Blog Registrarse Manuales Programas Glosario

Regresar   Foro de Spyware » Spyware - Adware - Hijackers - Malwares » Temas Solucionados
Actualizar hola creo tener un spayware muchos pop-ups (Solucionado)
 

Para evitar Virus, Spyware y otros Malwares, te recomendamos mantenerte informado en: InfoSpyware Blog


Temas Solucionados Casos de HijackThis y Malwares resueltos.
(Solo lectura)

Respuesta
Página 1 de 2 1 2
 
Enviar a: Herramientas
  post #1  
Antiguo 13/11/08, 23:01:23
Usuario
  
Registrado: nov 2008
Ubicación: barcelona
Mensajes: 13
hola creo tener un spayware muchos pop-ups (Solucionado)
Os envío el resumen de HijackThis.

He encontrado que tengo el tal "SpyBro" y quisiera saber que devo hacer, tengo puesto el NOD32 y no me lo detecta como "intruso"

uso siempre el Safari aunque tengo xp.
Muchas gracias por vuestro servicio


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:43:17, on 14/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Winferno\WSS\WSS.exe
C:\WINDOWS\ATK0100\HControl.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\PowerForPhone\PowerForPhone\PowerForPhone.ex e
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Wireless Console 2\wcourier.exe
C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Microsoft LifeChat\LifeChat.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
C:\Program Files\ASUS\Asus MultiFrame\MultiFrame.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Safari\Safari.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://login.live.com/login.srf?wa=wsignin1.0&rpsnv=10&ct=1198972944&rve r=4.5.2130.0&wp=MBI&wreply=http:%2F%2Fmail.live.co m%2Fdefault.aspx&id=64855
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: Toolbar E-Informa - {4E7BD74F-2B8D-469E-D3F3-ED63B29BB338} - C:\PROGRA~1\einforma\einforma.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [PowerForPhone] C:\Program Files\PowerForPhone\PowerForPhone\PowerForPhone.ex e
O4 - HKLM\..\Run: [ACMON] C:\Program Files\ASUS\Splendid\ACMON.exe
O4 - HKLM\..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ABLKSR] C:\WINDOWS\ABLKSR\ABLKSR.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [LifeChat] "C:\Program Files\Microsoft LifeChat\LifeChat.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [1f191aa8] rundll32.exe "C:\WINDOWS\system32\nofuwvlr.dll",b
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
O4 - HKCU\..\Run: [SpyBrowser] "C:\Program Files\SpyBro\SpyBro.exe" /autostart
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: MultiFrame.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe
O8 - Extra context menu item: BUSCAR EN eInforma - file://C:\Documents and Settings\jo mateix\Application Data\EINFORMA\SelectedContextSearch_BUSCAR EN eInforma.htm
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Agregar entrada - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Agregar entrada en Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
O16 - DPF: {4E7BD74F-2B8D-469E-D3F3-ED63B29BB338} (Toolbar E-Informa) - http://www.e-informa.com/barra_v2/einforma.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL yiafdd.dll
O23 - Service: Ares Chatroom server (AresChatServer) - Unknown owner - C:\Program Files\Ares\chatServer.exe (file missing)
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: Winferno Subscription Service - Capital Intellect Inc - C:\Program Files\Common Files\Winferno\WSS\WSS.exe

--
End of file - 10330 bytes
Responder Con Cita
InfoSpyware

  post #2  
Antiguo 14/11/08, 08:44:04
Avatar de thecat_re
Warrior
  
Registrado: ene 2007
Ubicación: Ciudad Bolivar, venezuela
Mensajes: 3.644
Re: hola creo tener un spayware muchos pop-ups
Hola te doy la Bienvenida al Foro de Infospyware

Realiza lo Siguiente:

Descarga, actualiza y ejecuta el programa:Descarga CCleaner y ejecútalo usando primero su opción de "Limpiador" para borrar cookies, temporales de Internet y todos los archivos que este te muestre como obsoletos, y luego usa su opción de "Registro" para limpiar todo el registro de Windows (haciendo copia de seguridad).

- Descarga la herramienta ComboFix.exe y guárdala en el escritorio.
  • Desactiva temporalmente el Antivirus y/o Antispyware.
  • Cierra todas las ventanas abiertas.
  • Hacele doble clic al archivo ComboFix.exe y seguí las instrucciones.
  • Cuando termine, generara un registro en C:\ComboFix.txt.
    • *Nota* Mientras CF este trabajando no mover el mouse ya que pararía su proceso.
    • *Nota* ComboFix puede reiniciar automáticamente el PC para completar el proceso de eliminación.
Cita:
Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.
  • Reinicia y pega el reporte de C:\ComboFix.txt en este mismo mensaje. para analizarlo.

Saludos nos comentas.
"Lo difícil se hace y lo imposible se intenta"

Novedades del Foro | Antivirus Online | Eliminar Malwares | Políticas del Foro | Blog

* Ayúdanos haciendo una DONACIÓN para poder seguir Ayudando.
* Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
* No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.
Responder Con Cita
  post #3  
Antiguo 14/11/08, 16:16:16
Usuario
  
Registrado: nov 2008
Ubicación: barcelona
Mensajes: 13
Sonrisa Re: hola creo tener un spayware muchos pop-ups
aqui le dejo el primer reporte de Malwarebyte's Antimalware.





Malwarebytes' Anti-Malware 1.30
Versión de la Base de Datos: 1306
Windows 5.1.2600 Service Pack 2

14/11/2008 21:45:26
mbam-log-2008-11-14 (21-45-26).txt

Tipo de examen : Examen Completo (C:\|D:\|F:\|)
Objetos examinados: 142481
Tiempo transcurrido: 35 minute(s), 18 second(s)

Procesos en Memoria Infectados: 0
Módulos en Memoria Infectados: 4
Claves del Registro Infectadas: 11
Valores del Registro Infectados: 1
Elementos de Datos del Registro Infectados: 2
Carpetas Infectadas: 3
Ficheros Infectados: 49

Procesos en Memoria Infectados:
(No se han detectado elementos maliciosos)

Módulos en Memoria Infectados:
C:\WINDOWS\system32\efcccApP.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\kgsskpuj.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\ekicgtfn.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\xakbcq.dll (Trojan.Vundo.H) -> Delete on reboot.

Claves del Registro Infectadas:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{7f9a57ed-b75c-418c-b376-6c8d002af7df} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7f9a57ed-b75c-418c-b376-6c8d002af7df} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{cceaa265-1f83-4e2b-a128-b6cf25dd576b} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{cceaa265-1f83-4e2b-a128-b6cf25dd576b} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IProxyProvid er (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.

Valores del Registro Infectados:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\1f191aa8 (Trojan.Vundo.H) -> Quarantined and deleted successfully.

Elementos de Datos del Registro Infectados:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\efcccapp -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\LSA\Authentication Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\efcccapp -> Delete on reboot.

Carpetas Infectadas:
C:\Program Files\dynamic toolbar (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\EINFORMA (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\EINFORMA\Cache (Adware.2020search) -> Quarantined and deleted successfully.

