xp Antivirus

Tällänen tuli, vaikken asentanutkaan mokomaa, Norton kysy, haluatko sallia ip-osoitteesta ... ja pistin että ei ikinä. Kuitenkin kone hidastu ihan.hjt:


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:27:29, on 14.9.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\Iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fi
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {005F57BB-AA11-4B3D-98AD-7A2F71AF0259} - (no file)
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)
O2 - BHO: (no name) - {07EA7D71-936A-474F-B1E7-3BBB739F6D90} - (no file)
O2 - BHO: (no name) - {10E9F4F8-A717-4257-9041-7F5A9CC99D5D} - (no file)
O2 - BHO: (no name) - {18E50DB0-1ECE-447E-9733-AA0EB21E5A09} - (no file)
O2 - BHO: (no name) - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - (no file)
O2 - BHO: (no name) - {1AA2D6E1-DE6E-4747-B4F2-46DE6D18198E} - (no file)
O2 - BHO: (no name) - {1CBEDC46-401C-4729-B52F-4DAF2E2D17BD} - (no file)
O2 - BHO: (no name) - {205653DD-CD82-4C7E-A8AA-C73DA2C47FA4} - (no file)
O2 - BHO: (no name) - {206DA97A-3714-4075-9A0E-3CEDB679DB86} - (no file)
O2 - BHO: (no name) - {21758007-BEE5-441D-8467-4C6C3DD4C81B} - (no file)
O2 - BHO: (no name) - {250FA0E8-E8D0-48F5-856E-E17215FE3681} - (no file)
O2 - BHO: (no name) - {25E5CC61-9BD2-4FC5-9A85-201082BBF697} - (no file)
O2 - BHO: (no name) - {2B5B04FC-CB79-457C-93E3-F824E257B752} - (no file)
O2 - BHO: (no name) - {2FA590D8-1AC6-499E-BC31-8134BFC593BB} - (no file)
O2 - BHO: (no name) - {37B3FC10-C861-4991-A592-C22FEF75F8A4} - (no file)
O2 - BHO: (no name) - {3C25E3A9-4E4C-423B-AB87-09985307F6AA} - (no file)
O2 - BHO: (no name) - {3F4C70E0-A197-4322-A75E-FA21CA486F68} - (no file)
O2 - BHO: (no name) - {44C612FF-4D67-4A70-9300-6E4916A8D0B9} - C:\WINDOWS\system32\awtttrSM.dll (file missing)
O2 - BHO: (no name) - {45B3D8F3-7F91-4569-B61C-D11D176CFEC0} - (no file)
O2 - BHO: (no name) - {46a3a07a-e66e-4a5d-9e49-6bd59a8944d6} - (no file)
O2 - BHO: (no name) - {4959EFB4-33C5-482D-B212-95A597CB0ECB} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {580EBA0F-95BD-4233-A8D9-FA777567025A} - (no file)
O2 - BHO: (no name) - {590F8880-40E7-465C-B39C-157197075839} - (no file)
O2 - BHO: (no name) - {5FA0EBDF-890B-4602-AA64-8EFB4FCC8B4F} - (no file)
O2 - BHO: (no name) - {727EFCC6-89C6-43B8-8864-3300626E1D87} - (no file)
O2 - BHO: (no name) - {72BA24F8-0F9C-4F0B-9AF6-8AF2E8140C58} - (no file)
O2 - BHO: (no name) - {75079729-6E2A-4CB8-A653-9C598BD44D6E} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7AF0D473-D9A5-4033-8621-DA0204B547F0} - (no file)
O2 - BHO: (no name) - {7dc1060d-a869-4df6-9da2-646b67b04f7a} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {85B2736E-C806-40CE-9056-E8C24EB32D3F} - (no file)
O2 - BHO: {d9084c87-5667-37fb-1d04-6c666972d288} - {882d2796-66c6-40d1-bf73-766578c4809d} - C:\WINDOWS\system32\smkcaldp.dll (file missing)
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {904CF9E3-7D8E-4D33-B3DD-A6B5911E94FD} - (no file)
O2 - BHO: (no name) - {97E342C8-B877-44A1-8238-AD7DB588D669} - (no file)
O2 - BHO: (no name) - {9882E80F-26DF-430F-BB8E-6C8B851EE423} - (no file)
O2 - BHO: (no name) - {9CE29DF9-F906-409D-A9A4-66D3D5BC1E2E} - (no file)
O2 - BHO: (no name) - {A8BA7474-22BD-4668-AE36-C873FB57D4EB} - (no file)
O2 - BHO: (no name) - {B99732A5-E071-476F-B54F-55D28990872A} - (no file)
O2 - BHO: (no name) - {B9C95588-8AC7-4ACD-B31F-4298729BC676} - (no file)
O2 - BHO: (no name) - {BA67BB1C-05E9-4DC1-B605-22C81873E8CA} - (no file)
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {D2E01C83-B83C-461F-75DF-105A9207C89D} - (no file)
O2 - BHO: (no name) - {DC3018E8-BE26-4795-82CE-4B1FABB09497} - (no file)
O2 - BHO: (no name) - {DC9696A8-BC79-4559-B355-DA2E019A5E0C} - (no file)
O2 - BHO: (no name) - {e02fc416-5ca1-44cf-bf0d-8f5c6d3eccaa} - (no file)
O2 - BHO: (no name) - {E20552CB-1899-4FE9-B7F1-ED406CFF68F5} - (no file)
O2 - BHO: (no name) - {ED64B333-8A9E-4C39-B722-7AAB86B74865} - (no file)
O2 - BHO: (no name) - {F0E738CA-4E59-446F-B34A-6BC26FB2C735} - (no file)
O2 - BHO: (no name) - {F372FAF3-55FF-426E-8745-15E0B1B6319A} - (no file)
O2 - BHO: (no name) - {f3beb82a-87ea-426a-81f1-7c936291ffc7} - (no file)
O2 - BHO: (no name) - {F7461496-C822-431D-8886-8F4B562F0C8B} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [CnxTrApp] rundll32.exe "C:\Program Files\TeleWell\ADSL USB Router\CnxTrApp.dll",AppEntry -REG "Conexant\Conexant USB Network"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton AntiVirus\osCheck.exe"
O4 - HKLM\..\Run: [V0230Mon.exe] C:\WINDOWS\system32\V0230Mon.exe
O4 - HKLM\..\Run: [CreativeTaskScheduler] "C:\Program Files\Creative\Shared Files\CTSched.exe" /logon
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [e8ccc316] rundll32.exe "C:\WINDOWS\system32\dgfgrilx.dll",b
O4 - HKLM\..\Run: [BMebfff08a] Rundll32.exe "C:\WINDOWS\system32\qyxbball.dll",s
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKLM\..\Policies\Explorer\Run: []

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-19\..\RunOnce: [] (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-20\..\RunOnce: [] (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [] (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV03.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Suorita rekisteröintityökalu.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Avaa uuteen etuvälilehteen - res://C:\Program Files\Windows Live Toolbar\Components\fi-fi\msntabres.dll.mui/230?b1cb21b4abac4cd3a3258c21eb538e53
O8 - Extra context menu item: Avaa uuteen taustavälilehteen - res://C:\Program Files\Windows Live Toolbar\Components\fi-fi\msntabres.dll.mui/229?b1cb21b4abac4cd3a3258c21eb538e53
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: ToolbarCop - {A349A035-E26F-454b-ABB4-5208E50E1BE7} - C:\WINDOWS\system32\shdocvw.dll (HKCU)
O9 - Extra 'Tools' menuitem: ToolbarCop - {A349A035-E26F-454b-ABB4-5208E50E1BE7} - C:\WINDOWS\system32\shdocvw.dll (HKCU)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab50997.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1138350570671
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab50997.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: dshmddkt - dshmddkt.dll (file missing)
O20 - Winlogon Notify: imynsmzi - imynsmzi.dll (file missing)
O20 - Winlogon Notify: lbtcpltb - lbtcpltb.dll (file missing)
O20 - Winlogon Notify: lchciajl - C:\WINDOWS\
O20 - Winlogon Notify: opnkigg - C:\WINDOWS\
O20 - Winlogon Notify: qwluzxqy - qwluzxqy.dll (file missing)
O20 - Winlogon Notify: xgqtyrfg - xgqtyrfg.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Automaattinen LiveUpdate-ajastustoiminto - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-palvelu (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: Creative VF0230 RunApp Service (VF0230Srv) - Creative Technology Ltd. - C:\WINDOWS\system32\V0230Srv.exe

--
End of file - 14763 bytes

 

Fixaa seuraavat rivit Hijackthis:llä

R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {005F57BB-AA11-4B3D-98AD-7A2F71AF0259} - (no file)
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)
O2 - BHO: (no name) - {07EA7D71-936A-474F-B1E7-3BBB739F6D90} - (no file)
O2 - BHO: (no name) - {10E9F4F8-A717-4257-9041-7F5A9CC99D5D} - (no file)
O2 - BHO: (no name) - {18E50DB0-1ECE-447E-9733-AA0EB21E5A09} - (no file)
O2 - BHO: (no name) - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - (no file)
O2 - BHO: (no name) - {1AA2D6E1-DE6E-4747-B4F2-46DE6D18198E} - (no file)
O2 - BHO: (no name) - {1CBEDC46-401C-4729-B52F-4DAF2E2D17BD} - (no file)
O2 - BHO: (no name) - {205653DD-CD82-4C7E-A8AA-C73DA2C47FA4} - (no file)
O2 - BHO: (no name) - {206DA97A-3714-4075-9A0E-3CEDB679DB86} - (no file)
O2 - BHO: (no name) - {21758007-BEE5-441D-8467-4C6C3DD4C81B} - (no file)
O2 - BHO: (no name) - {250FA0E8-E8D0-48F5-856E-E17215FE3681} - (no file)
O2 - BHO: (no name) - {25E5CC61-9BD2-4FC5-9A85-201082BBF697} - (no file)
O2 - BHO: (no name) - {2B5B04FC-CB79-457C-93E3-F824E257B752} - (no file)
O2 - BHO: (no name) - {2FA590D8-1AC6-499E-BC31-8134BFC593BB} - (no file)
O2 - BHO: (no name) - {37B3FC10-C861-4991-A592-C22FEF75F8A4} - (no file)
O2 - BHO: (no name) - {3C25E3A9-4E4C-423B-AB87-09985307F6AA} - (no file)
O2 - BHO: (no name) - {3F4C70E0-A197-4322-A75E-FA21CA486F68} - (no file)
O2 - BHO: (no name) - {44C612FF-4D67-4A70-9300-6E4916A8D0B9} - C:\WINDOWS\system32\awtttrSM.dll (file missing)
O2 - BHO: (no name) - {45B3D8F3-7F91-4569-B61C-D11D176CFEC0} - (no file)
O2 - BHO: (no name) - {46a3a07a-e66e-4a5d-9e49-6bd59a8944d6} - (no file)
O2 - BHO: (no name) - {4959EFB4-33C5-482D-B212-95A597CB0ECB} - (no file)
O2 - BHO: (no name) - {580EBA0F-95BD-4233-A8D9-FA777567025A} - (no file)
O2 - BHO: (no name) - {590F8880-40E7-465C-B39C-157197075839} - (no file)
O2 - BHO: (no name) - {5FA0EBDF-890B-4602-AA64-8EFB4FCC8B4F} - (no file)
O2 - BHO: (no name) - {727EFCC6-89C6-43B8-8864-3300626E1D87} - (no file)
O2 - BHO: (no name) - {72BA24F8-0F9C-4F0B-9AF6-8AF2E8140C58} - (no file)
O2 - BHO: (no name) - {75079729-6E2A-4CB8-A653-9C598BD44D6E} - (no file)
O2 - BHO: (no name) - {7AF0D473-D9A5-4033-8621-DA0204B547F0} - (no file)
O2 - BHO: (no name) - {7dc1060d-a869-4df6-9da2-646b67b04f7a} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {85B2736E-C806-40CE-9056-E8C24EB32D3F} - (no file)
O2 - BHO: {d9084c87-5667-37fb-1d04-6c666972d288} - {882d2796-66c6-40d1-bf73-766578c4809d} - C:\WINDOWS\system32\smkcaldp.dll (file missing)
O2 - BHO: (no name) - {904CF9E3-7D8E-4D33-B3DD-A6B5911E94FD} - (no file)
O2 - BHO: (no name) - {97E342C8-B877-44A1-8238-AD7DB588D669} - (no file)
O2 - BHO: (no name) - {9882E80F-26DF-430F-BB8E-6C8B851EE423} - (no file)
O2 - BHO: (no name) - {9CE29DF9-F906-409D-A9A4-66D3D5BC1E2E} - (no file)
O2 - BHO: (no name) - {A8BA7474-22BD-4668-AE36-C873FB57D4EB} - (no file)
O2 - BHO: (no name) - {B99732A5-E071-476F-B54F-55D28990872A} - (no file)
O2 - BHO: (no name) - {B9C95588-8AC7-4ACD-B31F-4298729BC676} - (no file)
O2 - BHO: (no name) - {BA67BB1C-05E9-4DC1-B605-22C81873E8CA} - (no file)
O2 - BHO: (no name) - {D2E01C83-B83C-461F-75DF-105A9207C89D} - (no file)
O2 - BHO: (no name) - {DC3018E8-BE26-4795-82CE-4B1FABB09497} - (no file)
O2 - BHO: (no name) - {DC9696A8-BC79-4559-B355-DA2E019A5E0C} - (no file)
O2 - BHO: (no name) - {e02fc416-5ca1-44cf-bf0d-8f5c6d3eccaa} - (no file)
O2 - BHO: (no name) - {E20552CB-1899-4FE9-B7F1-ED406CFF68F5} - (no file)
O2 - BHO: (no name) - {ED64B333-8A9E-4C39-B722-7AAB86B74865} - (no file)
O2 - BHO: (no name) - {F0E738CA-4E59-446F-B34A-6BC26FB2C735} - (no file)
O2 - BHO: (no name) - {F372FAF3-55FF-426E-8745-15E0B1B6319A} - (no file)
O2 - BHO: (no name) - {f3beb82a-87ea-426a-81f1-7c936291ffc7} - (no file)
O2 - BHO: (no name) - {F7461496-C822-431D-8886-8F4B562F0C8B} - (no file)
O4 - HKLM\..\Run: [e8ccc316] rundll32.exe "C:\WINDOWS\system32\dgfgrilx.dll",b
O4 - HKLM\..\Run: [BMebfff08a] Rundll32.exe "C:\WINDOWS\system32\qyxbball.dll",s
O4 - HKLM\..\Policies\Explorer\Run: []

O20 - Winlogon Notify: dshmddkt - dshmddkt.dll (file missing)
O20 - Winlogon Notify: imynsmzi - imynsmzi.dll (file missing)
O20 - Winlogon Notify: lbtcpltb - lbtcpltb.dll (file missing)
O20 - Winlogon Notify: lchciajl - C:\WINDOWS\
O20 - Winlogon Notify: opnkigg - C:\WINDOWS\
O20 - Winlogon Notify: qwluzxqy - qwluzxqy.dll (file missing)
O20 - Winlogon Notify: xgqtyrfg - xgqtyrfg.dll (file missing)



Lataa Malwarebytes' Anti-Malware työpöydällesi.

