----a-w C:\WINDOWS\system32\nvrspl.dll + 2008-08-12 19:58:00 253,952 ----a-w C:\WINDOWS\system32\nvrspl.dll - 2008-05-16 11:01:00 274,432 ----a-w C:\WINDOWS\system32\nvrspt.dll + 2008-08-12 19:58:00 270,336 ----a-w C:\WINDOWS\system32\nvrspt.dll - 2008-05-16 11:01:00 266,240 ----a-w C:\WINDOWS\system32\nvrsptb.dll + 2008-08-12 19:58:00 266,240 ----a-w C:\WINDOWS\system32\nvrsptb.dll - 2008-05-16 11:01:00 270,336 ----a-w C:\WINDOWS\system32\nvrsru.dll + 2008-08-12 19:58:00 266,240 ----a-w C:\WINDOWS\system32\nvrsru.dll - 2008-05-16 11:01:00 258,048 ----a-w C:\WINDOWS\system32\nvrssk.dll + 2008-08-12 19:58:00 258,048 ----a-w C:\WINDOWS\system32\nvrssk.dll - 2008-05-16 11:01:00 258,048 ----a-w C:\WINDOWS\system32\nvrssl.dll + 2008-08-12 19:58:00 258,048 ----a-w C:\WINDOWS\system32\nvrssl.dll - 2008-05-16 11:01:00 253,952 ----a-w C:\WINDOWS\system32\nvrssv.dll + 2008-08-12 19:58:00 253,952 ----a-w C:\WINDOWS\system32\nvrssv.dll - 2008-05-16 11:01:00 253,952 ----a-w C:\WINDOWS\system32\nvrsth.dll + 2008-08-12 19:58:00 253,952 ----a-w C:\WINDOWS\system32\nvrsth.dll - 2008-05-16 11:01:00 258,048 ----a-w C:\WINDOWS\system32\nvrstr.dll + 2008-08-12 19:58:00 253,952 ----a-w C:\WINDOWS\system32\nvrstr.dll - 2008-05-16 11:01:00 225,280 ----a-w C:\WINDOWS\system32\nvrszhc.dll + 2008-08-12 19:58:00 225,280 ----a-w C:\WINDOWS\system32\nvrszhc.dll - 2008-05-16 11:01:00 126,976 ----a-w C:\WINDOWS\system32\nvrszht.dll + 2008-08-12 19:58:00 122,880 ----a-w C:\WINDOWS\system32\nvrszht.dll - 2008-05-16 11:01:00 466,944 ----a-w C:\WINDOWS\system32\nvshell.dll + 2008-08-15 20:22:00 466,944 ----a-w C:\WINDOWS\system32\nvshell.dll - 2008-05-16 11:01:00 159,812 ----a-w C:\WINDOWS\system32\nvsvc32.exe + 2008-08-15 20:22:00 163,908 ----a-w C:\WINDOWS\system32\nvsvc32.exe - 2008-05-16 11:01:00 81,920 ----a-w C:\WINDOWS\system32\nvwddi.dll + 2008-08-15 20:22:00 81,920 ----a-w C:\WINDOWS\system32\nvwddi.dll - 2008-05-16 11:01:00 1,703,936 ----a-w C:\WINDOWS\system32\nvwdmcpl.dll + 2008-08-15 20:22:00 1,724,416 ----a-w C:\WINDOWS\system32\nvwdmcpl.dll - 2008-05-16 11:01:00 1,019,904 ----a-w C:\WINDOWS\system32\nvwimg.dll + 2008-08-15 20:22:00 1,101,824 ----a-w C:\WINDOWS\system32\nvwimg.dll - 2008-05-16 11:01:00 3,776,512 ----a-w C:\WINDOWS\system32\nvvitvs.dll + 2008-08-15 20:22:00 3,764,224 ----a-w C:\WINDOWS\system32\nvvitvs.dll - 2008-05-16 11:01:00 4,136,960 ----a-w C:\WINDOWS\system32\nvvitvsr.dll + 2008-08-12 19:58:00 4,149,248 ----a-w C:\WINDOWS\system32\nvvitvsr.dll - 2008-05-16 11:01:00 282,624 ----a-w C:\WINDOWS\system32\nvwrsar.dll + 2008-08-12 19:58:00 282,624 ----a-w C:\WINDOWS\system32\nvwrsar.dll - 2008-05-16 11:01:00 286,720 ----a-w C:\WINDOWS\system32\nvwrscs.dll + 2008-08-12 19:58:00 286,720 ----a-w C:\WINDOWS\system32\nvwrscs.dll - 2008-05-16 11:01:00 294,912 ----a-w C:\WINDOWS\system32\nvwrsda.dll + 2008-08-12 19:58:00 294,912 ----a-w C:\WINDOWS\system32\nvwrsda.dll - 2008-05-16 11:01:00 311,296 ----a-w C:\WINDOWS\system32\nvwrsde.dll + 2008-08-12 19:58:00 311,296 ----a-w