Ficheros Infectados:
C:\WINDOWS\system32\xakbcq.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\efcccApP.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\PpAcccfe.ini (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\PpAcccfe.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xjvxtpgn.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ngptxvjx.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fbybdijr.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rjidbybf.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kgsskpuj.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\jupkssgk.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tyrgivwo.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\owvigryt.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kjdbfyvt.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tvyfbdjk.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tgwsqucy.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ycuqswgt.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jrjwyfye.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\eyfywjrj.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nofuwvlr.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rlvwufon.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\jo mateix\Local Settings\Application Data\wyqgy_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\jo mateix\Local Settings\Application Data\wyqgy_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\jo mateix\Local Settings\Application Data\wyqgy.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ekicgtfn.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\Documents and Settings\jo mateix\Local Settings\Temporary Internet Files\Content.IE5\UNBPJOPT\kb600179[1] (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\jo mateix\Local Settings\Temporary Internet Files\Content.IE5\W5AVOXAF\nd82m0[1] (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\EINFORMA\Cache\logo_t.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\EINFORMA\Cache\buscar.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\EINFORMA\Cache\busca_por.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\EINFORMA\Cache\empresa.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\EINFORMA\Cache\buscar2.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\EINFORMA\Cache\opcion.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\EINFORMA\Cache\ayuda.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\EINFORMA\Cache\desinstalar.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\EINFORMA\Cache\mail.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\EINFORMA\Cache\logo16.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\EINFORMA\Cache\menu.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\EINFORMA\Cache\vigilancia.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\EINFORMA\Cache\ayuda2.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\EINFORMA\Cache\empr.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\EINFORMA\Cache\dir.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\EINFORMA\Cache\ErrorLog.txt (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\EINFORMA\Cache\EINFORMATB0200.cfg (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\EINFORMA\Cache\Thumbs.db (Adware.2020search) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\msupdate.dll (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\BM1c2a2934.xml (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\BM1c2a2934.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
Última edición por isacprincep fecha: 14/11/08 a las 18:22:01. Razón: repor de Malwarebyte's Antimalware
Responder Con Cita
  post #4  
Antiguo 14/11/08, 17:50:34
Usuario
  
Registrado: nov 2008
Ubicación: barcelona
Mensajes: 13
Re: hola creo tener un spayware muchos pop-ups
aqui el segundo repor de Malwarebyte's Antimalware




Malwarebytes' Anti-Malware 1.30
Versión de la Base de Datos: 1306
Windows 5.1.2600 Service Pack 2

14/11/2008 22:37:20
mbam-log-2008-11-14 (22-37-20).txt

Tipo de examen : Examen Completo (C:\|D:\|F:\|)
Objetos examinados: 142610
Tiempo transcurrido: 38 minute(s), 35 second(s)

Procesos en Memoria Infectados: 0
Módulos en Memoria Infectados: 0
Claves del Registro Infectadas: 0
Valores del Registro Infectados: 0
Elementos de Datos del Registro Infectados: 0
Carpetas Infectadas: 0
Ficheros Infectados: 0

Procesos en Memoria Infectados:
(No se han detectado elementos maliciosos)

Módulos en Memoria Infectados:
(No se han detectado elementos maliciosos)

Claves del Registro Infectadas:
(No se han detectado elementos maliciosos)

Valores del Registro Infectados:
(No se han detectado elementos maliciosos)

Elementos de Datos del Registro Infectados:
(No se han detectado elementos maliciosos)

Carpetas Infectadas:
(No se han detectado elementos maliciosos)

Ficheros Infectados:
(No se han detectado elementos maliciosos)
Última edición por isacprincep fecha: 14/11/08 a las 18:26:05. Razón: 2 reporte de Malwarebyte's Antimalware
Responder Con Cita
  post #5  
Antiguo 14/11/08, 18:16:52
Usuario
  
Registrado: nov 2008
Ubicación: barcelona
Mensajes: 13
Bien Re: hola creo tener un spayware muchos pop-ups
y aqui el repor de combofix



ComboFix 08-11-12.02 - jo mateix 2008-11-14 22:53:28.1 - FAT32x86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1403 [GMT 1:00]
Se ejecuta desde: c:\documents and settings\jo mateix\Desktop\ComboFix.exe
* Creado un nuevo punto de restauración
* Resident AV is active


ADVERTENCIA - ESTE EQUIPO NO TIENE INSTALADA LA CONSOLA DE RECUPERACION!
.

(((((((((((((((((((((((((((((((((((( Otras eliminaciones )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\jo mateix\Application Data\inst.exe
c:\windows\system32\aajsmweo.dll
c:\windows\system32\afiktuiw.ini
c:\windows\system32\asgtikdw.ini
c:\windows\system32\atbqcddx.ini
c:\windows\system32\BaKSDcdd.ini
c:\windows\system32\BaKSDcdd.ini2
c:\windows\system32\bgjxnz.dll
c:\windows\system32\bmvbunpk.dll
c:\windows\system32\btmpyhlv.dll
c:\windows\system32\bzgorg.dll
c:\windows\system32\cbkweebn.dll
c:\windows\system32\drivers\Xprotector.sys
c:\windows\system32\dshyvxby.ini
c:\windows\system32\dtdilz.dll
c:\windows\system32\dvwgyy.dll
c:\windows\system32\ebeeqcip.ini
c:\windows\system32\ehjlkUtv.ini
c:\windows\system32\ehjlkUtv.ini2
c:\windows\system32\etscconn.ini
c:\windows\system32\ezcjdj.dll
c:\windows\system32\fixkvieq.dll
c:\windows\system32\fyeswvpf.ini
c:\windows\system32\ggaejh.dll
c:\windows\system32\hqyutksd.ini
c:\windows\system32\hsdpelcg.ini
c:\windows\system32\hsjmjehn.ini
c:\windows\system32\hvkdkwvt.ini
c:\windows\system32\idwkkywd.dll
c:\windows\system32\irlukwui.dll
c:\windows\system32\ISDJRBeg.ini
c:\windows\system32\ISDJRBeg.ini2
c:\windows\system32\ixocjsev.ini
c:\windows\system32\jtpfydox.ini
c:\windows\system32\jvirpayd.dll
c:\windows\system32\kdrshjpc.ini
c:\windows\system32\kjxsdy.dll
c:\windows\system32\kpacxccy.ini
c:\windows\system32\ltvsgq.dll
c:\windows\system32\mkgrvm.dll
c:\windows\system32\msqoyqdo.dll
c:\windows\system32\nvitdx.dll
c:\windows\system32\oadtvvxt.dll
c:\windows\system32\ohqssl.dll
c:\windows\system32\olitom.dll
c:\windows\system32\omqqbsrm.ini
c:\windows\system32\ozajhn.dll
c:\windows\system32\pvofwnvp.dll
c:\windows\system32\pzvqkq.dll
c:\windows\system32\qekmxnle.dll
c:\windows\system32\qvjfxd.dll
c:\windows\system32\qxkxyefr.dll
c:\windows\system32\raqrwt.dll
c:\windows\system32\rpityf.dll
c:\windows\system32\rswvknen.dll
c:\windows\system32\ryvdqt.dll
c:\windows\system32\sDghgMoq.ini
c:\windows\system32\sDghgMoq.ini2
c:\windows\system32\syshpoty.ini
c:\windows\system32\tbyakmnb.dll
c:\windows\system32\tCbbdfhk.ini
c:\windows\system32\tCbbdfhk.ini2
c:\windows\system32\tnoksexs.dll
c:\windows\system32\uanabq(2).dll
c:\windows\system32\uyhyaxxt.dll
c:\windows\system32\VCIllRqr.ini
c:\windows\system32\VCIllRqr.ini2
c:\windows\system32\vecfdwoi.dll
c:\windows\system32\wwaqgvut.ini
c:\windows\system32\xhxushwf.ini
c:\windows\system32\xrxitxlc.dll
c:\windows\system32\xxjyxs.dll
c:\windows\system32\ycoyccpp.dll
c:\windows\system32\yiafdd.dll
c:\windows\system32\ykdvgrph.dll
c:\windows\system32\zzjmpg.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Servicios )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_XPROTECTOR
-------\Service_XPROTECTOR


(((((((((((((((((( Archivos creados desde 2008-10-14 - 2008-11-14 )))))))))))))))))))))))))))))))))
.

