HJT logia tutkintaan

kone jumittaa oudosti käynnistyksessä. olisko joku virus tai vastaava päässy koneeseen? avast/muut ohjelmat ei löydä mitään epäilyttävää.

Logfile of HijackThis v1.99.1
Scan saved at 17:59:04, on 23.3.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\cisvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
D:\Alcohol120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\CNAC4RPK.EXE
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\PeerGuardian2\pg2.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\CNAC4LAK.EXE
C:\Program Files\ePrompter\ePrompter.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\WINDOWS\system32\cidaemon.exe
c:\Program Files\PestPatrol\ppcontrol.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fi/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [Samsung Common SM] "C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe" /autorun
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [PestPatrol Control Center] c:\PROGRA~1\PESTPA~1\PPControl.exe
O4 - HKLM\..\Run: [PPMemCheck] c:\PROGRA~1\PESTPA~1\PPMemCheck.exe
O4 - HKLM\..\Run: [CookiePatrol] c:\PROGRA~1\PESTPA~1\CookiePatrol.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: ePrompter.lnk = C:\Program Files\ePrompter\ePrompter.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Canon LBP5000 Tilaikkuna.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\CNAC4LAK.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Office\Office10\OSA.EXE
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://D:\Office\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1172585605077
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1173523897015
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - D:\Alcohol120\StarWind\StarWindService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

 

Combofix


1. Lataa combofix.exe työpöydällesi jommastakummasta linkistä:
http://www.techsupportforum.com/sectools/sUBs/ComboFix.exe
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

2. Tuplaklikkaa combofix.exe tiedostoa ja seuraa ohjeistuksia.
3. Kun työkalu on valmis, se tuottaa lokin. (C:\ComboFix.txt) Lähetä tämä loki viesti ketjuusi.
Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.

 

tässä ComboFix logi.

 

tässä ComboFix logi.

ComboFix 07-03-22.2 - Running from: "C:\Program Files\Mozilla Firefox"

/wow section not completed - STAGE #6D
((((((((((((((((((((((((((((((( Files Created from 2007-02-23 to 2007-03-23 ))))))))))))))))))))))))))))))))))


