EDITO: HE PASADO EL AVG EN MODO PRUEBA DE FALLOS Y NO ME HA DETECTADO NADA.aqui os dejo el log del combofix
ComboFix 08-06-05.3 - GORKA 2008-06-06 18:01:08.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.1.1252.1.3082.18.222 [GMT 2:00]
Se ejecuta desde: F:\ComboFix.exe
* Creado un nuevo punto de restauración
ADVERTENCIA - ESTE EQUIPO NO TIENE INSTALADA LA CONSOLA DE RECUPERACION! .
(((((((((((((((((((((((((((((((((((( Otras eliminaciones )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\rundll32.exe
C:\WINDOWS\system32\.exe
C:\WINDOWS\system32\a.exe
C:\WINDOWS\system32\aqVreo04
C:\WINDOWS\system32\mdm.exe
C:\WINDOWS\system32\MSINET.oca
C:\WINDOWS\system32\msmsgs.exe
.
(((((((((((((((((( Archivos creados desde 2008-05-06 - 2008-06-06 )))))))))))))))))))))))))))))))))
.
2008-06-06 17:49 . 2007-05-30 14:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-06-06 17:25 . 2008-06-06 17:25 <DIR> d-------- C:\Documents and Settings\All Users\Datos de programa\Yahoo! Companion
2008-06-06 16:31 . 2008-06-06 16:31 <DIR> d-------- C:\Archivos de programa\CCleaner
2008-06-01 17:29 . 2008-06-01 17:29 <DIR> d-------- C:\Archivos de programa\Hofmann
2008-06-01 14:51 . 2008-06-01 14:51 401,408 -r--s---- C:\WINDOWS\system32\wbtserv.exe
2008-05-11 19:19 . 2008-05-11 19:19 25 --a------ C:\WINDOWS\cdplayer.ini
2008-05-11 19:17 . 2008-05-11 19:17 <DIR> d-------- C:\Program Files
2008-05-11 19:17 . 2008-05-11 19:17 <DIR> d-------- C:\Archivos de programa\Archivos comunes\xing shared
2008-05-11 19:17 . 2008-05-11 19:17 <DIR> d-------- C:\Archivos de programa\Archivos comunes\Real
2008-05-11 19:17 . 2008-05-11 19:17 499,712 --a------ C:\WINDOWS\system32\msvcp71.dll
2008-05-11 19:17 . 2008-05-11 19:17 348,160 --a------ C:\WINDOWS\system32\msvcr71.dll
2008-05-11 18:55 . 2008-05-11 18:55 <DIR> d-------- C:\Documents and Settings\All Users\Datos de programa\NCH Swift Sound
2008-05-09 13:13 . 2008-05-09 13:13 52,376 ---hs---- C:\lox.exe
.
(((((((((((((((((((((((((((((((((((((( Reporte Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-06 15:59 332,928 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-05-11 17:15 --------- d-----w C:\Archivos de programa\Google
2008-05-04 14:55 --------- d-----w C:\Archivos de programa\Picasa2
2008-04-11 18:37 --------- d-----w C:\Archivos de programa\Spybot - Search & Destroy
2008-04-10 13:34 558,142 ----a-w C:\WINDOWS\java\Packages\N31BXRZR.ZIP
2008-04-10 13:34 5,751,849 ----a-w C:\WINDOWS\java\Packages\ZNX7ZTBT.ZIP
2008-04-10 13:34 4,314,156 ----a-w C:\WINDOWS\java\Packages\QY6B1NRR.ZIP
2008-04-10 13:34 323,696 ----a-w C:\WINDOWS\java\Packages\XV3TVNVX.ZIP
2008-04-10 13:34 191,842 ----a-w C:\WINDOWS\java\Packages\1NTBX7V5.ZIP
2008-04-10 13:34 155,995 ----a-w C:\WINDOWS\java\Packages\J3NJRVT3.ZIP
2008-04-10 13:34 137,482 ----a-w C:\WINDOWS\java\Packages\R393NT75.ZIP
2008-04-10 13:34 10,957 ----a-w C:\WINDOWS\java\Packages\MJ9BLR3R.ZIP
2008-04-09 22:43 --------- d-----w C:\Documents and Settings\All Users\Datos de programa\Spybot - Search & Destroy
2008-04-07 19:31 155,648 ----a-w C:\WINDOWS\system32\igfxtray.exe
2008-04-07 19:31 114,688 ----a-w C:\WINDOWS\system32\hkcmd.exe
2008-04-07 19:27 1,006,592 ----a-w C:\WINDOWS\explorer.exe
2008-04-07 16:41 269,824 ----a-w C:\WINDOWS\winhlp32.exe
2008-04-07 16:41 114,688 ----a-w C:\WINDOWS\UNINST32.EXE
2008-04-07 16:39 97,280 ----a-w C:\WINDOWS\system32\scardsvr.exe
2008-04-07 16:38 9,728 ----a-w C:\WINDOWS\system32\regsvr32.exe
2008-04-07 16:37 54,272 ----a-w C:\WINDOWS\system32\packager.exe
2008-04-07 16:37 41,984 ----a-w C:\WINDOWS\system32\osuninst.exe
2008-04-07 16:37 34,304 ----a-w C:\WINDOWS\system32\ping6.exe
2008-04-07 16:37 22,528 ----a-w C:\WINDOWS\system32\pathping.exe
2008-04-07 16:37 212,992 ----a-w C:\WINDOWS\system32\osk.exe
2008-04-07 16:37 207,872 ----a-w C:\WINDOWS\system32\progman.exe
2008-04-07 16:37 17,920 ----a-w C:\WINDOWS\system32\ping.exe
2008-04-07 16:37 17,408 ----a-w C:\WINDOWS\system32\qappsrv.exe
2008-04-07 16:37 15,360 ----a-w C:\WINDOWS\system32\pentnt.exe
2008-04-07 16:37 14,336 ----a-w C:\WINDOWS\system32\perfmon.exe
2008-04-07 16:28 53,248 ----a-w C:\WINDOWS\system32\odbcconf.exe
2008-04-07 16:28 396,800 ----a-w C:\WINDOWS\system32\ntvdm.exe
2008-04-07 16:28 32,768 ----a-w C:\WINDOWS\system32\odbcad32.exe