2008-11-14 23:01 . 2008-11-14 23:01 <DIR> d--hs---- C:\FOUND.001
2008-11-14 22:02 . 2008-11-14 22:02 <DIR> d-------- c:\documents and settings\All Users\Application Data\Yahoo! Companion
2008-11-14 21:13 . 2008-11-14 21:13 <DIR> d-------- c:\program files\CCleaner
2008-11-14 21:03 . 2008-11-14 21:03 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-11-14 21:03 . 2008-11-14 21:03 <DIR> d-------- c:\documents and settings\jo mateix\Application Data\Malwarebytes
2008-11-14 21:03 . 2008-11-14 21:03 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2008-11-14 21:03 . 2008-10-22 16:10 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-11-14 21:03 . 2008-10-22 16:10 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-11-14 11:18 . 2008-11-14 11:18 <DIR> d--hs---- C:\FOUND.000
2008-11-14 09:10 . 2008-11-14 09:10 <DIR> d-------- c:\program files\Transform XP to Vista
2008-11-14 09:06 . 2008-11-14 09:06 <DIR> d-------- c:\program files\Apple Software Update
2008-11-14 09:06 . 2008-11-14 09:06 <DIR> d-------- c:\documents and settings\All Users\Application Data\Apple
2008-11-14 09:03 . 2008-11-14 09:03 123 --a------ c:\windows\BricoPackFoldersDelete.cmd
2008-11-14 09:02 . 2008-11-14 09:02 <DIR> d-------- c:\windows\BricoPacks
2008-11-14 08:13 . 2008-11-14 08:13 <DIR> d-------- C:\!KillBox
2008-11-14 08:09 . 2008-11-14 08:09 14,735,904 --a------ C:\IE7-WindowsServer2003-x86-esn.exe
2008-11-14 08:07 . 2008-11-14 08:07 7,645,120 --a------ C:\windows-kb890830-v2.4.exe
2008-11-14 05:02 . 2008-11-14 05:02 <DIR> d-------- c:\program files\SpywareBlaster
2008-11-13 19:20 . 2008-11-13 19:21 120 ---hs---- c:\windows\system32\vyveqpox.ini
2008-11-12 09:09 . 2008-11-12 09:08 410,976 --a------ c:\windows\system32\deploytk.dll
2008-11-12 09:09 . 2008-11-12 09:08 73,728 --a------ c:\windows\system32\javacpl.cpl
2008-11-12 02:14 . 2008-11-12 02:14 <DIR> d-------- c:\program files\iFoxSoft
2008-11-12 01:03 . 2008-11-12 01:03 <DIR> d-------- c:\documents and settings\jo mateix\Application Data\Vso
2008-11-12 01:03 . 2008-11-12 01:15 47,360 --a------ c:\windows\system32\drivers\pcouffin.sys
2008-11-12 01:03 . 2008-11-14 08:10 47,360 --a------ c:\documents and settings\jo mateix\Application Data\pcouffin.sys
2008-11-12 00:23 . 2008-11-12 00:23 <DIR> d-------- c:\documents and settings\jo mateix\Application Data\Pegasys Inc
2008-11-12 00:21 . 2008-11-12 00:21 120 ---hs---- c:\windows\system32\gyslffnh.ini
2008-11-11 23:36 . 2008-11-11 23:34 145,504 --a------ c:\windows\system32\bgsvcgen.exe
2008-11-11 23:36 . 2008-11-11 23:34 59,488 --a------ c:\windows\system32\GenSvcInst.exe
2008-11-11 23:36 . 2008-11-11 23:34 33,408 --a------ c:\windows\system32\drivers\CDRBSDRV.SYS
2008-11-11 23:35 . 2008-11-11 23:35 <DIR> d-------- c:\program files\Pegasys Inc
2008-11-11 23:23 . 2008-11-11 23:24 120 ---hs---- c:\windows\system32\ryufdbuu.ini
2008-11-11 00:53 . 2008-11-11 00:53 <DIR> d-------- c:\program files\Netscape
2008-11-11 00:53 . 2008-11-11 00:53 <DIR> d-------- c:\documents and settings\jo mateix\Application Data\Netscape
2008-11-10 23:22 . 2008-11-10 23:22 120 ---hs---- c:\windows\system32\mrkktdak.ini
2008-11-10 22:19 . 2008-11-10 22:19 120 ---hs---- c:\windows\system32\ngthjcvn.ini
2008-11-09 04:05 . 2008-11-09 04:05 120 ---hs---- c:\windows\system32\dsvjdabr.ini
2008-11-08 03:26 . 2008-11-08 03:26 120 ---hs---- c:\windows\system32\dywcttwf.ini
2008-11-06 01:52 . 2008-11-06 01:52 120 ---hs---- c:\windows\system32\mxguotum.ini
2008-11-06 01:35 . 2008-11-06 01:35 <DIR> d-------- c:\windows\system32\es-ES
2008-11-06 01:29 . 2008-11-06 01:29 <DIR> d-------- c:\windows\system32\XPSViewer
2008-11-06 01:29 . 2008-11-06 01:29 <DIR> d-------- c:\program files\Reference Assemblies
2008-11-06 01:28 . 2006-06-29 13:07 14,048 --------- c:\windows\system32\spmsg2.dll
2008-11-06 01:23 . 2008-11-06 01:23 <DIR> d-------- c:\program files\MSXML 6.0
2008-11-06 01:18 . 2008-11-06 01:18 120 ---hs---- c:\windows\system32\jlqojjfy.ini
2008-11-05 01:17 . 2008-11-05 01:18 120 ---hs---- c:\windows\system32\jlwtugwm.ini
2008-11-04 00:31 . 2008-11-04 00:31 120 ---hs---- c:\windows\system32\edabnkui.ini
2008-11-02 20:54 . 2008-11-02 20:54 120 ---hs---- c:\windows\system32\toygxawm.ini
2008-11-02 00:56 . 2008-11-02 00:56 <DIR> d-------- c:\program files\7 zip
2008-11-01 23:30 . 2008-11-01 23:30 2,541 --a------ C:\Enlish.lng
2008-11-01 23:29 . 2008-11-01 23:29 <DIR> d-------- c:\documents and settings\jo mateix\Application Data\Media Player Classic
2008-11-01 01:09 . 2008-11-01 01:09 <DIR> d-------- c:\program files\ESET
2008-11-01 01:09 . 2008-11-01 01:09 <DIR> d-------- c:\documents and settings\All Users\Application Data\ESET
2008-11-01 00:39 . 2008-11-01 00:39 120 ---hs---- c:\windows\system32\cfraxahl.ini
2008-10-31 22:49 . 2008-10-31 22:49 <DIR> d-------- c:\program files\Microsoft LifeChat
2008-10-31 21:48 . 2008-08-14 10:51 138,368 --------- c:\windows\system32\dllcache\afd.sys
2008-10-31 21:46 . 2008-05-01 15:30 331,776 --------- c:\windows\system32\dllcache\msadce.dll
2008-10-31 20:57 . 2008-10-31 20:57 120 ---hs---- c:\windows\system32\dvnofiyq.ini
2008-10-31 19:50 . 2008-10-31 19:50 <DIR> d-------- c:\documents and settings\All Users\Application Data\McAfee
2008-10-31 19:37 . 2008-10-31 19:37 <DIR> d-------- c:\program files\Anti Trojan Elite
2008-10-30 23:55 . 2008-10-30 23:55 <DIR> d-------- c:\documents and settings\jo mateix\Application Data\vlc
2008-10-29 22:07 . 2008-10-29 22:07 <DIR> d-------- C:\divx
2008-10-29 22:03 . 2008-10-29 22:03 <DIR> d-------- c:\program files\Real Alternative
2008-10-29 22:03 . 2008-10-29 22:03 <DIR> d-------- c:\program files\Media Player Classic
2008-10-28 23:36 . 2008-10-28 23:36 823,296 --a------ c:\windows\system32\divx_xx0c.dll
2008-10-28 23:36 . 2008-10-28 23:36 823,296 --a------ c:\windows\system32\divx_xx07.dll
2008-10-28 23:35 . 2008-10-28 23:35 815,104 --a------ c:\windows\system32\divx_xx0a.dll
2008-10-28 23:35 . 2008-10-28 23:35 802,816 --a------ c:\windows\system32\divx_xx11.dll
2008-10-28 23:35 . 2008-10-28 23:35 729,088 --a------ c:\windows\system32\divxdec.ax
2008-10-28 23:35 . 2008-10-28 23:35 684,032 --a------ c:\windows\system32\DivX.dll
2008-10-27 22:05 . 2008-11-09 03:57 40,664 --ah----- c:\windows\system32\mlfcache.dat
2008-10-27 00:25 . 2008-10-27 00:26 <DIR> d-------- c:\program files\ZD Soft
2008-10-24 23:12 . 2008-10-25 00:04 354,560 --a------ c:\windows\system32\TuneUpDefragService.exe
2008-10-24 23:12 . 2008-04-04 14:51 28,416 --a------ c:\windows\system32\uxtuneup.dll
2008-10-24 23:09 . 2008-10-24 23:09 <DIR> d-------- c:\program files\TuneUp Utilities 2008
2008-10-24 23:09 . 2008-10-24 23:09 <DIR> d-------- c:\documents and settings\All Users\Application Data\TuneUp Software
2008-10-24 00:44 . 2008-10-24 00:44 <DIR> d-------- c:\documents and settings\Guest\Application Data\DivX
2008-10-24 00:43 . 2008-10-24 00:43 <DIR> d-------- c:\program files\temp
2008-10-23 23:29 . 2008-10-23 23:29 <DIR> d-------- c:\documents and settings\jo mateix\Application Data\TuneUp Software