2007-03-23 14:27 <KANSIO> d-------- C:\WINDOWS\Downloaded Installations
2007-03-23 14:27 <KANSIO> d-------- C:\Program Files\PestPatrol
2007-03-23 11:43 <KANSIO> d-------- C:\HJT
2007-03-23 11:19 <KANSIO> d-------- C:\WINDOWS\system32\appmgmt
2007-03-22 17:57 <KANSIO> d-------- C:\DOCUME~1\Rockford\APPLIC~1\Sony
2007-03-22 17:53 665,424 --a------ C:\WINDOWS\system32\wmv8dmoe.dll
2007-03-22 17:53 566,272 --a------ C:\WINDOWS\system32\wmvdmoe.dll
2007-03-22 17:53 438,608 --a------ C:\WINDOWS\system32\wmv8dmod.dll
2007-03-22 17:53 1,683,792 --a------ C:\WINDOWS\system32\wmvcore2.dll
2007-03-16 11:34 <KANSIO> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
2007-03-15 17:29 <KANSIO> d-------- C:\DOCUME~1\Rockford\APPLIC~1\CyberLink
2007-03-15 17:15 <KANSIO> d-------- C:\DOCUME~1\Rockford\APPLIC~1\Screenshot Sender
2007-03-15 16:58 <KANSIO> d-------- C:\Program Files\CyberLink
2007-03-15 16:58 <KANSIO> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
2007-03-15 16:57 40,960 --a------ C:\Program Files\Uninstall_CDS.exe
2007-03-15 16:57 <KANSIO> d-------- C:\Program Files\CyberLink DVD Solution
2007-03-12 18:18 <KANSIO> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
2007-03-12 18:17 <KANSIO> d-------- C:\Program Files\Common Files\Adobe Systems Shared
2007-03-11 11:02 <KANSIO> d-------- C:\Program Files\Common Files\NSV
2007-03-11 09:53 127,208 --a------ C:\WINDOWS\system32\mucltui.dll
2007-03-10 17:13 <KANSIO> d-------- C:\DOCUME~1\Rockford\APPLIC~1\Talkback
2007-03-10 17:12 <KANSIO> d-------- C:\DOCUME~1\Rockford\APPLIC~1\Thunderbird
2007-03-10 17:11 <KANSIO> d-------- C:\Program Files\Mozilla Thunderbird
2007-03-10 16:46 <KANSIO> dr-h----- C:\DOCUME~1\Rockford\APPLIC~1\yahoo!
2007-03-10 12:57 <KANSIO> d-------- C:\Program Files\PowerQuest
2007-03-09 17:20 <KANSIO> d-------- C:\WINDOWS\ShellNew
2007-03-08 19:46 <KANSIO> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
2007-03-08 19:40 24 --a------ C:\WINDOWS\system32\DVCStateBkp-{00000000-00000000-0000000B-00001102-00000002-80651102}.dat
2007-03-08 19:40 24 --a------ C:\WINDOWS\system32\DVCState-{00000000-00000000-0000000B-00001102-00000002-80651102}.dat
2007-03-08 19:37 98,367 --a------ C:\WINDOWS\system32\CNAC4SMK.DLL
2007-03-08 19:37 57,407 --a------ C:\WINDOWS\system32\CNAC4RPK.EXE
2007-03-08 19:37 28,737 --a------ C:\WINDOWS\system32\CNAC4LMK.DLL
2007-03-08 19:37 28,672 --a------ C:\WINDOWS\system32\CNAC4PTU.DLL
2007-03-08 19:37 184,320 --a------ C:\WINDOWS\system32\CNAC4EMU.DLL
2007-03-08 16:32 90,112 --------- C:\WINDOWS\Updreg.EXE
2007-03-08 16:32 84,992 --------- C:\WINDOWS\system32\SFCVRT32.DLL
2007-03-08 16:32 82,432 --------- C:\WINDOWS\system32\CTWFLT32.DLL
2007-03-08 16:32 54,784 --------- C:\WINDOWS\system32\INETWH32.DLL
2007-03-08 16:32 53,552 --------- C:\WINDOWS\CTCCW.DLL
2007-03-08 16:32 26,768 --------- C:\WINDOWS\system32\CTL3D.DLL
2007-03-08 16:32 24,976 --------- C:\WINDOWS\CTRES.DLL
2007-03-08 16:32 149,504 --------- C:\WINDOWS\system32\MFCANS32.DLL
2007-03-08 16:32 108,032 --------- C:\WINDOWS\system32\MFCUIA32.DLL
2007-03-08 16:32 1,048,576 --------- C:\WINDOWS\system32\SFMAN.DAT
2007-03-08 16:32 <KANSIO> d-------- C:\WINDOWS\system32\Defaults
2007-03-08 16:31 998,004 --a------ C:\WINDOWS\system32\drivers\ha10kx2k.sys
2007-03-08 16:31 94,208 --a------ C:\WINDOWS\DEVREG.DLL
2007-03-08 16:31 837,548 --a------ C:\WINDOWS\system32\drivers\ctaud2k.sys
2007-03-08 16:31 77,824 --a------ C:\WINDOWS\system32\EAXAC3.DLL
2007-03-08 16:31 643,072 --a------ C:\WINDOWS\system32\CTSBLFX.DLL
2007-03-08 16:31 61,440 --a------ C:\WINDOWS\system32\CTAGENT.DLL
2007-03-08 16:31 61,440 --a------ C:\WINDOWS\MIDIDEF.EXE
2007-03-08 16:31 53,248 --a------ C:\WINDOWS\system32\AC3API.DLL
2007-03-08 16:31 49,152 --a------ C:\WINDOWS\system32\KILLAPPS.EXE
2007-03-08 16:31 49,152 --a------ C:\WINDOWS\CTDCRES.DLL
2007-03-08 16:31 44,055 --a------ C:\WINDOWS\system32\ctdaught.dat
2007-03-08 16:31 36,864 --a------ C:\WINDOWS\system32\sfman32.dll
2007-03-08 16:31 36,864 --a------ C:\WINDOWS\system32\REGPLIB.EXE
2007-03-08 16:31 36,864 --a------ C:\WINDOWS\system32\CTEMUPIA.DLL
2007-03-08 16:31 319,488 --a------ C:\WINDOWS\system32\CTDEVCON.DLL
2007-03-08 16:31 28,672 --a------ C:\WINDOWS\system32\CTSPKHLP.DLL
2007-03-08 16:31 270,336 --a------ C:\WINDOWS\system32\SFMS32.DLL
2007-03-08 16:31 24,576 --a------ C:\WINDOWS\system32\CTHELPER.EXE
2007-03-08 16:31 213,860 --a------ C:\WINDOWS\system32\drivers\ctsfm2k.sys
2007-03-08 16:31 20,480 --a------ C:\WINDOWS\INRES.DLL
2007-03-08 16:31 195,432 --a------ C:\WINDOWS\system32\drivers\ctoss2k.sys
2007-03-08 16:31 184,320 --a------ C:\WINDOWS\PSCONV.EXE
2007-03-08 16:31 179,669 --a------ C:\WINDOWS\system32\ctstatic.dat
2007-03-08 16:31 176,128 --a------ C:\WINDOWS\READREG.EXE
2007-03-08 16:31 164,044 --a------ C:\WINDOWS\system32\ctdlang.dat
2007-03-08 16:31 156,604 --a------ C:\WINDOWS\system32\drivers\emupia2k.sys
2007-03-08 16:31 155,648 --a------ C:\WINDOWS\system32\CTOSUSER.DLL
2007-03-08 16:31 135,168 --a------ C:\WINDOWS\system32\OPENAL32.DLL
2007-03-08 16:31 127,948 --a------ C:\WINDOWS\system32\drivers\ctac32k.sys
2007-03-08 16:31 12,288 --a------ C:\WINDOWS\system32\AHQCpURes.dll
2007-03-08 16:31 113,373 --a------ C:\WINDOWS\system32\ctbasicw.dat
2007-03-08 16:31 113,273 --a------ C:\WINDOWS\system32\CTBAS2W.DAT
2007-03-08 16:31 110,592 --a------ C:\WINDOWS\system32\PIAPROXY.DLL
2007-03-08 16:31 110,592 --a------ C:\WINDOWS\system32\COMMONFX.DLL
2007-03-08 16:31 11,068 --a------ C:\WINDOWS\system32\drivers\ctprxy2k.sys
2007-03-08 16:31 106,496 --a------ C:\WINDOWS\system32\CTDPROXY.DLL
2007-03-08 16:31 106,496 --a------ C:\WINDOWS\system32\CTASIO.DLL
2007-03-08 16:31 <KANSIO> d-------- C:\WINDOWS\system32\Data
2007-03-08 16:30 6,752 --------- C:\WINDOWS\system32\PFMODNT.SYS
2007-03-08 16:29 15,840 --------- C:\WINDOWS\system32\drivers\PFMODNT.SYS
2007-03-08 16:29 <KANSIO> d-------- C:\Program Files\Creative
2007-03-08 15:56 3,712 --a------ C:\WINDOWS\system32\drivers\ctljystk.sys
2007-03-07 16:24 363,520 --a------ C:\WINDOWS\system32\PsisDecd.dll
2007-03-07 16:24 15,360 --a------ C:\WINDOWS\system32\drivers\MPE.sys
2007-03-07 16:24 11,776 --a------ C:\WINDOWS\system32\drivers\BdaSup.sys
2007-03-07 16:20 62,976 --a------ C:\WINDOWS\system32\drivers\dtvbdadrv.sys
2007-03-07 16:20 16,128 --------- C:\WINDOWS\system32\drivers\dtvloadp.sys
2007-03-07 16:19 <KANSIO> d-------- C:\Program Files\MMEDIA
2007-03-06 18:17 <KANSIO> d-------- C:\DOCUME~1\Rockford\APPLIC~1\Canon
2007-03-04 16:37 <KANSIO> d-------- C:\Program Files\Lavasoft
2007-03-04 16:37 <KANSIO> d-------- C:\DOCUME~1\Rockford\APPLIC~1\Lavasoft
2007-03-04 12:58 639,224 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2007-03-04 09:21 <KANSIO> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\yahoo!
2007-03-03 15:23 <KANSIO> d-------- C:\WINDOWS\system32\windows media
2007-03-03 15:23 <KANSIO> d-------- C:\Program Files\Windows Media Components
2007-03-03 15:23 <KANSIO> d-------- C:\Program Files\Camstreams Encoder