* Tuplaklikkaa mbam-setup.exe ja seuraa ohjeita asentaaksesi ohjelman.
* Lopuksi varmistu, että seuraavat on valittu: Päivitä Malwarebytes' Anti-Malware ja Käynnistä Malwarebytes' Anti-Malware ja sen jälkeen klikkaa Lopeta.
* Jos päivitys löytyy. ohjelma lataa ja asentaa uusimman version.
* Kun ohjelma on latautunut, valitse Suorita täysi tarkistus ja klikkaa Tarkista.
* Kun skanni on valmis, klikkaa OK ja sitten Näytä tulokset nähdäksesi tulokset.
* Varmistu, että kaikki on merkitty ja klikkaa Poista valitut.
* Tämän jälkeen loki avautuu muistioon. Tallenna se paikkaan, josta löydät sen helposti. Loki löytyy myös
täältä: C:\Documents and Settings\Käyttäjänimi\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-päiväys.txt
* Lähetä lokin sisältö seuraavassa viestissäsi + uusi hjt-loki.

 

Työpöydältä löytyy kaksi epäilyttävää tiedostoa, jotka ilmestyivät pari viikkoa sitten. Thumbs.db ja unknown. Thumbs.db:ssä lukee, että Tyyppi: Tietokanta, unknown:ssa kun painaa, että ominaisuudet, lukee seuraava teksti:

Suojaus:

Tämä tiedosto on peräisin toisesta tietokoneesta, ja se on estetty tietokoneen suojaamiseksi.

Onko turvallista poistaa kumpaakaan?

 

Malwarebytes' Anti-Malware 1.28
Tietokantaversio: 1134
Windows 5.1.2600 Service Pack 2

14.9.2008 23:53:25
mbam-log-2008-09-14 (23-53-25).txt

Tarkistustyyppi: Täysi tarkistus (C:\|)
Tarkistetut kohteet: 143721
Kulunut aika: 1 hour(s), 16 minute(s), 37 second(s)

Saastuneita muistiprosesseja: 0
Saastuneita muistimoduuleja: 0
Saastuneita rekisteriavaimia: 6
Saastuneita rekisteriarvoja: 0
Saastuneita rekisterikohteita: 1
Saastuneita hakemistoja: 1
Saastuneita tiedostoja: 16

Saastuneita muistiprosesseja:
(Haitallisia kohteita ei löydetty)

Saastuneita muistimoduuleja:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisteriavaimia:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\tdssdata (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\tdss (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IProxyProvider (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.

Saastuneita rekisteriarvoja:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisterikohteita:
HKEY_CLASSES_ROOT\scrfile\shell\open\command\ (Broken.OpenCommand) -> Bad: ("%1" %*) Good: ("%1" /S) -> Quarantined and deleted successfully.

Saastuneita hakemistoja:
C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013 (Trojan.Agent) -> Quarantined and deleted successfully.

Saastuneita tiedostoja:
C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tdssadw.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\tdssl.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\tdssserf.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\tdssmain.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\tdssinit.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\tdsslog.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\tdssservers.dat (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\drivers\tdssserv.sys (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\pskt.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\BMebfff08a.xml (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\BMebfff08a.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\blphcgs2j0epcl.scr (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lphcgs2j0epcl.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\phcgs2j0epcl.bmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.


Nämä hieman epäilyttää, onko turvallista poistaa?


C:\WINDOWS\system32\tdssadw.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\tdssl.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\tdssserf.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\tdssmain.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\tdssinit.dll (Trojan.Agent) -> Delete on reboot.

 

Lähetä molemmat tiedostot http://virusscan.jotti.org/ tuonne ja kerro tulokeset.

Thumbs.db ei pitäisi olla mikään örkki mutta pistä silti tuonne jottiin se kanssa.

Nuo poistuivat jo ja niiden poistaminen oli turvallista.

Lähetä uusi Hijackthis loki ja Jottin tulokset.

 

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:29:46, on 15.9.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fi
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {005F57BB-AA11-4B3D-98AD-7A2F71AF0259} - (no file)
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)
O2 - BHO: (no name) - {07EA7D71-936A-474F-B1E7-3BBB739F6D90} - (no file)
O2 - BHO: (no name) - {10E9F4F8-A717-4257-9041-7F5A9CC99D5D} - (no file)
O2 - BHO: (no name) - {18E50DB0-1ECE-447E-9733-AA0EB21E5A09} - (no file)
O2 - BHO: (no name) - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - (no file)
O2 - BHO: (no name) - {1AA2D6E1-DE6E-4747-B4F2-46DE6D18198E} - (no file)
O2 - BHO: (no name) - {1CBEDC46-401C-4729-B52F-4DAF2E2D17BD} - (no file)
O2 - BHO: (no name) - {205653DD-CD82-4C7E-A8AA-C73DA2C47FA4} - (no file)
O2 - BHO: (no name) - {206DA97A-3714-4075-9A0E-3CEDB679DB86} - (no file)
O2 - BHO: (no name) - {21758007-BEE5-441D-8467-4C6C3DD4C81B} - (no file)
O2 - BHO: (no name) - {250FA0E8-E8D0-48F5-856E-E17215FE3681} - (no file)
O2 - BHO: (no name) - {25E5CC61-9BD2-4FC5-9A85-201082BBF697} - (no file)
O2 - BHO: (no name) - {2B5B04FC-CB79-457C-93E3-F824E257B752} - (no file)
O2 - BHO: (no name) - {2FA590D8-1AC6-499E-BC31-8134BFC593BB} - (no file)
O2 - BHO: (no name) - {37B3FC10-C861-4991-A592-C22FEF75F8A4} - (no file)
O2 - BHO: (no name) - {3C25E3A9-4E4C-423B-AB87-09985307F6AA} - (no file)
O2 - BHO: (no name) - {3F4C70E0-A197-4322-A75E-FA21CA486F68} - (no file)
O2 - BHO: (no name) - {45B3D8F3-7F91-4569-B61C-D11D176CFEC0} - (no file)
O2 - BHO: (no name) - {46a3a07a-e66e-4a5d-9e49-6bd59a8944d6} - (no file)
O2 - BHO: (no name) - {4959EFB4-33C5-482D-B212-95A597CB0ECB} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {580EBA0F-95BD-4233-A8D9-FA777567025A} - (no file)
O2 - BHO: (no name) - {590F8880-40E7-465C-B39C-157197075839} - (no file)
O2 - BHO: (no name) - {5FA0EBDF-890B-4602-AA64-8EFB4FCC8B4F} - (no file)
O2 - BHO: (no name) - {727EFCC6-89C6-43B8-8864-3300626E1D87} - (no file)
O2 - BHO: (no name) - {72BA24F8-0F9C-4F0B-9AF6-8AF2E8140C58} - (no file)
O2 - BHO: (no name) - {75079729-6E2A-4CB8-A653-9C598BD44D6E} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7AF0D473-D9A5-4033-8621-DA0204B547F0} - (no file)
O2 - BHO: (no name) - {7dc1060d-a869-4df6-9da2-646b67b04f7a} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {85B2736E-C806-40CE-9056-E8C24EB32D3F} - (no file)
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {904CF9E3-7D8E-4D33-B3DD-A6B5911E94FD} - (no file)
O2 - BHO: (no name) - {97E342C8-B877-44A1-8238-AD7DB588D669} - (no file)
O2 - BHO: (no name) - {9882E80F-26DF-430F-BB8E-6C8B851EE423} - (no file)
O2 - BHO: (no name) - {9CE29DF9-F906-409D-A9A4-66D3D5BC1E2E} - (no file)
O2 - BHO: (no name) - {A8BA7474-22BD-4668-AE36-C873FB57D4EB} - (no file)
O2 - BHO: (no name) - {B99732A5-E071-476F-B54F-55D28990872A} - (no file)
O2 - BHO: (no name) - {B9C95588-8AC7-4ACD-B31F-4298729BC676} - (no file)
O2 - BHO: (no name) - {BA67BB1C-05E9-4DC1-B605-22C81873E8CA} - (no file)
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {D2E01C83-B83C-461F-75DF-105A9207C89D} - (no file)
O2 - BHO: (no name) - {DC3018E8-BE26-4795-82CE-4B1FABB09497} - (no file)
O2 - BHO: (no name) - {DC9696A8-BC79-4559-B355-DA2E019A5E0C} - (no file)
O2 - BHO: (no name) - {e02fc416-5ca1-44cf-bf0d-8f5c6d3eccaa} - (no file)
O2 - BHO: (no name) - {E20552CB-1899-4FE9-B7F1-ED406CFF68F5} - (no file)
O2 - BHO: (no name) - {ED64B333-8A9E-4C39-B722-7AAB86B74865} - (no file)
O2 - BHO: (no name) - {F372FAF3-55FF-426E-8745-15E0B1B6319A} - (no file)
O2 - BHO: (no name) - {f3beb82a-87ea-426a-81f1-7c936291ffc7} - (no file)
O2 - BHO: (no name) - {F7461496-C822-431D-8886-8F4B562F0C8B} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [CnxTrApp] rundll32.exe "C:\Program Files\TeleWell\ADSL USB Router\CnxTrApp.dll",AppEntry -REG "Conexant\Conexant USB Network"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton AntiVirus\osCheck.exe"
O4 - HKLM\..\Run: [V0230Mon.exe] C:\WINDOWS\system32\V0230Mon.exe
O4 - HKLM\..\Run: [CreativeTaskScheduler] "C:\Program Files\Creative\Shared Files\CTSched.exe" /logon
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-19\..\RunOnce: [] (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-20\..\RunOnce: [] (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [] (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV03.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Suorita rekisteröintityökalu.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Avaa uuteen etuvälilehteen - res://C:\Program Files\Windows Live Toolbar\Components\fi-fi\msntabres.dll.mui/230?b1cb21b4abac4cd3a3258c21eb538e53
O8 - Extra context menu item: Avaa uuteen taustavälilehteen - res://C:\Program Files\Windows Live Toolbar\Components\fi-fi\msntabres.dll.mui/229?b1cb21b4abac4cd3a3258c21eb538e53
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: ToolbarCop - {A349A035-E26F-454b-ABB4-5208E50E1BE7} - C:\WINDOWS\system32\shdocvw.dll (HKCU)
O9 - Extra 'Tools' menuitem: ToolbarCop - {A349A035-E26F-454b-ABB4-5208E50E1BE7} - C:\WINDOWS\system32\shdocvw.dll (HKCU)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab50997.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1138350570671
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab50997.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: dshmddkt - C:\WINDOWS\
O20 - Winlogon Notify: imynsmzi - C:\WINDOWS\
O20 - Winlogon Notify: lbtcpltb - C:\WINDOWS\
O20 - Winlogon Notify: lchciajl - C:\WINDOWS\
O20 - Winlogon Notify: opnkigg - C:\WINDOWS\
O20 - Winlogon Notify: qwluzxqy - C:\WINDOWS\
O20 - Winlogon Notify: xgqtyrfg - C:\WINDOWS\
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Automaattinen LiveUpdate-ajastustoiminto - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-palvelu (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: Creative VF0230 RunApp Service (VF0230Srv) - Creative Technology Ltd. - C:\WINDOWS\system32\V0230Srv.exe

--
End of file - 14103 bytes


Scanner results
Scan taken on 15 Sep 2008 15:31:16 (GMT)
A-Squared
Found nothing
AntiVir
Found nothing
ArcaVir
Found nothing
Avast
Found nothing
AVG Antivirus
Found nothing
BitDefender
Found nothing
ClamAV
Found nothing
CPsecure
Found nothing
Dr.Web
Found nothing
F-Prot Antivirus
Found nothing
F-Secure Anti-Virus
Found nothing
Ikarus
Found nothing
Kaspersky Anti-Virus
Found nothing
NOD32
Found nothing
Norman Virus Control
Found nothing
Panda Antivirus
Found nothing
Sophos Antivirus
Found nothing
VirusBuster
Found nothing
VBA32
Found nothing

 

Pysytkö käyttämään konetta normaali tilassa?

1. Käynnistä Spybot-S&D Edistyneessä tilassa
2. Jos se ei ole Edistyneessä tilassa, mene Tila-valikkoon ja valitse Edistynyt tila
3. Klikkaa vasemmalla Työkalut
4. Klikkaa listassa Pysyvä suojaus
5. Ota rasti pois kohdasta "Pysyvä TeaTimer" ja paina OK.
6. Käynnistä kone uudelleen.

1. Lataa Combofix.exe työpöydällesi jommastakummasta linkistä:
Combofix.exe
Combofix.exe

Avaa Combofix.exe ja seuraa näyttöön tulevia ohjeita

Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.
Käynnistä kone uudelleen, jos niin pyydetään ja lähetä combofix.txt-tiedoston sisältö tänne.

Tyhjennä roskakori ja käynnistä koneesi uudelleen.

Postita tänne seuraavat lokit:
* Tuore HijackThis loki (Otetaan viimeisenä ennen postitusta)
* (C:\ComboFix.txt) raportti
*

 

ComboFix 08-09-15.01 - 2008-09-15 23:27:26.2 - NTFSx86 NETWORK
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1035.18.356 [GMT 3:00]
Sijainti: C:\Documents and Settings\-\Työpöytä\ComboFix.exe

VAROITUS - PALAUTUSKONSOLIA EI OLE ASENNETTU !!
.

(((((((((((((((((((((((((((((((((((((( Muut poistot ))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Käynnistä-valikko\Live Safety Center.lnk
C:\WINDOWS\smdat32m.sys
C:\WINDOWS\system32\a.exe
C:\WINDOWS\system32\aalhrdts.ini
C:\WINDOWS\system32\akamdmtl.ini
C:\WINDOWS\system32\axdxsvle.ini
C:\WINDOWS\system32\BcMpAJlm.ini
C:\WINDOWS\system32\BcMpAJlm.ini2
C:\WINDOWS\system32\bpochfrl.ini
C:\WINDOWS\system32\bxbgvsgf.ini
C:\WINDOWS\system32\cetaqegk.ini
C:\WINDOWS\system32\cvsdarbv.ini
C:\WINDOWS\system32\dbnosrks.ini
C:\WINDOWS\system32\eleabvca.ini
C:\WINDOWS\system32\elxdggxb.ini
C:\WINDOWS\system32\fkndrkud.ini
C:\WINDOWS\system32\fpidxqrd.ini
C:\WINDOWS\system32\fwjvxudt.ini
C:\WINDOWS\system32\gmlgogat.ini
C:\WINDOWS\system32\gsdmgrgs.ini
C:\WINDOWS\system32\gthuyelb.ini
C:\WINDOWS\system32\gvjlgnvi.ini
C:\WINDOWS\system32\hfewalex.ini
C:\WINDOWS\system32\hogxbecd.ini
C:\WINDOWS\system32\hpqlgfvw.ini
C:\WINDOWS\system32\idxlrvpi.ini
C:\WINDOWS\system32\ilrkllqu.ini
C:\WINDOWS\system32\itypccqp.ini
C:\WINDOWS\system32\jexjplty.ini
C:\WINDOWS\system32\lbaxsttr.ini
C:\WINDOWS\system32\lccwjhqv.ini
C:\WINDOWS\system32\ldndmxio.ini
C:\WINDOWS\system32\lgtiohea.ini
C:\WINDOWS\system32\lmujxtrj.ini
C:\WINDOWS\system32\lpldmjrg.ini
C:\WINDOWS\system32\mclacisd.ini
C:\WINDOWS\system32\mfbnwprl.ini
C:\WINDOWS\system32\mfeimnqx.ini
C:\WINDOWS\system32\mjofaleu.ini
C:\WINDOWS\system32\MSrtttwa.ini
C:\WINDOWS\system32\MSrtttwa.ini2
C:\WINDOWS\system32\MUvFPXyb.ini
C:\WINDOWS\system32\MUvFPXyb.ini2
C:\WINDOWS\system32\nqmnwnuo.ini
C:\WINDOWS\system32\nvynwbwq.ini
C:\WINDOWS\system32\ofsxdjcj.ini
C:\WINDOWS\system32\osajlerk.ini
C:\WINDOWS\system32\paxbubyw.ini
C:\WINDOWS\system32\poioowoi.ini
C:\WINDOWS\system32\prayiuaw.ini
C:\WINDOWS\system32\puuttwdq.ini
C:\WINDOWS\system32\qjmucfmw.ini
C:\WINDOWS\system32\qlyqegca.ini
C:\WINDOWS\system32\qyrilngp.ini
C:\WINDOWS\system32\rpjhhpji.ini
C:\WINDOWS\system32\rqyxpfsk.ini
C:\WINDOWS\system32\tafqcbud.ini
C:\WINDOWS\system32\tohsufwo.ini
C:\WINDOWS\system32\unhqqsch.ini
C:\WINDOWS\system32\uqnkfwad.ini
C:\WINDOWS\system32\wcndnwuf.ini
C:\WINDOWS\system32\vkipmuyx.ini
C:\WINDOWS\system32\vnuwbnat.ini
C:\WINDOWS\system32\wqikkqge.ini
C:\WINDOWS\system32\xisbifad.ini
C:\WINDOWS\system32\xiwqbhjq.ini
C:\WINDOWS\system32\xlirgfgd.ini
C:\WINDOWS\system32\xrhjwuar.ini
C:\WINDOWS\system32\xtcxiaeg.ini
C:\WINDOWS\system32\yukxiuea.ini
C:\WINDOWS\system32\yxowykse.ini

.
((((((((((((((((((((((((((((((((((((((( Ajurit/Palvelut )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_TDSSSERV
-------\Service_TDSSserv


((((( Tiedostot, jotka on luotu seuraavalla aikav„lill„: 2008-08-15 to 2008-09-15 )))))))))))))))))
.