C:\WINDOWS\system32\nvwrsde.dll - 2008-05-16 11:01:00 335,872 ----a-w C:\WINDOWS\system32\nvwrsel.dll + 2008-08-12 19:58:00 335,872 ----a-w C:\WINDOWS\system32\nvwrsel.dll - 2008-05-16 11:01:00 286,720 ----a-w C:\WINDOWS\system32\nvwrseng.dll + 2008-08-12 19:58:00 286,720 ----a-w C:\WINDOWS\system32\nvwrseng.dll - 2008-05-16 11:01:00 335,872 ----a-w C:\WINDOWS\system32\nvwrses.dll + 2008-08-12 19:58:00 335,872 ----a-w C:\WINDOWS\system32\nvwrses.dll - 2008-05-16 11:01:00 327,680 ----a-w C:\WINDOWS\system32\nvwrsesm.dll + 2008-08-12 19:58:00 327,680 ----a-w C:\WINDOWS\system32\nvwrsesm.dll - 2008-05-16 11:01:00 303,104 ----a-w C:\WINDOWS\system32\nvwrsfi.dll + 2008-08-12 19:58:00 303,104 ----a-w C:\WINDOWS\system32\nvwrsfi.dll - 2008-05-16 11:01:00 327,680 ----a-w C:\WINDOWS\system32\nvwrsfr.dll + 2008-08-12 19:58:00 327,680 ----a-w C:\WINDOWS\system32\nvwrsfr.dll - 2008-05-16 11:01:00 278,528 ----a-w C:\WINDOWS\system32\nvwrshe.dll + 2008-08-12 19:58:00 278,528 ----a-w C:\WINDOWS\system32\nvwrshe.dll - 2008-05-16 11:01:00 315,392 ----a-w C:\WINDOWS\system32\nvwrshu.dll + 2008-08-12 19:58:00 315,392 ----a-w C:\WINDOWS\system32\nvwrshu.dll - 2008-05-16 11:01:00 323,584 ----a-w C:\WINDOWS\system32\nvwrsit.dll + 2008-08-12 19:58:00 323,584 ----a-w C:\WINDOWS\system32\nvwrsit.dll - 2008-05-16 11:01:00 212,992 ----a-w C:\WINDOWS\system32\nvwrsja.dll + 2008-08-12 19:58:00 212,992 ----a-w C:\WINDOWS\system32\nvwrsja.dll - 2008-05-16 11:01:00 196,608 ----a-w C:\WINDOWS\system32\nvwrsko.dll + 2008-08-12 19:58:00 196,608 ----a-w C:\WINDOWS\system32\nvwrsko.dll - 2008-05-16 11:01:00 319,488 ----a-w C:\WINDOWS\system32\nvwrsnl.dll + 2008-08-12 19:58:00 319,488 ----a-w C:\WINDOWS\system32\nvwrsnl.dll - 2008-05-16 11:01:00 299,008 ----a-w C:\WINDOWS\system32\nvwrsno.dll + 2008-08-12 19:58:00 299,008 ----a-w C:\WINDOWS\system32\nvwrsno.dll - 2008-05-16 11:01:00 294,912 ----a-w C:\WINDOWS\system32\nvwrspl.dll + 2008-08-12 19:58:00 294,912 ----a-w C:\WINDOWS\system32\nvwrspl.dll - 2008-05-16 11:01:00 323,584 ----a-w C:\WINDOWS\system32\nvwrspt.dll + 2008-08-12 19:58:00 323,584 ----a-w C:\WINDOWS\system32\nvwrspt.dll - 2008-05-16 11:01:00 319,488 ----a-w C:\WINDOWS\system32\nvwrsptb.dll + 2008-08-12 19:58:00 319,488 ----a-w C:\WINDOWS\system32\nvwrsptb.dll - 2008-05-16 11:01:00 315,392 ----a-w C:\WINDOWS\system32\nvwrsru.dll + 2008-08-12 19:58:00 315,392 ----a-w C:\WINDOWS\system32\nvwrsru.dll - 2008-05-16 11:01:00 299,008 ----a-w C:\WINDOWS\system32\nvwrssk.dll + 2008-08-12 19:58:00 299,008 ----a-w C:\WINDOWS\system32\nvwrssk.dll - 2008-05-16 11:01:00 303,104 ----a-w C:\WINDOWS\system32\nvwrssl.dll + 2008-08-12 19:58:00 303,104 ----a-w C:\WINDOWS\system32\nvwrssl.dll - 2008-05-16 11:01:00 294,912 ----a-w C:\WINDOWS\system32\nvwrssv.dll + 2008-08-12 19:58:00 294,912 ----a-w C:\WINDOWS\system32\nvwrssv.dll - 2008-05-16 11:01:00 290,816 ----a-w C:\WINDOWS\system32\nvwrsth.dll + 2008-08-12 19:58:00 290,816 ----a-w C:\WINDOWS\system32\nvwrsth.dll - 2008-05-16 11:01:00 303,104 ----a-w