Blog Registrarse Temas de Hoy AntiSpywares AntiVirus Glosario

Regresar   Foro de Spyware » Spyware - Adware - Hijackers - Malwares » Foro Oficial de HijackThis en español
Actualizar Redireccionamiento y bloqueo de dominio
         
Para evitar Virus, Spyware y ventanas emergentes, en InfoSpyware recomendamos navegar con: FIREFOX

Foro Oficial de HijackThis en español Analizamos tu log de HijackThis para eliminar Hijackers, Spyware, Adware, ToolBars, Virus, Troyanos y Malwares en gral. Antes lea las Políticas del Foro de HijackThis.

Respuesta
 
Herramientas
  post #1 (permalink)  
Antiguo 18/01/08, 08:53:04
Avatar de drjuanse
Usuario
  
Registrado: oct 2006
Ubicación: Paraguay
Mensajes: 26
Pregunta Redireccionamiento y bloqueo de dominio
Hola amigos de forospyware!

La cuestión es la siguiente: Navego en internet tanto con el firefox como con IE7. Resúltase que a veces parece ser que las páginas "caducan" saliéndome el mensaje de this domain has been blocked (este dominio ha sido bloqueado) y me redirecciona a una página (ndparking.com/mywebserver/), que es la que me da el mensaje de bloqueo.
Lo comentado no sucede siempre, como dije, sólo a veces... por lo que me llevó a pensar que quizá no era un problema de configuración sino de algún archivo malintencionado.

Obs: He scaneado la pc con Super-antispyware, Ad-aware SE y spybot.

Aquí va el log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:35:48 p.m., on 18/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Archivos de programa\TuneUp Utilities 2006\WinStylerThemeSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Archivos de programa\Razer\Habu\razerhid.exe
C:\WINDOWS\vsnpstd2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Archivos de programa\Razer\Habu\razerofa.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\Archivos de programa\MSN Messenger\msnmsgr.exe
C:\Archivos de programa\Windows Media Player\wmplayer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Archivos de programa\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Archivos de programa\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Archivos de programa\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Habu] C:\Archivos de programa\Razer\Habu\razerhid.exe
O4 - HKLM\..\Run: [SNPSTD2] C:\WINDOWS\vsnpstd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Archivos de programa\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Servicio de red')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Clean Traces - C:\Archivos de programa\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Archivos de programa\DAP\dapextie.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Archivos de programa\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Abrir en nueva ficha de fondo - res://C:\Archivos de programa\Windows Live Toolbar\Components\es-xl\msntabres.dll.mui/229?ee73d594b86a4a849406f8f738ee6825
O8 - Extra context menu item: Abrir en nueva ficha en primer plano - res://C:\Archivos de programa\Windows Live Toolbar\Components\es-xl\msntabres.dll.mui/230?ee73d594b86a4a849406f8f738ee6825
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Download &all with DAP - C:\Archivos de programa\DAP\dapextie2.htm
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\j2re1.4.2_07\bin\npjpi142_07.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\j2re1.4.2_07\bin\npjpi142_07.dll
O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARCHIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARCHIV~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARCHIV~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Archivos de programa\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Archivos de programa\Archivos comunes\PCSuite\Services\ServiceLayer.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Archivos de programa\TuneUp Utilities 2006\WinStylerThemeSvc.exe

--
End of file - 6180 bytes
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiMeneame
Responder Con Cita
  post #2 (permalink)  
Antiguo 18/01/08, 17:08:22
Avatar de ElPiedra
FS-Admin
  
Registrado: ene 2005
Ubicación: Miami
Mensajes: 28.323
Re: Redireccionamiento y bloqueo de dominio
Hola drjuanse,

Tu log de HijackThis esta libre de Malwares por lo que sugiero realizar lo siguiente:

Descarga CCleaner y ejecútalo usando primero su opción de "Limpiador" para borrar cookies, temporales de Internet y todos los archivos que este te muestre como obsoletos, y luego usa su opción de "Registro" para limpiar todo el registro de Windows (haciendo copia de seguridad).


- Descarga la herramienta ComboFix.exe y guárdala en el escritorio.
  • Desactiva temporalmente el Antivirus y/o Antispyware.
  • Cierra todas las ventanas abiertas.
  • Hacele doble clic al archivo combofix.exe y seguí las instrucciones.
  • Cuando termine, generara un registro en C:\ComboFix.txt.
    • *Nota* Mientras CF este trabajando no mover el mouse ya que pararía su proceso.
    • *Nota* ComboFix puede reiniciar automáticamente el PC para completar el proceso de eliminación.
  • Pega el reporte de ComboFix.txt en este mismo mensaje.


Reinicia y nos dejas los reportes.

Salu2
Hablándole al mundo en "Twitter""

Novedades del Foro | Antivirus Online | Eliminar Malwares | Políticas del Foro | Blog

* Ayúdanos haciendo una DONACIÓN para poder seguir Ayudando.
* Para evitar Virus y Spywares al navegar por internet, USE FIREFOX !!
* No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiMeneame
Responder Con Cita
  post #3 (permalink)  
Antiguo 18/01/08, 19:30:17
Avatar de drjuanse
Usuario
  
Registrado: oct 2006
Ubicación: Paraguay
Mensajes: 26
Re: Redireccionamiento y bloqueo de dominio
LO HAGO EN 2 PARTES YA QUE TIENE MAS DE 65.000 CARACTERES

ComboFix 08-01-18.5 - SEMPRON 2008-01-19 0:57:14.4 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.34.3082.18.267 [GMT 1:00]
Se ejecuta desde: C:\Documents and Settings\SEMPRON\Escritorio\ComboFix.exe

ADVERTENCIA - ESTE EQUIPO NO TIENE INSTALADA LA CONSOLA DE RECUPERACION!
.
The following files were disabled during the run:
C:\Archivos de programa\TuneUp Utilities 2006\WinStylerThemeHelper.dll


(((((((((((((((((((((((((((((((((((( Otras eliminaciones )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Datos de programa\Microsoft\Network\Downloader\qmgr0.dat . . . . Fallo al eliminar
C:\Documents and Settings\All Users\Datos de programa\Microsoft\Network\Downloader\qmgr1.dat . . . . Fallo al eliminar

.
(((((((((((((((((( Archivos creados desde 2007-12-19 - 2008-01-19 )))))))))))))))))))))))))))))))))
.

2008-01-18 21:33 . 2008-01-18 21:33 <DIR> d-------- C:\WINDOWS\system32\LogFiles
2008-01-18 14:35 . 2008-01-18 14:35 <DIR> d-------- C:\Archivos de programa\Trend Micro
2008-01-05 02:05 . 2008-01-06 09:17 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-01-05 02:05 . 2008-01-05 02:05 1,409 --a------ C:\WINDOWS\QTFont.for
2007-12-31 08:30 . 2007-12-31 08:30 <DIR> d-------- C:\Archivos de programa\Ocean Technology
2007-12-31 08:15 . 2007-12-31 08:16 <DIR> d-------- C:\Archivos de programa\Hamachi

.
(((((((((((((((((((((((((((((((((((((( Reporte Find3M )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
2008-01-19 00:02 --------- d-----w C:\Archivos de programa\TuneUp Utilities 2006
2008-01-18 22:39 --------- d-----w C:\Archivos de programa\Counter Strike 1.6 LanPy
2008-01-18 21:58 --------- d-----w C:\Archivos de programa\sXe Injected
2008-01-14 22:53 --------- d-----w C:\Documents and Settings\SEMPRON\Datos de programa\Hamachi
2007-12-31 07:15 25,280 ----a-w C:\WINDOWS\system32\drivers\hamachi.sys
2007-12-31 06:48 --------- d-----w C:\Archivos de programa\AMX Mod X
2007-12-14 22:44 --------- d-----w C:\Archivos de programa\SUPERAntiSpyware
2007-12-07 21:41 --------- d-----w C:\Archivos de programa\Windows Live Toolbar
2007-12-07 21:41 --------- d-----w C:\Archivos de programa\Windows Live Favorites
2007-11-28 16:35 --------- d-----w C:\Archivos de programa\Ares
2007-11-27 21:54 3,888 ----a-w C:\WINDOWS\system32\drivers\NTHANDLE.SYS
2007-11-26 13:29 --------- d-----w C:\Documents and Settings\SEMPRON\Datos de programa\U3
2007-11-19 21:28 --------- d-----w C:\Archivos de programa\Archivos comunes\Wise Installation Wizard
2007-10-26 14:05 798,720 ----a-w C:\WINDOWS\GPInstall.exe
.