2008-09-14 22:35 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-09-14 19:26 . 2008-09-14 19:26 <KANSIO> d-------- C:\Program Files\Trend Micro
2008-09-09 19:39 . 2008-09-09 19:39 <KANSIO> d-------- C:\kombofix

.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-15 15:25 --------- d-----w C:\Program Files\NetBattle
2008-09-15 13:38 --------- d-----w C:\Documents and Settings\-\Application Data\skypePM
2008-09-15 13:38 --------- d-----w C:\Documents and Settings\-\Application Data\Skype
2008-09-14 19:35 --------- d-----w C:\Program Files\Malwarebytes' Anti-Malware
2008-09-14 13:53 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-09-09 21:03 17,200 ----a-w C:\WINDOWS\system32\drivers\mbam.sys
2008-09-04 18:47 --------- d-----w C:\Program Files\LucasArts
2008-08-27 15:53 --------- d-----w C:\Documents and Settings\-\Application Data\uTorrent
2008-08-04 22:07 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-07-30 14:42 23,888 ----a-w C:\WINDOWS\system32\drivers\COH_Mon.sys
2008-07-30 14:28 706 -c--a-w C:\WINDOWS\system32\drivers\COH_Mon.inf
2008-07-30 14:28 10,537 ----a-w C:\WINDOWS\system32\drivers\COH_Mon.cat
2008-07-21 15:55 --------- d-----w C:\Program Files\DC++
2008-07-20 11:26 --------- d-----w C:\Program Files\uTorrent
2008-07-20 11:11 --------- d-----w C:\Program Files\CDex_150
2008-07-19 00:11 25,160 ----a-w C:\Documents and Settings\Timo\Application Data\GDIPFONTCACHEV1.DAT
2007-08-13 12:54 218 -c--a-w C:\Documents and Settings\Timo\fet_settings.dat
.