2008-04-07 16:28 31,744 ----a-w C:\WINDOWS\system32\ntsd.exe
2008-04-07 16:26 937,984 ----a-w C:\WINDOWS\system32\dxdiag.exe
2008-04-07 16:25 91,648 ----a-w C:\WINDOWS\system32\ahui.exe
2008-04-07 16:24 78,848 ----a-w C:\WINDOWS\system32\msiexec.exe
2008-04-07 16:24 46,080 ----a-w C:\WINDOWS\setdebug.exe
2008-04-07 16:24 253,952 ----a-w C:\WINDOWS\Setup1.exe
2008-04-07 16:24 139,776 ----a-w C:\WINDOWS\regedit.exe
2008-04-07 16:24 139,264 ----a-w C:\WINDOWS\PCHealth\UploadLB\Binaries\UploadM.exe
2008-04-07 16:17 99,840 ----a-w C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpHost.exe
2008-04-07 16:17 8,704 ----a-w C:\WINDOWS\PCHealth\HelpCtr\Binaries\HscUpd.exe
2008-04-07 16:17 741,376 ----a-w C:\WINDOWS\PCHealth\HelpCtr\Binaries\helpctr.exe
2008-04-07 16:17 703,488 ----a-w C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpSvc.exe
2008-04-07 16:17 35,328 ----a-w C:\WINDOWS\PCHealth\HelpCtr\Binaries\notiflag.exe
2008-04-07 16:17 146,944 ----a-w C:\WINDOWS\PCHealth\HelpCtr\Binaries\msconfig.exe
2008-04-07 16:16 67,072 ----a-w C:\WINDOWS\NOTEPAD.EXE
2008-04-07 16:15 57,856 ----a-w C:\WINDOWS\ltremove.exe
2008-04-07 16:15 310,784 ----a-w C:\WINDOWS\IsUn040a.exe
2008-04-07 16:15 159,744 ----a-w C:\WINDOWS\MakeMrk.exe
2008-04-07 16:14 40,960 ----a-w C:\WINDOWS\HPLTLNK1.EXE
2008-04-07 16:14 10,752 ----a-w C:\WINDOWS\hh.exe
2008-04-07 16:13 53,248 ----a-w C:\WINDOWS\Help\SBSI\Training\usersid.exe
2008-04-07 16:13 233,472 ----a-w C:\WINDOWS\Help\SBSI\Training\ounins32_s.exe
2008-04-07 16:13 1,081,344 ----a-w C:\WINDOWS\Help\SBSI\Training\orun32.exe
2008-04-07 16:11 208,896 ----a-w C:\WINDOWS\alcupd.exe
2008-04-07 16:11 135,168 ----a-w C:\WINDOWS\alcrmv.exe
2008-04-07 15:14 70,656 ----a-w C:\WINDOWS\system32\defrag.exe
2008-04-07 14:39 505,344 ----a-w C:\WINDOWS\system32\logonui.exe
2008-04-07 14:39 31,744 ----a-w C:\WINDOWS\system32\rundll32.exe
2008-04-07 14:39 22,528 ----a-w C:\WINDOWS\system32\userinit.exe
2008-04-07 14:39 219,648 ----a-w C:\WINDOWS\system32\logon.scr
2008-04-07 14:38 --------- d-----w C:\Documents and Settings\All Users\Datos de programa\ESET
2008-04-07 14:36 --------- d-----w C:\Archivos de programa\Disk Cleaner
2008-04-07 14:30 --------- d--h--w C:\Archivos de programa\InstallShield Installation Information
2008-04-06 14:36 691,545 ----a-w C:\WINDOWS\unins000.exe
.
------- Sigcheck -------
2006-04-20 13:38 340480 b8158e2a6112c0a5ca67bc158fc70218 C:\WINDOWS\SoftwareDistribution\Download\
0f02aeb5819cb2f8c58399e2c6fdda57\sp1qfe\tcpip.sys
2006-04-20 13:51 359808 1dbf125862891817f374f407626967f4 C:\WINDOWS\SoftwareDistribution\Download\
0f02aeb5819cb2f8c58399e2c6fdda57\sp2gdr\tcpip.sys
2006-04-20 14:18 360576 b2220c618b42a2212a59d91ebd6fc4b4 C:\WINDOWS\SoftwareDistribution\Download\
0f02aeb5819cb2f8c58399e2c6fdda57\sp2qfe\tcpip.sys
2004-08-04 08:14 359040 9f4b36614a0fc234525ba224957de55c C:\WINDOWS\SoftwareDistribution\Download\7110ad48510cd6e948498b60b2f54012\tcpip.sys
2002-09-10 15:00 332928 244a2f9816bc9b593957281ef577d976 C:\WINDOWS\SoftwareDistribution\Download\756b5cb6b308fddade39cc900771aca9\backup\sp1qfe\tcpip.sys
2002-09-10 15:00 332928 244a2f9816bc9b593957281ef577d976 C:\WINDOWS\SoftwareDistribution\Download\756b5cb6b308fddade39cc900771aca9\backup\sp2gdr\tcpip.sys
2002-09-10 15:00 332928 244a2f9816bc9b593957281ef577d976 C:\WINDOWS\SoftwareDistribution\Download\756b5cb6b308fddade39cc900771aca9\backup\sp2qfe\tcpip.sys
2004-08-04 08:14 359040 9f4b36614a0fc234525ba224957de55c C:\WINDOWS\SoftwareDistribution\Download\e295d0d14b1586abf86e55548b9dd43a\tcpip.sys
2008-06-06 17:59 332928 281749f39197f50c3adadb8d27ed6186 C:\WINDOWS\system32\drivers\tcpip.sys
2004-08-04 08:00 29056 4448006b6bc60e6c027932cfc38d6855 C:\WINDOWS\SoftwareDistribution\Download\7110ad48510cd6e948498b60b2f54012\ip6fw.sys
2008-04-07 21:27 1006592 9822b3c92c8257adff2c805b3ee10c85 C:\WINDOWS\explorer.exe
2004-08-20 00:42 1034752 89c8dd146ceaf482d82822766437d93f C:\WINDOWS\SoftwareDistribution\Download\7110ad48510cd6e948498b60b2f54012\explorer.exe
2004-08-20 00:42 15360 25ecfa69af1563fde8dfd31f9954497a C:\WINDOWS\SoftwareDistribution\Download\7110ad48510cd6e948498b60b2f54012\ctfmon.exe
2008-04-07 18:26 13312 bbd55ecef264c342308d3d78f8d633cd C:\WINDOWS\system32\ctfmon.exe
.