((((((((((((((((((((((((((((( snapshot@2007-11-29_18.27.09,29 )))))))))))))))))))))))))))))))))))))))))
.
+ 2006-03-24 04:48:51 49,152 ----a-w C:\WINDOWS\$hf_mig$\KB904942\SP2QFE\wdigest.dll
+ 2005-10-12 23:13:27 15,584 ----a-w C:\WINDOWS\$hf_mig$\KB904942\spmsg.dll
+ 2005-10-12 23:13:27 215,776 ----a-w C:\WINDOWS\$hf_mig$\KB904942\spuninst.exe
+ 2005-10-12 23:13:27 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB904942\update\spcustom.dll
+ 2005-10-12 23:14:09 724,704 ----a-w C:\WINDOWS\$hf_mig$\KB904942\update\update.exe
+ 2005-10-12 23:14:16 389,856 ----a-w C:\WINDOWS\$hf_mig$\KB904942\update\updspapi.dll
+ 2006-07-14 15:52:22 121,856 ----a-w C:\WINDOWS\$hf_mig$\KB915865\SP2QFE\xmllite.dll
+ 2005-10-12 23:12:25 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB915865\spmsg.dll
+ 2005-10-12 23:12:26 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB915865\spuninst.exe
+ 2005-10-12 23:12:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB915865\update\spcustom.dll
+ 2005-10-12 23:12:28 716,000 ----a-w C:\WINDOWS\$hf_mig$\KB915865\update\update.exe
+ 2005-10-12 23:12:33 371,424 ----a-w C:\WINDOWS\$hf_mig$\KB915865\update\updspapi.dll
+ 2006-10-11 16:36:14 153,088 ----a-w C:\WINDOWS\$hf_mig$\KB920342\SP2QFE\p2p.dll
+ 2006-10-11 16:36:14 104,960 ----a-w C:\WINDOWS\$hf_mig$\KB920342\SP2QFE\p2pgasvc.dll
+ 2006-10-11 16:36:14 313,344 ----a-w C:\WINDOWS\$hf_mig$\KB920342\SP2QFE\p2pgraph.dll
+ 2006-10-11 16:36:14 115,712 ----a-w C:\WINDOWS\$hf_mig$\KB920342\SP2QFE\p2pnetsh.dll
+ 2006-10-11 16:36:14 553,984 ----a-w C:\WINDOWS\$hf_mig$\KB920342\SP2QFE\p2psvc.dll
+ 2006-10-11 16:36:14 58,880 ----a-w C:\WINDOWS\$hf_mig$\KB920342\SP2QFE\pnrpnsp.dll
+ 2006-09-26 09:14:50 228,352 ----a-w C:\WINDOWS\$hf_mig$\KB920342\SP2QFE\spru0c0a.dll
+ 2005-10-12 23:13:27 15,584 ----a-w C:\WINDOWS\$hf_mig$\KB920342\spmsg.dll
+ 2005-10-12 23:13:27 215,776 ----a-w C:\WINDOWS\$hf_mig$\KB920342\spuninst.exe
+ 2005-10-12 23:13:27 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB920342\update\spcustom.dll
+ 2005-10-12 23:14:09 724,704 ----a-w C:\WINDOWS\$hf_mig$\KB920342\update\update.exe
+ 2005-10-12 23:14:16 389,856 ----a-w C:\WINDOWS\$hf_mig$\KB920342\update\updspapi.dll
+ 2007-07-06 09:52:38 72,960 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqac.sys
+ 2007-07-06 13:09:46 138,240 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqad.dll
+ 2007-07-06 13:09:46 47,104 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqdscli.dll
+ 2007-07-06 13:09:46 16,896 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqise.dll
+ 2007-07-06 13:09:46 660,992 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqqm.dll
+ 2007-07-06 13:09:46 177,152 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqrt.dll
+ 2007-07-06 13:09:46 95,744 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqsec.dll
+ 2007-07-06 13:09:46 48,640 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqupgrd.dll
+ 2007-07-06 13:09:46 521,216 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqutil.dll
+ 2005-10-12 23:13:27 15,584 ----a-w C:\WINDOWS\$hf_mig$\KB937894\spmsg.dll
+ 2005-10-12 23:13:27 215,776 ----a-w C:\WINDOWS\$hf_mig$\KB937894\spuninst.exe
+ 2005-10-12 23:13:27 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB937894\update\spcustom.dll
+ 2005-10-12 23:14:09 724,704 ----a-w C:\WINDOWS\$hf_mig$\KB937894\update\update.exe
+ 2005-10-12 23:14:16 389,856 ----a-w C:\WINDOWS\$hf_mig$\KB937894\update\updspapi.dll
+ 2007-07-12 23:28:29 765,952 ----a-w C:\WINDOWS\$hf_mig$\KB938127-IE7\SP2QFE\vgx.dll
+ 2007-03-06 01:27:45 15,584 ----a-w C:\WINDOWS\$hf_mig$\KB938127-IE7\spmsg.dll
+ 2007-03-06 01:27:50 215,776 ----a-w C:\WINDOWS\$hf_mig$\KB938127-IE7\spuninst.exe
+ 2007-03-06 01:27:44 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB938127-IE7\update\spcustom.dll
+ 2007-03-06 01:28:08 724,704 ----a-w C:\WINDOWS\$hf_mig$\KB938127-IE7\update\update.exe
+ 2007-03-06 01:29:00 389,856 ----a-w C:\WINDOWS\$hf_mig$\KB938127-IE7\update\updspapi.dll
+ 2007-08-20 09:49:42 124,928 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\advpack.dll
+ 2007-08-20 09:49:49 214,528 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\dxtrans.dll
+ 2007-08-20 09:49:42 132,608 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\extmgr.dll
+ 2007-08-20 09:49:42 63,488 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\icardie.dll
+ 2007-08-17 10:12:34 70,656 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ie4uinit.exe
+ 2007-08-20 09:49:42 153,088 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieakeng.dll
+ 2007-08-20 09:49:43 230,400 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieaksie.dll
+ 2007-08-17 07:29:55 161,792 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieapfltr.dat
+ 2007-08-20 09:49:43 383,488 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieapfltr.dll
+ 2007-08-20 09:49:43 387,584 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\iedkcs32.dll
+ 2007-08-20 09:49:45 6,066,176 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieframe.dll
+ 2007-08-20 09:49:45 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\iernonce.dll
+ 2007-08-20 09:49:45 267,776 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\iertutil.dll
+ 2007-08-17 10:12:35 13,824 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieudinit.exe
+ 2007-08-17 10:12:49 625,152 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\iexplore.exe
+ 2007-08-20 09:49:45 27,648 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\jsproxy.dll
+ 2007-08-20 09:49:46 459,264 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\msfeeds.dll
+ 2007-08-20 09:49:46 52,224 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\msfeedsbs.dll
+ 2007-08-20 09:49:47 3,592,192 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\mshtml.dll
+ 2007-08-20 09:49:47 478,208 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\mshtmled.dll
+ 2007-08-20 09:49:47 193,024 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\msrating.dll
+ 2007-08-20 09:49:48 671,232 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\mstime.dll
+ 2007-08-20 09:49:48 102,400 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\occache.dll
+ 2007-08-20 09:49:48 105,984 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\url.dll
+ 2007-08-20 09:49:48 1,161,728 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\urlmon.dll
+ 2007-08-20 09:49:48 232,960 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\webcheck.dll
+ 2007-08-20 09:49:49 825,344 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:27:44 15,584 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\spmsg.dll
+ 2007-03-06 01:27:50 215,776 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\spuninst.exe
+ 2007-03-06 01:27:43 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\update\spcustom.dll
+ 2007-03-06 01:28:08 724,704 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\update\update.exe
+ 2007-03-06 01:29:00 389,856 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\update\updspapi.dll
+ 2007-10-29 22:36:23 1,293,824 ----a-w C:\WINDOWS\$hf_mig$\KB941568\SP2QFE\quartz.dll
+ 2007-03-06 01:27:45 15,584 ----a-w C:\WINDOWS\$hf_mig$\KB941568\spmsg.dll
+ 2007-03-06 01:27:50 215,776 ----a-w C:\WINDOWS\$hf_mig$\KB941568\spuninst.exe
+ 2007-03-06 01:27:44 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB941568\update\spcustom.dll
+ 2007-03-06 01:28:08 724,704 ----a-w C:\WINDOWS\$hf_mig$\KB941568\update\update.exe
+ 2007-03-06 01:29:00 389,856 ----a-w C:\WINDOWS\$hf_mig$\KB941568\update\updspapi.dll
+ 2007-10-10 23:22:17 124,928 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\advpack.dll
+ 2007-10-10 23:22:17 214,528 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\dxtrans.dll
+ 2007-10-10 23:22:17 132,608 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\extmgr.dll
+ 2007-10-10 23:22:17 63,488 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\icardie.dll
+ 2007-10-10 08:16:47 70,656 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ie4uinit.exe
+ 2007-10-10 23:22:17 153,088 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieakeng.dll
+ 2007-10-10 23:22:17 230,400 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieaksie.dll
+ 2007-10-10 05:47:20 161,792 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieapfltr.dat
+ 2007-10-10 23:22:17 383,488 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieapfltr.dll
+ 2007-10-10 23:22:17 388,096 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\iedkcs32.dll
+ 2007-10-10 23:22:19 6,067,200 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieframe.dll
+ 2007-10-10 23:22:19 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\iernonce.dll
+ 2007-10-10 23:22:19 267,776 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\iertutil.dll
+ 2007-10-10 08:16:47 13,824 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieudinit.exe
+ 2007-10-10 08:16:56 625,664 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\iexplore.exe
+ 2007-10-10 23:22:20 27,648 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\jsproxy.dll
+ 2007-10-10 23:22:20 459,264 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\msfeeds.dll
+ 2007-10-10 23:22:20 52,224 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\msfeedsbs.dll
+ 2007-10-30 23:40:50 3,593,216 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\mshtml.dll
+ 2007-10-10 23:22:21 478,208 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\mshtmled.dll
+ 2007-10-10 23:22:21 193,024 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\msrating.dll
+ 2007-10-10 23:22:21 671,232 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\mstime.dll
+ 2007-10-10 23:22:21 102,912 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\occache.dll
+ 2007-10-10 23:22:21 105,984 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\url.dll
+ 2007-10-10 23:22:21 1,162,240 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\urlmon.dll
+ 2007-10-10 23:22:22 233,472 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\webcheck.dll
+ 2007-10-10 23:22:22 825,344 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:27:45 15,584 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\spmsg.dll
+ 2007-03-06 01:27:50 215,776 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\spuninst.exe
+ 2007-03-06 01:27:44 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\update\spcustom.dll
+ 2007-03-06 01:28:08 724,704 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\update\update.exe
+ 2007-03-06 01:29:00 389,856 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\update\updspapi.dll
+ 2007-11-13 11:02:46 60,416 ----a-w C:\WINDOWS\$hf_mig$\KB942763\SP2QFE\tzchange.exe
+ 2007-03-06 01:27:45 15,584 ----a-w C:\WINDOWS\$hf_mig$\KB942763\spmsg.dll
+ 2007-03-06 01:27:50 215,776 ----a-w C:\WINDOWS\$hf_mig$\KB942763\spuninst.exe