((((((((((((((((((((((((((((( snapshot@2007-12-01_ 0.19.35.35 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-02-26 11:49:28 297,984 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\SP2QFE\msctf.dll
+ 2007-03-06 01:31:09 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\spmsg.dll
+ 2007-03-06 01:31:14 214,752 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\spuninst.exe
+ 2007-03-06 01:31:07 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\update\spcustom.dll
+ 2007-03-06 01:31:32 717,536 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\update\update.exe
+ 2007-03-06 01:32:23 380,640 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\update\updspapi.dll
+ 2007-07-06 09:52:38 72,960 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqac.sys
+ 2007-07-06 13:10:03 138,240 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqad.dll
+ 2007-07-06 13:10:03 47,104 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqdscli.dll
+ 2007-07-06 13:10:03 16,896 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqise.dll
+ 2007-07-06 13:10:03 660,992 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqqm.dll
+ 2007-07-06 13:10:03 177,152 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqrt.dll
+ 2007-07-06 13:10:03 95,744 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqsec.dll
+ 2007-07-06 13:10:03 48,640 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqupgrd.dll
+ 2007-07-06 13:10:03 472,576 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqutil.dll
+ 2005-10-12 23:14:33 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB937894\spmsg.dll
+ 2005-10-12 23:14:57 214,752 ----a-w C:\WINDOWS\$hf_mig$\KB937894\spuninst.exe
+ 2005-10-12 23:14:33 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB937894\update\spcustom.dll
+ 2005-10-12 23:15:01 717,536 ----a-w C:\WINDOWS\$hf_mig$\KB937894\update\update.exe
+ 2005-10-12 23:15:07 380,640 ----a-w C:\WINDOWS\$hf_mig$\KB937894\update\updspapi.dll
+ 2007-10-29 22:37:01 1,288,192 ----a-w C:\WINDOWS\$hf_mig$\KB941568\SP2QFE\quartz.dll
+ 2007-03-06 01:31:09 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB941568\spmsg.dll
+ 2007-03-06 01:31:14 214,752 ----a-w C:\WINDOWS\$hf_mig$\KB941568\spuninst.exe
+ 2007-03-06 01:31:07 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB941568\update\spcustom.dll
+ 2007-03-06 01:31:32 717,536 ----a-w C:\WINDOWS\$hf_mig$\KB941568\update\update.exe
+ 2007-03-06 01:32:23 380,640 ----a-w C:\WINDOWS\$hf_mig$\KB941568\update\updspapi.dll
+ 2007-10-30 16:53:32 360,832 ----a-w C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
+ 2007-03-06 01:31:09 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB941644\spmsg.dll
+ 2007-03-06 01:31:14 214,752 ----a-w C:\WINDOWS\$hf_mig$\KB941644\spuninst.exe
+ 2007-03-06 01:31:07 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB941644\update\spcustom.dll
+ 2007-03-06 01:31:32 717,536 ----a-w C:\WINDOWS\$hf_mig$\KB941644\update\update.exe
+ 2007-03-06 01:32:23 380,640 ----a-w C:\WINDOWS\$hf_mig$\KB941644\update\updspapi.dll
+ 2008-03-20 07:57:37 1,846,144 ----a-w C:\WINDOWS\$hf_mig$\KB941693\SP2QFE\win32k.sys
+ 2007-03-06 01:31:09 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB941693\spmsg.dll
+ 2007-03-06 01:31:14 214,752 ----a-w C:\WINDOWS\$hf_mig$\KB941693\spuninst.exe
+ 2007-03-06 01:31:07 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB941693\update\spcustom.dll
+ 2007-03-06 01:31:32 717,536 ----a-w C:\WINDOWS\$hf_mig$\KB941693\update\update.exe
+ 2007-03-06 01:32:23 380,640 ----a-w C:\WINDOWS\$hf_mig$\KB941693\update\updspapi.dll
+ 2007-10-10 23:23:10 124,928 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\advpack.dll
+ 2007-10-10 23:23:10 214,528 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\dxtrans.dll
+ 2007-10-10 23:23:10 132,608 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\extmgr.dll
+ 2007-10-10 23:23:10 63,488 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\icardie.dll
+ 2007-10-10 08:16:47 70,656 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ie4uinit.exe
+ 2007-10-10 23:23:10 153,088 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieakeng.dll
+ 2007-10-10 23:23:10 230,400 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieaksie.dll
+ 2007-10-10 05:47:20 161,792 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieapfltr.dat
+ 2007-10-10 23:23:11 383,488 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieapfltr.dll
+ 2007-10-10 23:23:11 388,096 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\iedkcs32.dll
+ 2007-10-10 23:23:14 6,067,200 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieframe.dll
+ 2007-10-10 23:23:14 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\iernonce.dll
+ 2007-10-10 23:23:15 267,776 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\iertutil.dll
+ 2007-10-10 08:16:47 13,824 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieudinit.exe
+ 2007-10-10 08:16:56 625,664 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\iexplore.exe
+ 2007-10-10 23:23:16 27,648 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\jsproxy.dll
+ 2007-10-10 23:23:16 459,264 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\msfeeds.dll
+ 2007-10-10 23:23:16 52,224 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\msfeedsbs.dll
+ 2007-10-30 23:41:43 3,593,216 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\mshtml.dll
+ 2007-10-10 23:23:20 478,208 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\mshtmled.dll
+ 2007-10-10 23:23:20 193,024 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\msrating.dll
+ 2007-10-10 23:23:21 671,232 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\mstime.dll
+ 2007-10-10 23:23:21 102,912 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\occache.dll
+ 2007-10-10 23:23:21 105,984 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\url.dll
+ 2007-10-10 23:23:22 1,162,240 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\urlmon.dll
+ 2007-10-10 23:23:22 233,472 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\webcheck.dll
+ 2007-10-10 23:23:23 825,344 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:31:09 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\spmsg.dll
+ 2007-03-06 01:31:14 214,752 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\spuninst.exe
+ 2007-03-06 01:31:07 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\update\spcustom.dll
+ 2007-03-06 01:31:32 717,536 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\update\update.exe
+ 2007-03-06 01:32:23 380,640 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\update\updspapi.dll
+ 2007-11-13 11:02:46 60,416 ----a-w C:\WINDOWS\$hf_mig$\KB942763\SP2QFE\tzchange.exe
+ 2007-03-06 01:31:09 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB942763\spmsg.dll
+ 2007-03-06 01:31:14 214,752 ----a-w C:\WINDOWS\$hf_mig$\KB942763\spuninst.exe
+ 2007-03-06 01:31:07 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\spcustom.dll
+ 2007-03-06 01:31:32 717,536 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\update.exe
+ 2007-03-06 01:32:23 380,640 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\updspapi.dll
+ 2007-12-04 18:30:19 551,936 ----a-w C:\WINDOWS\$hf_mig$\KB943055\SP2QFE\oleaut32.dll
+ 2007-03-06 01:31:09 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB943055\spmsg.dll
+ 2007-03-06 01:31:14 214,752 ----a-w C:\WINDOWS\$hf_mig$\KB943055\spuninst.exe
+ 2007-03-06 01:31:07 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB943055\update\spcustom.dll
+ 2007-03-06 01:31:32 717,536 ----a-w C:\WINDOWS\$hf_mig$\KB943055\update\update.exe
+ 2007-03-06 01:32:23 380,640 ----a-w C:\WINDOWS\$hf_mig$\KB943055\update\updspapi.dll
+ 2007-11-07 09:50:27 727,552 ----a-w C:\WINDOWS\$hf_mig$\KB943485\SP2QFE\lsasrv.dll
+ 2007-03-06 01:31:09 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB943485\spmsg.dll
+ 2007-03-06 01:31:14 214,752 ----a-w C:\WINDOWS\$hf_mig$\KB943485\spuninst.exe
+ 2007-03-06 01:31:07 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB943485\update\spcustom.dll
+ 2007-03-06 01:31:32 717,536 ----a-w C:\WINDOWS\$hf_mig$\KB943485\update\update.exe
+ 2007-03-06 01:32:23 380,640 ----a-w C:\WINDOWS\$hf_mig$\KB943485\update\updspapi.dll
+ 2007-12-07 01:42:47 124,928 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\advpack.dll
+ 2007-12-19 22:20:54 347,136 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\dxtmsft.dll
+ 2007-12-07 01:42:47 214,528 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\dxtrans.dll
+ 2007-12-07 01:42:48 133,120 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\extmgr.dll
+ 2007-12-07 01:42:48 63,488 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\icardie.dll
+ 2007-12-06 08:34:28 70,656 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ie4uinit.exe
+ 2007-12-07 01:42:48 153,088 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieakeng.dll
+ 2007-12-07 01:42:48 230,400 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieaksie.dll
+ 2007-12-06 05:00:02 161,792 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieapfltr.dat
+ 2007-12-07 01:42:48 383,488 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieapfltr.dll
+ 2007-12-07 01:42:49 388,096 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iedkcs32.dll
+ 2007-12-07 01:42:52 6,067,200 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieframe.dll
+ 2007-12-07 01:42:52 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iernonce.dll
+ 2007-12-07 01:42:52 267,776 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iertutil.dll
+ 2007-12-06 08:34:29 13,824 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieudinit.exe
+ 2007-12-06 08:34:45 625,664 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iexplore.exe
+ 2007-12-07 01:42:53 27,648 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\jsproxy.dll
+ 2007-12-07 01:42:53 459,264 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\msfeeds.dll
+ 2007-12-07 01:42:53 52,224 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\msfeedsbs.dll
+ 2007-12-07 01:42:56 3,593,216 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\mshtml.dll
+ 2007-12-07 01:42:56 478,208 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\mshtmled.dll
+ 2007-12-07 01:42:56 193,024 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\msrating.dll
+ 2007-12-07 01:42:57 671,232 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\mstime.dll
+ 2007-12-07 01:42:57 102,912 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\occache.dll
+ 2008-01-11 05:54:57 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\pngfilt.dll
+ 2007-12-07 01:42:57 105,984 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\url.dll
+ 2007-12-07 01:42:58 1,162,752 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\urlmon.dll
+ 2007-12-07 01:42:58 233,472 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\webcheck.dll
+ 2007-12-07 01:42:59 825,344 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:31:09 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\spmsg.dll
+ 2007-03-06 01:31:14 214,752 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\spuninst.exe
+ 2007-03-06 01:31:07 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\update\spcustom.dll
+ 2007-03-06 01:31:32 717,536 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\update\update.exe
+ 2007-03-06 01:32:23 380,640 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\update\updspapi.dll
+ 2007-11-13 08:47:45 20,480 ----a-w C:\WINDOWS\$hf_mig$\KB944653\SP2QFE\secdrv.sys
+ 2007-03-06 01:31:09 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB944653\spmsg.dll
+ 2007-03-06 01:31:14 214,752 ----a-w C:\WINDOWS\$hf_mig$\KB944653\spuninst.exe
+ 2007-03-06 01:31:07 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB944653\update\spcustom.dll
+ 2007-03-06 01:31:32 717,536 ----a-w C:\WINDOWS\$hf_mig$\KB944653\update\update.exe
+ 2007-03-06 01:32:23 380,640 ----a-w C:\WINDOWS\$hf_mig$\KB944653\update\updspapi.dll
+ 2008-02-20 05:20:39 147,968 ----a-w C:\WINDOWS\$hf_mig$\KB945553\SP2QFE\dnsapi.dll
+ 2008-02-20 18:50:40 45,568 ----a-w C:\WINDOWS\$hf_mig$\KB945553\SP2QFE\dnsrslvr.dll
+ 2007-03-06 01:31:09 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB945553\spmsg.dll
+ 2007-03-06 01:31:14 214,752 ----a-w C:\WINDOWS\$hf_mig$\KB945553\spuninst.exe
+ 2007-03-06 01:31:07 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB945553\update\spcustom.dll
+ 2007-03-06 01:31:32 717,536 ----a-w C:\WINDOWS\$hf_mig$\KB945553\update\update.exe
+ 2007-03-06 01:32:23 380,640 ----a-w C:\WINDOWS\$hf_mig$\KB945553\update\updspapi.dll
+ 2007-12-18 09:38:59 179,712 ----a-w C:\WINDOWS\$hf_mig$\KB946026\SP2QFE\mrxdav.sys
+ 2007-03-06 01:31:09 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB946026\spmsg.dll
+ 2007-03-06 01:31:14 214,752 ----a-w C:\WINDOWS\$hf_mig$\KB946026\spuninst.exe
+ 2007-03-06 01:31:07 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB946026\update\spcustom.dll
+ 2007-03-06 01:31:32 717,536 ----a-w C:\WINDOWS\$hf_mig$\KB946026\update\update.exe
+ 2007-03-06 01:32:23 380,640 ----a-w C:\WINDOWS\$hf_mig$\KB946026\update\updspapi.dll
+ 2008-03-01 12:35:06 124,928 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\advpack.dll
+ 2008-03-01 12:35:06 347,136 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\dxtmsft.dll
+ 2008-03-01 12:35:06 214,528 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\dxtrans.dll
+ 2008-03-01 12:35:07 132,608 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\extmgr.dll
+ 2008-03-01 12:35:07 63,488 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\icardie.dll
+ 2008-02-22 09:39:56 70,656 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ie4uinit.exe
+ 2008-03-01 12:35:07 153,088 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieakeng.dll
+ 2008-03-01 12:35:07 230,400 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieaksie.dll
+ 2008-02-15 05:44:25 161,792 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieapfltr.dat
+ 2008-03-01 12:35:07 383,488 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieapfltr.dll
+ 2008-03-01 12:35:07 388,608 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iedkcs32.dll
+ 2008-03-01 12:35:09 6,067,712 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieframe.dll
+ 2008-03-01 12:35:09 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iernonce.dll
+ 2008-03-01 12:35:09 267,776 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iertutil.dll
+ 2008-02-22 09:39:56 13,824 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieudinit.exe
+ 2008-02-22 09:40:22 625,664 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iexplore.exe
+ 2008-03-01 12:35:09 27,648 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\jsproxy.dll
+ 2008-03-01 12:35:09 459,264 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\msfeeds.dll
+ 2008-03-01 12:35:09 52,224 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\msfeedsbs.dll
+ 2008-03-01 12:35:11 3,593,216 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\mshtml.dll
+ 2008-03-01 12:35:11 478,208 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\mshtmled.dll
+ 2008-03-01 12:35:11 193,024 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\msrating.dll
+ 2008-03-01 12:35:11 671,232 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\mstime.dll
+ 2008-03-01 12:35:11 102,912 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\occache.dll
+ 2008-03-01 12:35:12 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\pngfilt.dll
+ 2008-03-01 12:35:12 105,984 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\url.dll
+ 2008-03-01 12:35:12 1,162,752 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\urlmon.dll
+ 2008-03-01 12:35:12 233,472 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\webcheck.dll
+ 2008-03-01 12:35:13 827,392 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:31:09 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\spmsg.dll
+ 2007-03-06 01:31:14 214,752 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\spuninst.exe
+ 2007-03-06 01:31:07 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\update\spcustom.dll
+ 2007-03-06 01:31:32 717,536 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\update\update.exe
+ 2007-03-06 01:32:23 380,640 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\update\updspapi.dll
+ 2008-02-20 06:53:09 282,624 ----a-w C:\WINDOWS\$hf_mig$\KB948590\SP2QFE\gdi32.dll
+ 2007-03-06 01:31:09 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB948590\spmsg.dll
+ 2007-03-06 01:31:14 214,752 ----a-w C:\WINDOWS\$hf_mig$\KB948590\spuninst.exe
+ 2007-03-06 01:31:07 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB948590\update\spcustom.dll
+ 2007-03-06 01:31:32 717,536 ----a-w C:\WINDOWS\$hf_mig$\KB948590\update\update.exe
+ 2007-03-06 01:32:23 380,640 ----a-w C:\WINDOWS\$hf_mig$\KB948590\update\updspapi.dll
+ 2007-03-06 01:31:09 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB948881\spmsg.dll
+ 2007-03-06 01:31:14 214,752 ----a-w C:\WINDOWS\$hf_mig$\KB948881\spuninst.exe
+ 2007-03-06 01:31:07 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB948881\update\spcustom.dll
+ 2007-03-06 01:31:32 717,536 ----a-w C:\WINDOWS\$hf_mig$\KB948881\update\update.exe
+ 2007-03-06 01:32:23 380,640 ----a-w C:\WINDOWS\$hf_mig$\KB948881\update\updspapi.dll
+ 2008-01-23 04:56:21 554,008 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\dao360.dll
+ 2007-12-10 12:41:11 518,944 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msexch40.dll
+ 2007-12-10 12:41:11 326,432 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msexcl40.dll
+ 2007-12-10 12:41:11 1,516,568 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjet40.dll
+ 2007-12-10 12:41:11 355,112 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjetol1.dll
+ 2007-11-01 05:15:23 166,688 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjint40.dll
+ 2007-12-10 12:41:12 60,192 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjter40.dll
+ 2007-12-10 12:41:12 248,608 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjtes40.dll
+ 2007-12-10 12:41:12 219,936 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msltus40.dll
+ 2007-12-10 12:41:12 355,104 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mspbde40.dll
+ 2007-12-10 12:41:13 432,928 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msrd2x40.dll
+ 2007-12-10 12:41:13 322,336 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msrd3x40.dll
+ 2007-12-10 12:41:13 559,904 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msrepl40.dll
+ 2007-12-10 12:41:13 264,992 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mstext40.dll
+ 2007-12-10 12:41:13 838,432 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mswdat10.dll
+ 2007-11-01 05:15:24 621,344 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mswstr10.dll
+ 2007-12-10 12:41:14 355,104 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msxbde40.dll
+ 2007-03-06 01:31:09 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB950749\spmsg.dll
+ 2007-03-06 01:31:14 214,752 ----a-w C:\WINDOWS\$hf_mig$\KB950749\spuninst.exe
+ 2007-03-06 01:31:07 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB950749\update\spcustom.dll
+ 2007-03-06 01:31:32 717,536 ----a-w C:\WINDOWS\$hf_mig$\KB950749\update\update.exe
+ 2007-03-06 01:32:23 380,640 ----a-w C:\WINDOWS\$hf_mig$\KB950749\update\updspapi.dll
+ 2005-07-10 09:07:44 2,560 ----a-w C:\WINDOWS\_MSRSTRT.EXE
+ 2005-10-20 17:02:28 163,328 ----a-w C:\WINDOWS\erdnt\Hiv-backup\ERDNT.EXE
- 2007-03-13 08:57:10 163,328 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE
+ 2005-10-20 17:02:28 163,328 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE
+ 2008-06-09 11:23:22 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE
+ 2008-06-10 20:39:36 8,122,368 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\00000001\NTUSER.DAT
+ 2008-06-10 20:39:36 204,800 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\00000002\UsrClass.dat
+ 2008-06-09 11:23:22 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.EXE
+ 2008-06-10 20:39:23 8,122,368 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000001\NTUSER.DAT
+ 2008-06-10 20:39:23 204,800 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000002\UsrClass.dat
+ 2000-08-31 05:00:00 89,504 ----a-w C:\WINDOWS\fdsv.exe
+ 2000-08-31 05:00:00 80,412 ----a-w C:\WINDOWS\grep.exe
+ 2007-08-20 09:58:57 124,928 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\advpack.dll
+ 2007-08-20 09:58:57 214,528 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\dxtrans.dll
+ 2007-08-20 09:58:57 132,608 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\extmgr.dll
+ 2007-08-20 09:58:57 63,488 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\icardie.dll
+ 2007-08-17 10:21:33 63,488 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ie4uinit.exe
+ 2007-08-20 09:58:57 153,088 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieakeng.dll
+ 2007-08-20 09:58:57 230,400 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieaksie.dll
+ 2007-08-17 07:34:25 161,792 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieakui.dll
+ 2007-08-20 09:58:57 383,488 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieapfltr.dll
+ 2007-08-20 09:58:57 384,512 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iedkcs32.dll
+ 2007-08-20 09:58:58 6,058,496 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieframe.dll
+ 2007-08-20 09:58:58 44,544 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iernonce.dll
+ 2007-08-20 09:58:58 267,776 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iertutil.dll
+ 2007-08-17 10:21:33 13,824 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieudinit.exe
+ 2007-08-17 10:21:52 625,152 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iexplore.exe
+ 2007-08-20 09:58:59 27,648 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\jsproxy.dll
+ 2007-08-20 09:58:59 459,264 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msfeeds.dll
+ 2007-08-20 09:58:59 52,224 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msfeedsbs.dll
+ 2007-08-20 09:58:59 3,584,512 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mshtml.dll
+ 2007-08-20 09:58:59 477,696 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mshtmled.dll
+ 2007-08-20 09:59:00 193,024 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msrating.dll
+ 2007-08-20 09:59:00 671,232 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mstime.dll
+ 2007-08-20 09:59:00 102,400 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\occache.dll
+ 2007-03-06 01:31:14 214,752 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:32:23 380,640 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\updspapi.dll
+ 2007-08-20 09:59:00 105,984 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\url.dll
+ 2007-08-20 09:59:00 1,152,000 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\urlmon.dll
+ 2007-08-20 09:59:00 232,960 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\webcheck.dll
+ 2007-08-20 09:59:00 824,832 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\wininet.dll
+ 2007-10-10 23:52:54 124,928 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\advpack.dll
+ 2006-10-17 09:58:06 346,624 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\dxtmsft.dll
+ 2007-10-10 23:52:54 214,528 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\dxtrans.dll
+ 2007-10-10 23:52:54 132,608 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\extmgr.dll
+ 2007-10-10 23:52:54 63,488 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\icardie.dll