.
(((((((((((((((((((((((((((((((((((((( Reporte Find3M )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
2008-11-14 21:58 0 ----a-w c:\windows\system32\drivers\lvuvc.hs
2008-11-14 21:58 0 ----a-w c:\windows\system32\drivers\logiflt.iad
2008-10-15 16:57 332,800 ------w c:\windows\system32\dllcache\netapi32.dll
2008-09-25 08:03 81,920 ----a-w c:\windows\system32\dpl100.dll
2008-09-25 08:03 593,920 ----a-w c:\windows\system32\dpuGUI11.dll
2008-09-25 08:03 57,344 ----a-w c:\windows\system32\dpv11.dll
2008-09-25 08:03 53,248 ----a-w c:\windows\system32\dpuGUI10.dll
2008-09-25 08:03 524,288 ----a-w c:\windows\system32\DivXsm.exe
2008-09-25 08:03 344,064 ----a-w c:\windows\system32\dpus11.dll
2008-09-25 08:03 294,912 ----a-w c:\windows\system32\dpu11.dll
2008-09-25 08:03 294,912 ----a-w c:\windows\system32\dpu10.dll
2008-09-25 08:03 196,608 ----a-w c:\windows\system32\dtu100.dll
2008-09-25 08:03 161,096 ----a-w c:\windows\system32\DivXCodecVersionChecker.exe
2008-09-19 21:57 3,596,288 ----a-w c:\windows\system32\qt-dx331.dll
2008-09-19 21:55 200,704 ----a-w c:\windows\system32\ssldivx.dll
2008-09-19 21:55 1,044,480 ----a-w c:\windows\system32\libdivx.dll
2008-09-19 21:54 12,288 ----a-w c:\windows\system32\DivXWMPExtType.dll
2008-09-15 11:57 1,846,016 ----a-w c:\windows\system32\win32k.sys
2008-09-15 11:57 1,846,016 ------w c:\windows\system32\dllcache\win32k.sys
2008-08-28 10:04 333,056 ------w c:\windows\system32\dllcache\srv.sys
2008-08-19 09:38 18,432 ------w c:\windows\system32\dllcache\iedw.exe
2008-08-14 09:57 2,185,984 ------w c:\windows\system32\dllcache\ntoskrnl.exe
2008-08-14 09:55 2,142,720 ----a-w c:\windows\system32\ntoskrnl.exe
2008-08-14 09:55 2,142,720 ------w c:\windows\system32\dllcache\ntkrnlmp.exe
2008-08-14 09:18 2,062,976 ------w c:\windows\system32\dllcache\ntkrnlpa.exe
2008-08-14 09:18 2,020,864 ----a-w c:\windows\system32\ntkrnlpa.exe
2008-08-14 09:18 2,020,864 ------w c:\windows\system32\dllcache\ntkrpamp.exe
2008-03-01 11:25 7,448,629 ----a-w c:\program files\Windows Media Player.rar
2007-01-14 12:39 10,384,469 ----a-w c:\program files\ComunesCDNV.EXE
2007-01-14 12:38 1,428,180 ----a-w c:\program files\CSB19.EXE
2006-12-14 22:06 6,538,488 ----a-w c:\program files\winamp531_full.exe
2006-12-14 21:49 1,132,320 ----a-w c:\program files\wrar362ca.exe
2006-12-14 21:46 112,919,841 ----a-w c:\program files\WinUp.v24.exe
2006-12-14 21:02 16,268,584 ----a-w c:\program files\Install_Messenger.exe
.

((((((((((((((((((((((((((((((((( Cargando Puntos Reg ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vacías & entradas legítimas predeterminadas no son mostradas
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2006-03-16 15360]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe" [2007-04-05 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"HControl"="c:\windows\ATK0100\HControl.exe" [2006-08-23 110592]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-07-20 7581696]
"NvMediaCenter"="c:\windows\system32\NvMcTray. dll" [2006-07-20 86016]
"Wireless Console 2"="c:\program files\Wireless Console 2\wcourier.exe" [2005-10-17 987136]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMEDIA.EXE" [2006-06-08 53248]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-25 786521]
"ABLKSR"="c:\windows\ABLKSR\ABLKSR.exe" [2006-01-02 61440]
"Power_Gear"="c:\program files\ASUS\Power4 Gear\BatteryLife.exe" [2006-03-14 90112]
"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2006-08-02 802816]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2006-08-02 696320]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-12 136600]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2008-02-13 2196240]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"nwiz"="nwiz.exe" [2006-07-20 c:\windows\system32\nwiz.exe]
"RTHDCPL"="RTHDCPL.EXE" [2006-07-21 c:\windows\RTHDCPL.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2006-03-16 15360]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
MultiFrame.lnk - c:\program files\ASUS\Asus MultiFrame\MultiFrame.exe [2006-12-02 491520]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe [2008-06-18 66864]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=xakbcq.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"MSACM.CEGSM"= mobilev.acm
"vidc.XVID"= xvid.dll
"msacm.l3codec"= l3codecp.acm
"vidc.3iv2"= 3ivxVfWCodec.dll
"msacm.divxa32"= divxa32.acm
"VIDC.HFYU"= huffyuv.dll
"VIDC.i263"= i263_32.drv
"msacm.imc"= imc32.acm
"VIDC.VP31"= vp31vfw.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Actualizar la licencia del NOD32.lnk]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Live Update]
--a------ 2006-02-21 15:20 180224 c:\program files\Asus\ASUS Live Update\ALU.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
--a------ 2007-08-24 07:00 33648 c:\program files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--------- 2004-10-13 17:24 1694208 c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
--a------ 2008-03-28 11:20 1079296 c:\program files\Nokia\Nokia PC Suite 6\PCSuite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2007-04-05 03:49 68856 c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UfSeAgnt.exe]
--a------ 2008-03-07 07:04 1398024 c:\program files\Trend Micro\Internet Security\UfSeAgnt.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
--a------ 2005-05-03 03:43 69632 c:\windows\Alcmtr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
--a------ 2006-05-16 03:04 2879488 c:\windows\SkyTel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"tmproxy"=3 (0x3)
"TmPfw"=3 (0x3)
"TMBMServer"=2 (0x2)
"iPod Service"=3 (0x3)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\run-]
"SMSERIAL"=c:\program files\Motorola\SMSERIAL\sm56hlpr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Messenger\\MSMSGS.EXE"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Mask Surf Standard\\Tor\\tor.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessen ger.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\Mask Surf Standard\\masksurf.exe"=
"c:\\Program Files\\Malwarebytes' Anti-Malware\\mbam.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=

R1 epfwtdir;epfwtdir;c:\windows\system32\DRIVERS\epfw tdir.sys [2008-08-18 34312]
R2 Winferno Subscription Service;Winferno Subscription Service;c:\program files\Common Files\Winferno\WSS\WSS.exe [2008-02-13 126976]
R3 LVRS;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs.sys [2008-02-06 628760]
R3 SynMini;USB2.0 1.3M WebCam;c:\windows\system32\Drivers\SynMini.sys [2006-08-08 1116544]
R3 SynScan;USB2.0 1.3M WebCam Still Image;c:\windows\system32\Drivers\SynScan.sys [2006-08-08 7808]
R3 vgadrv;vgadrv;c:\windows\system32\DRIVERS\vgadrv.s ys [2006-06-10 8078]
S3 ATE_PROCMON;ATE_PROCMON;c:\program files\Anti Trojan Elite\ATEPMon.sys [ ]
S3 ipswuio;ipswuio;c:\windows\system32\DRIVERS\ipswui o.sys [2006-01-24 34944]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;c:\windows\System32\TuneUpDefragService.ex e [2008-10-25 354560]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contenido de carpeta 'Tareas Programadas'