C:\WINDOWS\system32\nvwrstr.dll + 2008-08-12 19:58:00 303,104 ----a-w C:\WINDOWS\system32\nvwrstr.dll - 2008-05-16 11:01:00 163,840 ----a-w C:\WINDOWS\system32\nvwrszhc.dll + 2008-08-12 19:58:00 163,840 ----a-w C:\WINDOWS\system32\nvwrszhc.dll - 2008-05-16 11:01:00 167,936 ----a-w C:\WINDOWS\system32\nvwrszht.dll + 2008-08-12 19:58:00 167,936 ----a-w C:\WINDOWS\system32\nvwrszht.dll - 2008-05-16 11:01:00 2,629,632 ----a-w C:\WINDOWS\system32\nvwss.dll + 2008-08-15 20:22:00 2,686,976 ----a-w C:\WINDOWS\system32\nvwss.dll - 2008-05-16 11:01:00 2,670,592 ----a-w C:\WINDOWS\system32\nvwssr.dll + 2008-08-12 19:58:00 2,981,888 ----a-w C:\WINDOWS\system32\nvwssr.dll - 2008-09-17 10:07:05 59,916 ----a-w C:\WINDOWS\system32\perfc009.dat + 2008-09-17 10:40:04 59,916 ----a-w C:\WINDOWS\system32\perfc009.dat - 2008-09-17 10:07:05 73,016 ----a-w C:\WINDOWS\system32\perfc00B.dat + 2008-09-17 10:40:04 73,016 ----a-w C:\WINDOWS\system32\perfc00B.dat - 2008-09-17 10:07:05 397,696 ----a-w C:\WINDOWS\system32\perfh009.dat + 2008-09-17 10:40:04 397,696 ----a-w C:\WINDOWS\system32\perfh009.dat - 2008-09-17 10:07:05 372,472 ----a-w C:\WINDOWS\system32\perfh00B.dat + 2008-09-17 10:40:04 372,472 ----a-w C:\WINDOWS\system32\perfh00B.dat + 2008-06-05 05:58:26 197,912 ----a-w C:\WINDOWS\system32\physxcudart_20.dll + 2008-08-12 19:58:00 6,053,504 ----a-w C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\nv4_disp.dll + 2008-08-12 19:58:00 6,113,760 ----a-w C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\nv4_mini.sys + 2008-08-12 19:58:00 475,136 ----a-w C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\nvapi.dll + 2008-08-12 19:58:00 122,880 ----a-w C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\nvcod.dll + 2008-08-12 19:58:00 13,570,048 ----a-w C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\nvcpl.dll + 2008-08-12 19:58:00 1,368,064 ----a-w C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\nvcuda.dll + 2008-08-12 19:58:00 3,989,504 ----a-w C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\nvdisps.dll + 2008-08-12 19:58:00 5,799,936 ----a-w C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\nvdispsr.dll + 2008-08-12 19:58:00 3,440,640 ----a-w C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\nvgames.dll + 2008-08-12 19:58:00 3,457,024 ----a-w C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\nvgamesr.dll + 2008-08-12 19:58:00 229,376 ----a-w C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\nvmccs.dll + 2008-08-12 19:58:00 188,416 ----a-w C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\nvmccss.dll + 2008-08-12 19:58:00 458,752 ----a-w C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\nvmccssr.dll + 2008-08-12 19:58:00 86,016 ----a-w C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\nvmctray.dll + 2008-08-12 19:58:00 1,257,472 ----a-w C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\nvmobls.dll + 2008-08-12 19:58:00 2,854,912 ----a-w C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\nvmoblsr.dll + 2008-08-12 