+ 2007-10-10 11:00:07 70,656 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ie4uinit.exe
+ 2007-10-10 23:52:54 153,088 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieakeng.dll
+ 2007-10-10 23:52:54 230,400 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieaksie.dll
+ 2007-10-10 05:46:55 161,792 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieakui.dll
+ 2007-10-10 23:52:54 383,488 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieapfltr.dll
+ 2007-10-10 23:52:54 384,512 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\iedkcs32.dll
+ 2007-10-10 23:52:56 6,065,664 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieframe.dll
+ 2007-10-10 23:52:56 44,544 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\iernonce.dll
+ 2007-10-10 23:52:56 267,776 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\iertutil.dll
+ 2007-10-10 10:59:40 13,824 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieudinit.exe
+ 2007-10-10 11:00:20 625,152 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\iexplore.exe
+ 2007-10-10 23:52:57 27,648 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\jsproxy.dll
+ 2007-10-10 23:52:57 459,264 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\msfeeds.dll
+ 2007-10-10 23:52:57 52,224 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\msfeedsbs.dll
+ 2007-10-30 23:26:00 3,590,656 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\mshtml.dll
+ 2007-10-10 23:52:58 478,208 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\mshtmled.dll
+ 2007-10-10 23:52:58 193,024 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\msrating.dll
+ 2007-10-10 23:52:58 671,232 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\mstime.dll
+ 2007-10-10 23:52:58 102,400 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\occache.dll
+ 2006-10-17 09:58:08 44,544 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\pngfilt.dll
+ 2007-03-06 01:31:14 214,752 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:32:23 380,640 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\updspapi.dll
+ 2007-10-10 23:52:58 105,984 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\url.dll
+ 2007-10-10 23:52:58 1,159,680 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\urlmon.dll
+ 2007-10-10 23:52:58 232,960 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\webcheck.dll
+ 2007-10-10 23:52:58 824,832 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\wininet.dll
+ 2007-12-07 02:13:59 124,928 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\advpack.dll
+ 2007-12-19 22:57:10 347,136 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\dxtmsft.dll
+ 2007-12-07 02:13:59 214,528 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\dxtrans.dll
+ 2007-12-07 02:13:59 133,120 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\extmgr.dll
+ 2007-12-07 02:13:59 63,488 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\icardie.dll
+ 2007-12-06 11:02:02 70,656 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ie4uinit.exe
+ 2007-12-07 02:13:59 153,088 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieakeng.dll
+ 2007-12-07 02:13:59 230,400 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieaksie.dll
+ 2007-12-06 04:59:51 161,792 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieakui.dll
+ 2007-12-07 02:13:59 383,488 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieapfltr.dll
+ 2007-12-07 02:13:59 384,512 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iedkcs32.dll
+ 2007-12-07 02:14:00 6,066,176 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieframe.dll
+ 2007-12-07 02:14:00 44,544 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iernonce.dll
+ 2007-12-07 02:14:00 267,776 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iertutil.dll
+ 2007-12-06 11:00:58 13,824 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieudinit.exe
+ 2007-12-06 11:02:25 625,664 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iexplore.exe
+ 2007-12-07 02:14:00 27,648 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\jsproxy.dll
+ 2007-12-07 02:14:00 459,264 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\msfeeds.dll
+ 2007-12-07 02:14:00 52,224 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\msfeedsbs.dll
+ 2007-12-08 05:14:02 3,592,192 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\mshtml.dll
+ 2007-12-07 02:14:01 478,208 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\mshtmled.dll
+ 2007-12-07 02:14:01 193,024 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\msrating.dll
+ 2007-12-07 02:14:01 671,232 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\mstime.dll
+ 2007-12-07 02:14:01 102,912 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\occache.dll
+ 2008-01-11 05:37:33 44,544 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\pngfilt.dll
+ 2007-03-06 01:31:14 214,752 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:32:23 380,640 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\updspapi.dll
+ 2007-12-07 02:14:01 105,984 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\url.dll
+ 2007-12-07 02:14:01 1,159,680 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\urlmon.dll
+ 2007-12-07 02:14:01 233,472 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\webcheck.dll
+ 2007-12-07 02:14:01 824,832 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\wininet.dll
+ 2008-05-30 15:37:42 102,400 ----a-r C:\WINDOWS\Installer\{80FD852F-5AAC-4129-B931-06AAFFA43138}\iTunesIco.exe
- 2007-10-10 20:49:48 167,936 ----a-r C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\accicons.exe
+ 2008-05-14 21:18:14 167,936 ----a-r C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\accicons.exe
+ 2008-05-14 21:18:14 2,560 ----a-r C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\cagicon.exe
- 2007-10-10 20:49:48 81,920 ----a-r C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\fpicon.exe
+ 2008-05-14 21:18:14 81,920 ----a-r C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\fpicon.exe
- 2007-10-10 20:49:47 34,304 ----a-r C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\misc.exe
+ 2008-05-14 21:18:14 34,304 ----a-r C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\misc.exe
- 2007-10-10 20:49:48 8,192 ----a-r C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\mspicons.exe
+ 2008-05-14 21:18:14 8,192 ----a-r C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\mspicons.exe
- 2007-10-10 20:49:48 3,584 ----a-r C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\opwicon.exe
+ 2008-05-14 21:18:15 3,584 ----a-r C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\opwicon.exe
- 2007-10-10 20:49:49 114,688 ----a-r C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\outicon.exe
+ 2008-05-14 21:18:15 114,688 ----a-r C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\outicon.exe
- 2007-10-10 20:49:47 16,384 ----a-r C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\PEicons.exe
+ 2008-05-14 21:18:14 16,384 ----a-r C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\PEicons.exe
- 2007-10-10 20:49:48 30,720 ----a-r C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\pptico.exe
+ 2008-05-14 21:18:14 30,720 ----a-r C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\pptico.exe
- 2007-10-10 20:49:49 22,528 ----a-r C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\unbndico.exe
+ 2008-05-14 21:18:15 22,528 ----a-r C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\unbndico.exe
- 2007-10-10 20:49:47 45,056 ----a-r C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\wordicon.exe
+ 2008-05-14 21:18:14 45,056 ----a-r C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\wordicon.exe
- 2007-10-10 20:49:47 90,112 ----a-r C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\xlicons.exe
+ 2008-05-14 21:18:13 90,112 ----a-r C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\xlicons.exe
- 2007-08-15 19:42:35 135,168 ----a-r C:\WINDOWS\Installer\{90850409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2008-03-12 22:52:43 135,168 ----a-r C:\WINDOWS\Installer\{90850409-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2007-08-15 19:42:35 40,960 ----a-r C:\WINDOWS\Installer\{90850409-6000-11D3-8CFE-0150048383C9}\wrdvicon.exe
+ 2008-03-12 22:52:43 40,960 ----a-r C:\WINDOWS\Installer\{90850409-6000-11D3-8CFE-0150048383C9}\wrdvicon.exe
- 2007-08-18 00:17:49 135,168 ----a-r C:\WINDOWS\Installer\{9085040B-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2008-03-12 22:52:28 135,168 ----a-r C:\WINDOWS\Installer\{9085040B-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2007-08-18 00:17:50 40,960 ----a-r C:\WINDOWS\Installer\{9085040B-6000-11D3-8CFE-0150048383C9}\wrdvicon.exe
+ 2008-03-12 22:52:28 40,960 ----a-r C:\WINDOWS\Installer\{9085040B-6000-11D3-8CFE-0150048383C9}\wrdvicon.exe
+ 2008-03-07 21:12:11 29,926 ----a-r C:\WINDOWS\Installer\{A9174A72-1B46-445B-B3CF-90ED2C63D83B}\MsblIco.Exe
+ 2008-03-24 17:40:43 25,214 ----a-r C:\WINDOWS\Installer\{AC76BA86-7AD7-1035-7B44-A70000000000}\SC_Reader.exe
+ 2008-02-14 16:11:46 23,558 ----a-r C:\WINDOWS\Installer\{AC76BA86-7AD7-5A76-5A64-7E8A45000001}\ARPPRODUCTICON.exe
+ 2004-10-15 19:52:12 2,678 ----a-w C:\WINDOWS\java\Packages\Data\4NXRZHN5.DAT
+ 2004-10-15 19:52:08 2,678 ----a-w C:\WINDOWS\java\Packages\Data\935R5NNR.DAT
+ 2004-10-15 19:52:08 2,678 ----a-w C:\WINDOWS\java\Packages\Data\LB7BDJHN.DAT
+ 2004-10-15 19:52:07 2,678 ----a-w C:\WINDOWS\java\Packages\Data\N9BLNF3D.DAT
+ 2004-10-15 19:52:08 2,678 ----a-w C:\WINDOWS\java\Packages\Data\XVVJRXB3.DAT
- 2007-06-16 22:11:58 51,200 ----a-w C:\WINDOWS\NirCmd.exe
+ 2000-08-31 05:00:00 28,672 ----a-w C:\WINDOWS\Nircmd.exe
+ 2004-10-15 21:42:44 2,724 ----a-w C:\WINDOWS\PCHealth\HelpCtr\PackageStore\SkuStore.bin
+ 2000-08-31 05:00:00 98,816 ----a-w C:\WINDOWS\sed.exe
+ 2000-08-31 05:00:00 161,792 ----a-w C:\WINDOWS\swreg.exe
+ 2000-08-31 05:00:00 136,704 ----a-w C:\WINDOWS\swsc.exe
+ 2000-08-31 05:00:00 212,480 ----a-w C:\WINDOWS\swxcacls.exe
+ 2001-10-09 12:00:00 2,000 ----a-w C:\WINDOWS\system\KEYBOARD.DRV
+ 2004-09-15 12:00:00 73,456 ----a-w C:\WINDOWS\system\MCIAVI.DRV
+ 2004-09-15 12:00:00 25,264 ----a-w C:\WINDOWS\system\MCISEQ.DRV
+ 2004-09-15 12:00:00 28,160 ----a-w C:\WINDOWS\system\MCIWAVE.DRV
+ 2001-10-09 12:00:00 2,032 ----a-w C:\WINDOWS\system\MOUSE.DRV
+ 2001-10-09 12:00:00 1,744 ----a-w C:\WINDOWS\system\SOUND.DRV
+ 2001-10-09 12:00:00 3,360 ----a-w C:\WINDOWS\system\SYSTEM.DRV
+ 2001-10-09 12:00:00 4,048 ----a-w C:\WINDOWS\system\TIMER.DRV
+ 2001-10-09 12:00:00 13,600 ----a-w C:\WINDOWS\system\WFWNET.DRV
+ 2001-10-09 12:00:00 2,176 ----a-w C:\WINDOWS\system\VGA.DRV
+ 2004-09-14 23:12:09 146,944 ----a-w C:\WINDOWS\system\winspool.drv
- 2007-08-20 09:58:57 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2008-03-01 13:01:50 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
- 2005-01-20 02:55:57 249,856 ----a-w C:\WINDOWS\system32\ati2cqag.dll
+ 2006-05-03 16:09:20 282,624 ----a-w C:\WINDOWS\system32\ati2cqag.dll
- 2005-01-20 03:25:56 223,744 ----a-w C:\WINDOWS\system32\ati2dvag.dll
+ 2006-05-03 16:51:00 258,048 ----a-w C:\WINDOWS\system32\ati2dvag.dll
- 2005-01-20 03:21:11 39,936 ----a-w C:\WINDOWS\system32\ati2edxx.dll
+ 2006-05-03 16:45:06 41,984 ----a-w C:\WINDOWS\system32\ati2edxx.dll
- 2005-01-20 03:21:02 61,440 ----a-w C:\WINDOWS\system32\ati2evxx.dll
+ 2006-05-03 16:44:54 61,440 ----a-w C:\WINDOWS\system32\ati2evxx.dll
- 2005-01-20 03:20:05 344,064 ----a-w C:\WINDOWS\system32\ati2evxx.exe
+ 2006-05-03 16:43:46 413,696 ----a-w C:\WINDOWS\system32\ati2evxx.exe
- 2005-01-20 03:21:17 25,088 ----a-w C:\WINDOWS\system32\Ati2mdxx.exe
+ 2006-05-03 16:45:14 26,112 ----a-w C:\WINDOWS\system32\Ati2mdxx.exe
- 2005-01-19 19:40:00 516,096 ----a-w C:\WINDOWS\system32\ati2sgag.exe
+ 2006-05-03 09:57:00 520,192 ------w C:\WINDOWS\system32\ati2sgag.exe
- 2005-01-20 03:12:15 2,185,440 ----a-w C:\WINDOWS\system32\ati3duag.dll
+ 2006-05-03 16:35:24 2,693,280 ----a-w C:\WINDOWS\system32\ati3duag.dll
- 2005-01-20 03:19:41 53,248 ----a-w C:\WINDOWS\system32\ATIDDC.DLL
+ 2006-05-03 16:43:14 53,248 ----a-w C:\WINDOWS\system32\ATIDDC.DLL
- 2005-01-20 04:54:45 212,992 ----a-w C:\WINDOWS\system32\ATIDEMGR.dll
+ 2006-05-03 16:12:26 286,720 ----a-w C:\WINDOWS\system32\ATIDEMGR.dll
- 2004-12-20 22:48:50 73,845 ----a-w C:\WINDOWS\system32\atiicdxx.dat
+ 2006-04-28 20:05:14 127,614 ----a-w C:\WINDOWS\system32\atiicdxx.dat
- 2005-01-20 05:23:31 299,008 ----a-w C:\WINDOWS\system32\atiiiexx.dll
+ 2006-05-03 16:54:10 307,200 ----a-w C:\WINDOWS\system32\atiiiexx.dll
+ 2006-05-03 16:15:58 151,552 ----a-w C:\WINDOWS\system32\atikvmag.dll
+ 2006-05-03 16:21:20 6,684,672 ----a-w C:\WINDOWS\system32\atioglx1.dll
- 2005-01-20 03:46:48 6,664,192 ----a-w C:\WINDOWS\system32\atioglxx.dll
+ 2006-05-03 16:18:04 5,033,984 ----a-w C:\WINDOWS\system32\atioglxx.dll
- 2005-01-20 03:21:34 94,208 ----a-w C:\WINDOWS\system32\atipdlxx.dll
+ 2006-05-03 16:45:34 114,688 ----a-w C:\WINDOWS\system32\atipdlxx.dll
- 2005-01-20 03:01:27 17,408 ----a-w C:\WINDOWS\system32\atitvo32.dll
+ 2006-05-03 16:15:10 17,408 ----a-w C:\WINDOWS\system32\atitvo32.dll
- 2005-01-20 03:06:29 437,984 ----a-w C:\WINDOWS\system32\ativvaxx.dll
+ 2006-05-03 16:29:12 1,408,000 ----a-w C:\WINDOWS\system32\ativvaxx.dll
+ 2004-09-15 12:00:00 10,544 ----a-w C:\WINDOWS\system32\comm.drv
- 2006-01-27 07:34:44 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
+ 2008-09-14 21:12:49 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
+ 2008-09-14 19:17:45 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\MSIMGSIZ.DAT
- 2006-01-27 07:34:44 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Sivuhistoria\History.IE5\index.dat
+ 2008-09-14 21:12:49 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Sivuhistoria\History.IE5\index.dat
+ 2008-09-14 20:52:57 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Sivuhistoria\History.IE5\MSHist012008091420080915\index.dat
+ 2008-09-14 13:55:56 78,924 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat
+ 2008-09-14 14:05:56 54,999 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\CJCO5CZX\parameters[1].bin
- 2006-01-27 07:34:44 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2008-09-14 21:12:49 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2008-09-14 14:05:56 76,286 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\JRBB273S\filters[1].bin
+ 2004-09-15 12:00:00 1,788 ----a-w C:\WINDOWS\system32\Dcache.bin
- 2007-08-20 09:58:57 124,928 -c--a-w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2008-03-01 13:01:50 124,928 -c--a-w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2006-05-03 16:50:42 1,540,608 -c--a-w C:\WINDOWS\system32\dllcache\ati2mtag.sys
- 2004-09-14 23:11:44 561,179 -c--a-w C:\WINDOWS\system32\dllcache\dao360.dll
+ 2008-03-25 04:50:25 554,008 -c--a-w C:\WINDOWS\system32\dllcache\dao360.dll
- 2006-06-26 17:45:26 148,480 -c--a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
+ 2008-02-20 05:38:03 148,992 -c--a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
- 2004-09-15 12:00:00 45,568 -c--a-w C:\WINDOWS\system32\dllcache\dnsrslvr.dll
+ 2008-02-20 05:38:03 45,568 -c--a-w C:\WINDOWS\system32\dllcache\dnsrslvr.dll
- 2006-10-17 09:58:06 346,624 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
+ 2008-03-01 13:01:50 347,136 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
- 2007-08-20 09:58:57 214,528 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2008-03-01 13:01:50 214,528 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
- 2007-08-20 09:58:57 132,608 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2008-03-01 13:01:50 133,120 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
- 2007-06-19 13:32:41 282,112 -c--a-w C:\WINDOWS\system32\dllcache\gdi32.dll
+ 2008-02-20 06:51:32 282,624 -c--a-w C:\WINDOWS\system32\dllcache\gdi32.dll
- 2007-08-20 09:58:57 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
+ 2008-03-01 13:01:50 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
- 2007-08-17 10:21:33 63,488 -c--a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
+ 2008-02-29 08:55:56 70,656 -c--a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
- 2007-08-20 09:58:57 153,088 -c--a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
+ 2008-03-01 13:01:50 153,088 -c--a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
- 2007-08-20 09:58:57 230,400 -c--a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
+ 2008-03-01 13:01:50 230,400 -c--a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
- 2007-08-17 07:34:25 161,792 -c--a-w C:\WINDOWS\system32\dllcache\ieakui.dll
+ 2008-02-15 05:44:25 161,792 -c--a-w C:\WINDOWS\system32\dllcache\ieakui.dll
- 2007-08-20 09:58:57 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
+ 2008-03-01 13:01:51 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
- 2007-08-20 09:58:57 384,512 -c--a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
+ 2008-03-01 13:01:51 384,512 -c--a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
- 2007-08-20 09:58:58 6,058,496 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
+ 2008-03-01 13:01:51 6,066,176 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
- 2007-08-20 09:58:58 44,544 -c--a-w C:\WINDOWS\system32\dllcache\iernonce.dll
+ 2008-03-01 13:01:51 44,544 -c--a-w C:\WINDOWS\system32\dllcache\iernonce.dll
- 2007-08-20 09:58:58 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
+ 2008-03-01 13:01:51 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
- 2007-08-17 10:21:33 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
+ 2008-02-22 10:00:51 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
- 2007-08-17 10:21:52 625,152 -cs-a-w C:\WINDOWS\system32\dllcache\iexplore.exe
+ 2008-02-29 08:56:25 625,664 -cs-a-w C:\WINDOWS\system32\dllcache\iexplore.exe
- 2007-08-20 09:58:59 27,648 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2008-03-01 13:01:51 27,648 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2004-09-15 12:00:00 2,000 -c--a-w C:\WINDOWS\system32\dllcache\keyboard.drv
- 2006-08-17 12:28:30 722,432 -c--a-w C:\WINDOWS\system32\dllcache\lsasrv.dll
+ 2007-11-07 09:28:45 722,432 -c--a-w C:\WINDOWS\system32\dllcache\lsasrv.dll
+ 2004-09-15 12:00:00 2,560 -c--a-w C:\WINDOWS\system32\dllcache\lz32.dll
+ 2004-09-15 12:00:00 73,456 -c--a-w C:\WINDOWS\system32\dllcache\mciavi.drv
+ 2004-09-15 12:00:00 25,264 -c--a-w C:\WINDOWS\system32\dllcache\mciseq.drv
+ 2004-09-15 12:00:00 28,160 -c--a-w C:\WINDOWS\system32\dllcache\mciwave.drv
+ 2004-09-15 12:00:00 2,032 -c--a-w C:\WINDOWS\system32\dllcache\mouse.drv
- 2004-09-15 12:00:00 72,960 -c--a-w C:\WINDOWS\system32\dllcache\mqac.sys
+ 2007-07-06 10:05:47 72,960 -c--a-w C:\WINDOWS\system32\dllcache\mqac.sys
- 2004-09-15 12:00:00 138,240 -c--a-w C:\WINDOWS\system32\dllcache\mqad.dll
+ 2007-07-06 12:51:36 138,240 -c--a-w C:\WINDOWS\system32\dllcache\mqad.dll
- 2004-09-15 12:00:00 47,104 -c--a-w C:\WINDOWS\system32\dllcache\mqdscli.dll
+ 2007-07-06 12:51:36 47,104 -c--a-w C:\WINDOWS\system32\dllcache\mqdscli.dll
- 2004-09-15 12:00:00 16,896 -c--a-w C:\WINDOWS\system32\dllcache\mqise.dll
+ 2007-07-06 12:51:36 16,896 -c--a-w C:\WINDOWS\system32\dllcache\mqise.dll
- 2004-09-15 12:00:00 660,992 -c--a-w C:\WINDOWS\system32\dllcache\mqqm.dll
+ 2007-07-06 12:51:36 660,992 -c--a-w C:\WINDOWS\system32\dllcache\mqqm.dll
- 2004-09-15 12:00:00 177,152 -c--a-w C:\WINDOWS\system32\dllcache\mqrt.dll
+ 2007-07-06 12:51:36 177,152 -c--a-w C:\WINDOWS\system32\dllcache\mqrt.dll
- 2004-09-15 12:00:00 95,744 -c--a-w C:\WINDOWS\system32\dllcache\mqsec.dll
+ 2007-07-06 12:51:36 95,744 -c--a-w C:\WINDOWS\system32\dllcache\mqsec.dll
- 2004-09-15 12:00:00 48,640 -c--a-w C:\WINDOWS\system32\dllcache\mqupgrd.dll
+ 2007-07-06 12:51:36 48,640 -c--a-w C:\WINDOWS\system32\dllcache\mqupgrd.dll
- 2004-09-15 12:00:00 472,576 -c--a-w C:\WINDOWS\system32\dllcache\mqutil.dll
+ 2007-07-06 12:51:36 472,576 -c--a-w C:\WINDOWS\system32\dllcache\mqutil.dll
- 2004-09-15 12:00:00 181,248 -c--a-w C:\WINDOWS\system32\dllcache\mrxdav.sys
+ 2007-12-18 09:51:35 179,584 -c--a-w C:\WINDOWS\system32\dllcache\mrxdav.sys
- 2004-09-15 12:00:00 294,400 -c--a-w C:\WINDOWS\system32\dllcache\msctf.dll
+ 2008-02-26 12:00:47 294,912 -c--a-w C:\WINDOWS\system32\dllcache\msctf.dll
- 2004-09-15 12:00:00 512,029 -c--a-w C:\WINDOWS\system32\dllcache\msexch40.dll
+ 2008-03-25 04:50:28 518,944 -c--a-w C:\WINDOWS\system32\dllcache\msexch40.dll
- 2004-09-15 12:00:00 319,517 -c--a-w C:\WINDOWS\system32\dllcache\msexcl40.dll
+ 2008-03-25 04:50:30 326,432 -c--a-w C:\WINDOWS\system32\dllcache\msexcl40.dll
- 2007-08-20 09:58:59 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
+ 2008-03-01 13:01:52 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
- 2007-08-20 09:58:59 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
+ 2008-03-01 13:01:52 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
- 2007-08-20 09:58:59 3,584,512 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2008-03-01 15:31:54 3,591,680 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
- 2007-08-20 09:58:59 477,696 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2008-03-01 13:01:53 478,208 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
- 2004-09-15 12:00:00 1,507,356 -c--a-w C:\WINDOWS\system32\dllcache\msjet40.dll
+ 2008-03-25 04:50:34 1,516,568 -c--a-w C:\WINDOWS\system32\dllcache\msjet40.dll
- 2004-09-15 12:00:00 358,976 -c--a-w C:\WINDOWS\system32\dllcache\msjetol1.dll
+ 2008-03-25 04:50:40 355,112 -c--a-w C:\WINDOWS\system32\dllcache\msjetol1.dll
- 2004-09-15 12:00:00 159,775 -c--a-w C:\WINDOWS\system32\dllcache\msjint40.dll
+ 2008-03-25 04:51:05 166,688 -c--a-w C:\WINDOWS\system32\dllcache\msjint40.dll
- 2004-09-15 12:00:00 53,279 -c--a-w C:\WINDOWS\system32\dllcache\msjter40.dll
+ 2008-03-25 04:50:42 60,192 -c--a-w C:\WINDOWS\system32\dllcache\msjter40.dll
- 2004-09-15 12:00:00 241,693 -c--a-w C:\WINDOWS\system32\dllcache\msjtes40.dll
+ 2008-03-25 04:50:42 248,608 -c--a-w C:\WINDOWS\system32\dllcache\msjtes40.dll
- 2004-09-15 12:00:00 213,023 -c--a-w C:\WINDOWS\system32\dllcache\msltus40.dll
+ 2008-03-25 04:50:44 219,936 -c--a-w C:\WINDOWS\system32\dllcache\msltus40.dll
- 2004-09-15 12:00:00 348,189 -c--a-w C:\WINDOWS\system32\dllcache\mspbde40.dll
+ 2008-03-25 04:50:45 355,104 -c--a-w C:\WINDOWS\system32\dllcache\mspbde40.dll
- 2007-08-20 09:59:00 193,024 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2008-03-01 13:01:53 193,024 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
- 2004-09-15 12:00:00 421,919 -c--a-w C:\WINDOWS\system32\dllcache\msrd2x40.dll
+ 2008-03-25 04:50:47 432,928 -c--a-w C:\WINDOWS\system32\dllcache\msrd2x40.dll
- 2004-09-15 12:00:00 315,423 -c--a-w C:\WINDOWS\system32\dllcache\msrd3x40.dll
+ 2008-03-25 04:50:49 322,336 -c--a-w C:\WINDOWS\system32\dllcache\msrd3x40.dll
- 2004-09-15 12:00:00 552,989 -c--a-w C:\WINDOWS\system32\dllcache\msrepl40.dll
+ 2008-03-25 04:50:52 559,904 -c--a-w C:\WINDOWS\system32\dllcache\msrepl40.dll
- 2004-09-15 12:00:00 258,077 -c--a-w C:\WINDOWS\system32\dllcache\mstext40.dll
+ 2008-03-25 04:50:55 264,992 -c--a-w C:\WINDOWS\system32\dllcache\mstext40.dll
- 2007-08-20 09:59:00 671,232 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2008-03-01 13:01:53 671,232 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
- 2004-09-15 12:00:00 831,519 -c--a-w C:\WINDOWS\system32\dllcache\mswdat10.dll
+ 2008-03-25 04:50:57 838,432 -c--a-w C:\WINDOWS\system32\dllcache\mswdat10.dll
- 2004-09-15 12:00:00 614,429 -c--a-w C:\WINDOWS\system32\dllcache\mswstr10.dll