((((((((((((((((((((((((((((( snapshot[arroba]2008-04-08_23.42.09.17 )))))))))))))))))))))))))))))))))))))))))
.
+ 2005-02-25 03:35:11 15,584 ----a-w C:\WINDOWS\$hf_mig$\KB898461\spmsg.dll
+ 2005-02-25 03:35:11 212,192 ----a-w C:\WINDOWS\$hf_mig$\KB898461\spuninst.exe
+ 2005-02-25 03:35:15 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB898461\spupdsvc.exe
+ 2005-02-25 03:35:11 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB898461\update\spcustom.dll
+ 2005-02-25 03:35:16 726,752 ----a-w C:\WINDOWS\$hf_mig$\KB898461\update\update.exe
+ 2005-02-25 03:35:17 390,368 ----a-w C:\WINDOWS\$hf_mig$\KB898461\update\updspapi.dll
+ 2002-09-10 13:00:00 2,086,400 -c----w C:\WINDOWS\$MSI31Uninstall_KB893803v2$\msi.dll
+ 2008-04-07 16:27:44 64,512 -c----w C:\WINDOWS\$MSI31Uninstall_KB893803v2$\msiexec.exe
+ 2002-09-10 13:00:00 305,664 -c----w C:\WINDOWS\$MSI31Uninstall_KB893803v2$\msihnd.dll
+ 2002-09-10 13:00:00 847,872 -c----w C:\WINDOWS\$MSI31Uninstall_KB893803v2$\msimsg.dll
+ 2002-09-10 13:00:00 39,936 -c----w C:\WINDOWS\$MSI31Uninstall_KB893803v2$\msisip.dll
+ 2005-05-04 12:45:28 212,192 -c----w C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe
+ 2005-05-04 12:45:28 390,368 -c----w C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\updspapi.dll
+ 2002-09-10 13:00:00 222,720 -c----w C:\WINDOWS\$NtUninstallKB842773$\qmgr.dll
+ 2002-09-10 13:00:00 17,408 -c----w C:\WINDOWS\$NtUninstallKB842773$\qmgrprxy.dll
+ 2004-05-17 22:38:25 159,232 -c----w C:\WINDOWS\$NtUninstallKB842773$\spuninst\spuninst.exe
+ 2002-09-10 13:00:00 310,272 -c----w C:\WINDOWS\$NtUninstallKB842773$\winhttp.dll
+ 2005-02-25 03:35:11 212,192 -c----w C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe
+ 2005-02-25 03:35:17 390,368 -c----w C:\WINDOWS\$NtUninstallKB898461$\spuninst\updspapi.dll
+ 2003-09-01 03:07:56 2,387 -c--a-w C:\WINDOWS\$NtUninstallQ810565$\spuninst\spuninst.bat
- 2004-11-06 02:24:53 7,168 ----a-w C:\WINDOWS\assembly\GAC\IEExecRemote\1.0.5000.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2008-06-01 14:57:11 8,192 ----a-w C:\WINDOWS\assembly\GAC\IEExecRemote\1.0.5000.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2004-11-06 02:24:51 32,768 ----a-w C:\WINDOWS\assembly\GAC\IEHost\1.0.5000.0__b03f5f7f11d50a3a\IEHost.dll
+ 2008-06-01 14:57:14 32,768 ----a-w C:\WINDOWS\assembly\GAC\IEHost\1.0.5000.0__b03f5f7f11d50a3a\IEHost.dll
- 2004-11-06 02:24:47 716,800 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.JScript\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2008-06-01 14:57:30 720,896 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.JScript\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2004-11-06 02:24:47 299,008 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.VisualBasic\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2008-06-01 14:57:14 299,008 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.VisualBasic\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2004-11-06 02:24:53 32,768 ----a-w C:\WINDOWS\assembly\GAC\Regcode\1.0.5000.0__b03f5f7f11d50a3a\RegCode.dll
+ 2008-06-01 14:57:24 32,768 ----a-w C:\WINDOWS\assembly\GAC\Regcode\1.0.5000.0__b03f5f7f11d50a3a\RegCode.dll
- 2004-11-06 02:24:55 299,008 ----a-w C:\WINDOWS\assembly\GAC\System.Data.OracleClient\1.0.5000.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2008-06-01 14:57:21 303,104 ----a-w C:\WINDOWS\assembly\GAC\System.Data.OracleClient\1.0.5000.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2004-11-06 02:24:52 1,290,240 ----a-w C:\WINDOWS\assembly\GAC\System.Data\1.0.5000.0__b77a5c561934e089\System.Data.dll
+ 2008-06-01 14:57:25 1,294,336 ----a-w C:\WINDOWS\assembly\GAC\System.Data\1.0.5000.0__b77a5c561934e089\System.Data.dll
- 2004-11-06 02:24:52 1,699,840 ----a-w C:\WINDOWS\assembly\GAC\System.Design\1.0.5000.0__b03f5f7f11d50a3a\System.Design.dll
+ 2008-06-01 14:57:12 1,703,936 ----a-w C:\WINDOWS\assembly\GAC\System.Design\1.0.5000.0__b03f5f7f11d50a3a\System.Design.dll
- 2004-11-06 02:24:52 86,016 ----a-w C:\WINDOWS\assembly\GAC\System.DirectoryServices\1.0.5000.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2008-06-01 14:57:29 90,112 ----a-w C:\WINDOWS\assembly\GAC\System.DirectoryServices\1.0.5000.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2004-11-06 02:24:52 466,944 ----a-w C:\WINDOWS\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2008-06-01 14:57:20 466,944 ----a-w C:\WINDOWS\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2004-11-06 02:24:52 241,664 ----a-w C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2008-06-01 14:57:16 241,664 ----a-w C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2004-11-06 02:24:52 64,000 ----a-w C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.Thunk.dll
+ 2008-06-01 14:57:16 66,560 ----a-w C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.Thunk.dll
- 2004-11-06 02:24:52 368,640 ----a-w C:\WINDOWS\assembly\GAC\System.Management\1.0.5000.0__b03f5f7f11d50a3a\System.Management.dll
+ 2008-06-01 14:57:23 372,736 ----a-w C:\WINDOWS\assembly\GAC\System.Management\1.0.5000.0__b03f5f7f11d50a3a\System.Management.dll
- 2004-11-06 02:24:52 241,664 ----a-w C:\WINDOWS\assembly\GAC\System.Messaging\1.0.5000.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2008-06-01 14:57:30 241,664 ----a-w C:\WINDOWS\assembly\GAC\System.Messaging\1.0.5000.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2004-11-06 02:24:52 323,584 ----a-w C:\WINDOWS\assembly\GAC\System.Runtime.Remoting\1.0.5000.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2008-06-01 14:57:22 323,584 ----a-w C:\WINDOWS\assembly\GAC\System.Runtime.Remoting\1.0.5000.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2004-11-06 02:24:53 131,072 ----a-w C:\WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-06-01 14:57:17 131,072 ----a-w C:\WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2004-11-06 02:24:53 77,824 ----a-w C:\WINDOWS\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
