Tietokoneessani on viruksia - kuinka poistan ne?

Kiitos. Ihan normaalisti kone toiminut ja hyvä ettei enää mitään löydy. btw, kun poistin OTL:n ja käynnistin poiston aikana koneen uudestaan, työpöydälle oli ilmestynyt desktop.ini tiedosto. Mikähän se on? Voiko sen poistaa?

Edit. Sisältä löytyy täämöinen teksti:


[.ShellClassInfo]
LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21799

 

Äsken kun tein pikatarkistuksen Malwarebytesillä niin scannauksen aika F-Secure huomasi jonkin troijalaisen ja poistin sen, mutta Malwarebytes ei löytänyt mitään. Outoa. Ja sen olen huomannut että en pääse kiakkiin tiedostoihin kuten Documents kansiossa oleviin Omat kuvateidostot, Omat videotiedostot ja omat musiikkitiedostot. Enkä myöskään C:/ Documnts and Settings kansioon. Ja on muitakin kansioita joihin en pääse. Sanoo että C:/ Documents And Settings ei ole käytettävissä. Käyttö estetty. Joku virusko blokkaa noiden tiedostoiden käytön? Olen tietokoneen järjestelmänvalvoja. Siellä C asemalla on myös kansio System Volume Information.

 

Desktop.Ini on laillinen filu ja näkyy koska sulla on "Suojatut käyttöjärjestelmätiedot" näkyvillä, ÄLÄ poista sitä.

Otetaas uus loki ja skannaus.

Lataa GMER ja tallenna se työpöydällesi:

• Pura se työpöydälle ja tuplaklikkaa tiedostoa GMER.exe
• Klikkaa rootkit-välilehteä ja sitten klikkaa scan.
• Älä rastita "Show All" boksia skannauksen aikana!
• Kun skannaus on valmis, klikkaa Copy.
• Tämä kopioi lokin leikepöydälle (voit tallentaa lokin varmuuden vuoksi tekstitiedostoon).
• Liitä loki sitten viestiketjuusi.

1. Lataa OTListIt by OldTimer ja tallenna se työpöydälle.
2. Sulje kaikki päälläolevat ikkunat ja sovellukset.
3. Tuplaklikkaa OTL.exeä käynnistääksesi OTListIt:n.
4. Valitse sininen "Scan All Users"-valintaruutu (laita siihen rasti).
5. Klikkaa sinistä Run Scan-nappulaa.
6. OTListIt aloittaa tarkistuksen.
7. Kun tarkistus on valmis, OTListIt luo kaksi tekstitiedostoa työpöydälle, OTListIt.Txt <- tämä avautuu Muistioon ja Extras.txt
8. Kopioi (Ctrl+A , Ctrl+C) ja liitä (Ctrl+V) OTListIt.Txt ja Extras.txt-tiedostojen sisältö seuravaan viestiisi

 

Eli siis koska minulla on Suojatut käyttöjärjestelmätiedot en pääse kaikkiin kansioihin? En muista kyllä tuollaista asetusta muuttaneeni. Miten tuon saisi takaisin, että pääsisin taas normaalisti esim. omat kuvatiedostot kansioon?

Tässä nämä lokit.


GMER 1.0.15.14972 - http://www.gmer.net
Rootkit scan 2009-07-24 18:29:07
Windows 6.0.6002 Service Pack 2

OTL ei luonut extras.txt tiedostoa

---- System - GMER 1.0.15 ----

SSDT \??\C:\Program Files\PC Protection\HIPS\drivers\fshs.sys ZwCreateThread [0x92718E02]
SSDT \??\C:\Program Files\PC Protection\HIPS\drivers\fshs.sys ZwLoadDriver [0x9271912A]
SSDT \??\C:\Program Files\PC Protection\HIPS\drivers\fshs.sys ZwMapViewOfSection [0x92718B4E]
SSDT \??\C:\Program Files\PC Protection\HIPS\drivers\fshs.sys ZwOpenSection [0x9271955C]
SSDT \??\C:\Program Files\PC Protection\HIPS\drivers\fshs.sys ZwRenameKey [0x9271A7FA]
SSDT \??\C:\Program Files\PC Protection\HIPS\drivers\fshs.sys ZwSetSystemInformation [0x927193AC]
SSDT \??\C:\Program Files\PC Protection\HIPS\drivers\fshs.sys ZwSuspendProcess [0x927189D4]
SSDT \??\C:\Program Files\PC Protection\HIPS\drivers\fshs.sys ZwSuspendThread [0x92718E36]
SSDT \??\C:\Program Files\PC Protection\HIPS\drivers\fshs.sys ZwSystemDebugControl [0x92718FB0]
SSDT \??\C:\Program Files\PC Protection\HIPS\drivers\fshs.sys ZwTerminateProcess [0x92718934]
SSDT \??\C:\Program Files\PC Protection\HIPS\drivers\fshs.sys ZwTerminateThread [0x92718A8A]
SSDT \??\C:\Program Files\PC Protection\HIPS\drivers\fshs.sys ZwWriteVirtualMemory [0x92718EFA]
SSDT \??\C:\Program Files\PC Protection\HIPS\drivers\fshs.sys ZwCreateThreadEx [0x92718E1C]

INT 0x61 ? 85C00BF8
INT 0x62 ? 870FDBF8
INT 0x71 ? 85C00BF8
INT 0x72 ? 870FDBF8
INT 0x72 ? 870FDBF8
INT 0x72 ? 870FDBF8
INT 0x81 ? 85C00BF8
INT 0xA1 ? 870FDBF8
INT 0xA1 ? 870FDBF8
INT 0xA1 ? 870FDBF8

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!KeSetEvent + 221 826B8964 4 Bytes [02, 8E, 71, 92]
.text ntkrnlpa.exe!KeSetEvent + 37D 826B8AC0 4 Bytes [2A, 91, 71, 92]
.text ntkrnlpa.exe!KeSetEvent + 3AD 826B8AF0 4 Bytes [4E, 8B, 71, 92] {DEC ESI; MOV ESI, [ECX-0x6e]}
.text ntkrnlpa.exe!KeSetEvent + 3FD 826B8B40 4 Bytes [5C, 95, 71, 92] {POP ESP; XCHG EBP, EAX; JNO 0xffffffffffffff96}
.text ntkrnlpa.exe!KeSetEvent + 515 826B8C58 4 Bytes [FA, A7, 71, 92] {CLI ; CMPSD ; JNO 0xffffffffffffff96}
.text ...
? System32\Drivers\spxq.sys Määritettyä polkua ei löydy. !
.text USBPORT.SYS!DllUnload 8A98C41B 5 Bytes JMP 870FD1D8
.text avyfhscw.SYS 8A9C4000 22 Bytes [82, C3, 9C, 82, 6C, C2, 9C, ...]
.text avyfhscw.SYS 8A9C4017 45 Bytes [00, 32, 47, 71, 80, 3D, 45, ...]
.text avyfhscw.SYS 8A9C4045 135 Bytes [2A, 6B, 82, FD, A9, 64, 82, ...]
.text avyfhscw.SYS 8A9C40CE 10 Bytes [00, 00, 00, 00, 00, 00, 02, ...]
.text avyfhscw.SYS 8A9C40DA 12 Bytes [00, 00, 02, 00, 00, 00, 24, ...]
.text ...

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUchar] [8060A6D6] \SystemRoot\System32\Drivers\spxq.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUchar] [8060A042] \SystemRoot\System32\Drivers\spxq.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortBufferUshort] [8060A800] \SystemRoot\System32\Drivers\spxq.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUshort] [8060A0C0] \SystemRoot\System32\Drivers\spxq.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortBufferUshort] [8060A13E] \SystemRoot\System32\Drivers\spxq.sys
IAT \SystemRoot\System32\Drivers\avyfhscw.SYS[ataport.SYS!AtaPortNotification] CC358B04
IAT \SystemRoot\System32\Drivers\avyfhscw.SYS[ataport.SYS!AtaPortWritePortUchar] 838A9E9F
IAT \SystemRoot\System32\Drivers\avyfhscw.SYS[ataport.SYS!AtaPortWritePortUlong] 458B38C6
IAT \SystemRoot\System32\Drivers\avyfhscw.SYS[ataport.SYS!AtaPortGetPhysicalAddress] A5A5A514
IAT \SystemRoot\System32\Drivers\avyfhscw.SYS[ataport.SYS!AtaPortConvertPhysicalAddressToUlong] 100D8BA5
IAT \SystemRoot\System32\Drivers\avyfhscw.SYS[ataport.SYS!AtaPortGetScatterGatherList] 5F8A9E70
IAT \SystemRoot\System32\Drivers\avyfhscw.SYS[ataport.SYS!AtaPortReadPortUchar] 30810889
IAT \SystemRoot\System32\Drivers\avyfhscw.SYS[ataport.SYS!AtaPortStallExecution] 54771129
IAT \SystemRoot\System32\Drivers\avyfhscw.SYS[ataport.SYS!AtaPortGetParentBusType] 10C25D5E
IAT \SystemRoot\System32\Drivers\avyfhscw.SYS[ataport.SYS!AtaPortRequestCallback] 8B55CC00
IAT \SystemRoot\System32\Drivers\avyfhscw.SYS[ataport.SYS!AtaPortWritePortBufferUshort] 084D8BEC
IAT \SystemRoot\System32\Drivers\avyfhscw.SYS[ataport.SYS!AtaPortGetUnCachedExtension] 0CF0918B
IAT \SystemRoot\System32\Drivers\avyfhscw.SYS[ataport.SYS!AtaPortCompleteRequest] 458B0000
IAT \SystemRoot\System32\Drivers\avyfhscw.SYS[ataport.SYS!AtaPortMoveMemory] 8B108910
IAT \SystemRoot\System32\Drivers\avyfhscw.SYS[ataport.SYS!AtaPortCompleteAllActiveRequests] 000CF491
IAT \SystemRoot\System32\Drivers\avyfhscw.SYS[ataport.SYS!AtaPortReleaseRequestSenseIrb] 04508900
IAT \SystemRoot\System32\Drivers\avyfhscw.SYS[ataport.SYS!AtaPortBuildRequestSenseIrb] 053C7980
IAT \SystemRoot\System32\Drivers\avyfhscw.SYS[ataport.SYS!AtaPortReadPortUshort] 560C558B
IAT \SystemRoot\System32\Drivers\avyfhscw.SYS[ataport.SYS!AtaPortReadPortBufferUshort] C6127557
IAT \SystemRoot\System32\Drivers\avyfhscw.SYS[ataport.SYS!AtaPortInitialize] B18D0502
IAT \SystemRoot\System32\Drivers\avyfhscw.SYS[ataport.SYS!AtaPortGetDeviceBase] 00000CF8
IAT \SystemRoot\System32\Drivers\avyfhscw.SYS[ataport.SYS!AtaPortDeviceStateChange] A508788D

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Windows\Explorer.EXE[3780] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [74517817] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3780] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [7456A86D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3780] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [7451BB22] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3780] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [7450F695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3780] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [745175E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3780] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [7450E7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3780] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [74548395] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3780] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [7451DA60] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3780] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [7450FFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3780] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [7450FF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3780] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [745071CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3780] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [7459CAE2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3780] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [7453C8D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3780] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [7450D968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3780] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [74506853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3780] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [7450687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3780] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [74512AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3780] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] [10002300] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated)
IAT C:\Windows\Explorer.EXE[3780] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibraryAndExitThread] [10001B30] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated)
IAT C:\Windows\Explorer.EXE[3780] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [10002690] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated)
IAT C:\Windows\Explorer.EXE[3780] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [10001290] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated)
IAT C:\Program Files\Mozilla Firefox\firefox.exe[4072] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [01F02690] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated)
IAT C:\Program Files\Mozilla Firefox\firefox.exe[4072] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [01F01290] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated)
IAT C:\Program Files\Mozilla Firefox\firefox.exe[4072] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] [01F02300] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated)
IAT C:\Program Files\Mozilla Firefox\firefox.exe[4072] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibraryAndExitThread] [01F01B30] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated)

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 85C051F8
Device \FileSystem\udfs \UdfsCdRom 86F201F8
Device \FileSystem\udfs \UdfsDisk 86F201F8
Device \Driver\sptd \Device\128893237 spxq.sys
Device \Driver\volmgr \Device\VolMgrControl 85C021F8
Device \Driver\usbohci \Device\USBPDO-0 870421F8
Device \Driver\usbohci \Device\USBPDO-1 870421F8
Device \Driver\usbehci \Device\USBPDO-2 8709C1F8
Device \Driver\usbohci \Device\USBPDO-3 870421F8
Device \Driver\usbohci \Device\USBPDO-4 870421F8
Device \Driver\usbehci \Device\USBPDO-5 8709C1F8
Device \Driver\PCI_PNP7221 \Device\00000056 spxq.sys
Device \Driver\usbohci \Device\USBPDO-6 870421F8
Device \Driver\volmgr \Device\HarddiskVolume1 85C021F8
Device \Driver\volmgr \Device\HarddiskVolume2 85C021F8
Device \Driver\cdrom \Device\CdRom0 86EF9500
Device \Driver\volmgr \Device\HarddiskVolume3 85C021F8
Device \Driver\cdrom \Device\CdRom1 86EF9500
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-0 85C041F8
Device \Driver\atapi \Device\Ide\IdePort0 85C041F8
Device \Driver\atapi \Device\Ide\IdePort1 85C041F8
Device \Driver\atapi \Device\Ide\IdePort2 85C041F8
Device \Driver\atapi \Device\Ide\IdePort3 85C041F8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-1 85C041F8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-2 85C041F8
Device \Driver\volmgr \Device\HarddiskVolume4 85C021F8
Device \Driver\USBSTOR \Device\00000080 8761A1F8
Device \Driver\volmgr \Device\HarddiskVolume5 85C021F8
Device \Driver\USBSTOR \Device\00000081 8761A1F8
Device \Driver\volmgr \Device\HarddiskVolume6 85C021F8
Device \Driver\volmgr \Device\HarddiskVolume7 85C021F8
Device \Driver\netbt \Device\NetBt_Wins_Export 875DB1F8
Device \Driver\volmgr \Device\HarddiskVolume8 85C021F8
Device \Driver\Smb \Device\NetbiosSmb 87579500
Device \Driver\USBSTOR \Device\00000079 8761A1F8
Device \Driver\iScsiPrt \Device\RaidPort0 870B61F8
Device \Driver\usbohci \Device\USBFDO-0 870421F8
Device \Driver\usbohci \Device\USBFDO-1 870421F8
Device \Driver\usbehci \Device\USBFDO-2 8709C1F8
Device \Driver\usbohci \Device\USBFDO-3 870421F8
Device \Driver\usbohci \Device\USBFDO-4 870421F8
Device \Driver\USBSTOR \Device\0000007e 8761A1F8
Device \Driver\usbehci \Device\USBFDO-5 8709C1F8
Device \Driver\USBSTOR \Device\0000007f 8761A1F8
Device \Driver\usbohci \Device\USBFDO-6 870421F8
Device \Driver\netbt \Device\NetBT_Tcpip_{D3BCD70C-BAA6-4B6D-A3F7-AE7A9778840B} 875DB1F8
Device \Driver\avyfhscw \Device\Scsi\avyfhscw1Port5Path0Target0Lun0 870A91F8
Device \Driver\avyfhscw \Device\Scsi\avyfhscw1 870A91F8
Device \FileSystem\cdfs \Cdfs 86F5F1F8

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x38 0xB0 0x34 0xD4 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x3C 0x91 0x31 0xF6 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x18 0xE1 0x03 0xAB ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x38 0xB0 0x34 0xD4 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x3C 0x91 0x31 0xF6 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x18 0xE1 0x03 0xAB ...

---- EOF - GMER 1.0.15 ----



Sitten vielä se toinen.