2008-11-14 c:\windows\Tasks\RegPowerClean.job
- c:\program files\Winferno\RegistryPowerCleaner\RegPowerClean. exe [2008-03-12 14:18]

2008-11-14 c:\windows\Tasks\WSSHelper.job
- c:\program files\Common Files\Winferno\WSS\WSSHelper.exe [2008-02-15 11:37]

2008-11-14 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]
.
- - - - HUÉRFANOS ELIMINADOS - - - -

BHO-{422AB2E0-9E7A-4F6E-8564-527A6F6E28A9} - (no file)
BHO-{70A4AD69-A40E-4964-BBC7-341C4F5C8EE5} - (no file)
BHO-{B453A4CF-2C8C-42E2-B034-72D0BBF3EEC9} - (no file)
BHO-{CAC43292-7827-4081-8EE4-F50624547444} - (no file)
BHO-{CFB43FA4-DB75-468E-98C2-FC68EB435885} - (no file)
Notify-khfEUoNg - (no file)


.
------- Análisis Suplementario -------
.
R0 -: HKCU-Main,Start Page = hxxp://login.live.com/login.srf?wa=wsignin1.0&rpsnv=10&ct=1198972944&rve r=4.5.2130.0&wp=MBI&wreply=http:%2F%2Fmail.live.co m%2Fdefault.aspx&id=64855
R0 -: HKCU-Main,Search Page = hxxp://www.google.com
R0 -: HKCU-Main,Search Bar = hxxp://www.google.com/ie
R0 -: HKLM-Main,Default_Search_URL = hxxp://www.google.com/ie
R0 -: HKCU-Search,SearchAssistant = hxxp://www.google.com/ie
R1 -: HKCU-SearchURL,(Default) = hxxp://www.google.com/search?q=%s
R0 -: HKLM-Search,SearchAssistant = hxxp://www.google.com/ie
O8 -: E&xportar a Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
O18 -: Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O16 -: {193C772A-87BE-4B19-A7BB-445B226FE9A1} - hxxp://downloads.ewido.net/ewidoOnlineScan.cab
c:\windows\Downloaded Program Files\ewidoOnlineScan.dll
.

************************************************** ************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-14 23:04:21
Windows 5.1.2600 Service Pack 2 FAT NTAPI

escaneando procesos ocultos ...

escaneando entradas ocultas de autostart ...

escaneando archivos ocultos ...

el escaneo se completo con exito
archivos ocultos: 0

************************************************** ************************
.
------------------------ Otros procesos en ejecución ------------------------
.
c:\windows\system32\savedump.exe
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\program files\Intel\Wireless\Bin\S24EvMon.exe
c:\windows\system32\bgsvcgen.exe
c:\windows\eHome\ehRecvr.exe
c:\windows\eHome\ehSched.exe
c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\HPZipm12.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\windows\ehome\mcrdsvc.exe
c:\windows\system32\dllhost.exe
c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
c:\windows\EHOME\EHMSAS.EXE
c:\windows\ATK0100\ATKOSD.exe
c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe
.
************************************************** ************************
.
Tiempo completado: 2008-11-14 23:07:49 - Reiniciando la máquina
ComboFix-quarantined-files.txt 2008-11-14 22:07:42

Pre-Run: 24.957.485.056 bytes free
Post-Run: 25,083,969,536 bytes libres

385 --- E O F --- 2008-10-31 21:07:21






a la espera de su respuesta, reciba un cordial saludo.
Última edición por isacprincep fecha: 14/11/08 a las 18:29:25. Razón: repr de combofix
Responder Con Cita
  post #6  
Antiguo 14/11/08, 20:25:02
Avatar de thecat_re
Warrior
  
Registrado: ene 2007
Ubicación: Ciudad Bolivar, venezuela
Mensajes: 3.644
Re: hola creo tener un spayware muchos pop-ups
Hola Nuevamente

Realiza lo Siguiente:

Abrir el Notepad (Bloc de Notas)
  • Ir a INICIO > EJECUTAR >
  • Y ahí pones notepad.exe y ACEPTAR
Ahora copia y pega estos archivos dentro del Notepad

Código:
KillAll::

File::
c:\windows\system32\vyveqpox.ini
c:\windows\system32\gyslffnh.ini
c:\windows\system32\ryufdbuu.ini
c:\windows\system32\mrkktdak.ini
c:\windows\system32\ngthjcvn.ini
c:\windows\system32\dsvjdabr.ini
c:\windows\system32\dywcttwf.ini
c:\windows\system32\mxguotum.ini
c:\windows\system32\jlqojjfy.ini
c:\windows\system32\jlwtugwm.ini
c:\windows\system32\edabnkui.ini
c:\windows\system32\toygxawm.ini
c:\windows\system32\cfraxahl.ini
c:\windows\system32\dvnofiyq.ini
c:\windows\system32\drivers\lvuvc.hs
c:\windows\system32\drivers\logiflt.iad
c:\windows\system32\xakbcq.dll

Driver::
lvuvc

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=-
Graba este archivo con el nombre CFScript.txt y déjalo en tu escritorio.

Arrastrar y soltar el archivo CFScript.txt dentro del archivo ComboFix.exe como lo muestra la animación de abajo. Esto activara ComboFix nuevamente.

  • Reinicia tu PC y nos dejas un nuevo reporte de ComboFix , comentándonos como esta funcionado todo actualmente?
"Lo difícil se hace y lo imposible se intenta"

Novedades del Foro | Antivirus Online | Eliminar Malwares | Políticas del Foro | Blog

* Ayúdanos haciendo una DONACIÓN para poder seguir Ayudando.
* Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
* No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.
Responder Con Cita
  post #7  
Antiguo 14/11/08, 20:50:56
Usuario
  
Registrado: nov 2008
Ubicación: barcelona
Mensajes: 13
Re: hola creo tener un spayware muchos pop-ups
Cita:
Originalmente publicado por thecat_re Ver Mensaje
Hola Nuevamente

Realiza lo Siguiente:

Abrir el Notepad (Bloc de Notas)
  • Ir a INICIO > EJECUTAR >
  • Y ahí pones notepad.exe y ACEPTAR
Ahora copia y pega estos archivos dentro del Notepad

Código:
KillAll::

File::
c:\windows\system32\vyveqpox.ini
c:\windows\system32\gyslffnh.ini
c:\windows\system32\ryufdbuu.ini
c:\windows\system32\mrkktdak.ini
c:\windows\system32\ngthjcvn.ini
c:\windows\system32\dsvjdabr.ini
c:\windows\system32\dywcttwf.ini
c:\windows\system32\mxguotum.ini
c:\windows\system32\jlqojjfy.ini
c:\windows\system32\jlwtugwm.ini
c:\windows\system32\edabnkui.ini
c:\windows\system32\toygxawm.ini
c:\windows\system32\cfraxahl.ini
c:\windows\system32\dvnofiyq.ini
c:\windows\system32\drivers\lvuvc.hs
c:\windows\system32\drivers\logiflt.iad
c:\windows\system32\xakbcq.dll

Driver::
lvuvc

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=-
Graba este archivo con el nombre CFScript.txt y déjalo en tu escritorio.

Arrastrar y soltar el archivo CFScript.txt dentro del archivo ComboFix.exe como lo muestra la animación de abajo. Esto activara ComboFix nuevamente.

  • Reinicia tu PC y nos dejas un nuevo reporte de ComboFix , comentándonos como esta funcionado todo actualmente?



por el momento todo MUY bien, estoy asombrado, parece otro PC!!

voy a proceder con los pasos que me indica.


muchas gracias.
Responder Con Cita
  post #8  
Antiguo 14/11/08, 21:16:39
Usuario
  
Registrado: nov 2008
Ubicación: barcelona
Mensajes: 13
Re: hola creo tener un spayware muchos pop-ups
hola he intentado copiar el repor pero me sale este mensage.