+ 2008-03-25 04:51:06 621,344 -c--a-w C:\WINDOWS\system32\dllcache\mswstr10.dll
- 2004-09-15 12:00:00 348,189 -c--a-w C:\WINDOWS\system32\dllcache\msxbde40.dll
+ 2008-03-25 04:50:58 355,104 -c--a-w C:\WINDOWS\system32\dllcache\msxbde40.dll
+ 2004-09-15 12:00:00 2,944 -c--a-w C:\WINDOWS\system32\dllcache\null.sys
- 2007-08-20 09:59:00 102,400 -c--a-w C:\WINDOWS\system32\dllcache\occache.dll
+ 2008-03-01 13:01:53 102,912 -c--a-w C:\WINDOWS\system32\dllcache\occache.dll
- 2007-05-17 11:30:00 549,376 -c--a-w C:\WINDOWS\system32\dllcache\oleaut32.dll
+ 2007-12-04 18:41:50 550,912 -c--a-w C:\WINDOWS\system32\dllcache\oleaut32.dll
- 2006-10-17 09:58:08 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2008-03-01 13:01:53 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
- 2005-08-30 03:55:43 1,287,680 -c--a-w C:\WINDOWS\system32\dllcache\quartz.dll
+ 2007-10-29 22:43:51 1,288,192 -c--a-w C:\WINDOWS\system32\dllcache\quartz.dll
+ 2004-09-15 12:00:00 1,744 -c--a-w C:\WINDOWS\system32\dllcache\sound.drv
+ 2004-09-15 12:00:00 3,360 -c--a-w C:\WINDOWS\system32\dllcache\system.drv
- 2006-04-20 11:51:50 359,808 -c--a-w C:\WINDOWS\system32\dllcache\tcpip.sys
+ 2007-10-30 17:20:55 360,064 -c--a-w C:\WINDOWS\system32\dllcache\tcpip.sys
+ 2004-09-15 12:00:00 4,048 -c--a-w C:\WINDOWS\system32\dllcache\timer.drv
- 2007-08-20 09:59:00 105,984 -c--a-w C:\WINDOWS\system32\dllcache\url.dll
+ 2008-03-01 13:01:53 105,984 -c--a-w C:\WINDOWS\system32\dllcache\url.dll
- 2007-08-20 09:59:00 1,152,000 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2008-03-01 13:01:53 1,159,680 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
- 2007-08-20 09:59:00 232,960 -c--a-w C:\WINDOWS\system32\dllcache\webcheck.dll
+ 2008-03-01 13:01:53 233,472 -c--a-w C:\WINDOWS\system32\dllcache\webcheck.dll
+ 2004-09-15 12:00:00 13,600 -c--a-w C:\WINDOWS\system32\dllcache\wfwnet.drv
+ 2004-09-15 12:00:00 2,176 -c--a-w C:\WINDOWS\system32\dllcache\vga.drv
- 2007-02-15 16:00:28 236,928 -c----w C:\WINDOWS\system32\dllcache\WgaLogon.dll
+ 2007-04-10 12:00:46 236,928 -c----w C:\WINDOWS\system32\dllcache\WgaLogon.dll
- 2007-02-15 16:01:16 336,768 -c----w C:\WINDOWS\system32\dllcache\WgaTray.exe
+ 2007-04-10 12:01:20 336,768 -c----w C:\WINDOWS\system32\dllcache\WgaTray.exe
- 2007-03-08 15:34:26 1,843,840 -c--a-w C:\WINDOWS\system32\dllcache\win32k.sys
+ 2008-03-20 08:09:41 1,845,504 -c--a-w C:\WINDOWS\system32\dllcache\win32k.sys
- 2007-08-20 09:59:00 824,832 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2008-03-01 13:01:53 826,368 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2004-09-15 12:00:00 2,864 -c--a-w C:\WINDOWS\system32\dllcache\winsock.dll
+ 2004-09-15 12:00:00 146,944 -c--a-w C:\WINDOWS\system32\dllcache\winspool.drv
+ 2004-09-15 12:00:00 2,112 -c--a-w C:\WINDOWS\system32\dllcache\winspool.exe
- 2005-01-28 11:44:28 224,768 -c--a-w C:\WINDOWS\system32\dllcache\wmasf.dll
+ 2007-10-20 04:01:32 227,328 -c--a-w C:\WINDOWS\system32\dllcache\wmasf.dll
+ 2004-09-15 12:00:00 2,736 -c--a-w C:\WINDOWS\system32\dllcache\wowdeb.exe
- 2006-06-26 17:45:26 148,480 ----a-w C:\WINDOWS\system32\dnsapi.dll
+ 2008-02-20 05:38:03 148,992 ----a-w C:\WINDOWS\system32\dnsapi.dll
- 2004-09-15 12:00:00 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
+ 2008-02-20 05:38:03 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
- 2005-01-20 03:01:35 36,864 ----a-w C:\WINDOWS\system32\drivers\ati2erec.dll
+ 2006-05-03 16:10:34 40,960 ----a-w C:\WINDOWS\system32\drivers\ati2erec.dll
- 2005-01-20 03:25:37 965,632 ----a-w C:\WINDOWS\system32\drivers\ati2mtag.sys
+ 2006-05-03 16:50:42 1,540,608 ----a-w C:\WINDOWS\system32\drivers\ati2mtag.sys
+ 2004-09-15 12:00:00 2,944 ----a-w C:\WINDOWS\system32\drivers\drmkaud.sys
- 2004-09-15 12:00:00 72,960 ----a-w C:\WINDOWS\system32\drivers\mqac.sys
+ 2007-07-06 10:05:47 72,960 ----a-w C:\WINDOWS\system32\drivers\mqac.sys
- 2004-09-15 12:00:00 181,248 ----a-w C:\WINDOWS\system32\drivers\mrxdav.sys
+ 2007-12-18 09:51:35 179,584 ----a-w C:\WINDOWS\system32\drivers\mrxdav.sys
+ 2004-09-15 12:00:00 2,944 ----a-w C:\WINDOWS\system32\drivers\null.sys
- 2005-10-24 23:17:40 162,816 ----a-w C:\WINDOWS\system32\drivers\RT25USBAP.SYS
+ 2006-04-10 12:02:18 162,816 ----a-w C:\WINDOWS\system32\drivers\rt25usbap.sys
- 2006-12-27 20:03:39 163,644 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
+ 2007-11-13 10:25:54 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
- 2007-01-12 16:01:42 247,608 ----a-w C:\WINDOWS\system32\drivers\srtsp.sys
+ 2007-11-30 21:57:12 279,088 ----a-w C:\WINDOWS\system32\drivers\srtsp.sys
- 2007-01-12 16:01:42 276,792 ----a-w C:\WINDOWS\system32\drivers\srtspl.sys
+ 2007-11-30 21:57:12 317,616 ----a-w C:\WINDOWS\system32\drivers\srtspl.sys
- 2007-01-12 16:01:42 25,400 ----a-w C:\WINDOWS\system32\drivers\srtspx.sys
+ 2007-11-30 21:57:12 43,696 ----a-w C:\WINDOWS\system32\drivers\srtspx.sys
- 2007-10-23 14:25:44 123,952 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.SYS
+ 2008-06-10 21:47:05 123,952 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.SYS
- 2006-04-20 11:51:50 359,808 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
+ 2007-10-30 17:20:55 360,064 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
+ 2008-02-18 09:16:24 30,464 -c--a-w C:\WINDOWS\system32\DRVSTORE\usbaapl_4351B7DAFF62FD33510D77DFAE3CF8CC82517571\usbaapl.sys
- 2006-10-17 09:58:06 346,624 ----a-w C:\WINDOWS\system32\dxtmsft.dll
+ 2008-03-01 13:01:50 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
- 2007-08-20 09:58:57 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
+ 2008-03-01 13:01:50 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
- 2007-08-20 09:58:57 132,608 ----a-w C:\WINDOWS\system32\extmgr.dll
+ 2008-03-01 13:01:50 133,120 ----a-w C:\WINDOWS\system32\extmgr.dll
- 2007-08-08 09:41:25 131,688 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2008-04-10 12:34:35 130,888 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
- 2007-06-19 13:32:41 282,112 ----a-w C:\WINDOWS\system32\gdi32.dll
+ 2008-02-20 06:51:32 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
- 2007-08-20 09:58:57 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
+ 2008-03-01 13:01:50 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
- 2007-08-17 10:21:33 63,488 ----a-w C:\WINDOWS\system32\ie4uinit.exe
+ 2008-02-29 08:55:56 70,656 ----a-w C:\WINDOWS\system32\ie4uinit.exe
- 2007-08-20 09:58:57 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll
+ 2008-03-01 13:01:50 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll
- 2007-08-20 09:58:57 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll
+ 2008-03-01 13:01:50 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll
- 2007-08-17 07:34:25 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll
+ 2008-02-15 05:44:25 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll
- 2007-08-20 09:58:57 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
+ 2008-03-01 13:01:51 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
- 2007-08-20 09:58:57 384,512 ----a-w C:\WINDOWS\system32\iedkcs32.dll
+ 2008-03-01 13:01:51 384,512 ----a-w C:\WINDOWS\system32\iedkcs32.dll
- 2007-08-20 09:58:58 6,058,496 ----a-w C:\WINDOWS\system32\ieframe.dll
+ 2008-03-01 13:01:51 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
- 2007-08-20 09:58:58 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll
+ 2008-03-01 13:01:51 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll
- 2007-08-20 09:58:58 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
+ 2008-03-01 13:01:51 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
- 2007-08-17 10:21:33 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
+ 2008-02-22 10:00:51 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
- 2007-09-24 19:30:28 135,168 ----a-w C:\WINDOWS\system32\java.exe
+ 2008-02-21 23:23:35 135,168 ----a-w C:\WINDOWS\system32\java.exe
- 2007-09-24 19:30:30 135,168 ----a-w C:\WINDOWS\system32\javaw.exe
+ 2008-02-21 23:23:39 135,168 ----a-w C:\WINDOWS\system32\javaw.exe
- 2007-09-24 20:31:42 139,264 ----a-w C:\WINDOWS\system32\javaws.exe
+ 2008-02-22 00:33:32 139,264 ----a-w C:\WINDOWS\system32\javaws.exe
- 2007-08-20 09:58:59 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2008-03-01 13:01:51 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2004-09-15 12:00:00 2,000 ----a-w C:\WINDOWS\system32\keyboard.drv
+ 2004-09-15 12:00:00 220,640 ----a-w C:\WINDOWS\system32\lanman.drv
- 2007-02-15 16:01:04 1,476,992 ----a-w C:\WINDOWS\system32\LegitCheckControl.dll
+ 2007-04-10 12:02:50 1,476,992 ----a-w C:\WINDOWS\system32\LegitCheckControl.dll
- 2007-04-23 00:15:18 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
+ 2007-11-29 22:30:16 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
- 2006-08-17 12:28:30 722,432 ----a-w C:\WINDOWS\system32\lsasrv.dll
+ 2007-11-07 09:28:45 722,432 ----a-w C:\WINDOWS\system32\lsasrv.dll
+ 2004-09-15 12:00:00 2,560 ----a-w C:\WINDOWS\system32\lz32.dll
- 2007-03-27 23:04:28 2,115,816 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
+ 2007-11-21 00:52:38 2,884,992 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
- 2007-03-27 23:04:32 190,696 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
+ 2007-11-21 00:52:40 218,496 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
- 2007-06-29 13:50:15 44,706 ----a-w C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
+ 2008-02-13 14:21:32 70,264 ----a-w C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
+ 2008-05-14 16:05:53 53,248 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\PostUpdate.exe
+ 2004-09-15 12:00:00 73,456 ----a-w C:\WINDOWS\system32\mciavi.drv
+ 2004-09-15 12:00:00 25,264 ----a-w C:\WINDOWS\system32\mciseq.drv
+ 2004-09-15 12:00:00 28,160 ----a-w C:\WINDOWS\system32\mciwave.drv
+ 2004-09-15 12:00:00 2,032 ----a-w C:\WINDOWS\system32\mouse.drv
- 2004-09-15 12:00:00 138,240 ----a-w C:\WINDOWS\system32\mqad.dll
+ 2007-07-06 12:51:36 138,240 ----a-w C:\WINDOWS\system32\mqad.dll
- 2004-09-15 12:00:00 47,104 ----a-w C:\WINDOWS\system32\mqdscli.dll
+ 2007-07-06 12:51:36 47,104 ----a-w C:\WINDOWS\system32\mqdscli.dll
- 2004-09-15 12:00:00 16,896 ----a-w C:\WINDOWS\system32\mqise.dll
+ 2007-07-06 12:51:36 16,896 ----a-w C:\WINDOWS\system32\mqise.dll
- 2004-09-15 12:00:00 660,992 ----a-w C:\WINDOWS\system32\mqqm.dll
+ 2007-07-06 12:51:36 660,992 ----a-w C:\WINDOWS\system32\mqqm.dll
- 2004-09-15 12:00:00 177,152 ----a-w C:\WINDOWS\system32\mqrt.dll
+ 2007-07-06 12:51:36 177,152 ----a-w C:\WINDOWS\system32\mqrt.dll
- 2004-09-15 12:00:00 95,744 ----a-w C:\WINDOWS\system32\mqsec.dll
+ 2007-07-06 12:51:36 95,744 ----a-w C:\WINDOWS\system32\mqsec.dll
- 2004-09-15 12:00:00 48,640 ----a-w C:\WINDOWS\system32\mqupgrd.dll
+ 2007-07-06 12:51:36 48,640 ----a-w C:\WINDOWS\system32\mqupgrd.dll
- 2004-09-15 12:00:00 472,576 ----a-w C:\WINDOWS\system32\mqutil.dll
+ 2007-07-06 12:51:36 472,576 ----a-w C:\WINDOWS\system32\mqutil.dll
- 2007-11-02 07:12:57 18,238,072 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2008-05-09 21:35:04 16,863,864 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2004-09-15 12:00:00 20,480 ----a-w C:\WINDOWS\system32\msacm32.drv
- 2004-09-15 12:00:00 294,400 ----a-w C:\WINDOWS\system32\MSCTF.dll
+ 2008-02-26 12:00:47 294,912 ----a-w C:\WINDOWS\system32\msctf.dll
- 2004-09-15 12:00:00 512,029 ----a-w C:\WINDOWS\system32\msexch40.dll
+ 2008-03-25 04:50:28 518,944 ----a-w C:\WINDOWS\system32\msexch40.dll
- 2004-09-15 12:00:00 319,517 ----a-w C:\WINDOWS\system32\msexcl40.dll
+ 2008-03-25 04:50:30 326,432 ----a-w C:\WINDOWS\system32\msexcl40.dll
- 2007-08-20 09:58:59 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
+ 2008-03-01 13:01:52 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
- 2007-08-20 09:58:59 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
+ 2008-03-01 13:01:52 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
+ 2004-09-14 23:12:09 188,416 ----a-w C:\WINDOWS\system32\msh261.drv
+ 2004-09-15 12:00:00 294,912 ----a-w C:\WINDOWS\system32\msh263.drv
- 2007-08-20 09:58:59 3,584,512 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2008-03-01 15:31:54 3,591,680 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2007-08-20 09:58:59 477,696 ----a-w C:\WINDOWS\system32\mshtmled.dll
+ 2008-03-01 13:01:53 478,208 ----a-w C:\WINDOWS\system32\mshtmled.dll
- 2004-09-15 12:00:00 1,507,356 ----a-w C:\WINDOWS\system32\msjet40.dll
+ 2008-03-25 04:50:34 1,516,568 ----a-w C:\WINDOWS\system32\msjet40.dll
- 2004-09-15 12:00:00 358,976 ----a-w C:\WINDOWS\system32\msjetoledb40.dll
+ 2008-03-25 04:50:40 355,112 ----a-w C:\WINDOWS\system32\msjetoledb40.dll
- 2004-09-15 12:00:00 159,775 ----a-w C:\WINDOWS\system32\msjint40.dll
+ 2008-03-25 04:51:05 166,688 ----a-w C:\WINDOWS\system32\msjint40.dll
- 2004-09-15 12:00:00 53,279 ----a-w C:\WINDOWS\system32\msjter40.dll
+ 2008-03-25 04:50:42 60,192 ----a-w C:\WINDOWS\system32\msjter40.dll
- 2004-09-15 12:00:00 241,693 ----a-w C:\WINDOWS\system32\msjtes40.dll
+ 2008-03-25 04:50:42 248,608 ----a-w C:\WINDOWS\system32\msjtes40.dll
- 2004-09-15 12:00:00 213,023 ----a-w C:\WINDOWS\system32\msltus40.dll
+ 2008-03-25 04:50:44 219,936 ----a-w C:\WINDOWS\system32\msltus40.dll
- 2004-09-15 12:00:00 348,189 ----a-w C:\WINDOWS\system32\mspbde40.dll
+ 2008-03-25 04:50:45 355,104 ----a-w C:\WINDOWS\system32\mspbde40.dll
- 2007-08-20 09:59:00 193,024 ----a-w C:\WINDOWS\system32\msrating.dll
+ 2008-03-01 13:01:53 193,024 ----a-w C:\WINDOWS\system32\msrating.dll
- 2004-09-15 12:00:00 421,919 ----a-w C:\WINDOWS\system32\msrd2x40.dll
+ 2008-03-25 04:50:47 432,928 ----a-w C:\WINDOWS\system32\msrd2x40.dll
- 2004-09-15 12:00:00 315,423 ----a-w C:\WINDOWS\system32\msrd3x40.dll
+ 2008-03-25 04:50:49 322,336 ----a-w C:\WINDOWS\system32\msrd3x40.dll
- 2004-09-15 12:00:00 552,989 ----a-w C:\WINDOWS\system32\msrepl40.dll
+ 2008-03-25 04:50:52 559,904 ----a-w C:\WINDOWS\system32\msrepl40.dll
- 2004-09-15 12:00:00 258,077 ----a-w C:\WINDOWS\system32\mstext40.dll
+ 2008-03-25 04:50:55 264,992 ----a-w C:\WINDOWS\system32\mstext40.dll
- 2007-08-20 09:59:00 671,232 ----a-w C:\WINDOWS\system32\mstime.dll
+ 2008-03-01 13:01:53 671,232 ----a-w C:\WINDOWS\system32\mstime.dll
- 2004-09-15 12:00:00 831,519 ----a-w C:\WINDOWS\system32\mswdat10.dll
+ 2008-03-25 04:50:57 838,432 ----a-w C:\WINDOWS\system32\mswdat10.dll
- 2004-09-15 12:00:00 614,429 ----a-w C:\WINDOWS\system32\mswstr10.dll
+ 2008-03-25 04:51:06 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll
- 2004-09-15 12:00:00 348,189 ----a-w C:\WINDOWS\system32\msxbde40.dll
+ 2008-03-25 04:50:58 355,104 ----a-w C:\WINDOWS\system32\msxbde40.dll
+ 2004-09-15 12:00:00 2,656 ----a-w C:\WINDOWS\system32\netware.drv
- 2007-08-20 09:59:00 102,400 ----a-w C:\WINDOWS\system32\occache.dll
+ 2008-03-01 13:01:53 102,912 ----a-w C:\WINDOWS\system32\occache.dll
- 2005-01-20 03:21:23 73,728 ----a-w C:\WINDOWS\system32\Oemdspif.dll
+ 2006-05-03 16:45:22 77,824 ----a-w C:\WINDOWS\system32\Oemdspif.dll
- 2007-05-17 11:30:00 549,376 ----a-w C:\WINDOWS\system32\oleaut32.dll
+ 2007-12-04 18:41:50 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll
- 2007-11-29 16:10:40 39,992 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2008-03-30 08:50:08 39,992 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2007-11-29 16:10:40 48,448 ----a-w C:\WINDOWS\system32\perfc00B.dat
+ 2008-03-30 08:50:08 48,448 ----a-w C:\WINDOWS\system32\perfc00B.dat
- 2007-11-29 16:10:40 311,604 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2008-03-30 08:50:08 311,604 ----a-w C:\WINDOWS\system32\perfh009.dat
- 2007-11-29 16:10:40 283,024 ----a-w C:\WINDOWS\system32\perfh00B.dat
+ 2008-03-30 08:50:08 283,024 ----a-w C:\WINDOWS\system32\perfh00B.dat
- 2006-10-17 09:58:08 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
+ 2008-03-01 13:01:53 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
- 2005-08-30 03:55:43 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll
+ 2007-10-29 22:43:51 1,288,192 ----a-w C:\WINDOWS\system32\quartz.dll
+ 2005-01-20 02:55:57 249,856 ----a-w C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\ati2cqag.dll
+ 2005-01-20 03:25:56 223,744 ----a-w C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\ati2dvag.dll
+ 2005-01-20 03:21:11 39,936 ----a-w C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\ati2edxx.dll
+ 2005-01-20 03:01:35 36,864 ----a-w C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\ati2erec.dll
+ 2005-01-20 03:21:02 61,440 ----a-w C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\ati2evxx.dll
+ 2005-01-20 03:20:05 344,064 ----a-w C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\ati2evxx.exe
+ 2005-01-20 03:21:17 25,088 ----a-w C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\Ati2mdxx.exe
+ 2005-01-20 03:25:37 965,632 ----a-w C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\ati2mtag.sys
+ 2005-01-20 03:12:15 2,185,440 ----a-w C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\ati3duag.dll
+ 2005-01-20 03:19:41 53,248 ----a-w C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\ATIDDC.DLL
+ 2005-01-20 04:54:45 212,992 ----a-w C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\ATIDEMGR.dll
+ 2004-12-20 22:48:50 73,845 ----a-w C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\atiicdxx.dat
+ 2005-01-20 05:23:31 299,008 ----a-w C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\atiiiexx.dll
+ 2006-05-03 16:15:58 151,552 ----a-w C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\atikvmag.dll
+ 2006-05-03 16:21:20 6,684,672 ----a-w C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\atioglx1.dll
+ 2005-01-20 03:46:48 6,664,192 ----a-w C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\atioglxx.dll
+ 2005-01-20 03:21:34 94,208 ----a-w C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\atipdlxx.dll
+ 2005-01-20 03:01:27 17,408 ----a-w C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\atitvo32.dll
+ 2001-11-09 08:01:04 24,064 ----a-w C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\ativcoxx.dll
+ 2005-01-20 03:06:29 437,984 ----a-w C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\ativvaxx.dll
+ 2005-01-20 03:21:23 73,728 ----a-w C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\Oemdspif.dll
+ 2004-09-15 12:00:00 23,552 ----a-w C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\wdmaud.drv
- 2007-10-23 14:25:44 60,800 ----a-w C:\WINDOWS\system32\S32EVNT1.DLL
+ 2008-06-10 21:47:05 60,800 ----a-w C:\WINDOWS\system32\S32EVNT1.DLL
- 2007-01-19 10:53:04 51,056 ----a-w C:\WINDOWS\system32\sirenacm.dll
+ 2007-10-18 09:31:46 51,224 ----a-w C:\WINDOWS\system32\sirenacm.dll
+ 2004-09-15 12:00:00 1,744 ----a-w C:\WINDOWS\system32\sound.drv
- 2006-11-17 13:14:32 14,640 ------w C:\WINDOWS\system32\spmsg.dll
+ 2006-12-10 12:10:04 14,640 ------w C:\WINDOWS\system32\spmsg.dll
- 2007-04-23 00:15:18 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
+ 2007-11-29 22:30:16 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
+ 2004-09-15 12:00:00 3,360 ----a-w C:\WINDOWS\system32\system.drv
+ 2004-09-15 12:00:00 4,048 ----a-w C:\WINDOWS\system32\timer.drv
- 2007-07-18 12:42:22 60,416 ------w C:\WINDOWS\system32\tzchange.exe
+ 2007-11-13 11:31:11 60,416 ------w C:\WINDOWS\system32\tzchange.exe
- 2007-08-20 09:59:00 105,984 ----a-w C:\WINDOWS\system32\url.dll
+ 2008-03-01 13:01:53 105,984 ----a-w C:\WINDOWS\system32\url.dll
- 2007-08-20 09:59:00 1,152,000 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2008-03-01 13:01:53 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2004-09-15 12:00:00 23,552 ----a-w C:\WINDOWS\system32\wdmaud.drv
- 2007-08-20 09:59:00 232,960 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2008-03-01 13:01:53 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2004-09-15 12:00:00 13,600 ----a-w C:\WINDOWS\system32\wfwnet.drv
+ 2004-09-15 12:00:00 2,176 ----a-w C:\WINDOWS\system32\vga.drv
- 2007-02-15 16:00:28 236,928 ------w C:\WINDOWS\system32\WgaLogon.dll
+ 2007-04-10 12:00:46 236,928 ----a-w C:\WINDOWS\system32\WgaLogon.dll
- 2007-02-15 16:01:16 336,768 ------w C:\WINDOWS\system32\WgaTray.exe
+ 2007-04-10 12:01:20 336,768 ------w C:\WINDOWS\system32\WgaTray.exe
- 2007-03-08 15:34:26 1,843,840 ----a-w C:\WINDOWS\system32\win32k.sys
+ 2008-03-20 08:09:41 1,845,504 ----a-w C:\WINDOWS\system32\win32k.sys
- 2007-08-20 09:59:00 824,832 ----a-w C:\WINDOWS\system32\wininet.dll
+ 2008-03-01 13:01:53 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
+ 2004-09-15 12:00:00 2,864 ----a-w C:\WINDOWS\system32\winsock.dll
+ 2004-09-15 12:00:00 146,944 ----a-w C:\WINDOWS\system32\winspool.drv
+ 2004-09-15 12:00:00 2,112 ----a-w C:\WINDOWS\system32\winspool.exe
- 2005-01-28 11:44:28 224,768 ----a-w C:\WINDOWS\system32\wmasf.dll
+ 2007-10-20 04:01:32 227,328 ----a-w C:\WINDOWS\system32\wmasf.dll
+ 2004-09-15 12:00:00 2,736 ----a-w C:\WINDOWS\system32\wowdeb.exe
+ 1997-01-18 08:40:30 299,520 ----a-w C:\WINDOWS\uninst.exe
+ 2000-08-31 05:00:00 49,152 ----a-w C:\WINDOWS\VFind.exe
+ 2000-08-31 05:00:00 68,096 ----a-w C:\WINDOWS\zip.exe
.
-- Snapshot reset to current date --
.
(((((((((((((((((((((((((((((( Rekisterin k„ynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Huom* Tyhji„ arvoja ja laillisia oletusarvoja ei n„ytet„
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-05-30 21718312]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 1460560]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-09-15 15360]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-06-11 1506544]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-01-19 339968]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 90112]
"Jet Detection"="C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe" [2001-11-29 28672]
"CnxTrApp"="C:\Program Files\TeleWell\ADSL USB Router\CnxTrApp.dll" [2003-07-18 247296]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2005-10-04 180269]
"MessengerPlus3"="C:\Program Files\Messenger Plus! 3\MsgPlus.exe" [2006-04-28 190024]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-01-09 115816]
"osCheck"="C:\Program Files\Norton AntiVirus\osCheck.exe" [2006-09-05 26248]
"V0230Mon.exe"="C:\WINDOWS\system32\V0230Mon.exe" [2006-07-19 36961]
"CreativeTaskScheduler"="C:\Program Files\Creative\Shared Files\CTSched.exe" [2006-01-09 53340]
"Omnipage"="C:\Program Files\ScanSoft\OmniPageSE\opware32.exe" [2002-06-03 49152]
"AVFX Engine"="C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe" [2006-06-09 24576]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-02-01 385024]
"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-09-15 C:\WINDOWS\system32\bthprops.cpl]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-09-15 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableStatusMessages"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=MsgPlusLoader.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"= ctwdm32.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\Program Files\\DC++\\DCPlusPlus.exe"=
"C:\\Program Files\\EA GAMES\\Battlefield 1942\\BF1942.exe"=
"C:\\Program Files\\WiFiConnector\\NintendoWFCReg.exe"=
"C:\\Program Files\\Voipwise.com\\Voipwise\\Voipwise.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"=
"C:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\helpctr.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Program Files\\NetBattle\\PokeBattle.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{84294e26-4050-11dd-b28c-000d0bc394f7}]
\Shell\AutoRun\command - F:\LaunchU3.exe -a
.
'Ajoitetut teht„v„t'-kansion sis„lt”
.
- - - - POISTETUT JŽMŽRIVIT - - - -