OTL logfile created on: 24.7.2009 18:31:25 - Run 2
OTL by OldTimer - Version 3.0.10.2 Folder = C:\Users\*käyttäjä nimi*\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18783)
Locale: 0000040B | Country: Suomi | Language: FIN | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,72 Gb Available Physical Memory | 86,19% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,63 Gb Total Space | 98,73 Gb Free Space | 42,44% Space Free | Partition Type: NTFS
Drive D: | 596,17 Gb Total Space | 545,35 Gb Free Space | 91,48% Space Free | Partition Type: NTFS
Drive E: | 348,89 Gb Total Space | 346,35 Gb Free Space | 99,27% Space Free | Partition Type: NTFS
Drive F: | 1,93 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: KOTI-PC
Current User Name: *käyttäjä nimi*
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009.05.16 06:23:56 | 00,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009.05.16 06:24:25 | 00,335,872 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2008.01.25 18:49:04 | 00,269,448 | ---- | M] (CyberLink) -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
PRC - [2008.02.25 18:57:22 | 00,021,752 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
PRC - [2008.01.27 01:27:18 | 00,509,488 | ---- | M] (Egis Incorporated) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
PRC - [2008.02.14 15:19:18 | 00,024,576 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
PRC - [2009.03.04 14:41:10 | 00,215,648 | ---- | M] (F-Secure Corporation) -- C:\Program Files\PC Protection\Anti-Virus\fsgk32st.exe
PRC - [2008.12.04 17:02:40 | 00,117,400 | ---- | M] (F-Secure Corporation) -- C:\Program Files\PC Protection\Common\FSMA32.EXE
PRC - [2009.07.07 15:50:07 | 00,466,048 | ---- | M] (F-Secure Corporation) -- C:\Program Files\PC Protection\Anti-Virus\FSGK32.EXE
PRC - [2008.12.04 17:02:40 | 00,232,088 | ---- | M] (F-Secure Corporation) -- C:\Program Files\PC Protection\Common\FSMB32.EXE
PRC - [2007.01.17 11:20:10 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2008.02.25 02:02:54 | 00,049,152 | ---- | M] (NewTech InfoSystems, Inc.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
PRC - [2008.02.25 18:53:16 | 00,131,072 | ---- | M] () -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
PRC - [2009.04.12 14:19:49 | 00,075,064 | ---- | M] () -- C:\Windows\System32\PnkBstrA.exe
PRC - [2006.07.19 21:36:58 | 00,262,247 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe
PRC - [2009.03.30 16:28:36 | 01,533,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
PRC - [2008.01.21 05:24:59 | 00,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe
PRC - [2008.12.04 17:02:38 | 00,125,592 | ---- | M] (F-Secure Corporation) -- C:\Program Files\PC Protection\Common\FCH32.EXE
PRC - [2008.12.04 16:57:06 | 00,043,680 | ---- | M] (F-Secure Corporation) -- C:\Program Files\PC Protection\Anti-Virus\fsqh.exe
PRC - [2008.12.04 17:02:38 | 00,404,064 | ---- | M] (F-Secure Corporation) -- C:\Program Files\PC Protection\Common\FAMEH32.EXE
PRC - [2009.07.07 15:50:07 | 00,586,880 | ---- | M] (F-Secure Corporation) -- C:\Program Files\PC Protection\Anti-Virus\fssm32.exe
PRC - [2008.12.04 17:03:02 | 00,707,168 | ---- | M] (F-Secure Corporation) -- C:\Program Files\PC Protection\FSPC\fspc.exe
PRC - [2008.12.04 16:55:26 | 00,490,080 | ---- | M] (F-Secure Corporation) -- C:\Program Files\PC Protection\FSAUA\program\fsaua.exe
PRC - [2008.12.04 17:04:02 | 00,055,904 | ---- | M] (F-Secure Corporation) -- C:\Program Files\PC Protection\ORSP Client\fsorsp.exe
PRC - [2008.12.04 16:57:54 | 00,510,560 | ---- | M] (F-Secure Corporation) -- C:\Program Files\PC Protection\FWES\Program\fsdfwd.exe
PRC - [2008.12.22 18:01:30 | 00,174,688 | ---- | M] (F-Secure Corporation) -- C:\Program Files\PC Protection\FSAUA\program\fsus.exe
PRC - [2009.03.30 16:28:36 | 00,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
PRC - [2009.04.11 09:27:36 | 02,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\Explorer.EXE
PRC - [2008.01.21 05:23:32 | 01,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008.05.20 13:06:00 | 06,144,000 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008.02.14 15:20:06 | 00,319,488 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\SysMonitor.exe
PRC - [2008.02.14 15:19:54 | 00,319,488 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe
PRC - [2008.01.27 01:27:12 | 00,523,312 | ---- | M] (Egis Incorporated) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
PRC - [2008.02.25 18:57:48 | 00,034,040 | ---- | M] () -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
PRC - [2008.12.04 17:02:40 | 00,182,936 | ---- | M] (F-Secure Corporation) -- C:\Program Files\PC Protection\Common\FSM32.EXE
PRC - [2009.04.11 09:27:28 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2007.03.06 18:48:46 | 00,488,984 | ---- | M] (Labtec Inc,) -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
PRC - [2009.07.17 18:29:45 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2008.01.21 05:25:11 | 00,125,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehtray.exe
PRC - [2008.01.21 05:25:33 | 00,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
PRC - [2009.05.15 16:28:12 | 00,321,344 | ---- | M] (BitTorrent, Inc.) -- C:\Users\*käyttäjä nimi*\Program Files\DNA\btdna.exe
PRC - [2008.01.21 05:25:11 | 00,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehmsas.exe
PRC - [2009.07.15 20:43:58 | 00,092,672 | ---- | M] () -- C:\Users\*käyttäjä nimi*\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WinCE3.exe
PRC - [2008.01.21 05:25:33 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
PRC - [2007.03.06 18:51:26 | 00,252,704 | ---- | M] (Labtec Inc.) -- C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
PRC - [2008.12.04 16:59:14 | 00,604,768 | ---- | M] (F-Secure Corporation) -- C:\Program Files\PC Protection\FSGUI\fsguidll.exe
PRC - [2008.12.18 14:32:52 | 00,049,152 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
PRC - [2009.04.11 09:28:08 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
PRC - [2009.04.11 09:28:15 | 00,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wmiprvse.exe
PRC - [2008.12.18 13:19:44 | 00,049,152 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
PRC - [2009.03.04 14:41:10 | 00,347,744 | ---- | M] (F-Secure Corporation) -- C:\Program Files\PC Protection\Anti-Virus\fsav32.exe
PRC - [2009.07.24 18:30:30 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Users\*käyttäjä nimi*\Desktop\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - [2008.01.25 18:49:04 | 00,269,448 | ---- | M] (CyberLink) -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe -- (Acer HomeMedia Connect Service [Auto | Running])
SRV - [2009.05.16 06:23:56 | 00,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility [Auto | Running])
SRV - [2008.02.25 18:57:22 | 00,021,752 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe -- (BUNAgentSvc [Auto | Running])
SRV - [2009.03.30 07:42:14 | 00,066,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008.01.27 01:27:18 | 00,509,488 | ---- | M] (Egis Incorporated) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service [Auto | Running])
SRV - [2008.01.21 05:25:09 | 00,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehRecvr.exe -- (ehRecvr [On_Demand | Stopped])
SRV - [2006.11.02 15:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])
SRV - [2006.11.02 15:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart [Auto | Stopped])
SRV - [2008.02.14 15:19:18 | 00,024,576 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe -- (ETService [Auto | Running])
SRV - [2009.04.11 09:28:25 | 01,017,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtsvc.dll -- (Eventlog [Auto | Running])
SRV - [2009.03.04 14:41:10 | 00,215,648 | ---- | M] (F-Secure Corporation) -- C:\Program Files\PC Protection\Anti-Virus\fsgk32st.exe -- (F-Secure Gatekeeper Handler Starter [Auto | Running])
SRV - [2009.04.04 22:38:56 | 00,655,624 | ---- | M] (Acresso Software Inc.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])
SRV - [2009.02.18 21:39:20 | 00,043,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2008.12.04 16:55:26 | 00,490,080 | ---- | M] (F-Secure Corporation) -- C:\Program Files\PC Protection\FSAUA\program\fsaua.exe -- (FSAUA [On_Demand | Running])
SRV - [2008.12.04 16:57:54 | 00,510,560 | ---- | M] (F-Secure Corporation) -- C:\Program Files\PC Protection\FWES\Program\fsdfwd.exe -- (FSDFWD [On_Demand | Running])
SRV - [2008.12.04 17:02:40 | 00,117,400 | ---- | M] (F-Secure Corporation) -- C:\Program Files\PC Protection\Common\FSMA32.EXE -- (FSMA [Auto | Running])
SRV - [2008.12.04 17:04:02 | 00,055,904 | ---- | M] (F-Secure Corporation) -- C:\Program Files\PC Protection\ORSP Client\fsorsp.exe -- (FSORSPClient [On_Demand | Running])
SRV - [2009.02.12 17:50:47 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c98d215460089e [Auto | Stopped])
SRV - [2009.03.24 17:13:34 | 00,183,280 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [Auto | Stopped])
SRV - [2009.02.18 21:38:42 | 00,879,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2007.01.17 11:20:10 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])
SRV - [2007.03.06 18:55:24 | 00,105,248 | ---- | M] (Labtec Inc.) -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher [Auto | Stopped])
SRV - [2009.02.18 21:38:43 | 00,129,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2008.02.25 02:02:54 | 00,049,152 | ---- | M] (NewTech InfoSystems, Inc.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe -- (NTIBackupSvc [Auto | Running])
SRV - [2008.02.25 18:53:16 | 00,131,072 | ---- | M] () -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe -- (NTISchedulerSvc [Auto | Running])
SRV - [2008.11.04 01:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006.10.26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2009.04.12 14:19:49 | 00,075,064 | ---- | M] () -- C:\Windows\System32\PnkBstrA.exe -- (PnkBstrA [Auto | Running])
SRV - [2006.07.19 21:36:58 | 00,262,247 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- (RichVideo [Auto | Running])
SRV - [2008.01.21 05:23:32 | 00,272,952 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend [Auto | Running])
SRV - [2009.03.30 16:28:36 | 01,533,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc [Auto | Running])
SRV - [2008.01.21 05:25:33 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Running])

========== Driver Services (SafeList) ==========

DRV - [2008.08.14 07:57:42 | 00,074,720 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\drivers\adfs.sys -- (adfs [Auto | Running])
DRV - [2008.01.21 05:23:21 | 00,422,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx [Disabled | Stopped])
DRV - [2008.01.21 05:23:25 | 00,300,600 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci [Disabled | Stopped])
DRV - [2008.01.21 05:23:26 | 00,101,432 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m [Disabled | Stopped])
DRV - [2008.01.21 05:23:27 | 00,149,560 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320 [Disabled | Stopped])
DRV - [2007.12.19 09:45:00 | 00,170,000 | ---- | M] (AMD Technologies Inc.) -- C:\Windows\system32\drivers\ahcix86s.sys -- (ahcix86s [Boot | Running])
DRV - [2006.11.02 12:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx [Disabled | Stopped])
DRV - [2008.01.21 05:23:00 | 00,017,464 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\system32\drivers\aliide.sys -- (aliide [Disabled | Stopped])
DRV - [2008.01.21 05:23:23 | 00,079,416 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arc.sys -- (arc [Disabled | Stopped])
DRV - [2008.01.21 05:23:24 | 00,079,928 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas [Disabled | Stopped])
DRV - [2009.02.20 08:17:50 | 00,095,760 | ---- | M] (ATI Research Inc.) -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService [On_Demand | Running])
DRV - [2009.05.16 07:01:23 | 04,933,632 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\DRIVERS\atikmdag.sys -- (atikmdag [On_Demand | Running])
DRV - [2006.10.30 06:23:12 | 00,007,680 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie [Boot | Running])
DRV - [2006.11.10 16:08:50 | 00,024,064 | ---- | M] () -- C:\Windows\System32\DRIVERS\ATITool.sys -- (ATITool [System | Stopped])
DRV - [2006.11.02 11:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo [On_Demand | Stopped])
DRV - [2006.11.02 11:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp [On_Demand | Stopped])
DRV - [2006.11.02 11:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserid.sys -- (Brserid [Disabled | Stopped])
DRV - [2006.11.02 11:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm [Disabled | Stopped])
DRV - [2006.11.02 11:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm [Disabled | Stopped])
DRV - [2006.11.02 11:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer [On_Demand | Stopped])
DRV - [2008.01.21 05:23:00 | 00,019,000 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide [Disabled | Stopped])
DRV - [2008.01.21 05:23:24 | 00,118,784 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\E1G60I32.sys -- (E1G60 [On_Demand | Stopped])
DRV - [2008.01.21 05:23:22 | 00,342,584 | ---- | M] (Emulex) -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor [Disabled | Stopped])
DRV - [2008.12.04 16:57:10 | 00,039,776 | ---- | M] () -- C:\Program Files\PC Protection\Anti-Virus\Win2K\FSfilter.sys -- (F-Secure Filter [Disabled | Stopped])
DRV - [2009.07.07 16:12:05 | 00,099,960 | ---- | M] () -- C:\Program Files\PC Protection\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper [On_Demand | Running])
DRV - [2008.12.04 17:02:20 | 00,067,808 | ---- | M] (F-Secure Corporation) -- C:\Program Files\PC Protection\HIPS\drivers\fshs.sys -- (F-Secure HIPS [System | Running])
DRV - [2008.12.04 16:57:10 | 00,025,184 | ---- | M] () -- C:\Program Files\PC Protection\Anti-Virus\Win2K\FSrec.sys -- (F-Secure Recognizer [Disabled | Stopped])
DRV - [2009.07.08 21:03:13 | 00,033,920 | ---- | M] () -- C:\Windows\system32\Drivers\fsbts.sys -- (fsbts [Boot | Running])
DRV - [2008.12.04 16:57:36 | 00,035,552 | ---- | M] (F-Secure Corporation) -- C:\Windows\System32\drivers\fses.sys -- (FSES [System | Running])
DRV - [2008.12.04 16:57:54 | 00,070,944 | ---- | M] (F-Secure Corporation) -- C:\Windows\System32\drivers\fsdfw.sys -- (FSFW [System | Running])
DRV - [2008.12.04 16:57:08 | 00,012,384 | ---- | M] () -- C:\Program Files\PC Protection\Anti-Virus\minifilter\fsvista.sys -- (fsvista [System | Running])
DRV - [2008.01.21 05:23:26 | 00,040,504 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs [Disabled | Stopped])
DRV - [2008.01.21 05:23:23 | 00,235,064 | ---- | M] (Intel Corporation) -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV [Disabled | Stopped])
DRV - [2006.11.02 12:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp [Disabled | Stopped])
DRV - [2008.02.14 15:16:12 | 00,015,392 | ---- | M] (Acer, Inc.) -- C:\Windows\System32\drivers\int15.sys -- (int15 [Auto | Running])
DRV - [2008.05.20 13:01:00 | 02,143,136 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2006.11.02 12:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi [Disabled | Stopped])
DRV - [2006.11.02 12:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid [Disabled | Stopped])
DRV - [2008.01.21 05:23:23 | 00,096,312 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC [Disabled | Stopped])
DRV - [2008.01.21 05:23:25 | 00,089,656 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS [Disabled | Stopped])
DRV - [2008.01.21 05:23:23 | 00,096,312 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI [Disabled | Stopped])
DRV - [2007.03.06 18:50:30 | 01,669,664 | ---- | M] () -- C:\Windows\System32\DRIVERS\LVcKap.sys -- (LVcKap [On_Demand | Stopped])
DRV - [2007.03.06 18:52:46 | 02,261,792 | ---- | M] (Labtec Inc.) -- C:\Windows\System32\DRIVERS\LVMVDrv.sys -- (LVMVDrv [On_Demand | Stopped])
DRV - [2007.03.06 18:54:40 | 00,041,376 | ---- | M] (Labtec Inc.) -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta [On_Demand | Running])
DRV - [2008.01.21 05:23:27 | 00,031,288 | ---- | M] (LSI Corporation) -- C:\Windows\system32\drivers\megasas.sys -- (megasas [Disabled | Stopped])
DRV - [2008.01.21 05:23:27 | 00,386,616 | ---- | M] (LSI Corporation, Inc.) -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR [Disabled | Stopped])
DRV - [2006.11.02 12:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x [Disabled | Stopped])
DRV - [2006.11.02 12:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960 [Disabled | Stopped])
DRV - [2008.01.30 12:52:06 | 00,014,848 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Windows\System32\DRIVERS\NTIDrvr.sys -- (NTIDrvr [On_Demand | Running])
DRV - [2006.11.02 10:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi [Disabled | Stopped])
DRV - [2008.01.21 05:23:21 | 00,102,968 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid [Disabled | Stopped])
DRV - [2008.01.21 05:23:21 | 00,045,112 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor [Disabled | Stopped])
DRV - [2007.03.06 18:48:46 | 00,014,240 | ---- | M] (Labtec Inc.) -- C:\Windows\System32\DRIVERS\lv302af.sys -- (pepifilter [On_Demand | Running])
DRV - [2007.03.06 18:48:46 | 01,273,504 | ---- | M] (Labtec Inc.) -- C:\Windows\System32\DRIVERS\LV302V32.SYS -- (PID_PEPI [On_Demand | Running])
DRV - [2008.01.27 01:27:26 | 00,018,480 | ---- | M] (Egis Incorporated) -- C:\Windows\system32\DRIVERS\psdfilter.sys -- (PSDFilter [Boot | Running])
DRV - [2008.01.27 01:27:28 | 00,016,432 | ---- | M] (Egis Incorporated) -- C:\Windows\System32\DRIVERS\PSDNServ.sys -- (PSDNServ [Auto | Running])
DRV - [2008.01.27 01:27:28 | 00,059,952 | ---- | M] (Egis Incorporated) -- C:\Windows\System32\DRIVERS\PSDVdisk.sys -- (psdvdisk [Auto | Running])
DRV - [2008.01.21 05:23:24 | 01,122,360 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300 [Disabled | Stopped])
DRV - [2006.11.02 12:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx [Disabled | Stopped])
DRV - [2005.11.03 21:39:02 | 00,245,504 | ---- | M] (Ralink Technology, Corp.) -- C:\Windows\System32\DRIVERS\Dr71WU.sys -- (RT73 [On_Demand | Stopped])
DRV - [2006.11.02 09:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv [Auto | Running])
DRV - [2008.01.21 05:23:26 | 00,074,808 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4 [Disabled | Stopped])
DRV - [2009.05.12 22:09:56 | 00,721,904 | ---- | M] () -- C:\Windows\System32\Drivers\sptd.sys -- (sptd [Boot | Running])
DRV - [2006.11.02 12:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx [Disabled | Stopped])
DRV - [2006.11.02 12:49:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi [Disabled | Stopped])
DRV - [2006.11.02 12:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3 [Disabled | Stopped])
DRV - [2007.09.28 15:29:12 | 00,014,544 | ---- | M] (EnTech Taiwan) -- C:\Windows\System32\drivers\tvicport.sys -- (tvicport [Auto | Running])
DRV - [2008.01.30 12:51:50 | 00,013,824 | ---- | M] (NewTech Infosystems Corporation) -- C:\Windows\System32\drivers\UBHelper.sys -- (UBHelper [Boot | Running])
DRV - [2008.01.21 05:23:20 | 00,238,648 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci [Disabled | Stopped])
DRV - [2006.11.02 12:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata [Disabled | Stopped])
DRV - [2008.01.21 05:23:23 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2 [Disabled | Stopped])
DRV - [2009.04.11 07:42:54 | 00,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbaudio.sys -- (usbaudio [On_Demand | Running])
DRV - [2008.01.21 05:23:00 | 00,020,024 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\system32\drivers\viaide.sys -- (viaide [Disabled | Stopped])
DRV - [2008.01.21 05:23:23 | 00,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid [Disabled | Stopped])
DRV - [2007.12.28 05:51:00 | 00,298,496 | ---- | M] (Marvell) -- C:\Windows\System32\DRIVERS\yk60x86.sys -- (yukonwlh [On_Demand | Running])
DRV - [2007.09.28 15:29:12 | 00,006,080 | ---- | M] (Zeal SoftStudio) -- C:\Windows\System32\drivers\zntport.sys -- (zntport [Auto | Running])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fi.intl.acer.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fi.intl.acer.yahoo.com