2007-03-03 15:18 <KANSIO> d-------- C:\WINDOWS\system32\URTTEMP
2007-03-03 10:09 <KANSIO> d-------- C:\DOCUME~1\Rockford\APPLIC~1\Help
2007-03-03 07:57 <KANSIO> d-------- C:\Program Files\ePrompter
2007-03-02 22:50 <KANSIO> d-------- C:\WINDOWS\Sun
2007-03-02 22:50 <KANSIO> d-------- C:\DOCUME~1\Rockford\APPLIC~1\Sun
2007-03-02 22:47 <KANSIO> d-------- C:\Program Files\Java
2007-03-02 22:47 <KANSIO> d-------- C:\Program Files\Common Files\Java
2007-03-02 17:09 585,824 -ra------ C:\WINDOWS\system32\drivers\lvcm.sys
2007-03-02 17:09 372,736 -ra------ C:\WINDOWS\system32\LVUI2RC.dll
2007-03-02 17:09 22,016 -ra------ C:\WINDOWS\system32\drivers\LVUSBSta.sys
2007-03-02 17:09 204,800 -ra------ C:\WINDOWS\system32\LVUI2.dll
2007-03-02 17:09 204,800 -ra------ C:\WINDOWS\system32\lvcodec2.dll
2007-03-02 17:09 106,496 -ra------ C:\WINDOWS\system32\lvcoinst.dll
2007-03-02 17:09 1,206,272 -ra------ C:\WINDOWS\system32\drivers\lvsvf2.sys
2007-03-02 17:05 <KANSIO> d-------- C:\Program Files\Common Files\FotoWire
2007-03-02 17:05 <KANSIO> d-------- C:\DOCUME~1\Rockford\APPLIC~1\FotoWire
2007-03-02 17:04 53,248 -ra------ C:\WINDOWS\system32\InstMed.exe
2007-03-02 17:03 90,112 --a------ C:\WINDOWS\system32\LQCUI2.dll
2007-03-02 17:03 856,064 --a------ C:\WINDOWS\system32\Ltwvc12n.dll
2007-03-02 17:03 81,920 -r------- C:\WINDOWS\bwUnin-6.1.4.68-8876480L.exe
2007-03-02 17:03 78,336 --a------ C:\WINDOWS\system32\lffax12n.dll
2007-03-02 17:03 466,944 --a------ C:\WINDOWS\system32\QCUI2.dll
2007-03-02 17:03 462,848 --a------ C:\WINDOWS\system32\LCamCpl.dll
2007-03-02 17:03 406,016 --a------ C:\WINDOWS\system32\ltkrn12n.dll
2007-03-02 17:03 328,704 --a------ C:\WINDOWS\system32\LFCMP12n.DLL
2007-03-02 17:03 30,720 --a------ C:\WINDOWS\system32\lfbmp12n.dll
2007-03-02 17:03 259,072 --a------ C:\WINDOWS\system32\LTDIS12n.dll
2007-03-02 17:03 215,552 --a------ C:\WINDOWS\system32\Lvkrn12n.dll
2007-03-02 17:03 207,872 --a------ C:\WINDOWS\system32\ltefx12n.dll
2007-03-02 17:03 164,864 --a------ C:\WINDOWS\system32\ltimg12n.dll
2007-03-02 17:03 141,312 --a------ C:\WINDOWS\system32\lftif12n.dll
2007-03-02 17:03 131,072 --a------ C:\WINDOWS\system32\ltfil12n.DLL
2007-03-02 16:45 <KANSIO> d-------- C:\marie antoinette
2007-03-02 16:39 <KANSIO> d-------- C:\Program Files\uTorrent
2007-03-02 16:39 <KANSIO> d-------- C:\DOCUME~1\Rockford\APPLIC~1\uTorrent
2007-03-02 16:35 <KANSIO> d-------- C:\Program Files\MSXML 4.0
2007-03-02 16:35 <KANSIO> d-------- C:\018fa064aa93680eba59
2007-03-01 20:50 <KANSIO> d-------- C:\DOCUME~1\Rockford\APPLIC~1\Corel
2007-03-01 20:50 <KANSIO> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
2007-03-01 20:49 <KANSIO> d-------- C:\Program Files\Corel
2007-03-01 20:49 <KANSIO> d-------- C:\Program Files\Common Files\Corel
2007-03-01 17:09 <KANSIO> d-------- C:\Program Files\PeerGuardian2
2007-03-01 16:55 <KANSIO> d-------- C:\Program Files\Messenger Plus! Live
2007-03-01 16:52 <KANSIO> d-------- C:\Program Files\Lavalys
2007-02-28 19:02 <KANSIO> d-------- C:\DOCUME~1\Rockford\APPLIC~1\Media Player Classic
2007-02-28 19:01 <KANSIO> d-------- C:\simpsons
2007-02-28 18:08 <KANSIO> d-------- C:\Program Files\cdrLabel 7.1
2007-02-28 16:54 <KANSIO> d-------- C:\My Music
2007-02-28 16:46 <KANSIO> d-------- C:\WINDOWS\Easy CD-DA Extractor
2007-02-27 21:12 765,952 --a------ C:\WINDOWS\system32\xvidcore.dll
2007-02-27 21:12 73,728 --a------ C:\WINDOWS\system32\dpl100.dll
2007-02-27 21:12 639,066 --a------ C:\WINDOWS\system32\divx.dll
2007-02-27 21:12 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2007-02-27 21:12 200,704 --a------ C:\WINDOWS\system32\ssldivx.dll
2007-02-27 21:12 196,608 --a------ C:\WINDOWS\system32\dtu100.dll
2007-02-27 21:12 180,224 --a------ C:\WINDOWS\system32\xvidvfw.dll
2007-02-27 21:12 10,752 --a------ C:\WINDOWS\system32\ff_vfw.dll
2007-02-27 21:12 1,565,480 --a------ C:\WINDOWS\system32\wmv9vcm.dll
2007-02-27 21:12 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll
2007-02-27 21:12 <KANSIO> d-------- C:\Program Files\K-Lite Codec Pack
2007-02-27 21:10 4,238 --a------ C:\WINDOWS\mozver.dat
2007-02-27 20:35 85,376 --a------ C:\WINDOWS\system32\drivers\NABTSFEC.sys
2007-02-27 20:35 5,504 --a------ C:\WINDOWS\system32\drivers\MSTEE.sys
2007-02-27 20:35 19,328 --a------ C:\WINDOWS\system32\drivers\WSTCODEC.SYS
2007-02-27 20:35 17,024 --a------ C:\WINDOWS\system32\drivers\CCDECODE.sys
2007-02-27 20:35 15,360 --a------ C:\WINDOWS\system32\drivers\StreamIP.sys
2007-02-27 20:35 11,136 --a------ C:\WINDOWS\system32\drivers\SLIP.sys
2007-02-27 20:35 10,880 --a------ C:\WINDOWS\system32\drivers\NdisIP.sys
2007-02-27 20:34 53,760 --a------ C:\WINDOWS\system32\vfwwdm32.dll
2007-02-27 20:30 89,088 --a------ C:\WINDOWS\system32\atl71.dll
2007-02-27 20:30 65,536 --a------ C:\WINDOWS\system32\MFC71DEU.DLL
2007-02-27 20:30 61,440 --a------ C:\WINDOWS\system32\MFC71ITA.DLL
2007-02-27 20:30 61,440 --a------ C:\WINDOWS\system32\MFC71ESP.DLL
2007-02-27 20:30 57,344 --a------ C:\WINDOWS\system32\MFC71ENU.DLL
2007-02-27 20:30 49,152 --a------ C:\WINDOWS\system32\MFC71KOR.DLL
2007-02-27 20:30 49,152 --a------ C:\WINDOWS\system32\MFC71JPN.DLL
2007-02-27 20:30 45,056 --a------ C:\WINDOWS\system32\MFC71CHT.DLL
2007-02-27 20:30 40,960 --a------ C:\WINDOWS\system32\MFC71CHS.DLL
2007-02-27 20:30 1,047,552 --a------ C:\WINDOWS\system32\MFC71u.dll
2007-02-27 20:30 <KANSIO> d-------- C:\Program Files\Logitech
2007-02-27 20:26 59,264 --a------ C:\WINDOWS\system32\drivers\USBAUDIO.sys
2007-02-27 20:14 <KANSIO> d-------- C:\DOCUME~1\Rockford\APPLIC~1\Ahead
2007-02-27 20:13 <KANSIO> d-------- C:\Program Files\Nero
2007-02-27 20:13 <KANSIO> d-------- C:\Program Files\Common Files\Ahead
2007-02-27 19:47 36,528 --------- C:\WINDOWS\system32\drivers\PxHelp20.sys
2007-02-27 19:47 2,560 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys
2007-02-27 19:47 2,432 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2007-02-27 19:47 129,784 --------- C:\WINDOWS\system32\pxafs.dll
2007-02-27 19:47 115,880 --------- C:\WINDOWS\system32\pxinsi64.exe
2007-02-27 19:47 <KANSIO> d-------- C:\Program Files\Winamp
2007-02-27 19:34 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll
2007-02-27 19:34 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll
2007-02-27 19:33 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2007-02-27 19:20 306,688 --a------ C:\WINDOWS\IsUninst.exe
2007-02-27 19:20 <KANSIO> d-------- C:\Program Files\Common Files\Logitech
2007-02-27 19:16 <KANSIO> d-------- C:\Program Files\Canon
2007-02-27 19:15 <KANSIO> d-------- C:\DOCUME~1\Rockford\APPLIC~1\ScanSoft
2007-02-27 19:15 <KANSIO> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\SSScanWizard
2007-02-27 19:15 <KANSIO> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\SSScanAppDataDir
2007-02-27 19:14 <KANSIO> d-------- C:\Program Files\ScanSoft
2007-02-27 19:14 <KANSIO> d-------- C:\Program Files\Common Files\ScanSoft Shared
2007-02-27 19:13 212,480 --a------ C:\WINDOWS\PCDLIB32.DLL
2007-02-27 19:13 <KANSIO> d-------- C:\Program Files\ArcSoft