+ 2008-06-01 14:57:19 77,824 ----a-w C:\WINDOWS\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
- 2004-11-06 02:24:53 126,976 ----a-w C:\WINDOWS\assembly\GAC\System.ServiceProcess\1.0.5000.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2008-06-01 14:57:26 126,976 ----a-w C:\WINDOWS\assembly\GAC\System.ServiceProcess\1.0.5000.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2004-11-06 02:24:53 819,200 ----a-w C:\WINDOWS\assembly\GAC\System.Web.Mobile\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2008-06-01 14:57:10 819,200 ----a-w C:\WINDOWS\assembly\GAC\System.Web.Mobile\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2004-11-06 02:24:53 57,344 ----a-w C:\WINDOWS\assembly\GAC\System.Web.RegularExpressions\1.0.5000.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2008-06-01 14:57:15 57,344 ----a-w C:\WINDOWS\assembly\GAC\System.Web.RegularExpressions\1.0.5000.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2004-11-06 02:24:53 569,344 ----a-w C:\WINDOWS\assembly\GAC\System.Web.Services\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2008-06-01 14:57:13 573,440 ----a-w C:\WINDOWS\assembly\GAC\System.Web.Services\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2004-11-06 02:24:53 1,245,184 ----a-w C:\WINDOWS\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2008-06-01 14:57:28 1,257,472 ----a-w C:\WINDOWS\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
- 2004-11-06 02:24:53 2,039,808 ----a-w C:\WINDOWS\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2008-06-01 14:57:18 2,052,096 ----a-w C:\WINDOWS\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\System.Windows.Forms.dll
- 2004-11-06 02:24:53 1,335,296 ----a-w C:\WINDOWS\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.Xml.dll
+ 2008-06-01 14:57:22 1,339,392 ----a-w C:\WINDOWS\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.XML.dll
- 2004-11-06 02:24:52 1,216,512 ----a-w C:\WINDOWS\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2008-06-01 14:57:32 1,224,704 ----a-w C:\WINDOWS\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2008-06-01 14:58:02 61,440 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_4da8a804\CustomMarshalers.dll
+ 2008-06-01 14:58:26 3,379,200 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_672ea9f4\mscorlib.dll
+ 2008-06-01 14:58:20 1,466,368 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_3573fb46\System.Design.dll
+ 2008-06-01 14:58:05 90,112 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_ab2fab1d\System.Drawing.Design.dll
+ 2008-06-01 14:58:22 835,584 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_f2f5d4e0\System.Drawing.dll
+ 2008-06-01 14:58:11 3,014,656 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_cdbac356\System.Windows.Forms.dll
+ 2008-06-01 14:58:16 2,088,960 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_b5fd01c8\System.Xml.dll
+ 2008-06-01 14:58:01 1,953,792 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_f27d46f6\System.dll
+ 2008-04-09 21:54:51 45,056 ----a-w C:\WINDOWS\BDOSCAN8\avxdisk.dll
+ 2008-04-09 21:54:51 10,240 ----a-w C:\WINDOWS\BDOSCAN8\avxs.dll
+ 2008-04-09 21:54:51 27,136 ----a-w C:\WINDOWS\BDOSCAN8\avxt.dll
+ 2008-04-09 21:54:52 181,760 ----a-w C:\WINDOWS\BDOSCAN8\bdcore.dll
+ 2008-01-09 13:01:48 118,784 ----a-w C:\WINDOWS\BDOSCAN8\bdupd.dll
+ 2008-01-09 13:01:48 53,248 ----a-w C:\WINDOWS\BDOSCAN8\ipsupd.dll
+ 2008-04-09 21:54:52 142,848 ----a-w C:\WINDOWS\BDOSCAN8\libfn.dll
+ 2008-04-09 21:54:51 86,016 ----a-w C:\WINDOWS\BDOSCAN8\librtvr.dll
+ 2008-01-09 13:01:48 53,248 ----a-w C:\WINDOWS\bdoscandel.exe
+ 2008-06-06 15:57:21 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-01-09 13:01:48 118,784 ----a-w C:\WINDOWS\Downloaded Program Files\bdupd.dll
+ 2008-03-24 17:33:02 1,527,056 ----a-w C:\WINDOWS\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe
+ 2008-01-09 13:01:48 53,248 ----a-w C:\WINDOWS\Downloaded Program Files\ipsupd.dll
- 2005-10-20 18:02:28 174,080 ----a-w C:\WINDOWS\erdnt\Hiv-backup\ERDNT.EXE
+ 2005-10-20 18:02:28 163,328 ----a-w C:\WINDOWS\erdnt\Hiv-backup\ERDNT.EXE
+ 2008-04-09 08:45:48 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE
+ 2008-04-09 20:23:16 790,528 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\
00000001\NTUSER.DAT
+ 2008-04-09 20:23:16 8,192 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\
00000002\UsrClass.dat
+ 2008-04-09 08:45:48 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.EXE
+ 2008-04-09 20:23:08 790,528 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\
00000001\NTUSER.DAT
+ 2008-04-09 20:23:08 8,192 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\
00000002\UsrClass.dat
- 2000-08-31 06:00:00 81,920 ----a-w C:\WINDOWS\fdsv.exe
+ 2000-08-31 06:00:00 73,728 ----a-w C:\WINDOWS\fdsv.exe
- 2000-08-31 06:00:00 87,580 ----a-w C:\WINDOWS\grep.exe
+ 2008-04-09 19:07:13 80,384 ----a-w C:\WINDOWS\grep.exe
+ 2008-06-01 15:29:24 3,638 ----a-r C:\WINDOWS\Installer\{CEB1DEB4-3CF3-44B0-BB48-1AA01BFA572B}\ARPPRODUCTICON.exe
+ 2008-06-01 15:29:24 3,638 ----a-r C:\WINDOWS\Installer\{CEB1DEB4-3CF3-44B0-BB48-1AA01BFA572B}\Hofmann.exe_E30E319D458342FD94459BAD61A8BFD6.exe