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-912600381-1854815515-268499315-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-912600381-1854815515-268499315-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-21-912600381-1854815515-268499315-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.kainuu.com/Main.aspx
IE - HKU\S-1-5-21-912600381-1854815515-268499315-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-912600381-1854815515-268499315-1000\S-1-5-21-912600381-1854815515-268499315-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009.07.01 22:02:50 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009.07.24 12:34:38 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009.07.24 12:34:38 | 00,000,000 | ---D | M]

[2009.07.17 18:29:55 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009.07.24 12:34:38 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009.02.07 22:50:55 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2009.07.17 18:29:55 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
[2009.07.24 12:34:33 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009.07.24 12:34:33 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2007.04.10 18:21:08 | 00,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\np-mswmp.dll
[2009.01.16 20:17:04 | 00,114,688 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\np32dsw.dll
[2008.09.04 03:11:24 | 00,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\mozilla firefox\plugins\npbittorrent.dll
[2009.07.17 18:29:46 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll
[2009.07.24 12:34:34 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2008.10.14 21:33:30 | 00,095,600 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2009.06.27 11:13:14 | 00,002,062 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bookplus-fi.xml
[2009.06.27 11:13:14 | 00,001,069 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons-fi.xml
[2009.06.27 11:13:14 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009.06.27 11:13:14 | 00,002,677 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\huuto-fi.xml
[2009.06.27 11:13:14 | 00,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fi.xml
[2009.06.27 11:13:14 | 00,000,796 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-fi.xml