2007-02-27 19:12 57,344 --a------ C:\WINDOWS\system32\CNQU110.DLL
2007-02-27 19:12 352,256 --a------ C:\WINDOWS\system32\CNQL1213.DLL
2007-02-27 19:12 <KANSIO> d--h----- C:\CanoScan
2007-02-27 19:09 <KANSIO> d-------- C:\Program Files\Samsung ML-1610 Series
2007-02-27 19:08 57,344 --a------ C:\WINDOWS\system32\SSCoInst.dll
2007-02-27 19:08 208,896 --------- C:\WINDOWS\system32\SSRemove.exe
2007-02-27 19:08 20,622 --a------ C:\WINDOWS\system32\SUGS1LMK.DLL
2007-02-27 19:08 151,552 --a------ C:\WINDOWS\system32\SSCoInst.exe
2007-02-27 19:08 <KANSIO> d-------- C:\WINDOWS\Samsung
2007-02-27 19:06 41,984 --------- C:\WINDOWS\system32\drivers\DGIVECP.SYS
2007-02-27 19:06 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2007-02-27 19:03 974,848 --a------ C:\WINDOWS\SynthCoreA.Dll
2007-02-27 19:03 49,152 --a------ C:\WINDOWS\system32\S11thk32.dll
2007-02-27 19:03 45,056 --a------ C:\WINDOWS\system32\SynthCore11Resources.dll
2007-02-27 19:03 40,820 --a------ C:\WINDOWS\system32\Syncor11.dll
2007-02-27 19:03 4,816 --a------ C:\WINDOWS\system32\drivers\aeaudio.sys
2007-02-27 19:03 380,928 --a------ C:\WINDOWS\SynCor.exe
2007-02-27 19:03 30,208 --a------ C:\WINDOWS\system32\wdmioctl.dll
2007-02-27 19:03 3,744 --a------ C:\WINDOWS\system32\drivers\smsens.sys
2007-02-27 19:03 1,285,632 --a------ C:\WINDOWS\system32\SMMedia.dll
2007-02-27 19:03 <KANSIO> d-------- C:\Program Files\SiSLan
2007-02-27 19:02 991,232 --a------ C:\WINDOWS\system32\virtear.dll
2007-02-27 19:02 765,952 --a------ C:\WINDOWS\system\crlds3d.dll
2007-02-27 19:02 720,896 --a------ C:\WINDOWS\system32\Audio3d.dll
2007-02-27 19:02 65,536 --a------ C:\WINDOWS\system32\a3d.dll
2007-02-27 19:02 534,976 --a------ C:\WINDOWS\system32\drivers\smwdm.sys
2007-02-27 19:02 45,056 --a------ C:\WINDOWS\system32\DSndUp.exe
2007-02-27 19:02 45,056 --a------ C:\WINDOWS\system32\CleanUp.exe
2007-02-27 19:02 44 --a------ C:\WINDOWS\system32\msssc.dll
2007-02-27 19:02 36,608 -ra------ C:\WINDOWS\system32\drivers\SISAGPX.SYS
2007-02-27 19:02 <KANSIO> d-------- C:\WINDOWS\VirtualEar
2007-02-27 19:02 <KANSIO> d-------- C:\Program Files\Analog Devices
2007-02-27 19:01 9,472 -ra------ C:\WINDOWS\system32\drivers\sisperf.sys
2007-02-27 19:01 6,016 -ra------ C:\WINDOWS\system32\drivers\siside.sys
2007-02-27 19:01 49,024 -ra------ C:\WINDOWS\system32\drivers\sisidex.sys
2007-02-27 19:01 302,592 --a------ C:\WINDOWS\IsUn040b.exe
2007-02-27 19:01 139,264 -ra------ C:\WINDOWS\system32\IDEproperty.dll
2007-02-27 19:01 <KANSIO> d-------- C:\DOCUME~1\Rockford\WINDOWS
2007-02-27 19:00 5,824 --a------ C:\WINDOWS\system32\drivers\ASUSHWIO.SYS
2007-02-27 18:39 <KANSIO> d--h----- C:\Program Files\InstallShield Installation Information
2007-02-27 18:39 <KANSIO> d-------- C:\Program Files\Yahoo!
2007-02-27 18:39 <KANSIO> d-------- C:\Program Files\ToniArts
2007-02-27 18:39 <KANSIO> d-------- C:\Program Files\CCleaner
2007-02-27 18:38 <KANSIO> d-------- C:\Program Files\Free Download Manager
2007-02-27 18:38 <KANSIO> d-------- C:\DOCUME~1\Rockford\APPLIC~1\Free Download Manager
2007-02-27 18:28 <KANSIO> d--hs---- C:\RECYCLER
2007-02-27 18:09 <KANSIO> d-------- C:\Program Files\Windows Media Connect 2
2007-02-27 18:08 <KANSIO> d-------- C:\WINDOWS\system32\LogFiles
2007-02-27 18:08 <KANSIO> d-------- C:\WINDOWS\system32\drivers\UMDF
2007-02-27 18:07 <KANSIO> d-------- C:\WINDOWS\system32\fi-fi
2007-02-27 17:55 <KANSIO> d-------- C:\WINDOWS\RegisteredPackages
2007-02-27 17:37 <KANSIO> d--h----- C:\WINDOWS\$hf_mig$
2007-02-27 17:37 <KANSIO> d-------- C:\WINDOWS\system32\PreInstall
2007-02-27 17:35 <KANSIO> d-------- C:\DOCUME~1\LOCALS~1\K„ynnist„-valikko
2007-02-27 17:33 <KANSIO> d-------- C:\WINDOWS\Prefetch
2007-02-27 17:23 <KANSIO> d-------- C:\WINDOWS\provisioning
2007-02-27 17:23 <KANSIO> d-------- C:\WINDOWS\peernet
2007-02-27 17:21 <KANSIO> d-------- C:\WINDOWS\ServicePackFiles
2007-02-27 17:16 <KANSIO> d-------- C:\WINDOWS\system32\ReinstallBackups
2007-02-27 17:15 23,856 --a------ C:\WINDOWS\system32\spupdsvc.exe
2007-02-27 17:13 <KANSIO> d-------- C:\WINDOWS\EHome
2007-02-27 17:02 4,569 --------- C:\WINDOWS\system32\secupd.dat
2007-02-27 17:02 11,776 --------- C:\WINDOWS\system32\spnpinst.exe
2007-02-27 16:49 77,312 --a------ C:\WINDOWS\system32\browser.dll
2007-02-27 16:49 614,912 --a------ C:\WINDOWS\system32\h323msp.dll
2007-02-27 16:49 39,936 --a------ C:\WINDOWS\system32\mf3216.dll
2007-02-27 16:49 330,752 --a------ C:\WINDOWS\system32\ipnathlp.dll
2007-02-27 16:49 262,144 --a------ C:\DOCUME~1\ALLUSE~1\ntuser.dat
2007-02-27 16:47 956,416 --a------ C:\WINDOWS\system32\msdtctm.dll
2007-02-27 16:47 91,136 --a------ C:\WINDOWS\system32\mtxoci.dll
2007-02-27 16:47 66,560 --a------ C:\WINDOWS\system32\mtxclu.dll
2007-02-27 16:47 625,152 --a------ C:\WINDOWS\system32\catsrvut.dll
2007-02-27 16:47 60,416 --a------ C:\WINDOWS\system32\colbact.dll
2007-02-27 16:47 581,120 --a------ C:\WINDOWS\system32\rpcrt4.dll
2007-02-27 16:47 540,160 --a------ C:\WINDOWS\system32\comuid.dll
2007-02-27 16:47 426,496 --a------ C:\WINDOWS\system32\msdtcprx.dll
2007-02-27 16:47 397,824 --a------ C:\WINDOWS\system32\rpcss.dll
2007-02-27 16:47 243,200 --a------ C:\WINDOWS\system32\es.dll
2007-02-27 16:47 225,792 --a------ C:\WINDOWS\system32\catsrv.dll
2007-02-27 16:47 161,280 --a------ C:\WINDOWS\system32\msdtcuiu.dll
2007-02-27 16:47 110,080 --a------ C:\WINDOWS\system32\clbcatex.dll
2007-02-27 16:47 101,376 --a------ C:\WINDOWS\system32\txflog.dll
2007-02-27 16:47 1,284,608 --a------ C:\WINDOWS\system32\ole32.dll
2007-02-27 16:47 1,267,200 --a------ C:\WINDOWS\system32\comsvcs.dll
2007-02-27 16:44 240,640 --a------ C:\WINDOWS\system32\srrstr.dll
2007-02-27 16:42 26,112 --a------ C:\WINDOWS\system32\xpsp1hfm.exe
2007-02-27 16:42 <KANSIO> d--h-c--- C:\WINDOWS\$xpsp1hfm$
2007-02-27 16:40 <KANSIO> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
2007-02-27 16:17 21,504 --a------ C:\WINDOWS\system32\hidserv.dll
2007-02-27 16:17 14,848 --a------ C:\WINDOWS\system32\drivers\kbdhid.sys
2007-02-27 16:16 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2007-02-27 16:15 8,192 --------- C:\WINDOWS\system32\bitsprx2.dll
2007-02-27 16:15 7,168 --------- C:\WINDOWS\system32\bitsprx3.dll
2007-02-27 16:15 351,232 --a------ C:\WINDOWS\system32\winhttp.dll
2007-02-27 16:15 18,944 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2007-02-27 16:15 <KANSIO> d-------- C:\WINDOWS\system32\bits
2007-02-27 16:14 465,176 --a------ C:\WINDOWS\system32\wuapi.dll
2007-02-27 16:14 41,240 --a------ C:\WINDOWS\system32\wups.dll
2007-02-27 16:14 194,840 --a------ C:\WINDOWS\system32\wuaueng1.dll
2007-02-27 16:14 18,200 --a------ C:\WINDOWS\system32\wups2.dll
2007-02-27 16:14 173,848 --a------ C:\WINDOWS\system32\wuauclt1.exe
2007-02-27 16:14 127,256 --a------ C:\WINDOWS\system32\wucltui.dll
2007-02-27 16:13 <KANSIO> d-------- C:\WINDOWS\SoftwareDistribution
2007-02-27 16:12 <KANSIO> d---s---- C:\DOCUME~1\Rockford\UserData
2007-02-26 21:45 <KANSIO> dr-hsc--- C:\WINDOWS\system32\dllcache