+ 2008-06-01 15:29:24 3,638 ----a-r C:\WINDOWS\Installer\{CEB1DEB4-3CF3-44B0-BB48-1AA01BFA572B}\Hofmann.exe1_E30E319D458342FD94459BAD61A8BFD6.exe
+ 2003-09-01 03:12:35 2,678 ----a-w C:\WINDOWS\java\Packages\Data\1NTBX7V5.DAT
+ 2003-09-01 03:12:39 2,678 ----a-w C:\WINDOWS\java\Packages\Data\62MN7RJ5.DAT
+ 2003-09-01 03:12:35 2,678 ----a-w C:\WINDOWS\java\Packages\Data\F7JJV1FJ.DAT
+ 2003-09-01 03:12:35 2,678 ----a-w C:\WINDOWS\java\Packages\Data\R393NT75.DAT
+ 2003-09-01 03:12:36 2,678 ----a-w C:\WINDOWS\java\Packages\Data\XV3TVNVX.DAT
- 2003-02-20 18:19:32 253,952 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2004-07-14 23:49:16 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
- 2008-04-07 16:16:08 20,480 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_regiis.exe
+ 2004-07-14 23:49:18 20,480 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_regiis.exe
- 2008-04-07 16:16:08 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
+ 2004-07-14 23:49:26 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
- 2008-04-07 16:16:08 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2004-07-14 23:49:22 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2003-02-20 18:09:08 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2004-07-14 22:32:22 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2008-04-07 16:16:16 49,152 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\csc.exe
+ 2004-07-15 09:23:28 49,152 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\csc.exe
- 2003-02-21 09:21:00 626,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\cscomp.dll
+ 2004-07-15 09:23:44 626,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\cscomp.dll
- 2003-02-20 18:06:20 282,624 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll
+ 2004-07-14 22:24:30 282,624 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll
+ 2003-10-08 12:30:14 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\gacutil.exe
- 2003-02-21 06:24:38 7,168 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\IEExecRemote.dll
+ 2004-07-15 12:31:00 8,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\IEExecRemote.dll
- 2003-02-21 06:24:40 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\IEHost.dll
+ 2004-07-15 12:31:04 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\IEHost.dll
- 2008-04-07 16:16:28 196,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ilasm.exe
+ 2004-07-14 22:35:30 196,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ilasm.exe
- 2003-02-21 06:26:36 716,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Microsoft.JScript.dll
+ 2004-07-15 12:28:58 720,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Microsoft.JScript.dll
- 2003-02-21 06:26:38 299,008 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Microsoft.VisualBasic.dll
+ 2004-07-15 12:28:56 299,008 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Microsoft.VisualBasic.dll
- 2008-04-07 16:16:31 49,152 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MigPol.exe
+ 2004-07-15 12:28:50 49,152 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MigPol.exe
- 2008-04-07 16:16:31 49,152 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MigPolWin.exe
+ 2004-07-15 12:28:50 49,152 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MigPolWin.exe
- 2003-02-20 18:09:12 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscordbc.dll
+ 2004-07-14 22:32:44 86,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscordbc.dll
- 2003-02-20 18:09:12 233,472 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscordbi.dll
+ 2004-07-14 22:32:46 233,472 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscordbi.dll
- 2003-02-20 18:06:32 311,296 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2004-07-14 22:25:06 315,392 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2003-02-20 18:09:16 98,304 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2004-07-14 22:33:04 102,400 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2003-02-21 06:26:34 2,088,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2004-07-15 12:29:02 2,138,112 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
- 2003-02-20 18:09:18 143,360 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorrc.dll
+ 2004-07-14 22:33:22 143,360 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorrc.dll
- 2003-02-20 18:09:18 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsec.dll
+ 2004-07-14 22:33:24 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsec.dll
- 2003-02-20 18:07:34 2,494,464 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
+ 2004-07-14 22:26:52 2,510,848 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
- 2003-02-20 18:08:32 2,482,176 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2004-07-14 22:28:34 2,502,656 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2004-08-10 14:20:00 106,496 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe
- 2003-02-20 18:09:30 90,112 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\PerfCounter.dll
+ 2004-07-14 22:34:50 94,208 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\PerfCounter.dll
- 2003-02-21 06:26:46 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\RegCode.dll
+ 2004-07-15 12:28:48 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\RegCode.dll
- 2003-02-20 18:09:34 319,488 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SOS.dll
+ 2004-07-14 22:35:04 319,488 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SOS.dll
- 2003-02-21 06:26:38 1,290,240 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Data.dll