19:58:00 286,720 ----a-w C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\nvnt4cpl.dll + 2008-08-12 19:58:00 9,281,536 ----a-w C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\nvoglnt.dll + 2008-08-12 19:58:00 163,908 ----a-w C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\nvsvc32.exe + 2008-08-12 19:58:00 81,920 ----a-w C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\nvwddi.dll + 2008-08-12 19:58:00 3,764,224 ----a-w C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\nvvitvs.dll + 2008-08-12 19:58:00 4,149,248 ----a-w C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\nvvitvsr.dll + 2008-08-12 19:58:00 2,686,976 ----a-w C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\nvwss.dll + 2008-08-12 19:58:00 2,981,888 ----a-w C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\nvwssr.dll + 2008-07-18 19:10:20 36,552 ----a-w C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.2.6001.784\wups.dll + 2008-07-18 19:10:40 45,768 ----a-w C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.2.6001.784\wups2.dll - 2008-02-20 01:06:11 579,464 ----a-w C:\WINDOWS\system32\SymNeti.dll + 2008-06-13 11:45:48 579,464 ----a-w C:\WINDOWS\system32\SymNeti.dll - 2008-02-20 01:06:11 207,240 ----a-w C:\WINDOWS\system32\SymRedir.dll + 2008-06-13 11:45:44 207,240 ----a-w C:\WINDOWS\system32\SymRedir.dll + 2008-09-23 07:18:38 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_664.dat . -- Snapshot reset to current date -- . (((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet ))))))))))))))))))))))))))))))))))))))))))))) . . *Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä REGEDIT4 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayExcluded] @="{4433A54A-1AC8-432F-90FC-85F045CF383C}" [HKEY_CLASSES_ROOT\CLSID\{4433A54A-1AC8-432F-90FC-85F045CF383C}] 2008-02-26 11:34 576352 --a------ C:\Program Files\Common Files\Symantec Shared\Backup\buShell.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayPending] @="{F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225}" [HKEY_CLASSES_ROOT\CLSID\{F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225}] 2008-02-26 11:34 576352 --a------ C:\Program Files\Common Files\Symantec Shared\Backup\buShell.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayProtected] @="{476D0EA3-80F9-48B5-B70B-05E677C9C148}" [HKEY_CLASSES_ROOT\CLSID\{476D0EA3-80F9-48B5-B70B-05E677C9C148}] 2008-02-26 11:34 576352 --a------ C:\Program Files\Common Files\Symantec Shared\Backup\buShell.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 15360] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 1694208] "BitTorrent DNA"="C:\Program Files\DNA\btdna.exe" [2008-09-17 289088] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" [2006-03-02 208952] "PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2006-03-02 455168] "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2006-03-02 455168] "SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2006-12-18 868352] "AsusServiceProvider"="C:\Program