2007-02-26 21:45 <KANSIO> dr--s---- C:\WINDOWS\Fonts
2007-02-26 21:45 <KANSIO> dr------- C:\WINDOWS\Web
2007-02-26 21:45 <KANSIO> d--h----- C:\WINDOWS\inf
2007-02-26 21:45 <KANSIO> d-------- C:\WINDOWS\WinSxS
2007-02-26 21:45 <KANSIO> d-------- C:\WINDOWS\twain_32
2007-02-26 21:45 <KANSIO> d-------- C:\WINDOWS\system32\wins
2007-02-26 21:45 <KANSIO> d-------- C:\WINDOWS\system32\wbem
2007-02-26 21:45 <KANSIO> d-------- C:\WINDOWS\system32\usmt
2007-02-26 21:45 <KANSIO> d-------- C:\WINDOWS\system32\spool
2007-02-26 21:45 <KANSIO> d-------- C:\WINDOWS\system32\ShellExt
2007-02-26 21:45 <KANSIO> d-------- C:\WINDOWS\system32\Setup
2007-02-26 21:45 <KANSIO> d-------- C:\WINDOWS\system32\ras
2007-02-26 21:45 <KANSIO> d-------- C:\WINDOWS\system32\oobe
2007-02-26 21:45 <KANSIO> d-------- C:\WINDOWS\system32\npp
2007-02-26 21:45 <KANSIO> d-------- C:\WINDOWS\system32\mui
2007-02-26 21:45 <KANSIO> d-------- C:\WINDOWS\system32\inetsrv
2007-02-26 21:45 <KANSIO> d-------- C:\WINDOWS\system32\IME
2007-02-26 21:45 <KANSIO> d-------- C:\WINDOWS\system32\icsxml
2007-02-26 21:45 <KANSIO> d-------- C:\WINDOWS\system32\ias
2007-02-26 21:45 <KANSIO> d-------- C:\WINDOWS\system32\export
2007-02-26 21:45 <KANSIO> d-------- C:\WINDOWS\system32\drivers\etc
2007-02-26 21:45 <KANSIO> d-------- C:\WINDOWS\system32\drivers\disdn
2007-02-26 21:45 <KANSIO> d-------- C:\WINDOWS\system32\drivers
2007-02-26 21:45 <KANSIO> d-------- C:\WINDOWS\system32\dhcp
2007-02-26 21:45 <KANSIO> d-------- C:\WINDOWS\system32\config
2007-02-26 21:45 <KANSIO> d-------- C:\WINDOWS\system32\3com_dmi
2007-02-26 21:45 <KANSIO> d-------- C:\WINDOWS\system32\3076
2007-02-26 21:45 <KANSIO> d-------- C:\WINDOWS\system32\2052
2007-02-26 21:45 <KANSIO> d-------- C:\WINDOWS\system32\1054
2007-02-26 21:45 <KANSIO> d-------- C:\WINDOWS\system32\1042
2007-02-26 21:45 <KANSIO> d-------- C:\WINDOWS\system32\1041
2007-02-26 21:45 <KANSIO> d-------- C:\WINDOWS\system32\1037
2007-02-26 21:45 <KANSIO> d-------- C:\WINDOWS\system32\1035
2007-02-26 21:45 <KANSIO> d-------- C:\WINDOWS\system32\1033
2007-02-26 21:45 <KANSIO> d-------- C:\WINDOWS\system32\1031
2007-02-26 21:45 <KANSIO> d-------- C:\WINDOWS\system32\1028
2007-02-26 21:45 <KANSIO> d-------- C:\WINDOWS\system32\1025
2007-02-26 21:45 <KANSIO> d-------- C:\WINDOWS\system32
2007-02-26 21:45 <KANSIO> d-------- C:\WINDOWS\system
2007-02-26 21:45 <KANSIO> d-------- C:\WINDOWS\security
2007-02-26 21:45 <KANSIO> d-------- C:\WINDOWS\Resources
2007-02-26 21:45 <KANSIO> d-------- C:\WINDOWS\repair
2007-02-26 21:45 <KANSIO> d-------- C:\WINDOWS\mui
2007-02-26 21:45 <KANSIO> d-------- C:\WINDOWS\msapps
2007-02-26 21:45 <KANSIO> d-------- C:\WINDOWS\msagent
2007-02-26 21:45 <KANSIO> d-------- C:\WINDOWS\Media
2007-02-26 21:45 <KANSIO> d-------- C:\WINDOWS\java
2007-02-26 21:45 <KANSIO> d-------- C:\WINDOWS\ime
2007-02-26 21:45 <KANSIO> d-------- C:\WINDOWS\Help
2007-02-26 21:45 <KANSIO> d-------- C:\WINDOWS\Driver Cache
2007-02-26 21:45 <KANSIO> d-------- C:\WINDOWS\Debug
2007-02-26 21:45 <KANSIO> d-------- C:\WINDOWS\Cursors
2007-02-26 21:45 <KANSIO> d-------- C:\WINDOWS\Connection Wizard
2007-02-26 21:45 <KANSIO> d-------- C:\WINDOWS\Config
2007-02-26 21:45 <KANSIO> d-------- C:\WINDOWS\AppPatch
2007-02-26 21:45 <KANSIO> d-------- C:\WINDOWS\addins
2007-02-26 21:45 <KANSIO> d-------- C:\WINDOWS
2007-02-26 20:59 <KANSIO> d-------- C:\Program Files\Opera
2007-02-26 20:59 <KANSIO> d-------- C:\DOCUME~1\Rockford\APPLIC~1\Opera
2007-02-26 20:47 0 --a------ C:\WINDOWS\nsreg.dat
2007-02-26 20:41 <KANSIO> d-------- C:\DOCUME~1\Rockford\Contacts
2007-02-26 20:41 <KANSIO> d-------- C:\DOCUME~1\Rockford\APPLIC~1\Adobe
2007-02-26 20:39 <KANSIO> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
2007-02-26 20:36 <KANSIO> d-------- C:\Program Files\Common Files\Adobe
2007-02-26 20:34 <KANSIO> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
2007-02-26 20:33 <KANSIO> d----c--- C:\WINDOWS\system32\DRVSTORE
2007-02-26 20:33 <KANSIO> d-------- C:\Program Files\MSN Messenger
2007-02-26 20:27 208,896 --a------ C:\WINDOWS\system32\nvudisp.exe
2007-02-26 20:27 <KANSIO> d-------- C:\WINDOWS\nview
2007-02-26 20:26 208,896 --a------ C:\WINDOWS\system32\NVUNINST.EXE
2007-02-26 20:26 <KANSIO> d-------- C:\Program Files\Common Files\InstallShield
2007-02-26 20:26 <KANSIO> d-------- C:\NVIDIA
2007-02-26 20:15 94,424 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2007-02-26 20:15 90,112 --a------ C:\WINDOWS\system32\AVASTSS.scr
2007-02-26 20:15 85,952 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2007-02-26 20:15 689,280 --a------ C:\WINDOWS\system32\aswBoot.exe
2007-02-26 20:15 499,712 --a------ C:\WINDOWS\system32\msvcp71.dll
2007-02-26 20:15 43,176 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2007-02-26 20:15 348,160 --a------ C:\WINDOWS\system32\msvcr71.dll
2007-02-26 20:15 31,560 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2007-02-26 20:15 23,352 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2007-02-26 20:15 1,060,864 --a------ C:\WINDOWS\system32\MFC71.dll
2007-02-26 20:14 <KANSIO> d-------- C:\Program Files\Alwil Software
2007-02-26 20:10 75,512 --a------ C:\WINDOWS\zllsputility.exe
2007-02-26 20:10 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2007-02-26 20:10 11,264 --a------ C:\WINDOWS\system32\SpOrder.dll
2007-02-26 20:10 1,087,216 --a------ C:\WINDOWS\system32\zpeng24.dll
2007-02-26 20:10 <KANSIO> d-------- C:\WINDOWS\system32\ZoneLabs
2007-02-26 20:09 <KANSIO> d-------- C:\WINDOWS\Internet Logs
2007-02-26 20:07 552 --a------ C:\WINDOWS\system32\d3d8caps.dat
2007-02-26 20:06 3,407,872 --ah----- C:\DOCUME~1\Rockford\NTUSER.DAT
2007-02-26 20:06 <KANSIO> dr------- C:\DOCUME~1\Rockford\Suosikit
2007-02-26 20:06 <KANSIO> dr------- C:\DOCUME~1\Rockford\Omat tiedostot
2007-02-26 20:06 <KANSIO> dr------- C:\DOCUME~1\Rockford\K„ynnist„-valikko
2007-02-26 20:06 <KANSIO> d--hs---- C:\WINDOWS\Installer
2007-02-26 20:06 <KANSIO> d--h----- C:\DOCUME~1\Rockford\Verkkoymp„rist”
2007-02-26 20:06 <KANSIO> d--h----- C:\DOCUME~1\Rockford\Tulostinymp„rist”
2007-02-26 20:06 <KANSIO> d--h----- C:\DOCUME~1\Rockford\Mallit
2007-02-26 20:06 <KANSIO> d-------- C:\DOCUME~1\Rockford\Ty”p”yt„
2007-02-26 20:05 237,568 --ah----- C:\DOCUME~1\NETWOR~1\NTUSER.DAT
2007-02-26 20:05 237,568 --ah----- C:\DOCUME~1\LOCALS~1\NTUSER.DAT
2007-02-26 20:05 <KANSIO> d--hs---- C:\System Volume Information
2007-02-26 20:02 237,568 ---h----- C:\DOCUME~1\DEFAUL~1\NTUSER.DAT
2007-02-26 20:02 <KANSIO> d-------- C:\WINDOWS\system32\xircom
2007-02-26 20:02 <KANSIO> d-------- C:\Program Files\microsoft frontpage
2007-02-26 20:01 112,128 --a------ C:\WINDOWS\system32\mapi32.dll
2007-02-26 20:01 0 -rahs---- C:\MSDOS.SYS
2007-02-26 20:01 0 -rahs---- C:\IO.SYS
2007-02-26 20:01 0 --a------ C:\CONFIG.SYS
2007-02-26 20:01 0 --a------ C:\AUTOEXEC.BAT
2007-02-26 20:01 <KANSIO> d--hs---- C:\DOCUME~1\ALLUSE~1\DRM
2007-02-26 20:00 45,568 --a------ C:\WINDOWS\system32\safrslv.dll
2007-02-26 20:00 43,520 --a------ C:\WINDOWS\system32\safrcdlg.dll