+ 2004-07-15 12:32:00 1,294,336 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Data.dll
- 2003-02-21 06:25:42 299,008 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Data.OracleClient.dll
+ 2004-07-15 12:31:14 303,104 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Data.OracleClient.dll
- 2003-02-21 06:26:42 1,699,840 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Design.dll
+ 2004-07-15 12:29:02 1,703,936 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Design.dll
- 2003-02-21 06:26:44 86,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.DirectoryServices.dll
+ 2004-07-15 12:28:54 90,112 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.DirectoryServices.dll
- 2003-02-21 06:26:46 1,216,512 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2004-07-15 12:31:16 1,224,704 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2003-02-21 06:26:50 466,944 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Drawing.dll
+ 2004-07-15 12:28:58 466,944 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Drawing.dll
- 2003-02-21 06:26:50 241,664 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.EnterpriseServices.dll
+ 2004-07-15 12:28:56 241,664 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.EnterpriseServices.dll
- 2003-02-20 18:09:36 64,000 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.EnterpriseServices.Thunk.dll
+ 2004-07-14 22:35:12 66,560 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.EnterpriseServices.Thunk.dll
- 2003-02-21 06:26:52 368,640 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Management.dll
+ 2004-07-15 12:31:58 372,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Management.dll
- 2003-02-21 06:26:54 241,664 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Messaging.dll
+ 2004-07-15 12:31:12 241,664 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Messaging.dll
- 2003-02-21 06:26:56 323,584 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Remoting.dll
+ 2004-07-15 12:28:58 323,584 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Remoting.dll
- 2003-02-21 06:26:56 131,072 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
+ 2004-07-15 12:31:54 131,072 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
- 2003-02-21 06:26:58 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
+ 2004-07-15 12:28:52 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
- 2003-02-21 06:27:00 126,976 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.ServiceProcess.dll
+ 2004-07-15 12:28:54 126,976 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.ServiceProcess.dll
- 2003-02-21 06:27:02 1,245,184 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2004-07-15 12:29:00 1,257,472 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
- 2003-02-21 06:27:06 819,200 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.Mobile.dll
+ 2004-07-15 12:28:58 819,200 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.Mobile.dll
- 2003-02-21 06:24:18 57,344 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.RegularExpressions.dll
+ 2004-07-15 12:28:52 57,344 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.RegularExpressions.dll
- 2003-02-21 06:27:06 569,344 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.Services.dll
+ 2004-07-15 12:31:16 573,440 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.Services.dll
- 2003-02-21 06:27:08 2,039,808 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Windows.Forms.dll
+ 2004-07-15 12:32:02 2,052,096 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Windows.Forms.dll
- 2003-02-21 06:27:10 1,335,296 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.XML.dll
+ 2004-07-15 12:29:00 1,339,392 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.XML.dll
+ 2004-06-22 11:51:38 53,248 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe
- 2008-04-07 16:16:55 737,280 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\vbc.exe
+ 2004-07-15 09:23:20 737,280 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\vbc.exe
- 2003-02-21 04:04:18 1,032,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\VsaVb7rt.dll
+ 2004-07-15 06:15:14 1,032,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\VsaVb7rt.dll
- 2003-02-20 19:10:40 31,744 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\WMINet_Utils.dll
+ 2004-07-15 00:11:56 31,744 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\WMINet_Utils.dll
- 2000-08-31 06:00:00 37,376 ----a-w C:\WINDOWS\Nircmd.exe
+ 2000-08-31 06:00:00 28,160 ----a-w C:\WINDOWS\Nircmd.exe
- 2003-09-03 05:48:52 71,359 ----a-w C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\index.dat
+ 2008-05-11 17:04:02 71,359 ----a-w C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\index.dat
- 2003-09-03 05:48:52 3,224 ----a-w C:\WINDOWS\PCHealth\HelpCtr\PackageStore\SkuStore.bin
+ 2008-05-11 17:04:02 3,224 ----a-w C:\WINDOWS\PCHealth\HelpCtr\PackageStore\SkuStore.bin
- 2000-08-31 06:00:00 105,984 ----a-w C:\WINDOWS\sed.exe
+ 2000-08-31 06:00:00 98,816 ----a-w C:\WINDOWS\sed.exe
- 2000-08-31 06:00:00 169,472 ----a-w C:\WINDOWS\swreg.exe
+ 2000-08-31 06:00:00 161,792 ----a-w C:\WINDOWS\swreg.exe
- 2000-08-31 06:00:00 144,896 ----a-w C:\WINDOWS\swsc.exe
+ 2008-04-09 19:07:20 137,728 ----a-w C:\WINDOWS\swsc.exe
- 2000-08-31 06:00:00 219,648 ----a-w C:\WINDOWS\swxcacls.exe
+ 2000-08-31 06:00:00 212,480 ----a-w C:\WINDOWS\swxcacls.exe
+ 1997-02-28 02:00:02 2,486 ------w C:\WINDOWS\system\AS16POST.BIN
+ 2002-09-10 13:00:00 2,000 ----a-w C:\WINDOWS\system\KEYBOARD.DRV
+ 2002-09-10 13:00:00 2,032 ----a-w C:\WINDOWS\system\MOUSE.DRV