+ 2007-03-06 01:27:44 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\spcustom.dll
+ 2007-03-06 01:28:08 724,704 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\update.exe
+ 2007-03-06 01:29:00 389,856 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\updspapi.dll
+ 2007-11-13 08:47:45 20,480 ----a-w C:\WINDOWS\$hf_mig$\KB944653\SP2QFE\secdrv.sys
+ 2007-03-06 01:27:45 15,584 ----a-w C:\WINDOWS\$hf_mig$\KB944653\spmsg.dll
+ 2007-03-06 01:27:50 215,776 ----a-w C:\WINDOWS\$hf_mig$\KB944653\spuninst.exe
+ 2007-03-06 01:27:44 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB944653\update\spcustom.dll
+ 2007-03-06 01:28:08 724,704 ----a-w C:\WINDOWS\$hf_mig$\KB944653\update\update.exe
+ 2007-03-06 01:29:00 389,856 ----a-w C:\WINDOWS\$hf_mig$\KB944653\update\updspapi.dll
+ 2006-05-25 09:29:04 213,216 -c----w C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPI s$\spuninst\spuninst.exe
+ 2006-05-25 09:29:04 371,424 -c----w C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPI s$\spuninst\updspapi.dll
+ 2006-05-24 11:32:48 213,216 -c----w C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapp ing$\spuninst\spuninst.exe
+ 2006-05-24 11:32:48 371,424 -c----w C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapp ing$\spuninst\updspapi.dll
+ 2005-10-12 23:13:27 215,776 -c----w C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst .exe
+ 2005-10-12 23:14:16 389,856 -c----w C:\WINDOWS\$NtUninstallKB904942$\spuninst\updspapi .dll
+ 2004-08-19 13:42:30 49,152 -c----w C:\WINDOWS\$NtUninstallKB904942$\wdigest.dll
+ 2004-12-21 10:14:24 28,672 -c----w C:\WINDOWS\$NtUninstallKB914440$\custsat.dll
+ 2005-10-12 23:13:28 215,776 -c----w C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst .exe
+ 2005-10-12 23:14:15 389,856 -c----w C:\WINDOWS\$NtUninstallKB914440$\spuninst\updspapi .dll
+ 2005-10-12 23:12:26 213,216 -c----w C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst .exe
+ 2005-10-12 23:12:33 371,424 -c----w C:\WINDOWS\$NtUninstallKB915865$\spuninst\updspapi .dll
+ 2004-08-19 13:42:22 116,224 -c----w C:\WINDOWS\$NtUninstallKB920342$\p2p.dll
+ 2004-08-19 13:42:22 86,016 -c----w C:\WINDOWS\$NtUninstallKB920342$\p2pgasvc.dll
+ 2004-08-19 13:42:22 312,320 -c----w C:\WINDOWS\$NtUninstallKB920342$\p2pgraph.dll
+ 2004-08-19 13:42:22 88,064 -c----w C:\WINDOWS\$NtUninstallKB920342$\p2pnetsh.dll
+ 2004-08-19 13:42:22 526,848 -c----w C:\WINDOWS\$NtUninstallKB920342$\p2psvc.dll
+ 2004-08-19 13:42:22 48,640 -c----w C:\WINDOWS\$NtUninstallKB920342$\pnrpnsp.dll
+ 2005-10-12 23:13:27 215,776 -c----w C:\WINDOWS\$NtUninstallKB920342$\spuninst\spuninst .exe
+ 2005-10-12 23:14:16 389,856 -c----w C:\WINDOWS\$NtUninstallKB920342$\spuninst\updspapi .dll
+ 2004-08-03 20:58:22 72,960 -c----w C:\WINDOWS\$NtUninstallKB937894$\mqac.sys
+ 2004-08-19 13:42:16 138,240 -c----w C:\WINDOWS\$NtUninstallKB937894$\mqad.dll
+ 2004-08-19 13:42:16 47,104 -c----w C:\WINDOWS\$NtUninstallKB937894$\mqdscli.dll
+ 2004-08-19 13:42:16 16,896 -c----w C:\WINDOWS\$NtUninstallKB937894$\mqise.dll
+ 2004-08-19 13:42:16 660,992 -c----w C:\WINDOWS\$NtUninstallKB937894$\mqqm.dll
+ 2004-08-19 13:42:16 177,152 -c----w C:\WINDOWS\$NtUninstallKB937894$\mqrt.dll
+ 2004-08-19 13:42:16 95,744 -c----w C:\WINDOWS\$NtUninstallKB937894$\mqsec.dll
+ 2004-08-19 13:42:16 48,640 -c----w C:\WINDOWS\$NtUninstallKB937894$\mqupgrd.dll
+ 2004-08-19 13:42:16 521,216 -c----w C:\WINDOWS\$NtUninstallKB937894$\mqutil.dll
+ 2005-10-12 23:13:27 215,776 -c----w C:\WINDOWS\$NtUninstallKB937894$\spuninst\spuninst .exe
+ 2005-10-12 23:14:16 389,856 -c----w C:\WINDOWS\$NtUninstallKB937894$\spuninst\updspapi .dll
- 2007-06-14 18:09:35 1,023,488 -c----w C:\WINDOWS\$NtUninstallKB939653$\browseui.dll
+ 2007-08-22 13:13:12 1,022,976 -c----w C:\WINDOWS\$NtUninstallKB939653$\browseui.dll
- 2007-06-14 18:09:35 151,552 -c----w C:\WINDOWS\$NtUninstallKB939653$\cdfview.dll
+ 2007-08-22 13:13:13 151,552 -c----w C:\WINDOWS\$NtUninstallKB939653$\cdfview.dll
- 2007-06-14 18:09:37 1,056,256 -c----w C:\WINDOWS\$NtUninstallKB939653$\danim.dll
+ 2007-08-22 13:13:13 1,056,256 -c----w C:\WINDOWS\$NtUninstallKB939653$\danim.dll
- 2007-06-14 18:09:37 357,888 -c----w C:\WINDOWS\$NtUninstallKB939653$\dxtmsft.dll
+ 2007-08-22 13:13:13 357,888 -c----w C:\WINDOWS\$NtUninstallKB939653$\dxtmsft.dll
- 2007-06-14 18:09:37 205,312 -c----w C:\WINDOWS\$NtUninstallKB939653$\dxtrans.dll
+ 2007-08-22 13:13:13 205,312 -c----w C:\WINDOWS\$NtUninstallKB939653$\dxtrans.dll
- 2007-06-14 18:09:37 55,808 -c----w C:\WINDOWS\$NtUninstallKB939653$\extmgr.dll
+ 2007-08-22 13:13:13 55,808 -c----w C:\WINDOWS\$NtUninstallKB939653$\extmgr.dll
- 2007-06-14 14:07:24 18,432 -c----w C:\WINDOWS\$NtUninstallKB939653$\iedw.exe
+ 2007-08-21 10:30:45 18,432 -c----w C:\WINDOWS\$NtUninstallKB939653$\iedw.exe
- 2007-06-14 18:09:37 251,392 -c----w C:\WINDOWS\$NtUninstallKB939653$\iepeers.dll
+ 2007-08-22 13:13:13 251,392 -c----w C:\WINDOWS\$NtUninstallKB939653$\iepeers.dll
- 2007-06-14 18:09:37 96,768 -c----w C:\WINDOWS\$NtUninstallKB939653$\inseng.dll
+ 2007-08-22 13:13:13 96,768 -c----w C:\WINDOWS\$NtUninstallKB939653$\inseng.dll
- 2007-06-14 18:09:37 16,384 -c----w C:\WINDOWS\$NtUninstallKB939653$\jsproxy.dll
+ 2007-08-22 13:13:13 16,384 -c----w C:\WINDOWS\$NtUninstallKB939653$\jsproxy.dll
- 2007-06-14 18:09:40 3,079,680 -c----w C:\WINDOWS\$NtUninstallKB939653$\mshtml.dll
+ 2007-08-22 13:13:14 3,079,168 -c----w C:\WINDOWS\$NtUninstallKB939653$\mshtml.dll
- 2007-06-14 18:09:39 449,024 -c----w C:\WINDOWS\$NtUninstallKB939653$\mshtmled.dll
+ 2007-08-22 13:13:14 449,024 -c----w C:\WINDOWS\$NtUninstallKB939653$\mshtmled.dll
- 2007-06-14 18:09:39 146,432 -c----w C:\WINDOWS\$NtUninstallKB939653$\msrating.dll
+ 2007-08-22 13:13:14 146,432 -c----w C:\WINDOWS\$NtUninstallKB939653$\msrating.dll
- 2007-06-14 18:09:39 532,480 -c----w C:\WINDOWS\$NtUninstallKB939653$\mstime.dll
+ 2007-08-22 13:13:14 532,480 -c----w C:\WINDOWS\$NtUninstallKB939653$\mstime.dll
- 2007-06-14 18:09:39 39,424 -c----w C:\WINDOWS\$NtUninstallKB939653$\pngfilt.dll
+ 2007-08-22 13:13:14 39,424 -c----w C:\WINDOWS\$NtUninstallKB939653$\pngfilt.dll
- 2007-06-14 18:09:41 1,495,040 -c----w C:\WINDOWS\$NtUninstallKB939653$\shdocvw.dll
+ 2007-08-22 13:13:15 1,495,040 -c----w C:\WINDOWS\$NtUninstallKB939653$\shdocvw.dll
- 2007-06-14 18:09:41 474,624 -c----w C:\WINDOWS\$NtUninstallKB939653$\shlwapi.dll
+ 2007-08-22 13:13:15 474,624 -c----w C:\WINDOWS\$NtUninstallKB939653$\shlwapi.dll
- 2007-06-14 18:09:42 616,448 -c----w C:\WINDOWS\$NtUninstallKB939653$\urlmon.dll
+ 2007-08-22 13:13:15 616,448 -c----w C:\WINDOWS\$NtUninstallKB939653$\urlmon.dll
- 2007-06-26 14:09:39 661,504 -c----w C:\WINDOWS\$NtUninstallKB939653$\wininet.dll
+ 2007-08-22 13:13:15 661,504 -c----w C:\WINDOWS\$NtUninstallKB939653$\wininet.dll
- 2007-06-14 14:24:32 121,856 -c----w C:\WINDOWS\$NtUninstallKB939653$\xpsp3res.dll
+ 2007-08-21 10:53:22 121,856 -c----w C:\WINDOWS\$NtUninstallKB939653$\xpsp3res.dll
+ 2007-06-14 18:09:35 1,023,488 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\browseui.dll
+ 2007-06-14 18:09:35 151,552 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\cdfview.dll
+ 2007-06-14 18:09:37 1,056,256 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\danim.dll
+ 2007-06-14 18:09:37 357,888 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\dxtmsft.dll
+ 2007-06-14 18:09:37 205,312 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\dxtrans.dll
+ 2007-06-14 18:09:37 55,808 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\extmgr.dll
+ 2007-06-14 14:07:24 18,432 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\iedw.exe
+ 2007-06-14 18:09:37 251,392 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\iepeers.dll
+ 2007-06-14 18:09:37 96,768 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\inseng.dll
+ 2007-06-14 18:09:37 16,384 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\jsproxy.dll
+ 2007-06-14 18:09:40 3,079,680 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\mshtml.dll
+ 2007-06-14 18:09:39 449,024 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\mshtmled.dll
+ 2007-06-14 18:09:39 146,432 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\msrating.dll
+ 2007-06-14 18:09:39 532,480 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\mstime.dll
+ 2007-06-14 18:09:39 39,424 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\pngfilt.dll
+ 2007-06-14 18:09:41 1,495,040 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\shdocvw.dll
+ 2007-06-14 18:09:41 474,624 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\shlwapi.dll
+ 2007-03-06 01:27:50 215,776 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\spuninst\spunin st.exe
+ 2007-03-06 01:29:00 389,856 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\spuninst\updspa pi.dll
+ 2007-06-14 18:09:42 616,448 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\urlmon.dll
+ 2007-06-26 14:09:39 661,504 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\wininet.dll
+ 2007-06-14 14:24:32 121,856 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\xpsp3res.dll
+ 2005-08-30 03:55:42 1,293,312 -c----w C:\WINDOWS\$NtUninstallKB941568$\quartz.dll
+ 2007-03-06 01:27:50 215,776 -c----w C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst .exe
+ 2007-03-06 01:29:00 389,856 -c----w C:\WINDOWS\$NtUninstallKB941568$\spuninst\updspapi .dll
+ 2005-06-28 09:23:34 215,776 -c----w C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst .exe
+ 2005-06-28 09:23:54 371,424 -c----w C:\WINDOWS\$NtUninstallKB941569$\spuninst\updspapi .dll
+ 2006-10-18 20:47:18 222,208 -c----w C:\WINDOWS\$NtUninstallKB941569$\wmasf.dll
+ 2007-03-06 01:27:50 215,776 -c----w C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst .exe
+ 2007-03-06 01:29:00 389,856 -c----w C:\WINDOWS\$NtUninstallKB942763$\spuninst\updspapi .dll
+ 2007-07-18 12:42:22 60,416 -c----w C:\WINDOWS\$NtUninstallKB942763$\tzchange.exe
+ 2004-07-17 09:36:38 27,440 -c----w C:\WINDOWS\$NtUninstallKB944653$\secdrv.sys
+ 2007-03-06 01:27:50 215,776 -c----w C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst .exe
+ 2007-03-06 01:29:00 389,856 -c----w C:\WINDOWS\$NtUninstallKB944653$\spuninst\updspapi .dll
+ 2000-08-31 07:00:00 163,328 ----a-w C:\WINDOWS\erdnt\Hiv-backup\ERDNT.EXE
+ 2008-01-18 23:56:58 1,335,296 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000001\NTUSER.DAT
+ 2008-01-18 23:56:58 1,114,112 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000002\UsrClass.dat
+ 2008-01-18 23:56:58 1,339,392 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000003\NTUSER.DAT
+ 2008-01-18 23:56:58 1,114,112 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000004\UsrClass.dat
+ 2008-01-18 23:56:59 10,911,744 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000005\ntuser.dat