BHO-{005F57BB-AA11-4B3D-98AD-7A2F71AF0259} - (no file)
BHO-{07EA7D71-936A-474F-B1E7-3BBB739F6D90} - (no file)
BHO-{10E9F4F8-A717-4257-9041-7F5A9CC99D5D} - (no file)
BHO-{18E50DB0-1ECE-447E-9733-AA0EB21E5A09} - (no file)
BHO-{1AA2D6E1-DE6E-4747-B4F2-46DE6D18198E} - (no file)
BHO-{1CBEDC46-401C-4729-B52F-4DAF2E2D17BD} - (no file)
BHO-{205653DD-CD82-4C7E-A8AA-C73DA2C47FA4} - (no file)
BHO-{206DA97A-3714-4075-9A0E-3CEDB679DB86} - (no file)
BHO-{21758007-BEE5-441D-8467-4C6C3DD4C81B} - (no file)
BHO-{250FA0E8-E8D0-48F5-856E-E17215FE3681} - (no file)
BHO-{25E5CC61-9BD2-4FC5-9A85-201082BBF697} - (no file)
BHO-{2B5B04FC-CB79-457C-93E3-F824E257B752} - (no file)
BHO-{2FA590D8-1AC6-499E-BC31-8134BFC593BB} - (no file)
BHO-{37B3FC10-C861-4991-A592-C22FEF75F8A4} - (no file)
BHO-{3C25E3A9-4E4C-423B-AB87-09985307F6AA} - (no file)
BHO-{3F4C70E0-A197-4322-A75E-FA21CA486F68} - (no file)
BHO-{45B3D8F3-7F91-4569-B61C-D11D176CFEC0} - (no file)
BHO-{46a3a07a-e66e-4a5d-9e49-6bd59a8944d6} - (no file)
BHO-{4959EFB4-33C5-482D-B212-95A597CB0ECB} - (no file)
BHO-{580EBA0F-95BD-4233-A8D9-FA777567025A} - (no file)
BHO-{590F8880-40E7-465C-B39C-157197075839} - (no file)
BHO-{5FA0EBDF-890B-4602-AA64-8EFB4FCC8B4F} - (no file)
BHO-{727EFCC6-89C6-43B8-8864-3300626E1D87} - (no file)
BHO-{72BA24F8-0F9C-4F0B-9AF6-8AF2E8140C58} - (no file)
BHO-{75079729-6E2A-4CB8-A653-9C598BD44D6E} - (no file)
BHO-{7AF0D473-D9A5-4033-8621-DA0204B547F0} - (no file)
BHO-{7dc1060d-a869-4df6-9da2-646b67b04f7a} - (no file)
BHO-{85B2736E-C806-40CE-9056-E8C24EB32D3F} - (no file)
BHO-{904CF9E3-7D8E-4D33-B3DD-A6B5911E94FD} - (no file)
BHO-{97E342C8-B877-44A1-8238-AD7DB588D669} - (no file)
BHO-{9882E80F-26DF-430F-BB8E-6C8B851EE423} - (no file)
BHO-{9CE29DF9-F906-409D-A9A4-66D3D5BC1E2E} - (no file)
BHO-{A8BA7474-22BD-4668-AE36-C873FB57D4EB} - (no file)
BHO-{B99732A5-E071-476F-B54F-55D28990872A} - (no file)
BHO-{B9C95588-8AC7-4ACD-B31F-4298729BC676} - (no file)
BHO-{BA67BB1C-05E9-4DC1-B605-22C81873E8CA} - (no file)
BHO-{D2E01C83-B83C-461F-75DF-105A9207C89D} - (no file)
BHO-{DC3018E8-BE26-4795-82CE-4B1FABB09497} - (no file)
BHO-{DC9696A8-BC79-4559-B355-DA2E019A5E0C} - (no file)
BHO-{e02fc416-5ca1-44cf-bf0d-8f5c6d3eccaa} - (no file)
BHO-{E20552CB-1899-4FE9-B7F1-ED406CFF68F5} - (no file)
BHO-{ED64B333-8A9E-4C39-B722-7AAB86B74865} - (no file)
BHO-{F0E738CA-4E59-446F-B34A-6BC26FB2C735} - (no file)
BHO-{F372FAF3-55FF-426E-8745-15E0B1B6319A} - (no file)
BHO-{f3beb82a-87ea-426a-81f1-7c936291ffc7} - (no file)
BHO-{F7461496-C822-431D-8886-8F4B562F0C8B} - (no file)
HKU-Default-Run-Symantec NetDriver Warning - C:\PROGRA~1\SYMNET~1\SNDWarn.exe
HKU-Default-RunOnce-<NO NAME> - (no file)
Notify-dshmddkt - (no file)
Notify-imynsmzi - (no file)
Notify-lbtcpltb - (no file)
Notify-lchciajl - (no file)
Notify-opnkigg - (no file)
Notify-qwluzxqy - (no file)
Notify-xgqtyrfg - (no file)