O1 HOSTS File: (1243 bytes) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O2 - BHO: (Adobe PDF Reader -linkkiavustaja) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
O2 - BHO: (Windows Live ID -kirjautumisapuohjelma) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Program Files\Acer\Empowering Technology\SysMonitor.exe ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [BkupTray] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe ()
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe (Egis Incorporated)
O4 - HKLM..\Run: [EmpoweringTechnology] C:\Program Files\Acer\Empowering Technology\Framework.Lau File not found
O4 - HKLM..\Run: [F-Secure Manager] File not found
O4 - HKLM..\Run: [F-Secure TNB] C:\Program Files\PC Protection\FSGUI\TNBUtil.exe (F-Secure Corporation)
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe (Labtec Inc,)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Labtec\WebCam10\WebCam10.exe ()
O4 - HKLM..\Run: [PCMMediaSharing] C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Skytel] C:\Windows\Skytel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe File not found
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.DLL (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.DLL (Microsoft Corporation)
O4 - HKU\S-1-5-21-912600381-1854815515-268499315-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-912600381-1854815515-268499315-1000..\Run: [BitTorrent DNA] C:\Users\*käyttäjä nimi*\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-21-912600381-1854815515-268499315-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-912600381-1854815515-268499315-1000..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-912600381-1854815515-268499315-1000..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-912600381-1854815515-268499315-1000..\Run: [Orb] C:\Program Files\Winamp Remote\bin\OrbTray.exe File not found
O4 - HKU\S-1-5-21-912600381-1854815515-268499315-1000..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)
O4 - Startup: C:\Users\All Users\Adobe [2009.05.17 18:12:32 | 00,000,000 | ---D | M]
O4 - Startup: File not found
O4 - Startup: C:\Users\All Users\ATI [2009.04.29 16:06:34 | 00,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\CyberLink [2008.04.23 00:39:49 | 00,000,000 | ---D | M]
O4 - Startup: File not found
O4 - Startup: C:\Users\All Users\Desktop [2006.11.02 16:02:03 | 00,000,000 | -HSD | M]
O4 - Startup: C:\Users\All Users\Documents [2006.11.02 16:02:03 | 00,000,000 | -HSD | M]
O4 - Startup: C:\Users\All Users\eSobi [2008.04.23 01:08:52 | 00,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\f-secure [2009.02.02 12:26:51 | 00,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Favorites [2006.11.02 16:02:03 | 00,000,000 | -HSD | M]
O4 - Startup: C:\Users\All Users\FLEXnet [2009.04.04 22:50:06 | 00,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\FloodLightGames [2008.04.23 00:42:19 | 00,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\fssg [2009.02.02 12:25:43 | 00,000,000 | ---D | M]
O4 - Startup: File not found
O4 - Startup: C:\Users\All Users\Käynnistä-valikko [2009.02.02 11:58:14 | 00,000,000 | -HSD | M]
O4 - Startup: C:\Users\All Users\Mallit [2009.02.02 11:58:14 | 00,000,000 | -HSD | M]
O4 - Startup: C:\Users\All Users\Malwarebytes [2009.06.21 19:03:19 | 00,000,000 | ---D | M]
O4 - Startup: File not found
O4 - Startup: C:\Users\All Users\Microsoft [2009.04.16 17:57:58 | 00,000,000 | --SD | M]
O4 - Startup: C:\Users\All Users\Microsoft [2009.04.16 17:57:58 | 00,000,000 | --SD | M]
O4 - Startup: C:\Users\All Users\OrbNetworks [2009.02.18 21:33:31 | 00,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Sony [2009.03.08 21:08:34 | 00,000,000 | ---D | M]
O4 - Startup: File not found
O4 - Startup: File not found
O4 - Startup: C:\Users\All Users\Suosikit [2009.02.02 11:58:14 | 00,000,000 | -HSD | M]
O4 - Startup: C:\Users\All Users\TEMP [2009.07.19 18:51:15 | 00,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Templates [2006.11.02 16:02:04 | 00,000,000 | -HSD | M]
O4 - Startup: File not found
O4 - Startup: C:\Users\All Users\Tiedostot [2009.02.02 11:58:14 | 00,000,000 | -HSD | M]
O4 - Startup: C:\Users\All Users\Työpöytä [2009.02.02 11:58:14 | 00,000,000 | -HSD | M]
O4 - Startup: C:\Users\All Users\Ubisoft [2009.04.08 20:37:11 | 00,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\{174892B1-CBE7-44F5-86FF-AB555EFD73A3} [2008.04.23 00:59:16 | 00,000,000 | ---D | M]
O4 - Startup: C:\Users\Default\AppData [2006.11.02 14:18:34 | 00,000,000 | -H-D | M]
O4 - Startup: File not found
O4 - Startup: C:\Users\Default\Cookies [2006.11.02 16:02:03 | 00,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\Desktop [2006.11.02 13:23:35 | 00,000,000 | R--D | M]
O4 - Startup: C:\Users\Default\Documents [2009.02.02 11:58:14 | 00,000,000 | R--D | M]
O4 - Startup: C:\Users\Default\Downloads [2006.11.02 13:23:35 | 00,000,000 | R--D | M]
O4 - Startup: C:\Users\Default\Favorites [2008.04.23 00:41:29 | 00,000,000 | R--D | M]
O4 - Startup: C:\Users\Default\Käynnistä-valikko [2009.02.02 11:58:14 | 00,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\Links [2006.11.02 13:23:35 | 00,000,000 | R--D | M]
O4 - Startup: File not found
O4 - Startup: C:\Users\Default\Mallit [2009.02.02 11:58:14 | 00,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\Music [2006.11.02 13:23:35 | 00,000,000 | R--D | M]
O4 - Startup: File not found
O4 - Startup: C:\Users\Default\NetHood [2006.11.02 16:02:03 | 00,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\NTUSER.DAT ()
O4 - Startup: C:\Users\Default\NTUSER.DAT.LOG ()
O4 - Startup: C:\Users\Default\ntuser.dat.LOG1 ()
O4 - Startup: C:\Users\Default\ntuser.dat.LOG2 ()
O4 - Startup: C:\Users\Default\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf ()
O4 - Startup: C:\Users\Default\NTUSER.DAT ()
O4 - Startup: C:\Users\Default\NTUSER.DAT ()
O4 - Startup: File not found
O4 - Startup: C:\Users\Default\Pictures [2006.11.02 13:23:35 | 00,000,000 | R--D | M]
O4 - Startup: C:\Users\Default\PrintHood [2006.11.02 16:02:03 | 00,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\Recent [2006.11.02 16:02:03 | 00,000,000 | -HSD | M]
O4 - Startup: File not found
O4 - Startup: C:\Users\Default\SendTo [2006.11.02 16:02:03 | 00,000,000 | -HSD | M]
O4 - Startup: File not found
O4 - Startup: C:\Users\Default\Templates [2006.11.02 16:02:03 | 00,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\Tulostinympäristö [2009.02.02 11:58:14 | 00,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\Verkkoympäristö [2009.02.02 11:58:14 | 00,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\Videos [2006.11.02 13:23:35 | 00,000,000 | R--D | M]
O4 - Startup: C:\Users\Muu perhe\AppData [2009.02.03 14:57:48 | 00,000,000 | -H-D | M]
O4 - Startup: File not found
O4 - Startup: C:\Users\Muu perhe\Contacts [2009.02.03 14:57:37 | 00,000,000 | R--D | M]
O4 - Startup: C:\Users\Muu perhe\Cookies [2009.02.03 14:57:31 | 00,000,000 | -HSD | M]
O4 - Startup: C:\Users\Muu perhe\Desktop [2009.07.23 14:51:40 | 00,000,000 | R--D | M]
O4 - Startup: C:\Users\Muu perhe\Documents [2009.06.25 15:27:26 | 00,000,000 | R--D | M]
O4 - Startup: C:\Users\Muu perhe\Downloads [2009.02.03 14:57:48 | 00,000,000 | R--D | M]
O4 - Startup: C:\Users\Muu perhe\Favorites [2009.07.16 17:20:17 | 00,000,000 | R--D | M]
O4 - Startup: C:\Users\Muu perhe\Käynnistä-valikko [2009.02.03 14:57:31 | 00,000,000 | -HSD | M]
O4 - Startup: C:\Users\Muu perhe\Links [2009.02.03 14:57:49 | 00,000,000 | R--D | M]
O4 - Startup: File not found
O4 - Startup: C:\Users\Muu perhe\Mallit [2009.02.03 14:57:31 | 00,000,000 | -HSD | M]
O4 - Startup: C:\Users\Muu perhe\Music [2009.02.03 14:57:48 | 00,000,000 | R--D | M]
O4 - Startup: C:\Users\Muu perhe\NTUSER.DAT ()
O4 - Startup: C:\Users\Muu perhe\ntuser.dat.LOG1 ()
O4 - Startup: C:\Users\Muu perhe\ntuser.dat.LOG2 ()
O4 - Startup: C:\Users\Muu perhe\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf ()
O4 - Startup: C:\Users\Muu perhe\NTUSER.DAT ()
O4 - Startup: C:\Users\Muu perhe\NTUSER.DAT ()
O4 - Startup: C:\Users\Muu perhe\ntuser.ini ()
O4 - Startup: File not found
O4 - Startup: C:\Users\Muu perhe\Pictures [2009.03.10 17:59:39 | 00,000,000 | R--D | M]
O4 - Startup: C:\Users\Muu perhe\Recent [2009.02.03 14:57:31 | 00,000,000 | -HSD | M]
O4 - Startup: File not found
O4 - Startup: C:\Users\Muu perhe\Searches [2009.02.03 14:57:49 | 00,000,000 | R--D | M]
O4 - Startup: C:\Users\Muu perhe\SendTo [2009.02.03 14:57:31 | 00,000,000 | -HSD | M]
O4 - Startup: C:\Users\Muu perhe\Tracing [2009.07.16 17:20:53 | 00,000,000 | ---D | M]
O4 - Startup: C:\Users\Muu perhe\Tulostinympäristö [2009.02.03 14:57:31 | 00,000,000 | -HSD | M]
O4 - Startup: C:\Users\Muu perhe\Verkkoympäristö [2009.02.03 14:57:31 | 00,000,000 | -HSD | M]
O4 - Startup: C:\Users\Muu perhe\Videos [2009.03.10 17:59:39 | 00,000,000 | R--D | M]
O4 - Startup: C:\Users\Public\Desktop [2009.07.16 17:20:52 | 00,000,000 | RH-D | M]
O4 - Startup: C:\Users\Public\Documents [2009.04.04 22:45:33 | 00,000,000 | R--D | M]
O4 - Startup: C:\Users\Public\Downloads [2006.11.02 15:50:50 | 00,000,000 | R--D | M]
O4 - Startup: C:\Users\Public\Favorites [2006.11.02 13:23:35 | 00,000,000 | RH-D | M]
O4 - Startup: C:\Users\Public\Music [2006.11.02 15:50:50 | 00,000,000 | R--D | M]
O4 - Startup: C:\Users\Public\NTUSER.DAT ()
O4 - Startup: C:\Users\Public\NTUSER.DAT.LOG1 ()
O4 - Startup: C:\Users\Public\NTUSER.DAT.LOG2 ()
O4 - Startup: C:\Users\Public\NTUSER.DAT{594efddb-f108-11dd-bbb9-001fe25a0517}.TM.blf ()
O4 - Startup: C:\Users\Public\NTUSER.DAT ()
O4 - Startup: C:\Users\Public\NTUSER.DAT ()
O4 - Startup: C:\Users\Public\NTUSER.DAT{894836eb-f78c-11dd-b6b6-0022b00c898e}.TM.blf ()
O4 - Startup: C:\Users\Public\NTUSER.DAT ()
O4 - Startup: C:\Users\Public\NTUSER.DAT ()
O4 - Startup: C:\Users\Public\Pictures [2006.11.02 15:50:50 | 00,000,000 | R--D | M]
O4 - Startup: File not found
O4 - Startup: C:\Users\Public\Videos [2006.11.02 15:50:50 | 00,000,000 | R--D | M]
O4 - Startup: C:\Users\*käyttäjä nimi*\AppData [2009.02.02 12:03:58 | 00,000,000 | -H-D | M]
O4 - Startup: File not found
O4 - Startup: C:\Users\*käyttäjä nimi*\Contacts [2009.07.01 23:24:44 | 00,000,000 | R--D | M]
O4 - Startup: C:\Users\*käyttäjä nimi*\Cookies [2009.02.02 12:01:46 | 00,000,000 | -HSD | M]
O4 - Startup: C:\Users\*käyttäjä nimi*\Desktop [2009.07.24 18:30:29 | 00,000,000 | R--D | M]
O4 - Startup: C:\Users\*käyttäjä nimi*\Documents [2009.07.23 15:11:21 | 00,000,000 | R--D | M]
O4 - Startup: C:\Users\*käyttäjä nimi*\Downloads [2009.07.23 14:43:18 | 00,000,000 | R--D | M]
O4 - Startup: C:\Users\*käyttäjä nimi*\Favorites [2009.07.01 22:09:37 | 00,000,000 | R--D | M]
O4 - Startup: C:\Users\*käyttäjä nimi*\Games [2009.04.13 19:24:01 | 00,000,000 | ---D | M]
O4 - Startup: C:\Users\*käyttäjä nimi*\Käynnistä-valikko [2009.02.02 12:01:46 | 00,000,000 | -HSD | M]
O4 - Startup: C:\Users\*käyttäjä nimi*\Links [2006.11.02 13:23:35 | 00,000,000 | R--D | M]
O4 - Startup: File not found
O4 - Startup: C:\Users\*käyttäjä nimi*\Mallit [2009.02.02 12:01:46 | 00,000,000 | -HSD | M]
O4 - Startup: C:\Users\*käyttäjä nimi*\Music [2009.05.15 23:38:19 | 00,000,000 | R--D | M]
O4 - Startup: C:\Users\*käyttäjä nimi*\NTUSER.DAT ()
O4 - Startup: C:\Users\*käyttäjä nimi*\ntuser.dat.LOG1 ()
O4 - Startup: C:\Users\*käyttäjä nimi*\ntuser.dat.LOG2 ()
O4 - Startup: C:\Users\*käyttäjä nimi*\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf ()
O4 - Startup: C:\Users\*käyttäjä nimi*\NTUSER.DAT ()
O4 - Startup: C:\Users\*käyttäjä nimi*\NTUSER.DAT ()
O4 - Startup: C:\Users\*käyttäjä nimi*\ntuser.ini ()
O4 - Startup: File not found
O4 - Startup: C:\Users\*käyttäjä nimi*\Option [2009.06.09 00:10:05 | 00,000,000 | ---D | M]
O4 - Startup: C:\Users\*käyttäjä nimi*\Pictures [2009.05.15 23:38:19 | 00,000,000 | R--D | M]
O4 - Startup: File not found
O4 - Startup: C:\Users\*käyttäjä nimi*\Recent [2009.02.02 12:01:46 | 00,000,000 | -HSD | M]
O4 - Startup: File not found
O4 - Startup: C:\Users\*käyttäjä nimi*\Searches [2009.04.06 15:37:51 | 00,000,000 | R--D | M]
O4 - Startup: C:\Users\*käyttäjä nimi*\SendTo [2009.02.02 12:01:46 | 00,000,000 | -HSD | M]
O4 - Startup: C:\Users\*käyttäjä nimi*\Tracing [2009.07.24 18:12:51 | 00,000,000 | ---D | M]
O4 - Startup: C:\Users\*käyttäjä nimi*\Tulostinympäristö [2009.02.02 12:01:46 | 00,000,000 | -HSD | M]
O4 - Startup: C:\Users\*käyttäjä nimi*\Verkkoympäristö [2009.02.02 12:01:46 | 00,000,000 | -HSD | M]
O4 - Startup: C:\Users\*käyttäjä nimi*\Videos [2009.05.15 23:38:19 | 00,000,000 | R--D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8 - Extra context menu item: V&ie Microsoft Exceliin - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Lapsilukko... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\PC Protection\FSPC\fspcmsie.dll (F-Secure Corporation)
O9 - Extra 'Tools' menuitem : Lapsilukko... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\PC Protection\FSPC\fspcmsie.dll (F-Secure Corporation)
O9 - Extra Button: Lähetä OneNoteen - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Läh&etä OneNoteen - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\PC Protection\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\PC Protection\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\PC Protection\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\PC Protection\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\PC Protection\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\PC Protection\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\PC Protection\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {44990B00-3C9D-426D-81DF-AAB636FA4345} https://www-secure.symantec.com/techsupp/asa/ss/sa/sa_cabs/tgctlcm.cab (Symantec Configuration Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {B9F79165-A264-4C4A-A211-133A5E8D647F} http://support.f-secure.com/enu/home/onlineservices/fshc/fscax.cab (F-Secure Health Check 1.1)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.19 00:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005.11.01 13:59:48 | 01,187,840 | R--- | M] () - F:\autorun.exe -- [ UDF ]
O32 - AutoRun File - [2005.11.01 13:59:48 | 01,187,840 | R--- | M] () - F:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2005.11.01 13:59:47 | 00,000,043 | R--- | M] () - F:\Autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[2009.07.23 14:48:00 | 00,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2009.07.17 18:45:37 | 00,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2009.07.17 18:45:37 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2009.07.17 18:45:37 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2009.07.17 18:45:36 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll
[2009.07.17 18:45:36 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2009.07.17 18:29:53 | 00,148,888 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2009.07.17 18:29:53 | 00,144,792 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2009.07.17 18:29:53 | 00,144,792 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2009.07.17 18:29:41 | 00,000,000 | ---D | C] -- C:\Program Files\Java
[2009.07.15 20:51:39 | 00,000,000 | ---D | C] -- C:\Program Files\Ventrilo
[2009.07.15 20:51:37 | 00,000,210 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2009.07.15 20:44:25 | 00,000,000 | ---D | C] -- C:\Program Files\VentriloMIX
[2009.07.15 20:43:58 | 00,129,536 | ---- | C] () -- C:\Windows\inout2.dll
[2009.07.12 00:00:12 | 00,000,000 | ---D | C] -- C:\Program Files\Konami
[2009.07.01 23:16:47 | 00,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
[2009.07.01 23:16:47 | 00,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
[2009.07.01 23:16:45 | 00,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
[2009.07.01 22:52:48 | 00,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2009.07.01 22:49:59 | 12,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll
[2009.07.01 22:49:58 | 01,081,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCExt.dll
[2009.07.01 22:49:57 | 03,408,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe
[2009.07.01 22:49:56 | 02,134,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FunctionDiscoveryFolder.dll
[2009.07.01 22:49:56 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingWizard.exe
[2009.07.01 22:49:55 | 02,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
[2009.07.01 22:49:53 | 01,480,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2009.07.01 22:49:52 | 00,684,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\spsys.sys
[2009.07.01 22:49:51 | 01,576,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2009.07.01 22:49:51 | 00,779,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2009.07.01 22:49:50 | 01,257,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2009.07.01 22:49:50 | 00,928,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavenge.dll
[2009.07.01 22:49:50 | 00,561,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hdaudbus.sys
[2009.07.01 22:49:50 | 00,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2009.07.01 22:49:50 | 00,518,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2009.07.01 22:49:49 | 02,241,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msi.dll
[2009.07.01 22:49:48 | 02,499,629 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2009.07.01 22:49:48 | 00,677,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll
[2009.07.01 22:49:48 | 00,476,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2009.07.01 22:49:48 | 00,291,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WscEapPr.dll
[2009.07.01 22:49:47 | 00,968,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz2.dll
[2009.07.01 22:49:47 | 00,558,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmain.dll
[2009.07.01 22:49:46 | 02,868,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2009.07.01 22:49:46 | 00,619,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2009.07.01 22:49:46 | 00,035,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
[2009.07.01 22:49:45 | 01,216,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayCpl.dll
[2009.07.01 22:49:45 | 00,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorShell.dll
[2009.07.01 22:49:45 | 00,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spreview.exe
[2009.07.01 22:49:44 | 00,978,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmv2clt.dll
[2009.07.01 22:49:44 | 00,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spinstall.exe
[2009.07.01 22:49:43 | 00,472,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2009.07.01 22:49:43 | 00,438,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
[2009.07.01 22:49:43 | 00,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizui.dll
[2009.07.01 22:49:42 | 11,584,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll
[2009.07.01 22:49:42 | 00,644,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\p2psvc.dll
[2009.07.01 22:49:41 | 00,670,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2009.07.01 22:49:41 | 00,441,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe
[2009.07.01 22:49:41 | 00,278,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscoree.dll
[2009.07.01 22:49:40 | 00,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2VDEC.DLL
[2009.07.01 22:49:40 | 00,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
[2009.07.01 22:49:40 | 00,351,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2009.07.01 22:49:40 | 00,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2009.07.01 22:49:39 | 03,601,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2009.07.01 22:49:39 | 01,459,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esent.dll
[2009.07.01 22:49:39 | 00,729,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10K.DLL
[2009.07.01 22:49:39 | 00,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2009.07.01 22:49:38 | 00,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairing.dll
[2009.07.01 22:49:38 | 00,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2009.07.01 22:49:38 | 00,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sperror.dll
[2009.07.01 22:49:37 | 10,624,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmp.dll
[2009.07.01 22:49:37 | 01,017,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtsvc.dll
[2009.07.01 22:49:37 | 00,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2009.07.01 22:49:37 | 00,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2009.07.01 22:49:37 | 00,228,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLC.dll
[2009.07.01 22:49:37 | 00,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\korwbrkr.dll
[2009.07.01 22:49:37 | 00,041,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2009.07.01 22:49:36 | 02,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2009.07.01 22:49:36 | 01,589,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjet40.dll
[2009.07.01 22:49:36 | 00,407,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MPSSVC.dll
[2009.07.01 22:49:35 | 03,549,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2009.07.01 22:49:35 | 01,381,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Query.dll
[2009.07.01 22:49:35 | 01,336,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml6.dll
[2009.07.01 22:49:35 | 00,883,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10.IME
[2009.07.01 22:49:35 | 00,758,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qmgr.dll
[2009.07.01 22:49:34 | 01,316,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll
[2009.07.01 22:49:34 | 01,078,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagperf.dll
[2009.07.01 22:49:34 | 00,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IasMigReader.exe
[2009.07.01 22:49:34 | 00,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexch40.dll
[2009.07.01 22:49:34 | 00,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\P2PGraph.dll
[2009.07.01 22:49:33 | 01,202,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll
[2009.07.01 22:49:33 | 01,183,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3.dll
[2009.07.01 22:49:33 | 00,986,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2009.07.01 22:49:33 | 00,950,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe
[2009.07.01 22:49:33 | 00,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2009.07.01 22:49:33 | 00,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2009.07.01 22:49:32 | 02,092,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfsr.exe
[2009.07.01 22:49:32 | 01,792,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmc.exe
[2009.07.01 22:49:32 | 00,466,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched20.dll
[2009.07.01 22:49:32 | 00,454,144 | ---- | C] (Microsoft) -- C:\Windows\System32\IasMigPlugin.dll
[2009.07.01 22:49:32 | 00,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2009.07.01 22:49:32 | 00,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uDWM.dll
[2009.07.01 22:49:32 | 00,130,008 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2009.07.01 22:49:32 | 00,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBth.dll
[2009.07.01 22:49:31 | 00,897,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tcpip.sys
[2009.07.01 22:49:31 | 00,891,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll
[2009.07.01 22:49:31 | 00,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll
[2009.07.01 22:49:31 | 00,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SearchFilterHost.exe
[2009.07.01 22:49:30 | 02,012,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\milcore.dll
[2009.07.01 22:49:30 | 01,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2009.07.01 22:49:30 | 00,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2009.07.01 22:49:30 | 00,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schedsvc.dll
[2009.07.01 22:49:30 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SearchProtocolHost.exe
[2009.07.01 22:49:30 | 00,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spoolss.dll
[2009.07.01 22:49:30 | 00,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll
[2009.07.01 22:49:30 | 00,009,239 | ---- | C] () -- C:\Windows\System32\spcinstrumentation.man
[2009.07.01 22:49:29 | 00,950,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpedit.dll
[2009.07.01 22:49:29 | 00,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp60.dll
[2009.07.01 22:49:29 | 00,290,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjtes40.dll
[2009.07.01 22:49:29 | 00,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayDriverLib.dll
[2009.07.01 22:49:29 | 00,099,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2009.07.01 22:49:28 | 03,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe
[2009.07.01 22:49:28 | 00,268,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\es.dll
[2009.07.01 22:49:28 | 00,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationSettings.exe
[2009.07.01 22:49:27 | 01,083,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ntfs.sys
[2009.07.01 22:49:27 | 00,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll
[2009.07.01 22:49:27 | 00,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Magnify.exe
[2009.07.01 22:49:27 | 00,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstext40.dll
[2009.07.01 22:49:27 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayServices.dll
[2009.07.01 22:49:26 | 01,524,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgradeCPL.dll
[2009.07.01 22:49:26 | 01,209,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comsvcs.dll
[2009.07.01 22:49:26 | 00,454,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxbde40.dll
[2009.07.01 22:49:26 | 00,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexcl40.dll
[2009.07.01 22:49:26 | 00,321,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2009.07.01 22:49:26 | 00,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WebClnt.dll
[2009.07.01 22:49:26 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwmi.dll
[2009.07.01 22:49:25 | 02,066,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstscax.dll
[2009.07.01 22:49:25 | 01,985,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2009.07.01 22:49:25 | 01,086,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NetProjW.dll
[2009.07.01 22:49:25 | 01,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll
[2009.07.01 22:49:24 | 00,978,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\crypt32.dll
[2009.07.01 22:49:24 | 00,754,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll
[2009.07.01 22:49:24 | 00,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrepl40.dll
[2009.07.01 22:49:24 | 00,640,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
[2009.07.01 22:49:24 | 00,576,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpsvc.dll
[2009.07.01 22:49:24 | 00,469,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.dll
[2009.07.01 22:49:24 | 00,442,788 | ---- | C] () -- C:\Windows\System32\dot3.tmf
[2009.07.01 22:49:24 | 00,323,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2009.07.01 22:49:24 | 00,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eudcedit.exe