+ 2008-01-18 23:56:59 1,142,784 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000006\UsrClass.dat
+ 2000-08-31 07:00:00 163,328 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE
+ 2004-08-19 13:41:42 61,440 -c----w C:\WINDOWS\ie7\admparse.dll
+ 2004-08-19 13:41:42 101,376 -c----w C:\WINDOWS\ie7\advpack.dll
+ 2004-08-19 13:41:56 35,328 -c----w C:\WINDOWS\ie7\corpol.dll
+ 2006-06-02 19:32:20 33,792 -c----w C:\WINDOWS\ie7\custsat.dll
+ 2007-08-22 12:57:23 357,888 -c----w C:\WINDOWS\ie7\dxtmsft.dll
+ 2007-08-22 12:57:23 357,888 -c----w C:\WINDOWS\ie7\dxtmsft.dll.000
+ 2007-08-22 12:57:23 205,824 -c----w C:\WINDOWS\ie7\dxtrans.dll
+ 2007-08-22 12:57:23 205,824 -c----w C:\WINDOWS\ie7\dxtrans.dll.000
+ 2007-08-22 12:57:23 55,808 -c----w C:\WINDOWS\ie7\extmgr.dll
+ 2004-08-19 13:42:10 38,912 -c----w C:\WINDOWS\ie7\hmmapi.dll
+ 2004-08-19 13:42:50 34,304 -c----w C:\WINDOWS\ie7\ie4uinit.exe
+ 2004-08-19 13:42:10 139,264 -c----w C:\WINDOWS\ie7\ieakeng.dll
+ 2004-08-19 13:42:10 221,184 -c----w C:\WINDOWS\ie7\ieaksie.dll
+ 2002-09-10 12:00:00 241,664 -c----w C:\WINDOWS\ie7\ieakui.dll
+ 2004-08-19 13:42:10 323,584 -c----w C:\WINDOWS\ie7\iedkcs32.dll
+ 2007-08-21 10:19:39 18,432 -c----w C:\WINDOWS\ie7\iedw.exe
+ 2004-08-19 13:42:10 81,920 -c----w C:\WINDOWS\ie7\ieencode.dll
+ 2007-08-22 12:57:23 251,904 -c----w C:\WINDOWS\ie7\iepeers.dll
+ 2007-08-22 12:57:23 251,904 -c----w C:\WINDOWS\ie7\iepeers.dll.000
+ 2004-08-19 13:42:10 49,152 -c----w C:\WINDOWS\ie7\iernonce.dll
+ 2004-08-19 13:42:10 63,488 -c----w C:\WINDOWS\ie7\iesetup.dll
+ 2004-08-19 13:42:50 93,184 -c----w C:\WINDOWS\ie7\iexplore.exe
+ 2004-08-19 13:42:10 35,840 -c----w C:\WINDOWS\ie7\imgutil.dll
+ 2007-08-22 12:57:23 96,768 -c----w C:\WINDOWS\ie7\inseng.dll
+ 2006-05-18 05:31:25 450,560 -c----w C:\WINDOWS\ie7\jscript.dll
+ 2007-08-22 12:57:23 16,384 -c----w C:\WINDOWS\ie7\jsproxy.dll
+ 2004-08-19 13:42:14 22,528 -c----w C:\WINDOWS\ie7\licmgr10.dll
+ 2004-08-19 13:42:58 29,184 -c----w C:\WINDOWS\ie7\mshta.exe
+ 2007-08-22 12:57:25 3,085,824 -c----w C:\WINDOWS\ie7\mshtml.dll
+ 2007-08-22 12:57:25 3,085,824 -c----w C:\WINDOWS\ie7\mshtml.dll.000
+ 2007-08-22 12:57:25 449,024 -c----w C:\WINDOWS\ie7\mshtmled.dll
+ 2007-08-22 12:57:25 449,024 -c----w C:\WINDOWS\ie7\mshtmled.dll.000
+ 2004-08-19 13:39:30 57,344 -c----w C:\WINDOWS\ie7\mshtmler.dll
+ 2002-09-10 12:00:00 146,432 -c----w C:\WINDOWS\ie7\msls31.dll
+ 2007-08-22 12:57:25 146,432 -c----w C:\WINDOWS\ie7\msrating.dll
+ 2007-08-22 12:57:26 532,480 -c----w C:\WINDOWS\ie7\mstime.dll
+ 2004-08-19 13:42:22 97,280 -c----w C:\WINDOWS\ie7\occache.dll
+ 2007-08-22 12:57:26 39,424 -c----w C:\WINDOWS\ie7\pngfilt.dll
+ 2007-09-26 17:25:10 33,472 -c----w C:\WINDOWS\ie7\spuninst\iecustom.dll
+ 2007-09-26 17:18:52 66,048 -c--a-w C:\WINDOWS\ie7\spuninst\ieResetIcons.exe
+ 2006-09-06 16:43:22 215,776 -c----w C:\WINDOWS\ie7\spuninst\spuninst.exe
+ 2006-09-06 16:43:24 389,856 -c----w C:\WINDOWS\ie7\spuninst\updspapi.dll
+ 2004-08-19 13:42:28 37,888 -c----w C:\WINDOWS\ie7\url.dll
+ 2007-08-22 12:57:28 619,008 -c----w C:\WINDOWS\ie7\urlmon.dll
+ 2007-08-22 12:57:28 619,008 -c----w C:\WINDOWS\ie7\urlmon.dll.000
+ 2004-08-19 13:42:28 417,792 -c----w C:\WINDOWS\ie7\vbscript.dll
+ 2007-06-26 13:56:57 851,968 -c----w C:\WINDOWS\ie7\vgx.dll
+ 2004-08-19 13:42:30 280,576 -c----w C:\WINDOWS\ie7\webcheck.dll
+ 2007-08-22 12:57:28 668,160 -c----w C:\WINDOWS\ie7\wininet.dll
+ 2007-08-22 12:57:28 668,160 -c----w C:\WINDOWS\ie7\wininet.dll.000
+ 2007-03-06 01:27:50 215,776 -c----w C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:29:00 389,856 -c----w C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\updspapi.dll
+ 2007-08-13 17:54:10 765,952 -c----w C:\WINDOWS\ie7updates\KB938127-IE7\vgx.dll
+ 2007-08-13 17:39:00 123,904 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\advpack.dll
+ 2007-08-13 17:35:38 214,528 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\dxtrans.dll
+ 2007-08-13 17:35:38 214,528 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\dxtrans.dll.000
+ 2007-08-13 17:54:10 131,584 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\extmgr.dll
+ 2007-08-13 17:36:26 61,952 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\icardie.dll
+ 2007-08-13 17:39:06 54,784 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\ie4uinit.exe
+ 2007-08-13 17:39:26 152,064 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\ieakeng.dll
+ 2007-08-13 17:39:54 229,376 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\ieaksie.dll
+ 2007-08-13 16:56:54 161,792 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\ieakui.dll
+ 2007-02-12 1512 2,451,312 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\ieapfltr.dat
+ 2007-07-11 11:27:48 383,488 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\ieapfltr.dll
+ 2007-08-13 17:39:50 382,976 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\iedkcs32.dll
+ 2007-08-13 17:54:10 6,049,280 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\ieframe.dll
+ 2007-08-13 17:39:10 43,008 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\iernonce.dll
+ 2007-08-13 17:34:04 266,752 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\iertutil.dll
+ 2007-08-13 17:39:10 13,312 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\ieudinit.exe
+ 2007-08-13 17:43:56 622,080 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\iexplore.exe
+ 2007-08-13 17:54:10 27,136 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\jsproxy.dll
+ 2007-08-13 17:54:10 458,752 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\msfeeds.dll
+ 2007-08-13 17:54:10 50,688 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\msfeedsbs.dll
+ 2007-08-13 17:54:12 3,578,368 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\mshtml.dll
+ 2007-08-13 17:54:12 3,578,368 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\mshtml.dll.000
+ 2007-08-13 17:54:10 475,648 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\mshtmled.dll
+ 2007-08-13 17:54:10 475,648 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\mshtmled.dll.000
+ 2007-08-13 17:44:26 192,000 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\msrating.dll
+ 2007-08-13 17:54:10 670,720 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\mstime.dll
+ 2007-08-13 17:44:06 101,376 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\occache.dll
+ 2007-03-06 01:27:50 215,776 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:29:00 389,856 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\updspapi.dll
+ 2007-08-13 17:44:30 105,984 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\url.dll
+ 2007-08-13 17:54:10 1,162,240 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\urlmon.dll
+ 2007-08-13 17:54:10 1,162,240 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\urlmon.dll.000
+ 2007-08-13 17:54:10 231,424 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\webcheck.dll
+ 2007-08-13 17:54:10 818,688 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\wininet.dll
+ 2007-08-13 17:54:10 818,688 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\wininet.dll.000
+ 2007-08-20 09:59:12 124,928 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\advpack.dll
+ 2007-08-20 09:59:13 214,528 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\dxtrans.dll
+ 2007-08-20 09:59:13 132,608 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\extmgr.dll
+ 2007-08-20 09:59:13 63,488 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\icardie.dll
+ 2007-08-17 10:20:55 63,488 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ie4uinit.exe
+ 2007-08-20 09:59:13 153,088 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieakeng.dll
+ 2007-08-20 09:59:13 230,400 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieaksie.dll
+ 2007-08-17 07:34:25 161,792 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieakui.dll
+ 2007-08-20 09:59:13 383,488 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieapfltr.dll
+ 2007-08-20 09:59:13 384,512 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iedkcs32.dll
+ 2007-08-20 09:59:14 6,058,496 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieframe.dll
+ 2007-08-20 09:59:14 44,544 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iernonce.dll
+ 2007-08-20 09:59:14 267,776 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iertutil.dll
+ 2007-08-17 10:20:54 13,824 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieudinit.exe
+ 2007-08-17 10:21:21 625,152 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iexplore.exe
+ 2007-08-20 09:59:14 27,648 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\jsproxy.dll
+ 2007-08-20 09:59:15 459,264 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msfeeds.dll
+ 2007-08-20 09:59:15 52,224 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msfeedsbs.dll
+ 2007-08-20 14:29:16 3,584,512 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mshtml.dll
+ 2007-08-20 09:59:15 477,696 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mshtmled.dll
+ 2007-08-20 09:59:15 193,024 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msrating.dll
+ 2007-08-20 09:59:16 671,232 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mstime.dll
+ 2007-08-20 09:59:16 102,400 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\occache.dll
+ 2007-03-06 01:27:50 215,776 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:29:00 389,856 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\updspapi.dll
+ 2007-08-20 09:59:16 105,984 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\url.dll
+ 2007-08-20 09:59:16 1,152,000 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\urlmon.dll
+ 2007-08-20 09:59:16 232,960 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\webcheck.dll
+ 2007-08-20 09:59:16 824,832 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\wininet.dll
+ 2006-06-02 19:32:20 33,792 ------w C:\WINDOWS\network diagnostic\custsat.dll
+ 2006-10-10 12:44:50 557,568 ------w C:\WINDOWS\network diagnostic\xpnetdiag.exe
- 2007-06-16 23:11:58 51,200 ----a-w C:\WINDOWS\NirCmd.exe
+ 2000-08-31 07:00:00 51,200 ----a-w C:\WINDOWS\NirCmd.exe
- 2004-08-19 13:41:42 61,440 ----a-w C:\WINDOWS\system32\admparse.dll
+ 2007-08-13 17:39:20 71,680 ----a-w C:\WINDOWS\system32\admparse.dll
- 2004-08-19 13:41:42 101,376 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2007-10-10 23:50:10 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
- 2007-08-22 13:13:12 1,022,976 ----a-w C:\WINDOWS\system32\browseui.dll
+ 2007-08-22 12:57:22 1,022,976 ----a-w C:\WINDOWS\system32\browseui.dll
- 2007-08-22 13:13:13 151,552 ----a-w C:\WINDOWS\system32\cdfview.dll
+ 2007-08-22 12:57:22 151,552 ----a-w C:\WINDOWS\system32\cdfview.dll
- 2007-08-22 13:13:13 1,056,256 ----a-w C:\WINDOWS\system32\danim.dll