.
------- T„ydent„v„ tarkistus -------
.
FireFox -: Profile - C:\Documents and Settings\Timo\Application Data\Mozilla\Firefox\Profiles\r7vtje84.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.fi/firefox?client=firefox-a&rls=org.mozilla:fifficial
FF -: plugin - C:\Program Files\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll
FF -: plugin - C:\Program Files\DivX\DivX Content Uploader\npUpload.dll
FF -: plugin - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
FF -: plugin - C:\Program Files\Veoh Networks\Veoh\Plugins\noreg\NPVeohVersion.dll
.
.
------- File Associations -------
.
inifile=%SystemRoot%\System32\NOTEPAD.EXE %1"
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-15 23:42:46
Windows 5.1.2600 Service Pack 2 NTFS

tarkistaa piilotettuja prosesseja ...

tarkistaa piilotettuja k„ynnistysarvoja ...

tarkistaa piilotettuja tiedostoja ...

tarkistus on valmis
piilotetut tiedostot: 0

**************************************************************************
.
------------------------ Muut prosessit ------------------------
.
C:\WINDOWS\system32\ati2evxx.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\WINDOWS\system32\devldr32.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Symantec\LiveUpdate\AUPDATE.EXE
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\WiFiConnector\NintendoWFCReg.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
.
**************************************************************************
.
Valmistumisajankohta: 2008-09-16 0:13:17 - kone k„ynnistettiin uudelleen
ComboFix-quarantined-files.txt 2008-09-15 21:12:52
ComboFix2.txt 2007-11-30 22:25:33

Pre-Run: 6,138,445,824 tavua vapaana
Post-Run: 5,669,707,776 tavua vapaana

1092 --- E O F --- 2008-09-15 21:10:48

 

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 0:43:42, on 16.9.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\devldr32.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\V0230Mon.exe
C:\Program Files\Creative\Shared Files\CTSched.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\WiFiConnector\NintendoWFCReg.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Norton AntiVirus\NAVW32.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fi
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)
O2 - BHO: (no name) - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [CnxTrApp] rundll32.exe "C:\Program Files\TeleWell\ADSL USB Router\CnxTrApp.dll",AppEntry -REG "Conexant\Conexant USB Network"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton AntiVirus\osCheck.exe"
O4 - HKLM\..\Run: [V0230Mon.exe] C:\WINDOWS\system32\V0230Mon.exe
O4 - HKLM\..\Run: [CreativeTaskScheduler] "C:\Program Files\Creative\Shared Files\CTSched.exe" /logon
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-19\..\RunOnce: [] (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-20\..\RunOnce: [] (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [] (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV03.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Suorita rekisteröintityökalu.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Avaa uuteen etuvälilehteen - res://C:\Program Files\Windows Live Toolbar\Components\fi-fi\msntabres.dll.mui/230?b1cb21b4abac4cd3a3258c21eb538e53
O8 - Extra context menu item: Avaa uuteen taustavälilehteen - res://C:\Program Files\Windows Live Toolbar\Components\fi-fi\msntabres.dll.mui/229?b1cb21b4abac4cd3a3258c21eb538e53
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: ToolbarCop - {A349A035-E26F-454b-ABB4-5208E50E1BE7} - C:\WINDOWS\system32\shdocvw.dll (HKCU)
O9 - Extra 'Tools' menuitem: ToolbarCop - {A349A035-E26F-454b-ABB4-5208E50E1BE7} - C:\WINDOWS\system32\shdocvw.dll (HKCU)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab50997.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1138350570671
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab50997.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Automaattinen LiveUpdate-ajastustoiminto - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-palvelu (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: Creative VF0230 RunApp Service (VF0230Srv) - Creative Technology Ltd. - C:\WINDOWS\system32\V0230Srv.exe

--
End of file - 11476 bytes

 

-

 

Lataa CCleaner tästä

- Asennuksessa poista merkki/rasti kohdasta "asenna Yahoo! toolbar/työkalupalkki".
- Asennuksen jälkeen aukaise CCleaner.
- Valitse vasemmalta pystyrivistä Options.
- Valitse viereisestä pystyrivistä Settings.
- Language kohtaan valitse Suomi.

- Käynnistä CCleaner.
- Valitse Valinnat.
- Paina Lisäasetukset.
- Ota ruksi pois kohdasta "Poista vain yli 48 tuntia vanhat tiedostot Windowsin tilapäiskansioista".

Puhdistaja

- Valitse vasemmalta pystyrivistä Puhdistaja.
- Paina alhaalta Tutki.
Nyt CCleaner tutkii, mitä voidaan poistaa (tempit, cookiessit jne.).
- Kun tutkiminen on valmis, paina Aja CCleaner.
Nyt CCleaner poistaa löydetyt tempit, cookiessit jne.

Rekisterin virheiden korjaus

- Valitse vasemmalta pystyrivistä Rekisteri.
- Paina alhaalta Etsi rekisterin virheitä.
- Kun etsintä on valmis ja olet varma, että haluat korjata ne rivit jotka ovat merkattuja, niin paina Korjaa valitut rekisterin virheet.
- Sinulta kysytään "haluatko varmuuskopioida muutokset rekisteriin", paina Kyllä. Tallenna varmuuskopio vaikka "Omat tiedostot" -kansioon.
- Klikkaa uudesta aukeavasta ikkunasta Korjaa kaikki valitut virheet.
- Saat vielä varmistus kysymyksen, paina Ok.
- Kun virheet on korjattu, paina Sulje.

Nyt voit suljea CCleanerin painamalla oikealta ylhäältä punaista rastia.

Skannaa koneesi Kaspersky Online Skannerilla

* Lue läpi vaatimukset ja yksityisyyssäännökset ja klikkaa Accept.
* Skannerin ja virustietokannan lataus alkaa. Sinulta kysytään sallitko Kasperskyltä tulevan ohjelman asentamisen. Klikkaa Aja/Run.
* Kun lataus on valmis, klikkaa Settings.
* Varmistu, että seuraavat kohdat on valittu. Jos ne eivät ole, valitse ne ja klikkaa Save:
Spyware, Adware, Dialers, and other potentially dangerous programs
Archives
Mail databases
* Klikkaa Oma Tietokone, My Computer Scan-kohdan alapuolelta.
* Kun tarkistus on valmis, tulokset näytetään. Klikkaa View Scan Report.
* Näet listan saastuneista kohteista. Klikkaa Save Report As....
* Tallenna tiedosto työpöydällesi. Muuta Tiedostotyyppi/Files of type muotoon Tekstitiedosto/Text file(.txt) ennen kuin klikkaat Save.
* Kopioi ja liitä tiedoston sisältö seuraavaan vastaukseesi uuden HijackThis-lokin kera