2007-02-26 20:00 43,520 --a------ C:\WINDOWS\system32\racpldlg.dll
2007-02-26 20:00 382,464 --a------ C:\WINDOWS\system32\qmgr.dll
2007-02-26 20:00 29,696 --a------ C:\WINDOWS\system32\safrdm.dll
2007-02-26 20:00 11,264 --a------ C:\WINDOWS\system32\atrace.dll
2007-02-26 20:00 <KANSIO> dr------- C:\WINDOWS\Offline Web Pages
2007-02-26 20:00 <KANSIO> d---s---- C:\WINDOWS\Downloaded Program Files
2007-02-26 20:00 <KANSIO> d-------- C:\WINDOWS\system32\Macromed
2007-02-26 20:00 <KANSIO> d-------- C:\WINDOWS\system32\DirectX
2007-02-26 20:00 <KANSIO> d-------- C:\WINDOWS\srchasst
2007-02-26 20:00 <KANSIO> d-------- C:\Program Files\Movie Maker
2007-02-26 19:59 86,016 --a------ C:\WINDOWS\system32\isign32.dll
2007-02-26 19:59 81,920 --a------ C:\WINDOWS\system32\ils.dll
2007-02-26 19:59 73,728 --a------ C:\WINDOWS\system32\icwdial.dll
2007-02-26 19:59 73,472 --a------ C:\WINDOWS\system32\drivers\sr.sys
2007-02-26 19:59 69,632 --a------ C:\WINDOWS\system32\msconf.dll
2007-02-26 19:59 679,424 --a------ C:\WINDOWS\system32\inetcomm.dll
2007-02-26 19:59 67,584 --a------ C:\WINDOWS\system32\srclient.dll
2007-02-26 19:59 65,536 --a------ C:\WINDOWS\system32\icwphbk.dll
2007-02-26 19:59 64,512 --a------ C:\WINDOWS\system32\acctres.dll
2007-02-26 19:59 48,640 --a------ C:\WINDOWS\system32\inetres.dll
2007-02-26 19:59 34,560 --a------ C:\WINDOWS\system32\mnmdd.dll
2007-02-26 19:59 32,768 --a------ C:\WINDOWS\system32\mnmsrvc.exe
2007-02-26 19:59 32,768 --a------ C:\WINDOWS\system32\isrdbg32.dll
2007-02-26 19:59 28,672 --a------ C:\WINDOWS\system32\nmmkcert.dll
2007-02-26 19:59 278,528 --a------ C:\WINDOWS\system32\inetcfg.dll
2007-02-26 19:59 276,480 --a------ C:\WINDOWS\system32\mstask.dll
2007-02-26 19:59 252,928 --a------ C:\WINDOWS\system32\msoeacct.dll
2007-02-26 19:59 21,672 --a------ C:\WINDOWS\system32\emptyregdb.dat
2007-02-26 19:59 190,976 --a------ C:\WINDOWS\system32\schedsvc.dll
2007-02-26 19:59 170,496 --a------ C:\WINDOWS\system32\srsvc.dll
2007-02-26 19:59 16,384 --a------ C:\WINDOWS\system32\icfgnt5.dll
2007-02-26 19:59 12,288 --a------ C:\WINDOWS\system32\nmevtmsg.dll
2007-02-26 19:59 12,288 --a------ C:\WINDOWS\system32\mstinit.exe
2007-02-26 19:59 105,984 --a------ C:\WINDOWS\system32\msoert2.dll
2007-02-26 19:59 <KANSIO> d---s---- C:\WINDOWS\Tasks
2007-02-26 19:59 <KANSIO> d-------- C:\WINDOWS\system32\Restore
2007-02-26 19:59 <KANSIO> d-------- C:\WINDOWS\Registration
2007-02-26 19:59 <KANSIO> d-------- C:\WINDOWS\PCHEALTH
2007-02-26 19:59 <KANSIO> d-------- C:\Program Files\Common Files\MSSoap
2007-02-26 19:58 97,792 --a------ C:\WINDOWS\system32\comrepl.dll
2007-02-26 19:58 93,696 --a------ C:\WINDOWS\system32\tscfgwmi.dll
2007-02-26 19:58 9,728 --a------ C:\WINDOWS\system32\reset.exe
2007-02-26 19:58 87,176 --a------ C:\WINDOWS\system32\rdpwsx.dll
2007-02-26 19:58 85,504 --a------ C:\WINDOWS\system32\catsrvps.dll
2007-02-26 19:58 80,896 --a------ C:\WINDOWS\system32\charmap.exe
2007-02-26 19:58 73,216 --a------ C:\WINDOWS\system32\avwav.dll
2007-02-26 19:58 67,072 --a------ C:\WINDOWS\system32\rdshost.exe
2007-02-26 19:58 62,464 --a------ C:\WINDOWS\system32\rdpclip.exe
2007-02-26 19:58 605,696 --a------ C:\WINDOWS\system32\getuname.dll
2007-02-26 19:58 600,576 --a------ C:\WINDOWS\system32\mstsc.exe
2007-02-26 19:58 60,416 --a------ C:\WINDOWS\system32\remotepg.dll
2007-02-26 19:58 6,656 --a------ C:\WINDOWS\system32\wuauserv.dll
2007-02-26 19:58 6,144 --a------ C:\WINDOWS\system32\msdtc.exe
2007-02-26 19:58 58,880 --a------ C:\WINDOWS\system32\msdtclog.dll
2007-02-26 19:58 58,880 --a------ C:\WINDOWS\system32\licwmi.dll
2007-02-26 19:58 56,832 --a------ C:\WINDOWS\system32\sol.exe
2007-02-26 19:58 56,320 --a------ C:\WINDOWS\system32\servdeps.dll
2007-02-26 19:58 55,296 --a------ C:\WINDOWS\system32\freecell.exe
2007-02-26 19:58 54,272 --a------ C:\WINDOWS\system32\stclient.dll
2007-02-26 19:58 538,624 --a------ C:\WINDOWS\system32\spider.exe
2007-02-26 19:58 5,632 --a------ C:\WINDOWS\system32\write.exe
2007-02-26 19:58 5,120 --a------ C:\WINDOWS\system32\dcomcnfg.exe
2007-02-26 19:58 44,544 --a------ C:\WINDOWS\system32\tscupgrd.exe
2007-02-26 19:58 44,544 --a------ C:\WINDOWS\system32\hticons.dll
2007-02-26 19:58 40,840 --a------ C:\WINDOWS\system32\drivers\termdd.sys
2007-02-26 19:58 4,096 --a------ C:\WINDOWS\system32\rdpcfgex.dll
2007-02-26 19:58 4,096 --a------ C:\WINDOWS\system32\mtxex.dll
2007-02-26 19:58 39,424 --a------ C:\WINDOWS\system32\cfgbkend.dll
2007-02-26 19:58 350,208 --a------ C:\WINDOWS\system32\hypertrm.dll
2007-02-26 19:58 35,328 --a------ C:\WINDOWS\system32\winchat.exe
2007-02-26 19:58 344,064 --a------ C:\WINDOWS\system32\mspaint.exe
2007-02-26 19:58 33,792 --a------ C:\WINDOWS\system32\regini.exe
2007-02-26 19:58 295,424 --a------ C:\WINDOWS\system32\termsrv.dll
2007-02-26 19:58 25,600 --a------ C:\WINDOWS\system32\comaddin.dll
2007-02-26 19:58 25,088 --a------ C:\WINDOWS\system32\mtxlegih.dll
2007-02-26 19:58 227,840 --a------ C:\WINDOWS\system32\avtapi.dll
2007-02-26 19:58 22,016 --a------ C:\WINDOWS\system32\qwinsta.exe
2007-02-26 19:58 21,896 --a------ C:\WINDOWS\system32\drivers\tdtcp.sys
2007-02-26 19:58 21,504 --a------ C:\WINDOWS\system32\msg.exe
2007-02-26 19:58 20,480 --a------ C:\WINDOWS\system32\qprocess.exe
2007-02-26 19:58 20,480 --a------ C:\WINDOWS\system32\mtxdm.dll
2007-02-26 19:58 196,864 --a------ C:\WINDOWS\system32\drivers\rdpdr.sys
2007-02-26 19:58 19,968 --a------ C:\WINDOWS\system32\rdpsnd.dll
2007-02-26 19:58 186,368 --a------ C:\WINDOWS\system32\accwiz.exe
2007-02-26 19:58 185,344 --a------ C:\WINDOWS\system32\cmprops.dll
2007-02-26 19:58 17,408 --a------ C:\WINDOWS\system32\tsshutdn.exe
2007-02-26 19:58 17,408 --a------ C:\WINDOWS\system32\mmfutil.dll
2007-02-26 19:58 16,896 --a------ C:\WINDOWS\system32\qappsrv.exe
2007-02-26 19:58 16,384 --a------ C:\WINDOWS\system32\tskill.exe
2007-02-26 19:58 16,384 --a------ C:\WINDOWS\system32\avmeter.dll
2007-02-26 19:58 15,872 --a------ C:\WINDOWS\system32\rwinsta.exe
2007-02-26 19:58 15,872 --a------ C:\WINDOWS\system32\cdmodem.dll
2007-02-26 19:58 15,360 --a------ C:\WINDOWS\system32\tscon.exe
2007-02-26 19:58 15,360 --a------ C:\WINDOWS\system32\logoff.exe
2007-02-26 19:58 147,968 --a------ C:\WINDOWS\system32\rdchost.dll
2007-02-26 19:58 147,456 --a------ C:\WINDOWS\system32\comsnap.dll
2007-02-26 19:58 140,800 --a------ C:\WINDOWS\system32\sessmgr.exe
2007-02-26 19:58 14,848 --a------ C:\WINDOWS\system32\tsdiscon.exe
2007-02-26 19:58 14,848 --a------ C:\WINDOWS\system32\shadow.exe
2007-02-26 19:58 139,528 --a------ C:\WINDOWS\system32\drivers\rdpwd.sys
2007-02-26 19:58 138,752 --a------ C:\WINDOWS\system32\sndvol32.exe
2007-02-26 19:58 131,584 --a------ C:\WINDOWS\system32\sndrec32.exe
2007-02-26 19:58 13,824 --a------ C:\WINDOWS\system32\rdsaddin.exe
2007-02-26 19:58 126,976 --a------ C:\WINDOWS\system32\mshearts.exe
2007-02-26 19:58 124,696 --a------ C:\WINDOWS\system32\wuauclt.exe
2007-02-26 19:58 123,392 --a------ C:\WINDOWS\system32\mplay32.exe