"El texto que has ingresado es muy largo (456408 caracteres). Por favor acórtalo a 75000 caracteres de largo."


se lo pongo en varios post.
Responder Con Cita
  post #9  
Antiguo 14/11/08, 21:18:17
Usuario
  
Registrado: nov 2008
Ubicación: barcelona
Mensajes: 13
Re: hola creo tener un spayware muchos pop-ups
1º reporte de ComboFix



ComboFix 08-11-12.02 - jo mateix 2008-11-15 1:57:16.2 - FAT32x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1465 [GMT 1:00]
Se ejecuta desde: c:\documents and settings\jo mateix\Desktop\ComboFix.exe
Comando de interruptores utilizados :: c:\documents and settings\jo mateix\Desktop\CFScript.txt
* Creado un nuevo punto de restauración
* Resident AV is active


ADVERTENCIA - ESTE EQUIPO NO TIENE INSTALADA LA CONSOLA DE RECUPERACION!

FILE ::
c:\windows\system32\cfraxahl.ini
c:\windows\system32\drivers\logiflt.iad
c:\windows\system32\drivers\lvuvc.hs
c:\windows\system32\dsvjdabr.ini
c:\windows\system32\dvnofiyq.ini
c:\windows\system32\dywcttwf.ini
c:\windows\system32\edabnkui.ini
c:\windows\system32\gyslffnh.ini
c:\windows\system32\jlqojjfy.ini
c:\windows\system32\jlwtugwm.ini
c:\windows\system32\mrkktdak.ini
c:\windows\system32\mxguotum.ini
c:\windows\system32\ngthjcvn.ini
c:\windows\system32\ryufdbuu.ini
c:\windows\system32\toygxawm.ini
c:\windows\system32\vyveqpox.ini
c:\windows\system32\xakbcq.dll
.

(((((((((((((((((((((((((((((((((((( Otras eliminaciones )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\cfraxahl.ini
c:\windows\system32\drivers\logiflt.iad
c:\windows\system32\drivers\lvuvc.hs
c:\windows\system32\dsvjdabr.ini
c:\windows\system32\dvnofiyq.ini
c:\windows\system32\dywcttwf.ini
c:\windows\system32\edabnkui.ini
c:\windows\system32\gyslffnh.ini
c:\windows\system32\jlqojjfy.ini
c:\windows\system32\jlwtugwm.ini
c:\windows\system32\mrkktdak.ini
c:\windows\system32\mxguotum.ini
c:\windows\system32\ngthjcvn.ini
c:\windows\system32\ryufdbuu.ini
c:\windows\system32\toygxawm.ini
c:\windows\system32\vyveqpox.ini

.
((((((((((((((((((((((((((((((((((((((( Drivers/Servicios )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_LVUVC


(((((((((((((((((( Archivos creados desde 2008-10-15 - 2008-11-15 )))))))))))))))))))))))))))))))))
.