[2009.07.01 22:49:24 | 00,119,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2009.07.01 22:49:24 | 00,102,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2009.07.01 22:49:23 | 02,926,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2009.07.01 22:49:23 | 01,591,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll
[2009.07.01 22:49:23 | 00,550,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpcss.dll
[2009.07.01 22:49:23 | 00,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspbde40.dll
[2009.07.01 22:49:22 | 01,788,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
[2009.07.01 22:49:22 | 01,135,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2009.07.01 22:49:22 | 00,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msltus40.dll
[2009.07.01 22:49:22 | 00,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.07.01 22:49:22 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\davclnt.dll
[2009.07.01 22:49:21 | 01,324,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browseui.dll
[2009.07.01 22:49:21 | 01,053,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtctm.dll
[2009.07.01 22:49:21 | 00,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgkrnl.sys
[2009.07.01 22:49:21 | 00,353,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll
[2009.07.01 22:49:21 | 00,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd3x40.dll
[2009.07.01 22:49:21 | 00,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\photowiz.dll
[2009.07.01 22:49:21 | 00,250,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll
[2009.07.01 22:49:21 | 00,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.07.01 22:49:21 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorPwdMgr.dll
[2009.07.01 22:49:20 | 03,662,128 | ---- | C] () -- C:\Windows\System32\locale.nls
[2009.07.01 22:49:20 | 00,627,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\user32.dll
[2009.07.01 22:49:20 | 00,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlhtml.dll
[2009.07.01 22:49:19 | 01,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2009.07.01 22:49:19 | 00,614,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2009.07.01 22:49:19 | 00,582,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCommDlg.dll
[2009.07.01 22:49:19 | 00,563,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll
[2009.07.01 22:49:19 | 00,483,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\samsrv.dll
[2009.07.01 22:49:19 | 00,443,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32spl.dll
[2009.07.01 22:49:19 | 00,392,170 | ---- | C] () -- C:\Windows\System32\onex.tmf
[2009.07.01 22:49:19 | 00,165,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WcnNetsh.dll
[2009.07.01 22:49:18 | 03,174,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netshell.dll
[2009.07.01 22:49:18 | 01,730,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apds.dll
[2009.07.01 22:49:18 | 00,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2009.07.01 22:49:18 | 00,497,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kerberos.dll
[2009.07.01 22:49:18 | 00,438,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IKEEXT.DLL
[2009.07.01 22:49:18 | 00,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winhttp.dll
[2009.07.01 22:49:18 | 00,225,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rdbss.sys
[2009.07.01 22:49:18 | 00,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msv1_0.dll
[2009.07.01 22:49:18 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\compcln.exe
[2009.07.01 22:49:17 | 00,618,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswstr10.dll
[2009.07.01 22:49:17 | 00,564,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\emdmgmt.dll
[2009.07.01 22:49:17 | 00,315,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiosrv.dll
[2009.07.01 22:49:17 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlfilter.dll
[2009.07.01 22:49:16 | 01,055,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VSSVC.exe
[2009.07.01 22:49:16 | 00,807,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll
[2009.07.01 22:49:16 | 00,679,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll
[2009.07.01 22:49:16 | 00,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QAGENTRT.DLL
[2009.07.01 22:49:16 | 00,297,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll
[2009.07.01 22:49:16 | 00,223,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2009.07.01 22:49:16 | 00,199,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iphlpsvc.dll
[2009.07.01 22:49:16 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxdav.sys
[2009.07.01 22:49:15 | 01,160,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2009.07.01 22:49:15 | 00,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlsrv32.dll
[2009.07.01 22:49:15 | 00,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLUI.exe
[2009.07.01 22:49:15 | 00,344,698 | ---- | C] () -- C:\Windows\System32\eaphost.tmf
[2009.07.01 22:49:15 | 00,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd2x40.dll
[2009.07.01 22:49:15 | 00,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapphost.dll
[2009.07.01 22:49:14 | 00,926,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2009.07.01 22:49:14 | 00,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
[2009.07.01 22:49:14 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propdefs.dll
[2009.07.01 22:49:14 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBSTOR.SYS
[2009.07.01 22:49:13 | 01,856,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbgeng.dll
[2009.07.01 22:49:13 | 01,068,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll
[2009.07.01 22:49:13 | 00,196,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbhub.sys
[2009.07.01 22:49:12 | 00,747,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmSvc.dll
[2009.07.01 22:49:12 | 00,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtutil.exe
[2009.07.01 22:49:12 | 00,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssitlb.dll
[2009.07.01 22:49:11 | 02,167,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcndmgr.dll
[2009.07.01 22:49:11 | 00,502,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll
[2009.07.01 22:49:11 | 00,311,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\swprv.dll
[2009.07.01 22:49:10 | 00,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netlogon.dll
[2009.07.01 22:49:10 | 00,385,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vds.exe
[2009.07.01 22:49:10 | 00,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devmgr.dll
[2009.07.01 22:49:10 | 00,334,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BFE.DLL
[2009.07.01 22:49:10 | 00,199,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsldpc.dll
[2009.07.01 22:49:10 | 00,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvinst.exe
[2009.07.01 22:49:10 | 00,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctfp.dll
[2009.07.01 22:49:10 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingProxy.dll
[2009.07.01 22:49:10 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscb.dll
[2009.07.01 22:49:10 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBthProxy.dll
[2009.07.01 22:49:09 | 01,533,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz.dll
[2009.07.01 22:49:09 | 01,382,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL
[2009.07.01 22:49:09 | 00,712,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll
[2009.07.01 22:49:09 | 00,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll
[2009.07.01 22:49:09 | 00,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2009.07.01 22:49:09 | 00,355,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2009.07.01 22:49:09 | 00,287,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll
[2009.07.01 22:49:09 | 00,268,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schannel.dll
[2009.07.01 22:49:08 | 01,143,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wercon.exe
[2009.07.01 22:49:08 | 00,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2009.07.01 22:49:08 | 00,450,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll
[2009.07.01 22:49:08 | 00,279,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\services.exe
[2009.07.01 22:49:08 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quick.ime
[2009.07.01 22:49:08 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qintlgnt.ime
[2009.07.01 22:49:08 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\phon.ime
[2009.07.01 22:49:08 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cintlgnt.ime
[2009.07.01 22:49:08 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chajei.ime
[2009.07.01 22:49:08 | 00,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[2009.07.01 22:49:07 | 00,856,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswdat10.dll
[2009.07.01 22:49:07 | 00,560,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2009.07.01 22:49:07 | 00,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcncsvc.dll
[2009.07.01 22:49:07 | 00,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsmsnap.dll
[2009.07.01 22:49:07 | 00,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2009.07.01 22:49:07 | 00,323,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certcli.dll
[2009.07.01 22:49:07 | 00,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2009.07.01 22:49:07 | 00,180,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\msiscsi.sys
[2009.07.01 22:49:07 | 00,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe
[2009.07.01 22:49:07 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\reg.exe
[2009.07.01 22:49:07 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjter40.dll
[2009.07.01 22:49:07 | 00,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtffilt.dll
[2009.07.01 22:49:06 | 00,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2009.07.01 22:49:06 | 00,799,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe
[2009.07.01 22:49:06 | 00,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr
[2009.07.01 22:49:06 | 00,364,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IPSECSVC.DLL
[2009.07.01 22:49:06 | 00,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv.sys
[2009.07.01 22:49:06 | 00,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w32time.dll
[2009.07.01 22:49:06 | 00,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2009.07.01 22:49:06 | 00,222,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\umpnpmgr.dll
[2009.07.01 22:49:06 | 00,168,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnsapi.dll
[2009.07.01 22:49:05 | 00,527,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ndis.sys
[2009.07.01 22:49:05 | 00,332,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2009.07.01 22:49:05 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll
[2009.07.01 22:49:05 | 00,241,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rsaenh.dll
[2009.07.01 22:49:05 | 00,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
[2009.07.01 22:49:05 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2009.07.01 22:49:05 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthserv.dll
[2009.07.01 22:49:05 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll
[2009.07.01 22:49:04 | 00,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcomm.dll
[2009.07.01 22:49:04 | 00,467,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll
[2009.07.01 22:49:04 | 00,310,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxclu.dll
[2009.07.01 22:49:04 | 00,122,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetpp.dll
[2009.07.01 22:49:04 | 00,093,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfshim.dll
[2009.07.01 22:49:04 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstrc.dll
[2009.07.01 22:49:04 | 00,035,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsWpfWrp.exe
[2009.07.01 22:49:03 | 00,449,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\termsrv.dll
[2009.07.01 22:49:03 | 00,343,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2009.07.01 22:49:03 | 00,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\profsvc.dll
[2009.07.01 22:49:03 | 00,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fundisc.dll
[2009.07.01 22:49:03 | 00,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
[2009.07.01 22:49:03 | 00,129,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cryptsvc.dll
[2009.07.01 22:49:03 | 00,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2009.07.01 22:49:03 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hidserv.dll
[2009.07.01 22:49:02 | 01,696,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2009.07.01 22:49:02 | 00,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi.dll
[2009.07.01 22:49:01 | 01,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chsbrkr.dll
[2009.07.01 22:49:01 | 01,020,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdc.dll
[2009.07.01 22:49:01 | 00,247,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsvcs.dll
[2009.07.01 22:49:01 | 00,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb10.sys
[2009.07.01 22:49:01 | 00,208,966 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2009.07.01 22:49:01 | 00,149,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pci.sys
[2009.07.01 22:49:01 | 00,125,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Classpnp.sys
[2009.07.01 22:49:01 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Kswdmcap.ax
[2009.07.01 22:49:01 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msiexec.exe
[2009.07.01 22:49:00 | 01,823,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
[2009.07.01 22:49:00 | 00,262,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasmans.dll
[2009.07.01 22:49:00 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassdo.dll
[2009.07.01 22:49:00 | 00,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe
[2009.07.01 22:49:00 | 00,053,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\termdd.sys
[2009.07.01 22:49:00 | 00,009,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2009.07.01 22:48:59 | 00,636,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe
[2009.07.01 22:48:59 | 00,439,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ksecdd.sys
[2009.07.01 22:48:59 | 00,265,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\acpi.sys
[2009.07.01 22:48:59 | 00,245,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\clfs.sys
[2009.07.01 22:48:59 | 00,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdh.dll
[2009.07.01 22:48:59 | 00,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrrun.dll
[2009.07.01 22:48:59 | 00,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv2.sys
[2009.07.01 22:48:59 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wersvc.dll
[2009.07.01 22:48:59 | 00,122,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Storport.sys
[2009.07.01 22:48:59 | 00,109,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2009.07.01 22:48:59 | 00,092,918 | ---- | C] () -- C:\Windows\System32\slmgr.vbs
[2009.07.01 22:48:59 | 00,050,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PSHED.DLL
[2009.07.01 22:48:59 | 00,035,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\crashdmp.sys
[2009.07.01 22:48:58 | 01,122,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appwiz.cpl
[2009.07.01 22:48:58 | 01,107,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pidgenx.dll
[2009.07.01 22:48:58 | 00,757,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll
[2009.07.01 22:48:58 | 00,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnrollUI.dll
[2009.07.01 22:48:58 | 00,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx
[2009.07.01 22:48:58 | 00,258,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv
[2009.07.01 22:48:58 | 00,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc.dll
[2009.07.01 22:48:58 | 00,054,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\partmgr.sys
[2009.07.01 22:48:57 | 02,205,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
[2009.07.01 22:48:57 | 00,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2009.07.01 22:48:57 | 00,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe
[2009.07.01 22:48:57 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLUINotify.dll
[2009.07.01 22:48:57 | 00,048,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mup.sys
[2009.07.01 22:48:56 | 01,502,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certmgr.dll
[2009.07.01 22:48:56 | 00,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe
[2009.07.01 22:48:56 | 00,593,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comuid.dll
[2009.07.01 22:48:56 | 00,347,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2009.07.01 22:48:56 | 00,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll
[2009.07.01 22:48:56 | 00,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2009.07.01 22:48:56 | 00,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassam.dll
[2009.07.01 22:48:56 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrobj.dll
[2009.07.01 22:48:56 | 00,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spp.dll
[2009.07.01 22:48:56 | 00,053,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\disk.sys
[2009.07.01 22:48:56 | 00,017,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll
[2009.07.01 22:48:55 | 00,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autochk.exe
[2009.07.01 22:48:55 | 00,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imkr80.ime
[2009.07.01 22:48:55 | 00,292,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\volmgrx.sys
[2009.07.01 22:48:55 | 00,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2009.07.01 22:48:55 | 00,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wisptis.exe
[2009.07.01 22:48:55 | 00,099,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2009.07.01 22:48:55 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe
[2009.07.01 22:48:55 | 00,043,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciidex.sys
[2009.07.01 22:48:55 | 00,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2009.07.01 22:48:54 | 00,869,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printui.dll
[2009.07.01 22:48:54 | 00,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe
[2009.07.01 22:48:54 | 00,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2009.07.01 22:48:54 | 00,226,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\volsnap.sys
[2009.07.01 22:48:54 | 00,190,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fltMgr.sys
[2009.07.01 22:48:54 | 00,161,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\msrpc.sys
[2009.07.01 22:48:54 | 00,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasnap.dll
[2009.07.01 22:48:54 | 00,141,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ecache.sys
[2009.07.01 22:48:54 | 00,014,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciide.sys
[2009.07.01 22:48:53 | 01,541,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\onex.dll
[2009.07.01 22:48:53 | 00,273,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wow32.dll
[2009.07.01 22:48:53 | 00,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osk.exe
[2009.07.01 22:48:53 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe
[2009.07.01 22:48:53 | 00,130,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll
[2009.07.01 22:48:53 | 00,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll
[2009.07.01 22:48:53 | 00,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2009.07.01 22:48:53 | 00,027,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dumpata.sys
[2009.07.01 22:48:53 | 00,017,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdcom.dll
[2009.07.01 22:48:52 | 00,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswsock.dll
[2009.07.01 22:48:52 | 00,019,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdusb.dll
[2009.07.01 22:48:52 | 00,019,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\atapi.sys
[2009.07.01 22:48:51 | 00,860,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe
[2009.07.01 22:48:51 | 00,612,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2009.07.01 22:48:51 | 00,564,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2009.07.01 22:48:51 | 00,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelMon.dll
[2009.07.01 22:48:51 | 00,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winmm.dll
[2009.07.01 22:48:51 | 00,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netbt.sys
[2009.07.01 22:48:51 | 00,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSCard.dll
[2009.07.01 22:48:51 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spcmsg.dll
[2009.07.01 22:48:50 | 00,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Utilman.exe
[2009.07.01 22:48:50 | 00,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFault.exe
[2009.07.01 22:48:50 | 00,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\offfilt.dll
[2009.07.01 22:48:50 | 00,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2009.07.01 22:48:50 | 00,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2009.07.01 22:48:50 | 00,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnsrslvr.dll
[2009.07.01 22:48:49 | 00,852,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll
[2009.07.01 22:48:49 | 00,586,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\stobject.dll
[2009.07.01 22:48:49 | 00,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnntfy.dll
[2009.07.01 22:48:49 | 00,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
[2009.07.01 22:48:49 | 00,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe
[2009.07.01 22:48:49 | 00,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2009.07.01 22:48:49 | 00,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe
[2009.07.01 22:48:49 | 00,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll
[2009.07.01 22:48:49 | 00,171,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll
[2009.07.01 22:48:49 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb.sys
[2009.07.01 22:48:49 | 00,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysclass.dll
[2009.07.01 22:48:49 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsmsext.dll
[2009.07.01 22:48:49 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsepno.dll
[2009.07.01 22:48:48 | 00,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaservc.dll
[2009.07.01 22:48:48 | 00,444,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll
[2009.07.01 22:48:48 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\http.sys
[2009.07.01 22:48:48 | 00,155,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscript.exe
[2009.07.01 22:48:48 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll
[2009.07.01 22:48:48 | 00,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ulib.dll
[2009.07.01 22:48:48 | 00,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\srvnet.sys
[2009.07.01 22:48:48 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll
[2009.07.01 22:48:48 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2009.07.01 22:48:47 | 01,342,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\brcpl.dll
[2009.07.01 22:48:47 | 00,971,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cryptui.dll
[2009.07.01 22:48:47 | 00,759,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsecsnp.dll
[2009.07.01 22:48:47 | 00,514,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansvc.dll
[2009.07.01 22:48:47 | 00,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll
[2009.07.01 22:48:47 | 00,223,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscntfy.dll
[2009.07.01 22:48:47 | 00,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpsetup.dll
[2009.07.01 22:48:47 | 00,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IPHLPAPI.DLL
[2009.07.01 22:48:47 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastapi.dll
[2009.07.01 22:48:47 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdProxy.dll
[2009.07.01 22:48:46 | 01,575,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVENCOD.DLL
[2009.07.01 22:48:46 | 00,507,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsdyn.dll
[2009.07.01 22:48:46 | 00,286,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasapi32.dll
[2009.07.01 22:48:46 | 00,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll
[2009.07.01 22:48:46 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe
[2009.07.01 22:48:46 | 00,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2009.07.01 22:48:46 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb20.sys
[2009.07.01 22:48:46 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll
[2009.07.01 22:48:46 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashlpr.dll
[2009.07.01 22:48:46 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscsvc.dll
[2009.07.01 22:48:46 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2009.07.01 22:48:45 | 01,580,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpccpl.dll
[2009.07.01 22:48:45 | 00,342,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\zipfldr.dll
[2009.07.01 22:48:45 | 00,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll
[2009.07.01 22:48:45 | 00,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrad.dll
[2009.07.01 22:48:45 | 00,155,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2009.07.01 22:48:45 | 00,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe
[2009.07.01 22:48:45 | 00,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\regsvc.dll
[2009.07.01 22:48:45 | 00,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshext.dll
[2009.07.01 22:48:45 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe
[2009.07.01 22:48:44 | 02,225,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll
[2009.07.01 22:48:44 | 00,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
[2009.07.01 22:48:44 | 00,825,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdlg.dll
[2009.07.01 22:48:44 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassvcs.dll
[2009.07.01 22:48:44 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll
[2009.07.01 22:48:44 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbehci.sys
[2009.07.01 22:48:43 | 01,152,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll
[2009.07.01 22:48:43 | 00,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2009.07.01 22:48:42 | 00,777,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcc.dll
[2009.07.01 22:48:42 | 00,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll
[2009.07.01 22:48:42 | 00,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msutb.dll
[2009.07.01 22:48:42 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshom.ocx
[2009.07.01 22:48:42 | 00,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srvsvc.dll
[2009.07.01 22:48:42 | 00,121,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll
[2009.07.01 22:48:42 | 00,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstlsapi.dll
[2009.07.01 22:48:42 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2009.07.01 22:48:42 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
[2009.07.01 22:48:42 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uxsms.dll
[2009.07.01 22:48:42 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsbyuv.dll
[2009.07.01 22:48:41 | 03,072,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll
[2009.07.01 22:48:41 | 01,248,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll
[2009.07.01 22:48:41 | 00,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll
[2009.07.01 22:48:41 | 00,678,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstsc.exe
[2009.07.01 22:48:41 | 00,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2009.07.01 22:48:41 | 00,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powrprof.dll
[2009.07.01 22:48:41 | 00,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authz.dll
[2009.07.01 22:48:41 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll
[2009.07.01 22:48:40 | 01,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll
[2009.07.01 22:48:40 | 01,224,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll
[2009.07.01 22:48:40 | 00,842,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcpl.dll
[2009.07.01 22:48:40 | 00,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcaui.dll
[2009.07.01 22:48:40 | 00,175,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3svc.dll
[2009.07.01 22:48:40 | 00,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.exe
[2009.07.01 22:48:40 | 00,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanhlp.dll
[2009.07.01 22:48:40 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\kbdhid.sys
[2009.07.01 22:48:39 | 02,515,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll
[2009.07.01 22:48:39 | 01,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll
[2009.07.01 22:48:39 | 00,615,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themeui.dll
[2009.07.01 22:48:39 | 00,516,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll
[2009.07.01 22:48:39 | 00,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2009.07.01 22:48:39 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll
[2009.07.01 22:48:39 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmci.dll
[2009.07.01 22:48:38 | 01,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll
[2009.07.01 22:48:38 | 00,532,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpcao.dll
[2009.07.01 22:48:38 | 00,408,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe
[2009.07.01 22:48:38 | 00,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2009.07.01 22:48:38 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pintlgnt.ime
[2009.07.01 22:48:38 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\regapi.dll
[2009.07.01 22:48:37 | 00,306,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scesrv.dll
[2009.07.01 22:48:37 | 00,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2009.07.01 22:48:37 | 00,242,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tapisrv.dll
[2009.07.01 22:48:37 | 00,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scksp.dll
[2009.07.01 22:48:37 | 00,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\exfat.sys
[2009.07.01 22:48:37 | 00,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll
[2009.07.01 22:48:37 | 00,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2009.07.01 22:48:37 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleprn.dll
[2009.07.01 22:48:37 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll
[2009.07.01 22:48:37 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\feclient.dll
[2009.07.01 22:48:36 | 01,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscui.cpl
[2009.07.01 22:48:36 | 01,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2009.07.01 22:48:36 | 01,102,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmsys.cpl
[2009.07.01 22:48:36 | 00,407,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpapimig.exe
[2009.07.01 22:48:36 | 00,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2009.07.01 22:48:36 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll
[2009.07.01 22:48:36 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll
[2009.07.01 22:48:36 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rekeywiz.exe
[2009.07.01 22:48:36 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iaspolcy.dll
[2009.07.01 22:48:36 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DeviceEject.exe
[2009.07.01 22:48:36 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscisvif.dll
[2009.07.01 22:48:35 | 00,642,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasgcw.dll
[2009.07.01 22:48:35 | 00,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2009.07.01 22:48:35 | 00,542,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpui.dll
[2009.07.01 22:48:35 | 00,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2009.07.01 22:48:35 | 00,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptui.dll
[2009.07.01 22:48:35 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certreq.exe
[2009.07.01 22:48:35 | 00,177,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scecli.dll
[2009.07.01 22:48:35 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hdwwiz.exe
[2009.07.01 22:48:35 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBAUDIO.sys
[2009.07.01 22:48:35 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfdisk.dll
[2009.07.01 22:48:34 | 00,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasplap.dll
[2009.07.01 22:48:34 | 00,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2009.07.01 22:48:34 | 00,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys
[2009.07.01 22:48:34 | 00,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll
[2009.07.01 22:48:34 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWSD.dll
[2009.07.01 22:48:34 | 00,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe
[2009.07.01 22:48:34 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmmon32.exe
[2009.07.01 22:48:34 | 00,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSTheme.exe
[2009.07.01 22:48:34 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwinsat.dll
[2009.07.01 22:48:33 | 00,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmdial32.dll
[2009.07.01 22:48:33 | 00,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2009.07.01 22:48:33 | 00,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raschap.dll
[2009.07.01 22:48:33 | 00,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SnippingTool.exe
[2009.07.01 22:48:33 | 00,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdmaud.drv
[2009.07.01 22:48:33 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpmon.dll
[2009.07.01 22:48:33 | 00,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SCardSvr.dll
[2009.07.01 22:48:33 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
[2009.07.01 22:48:33 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\whealogr.dll
[2009.07.01 22:48:33 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tcpipreg.sys
[2009.07.01 22:48:33 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys
[2009.07.01 22:48:33 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys
[2009.07.01 22:48:32 | 01,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSVidCtl.dll
[2009.07.01 22:48:32 | 00,657,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVXENCD.DLL
[2009.07.01 22:48:32 | 00,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaaut.dll
[2009.07.01 22:48:32 | 00,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unimdm.tsp
[2009.07.01 22:48:32 | 00,273,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\afd.sys
[2009.07.01 22:48:32 | 00,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasppp.dll
[2009.07.01 22:48:32 | 00,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll
[2009.07.01 22:48:32 | 00,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontext.dll
[2009.07.01 22:48:32 | 00,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsprop.dll
[2009.07.01 22:48:32 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\npfs.sys
[2009.07.01 22:48:32 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPutil.exe
[2009.07.01 22:48:31 | 02,153,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oobefldr.dll
[2009.07.01 22:48:31 | 00,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll
[2009.07.01 22:48:31 | 00,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2009.07.01 22:48:31 | 00,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdx.sys
[2009.07.01 22:48:31 | 00,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pacer.sys
[2009.07.01 22:48:31 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dimsroam.dll
[2009.07.01 22:48:30 | 06,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chtbrkr.dll
[2009.07.01 22:48:30 | 00,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\modemui.dll
[2009.07.01 22:48:30 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscandui.dll
[2009.07.01 22:48:30 | 00,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasmontr.dll
[2009.07.01 22:48:30 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsetup.dll
[2009.07.01 22:48:29 | 00,542,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll
[2009.07.01 22:48:29 | 00,533,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll
[2009.07.01 22:48:29 | 00,178,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\credui.dll
[2009.07.01 22:48:29 | 00,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fastfat.sys
[2009.07.01 22:48:29 | 00,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2009.07.01 22:48:29 | 00,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlgpclnt.dll
[2009.07.01 22:48:29 | 00,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\smss.exe
[2009.07.01 22:48:29 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll
[2009.07.01 22:48:28 | 00,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2009.07.01 22:48:28 | 00,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netplwiz.dll
[2009.07.01 22:48:28 | 00,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDMon.dll
[2009.07.01 22:48:28 | 00,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2009.07.01 22:48:28 | 00,062,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ohci1394.sys
[2009.07.01 22:48:28 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certprop.dll
[2009.07.01 22:48:27 | 02,226,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkexplorer.dll
[2009.07.01 22:48:27 | 00,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2009.07.01 22:48:27 | 00,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InkEd.dll
[2009.07.01 22:48:27 | 00,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpcsvc.dll
[2009.07.01 22:48:27 | 00,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpresult.exe
[2009.07.01 22:48:27 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2009.07.01 22:48:27 | 00,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cipher.exe
[2009.07.01 22:48:27 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2009.07.01 22:48:27 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimtf.dll
[2009.07.01 22:48:27 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifmon.dll
[2009.07.01 22:48:26 | 00,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2009.07.01 22:48:26 | 00,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thawbrkr.dll
[2009.07.01 22:48:26 | 00,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\softkbd.dll
[2009.07.01 22:48:26 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctfui.dll
[2009.07.01 22:48:26 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sendmail.dll
[2009.07.01 22:48:26 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\smb.sys
[2009.07.01 22:48:26 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\watchdog.sys
[2009.07.01 22:48:25 | 00,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll
[2009.07.01 22:48:25 | 00,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\udfs.sys
[2009.07.01 22:48:25 | 00,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2009.07.01 22:48:25 | 00,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiapi.dll
[2009.07.01 22:48:25 | 00,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmsynth.dll
[2009.07.01 22:48:25 | 00,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll
[2009.07.01 22:48:25 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2009.07.01 22:48:25 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidusb.sys
[2009.07.01 22:48:24 | 00,200,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll
[2009.07.01 22:48:24 | 00,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLLUA.exe
[2009.07.01 22:48:24 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprapi.dll
[2009.07.01 22:48:24 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2009.07.01 22:48:24 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshbth.dll
[2009.07.01 22:48:24 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2009.07.01 22:48:24 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\version.dll
[2009.07.01 22:48:24 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fc.exe
[2009.07.01 22:48:24 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msisip.dll
[2009.07.01 22:48:23 | 00,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rdpwd.sys
[2009.07.01 22:48:23 | 00,121,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ndiswan.sys
[2009.07.01 22:48:23 | 00,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmusic.dll
[2009.07.01 22:48:23 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2009.07.01 22:48:23 | 00,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdSSDP.dll
[2009.07.01 22:48:23 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll
[2009.07.01 22:48:22 | 00,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll
[2009.07.01 22:48:22 | 00,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tintlgnt.ime
[2009.07.01 22:48:22 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll
[2009.07.01 22:48:22 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe
[2009.07.01 22:48:22 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\l2nacp.dll
[2009.07.01 22:48:22 | 00,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe
[2009.07.01 22:48:22 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscapi.dll
[2009.07.01 22:48:22 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2009.07.01 22:48:22 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjint40.dll
[2009.07.01 22:48:22 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscdll.dll
[2009.07.01 22:48:21 | 00,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
[2009.07.01 22:48:21 | 00,083,456 | ---- | C] (Microsoft) -- C:\Windows\System32\SMBHelperClass.dll
[2009.07.01 22:48:21 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWCN.dll
[2009.07.01 22:48:21 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Storprop.dll
[2009.07.01 22:48:21 | 00,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdiag.dll
[2009.07.01 22:48:21 | 00,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll
[2009.07.01 22:48:21 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthci.dll
[2009.07.01 22:48:21 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthudtask.exe
[2009.07.01 22:48:21 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsdchngr.dll
[2009.07.01 22:48:21 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdial.exe
[2009.07.01 22:48:20 | 00,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2009.07.01 22:48:20 | 00,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappcfg.dll
[2009.07.01 22:48:20 | 00,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2009.07.01 22:48:20 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe
[2009.07.01 22:48:20 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rassstp.sys
[2009.07.01 22:48:20 | 00,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscupgrd.exe
[2009.07.01 22:48:20 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcinst.dll
[2009.07.01 22:48:20 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkitemfactory.dll
[2009.07.01 22:48:20 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipconfig.exe
[2009.07.01 22:48:20 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CHxReadingStringIME.dll
[2009.07.01 22:48:19 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll
[2009.07.01 22:48:19 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll
[2009.07.01 22:48:19 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll
[2009.07.01 22:48:19 | 00,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys
[2009.07.01 22:48:19 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe
[2009.07.01 22:48:19 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FwRemoteSvr.dll
[2009.07.01 22:48:18 | 00,148,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\nwifi.sys
[2009.07.01 22:48:18 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dfsc.sys
[2009.07.01 22:48:18 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PNPXAssoc.dll
[2009.07.01 22:48:18 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\cdrom.sys
[2009.07.01 22:48:18 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2009.07.01 22:48:18 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe
[2009.07.01 22:48:18 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msacm32.drv
[2009.07.01 22:48:18 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcico.dll
[2009.07.01 22:48:17 | 00,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrstub.exe
[2009.07.01 22:48:17 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cbsra.exe
[2009.07.01 22:48:17 | 00,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2009.07.01 22:48:17 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpupdate.exe
[2009.07.01 22:48:16 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsigd.dll
[2009.07.01 22:48:16 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NcdProp.dll
[2009.07.01 22:48:16 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsilog.dll
[2009.07.01 22:48:15 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxg.sys
[2009.07.01 22:48:15 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll
[2009.07.01 22:48:15 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrnr.dll
[2009.07.01 22:48:15 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2009.07.01 22:48:15 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdmdbg.dll
[2009.07.01 22:48:15 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetppui.dll
[2009.07.01 22:48:15 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2009.07.01 22:48:14 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\midimap.dll
[2009.07.01 22:48:14 | 00,009,212 | ---- | C] () -- C:\Windows\System32\RacUR.xml
[2009.07.01 22:48:13 | 00,052,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\stream.sys
[2009.07.01 22:48:13 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys
[2009.07.01 22:48:12 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\bridge.sys
[2009.07.01 22:48:12 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\raspppoe.sys
[2009.07.01 22:48:12 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbohci.sys
[2009.07.01 22:48:12 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2009.07.01 22:48:12 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2009.07.01 22:48:12 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2009.07.01 22:48:12 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2009.07.01 22:48:11 | 08,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2009.07.01 22:48:11 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\f3ahvoas.dll
[2009.07.01 22:48:11 | 00,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimsg.dll
[2009.07.01 22:48:11 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll
[2009.07.01 22:48:08 | 00,000,153 | ---- | C] () -- C:\Windows\System32\RacUREx.xml
[2009.07.01 22:47:42 | 00,705,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiEngine.dll
[2009.07.01 22:47:33 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll
[2009.07.01 22:47:32 | 00,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe
[2009.07.01 22:47:04 | 00,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll
[2009.07.01 21:43:14 | 00,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2009.07.01 21:41:51 | 01,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2009.07.01 21:41:50 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2009.07.01 21:41:49 | 00,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2009.07.01 21:41:49 | 00,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2009.07.01 21:41:49 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2009.07.01 21:41:48 | 01,985,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll
[2009.07.01 21:41:48 | 00,915,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll
[2009.07.01 21:41:47 | 01,207,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll
[2009.07.01 21:41:47 | 00,385,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2009.07.01 21:41:47 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2009.07.01 21:41:46 | 01,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2009.07.01 21:41:45 | 11,064,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll
[2009.07.01 21:41:45 | 05,936,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll
[2009.07.01 21:40:10 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmled.dll
[2009.07.01 21:40:09 | 00,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2009.07.01 21:40:09 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2009.07.01 21:40:09 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardie.dll
[2009.07.01 21:40:09 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2009.07.01 21:40:08 | 00,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2009.07.01 21:40:08 | 00,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2009.07.01 21:40:08 | 00,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2009.07.01 21:40:08 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tdc.ocx
[2009.07.01 21:40:08 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2009.07.01 21:40:08 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll
[2009.07.01 21:40:07 | 00,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2009.07.01 21:40:07 | 00,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2009.07.01 21:40:07 | 00,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\occache.dll
[2009.07.01 21:40:07 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2009.07.01 21:40:07 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2009.07.01 21:40:07 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2009.07.01 21:40:06 | 00,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2009.07.01 21:40:06 | 00,236,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webcheck.dll
[2009.07.01 21:40:06 | 00,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe
[2009.07.01 21:40:06 | 00,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2009.07.01 21:40:06 | 00,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2009.07.01 21:40:06 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2009.07.01 21:40:06 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2009.07.01 21:40:05 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2009.07.01 21:40:05 | 00,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2009.07.01 21:40:05 | 00,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\advpack.dll
[2009.07.01 21:40:05 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2009.07.01 21:40:04 | 00,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2009.07.01 21:40:04 | 00,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2009.07.01 21:40:04 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2009.07.01 21:40:04 | 00,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2009.07.01 21:40:01 | 03,698,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2009.07.01 21:40:01 | 00,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2009.07.01 21:40:01 | 00,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2009.07.01 21:40:01 | 00,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PDMSetup.exe
[2009.07.01 21:40:01 | 00,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2009.07.01 21:40:01 | 00,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2009.07.01 21:40:01 | 00,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2009.07.01 21:40:01 | 00,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetDepNx.exe
[2009.07.01 21:40:01 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshta.exe
[2009.07.01 21:40:00 | 00,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2009.06.30 22:04:58 | 00,000,996 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2009.06.30 22:04:57 | 00,000,992 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2009.06.26 00:21:41 | 00,001,728 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2009.05.15 23:09:14 | 00,197,120 | ---- | C] () -- C:\Windows\patchw32.dll
[2009.05.14 19:08:21 | 00,000,340 | ---- | C] () -- C:\Windows\wininit.ini
[2009.04.02 18:59:32 | 00,721,904 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2009.03.16 23:26:02 | 00,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2009.02.18 22:08:46 | 00,051,370 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2009.02.18 19:14:30 | 00,139,072 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009.02.02 12:26:55 | 00,033,920 | ---- | C] () -- C:\Windows\System32\drivers\fsbts.sys
[2008.07.22 11:01:25 | 00,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll
[2008.04.23 01:07:38 | 00,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll
[2008.04.23 01:07:38 | 00,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll
[2008.04.23 00:26:27 | 00,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2008.04.23 00:23:17 | 00,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2007.05.15 19:06:58 | 00,071,208 | ---- | C] () -- C:\Windows\System32\PhysXLoader.dll
[2007.04.14 15:57:06 | 00,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2007.04.14 15:57:06 | 00,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2007.04.14 15:57:06 | 00,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2007.04.14 15:57:04 | 00,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2007.04.14 15:57:04 | 00,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2007.04.14 15:57:04 | 00,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2007.04.14 15:57:04 | 00,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2007.04.14 15:57:04 | 00,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2007.04.14 15:57:04 | 00,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2007.03.06 18:50:30 | 01,669,664 | ---- | C] () -- C:\Windows\System32\drivers\Lvckap.sys
[2006.11.10 16:08:50 | 00,024,064 | ---- | C] () -- C:\Windows\System32\drivers\ATITool.sys
[2006.11.02 15:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 13:23:31 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini
[2006.11.02 13:23:31 | 00,000,144 | ---- | C] () -- C:\Windows\win.ini
[2006.11.02 10:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2005.02.25 02:59:49 | 00,318,014 | ---- | C] () -- C:\Windows\System32\flt1chk4.dll
[2004.10.28 17:38:10 | 00,315,728 | ---- | C] () -- C:\Windows\System32\flt1chk3.dll
[2002.03.14 01:46:46 | 00,053,248 | ---- | C] () -- C:\Windows\System32\zlib.dll
[2001.12.26 16:12:30 | 00,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001.09.03 23:46:38 | 00,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001.07.30 16:33:56 | 00,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001.07.23 22:04:36 | 00,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll

========== Files - Modified Within 30 Days ==========

[2009.07.24 18:09:43 | 01,216,208 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009.07.24 18:09:43 | 00,594,108 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009.07.24 18:09:43 | 00,442,516 | ---- | M] () -- C:\Windows\System32\perfh00B.dat
[2009.07.24 18:09:43 | 00,104,296 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009.07.24 18:09:43 | 00,083,758 | ---- | M] () -- C:\Windows\System32\perfc00B.dat
[2009.07.24 18:09:05 | 00,000,996 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2009.07.24 18:07:06 | 00,000,900 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2009.07.24 18:05:00 | 00,000,992 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2009.07.24 18:04:57 | 00,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009.07.24 18:04:56 | 00,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009.07.24 18:04:53 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009.07.24 18:04:52 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009.07.24 18:04:47 | 32,203,65312 | -HS- | M] () -- C:\hiberfil.sys
[2009.07.24 16:28:51 | 00,139,072 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009.07.24 16:28:42 | 00,189,672 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2009.07.24 16:28:42 | 00,189,672 | ---- | M] () -- C:\Windows\System32\PnkBstrB.exe
[2009.07.24 12:33:59 | 00,000,532 | ---- | M] () -- C:\Windows\tasks\Scheduled scanning task.job
[2009.07.23 15:02:24 | 00,002,048 | ---- | M] () -- C:\Windows\lvld67.lic
[2009.07.23 14:57:51 | 00,737,280 | ---- | M] (Indigo Rose Corporation) -- C:\Windows\iun6002.exe
[2009.07.17 18:48:55 | 02,230,424 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2009.07.17 18:29:44 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deploytk.dll
[2009.07.17 18:29:44 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2009.07.17 18:29:44 | 00,144,792 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2009.07.17 18:29:44 | 00,144,792 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2009.07.16 17:21:11 | 00,071,736 | ---- | M] () -- C:\Windows\System32\GDIPFONTCACHEV1.DAT
[2009.07.16 00:36:35 | 00,131,072 | ---- | M] (Concept Software, Inc.) -- C:\Windows\System32\SKCA32.dll
[2009.07.16 00:36:34 | 00,127,488 | ---- | M] (Concept Software, Inc.) -- C:\Windows\System32\KEYLIB32.dll
[2009.07.15 20:51:41 | 00,000,210 | ---- | M] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2009.07.15 20:43:58 | 00,129,536 | ---- | M] () -- C:\Windows\inout2.dll
[2009.07.12 21:06:39 | 32,059,3023 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2009.07.08 21:03:13 | 00,033,920 | ---- | M] () -- C:\Windows\System32\drivers\fsbts.sys
[2009.07.07 18:10:56 | 24,539,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mrt.exe
[2009.06.26 00:21:41 | 00,001,728 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

========== Alternate Data Streams ==========

@Alternate Data Stream - 512 bytes -> C:\Users\All Users\TEMP:05EE1EEF
@Alternate Data Stream - 512 bytes -> C:\ProgramData\TEMP:05EE1EEF
@Alternate Data Stream - 110 bytes -> C:\Users\All Users\TEMP:888AFB86
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:888AFB86
@Alternate Data Stream - 105 bytes -> C:\Users\All Users\TEMP:C95B63DA
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:C95B63DA

 

Sulla kyl on kräkätty Adoben ohjelmisto, näin sen jo viimeksi.

Napsauta Windows Vista -tietokoneessa Käynnistä-painiketta

Kirjoita Aloita haku -ruutuun Kansion asetukset ja valitse sitten Ohjelmat-luettelossa Kansion asetukset.

Jos sinua kehotetaan antamaan järjestelmänvalvojan salasana tai vahvistamaan toiminto, kirjoita salasana tai valitse Jatka.

Valitse Kansion asetukset -valintaikkunassa Näytä-välilehti.

RUKSI Piilota suojatut käyttöjärjestelmätiedostot (suositus) -valintaruudun valinta.

Vahvista käyttöjärjestelmätiedostojen "muuttaminen"? valitsemalla Kyllä ja valitse sitten OK.
http://support.microsoft.com/kb/948253/fi

Varmistu ensin, että piilotiedostot on näkyvillä.

Piilotiedostot näkyviin

Mene --> tänne

Kun sivu on latautunut, klikkaa Selaa-nappulaa ja etsi seuraava tiedosto ja paina Submit.

C:\Windows\System32\Drivers\spxq.sys
C:\Users\*käyttäjä nimi*\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WinCE3.exe
Oma käyttäjänimsei tuohon

Lähetä skannin tulokset seuraavassa viestissäsi.

Jos et löydä tiedostoa, niin kopio/liitä tiedostonimi polkuineen kenttään ja paina Submit.

Jos Jotti on ruuhkainen, yritä samaa Virustotalissa: http://www.virustotal.com/flash/index_en.html


lähetä Jotin tulokset.

 

Kävin täällä http://support.microsoft.com/kb/948253/fi osoitteessa ja ensi alkuun miten voin päivittää vista sp1 koska olen jo päivittänyt sen sp2:ksi? Koetin kuitenkin etsiä noita tiedostoja ja en löytänyt yhtään, enkä löytänyt myöskään kumpaakaan tiedostoa jotka käskit etsiä ja scannata tuolla jottis scannerilla. Katsoin ohjeet ja mielestäni laitoin piilotiedostot näkyviin, mutta ei noita löydy. Ohjeet olivat windowsin vanhemmille versioille mutta samalla tavalla pitäisi kai onnistua Vistassakin.

 

Nyt sain skannattua tuon toisen mutta ei edelleenkään löydä spxq.sys tiedostoa. http://virusscan.jotti.org/en/scanr...9540/2d7b6dab5bda3b0b03a5935861c4c98ea5539352

 

Joku kai tuolla näyttäis olevan? Kumma että vaan 1 ohjlema näkee sen :O. Voiskohan tuo olla se joka vie minulta oikeidet päästä documents and settings kansioon ja Omat kuva-,omat musiikki- ja omat videotiedostoihin? En edelleenkään pysty menemään tuonne spxq.sys luo.

 

Sori kestänyt taas...

kokeillaas iha Gmeril katella:

Lataa GMER ja tallenna se työpöydällesi:

• Pura se työpöydälle ja tuplaklikkaa tiedostoa GMER.exe
• Klikkaa rootkit-välilehteä ja sitten klikkaa scan.
• Älä rastita "Show All" boksia skannauksen aikana!
• Kun skannaus on valmis, klikkaa Copy.
• Tämä kopioi lokin leikepöydälle (voit tallentaa lokin varmuuden vuoksi tekstitiedostoon).
• Liitä loki sitten viestiketjuusi.

 

Aiemminhan me jo tuota Gmer:iä käytimme. Nyt kun koitan ajaa sen niin n. minuutin jälkeen se sammuu itsekseen ja widnows sanoo että Gmer.exe lakkasi toimimiasta ja windows etsii ratkaisua.

Edit. Nyt sain sen ajettua läpi.

GMER 1.0.15.14972 - http://www.gmer.net
Rootkit scan 2009-07-29 12:27:40
Windows 6.0.6002 Service Pack 2


---- System - GMER 1.0.15 ----

SSDT \??\C:\Program Files\PC Protection\HIPS\drivers\fshs.sys ZwCreateThread [0x92918E02]
SSDT \??\C:\Program Files\PC Protection\HIPS\drivers\fshs.sys ZwLoadDriver [0x9291912A]
SSDT \??\C:\Program Files\PC Protection\HIPS\drivers\fshs.sys ZwMapViewOfSection [0x92918B4E]
SSDT \??\C:\Program Files\PC Protection\HIPS\drivers\fshs.sys ZwOpenSection [0x9291955C]
SSDT \??\C:\Program Files\PC Protection\HIPS\drivers\fshs.sys ZwRenameKey [0x9291A7FA]
SSDT \??\C:\Program Files\PC Protection\HIPS\drivers\fshs.sys ZwSetSystemInformation [0x929193AC]
SSDT \??\C:\Program Files\PC Protection\HIPS\drivers\fshs.sys ZwSuspendProcess [0x929189D4]
SSDT \??\C:\Program Files\PC Protection\HIPS\drivers\fshs.sys ZwSuspendThread [0x92918E36]
SSDT \??\C:\Program Files\PC Protection\HIPS\drivers\fshs.sys ZwSystemDebugControl [0x92918FB0]
SSDT \??\C:\Program Files\PC Protection\HIPS\drivers\fshs.sys ZwTerminateProcess [0x92918934]
SSDT \??\C:\Program Files\PC Protection\HIPS\drivers\fshs.sys ZwTerminateThread [0x92918A8A]
SSDT \??\C:\Program Files\PC Protection\HIPS\drivers\fshs.sys ZwWriteVirtualMemory [0x92918EFA]
SSDT \??\C:\Program Files\PC Protection\HIPS\drivers\fshs.sys ZwCreateThreadEx [0x92918E1C]

INT 0x61 ? 85DFFBF8
INT 0x62 ? 86FB8BF8
INT 0x71 ? 85DFFBF8
INT 0x72 ? 86FB8BF8
INT 0x72 ? 86FB8BF8
INT 0x72 ? 86FB8BF8
INT 0x81 ? 85DFFBF8
INT 0xA1 ? 86FB8BF8
INT 0xA1 ? 86FB8BF8
INT 0xA1 ? 86FB8BF8

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!KeSetEvent + 221 826F0964 4 Bytes [02, 8E, 91, 92]
.text ntkrnlpa.exe!KeSetEvent + 37D 826F0AC0 4 Bytes [2A, 91, 91, 92]
.text ntkrnlpa.exe!KeSetEvent + 3AD 826F0AF0 4 Bytes [4E, 8B, 91, 92]
.text ntkrnlpa.exe!KeSetEvent + 3FD 826F0B40 4 Bytes [5C, 95, 91, 92] {POP ESP; XCHG EBP, EAX; XCHG ECX, EAX; XCHG EDX, EAX}
.text ntkrnlpa.exe!KeSetEvent + 515 826F0C58 4 Bytes [FA, A7, 91, 92] {CLI ; CMPSD ; XCHG ECX, EAX; XCHG EDX, EAX}
.text ...
? System32\Drivers\spzf.sys Määritettyä polkua ei löydy. !
.text USBPORT.SYS!DllUnload 837A941B 5 Bytes JMP 86FB81D8
.text a4jv867l.SYS 91C06000 22 Bytes [82, 83, 61, 82, 6C, 82, 61, ...]
.text a4jv867l.SYS 91C06017 45 Bytes [00, 32, 27, 71, 80, 3D, 25, ...]
.text a4jv867l.SYS 91C06045 135 Bytes [AA, 6E, 82, FD, 29, 68, 82, ...]
.text a4jv867l.SYS 91C060CE 10 Bytes [00, 00, 00, 00, 00, 00, 02, ...]
.text a4jv867l.SYS 91C060DA 12 Bytes [00, 00, 02, 00, 00, 00, 24, ...]
.text ...