+ 2007-08-22 12:57:22 1,056,256 ----a-w C:\WINDOWS\system32\danim.dll
- 2004-08-19 13:41:42 61,440 -c--a-w C:\WINDOWS\system32\dllcache\admparse.dll
+ 2007-08-13 17:39:20 71,680 -c--a-w C:\WINDOWS\system32\dllcache\admparse.dll
- 2004-08-19 13:41:42 101,376 -c--a-w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2007-10-10 23:50:10 124,928 -c----w C:\WINDOWS\system32\dllcache\advpack.dll
- 2007-08-22 13:13:12 1,022,976 -c--a-w C:\WINDOWS\system32\dllcache\browseui.dll
+ 2007-08-22 12:57:22 1,022,976 -c--a-w C:\WINDOWS\system32\dllcache\browseui.dll
- 2007-08-22 13:13:13 151,552 -c--a-w C:\WINDOWS\system32\dllcache\cdfview.dll
+ 2007-08-22 12:57:22 151,552 -c--a-w C:\WINDOWS\system32\dllcache\cdfview.dll
- 2004-12-21 10:14:24 28,672 -c--a-w C:\WINDOWS\system32\dllcache\custsat.dll
+ 2007-08-13 17:54:10 33,792 -c--a-w C:\WINDOWS\system32\dllcache\custsat.dll
- 2007-08-22 13:13:13 1,056,256 -c--a-w C:\WINDOWS\system32\dllcache\danim.dll
+ 2007-08-22 12:57:22 1,056,256 -c--a-w C:\WINDOWS\system32\dllcache\danim.dll
- 2007-08-22 13:13:13 357,888 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
+ 2007-08-13 17:35:46 346,624 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
- 2007-08-22 13:13:13 205,312 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2007-10-10 23:50:10 214,528 -c----w C:\WINDOWS\system32\dllcache\dxtrans.dll
- 2007-08-22 13:13:13 55,808 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2007-10-10 23:50:10 132,608 -c----w C:\WINDOWS\system32\dllcache\extmgr.dll
- 2004-08-19 13:42:10 38,912 -c--a-w C:\WINDOWS\system32\dllcache\hmmapi.dll
+ 2007-08-13 17:18:02 60,416 -c--a-w C:\WINDOWS\system32\dllcache\hmmapi.dll
+ 2007-10-10 23:50:10 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
- 2004-08-19 13:42:50 34,304 -c--a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
+ 2007-10-10 11:00:07 70,656 -c----w C:\WINDOWS\system32\dllcache\ie4uinit.exe
- 2004-08-19 13:42:10 139,264 -c--a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
+ 2007-10-10 23:50:10 153,088 -c----w C:\WINDOWS\system32\dllcache\ieakeng.dll
- 2004-08-19 13:42:10 221,184 -c--a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
+ 2007-10-10 23:50:10 230,400 -c----w C:\WINDOWS\system32\dllcache\ieaksie.dll
- 2002-09-10 12:00:00 241,664 -c--a-w C:\WINDOWS\system32\dllcache\ieakui.dll
+ 2007-10-10 05:46:55 161,792 -c----w C:\WINDOWS\system32\dllcache\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dat
+ 2007-10-10 23:50:10 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
- 2004-08-19 13:42:10 323,584 -c--a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
+ 2007-10-10 23:50:10 384,512 -c----w C:\WINDOWS\system32\dllcache\iedkcs32.dll
- 2007-08-21 10:30:45 18,432 -c--a-w C:\WINDOWS\system32\dllcache\iedw.exe
+ 2007-08-13 17:44:02 69,120 -c--a-w C:\WINDOWS\system32\dllcache\iedw.exe
- 2004-08-19 13:42:10 81,920 -c--a-w C:\WINDOWS\system32\dllcache\ieencode.dll
+ 2007-08-13 17:45:18 78,336 -c--a-w C:\WINDOWS\system32\dllcache\ieencode.dll
+ 2007-10-10 23:50:11 6,065,664 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
- 2007-08-22 13:13:13 251,392 -c--a-w C:\WINDOWS\system32\dllcache\iepeers.dll
+ 2007-08-13 17:54:10 191,488 -c--a-w C:\WINDOWS\system32\dllcache\iepeers.dll
- 2004-08-19 13:42:10 49,152 -c--a-w C:\WINDOWS\system32\dllcache\iernonce.dll
+ 2007-10-10 23:50:11 44,544 -c----w C:\WINDOWS\system32\dllcache\iernonce.dll
+ 2007-10-10 23:50:11 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
- 2004-08-19 13:42:10 63,488 -c--a-w C:\WINDOWS\system32\dllcache\iesetup.dll
+ 2007-08-13 17:39:12 55,296 -c--a-w C:\WINDOWS\system32\dllcache\iesetup.dll
+ 2007-10-10 10:59:40 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
- 2004-08-19 13:42:50 93,184 -c--a-w C:\WINDOWS\system32\dllcache\iexplore.exe
+ 2007-10-10 11:00:20 625,152 -c----w C:\WINDOWS\system32\dllcache\iexplore.exe
- 2004-08-19 13:42:10 35,840 -c--a-w C:\WINDOWS\system32\dllcache\imgutil.dll
+ 2007-08-13 17:36:06 36,352 -c--a-w C:\WINDOWS\system32\dllcache\imgutil.dll
- 2007-08-22 13:13:13 96,768 -c--a-w C:\WINDOWS\system32\dllcache\inseng.dll
+ 2007-08-13 17:39:02 92,672 -c--a-w C:\WINDOWS\system32\dllcache\inseng.dll
- 2006-05-18 05:31:25 450,560 -c--a-w C:\WINDOWS\system32\dllcache\jscript.dll
+ 2007-08-13 17:38:04 491,520 -c--a-w C:\WINDOWS\system32\dllcache\jscript.dll
- 2007-08-22 13:13:13 16,384 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2007-10-10 23:50:11 27,648 -c----w C:\WINDOWS\system32\dllcache\jsproxy.dll
- 2004-08-19 13:42:14 22,528 -c--a-w C:\WINDOWS\system32\dllcache\licmgr10.dll
+ 2007-08-13 17:44:18 40,960 -c--a-w C:\WINDOWS\system32\dllcache\licmgr10.dll
- 2006-08-17 12:29:42 726,528 -c--a-w C:\WINDOWS\system32\dllcache\lsasrv.dll
+ 2007-11-07 09:28:35 726,528 -c--a-w C:\WINDOWS\system32\dllcache\lsasrv.dll
- 2004-08-03 20:58:22 72,960 -c--a-w C:\WINDOWS\system32\dllcache\mqac.sys
+ 2007-07-06 10:05:47 72,960 -c--a-w C:\WINDOWS\system32\dllcache\mqac.sys
- 2004-08-19 13:42:16 138,240 -c--a-w C:\WINDOWS\system32\dllcache\mqad.dll
+ 2007-07-06 12:50:55 138,240 -c--a-w C:\WINDOWS\system32\dllcache\mqad.dll
- 2004-08-19 13:42:16 47,104 -c--a-w C:\WINDOWS\system32\dllcache\mqdscli.dll
+ 2007-07-06 12:50:55 47,104 -c--a-w C:\WINDOWS\system32\dllcache\mqdscli.dll
- 2004-08-19 13:42:16 16,896 -c--a-w C:\WINDOWS\system32\dllcache\mqise.dll
+ 2007-07-06 12:50:55 16,896 -c--a-w C:\WINDOWS\system32\dllcache\mqise.dll
- 2004-08-19 13:42:16 660,992 -c--a-w C:\WINDOWS\system32\dllcache\mqqm.dll
+ 2007-07-06 12:50:55 660,992 -c--a-w C:\WINDOWS\system32\dllcache\mqqm.dll
- 2004-08-19 13:42:16 177,152 -c--a-w C:\WINDOWS\system32\dllcache\mqrt.dll
+ 2007-07-06 12:50:55 177,152 -c--a-w C:\WINDOWS\system32\dllcache\mqrt.dll
- 2004-08-19 13:42:16 95,744 -c--a-w C:\WINDOWS\system32\dllcache\mqsec.dll
+ 2007-07-06 12:50:55 95,744 -c--a-w C:\WINDOWS\system32\dllcache\mqsec.dll
- 2004-08-19 13:42:16 48,640 -c--a-w C:\WINDOWS\system32\dllcache\mqupgrd.dll
+ 2007-07-06 12:50:55 48,640 -c--a-w C:\WINDOWS\system32\dllcache\mqupgrd.dll
- 2004-08-19 13:42:16 521,216 -c--a-w C:\WINDOWS\system32\dllcache\mqutil.dll
+ 2007-07-06 12:50:55 521,216 -c--a-w C:\WINDOWS\system32\dllcache\mqutil.dll
+ 2007-10-10 23:50:11 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
+ 2007-10-10 23:50:11 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
- 2004-08-19 13:42:58 29,184 -c--a-w C:\WINDOWS\system32\dllcache\mshta.exe
+ 2007-08-13 17:32:30 45,568 -c--a-w C:\WINDOWS\system32\dllcache\mshta.exe
- 2007-08-22 13:13:14 3,079,168 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2007-10-30 23:23:09 3,590,656 -c----w C:\WINDOWS\system32\dllcache\mshtml.dll
- 2007-08-22 13:13:14 449,024 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2007-10-10 23:50:12 478,208 -c----w C:\WINDOWS\system32\dllcache\mshtmled.dll
- 2004-08-19 13:39:30 57,344 -c--a-w C:\WINDOWS\system32\dllcache\mshtmler.dll
+ 2007-08-13 17:01:12 48,128 -c--a-w C:\WINDOWS\system32\dllcache\mshtmler.dll
- 2002-09-10 12:00:00 146,432 -c--a-w C:\WINDOWS\system32\dllcache\msls31.dll
+ 2007-08-13 17:54:10 156,160 -c--a-w C:\WINDOWS\system32\dllcache\msls31.dll
- 2007-08-22 13:13:14 146,432 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2007-10-10 23:50:12 193,024 -c----w C:\WINDOWS\system32\dllcache\msrating.dll
- 2007-08-22 13:13:14 532,480 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2007-10-10 23:50:12 671,232 -c----w C:\WINDOWS\system32\dllcache\mstime.dll
- 2004-08-19 13:42:22 97,280 -c--a-w C:\WINDOWS\system32\dllcache\occache.dll
+ 2007-10-10 23:50:12 102,400 -c----w C:\WINDOWS\system32\dllcache\occache.dll
- 2004-08-19 13:42:22 116,224 -c--a-w C:\WINDOWS\system32\dllcache\p2p.dll
+ 2006-10-11 16:26:18 153,088 -c--a-w C:\WINDOWS\system32\dllcache\p2p.dll
- 2004-08-19 13:42:22 86,016 -c--a-w C:\WINDOWS\system32\dllcache\p2pgasvc.dll
+ 2006-10-11 16:26:18 104,960 -c--a-w C:\WINDOWS\system32\dllcache\p2pgasvc.dll
- 2004-08-19 13:42:22 312,320 -c--a-w C:\WINDOWS\system32\dllcache\p2pgraph.dll
+ 2006-10-11 16:26:18 313,344 -c--a-w C:\WINDOWS\system32\dllcache\p2pgraph.dll
- 2004-08-19 13:42:22 88,064 -c--a-w C:\WINDOWS\system32\dllcache\p2pnetsh.dll
+ 2006-10-11 16:26:18 116,224 -c--a-w C:\WINDOWS\system32\dllcache\p2pnetsh.dll
- 2004-08-19 13:42:22 526,848 -c--a-w C:\WINDOWS\system32\dllcache\p2psvc.dll
+ 2006-10-11 16:26:18 553,984 -c--a-w C:\WINDOWS\system32\dllcache\p2psvc.dll
- 2007-08-22 13:13:14 39,424 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2007-08-13 17:36:12 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
- 2004-08-19 13:42:22 48,640 -c--a-w C:\WINDOWS\system32\dllcache\pnrpnsp.dll
+ 2006-10-11 16:26:18 58,880 -c--a-w C:\WINDOWS\system32\dllcache\pnrpnsp.dll
- 2005-08-30 03:55:42 1,293,312 -c--a-w C:\WINDOWS\system32\dllcache\quartz.dll
+ 2007-10-29 22:43:41 1,293,824 -c--a-w C:\WINDOWS\system32\dllcache\quartz.dll
- 2007-08-22 13:13:15 1,495,040 -c--a-w C:\WINDOWS\system32\dllcache\shdocvw.dll
+ 2007-08-22 12:57:27 1,498,624 -c--a-w C:\WINDOWS\system32\dllcache\shdocvw.dll
- 2006-12-19 21:49:47 8,495,616 -c--a-w C:\WINDOWS\system32\dllcache\shell32.dll
+ 2007-10-25 16:43:27 8,502,272 -c--a-w C:\WINDOWS\system32\dllcache\shell32.dll
- 2007-08-22 13:13:15 474,624 -c--a-w C:\WINDOWS\system32\dllcache\shlwapi.dll
+ 2007-08-22 12:57:27 474,624 -c--a-w C:\WINDOWS\system32\dllcache\shlwapi.dll
- 2006-04-20 11:51:50 359,808 -c--a-w C:\WINDOWS\system32\dllcache\tcpip.sys
+ 2007-10-30 17:20:55 360,064 -c--a-w C:\WINDOWS\system32\dllcache\tcpip.sys
- 2004-08-19 13:42:28 37,888 -c--a-w C:\WINDOWS\system32\dllcache\url.dll
+ 2007-10-10 23:50:12 105,984 -c----w C:\WINDOWS\system32\dllcache\url.dll
- 2007-08-22 13:13:15 616,448 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2007-10-10 23:50:12 1,159,680 -c----w C:\WINDOWS\system32\dllcache\urlmon.dll
- 2004-08-19 13:42:28 417,792 -c--a-w C:\WINDOWS\system32\dllcache\vbscript.dll
+ 2007-08-13 17:54:10 413,696 -c--a-w C:\WINDOWS\system32\dllcache\vbscript.dll
- 2007-06-26 13:56:57 851,968 -c--a-w C:\WINDOWS\system32\dllcache\vgx.dll
+ 2007-07-12 23:30:38 765,952 -c--a-w C:\WINDOWS\system32\dllcache\vgx.dll
- 2004-08-19 13:42:30 49,152 -c--a-w C:\WINDOWS\system32\dllcache\wdigest.dll
+ 2006-03-24 04:37:56 49,152 -c--a-w C:\WINDOWS\system32\dllcache\wdigest.dll
- 2004-08-19 13:42:30 280,576 -c--a-w C:\WINDOWS\system32\dllcache\webcheck.dll
+ 2007-10-10 23:50:12 232,960 -c----w C:\WINDOWS\system32\dllcache\webcheck.dll
- 2007-08-22 13:13:15 661,504 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2007-10-10 23:50:13 824,832 -c----w C:\WINDOWS\system32\dllcache\wininet.dll
- 2006-10-18 20:47:18 222,208 -c--a-w C:\WINDOWS\system32\dllcache\WMASF.dll
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiMeneame
Responder Con Cita
  post #4 (permalink)  
Antiguo 18/01/08, 19:32:16
Avatar de drjuanse
Usuario
  