Files\ASUS\AASP\1.00.23\aaCenter.exe" [2007-01-05 597504] "AsusStartupHelp"="C:\Program Files\ASUS\AASP\1.00.23\AsRunHelp.exe" [2006-12-29 363008] "Ai Nap"="C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe" [2007-01-11 1423360] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-08-15 13570048] "ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2008-02-18 51048] "osCheck"="C:\Program Files\Norton 360\osCheck.exe" [2008-02-26 988512] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2008-08-15 86016] "JMB36X IDE Setup"="C:\WINDOWS\RaidTool\xInsIDE.exe" [2008-09-17 36864] "36X Raid Configurer"="C:\WINDOWS\system32\xRaidSetup.exe" [2008-09-17 1953792] "nwiz"="nwiz.exe" [2008-08-15 C:\WINDOWS\system32\nwiz.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 15360] C:\Documents and Settings\All Users\K„ynnist„-valikko\Ohjelmat\K„ynnistys\ Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696] [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Program Files\\DNA\\btdna.exe"= "D:\\Ohjelmat\\Torrent\\BitTorrent\\bittorrent.exe"= "C:\\Program Files\\Messenger\\msmsgs.exe"= R2 LiveUpdate Notice;LiveUpdate Notice;C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-02-18 149352] R3 COH_Mon;COH_Mon;C:\WINDOWS\system32\Drivers\COH_Mon.sys [2008-07-30 23888] *Newly Created Service* - COMHOST . . ------- Täydentävä tarkistus ------- . FireFox -: Profile - C:\Documents and Settings\Omistaja\Application Data\Mozilla\Firefox\Profiles\sjyz7jnx.default\ FF -: plugin - C:\Program Files\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll FF -: plugin - C:\Program Files\DNA\plugins\npbtdna.dll FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-23 17:20:16 Windows 5.1.2600 Service Pack 2 NTFS tarkistaa piilotettuja prosesseja ... tarkistaa piilotettuja käynnistysarvoja ... tarkistaa piilotettuja tiedostoja ... tarkistus on valmis piilotetut tiedostot: 0 ************************************************************************** . Valmistumisajankohta: 2008-09-23 17:20:37 ComboFix-quarantined-files.txt 2008-09-23 14:20:35 ComboFix2.txt 2008-09-17 10:27:37 Pre-Run: 36,190,576,640 tavua vapaana Post-Run: 36,194,463,744 tavua vapaana 540 --- E O F --- 2008-09-18 03:59:29
Lataa TÄSTÄ HJTInstall.exe * Tallenna HJTInstall.exe työpöydällesi. * Tuplaklikkaa HJTInstall.exe-kuvaketta työpöydälläsi. * Oletuksena se asentaa itsensä hakemistoon C:\Program Files\Trend Micro\HijackThis. * Klikkaa Install. * Asennusohjelma luo HijackThis-kuvakkeen työpöydälle. * Kun asennus on valmis, se käynnistää HijackThisin. * Klikkaa Do a system scan and save a logfile-painiketta. Ohjelma aloittaa skannauksen ja lokin pitäisi avautua Muistioon. * Klikkaa ensin "Muokkaa > Valitse kaikki" sitten "Muokkaa > Kopioi" kopioidaksesi koko lokin sisällön. * Liitä lokin sisältö seuraavaan vastaukseesi. * ÄLÄ käytä Analyse This-nappulaa, sen löydöt ovat vaarallisia väärinymmärrettyinä. * ÄLÄ fixaa HijackThis-ohjelmalla vielä mitään. Suurin osa sen löydöistä ovat joko harmittomia tai jopa tarpeellisia.