---- User code sections - GMER 1.0.15 ----

.text C:\Windows\Explorer.EXE[1380] SHELL32.dll!SHGetFolderPathAndSubDirW + 81C9 7689B364 4 Bytes [F0, 1F, 00, 10]

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUchar] [806086D6] \SystemRoot\System32\Drivers\spzf.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUchar] [80608042] \SystemRoot\System32\Drivers\spzf.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortBufferUshort] [80608800] \SystemRoot\System32\Drivers\spzf.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUshort] [806080C0] \SystemRoot\System32\Drivers\spzf.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortBufferUshort] [8060813E] \SystemRoot\System32\Drivers\spzf.sys
IAT \SystemRoot\System32\Drivers\a4jv867l.SYS[ataport.SYS!AtaPortNotification] CC358B04
IAT \SystemRoot\System32\Drivers\a4jv867l.SYS[ataport.SYS!AtaPortWritePortUchar] 8391C2BF
IAT \SystemRoot\System32\Drivers\a4jv867l.SYS[ataport.SYS!AtaPortWritePortUlong] 458B38C6
IAT \SystemRoot\System32\Drivers\a4jv867l.SYS[ataport.SYS!AtaPortGetPhysicalAddress] A5A5A514
IAT \SystemRoot\System32\Drivers\a4jv867l.SYS[ataport.SYS!AtaPortConvertPhysicalAddressToUlong] 100D8BA5
IAT \SystemRoot\System32\Drivers\a4jv867l.SYS[ataport.SYS!AtaPortGetScatterGatherList] 5F91C290
IAT \SystemRoot\System32\Drivers\a4jv867l.SYS[ataport.SYS!AtaPortReadPortUchar] 30810889
IAT \SystemRoot\System32\Drivers\a4jv867l.SYS[ataport.SYS!AtaPortStallExecution] 54771129
IAT \SystemRoot\System32\Drivers\a4jv867l.SYS[ataport.SYS!AtaPortGetParentBusType] 10C25D5E
IAT \SystemRoot\System32\Drivers\a4jv867l.SYS[ataport.SYS!AtaPortRequestCallback] 8B55CC00
IAT \SystemRoot\System32\Drivers\a4jv867l.SYS[ataport.SYS!AtaPortWritePortBufferUshort] 084D8BEC
IAT \SystemRoot\System32\Drivers\a4jv867l.SYS[ataport.SYS!AtaPortGetUnCachedExtension] 0CF0918B
IAT \SystemRoot\System32\Drivers\a4jv867l.SYS[ataport.SYS!AtaPortCompleteRequest] 458B0000
IAT \SystemRoot\System32\Drivers\a4jv867l.SYS[ataport.SYS!AtaPortMoveMemory] 8B108910
IAT \SystemRoot\System32\Drivers\a4jv867l.SYS[ataport.SYS!AtaPortCompleteAllActiveRequests] 000CF491
IAT \SystemRoot\System32\Drivers\a4jv867l.SYS[ataport.SYS!AtaPortReleaseRequestSenseIrb] 04508900
IAT \SystemRoot\System32\Drivers\a4jv867l.SYS[ataport.SYS!AtaPortBuildRequestSenseIrb] 053C7980
IAT \SystemRoot\System32\Drivers\a4jv867l.SYS[ataport.SYS!AtaPortReadPortUshort] 560C558B
IAT \SystemRoot\System32\Drivers\a4jv867l.SYS[ataport.SYS!AtaPortReadPortBufferUshort] C6127557
IAT \SystemRoot\System32\Drivers\a4jv867l.SYS[ataport.SYS!AtaPortInitialize] B18D0502
IAT \SystemRoot\System32\Drivers\a4jv867l.SYS[ataport.SYS!AtaPortGetDeviceBase] 00000CF8
IAT \SystemRoot\System32\Drivers\a4jv867l.SYS[ataport.SYS!AtaPortDeviceStateChange] A508788D

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Windows\Explorer.EXE[1380] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [73F27817] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1380] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [73F7A86D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1380] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [73F2BB22] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1380] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [73F1F695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1380] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [73F275E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1380] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [73F1E7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1380] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [73F58395] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1380] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [73F2DA60] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1380] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [73F1FFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1380] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [73F1FF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1380] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [73F171CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1380] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [73FACAE2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1380] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [73F4C8D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1380] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [73F1D968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1380] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [73F16853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1380] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [73F1687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1380] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [73F22AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1380] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] [10002300] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated)
IAT C:\Windows\Explorer.EXE[1380] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibraryAndExitThread] [10001B30] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated)
IAT C:\Windows\Explorer.EXE[1380] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [10002690] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated)
IAT C:\Windows\Explorer.EXE[1380] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [10001290] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated)
IAT C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3832] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [03062690] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated)
IAT C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3832] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [03061290] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated)
IAT C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3832] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] [03062300] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated)
IAT C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3832] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibraryAndExitThread] [03061B30] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated)
IAT C:\Program Files\Mozilla Firefox\firefox.exe[5640] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [01D82690] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated)
IAT C:\Program Files\Mozilla Firefox\firefox.exe[5640] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [01D81290] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated)
IAT C:\Program Files\Mozilla Firefox\firefox.exe[5640] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] [01D82300] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated)
IAT C:\Program Files\Mozilla Firefox\firefox.exe[5640] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibraryAndExitThread] [01D81B30] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated)

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 85E041F8
Device \FileSystem\udfs \UdfsCdRom 87263500
Device \FileSystem\udfs \UdfsDisk 87263500
Device \Driver\sptd \Device\2830274039 spzf.sys
Device \Driver\volmgr \Device\VolMgrControl 85E011F8
Device \Driver\usbohci \Device\USBPDO-0 86FA61F8
Device \Driver\usbohci \Device\USBPDO-1 86FA61F8
Device \Driver\usbehci \Device\USBPDO-2 86F9E1F8
Device \Driver\usbohci \Device\USBPDO-3 86FA61F8
Device \Driver\usbohci \Device\USBPDO-4 86FA61F8
Device \Driver\usbehci \Device\USBPDO-5 86F9E1F8
Device \Driver\PCI_PNP6021 \Device\00000056 spzf.sys
Device \Driver\usbohci \Device\USBPDO-6 86FA61F8
Device \Driver\volmgr \Device\HarddiskVolume1 85E011F8
Device \Driver\volmgr \Device\HarddiskVolume2 85E011F8
Device \Driver\cdrom \Device\CdRom0 86FD21F8
Device \Driver\volmgr \Device\HarddiskVolume3 85E011F8
Device \Driver\cdrom \Device\CdRom1 86FD21F8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-0 85E031F8
Device \Driver\atapi \Device\Ide\IdePort0 85E031F8
Device \Driver\atapi \Device\Ide\IdePort1 85E031F8
Device \Driver\atapi \Device\Ide\IdePort2 85E031F8
Device \Driver\atapi \Device\Ide\IdePort3 85E031F8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-1 85E031F8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-2 85E031F8
Device \Driver\volmgr \Device\HarddiskVolume4 85E011F8
Device \Driver\USBSTOR \Device\00000080 878921F8
Device \Driver\volmgr \Device\HarddiskVolume5 85E011F8
Device \Driver\USBSTOR \Device\00000081 878921F8
Device \Driver\volmgr \Device\HarddiskVolume6 85E011F8
Device \Driver\volmgr \Device\HarddiskVolume7 85E011F8
Device \Driver\netbt \Device\NetBt_Wins_Export 878B81F8
Device \Driver\volmgr \Device\HarddiskVolume8 85E011F8
Device \Driver\Smb \Device\NetbiosSmb 878AA1F8
Device \Driver\USBSTOR \Device\00000079 878921F8
Device \Driver\iScsiPrt \Device\RaidPort0 872851F8
Device \Driver\usbohci \Device\USBFDO-0 86FA61F8
Device \Driver\usbohci \Device\USBFDO-1 86FA61F8
Device \Driver\usbehci \Device\USBFDO-2 86F9E1F8
Device \Driver\usbohci \Device\USBFDO-3 86FA61F8
Device \Driver\usbohci \Device\USBFDO-4 86FA61F8
Device \Driver\USBSTOR \Device\0000007e 878921F8
Device \Driver\usbehci \Device\USBFDO-5 86F9E1F8
Device \Driver\USBSTOR \Device\0000007f 878921F8
Device \Driver\usbohci \Device\USBFDO-6 86FA61F8
Device \Driver\netbt \Device\NetBT_Tcpip_{D3BCD70C-BAA6-4B6D-A3F7-AE7A9778840B} 878B81F8
Device \Driver\a4jv867l \Device\Scsi\a4jv867l1 871881F8
Device \Driver\a4jv867l \Device\Scsi\a4jv867l1Port5Path0Target0Lun0 871881F8
Device \FileSystem\cdfs \Cdfs 8844B1F8

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x38 0xB0 0x34 0xD4 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x3C 0x91 0x31 0xF6 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x18 0xE1 0x03 0xAB ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x38 0xB0 0x34 0xD4 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x3C 0x91 0x31 0xF6 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x18 0xE1 0x03 0xAB ...

---- EOF - GMER 1.0.15 ----

 

Tietokoneen käynnistys on hidastunut vähän. :/

Edit. Tuo hidastuminen luultavasti johtui vain siitä kun tuon windowsin päivityksen kanssa oli jotai vikaa.

 

F-Secure ilmoitti tämmöistä. Näiden jälkeen tuli uusi ilmoitus jossa luki: toiminto epäonnistunut. Mikäs neuvoksi? Onko tuo vaarallinen troijalainen?

http://www.aijaa.com/v.php?i=4609805.jpg

Ei tuo kuvan lataaminen tähän onnistunut mutta tuolla on kuva.

e2. Nyt F-Secure taas ilmoitti että siellä on se Trojalainen ja eristin sen. Olisiko sama poistaa tartunnan saanut tiedosto?

 

Ei oo puhas...

Ota uusi hjt

 

tässä. Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:41:32, on 29.6.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18248)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Acer\Empowering Technology\SysMonitor.exe
C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
C:\Program Files\PC Protection\Common\FSM32.EXE
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Users\Tuomas Tuppurainen\Program Files\DNA\btdna.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\PC Protection\FSGUI\fsguidll.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.kainuu.com/Main.aspx
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fi.intl.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fi.intl.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Program Files\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [EmpoweringTechnology] C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe boot
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [PCMMediaSharing] C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O4 - HKLM\..\Run: [BkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\PC Protection\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\PC Protection\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Labtec\WebCam10\WebCam10.exe" /hide
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\Tuomas Tuppurainen\Program Files\DNA\btdna.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Verkkopalvelu')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: V&ie Microsoft Exceliin - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Lapsilukko... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\PC Protection\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\PC Protection\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Lapsilukko... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\PC Protection\FSPC\fspcmsie.dll
O9 - Extra button: Lähetä OneNoteen - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Läh&etä OneNoteen - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O15 - ProtocolDefaults: '@ivt' protocol is in My Computer Zone, should be Intranet Zone
O15 - ProtocolDefaults: 'file' protocol is in My Computer Zone, should be Internet Zone
O15 - ProtocolDefaults: 'ftp' protocol is in My Computer Zone, should be Internet Zone
O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone
O15 - ProtocolDefaults: 'https' protocol is in My Computer Zone, should be Internet Zone
O16 - DPF: {44990B00-3C9D-426D-81DF-AAB636FA4345} (Symantec Configuration Class) - https://www-secure.symantec.com/techsupp/asa/ss/sa/sa_cabs/tgctlcm.cab
O16 - DPF: {B9F79165-A264-4C4A-A211-133A5E8D647F} (F-Secure Health Check 1.1) - http://support.f-secure.com/enu/home/onlineservices/fshc/fscax.cab
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\PC Protection\Anti-Virus\fsgk32st.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\PC Protection\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\PC Protection\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\PC Protection\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\PC Protection\ORSP Client\fsorsp.exe
O23 - Service: Google Update Service (gupdate1c98d215460089e) (gupdate1c98d215460089e) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LVSrvLauncher - Labtec Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

--
End of file - 9996 bytes

 

No mitäs siellä on? :S

 

Kräkättyä Adobea...

 

Ok, waretin photoshopin, sori. Mutta onko siellä viruksia? Tuon viimeksi laitetun login jälkeen on ainakin jonkun trojalaisen F-Secure poistanu. Semmonen ihmetyttää, että on pari kertaa windows käynnistyksessä tehnyt niin että ennen sitä kun tulee se valinta jossa voit päättää millä käyttäjätilillä kirjaudut, on kestänyt melko pitkään pelkkää mustaa ruutua ja sitten tulee sinisellä pohjalla valkoista tekstiä jossa lukee jotain. Yhdessä kohdassa luki muistaakseni jotakin dumping physical memory sitten se rullaa 0-100 ja widnows boottaa uudestaan.Sitten kun se boottaa sen koneen windows kysyy haluanko normaalin käynnistyksen vai vikasietotilaan jne. Ja n.joka toisella käynnistyksellä ennen sitä kirjautumista windows rullaa melko pitkään eikä mitään tapahdu, vain musta ruutu. Sitten semmonen että mikäs on kun mulla näkyy windowsin tehtävienhallinassa 16 conime.exe:ä? Jokin virus kaiketi, mutta auttaisitko saamaan tuon pois? Tässä olis HJT logi.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:41:32, on 29.6.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18248)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Acer\Empowering Technology\SysMonitor.exe
C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
C:\Program Files\PC Protection\Common\FSM32.EXE
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Users\Tuomas Tuppurainen\Program Files\DNA\btdna.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\PC Protection\FSGUI\fsguidll.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.kainuu.com/Main.aspx
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fi.intl.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fi.intl.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Program Files\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [EmpoweringTechnology] C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe boot
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [PCMMediaSharing] C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O4 - HKLM\..\Run: [BkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\PC Protection\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\PC Protection\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Labtec\WebCam10\WebCam10.exe" /hide
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\Tuomas Tuppurainen\Program Files\DNA\btdna.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Verkkopalvelu')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: V&ie Microsoft Exceliin - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Lapsilukko... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\PC Protection\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\PC Protection\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Lapsilukko... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\PC Protection\FSPC\fspcmsie.dll
O9 - Extra button: Lähetä OneNoteen - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Läh&etä OneNoteen - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O15 - ProtocolDefaults: '@ivt' protocol is in My Computer Zone, should be Intranet Zone
O15 - ProtocolDefaults: 'file' protocol is in My Computer Zone, should be Internet Zone
O15 - ProtocolDefaults: 'ftp' protocol is in My Computer Zone, should be Internet Zone
O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone
O15 - ProtocolDefaults: 'https' protocol is in My Computer Zone, should be Internet Zone
O16 - DPF: {44990B00-3C9D-426D-81DF-AAB636FA4345} (Symantec Configuration Class) - https://www-secure.symantec.com/techsupp/asa/ss/sa/sa_cabs/tgctlcm.cab
O16 - DPF: {B9F79165-A264-4C4A-A211-133A5E8D647F} (F-Secure Health Check 1.1) - http://support.f-secure.com/enu/home/onlineservices/fshc/fscax.cab
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\PC Protection\Anti-Virus\fsgk32st.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\PC Protection\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\PC Protection\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\PC Protection\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\PC Protection\ORSP Client\fsorsp.exe
O23 - Service: Google Update Service (gupdate1c98d215460089e) (gupdate1c98d215460089e) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LVSrvLauncher - Labtec Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

--
End of file - 9996 bytes

 

Voisitteko kuitenkin tarkastaa tuon ja katsoa onko siellä mitään virusta?