Registrado: oct 2006
Ubicación: Paraguay
Mensajes: 26
Re: Redireccionamiento y bloqueo de dominio
+ 2007-10-25 08:28:30 222,720 -c--a-w C:\WINDOWS\system32\dllcache\wmasf.dll
- 2004-08-03 20:58:22 72,960 ----a-w C:\WINDOWS\system32\drivers\mqac.sys
+ 2007-07-06 10:05:47 72,960 ----a-w C:\WINDOWS\system32\drivers\mqac.sys
- 2004-07-17 09:36:38 27,440 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
+ 2007-11-13 10:25:53 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
- 2006-04-20 11:51:50 359,808 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
+ 2007-10-30 17:20:55 360,064 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
- 2007-08-22 13:13:13 357,888 ----a-w C:\WINDOWS\system32\dxtmsft.dll
+ 2007-08-13 17:35:46 346,624 ----a-w C:\WINDOWS\system32\dxtmsft.dll
- 2007-08-22 13:13:13 205,312 ----a-w C:\WINDOWS\system32\dxtrans.dll
+ 2007-10-10 23:50:10 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
- 2007-08-22 13:13:13 55,808 ----a-w C:\WINDOWS\system32\extmgr.dll
+ 2007-10-10 23:50:10 132,608 ------w C:\WINDOWS\system32\extmgr.dll
+ 2007-10-10 23:50:10 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
+ 2006-06-29 07:05:44 26,112 ------w C:\WINDOWS\system32\idndl.dll
- 2004-08-19 13:42:50 34,304 ----a-w C:\WINDOWS\system32\ie4uinit.exe
+ 2007-10-10 11:00:07 70,656 ------w C:\WINDOWS\system32\ie4uinit.exe
- 2004-08-19 13:42:10 139,264 ----a-w C:\WINDOWS\system32\ieakeng.dll
+ 2007-10-10 23:50:10 153,088 ------w C:\WINDOWS\system32\ieakeng.dll
- 2004-08-19 13:42:10 221,184 ----a-w C:\WINDOWS\system32\ieaksie.dll
+ 2007-10-10 23:50:10 230,400 ------w C:\WINDOWS\system32\ieaksie.dll
- 2002-09-10 12:00:00 241,664 ----a-w C:\WINDOWS\system32\ieakui.dll
+ 2007-10-10 05:46:55 161,792 ------w C:\WINDOWS\system32\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w C:\WINDOWS\system32\ieapfltr.dat
+ 2007-10-10 23:50:10 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
- 2004-08-19 13:42:10 323,584 ----a-w C:\WINDOWS\system32\iedkcs32.dll
+ 2007-10-10 23:50:10 384,512 ------w C:\WINDOWS\system32\iedkcs32.dll
- 2004-08-19 13:42:10 81,920 ----a-w C:\WINDOWS\system32\ieencode.dll
+ 2007-08-13 17:45:18 78,336 ----a-w C:\WINDOWS\system32\ieencode.dll
+ 2007-10-10 23:50:11 6,065,664 ----a-w C:\WINDOWS\system32\ieframe.dll
- 2007-08-22 13:13:13 251,392 ----a-w C:\WINDOWS\system32\iepeers.dll
+ 2007-08-13 17:54:10 191,488 ----a-w C:\WINDOWS\system32\iepeers.dll
- 2004-08-19 13:42:10 49,152 ----a-w C:\WINDOWS\system32\iernonce.dll
+ 2007-10-10 23:50:11 44,544 ------w C:\WINDOWS\system32\iernonce.dll
+ 2007-10-10 23:50:11 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
- 2004-08-19 13:42:10 63,488 ----a-w C:\WINDOWS\system32\iesetup.dll
+ 2007-08-13 17:39:12 55,296 ----a-w C:\WINDOWS\system32\iesetup.dll
+ 2007-10-10 10:59:40 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
+ 2007-08-13 17:54:10 180,736 ------w C:\WINDOWS\system32\ieui.dll
- 2004-08-19 13:42:10 35,840 ----a-w C:\WINDOWS\system32\imgutil.dll
+ 2007-08-13 17:36:06 36,352 ----a-w C:\WINDOWS\system32\imgutil.dll
- 2007-08-22 13:13:13 96,768 ----a-w C:\WINDOWS\system32\inseng.dll
+ 2007-08-13 17:39:02 92,672 ----a-w C:\WINDOWS\system32\inseng.dll
- 2006-05-18 05:31:25 450,560 ----a-w C:\WINDOWS\system32\jscript.dll
+ 2007-08-13 17:38:04 491,520 ----a-w C:\WINDOWS\system32\jscript.dll
- 2007-08-22 13:13:13 16,384 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2007-10-10 23:50:11 27,648 ------w C:\WINDOWS\system32\jsproxy.dll
- 2007-04-24 10:32:06 1,485,696 ----a-w C:\WINDOWS\system32\LegitCheckControl.dll
+ 2007-10-11 13:12:48 1,468,968 ----a-w C:\WINDOWS\system32\LegitCheckControl.dll
- 2004-08-19 13:42:14 22,528 ----a-w C:\WINDOWS\system32\licmgr10.dll
+ 2007-08-13 17:44:18 40,960 ----a-w C:\WINDOWS\system32\licmgr10.dll
- 2006-08-17 12:29:42 726,528 ----a-w C:\WINDOWS\system32\lsasrv.dll
+ 2007-11-07 09:28:35 726,528 ----a-w C:\WINDOWS\system32\lsasrv.dll
- 2007-11-11 13:58:22 53,248 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\PostUpdate.exe
+ 2008-01-17 19:54:35 53,248 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\PostUpdate.exe
- 2004-08-19 13:42:16 138,240 ----a-w C:\WINDOWS\system32\mqad.dll
+ 2007-07-06 12:50:55 138,240 ----a-w C:\WINDOWS\system32\mqad.dll
- 2004-08-19 13:42:16 47,104 ----a-w C:\WINDOWS\system32\mqdscli.dll
+ 2007-07-06 12:50:55 47,104 ----a-w C:\WINDOWS\system32\mqdscli.dll
- 2004-08-19 13:42:16 16,896 ----a-w C:\WINDOWS\system32\mqise.dll
+ 2007-07-06 12:50:55 16,896 ----a-w C:\WINDOWS\system32\mqise.dll
- 2004-08-19 13:42:16 660,992 ----a-w C:\WINDOWS\system32\mqqm.dll
+ 2007-07-06 12:50:55 660,992 ----a-w C:\WINDOWS\system32\mqqm.dll
- 2004-08-19 13:42:16 177,152 ----a-w C:\WINDOWS\system32\mqrt.dll
+ 2007-07-06 12:50:55 177,152 ----a-w C:\WINDOWS\system32\mqrt.dll
- 2004-08-19 13:42:16 95,744 ----a-w C:\WINDOWS\system32\mqsec.dll
+ 2007-07-06 12:50:55 95,744 ----a-w C:\WINDOWS\system32\mqsec.dll
- 2004-08-19 13:42:16 48,640 ----a-w C:\WINDOWS\system32\mqupgrd.dll
+ 2007-07-06 12:50:55 48,640 ----a-w C:\WINDOWS\system32\mqupgrd.dll
- 2004-08-19 13:42:16 521,216 ----a-w C:\WINDOWS\system32\mqutil.dll
+ 2007-07-06 12:50:55 521,216 ----a-w C:\WINDOWS\system32\mqutil.dll
- 2007-11-02 07:12:57 18,238,072 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2008-01-02 18:21:36 17,642,616 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2007-10-10 23:50:11 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
+ 2007-10-10 23:50:11 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
+ 2007-08-13 17:36:40 12,288 ------w C:\WINDOWS\system32\msfeedssync.exe
- 2004-08-19 13:42:58 29,184 ----a-w C:\WINDOWS\system32\mshta.exe
+ 2007-08-13 17:32:30 45,568 ----a-w C:\WINDOWS\system32\mshta.exe
- 2007-08-22 13:13:14 3,079,168 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2007-10-30 23:23:09 3,590,656 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2007-08-22 13:13:14 449,024 ----a-w C:\WINDOWS\system32\mshtmled.dll
+ 2007-10-10 23:50:12 478,208 ----a-w C:\WINDOWS\system32\mshtmled.dll
- 2004-08-19 13:39:30 57,344 ----a-w C:\WINDOWS\system32\mshtmler.dll
+ 2007-08-13 17:01:12 48,128 ----a-w C:\WINDOWS\system32\mshtmler.dll
- 2002-09-10 12:00:00 146,432 ----a-w C:\WINDOWS\system32\msls31.dll
+ 2007-08-13 17:54:10 156,160 ----a-w C:\WINDOWS\system32\msls31.dll
- 2007-08-22 13:13:14 146,432 ----a-w C:\WINDOWS\system32\msrating.dll
+ 2007-10-10 23:50:12 193,024 ------w C:\WINDOWS\system32\msrating.dll
- 2007-08-22 13:13:14 532,480 ----a-w C:\WINDOWS\system32\mstime.dll
+ 2007-10-10 23:50:12 671,232 ------w C:\WINDOWS\system32\mstime.dll
+ 2006-06-28 16:59:26 24,576 ------w C:\WINDOWS\system32\nlsdl.dll
+ 2006-06-29 07:05:44 23,552 ------w C:\WINDOWS\system32\normaliz.dll
- 2004-08-19 13:42:22 97,280 ----a-w C:\WINDOWS\system32\occache.dll
+ 2007-10-10 23:50:12 102,400 ------w C:\WINDOWS\system32\occache.dll
- 2004-08-19 13:42:22 116,224 ----a-w C:\WINDOWS\system32\p2p.dll
+ 2006-10-11 16:26:18 153,088 ----a-w C:\WINDOWS\system32\p2p.dll
- 2004-08-19 13:42:22 86,016 ----a-w C:\WINDOWS\system32\p2pgasvc.dll
+ 2006-10-11 16:26:18 104,960 ----a-w C:\WINDOWS\system32\p2pgasvc.dll
- 2004-08-19 13:42:22 312,320 ----a-w C:\WINDOWS\system32\p2pgraph.dll
+ 2006-10-11 16:26:18 313,344 ----a-w C:\WINDOWS\system32\p2pgraph.dll
- 2004-08-19 13:42:22 88,064 ----a-w C:\WINDOWS\system32\p2pnetsh.dll
+ 2006-10-11 16:26:18 116,224 ----a-w C:\WINDOWS\system32\p2pnetsh.dll
- 2004-08-19 13:42:22 526,848 ----a-w C:\WINDOWS\system32\p2psvc.dll
+ 2006-10-11 16:26:18 553,984 ----a-w C:\WINDOWS\system32\p2psvc.dll
- 2007-08-22 13:13:14 39,424 ----a-w C:\WINDOWS\system32\pngfilt.dll
+ 2007-08-13 17:36:12 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
- 2004-08-19 13:42:22 48,640 ----a-w C:\WINDOWS\system32\pnrpnsp.dll
+ 2006-10-11 16:26:18 58,880 ----a-w C:\WINDOWS\system32\pnrpnsp.dll
- 2005-08-30 03:55:42 1,293,312 ----a-w C:\WINDOWS\system32\quartz.dll
+ 2007-10-29 22:43:41 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
- 2007-08-22 13:13:15 1,495,040 ----a-w C:\WINDOWS\system32\shdocvw.dll
+ 2007-08-22 12:57:27 1,498,624 ----a-w C:\WINDOWS\system32\shdocvw.dll
- 2006-12-19 21:49:47 8,495,616 ----a-w C:\WINDOWS\system32\shell32.dll
+ 2007-10-25 16:43:27 8,502,272 ----a-w C:\WINDOWS\system32\shell32.dll
- 2007-08-22 13:13:15 474,624 ----a-w C:\WINDOWS\system32\shlwapi.dll
+ 2007-08-22 12:57:27 474,624 ----a-w C:\WINDOWS\system32\shlwapi.dll
- 2006-11-17 15:14:30 14,640 ------w C:\WINDOWS\system32\spmsg.dll
+ 2007-10-08 13:46:18 14,640 ------w C:\WINDOWS\system32\spmsg.dll
- 2007-07-22 17:39:27 279,552 ----a-w C:\WINDOWS\system32\swreg.exe
+ 2000-08-31 07:00:00 156,160 ----a-w C:\WINDOWS\system32\swreg.exe
- 2006-11-24 09:06:02 2,321,408 ----a-w C:\WINDOWS\system32\TUKernel.exe
+ 2008-01-14 22:33:38 2,322,432 ----a-w C:\WINDOWS\system32\TUKernel.exe
- 2007-07-18 12:42:22 60,416 ------w C:\WINDOWS\system32\tzchange.exe
+ 2007-11-13 11:31:11 60,416 ------w C:\WINDOWS\system32\tzchange.exe
- 2004-08-19 13:42:28 37,888 ----a-w C:\WINDOWS\system32\url.dll
+ 2007-10-10 23:50:12 105,984 ----a-w C:\WINDOWS\system32\url.dll
- 2007-08-22 13:13:15 616,448 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2007-10-10 23:50:12 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
- 2004-08-19 13:42:28 417,792 ----a-w C:\WINDOWS\system32\vbscript.dll
+ 2007-08-13 17:54:10 413,696 ----a-w C:\WINDOWS\system32\vbscript.dll
- 2004-08-19 13:42:30 49,152 ----a-w C:\WINDOWS\system32\wdigest.dll
+ 2006-03-24 04:37:56 49,152 ----a-w C:\WINDOWS\system32\wdigest.dll
- 2004-08-19 13:42:30 280,576 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2007-10-10 23:50:12 232,960 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2007-08-13 17:45:16 206,336 ------w C:\WINDOWS\system32\WinFXDocObj.exe
- 2007-08-22 13:13:15 661,504 ----a-w C:\WINDOWS\system32\wininet.dll
+ 2007-10-10 23:50:13 824,832 ----a-w C:\WINDOWS\system32\wininet.dll
- 2006-10-18 20:47:18 222,208 ----a-w C:\WINDOWS\system32\WMASF.dll
+ 2007-10-25 08:28:30 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
+ 2006-07-14 15:51:51 121,856 ------w C:\WINDOWS\system32\xmllite.dll
- 2007-08-21 10:53:22 121,856 ----a-w C:\WINDOWS\system32\xpsp3res.dll
+ 2007-10-29 15:07:12 368,640 ----a-w C:\WINDOWS\system32\xpsp3res.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Cargando Puntos Reg ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* entradas vac¡as & entradas leg¡timas predeterminadas no son mostradas