2007-02-26 19:58 12,040 --a------ C:\WINDOWS\system32\drivers\tdpipe.sys
2007-02-26 19:58 119,808 --a------ C:\WINDOWS\system32\winmine.exe
2007-02-26 19:58 114,688 --a------ C:\WINDOWS\system32\calc.exe
2007-02-26 19:58 11,776 --a------ C:\WINDOWS\system32\xolehlp.dll
2007-02-26 19:58 11,264 --a------ C:\WINDOWS\system32\icaapi.dll
2007-02-26 19:58 102,400 --a------ C:\WINDOWS\system32\clipbrd.exe
2007-02-26 19:58 1,866,240 --a------ C:\WINDOWS\system32\mstscax.dll
2007-02-26 19:58 1,343,768 --a------ C:\WINDOWS\system32\wuaueng.dll
2007-02-26 19:58 1,161 --a------ C:\WINDOWS\system32\usrlogon.cmd
2007-02-26 19:58 <KANSIO> d--h----- C:\Program Files\WindowsUpdate
2007-02-26 19:58 <KANSIO> d-------- C:\WINDOWS\system32\MsDtc
2007-02-26 19:58 <KANSIO> d-------- C:\WINDOWS\system32\Com
2007-02-26 19:58 <KANSIO> d-------- C:\Program Files\Windows NT
2007-02-26 19:58 <KANSIO> d-------- C:\Program Files\Online Services
2007-02-26 19:58 <KANSIO> d-------- C:\Program Files\MSN Gaming Zone
2007-02-26 19:58 <KANSIO> d-------- C:\Program Files\Messenger
2007-02-26 19:52 82,944 --a------ C:\WINDOWS\system32\drivers\wdmaud.sys
2007-02-26 19:52 7,552 --a------ C:\WINDOWS\system32\drivers\mskssrv.sys
2007-02-26 19:52 60,800 --a------ C:\WINDOWS\system32\drivers\sysaudio.sys
2007-02-26 19:52 6,400 --a------ C:\WINDOWS\system32\drivers\splitter.sys
2007-02-26 19:52 57,216 --a------ C:\WINDOWS\system32\drivers\redbook.sys
2007-02-26 19:52 54,272 --a------ C:\WINDOWS\system32\drivers\swmidi.sys
2007-02-26 19:52 52,864 --a------ C:\WINDOWS\system32\drivers\dmusic.sys
2007-02-26 19:52 5,376 --a------ C:\WINDOWS\system32\drivers\mspclock.sys
2007-02-26 19:52 4,992 --a------ C:\WINDOWS\system32\drivers\mspqm.sys
2007-02-26 19:52 3,072 --a------ C:\WINDOWS\system32\drivers\audstub.sys
2007-02-26 19:52 2,944 --a------ C:\WINDOWS\system32\drivers\drmkaud.sys
2007-02-26 19:52 172,416 --a------ C:\WINDOWS\system32\drivers\kmixer.sys
2007-02-26 19:52 142,464 --a------ C:\WINDOWS\system32\drivers\aec.sys
2007-02-26 19:51 74,240 --a------ C:\WINDOWS\system32\usbui.dll
2007-02-26 19:51 60,288 --a------ C:\WINDOWS\system32\drivers\drmk.sys
2007-02-26 19:51 4,096 --a------ C:\WINDOWS\system32\ksuser.dll
2007-02-26 19:51 32,256 -ra------ C:\WINDOWS\system32\drivers\sisnic.sys
2007-02-26 19:51 20,992 --a------ C:\WINDOWS\system32\drivers\rtl8139.sys
2007-02-26 19:51 2,944 --a------ C:\WINDOWS\system32\drivers\msmpu401.sys
2007-02-26 19:51 145,792 --a------ C:\WINDOWS\system32\drivers\portcls.sys
2007-02-26 19:51 10,624 --a------ C:\WINDOWS\system32\drivers\gameenum.sys
2007-02-26 19:50 9,936 --a------ C:\WINDOWS\system\LZEXPAND.DLL
2007-02-26 19:50 9,008 --a------ C:\WINDOWS\system\VER.DLL
2007-02-26 19:50 85,020 --a------ C:\WINDOWS\system32\dgsetup.dll
2007-02-26 19:50 82,944 --a------ C:\WINDOWS\system\OLECLI.DLL
2007-02-26 19:50 8,704 --a------ C:\WINDOWS\system32\batt.dll
2007-02-26 19:50 8,192 -ra------ C:\WINDOWS\system32\kbdhept.dll
2007-02-26 19:50 74,240 --a------ C:\WINDOWS\system32\storprop.dll
2007-02-26 19:50 7,168 -ra------ C:\WINDOWS\system32\kbdcz.dll
2007-02-26 19:50 69,856 --a------ C:\WINDOWS\system\AVICAP.DLL
2007-02-26 19:50 69,632 --a------ C:\WINDOWS\notepad.exe
2007-02-26 19:50 68,768 --a------ C:\WINDOWS\system\mmsystem.dll
2007-02-26 19:50 6,656 -ra------ C:\WINDOWS\system32\kbdycl.dll
2007-02-26 19:50 6,656 -ra------ C:\WINDOWS\system32\kbdsl1.dll
2007-02-26 19:50 6,656 -ra------ C:\WINDOWS\system32\kbdsl.dll
2007-02-26 19:50 6,656 -ra------ C:\WINDOWS\system32\kbdpl.dll
2007-02-26 19:50 6,656 -ra------ C:\WINDOWS\system32\kbdhu.dll
2007-02-26 19:50 6,656 -ra------ C:\WINDOWS\system32\kbdhela3.dll
2007-02-26 19:50 6,656 -ra------ C:\WINDOWS\system32\kbdcz2.dll
2007-02-26 19:50 6,656 -ra------ C:\WINDOWS\system32\kbdcz1.dll
2007-02-26 19:50 6,656 -ra------ C:\WINDOWS\system32\kbdcr.dll
2007-02-26 19:50 6,656 -ra------ C:\WINDOWS\system32\KBDAL.DLL
2007-02-26 19:50 6,144 -ra------ C:\WINDOWS\system32\kbdtuq.dll
2007-02-26 19:50 6,144 -ra------ C:\WINDOWS\system32\kbdtuf.dll
2007-02-26 19:50 6,144 -ra------ C:\WINDOWS\system32\kbdlv1.dll
2007-02-26 19:50 6,144 -ra------ C:\WINDOWS\system32\kbdlv.dll
2007-02-26 19:50 6,144 -ra------ C:\WINDOWS\system32\kbdhela2.dll
2007-02-26 19:50 6,144 -ra------ C:\WINDOWS\system32\kbdgkl.dll
2007-02-26 19:50 6,144 -ra------ C:\WINDOWS\system32\kbdest.dll
2007-02-26 19:50 5,632 -ra------ C:\WINDOWS\system32\kbdro.dll
2007-02-26 19:50 5,632 -ra------ C:\WINDOWS\system32\kbdpl1.dll
2007-02-26 19:50 5,632 -ra------ C:\WINDOWS\system32\kbdmon.dll
2007-02-26 19:50 5,632 -ra------ C:\WINDOWS\system32\kbdlt1.dll
2007-02-26 19:50 5,632 -ra------ C:\WINDOWS\system32\kbdlt.dll
2007-02-26 19:50 5,632 -ra------ C:\WINDOWS\system32\kbdkyr.dll
2007-02-26 19:50 5,632 -ra------ C:\WINDOWS\system32\kbdhu1.dll
2007-02-26 19:50 5,632 -ra------ C:\WINDOWS\system32\kbdhe319.dll
2007-02-26 19:50 5,632 -ra------ C:\WINDOWS\system32\kbdhe220.dll
2007-02-26 19:50 5,632 -ra------ C:\WINDOWS\system32\kbdhe.dll
2007-02-26 19:50 5,632 -ra------ C:\WINDOWS\system32\kbdazel.dll
2007-02-26 19:50 5,120 --a------ C:\WINDOWS\system\SHELL.DLL
2007-02-26 19:50 33,120 --a------ C:\WINDOWS\system\COMMDLG.DLL
2007-02-26 19:50 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll
2007-02-26 19:50 24,064 --a------ C:\WINDOWS\system\OLESVR.DLL
2007-02-26 19:50 19,200 --a------ C:\WINDOWS\system\TAPI.DLL
2007-02-26 19:50 176,157 --a------ C:\WINDOWS\system32\dgrpsetu.dll
2007-02-26 19:50 15,360 --a------ C:\WINDOWS\TASKMAN.EXE
2007-02-26 19:50 13,312 --a------ C:\WINDOWS\system32\irclass.dll
2007-02-26 19:50 126,912 --a------ C:\WINDOWS\system\MSVIDEO.DLL
2007-02-26 19:50 11,264 --a------ C:\WINDOWS\system32\drivers\irenum.sys
2007-02-26 19:50 109,504 --a------ C:\WINDOWS\system\AVIFILE.DLL
2007-02-26 19:50 103,424 --a------ C:\WINDOWS\system32\EqnClass.Dll
2007-02-26 19:50 <KANSIO> dr------- C:\Program Files
2007-02-26 19:50 <KANSIO> d-------- C:\Program Files\Common Files\SpeechEngines
2007-02-26 19:50 <KANSIO> d-------- C:\Program Files\Common Files\ODBC
2007-02-26 19:49 <KANSIO> dr------- C:\DOCUME~1\DEFAUL~1\K„ynnist„-valikko
2007-02-26 19:49 <KANSIO> dr------- C:\DOCUME~1\ALLUSE~1\Tiedostot
2007-02-26 19:49 <KANSIO> dr------- C:\DOCUME~1\ALLUSE~1\K„ynnist„-valikko
2007-02-26 19:49 <KANSIO> d--h----- C:\DOCUME~1\DEFAUL~1\Verkkoymp„rist”
2007-02-26 19:49 <KANSIO> d--h----- C:\DOCUME~1\DEFAUL~1\Tulostinymp„rist”
2007-02-26 19:49 <KANSIO> d--h----- C:\DOCUME~1\DEFAUL~1\Mallit
2007-02-26 19:49 <KANSIO> d--h----- C:\DOCUME~1\ALLUSE~1\Mallit
2007-02-26 19:49 <KANSIO> d-------- C:\WINDOWS\system32\CatRoot2
2007-02-26 19:49 <KANSIO> d-------- C:\WINDOWS\system32\CatRoot
2007-02-26 19:49 <KANSIO> d-------- C:\Documents and Settings
2007-02-26 19:49 <KANSIO> d-------- C:\DOCUME~1\DEFAUL~1\Ty”p”yt„
2007-02-26 19:49 <KANSIO> d-------- C:\DOCUME~1\DEFAUL~1\Suosikit
2007-02-26 19:49 <KANSIO> d-------- C:\DOCUME~1\ALLUSE~1\Ty”p”yt„
2007-02-26 19:49 <KANSIO> d-------- C:\DOCUME~1\ALLUSE~1\Suosikit