2008-11-15 01:51 . 2008-11-15 01:51 <DIR> d-------- c:\windows\system32\zh-tw
2008-11-15 01:51 . 2008-11-15 01:51 <DIR> d-------- c:\windows\system32\zh-cn
2008-11-15 01:51 . 2008-11-15 01:52 <DIR> d-------- c:\windows\system32\fr-fr
2008-11-15 01:51 . 2008-11-15 01:52 <DIR> d-------- c:\windows\system32\fi-fi
2008-11-15 01:51 . 2008-11-15 01:51 <DIR> d-------- c:\windows\system32\et-ee
2008-11-15 01:51 . 2008-11-15 01:51 <DIR> d-------- c:\windows\system32\el-gr
2008-11-15 01:51 . 2008-11-15 01:51 <DIR> d-------- c:\windows\system32\de-de
2008-11-15 01:51 . 2008-11-15 01:51 <DIR> d-------- c:\windows\system32\da-dk
2008-11-15 01:51 . 2008-11-15 01:51 <DIR> d-------- c:\windows\system32\cs-cz
2008-11-15 01:51 . 2008-11-15 01:51 <DIR> d-------- c:\windows\system32\bg-bg
2008-11-15 01:51 . 2008-11-15 01:51 <DIR> d-------- c:\windows\system32\ar-sa
2008-11-15 01:14 . 2008-10-03 18:41 6,066,176 --------- c:\windows\system32\dllcache\ieframe.dll
2008-11-15 01:14 . 2007-04-17 10:32 2,455,488 --------- c:\windows\system32\dllcache\ieapfltr.dat
2008-11-15 01:14 . 2007-03-08 06:10 991,232 --------- c:\windows\system32\dllcache\ieframe.dll.mui
2008-11-15 01:14 . 2008-08-26 08:24 459,264 --------- c:\windows\system32\dllcache\msfeeds.dll
2008-11-15 01:14 . 2008-08-26 08:24 383,488 --------- c:\windows\system32\dllcache\ieapfltr.dll
2008-11-15 01:14 . 2008-08-26 08:24 267,776 --------- c:\windows\system32\dllcache\iertutil.dll
2008-11-15 01:14 . 2008-08-26 08:24 63,488 --------- c:\windows\system32\dllcache\icardie.dll
2008-11-15 01:14 . 2008-08-26 08:24 52,224 --------- c:\windows\system32\dllcache\msfeedsbs.dll
2008-11-15 01:14 . 2008-08-25 09:38 13,824 --------- c:\windows\system32\dllcache\ieudinit.exe
2008-11-15 00:42 . 2008-11-15 00:42 <DIR> d-------- c:\documents and settings\jo mateix\Application Data\Windows Search
2008-11-15 00:31 . 2008-11-15 00:31 <DIR> d-------- c:\documents and settings\jo mateix\Application Data\Windows Desktop Search
2008-11-15 00:30 . 2008-11-15 00:30 <DIR> d-------- c:\windows\system32\GroupPolicy
2008-11-15 00:30 . 2008-11-15 00:30 <DIR> d-------- c:\program files\Windows Desktop Search
2008-11-15 00:30 . 2008-03-07 18:02 192,000 --------- c:\windows\system32\dllcache\offfilt.dll
2008-11-15 00:30 . 2008-03-07 18:02 98,304 --------- c:\windows\system32\dllcache\nlhtml.dll
2008-11-15 00:30 . 2008-03-07 18:02 29,696 --------- c:\windows\system32\dllcache\mimefilt.dll
2008-11-15 00:22 . 2008-10-16 14:07 23,576 --a------ c:\windows\system32\wuapi.dll.mui
2008-11-15 00:04 . 2008-11-15 00:04 <DIR> d-------- c:\windows\system32\scripting
2008-11-15 00:04 . 2008-11-15 00:04 <DIR> d-------- c:\windows\system32\en
2008-11-15 00:04 . 2008-11-15 00:04 <DIR> d-------- c:\windows\system32\bits
2008-11-15 00:04 . 2008-11-15 00:04 <DIR> d-------- c:\windows\l2schemas
2008-11-15 00:01 . 2008-11-15 00:01 <DIR> d-------- c:\windows\ServicePackFiles
2008-11-14 23:32 . 2008-11-15 01:52 1,393 --a------ c:\windows\imsins.BAK
2008-11-14 23:16 . 2008-10-24 12:21 455,296 --------- c:\windows\system32\dllcache\mrxsmb.sys
2008-11-14 23:01 . 2008-11-14 23:01 <DIR> d--hs---- C:\FOUND.001
2008-11-14 22:02 . 2008-11-14 22:02 <DIR> d-------- c:\documents and settings\All Users\Application Data\Yahoo! Companion
2008-11-14 21:13 . 2008-11-14 21:13 <DIR> d-------- c:\program files\CCleaner
2008-11-14 21:03 . 2008-11-14 21:03 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-11-14 21:03 . 2008-11-14 21:03 <DIR> d-------- c:\documents and settings\jo mateix\Application Data\Malwarebytes
2008-11-14 21:03 . 2008-11-14 21:03 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2008-11-14 21:03 . 2008-10-22 16:10 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-11-14 21:03 . 2008-10-22 16:10 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-11-14 11:18 . 2008-11-14 11:18 <DIR> d--hs---- C:\FOUND.000
2008-11-14 09:10 . 2008-11-14 09:10 <DIR> d-------- c:\program files\Transform XP to Vista
2008-11-14 09:06 . 2008-11-14 09:06 <DIR> d-------- c:\program files\Apple Software Update
2008-11-14 09:06 . 2008-11-14 09:06 <DIR> d-------- c:\documents and settings\All Users\Application Data\Apple
2008-11-14 09:03 . 2008-11-14 09:03 123 --a------ c:\windows\BricoPackFoldersDelete.cmd
2008-11-14 09:02 . 2008-11-14 09:02 <DIR> d-------- c:\windows\BricoPacks
2008-11-14 08:13 . 2008-11-14 08:13 <DIR> d-------- C:\!KillBox
2008-11-14 08:09 . 2008-11-14 08:09 14,735,904 --a------ C:\IE7-WindowsServer2003-x86-esn.exe
2008-11-14 08:07 . 2008-11-14 08:07 7,645,120 --a------ C:\windows-kb890830-v2.4.exe
2008-11-14 05:02 . 2008-11-14 05:02 <DIR> d-------- c:\program files\SpywareBlaster
2008-11-12 09:09 . 2008-11-12 09:08 410,976 --a------ c:\windows\system32\deploytk.dll
2008-11-12 09:09 . 2008-11-12 09:08 73,728 --a------ c:\windows\system32\javacpl.cpl
2008-11-12 02:14 . 2008-11-12 02:14 <DIR> d-------- c:\program files\iFoxSoft
2008-11-12 01:03 . 2008-11-12 01:03 <DIR> d-------- c:\documents and settings\jo mateix\Application Data\Vso
2008-11-12 01:03 . 2008-11-12 01:15 47,360 --a------ c:\windows\system32\drivers\pcouffin.sys
2008-11-12 01:03 . 2008-11-14 08:10 47,360 --a------ c:\documents and settings\jo mateix\Application Data\pcouffin.sys
2008-11-12 00:23 . 2008-11-12 00:23 <DIR> d-------- c:\documents and settings\jo mateix\Application Data\Pegasys Inc
2008-11-11 23:36 . 2008-11-11 23:34 145,504 --a------ c:\windows\system32\bgsvcgen.exe
2008-11-11 23:36 . 2008-11-11 23:34 59,488 --a------ c:\windows\system32\GenSvcInst.exe
2008-11-11 23:36 . 2008-11-11 23:34 33,408 --a------ c:\windows\system32\drivers\CDRBSDRV.SYS
2008-11-11 23:35 . 2008-11-11 23:35 <DIR> d-------- c:\program files\Pegasys Inc
2008-11-11 00:53 . 2008-11-11 00:53 <DIR> d-------- c:\program files\Netscape
2008-11-11 00:53 . 2008-11-11 00:53 <DIR> d-------- c:\documents and settings\jo mateix\Application Data\Netscape
2008-11-06 01:35 . 2008-11-06 01:35 <DIR> d-------- c:\windows\system32\es-ES
2008-11-06 01:29 . 2008-11-06 01:29 <DIR> d-------- c:\windows\system32\XPSViewer
2008-11-06 01:29 . 2008-11-06 01:29 <DIR> d-------- c:\program files\Reference Assemblies
2008-11-06 01:28 . 2006-06-29 13:07 14,048 --------- c:\windows\system32\spmsg2.dll
2008-11-06 01:23 . 2008-11-06 01:23 <DIR> d-------- c:\program files\MSXML 6.0
2008-11-02 00:56 . 2008-11-02 00:56 <DIR> d-------- c:\program files\7 zip
2008-11-01 23:30 . 2008-11-01 23:30 2,541 --a------ C:\Enlish.lng
2008-11-01 23:29 . 2008-11-01 23:29 <DIR> d-------- c:\documents and settings\jo mateix\Application Data\Media Player Classic
2008-11-01 01:09 . 2008-11-01 01:09 <DIR> d-------- c:\program files\ESET
2008-11-01 01:09 . 2008-11-01 01:09 <DIR> d-------- c:\documents and settings\All Users\Application Data\ESET
2008-10-31 22:49 . 2008-10-31 22:49 <DIR> d-------- c:\program files\Microsoft LifeChat
2008-10-31 21:48 . 2008-09-08 11:41 333,824 --------- c:\windows\system32\dllcache\srv.sys
2008-10-31 21:48 . 2008-08-14 11:04 138,496 --------- c:\windows\system32\dllcache\afd.sys
2008-10-31 21:47 . 2008-08-14 11:11 2,189,184 --------- c:\windows\system32\dllcache\ntoskrnl.exe
2008-10-31 21:47 . 2008-08-14 11:09 2,145,280 --------- c:\windows\system32\dllcache\ntkrnlmp.exe
2008-10-31 21:47 . 2008-08-14 10:33 2,066,048 --------- c:\windows\system32\dllcache\ntkrnlpa.exe
2008-10-31 21:47 . 2008-08-14 10:33 2,023,936 --------- c:\windows\system32\dllcache\ntkrpamp.exe
2008-10-31 21:47 . 2008-09-15 13:12 1,846,400 --------- c:\windows\system32\dllcache\win32k.sys
2008-10-31 21:46 . 2008-04-11 20:04 691,712 --------- c:\windows\system32\dllcache\inetcomm.dll
2008-10-31 21:46 . 2008-05-01 15:33 331,776 --------- c:\windows\system32\dllcache\msadce.dll
2008-10-31 21:34 . 2008-10-15 17:34 337,408 --------- c:\windows\system32\dllcache\netapi32.dll
2008-10-31 19:50 . 2008-10-31 19:50 <DIR> d-------- c:\documents and settings\All Users\Application Data\McAfee
2008-10-31 19:37 . 2008-10-31 19:37 <DIR> d-------- c:\program files\Anti Trojan Elite
2008-10-30 23:55 . 2008-10-30 23:55 <DIR> d-------- c:\documents and settings\jo mateix\Application Data\vlc
2008-10-29 22:07 . 2008-10-29 22:07 <DIR> d-------- C:\divx
2008-10-29 22:03 . 2008-10-29 22:03 <DIR> d-------- c:\program files\Real Alternative
2008-10-29 22:03 . 2008-10-29 22:03 <DIR> d-------- c:\program files\Media Player Classic
2008-10-28 23:36 . 2008-10-28 23:36 823,296 --a------ c:\windows\system32\divx_xx0c.dll
2008-10-28 23:36 . 2008-10-28 23:36 823,296 --a------ c:\windows\system32\divx_xx07.dll
2008-10-28 23:35 . 2008-10-28 23:35 815,104 --a------ c:\windows\system32\divx_xx0a.dll
2008-10-28 23:35 . 2008-10-28 23:35 802,816 --a------ c:\windows\system32\divx_xx11.dll
2008-10-28 23:35 . 2008-10-28 23:35 729,088 --a------ c:\windows\system32\divxdec.ax
2008-10-28 23:35 . 2008-10-28 23:35 684,032 --a------ c:\windows\system32\DivX.dll
2008-10-27 22:05 . 2008-11-15 01:05 41,060 --ah----- c:\windows\system32\mlfcache.dat
2008-10-27 00:25 . 2008-10-27 00:26 <DIR> d-------- c:\program files\ZD Soft
2008-10-24 23:12 . 2008-10-25 00:04 354,560 --a------ c:\windows\system32\TuneUpDefragService.exe
2008-10-24 23:12 . 2008-04-04 14:51 28,416 --a------ c:\windows\system32\uxtuneup.dll
2008-10-24 23:09 . 2008-10-24 23:09 <DIR> d-------- c:\program files\TuneUp Utilities 2008
2008-10-24 23:09 . 2008-10-24 23:09 <DIR> d-------- c:\documents and settings\All Users\Application Data\TuneUp Software
2008-10-24 00:44 . 2008-10-24 00:44 <DIR> d-------- c:\documents and settings\Guest\Application Data\DivX
2008-10-24 00:43 . 2008-10-24 00:43 <DIR> d-------- c:\program files\temp
2008-10-23 23:29 . 2008-10-23 23:29 <DIR> d-------- c:\documents and settings\jo mateix\Application Data\TuneUp Software
Responder Con Cita
  post #10  
Antiguo 14/11/08, 21:20:24
Usuario
  