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 14:42 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2003-11-17 03:33 3022848]
"Habu"="C:\Archivos de programa\Razer\Habu\razerhid.exe" [2006-08-23 11:20 159744]
"SNPSTD2"="C:\WINDOWS\vsnpstd2.exe" [2004-06-10 10:54 286720]
"QuickTime Task"="C:\Archivos de programa\QuickTime\qttask.exe" [2006-12-03 16:25 77824]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-19 14:42 15360]

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\explorer]
"NoRecentDocsNetHood"= 1 (0x1)

[hkey_local_machine\software\microsoft\windows\curr entversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Archivos de programa\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Archivos de programa\SUPERAntiSpyware\SASWINLO.dll 2007-02-27 11:39 282624 C:\Archivos de programa\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menú Inicio^Programas^Inicio^Adobe Gamma Loader.lnk]
path=C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio\Adobe Gamma Loader.lnk
backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menú Inicio^Programas^Inicio^HP Digital Imaging Monitor.lnk]
path=C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio\HP Digital Imaging Monitor.lnk
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menú Inicio^Programas^Inicio^Iniciar guiños Messenger.lnk]
path=C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio\Iniciar guiños Messenger.lnk
backup=C:\WINDOWS\pss\Iniciar guiños Messenger.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menú Inicio^Programas^Inicio^Inicio rápido de Adobe Reader.lnk]
path=C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio\Inicio rápido de Adobe Reader.lnk
backup=C:\WINDOWS\pss\Inicio rápido de Adobe Reader.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menú Inicio^Programas^Inicio^Inicio rápido de HP Image Zone.lnk]
path=C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio\Inicio rápido de HP Image Zone.lnk
backup=C:\WINDOWS\pss\Inicio rápido de HP Image Zone.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^SEMPRON^Menú Inicio^Programas^Inicio^hamachi.lnk]
path=C:\Documents and Settings\SEMPRON\Menú Inicio\Programas\Inicio\hamachi.lnk
backup=C:\WINDOWS\pss\hamachi.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AAWTray]
C:\Archivos de programa\Lavasoft\Ad-Aware 2007\AAWTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares]
--a------ 2007-11-23 17:18 962560 C:\Archivos de programa\Ares\Ares.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\areslite]
--a------ 2005-07-08 13:17 649216 C:\Archivos de programa\Ares Lite Edition\AresLite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
--a------ 2004-08-19 14:42 15360 C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DownloadAccelerator]
--a------ 2006-10-15 03:32 3335944 C:\Archivos de programa\DAP\DAP.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DWQueuedReporting]
--a------ 2005-04-25 12:45 36040 C:\ARCHIV~1\ARCHIV~1\MICROS~1\DW\dwtrig20.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\E06EXLRD_5097937]
C:\Archivos de programa\Microsoft Encarta\Encarta 2006 Biblioteca Premium DVD\EDICT.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
--a------ 2005-05-11 22:12 49152 C:\Archivos de programa\HP\HP Software Update\HPWuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mmtask]
C:\Archivos de programa\Musicmatch\Musicmatch Jukebox\mmtask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
--a------ 2007-01-19 12:55 5674352 C:\Archivos de programa\MSN Messenger\MsnMsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 10:50 155648 C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nod32kui]
--a------ 2007-10-30 16:49 949376 C:\Archivos de programa\Eset\nod32kui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OM_Monitor]
--a------ 2006-05-16 17:50 40960 C:\Archivos de programa\OLYMPUS\OLYMPUS Master\FirstStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
--a------ 2006-04-26 08:29 237568 C:\ARCHIV~1\Nokia\NOKIAP~1\LAUNCH~1.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PcSync]
--a------ 2006-04-11 17:52 1409024 C:\Archivos de programa\Nokia\Nokia PC Suite 6\PcSync2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\poke mp3 cdrom meta]
C:\Documents and Settings\All Users\Datos de programa\Jump Poll Poke Mp3\dvd hope.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2006-12-03 16:25 77824 C:\Archivos de programa\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray]
C:\Archivos de programa\Spyware Doctor\SDTrayApp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
--a------ 2005-08-25 22:00 17679400 C:\Archivos de programa\Skype\Phone\Skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SNPSTD2]
--a------ 2004-06-10 10:54 286720 C:\WINDOWS\vsnpstd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpyBrowser]
C:\Archivos de programa\SpyBro\SpyBro.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spyware Doctor]
C:\Archivos de programa\Spyware Doctor\swdoctor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2005-01-15 11:24 32881 C:\Archivos de programa\Java\j2re1.4.2_07\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
--a------ 2007-02-27 11:39 1310720 C:\Archivos de programa\SUPERAntiSpyware\SUPERAntiSpyware.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Archivos de programa\Google\GoogleToolbarNotifier\1.0.720.3640 \GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirusBurster]
C:\Archivos de programa\VirusBurster\virusburster.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]
-ra------ 2005-03-09 12:33 53248 C:\WINDOWS\system32\VTTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTrayp]
-ra------ 2005-03-13 02:33 147456 C:\WINDOWS\system32\VTTrayp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"AVGEMS"=2 (0x2)
"Avg7UpdSvc"=2 (0x2)
"Avg7Alrt"=2 (0x2)
"WMPNetworkSvc"=3 (0x3)
"aawservice"=2 (0x2)
"wuauserv"=2 (0x2)
"NOD32krn"=2 (0x2)
"AresChatServer"=3 (0x3)
"usnjsvc"=3 (0x3)