+ 2002-09-10 13:00:00 1,744 ----a-w C:\WINDOWS\system\SOUND.DRV
+ 2002-09-10 13:00:00 2,176 ----a-w C:\WINDOWS\system\VGA.DRV
+ 2004-07-01 22:05:33 360,960 ------w C:\WINDOWS\system32\bits\qmgr.dll
+ 2004-07-01 22:05:33 7,680 ------w C:\WINDOWS\system32\bitsprx2.dll
+ 2004-07-01 22:05:33 7,168 ------w C:\WINDOWS\system32\bitsprx3.dll
+ 2008-04-13 19:25:41 42,284 ----a-w C:\WINDOWS\system32\config\systemprofile\Configuración local\Archivos temporales de Internet\Content.IE5\4F0PWFIB\mmdmm[1].exe
+ 2008-04-16 18:53:38 7,300 ----a-w C:\WINDOWS\system32\config\systemprofile\Configuración local\Archivos temporales de Internet\Content.IE5\4F0PWFIB\mmdmm[2].exe
+ 2008-05-18 07:48:37 11,253 ----a-w C:\WINDOWS\system32\config\systemprofile\Configuración local\Archivos temporales de Internet\Content.IE5\I7E1UF0N\mmdmm[1].exe
+ 2008-06-01 11:58:11 41,294 ----a-w C:\WINDOWS\system32\config\systemprofile\Configuración local\Archivos temporales de Internet\Content.IE5\I7E1UF0N\mmdmm[2].exe
- 2008-04-08 21:27:44 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat
+ 2008-06-01 12:51:36 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat
+ 2008-04-30 13:00:56 2,491 ----a-w C:\WINDOWS\system32\config\systemprofile\Configuración local\Archivos temporales de Internet\Content.IE5\UZSNQDUV\mmdmm[1].exe
+ 2008-05-06 11:27:14 41,770 ----a-w C:\WINDOWS\system32\config\systemprofile\Configuración local\Archivos temporales de Internet\Content.IE5\UZSNQDUV\mmdmm[2].exe
- 2008-04-08 21:27:44 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Configuración local\Historial\History.IE5\index.dat
+ 2008-06-01 12:51:36 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Configuración local\Historial\History.IE5\index.dat
- 2008-04-08 21:27:44 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
+ 2008-06-01 12:51:36 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
- 2008-04-08 21:39:28 262,144 ----a-w C:\WINDOWS\system32\config\systemprofile\NTUSER.DAT
+ 2008-06-06 16:01:05 262,144 ----a-w C:\WINDOWS\system32\config\systemprofile\NTUSER.DAT
+ 2002-09-10 13:00:00 1,740 ----a-w C:\WINDOWS\system32\Dcache.bin
+ 2004-07-01 22:05:33 7,680 -c----w C:\WINDOWS\system32\dllcache\bitsprx2.dll
+ 2004-07-01 22:05:33 7,168 -c----w C:\WINDOWS\system32\dllcache\bitsprx3.dll
- 2005-05-11 07:09:38 61,952 ----a-w C:\WINDOWS\system32\drivers\CDAC11BA.EXE
+ 2005-05-11 07:09:40 61,952 ----a-w C:\WINDOWS\system32\drivers\CDAC11BA.EXE
+ 2006-10-05 02:42:42 2,432 ------w C:\WINDOWS\system32\drivers\cdr4_xp.sys
+ 2006-10-05 02:42:42 2,560 ------w C:\WINDOWS\system32\drivers\cdralw2k.sys
+ 2002-08-28 17:32:34 2,816 ----a-w C:\WINDOWS\system32\drivers\drmkaud.sys
+ 2002-09-10 13:00:00 2,944 ----a-w C:\WINDOWS\system32\drivers\null.sys
+ 2008-02-23 02:38:33 43,872 ------w C:\WINDOWS\system32\drivers\pxhelp20.sys
- 2000-08-04 13:25:30 49,152 ----a-w C:\WINDOWS\system32\INETWH32.dll
+ 2000-08-04 12:25:30 49,152 ----a-w C:\WINDOWS\system32\INETWH32.dll
+ 2005-05-16 17:34:48 213,048 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavss.dll
+ 2007-09-10 08:47:44 65,536 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
+ 2007-09-10 08:47:44 798,720 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll
+ 2002-09-10 13:00:00 2,000 ----a-w C:\WINDOWS\system32\keyboard.drv
+ 2007-10-11 12:12:48 1,468,968 ------w C:\WINDOWS\system32\LegitCheckControl.dll
+ 2002-09-10 13:00:00 2,560 ----a-w C:\WINDOWS\system32\lz32.dll
+ 2008-03-25 02:32:44 218,496 ----a-r C:\WINDOWS\system32\Macromed\Flash\FlashUtil9f.exe
+ 2008-04-10 12:57:45 74,649 ----a-w C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
+ 2002-09-10 13:00:00 2,032 ----a-w C:\WINDOWS\system32\mouse.drv
- 2003-02-20 18:06:24 155,648 ----a-w C:\WINDOWS\system32\mscoree.dll
+ 2004-07-14 22:24:50 155,648 ----a-w C:\WINDOWS\system32\mscoree.dll
- 2003-02-20 17:43:38 16,896 ----a-w C:\WINDOWS\system32\mscorier.dll
+ 2004-07-14 21:34:06 16,896 ----a-w C:\WINDOWS\system32\mscorier.dll
- 2002-09-10 13:00:00 2,086,400 ----a-w C:\WINDOWS\system32\msi.dll
+ 2005-05-04 12:45:32 2,890,240 ----a-w C:\WINDOWS\system32\msi.dll
- 2002-09-10 13:00:00 305,664 ----a-w C:\WINDOWS\system32\msihnd.dll
+ 2005-05-04 12:45:36 271,360 ----a-w C:\WINDOWS\system32\msihnd.dll
- 2002-09-10 13:00:00 847,872 ----a-w C:\WINDOWS\system32\msimsg.dll
+ 2005-05-04 12:45:36 884,736 ----a-w C:\WINDOWS\system32\msimsg.dll
- 2002-09-10 13:00:00 39,936 ----a-w C:\WINDOWS\system32\msisip.dll
+ 2005-05-04 12:45:36 15,360 ----a-w C:\WINDOWS\system32\msisip.dll
+ 2007-07-30 17:19:10 271,224 ----a-w C:\WINDOWS\system32\mucltui.dll
+ 2007-07-30 17:18:34 207,736 ----a-w C:\WINDOWS\system32\muweb.dll
- 2008-04-02 04:47:25 53,098 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2008-06-01 14:56:56 53,098 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2008-04-02 04:47:25 69,112 ----a-w C:\WINDOWS\system32\perfc00A.dat
+ 2008-06-01 14:56:56 69,112 ----a-w C:\WINDOWS\system32\perfc00A.dat
- 2008-04-02 04:47:25 380,684 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2008-06-01 14:56:56 380,684 ----a-w C:\WINDOWS\system32\perfh009.dat
- 2008-04-02 04:47:25 440,278 ----a-w C:\WINDOWS\system32\perfh00A.dat
+ 2008-06-01 14:56:56 440,278 ----a-w C:\WINDOWS\system32\perfh00A.dat
+ 2008-05-11 17:17:14 278,528 ----a-w C:\WINDOWS\system32\pncrt.dll
+ 2008-05-11 17:17:16 6,656 ----a-w C:\WINDOWS\system32\pndx5016.dll
+ 2008-05-11 17:17:16 5,632 ----a-w C:\WINDOWS\system32\pndx5032.dll
+ 2006-09-27 21:53:22 514,808 ------w C:\WINDOWS\system32\px.dll
+ 2006-09-27 21:53:22 477,944 ------w C:\WINDOWS\system32\pxdrv.dll