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2007-03-03 15:21 75716 --a------ C:\WINDOWS\system32\perfc00b.dat
2007-03-03 15:21 374996 --a------ C:\WINDOWS\system32\perfh00b.dat
2007-02-26 19:49 62 --ahs---- C:\DOCUME~1\Rockford\APPLIC~1\desktop.ini
2007-01-19 12:53 51056 --a------ C:\WINDOWS\system32\sirenacm.dll


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
"MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
"Free Download Manager"="C:\\Program Files\\Free Download Manager\\fdm.exe -autorun"
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="\"C:\\Program Files\\Common Files\\Ahead\\Lib\\NMBgMonitor.exe\""
"PeerGuardian"="C:\\Program Files\\PeerGuardian2\\pg2.exe"
"LDM"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\BackWeb-8876480.exe"
"LogitechSoftwareUpdate"="\"C:\\Program Files\\Logitech\\Video\\ManifestEngine.exe\" boot"
"Yahoo! Pager"="\"C:\\PROGRA~1\\Yahoo!\\MESSEN~1\\YAHOOM~1.EXE\" -quiet"
"PowerBar"=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"ZoneAlarm Client"="\"C:\\Program Files\\Zone Labs\\ZoneAlarm\\zlclient.exe\""
"avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\System32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"NvMediaCenter"="RunDLL32.exe NvMCTray.dll,NvTaskbarInit"
"Smapp"="C:\\Program Files\\Analog Devices\\SoundMAX\\SMTray.exe"
"Samsung Common SM"="\"C:\\WINDOWS\\Samsung\\ComSMMgr\\ssmmgr.exe\" /autorun"
"OpwareSE2"="\"C:\\Program Files\\ScanSoft\\OmniPageSE2.0\\OpwareSE2.exe\""
"NeroFilterCheck"="C:\\Program Files\\Common Files\\Ahead\\Lib\\NeroCheck.exe"
"LVCOMSX"="C:\\WINDOWS\\system32\\LVCOMSX.EXE"
"LogitechVideoRepair"="C:\\Program Files\\Logitech\\Video\\ISStart.exe "
"LogitechVideoTray"="C:\\Program Files\\Logitech\\Video\\LogiTray.exe"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_11\\bin\\jusched.exe\""
"WINDVDPatch"="CTHELPER.EXE"
"UpdReg"="C:\\WINDOWS\\UpdReg.EXE"
"Jet Detection"="\"C:\\Program Files\\Creative\\SBLive\\PROGRAM\\ADGJDet.exe\""
"RemoteControl"="\"C:\\Program Files\\CyberLink DVD Solution\\PowerDVD\\PDVDServ.exe\""
"PestPatrol Control Center"="c:\\PROGRA~1\\PESTPA~1\\PPControl.exe"
"PestPatrolCL"=""
"PPMemCheck"="c:\\PROGRA~1\\PESTPA~1\\PPMemCheck.exe"
"CookiePatrol"="c:\\PROGRA~1\\PESTPA~1\\CookiePatrol.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"
"UPnPMonitor"="{e57ce738-33e8-4c51-8354-bb4de9d215d1}"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0

*newlycreated* - HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\LEGACY_PGFILTER


********************************************************************

catchme 0.2 W2K/XP/Vista - userland rootkit detector by Gmer, 17 October 2006
http://www.gmer.net

scanning hidden processes ...

scanning hidden services ...

scanning hidden autostart entries ...

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
PowerBar = ????????????l?@?l?@?D??????w???????????????wl?@?l?@????? ???????????g??w???w???????w???wx??????????w???????? ??????????????|x???0???????????? pt???w????????????????s???????S???????l?@?l?@????????w????t?@?????l?@?8?@?l?@?3??s????????????????????8?@?_??s8?@?8?@
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
PowerBar = ????????????l?@?l?@?D??????w???????????????wl?@?l?@????? ???????????g??w???w???????w???wx??????????w???????? ??????????????|x???0???????????? pt???w????????????????s???????S???????l?@?l?@????????w????t?@?????l?@?8?@?l?@?3??s????????????????????8?@?_??s8?@?8?@

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

********************************************************************

Completion time: 07-03-23 18:50:55

 

oho! sorry, tuli useampaan kertaan tuo ComoFix logi. netti takkus jotain