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\run-]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe
"PcSync"=C:\Archivos de programa\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\run-]
"SNPSTD2"=C:\WINDOWS\vsnpstd2.exe
"PCSuiteTrayApplication"=C:\ARCHIV~1\Nokia\NOKIAP~ 1\LAUNCH~1.EXE -startup
"QuickTime Task"="C:\Archivos de programa\QuickTime\qttask.exe" -atboottime

R2 UxTuneUp;Ampliación del diseño de TuneUp;C:\WINDOWS\System32\svchost.exe [2004-08-19 14:43]
R3 msloop;Controlador del adaptador de bucle invertido de Microsoft;C:\WINDOWS\system32\DRIVERS\loop.sys [2001-08-17 21:53]
S3 HabuFltr;Habu Mouse;C:\WINDOWS\system32\drivers\habu.sys [2006-08-14 10:21]
S3 npkycryp;npkycryp;D:\Ragnarok\RO\npkycryp.sys []
S3 PavSRK.sys;PavSRK.sys;C:\WINDOWS\system32\PavSRK.s ys []
S3 PavTPK.sys;PavTPK.sys;C:\WINDOWS\system32\PavTPK.s ys []
S3 snpstd2;VideoCAM Look;C:\WINDOWS\system32\DRIVERS\snpstd2.sys [2004-07-28 10:49]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{224953be-2345-11dc-a1e0-0015f282b451}]
\Shell\AutoRun\command - F:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{f73b2548-f5bf-11db-a16d-0015f282b451}]
\Shell\Auto\command - F:\sxs.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL sxs.exe

.
Contenido de carpeta 'Tareas Programadas'
"2008-01-19 00:00:00 C:\WINDOWS\Tasks\AB7134F0906EAA9C.job"
- c:\docume~1\sempron\datosd~1\intrar~1\Mess Mapi Win.exe
"2008-01-18 23:41:00 C:\WINDOWS\Tasks\Comprobar actualizaciones de Windows Live Toolbar.job"
- C:\Archivos de programa\Windows Live Toolbar\MSNTBUP.EXE
.
************************************************** ************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-19 01:03:18
Windows 5.1.2600 Service Pack 2 NTFS

escaneando procesos ocultos ...

escaneando entradas ocultas de autostart ...

escaneando archivos ocultos ...

el escaneo se completo con exito
archivos ocultos: 0

************************************************** ************************
.
--------------------- DLLs cargados bajo los procesos en ejecuci¢n ---------------------

PROCESS: C:\WINDOWS\SYSTEM32\winlogon.exe
-> C:\Archivos de programa\TuneUp Utilities 2006\WinStylerThemeHelper.dll

PROCESS: C:\WINDOWS\system32\lsass.exe [5.01.2600.2180]
-> C:\Archivos de programa\TuneUp Utilities 2006\WinStylerThemeHelper.dll
-> C:\Archivos de programa\Eset\pr_imon.dll

PROCESS: C:\WINDOWS\Explorer.EXE [6.00.2900.3156]
-> C:\Archivos de programa\TuneUp Utilities 2006\WinStylerThemeHelper.dll

PROCESS: C:\WINDOWS\system32\csrss.exe
-> C:\Archivos de programa\TuneUp Utilities 2006\WinStylerThemeHelper.dll
.
Tiempo completado: 2008-01-19 1:05:30 - machine was rebooted
ComboFix-quarantined-files.txt 2008-01-19 00:05:27
ComboFix2.txt 2007-12-07 16:04:46
ComboFix3.txt 2007-11-29 17:28:01
ComboFix4.txt 2007-10-28 22:41:37
.
2008-01-14 22:18:41 --- E O F ---


Obs: Le dí con el FileAssasin a los 2 archivos que no pudieron eliminarse pero éstos vuelven a aparecer (el cerebro ha de estar en otro lado).
Última edición por drjuanse fecha: 18/01/08 a las 19:45:55.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiMeneame
Responder Con Cita
  post #5 (permalink)  
Antiguo 21/01/08, 16:46:37
Avatar de ElPiedra
FS-Admin
  
Registrado: ene 2005
Ubicación: Miami
Mensajes: 28.323
Re: Redireccionamiento y bloqueo de dominio
Hola, según tu reporte ya llevas 4 veces ejecutadas CF y esto hace que tu log sea muy grande y mas difícil de detectar la infección principal.

Te recomiendo desinstalar este utilizando el comando "ComboFix /u" (sin comillas)




Luego descarga la versión del día de hoy del enlace de arriba, lo ejecutas en modo normal y nos dejas su reporte.

Salu2
Hablándole al mundo en "Twitter""

Novedades del Foro | Antivirus Online | Eliminar Malwares | Políticas del Foro | Blog

* Ayúdanos haciendo una DONACIÓN para poder seguir Ayudando.
* Para evitar Virus y Spywares al navegar por internet, USE FIREFOX !!
* No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiMeneame
Responder Con Cita
Respuesta

« Tema Anterior | Próximo Tema »
Herramientas

Reglas del foro
No puedes crear nuevos temas
No puedes responder temas
No puedes subir adjuntos
No puedes editar tus mensajes
BB code is activado
Las caritas están activado
Código [IMG] está activado
Código HTML está desactivado
Trackbacks are desactivado
Pingbacks are desactivado
Refbacks are desactivado
Ir a

Temas Similares
Tema Autor Foro Respuestas Último mensaje
2 Tarjetas de Red en un equipo WinXP Pro una viendo el dominio. isaac.iyanez Foro de Windows 0 11/07/07 20:30:42
Cancelan el dominio “pruebelo.com.es” denunciado por estafa por consumidores Deoxys Noticias de Informática Gral. 1 02/07/07 00:12:44
mi particion principal cambia a 0.9Gb al ingresar al dominio avanti Ayuda General 1