+ 2006-09-27 21:53:22 68,344 ------w C:\WINDOWS\system32\pxhpinst.exe
+ 2006-09-27 21:53:22 183,032 ------w C:\WINDOWS\system32\pxmas.dll
+ 2006-09-27 21:53:23 379,640 ------w C:\WINDOWS\system32\pxwave.dll
- 2002-09-10 13:00:00 222,720 ----a-w C:\WINDOWS\system32\qmgr.dll
+ 2004-07-01 22:05:33 360,960 ----a-w C:\WINDOWS\system32\qmgr.dll
- 2002-09-10 13:00:00 17,408 ----a-w C:\WINDOWS\system32\qmgrprxy.dll
+ 2004-07-01 22:05:33 17,408 ----a-w C:\WINDOWS\system32\qmgrprxy.dll
+ 2008-05-11 17:17:25 185,944 ----a-w C:\WINDOWS\system32\rmoc3260.dll
- 2002-09-20 22:33:28 1,089,536 ----a-w C:\WINDOWS\system32\ROBOEX32.DLL
+ 2002-09-20 21:33:28 1,089,536 ----a-w C:\WINDOWS\system32\ROBOEX32.DLL
+ 2002-09-10 13:00:00 1,744 ----a-w C:\WINDOWS\system32\sound.drv
- 2004-01-09 22:46:49 8,192 ------w C:\WINDOWS\system32\spmsg.dll
+ 2007-10-08 12:46:18 14,640 ------w C:\WINDOWS\system32\spmsg.dll
+ 2005-02-25 03:35:15 22,752 ----a-w C:\WINDOWS\system32\spupdsvc.exe
+ 2002-09-10 13:00:00 2,176 ----a-w C:\WINDOWS\system32\vga.drv
+ 2006-09-27 21:53:23 39,672 ------w C:\WINDOWS\system32\vxblock.dll
- 2002-09-10 13:00:00 310,272 ----a-w C:\WINDOWS\system32\winhttp.dll
+ 2004-07-01 22:05:33 331,776 ----a-w C:\WINDOWS\system32\winhttp.dll
+ 2002-09-10 13:00:00 2,864 ----a-w C:\WINDOWS\system32\winsock.dll
+ 2002-09-10 13:00:00 2,112 ----a-w C:\WINDOWS\system32\winspool.exe
+ 2002-09-10 13:00:00 2,736 ----a-w C:\WINDOWS\system32\wowdeb.exe
+ 2004-06-30 14:59:54 179,200 ------w C:\WINDOWS\system32\xpob2res.dll
- 2000-08-31 06:00:00 60,996 ----a-w C:\WINDOWS\VFind.exe
+ 2008-04-09 19:07:25 53,248 ----a-w C:\WINDOWS\VFind.exe
- 2000-08-31 06:00:00 75,264 ----a-w C:\WINDOWS\zip.exe
+ 2008-04-09 19:07:27 68,096 ----a-w C:\WINDOWS\zip.exe
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Cargando Puntos Reg ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* entradas vacías & entradas legítimas predeterminadas no son mostradas
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Archivos de programa\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-05-20 20:55 68856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\WINDOWS\System32\igfxtray.exe" [2008-04-07 21:31 155648]
"HotKeysCmds"="C:\WINDOWS\System32\hkcmd.exe" [2008-04-07 21:31 114688]
"Apoint"="C:\Archivos de programa\Apoint2K\Apoint.exe" [2003-06-18 14:44 151552]
"CeEPOWER"="C:\Archivos de programa\TOSHIBA\Power Management\CePMTray.exe" [2008-04-07 21:32 135168]
"CPLDBL10"="C:\Archivos de programa\EzButton\CPLDBL10.EXE" [2008-04-07 21:32 204800]
"CeEKEY"="C:\Archivos de programa\TOSHIBA\E-KEY\CeEKey.exe" [2008-04-07 21:32 638976]
"TPNF"="C:\Archivos de programa\TOSHIBA\TouchPad\TPTray.exe" [2008-04-07 21:03 49152]
"NDSTray.exe"="NDSTray.exe" []
"TkBellExe"="C:\Archivos de programa\Archivos comunes\Real\Update_OB\realsched.exe" [2008-05-11 19:17 185896]
"!AVG Anti-Spyware"="C:\Archivos de programa\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25 6731312]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2008-04-07 18:26 13312]
"Microsoft Oftice"="C:\WINDOWS\System32\msmsgs.exe" [ ]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"SENTINEL"= snti386.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menú Inicio^Programas^Inicio^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!AVG Anti-Spyware]
--a------ 2007-06-11 11:25 6731312 C:\Archivos de programa\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APVXDWIN]
C:\Archivos de programa\Panda Software\Panda Antivirus Titanium\APVXDWIN.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
--a------ 2008-05-11 19:15 120320 C:\Archivos de programa\Google\Google Desktop Search\GoogleDesktop.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\gStart]
--a------ 2006-09-06 10:05 1891416 C:\Garmin\gStart.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Oftice]
C:\WINDOWS\System32\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--a------ 2008-04-07 16:58 1511424 C:\Archivos de programa\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDFix]
F:\SDFix\SDFix\RunThis.bat /second
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Archivos de programa\Spybot - Search & Destroy\TeaTimer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2008-05-20 20:55 68856 C:\Archivos de programa\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\wbtserv.exe"=
R0 sonypvl2;sonypvl2;C:\WINDOWS\System32\drivers\sonypvl2.sys [2003-07-25 16:02]
R1 sonypvf2;sonypvf2;C:\WINDOWS\System32\drivers\sonypvf2.sys [2003-08-20 11:51]
R1 sonypvt2;sonypvt2;C:\WINDOWS\System32\drivers\sonypvt2.sys [2003-08-20 11:44]
R2 DPortIO;Dritek Port I/O Driver;C:\WINDOWS\System32\Drivers\DPortIO.sys [2001-04-12 16:04]
R2 wbtserv;Windows Bluetooth Server;"C:\WINDOWS\system32\wbtserv.exe" [2008-06-01 14:51]
S1 sonypvd2;sonypvd2;C:\WINDOWS\System32\DRIVERS\sonypvd2.sys [2003-06-24 11:29]
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-06-06 18:03:19
Windows 5.1.2600 Service Pack 1 NTFS
escaneando procesos ocultos ...
escaneando entradas ocultas de autostart ...
escaneando archivos ocultos ...
el escaneo se completo con exito
archivos ocultos: 0
**************************************************************************
.
Tiempo completado: 2008-06-06 18:04:56
ComboFix-quarantined-files.txt 2008-06-06 16:04:39
ComboFix2.txt 2008-04-08 21:42:35
13 dirs 3,590,852,608 bytes libres
16 dirs 3,582,341,120 bytes libres
516 --- E O F --- 2008-04-09 21:56:37
Salu2 y gracias.
Mensaje modificado por Martzius el Jun 6 2008, 06:44 PM
Log para analizar
Jun 6 2008, 02:21 PM