Registrado: nov 2008
Ubicación: barcelona
Mensajes: 13
Re: hola creo tener un spayware muchos pop-ups
2º/A reporte de ComboFix

.
(((((((((((((((((((((((((((((((((((((( Reporte Find3M )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
2008-10-24 11:21 455,296 ------w c:\windows\system32\drivers\mrxsmb.sys
2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\dllcache\wuaueng.dll
2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 13:12 561,688 ----a-w c:\windows\system32\dllcache\wuapi.dll
2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 13:12 323,608 ----a-w c:\windows\system32\dllcache\wucltui.dll
2008-10-16 13:09 92,696 ----a-w c:\windows\system32\dllcache\cdm.dll
2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 13:09 51,224 ----a-w c:\windows\system32\dllcache\wuauclt.exe
2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-16 13:08 34,328 ----a-w c:\windows\system32\dllcache\wups.dll
2008-09-30 15:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll
2008-09-25 08:03 81,920 ----a-w c:\windows\system32\dpl100.dll
2008-09-25 08:03 593,920 ----a-w c:\windows\system32\dpuGUI11.dll
2008-09-25 08:03 57,344 ----a-w c:\windows\system32\dpv11.dll
2008-09-25 08:03 53,248 ----a-w c:\windows\system32\dpuGUI10.dll
2008-09-25 08:03 524,288 ----a-w c:\windows\system32\DivXsm.exe
2008-09-25 08:03 344,064 ----a-w c:\windows\system32\dpus11.dll
2008-09-25 08:03 294,912 ----a-w c:\windows\system32\dpu11.dll
2008-09-25 08:03 294,912 ----a-w c:\windows\system32\dpu10.dll
2008-09-25 08:03 196,608 ----a-w c:\windows\system32\dtu100.dll
2008-09-25 08:03 161,096 ----a-w c:\windows\system32\DivXCodecVersionChecker.exe
2008-09-19 21:57 3,596,288 ----a-w c:\windows\system32\qt-dx331.dll
2008-09-19 21:55 200,704 ----a-w c:\windows\system32\ssldivx.dll
2008-09-19 21:55 1,044,480 ----a-w c:\windows\system32\libdivx.dll
2008-09-19 21:54 12,288 ----a-w c:\windows\system32\DivXWMPExtType.dll
2008-09-15 12:12 1,846,400 ----a-w c:\windows\system32\win32k.sys
2008-09-10 01:14 1,307,648 ----a-w c:\windows\system32\msxml6.dll
2008-09-10 01:14 1,307,648 ------w c:\windows\system32\dllcache\msxml6.dll
2008-09-04 17:15 1,106,944 ----a-w c:\windows\system32\msxml3.dll
2008-09-04 17:15 1,106,944 ------w c:\windows\system32\dllcache\msxml3.dll
2008-08-27 12:54 3,593,216 ------w c:\windows\system32\dllcache\mshtml.dll
2008-08-25 08:38 70,656 ------w c:\windows\system32\dllcache\ie4uinit.exe
2008-08-23 05:56 635,848 ------w c:\windows\system32\dllcache\iexplore.exe
2008-08-23 05:54 161,792 ------w c:\windows\system32\dllcache\ieakui.dll
2008-08-20 05:30 1,499,136 ------w c:\windows\system32\dllcache\shdocvw.dll
2008-03-01 11:25 7,448,629 ----a-w c:\program files\Windows Media Player.rar
2007-01-14 12:39 10,384,469 ----a-w c:\program files\ComunesCDNV.EXE
2007-01-14 12:38 1,428,180 ----a-w c:\program files\CSB19.EXE
2006-12-14 22:06 6,538,488 ----a-w c:\program files\winamp531_full.exe
2006-12-14 21:49 1,132,320 ----a-w c:\program files\wrar362ca.exe
2006-12-14 21:46 112,919,841 ----a-w c:\program files\WinUp.v24.exe
2006-12-14 21:02 16,268,584 ----a-w c:\program files\Install_Messenger.exe
.

((((((((((((((((((((((((((((( snapshot@2008-11-14_23.07.01.15 )))))))))))))))))))))))))))))))))))))))))
.
- 2004-08-04 00:06:34 82,944 ------w c:\windows\$NtUninstallKB946648$\msgsc.dll
- 2008-02-16 10:32:06 3,066,880 ------w c:\windows\$NtUninstallKB950759$\mshtml.dll
- 2008-02-16 10:32:10 666,112 ------w c:\windows\$NtUninstallKB950759$\wininet.dll
+ 2008-02-16 10:32:04 1,024,000 ------w c:\windows\$NtUninstallKB950759_0$\browseui.dll
+ 2008-02-16 10:32:04 151,040 ------w c:\windows\$NtUninstallKB950759_0$\cdfview.dll
+ 2008-02-16 10:32:04 1,054,208 ------w c:\windows\$NtUninstallKB950759_0$\danim.dll
+ 2008-02-16 10:32:04 357,888 ------w c:\windows\$NtUninstallKB950759_0$\dxtmsft.dll
+ 2008-02-16 10:32:04 205,312 ------w c:\windows\$NtUninstallKB950759_0$\dxtrans.dll
+ 2008-02-16 10:32:04 55,808 ------w c:\windows\$NtUninstallKB950759_0$\extmgr.dll
+ 2008-02-15 10:07:54 18,432 ------w c:\windows\$NtUninstallKB950759_0$\iedw.exe
+ 2008-02-16 10:32:04 251,904 ------w c:\windows\$NtUninstallKB950759_0$\iepeers.dll
+ 2008-02-16 10:32:04 96,256 ------w c:\windows\$NtUninstallKB950759_0$\inseng.dll
+ 2008-02-16 10:32:04 16,384 ------w c:\windows\$NtUninstallKB950759_0$\jsproxy.dll
+ 2008-02-16 10:32:06 3,066,880 ------w c:\windows\$NtUninstallKB950759_0$\mshtml.dll
+ 2008-02-16 10:32:06 449,024 ------w c:\windows\$NtUninstallKB950759_0$\mshtmled.dll
+ 2008-02-16 10:32:06 146,432 ------w c:\windows\$NtUninstallKB950759_0$\msrating.dll
+ 2008-02-16 10:32:08 532,480 ------w c:\windows\$NtUninstallKB950759_0$\mstime.dll
+ 2008-02-16 10:32:08 39,424 ------w c:\windows\$NtUninstallKB950759_0$\pngfilt.dll
+ 2008-02-16 10:32:08 1,499,136 ------w c:\windows\$NtUninstallKB950759_0$\shdocvw.dll
+ 2008-02-16 10:32:08 474,112 ------w c:\windows\$NtUninstallKB950759_0$\shlwapi.dll
+ 2007-11-30 13:39:22 231,288 ------w c:\windows\$NtUninstallKB950759_0$\spuninst\spunin st.exe
+ 2007-11-30 13:39:22 382,840 ------w c:\windows\$NtUninstallKB950759_0$\spuninst\updspa pi.dll
+ 2008-02-16 10:32:08 618,496 ------w c:\windows\$NtUninstallKB950759_0$\urlmon.dll
+ 2008-02-16 10:32:10 666,112 ------w c:\windows\$NtUninstallKB950759_0$\wininet.dll
+ 2008-02-15 10:06:22 351,744 ------w c:\windows\$NtUninstallKB950759_0$\xpsp3res.dll
- 2006-07-13 08:48:58 202,240 ------w c:\windows\$NtUninstallKB950762$\rmcast.sys
+ 2006-07-13 08:48:58 202,240 ------w c:\windows\$NtUninstallKB950762_0$\rmcast.sys
+ 2007-11-30 13:39:22 231,288 ------w c:\windows\$NtUninstallKB950762_0$\spuninst\spunin st.exe
+ 2007-11-30 13:39:22 382,840 ------w c:\windows\$NtUninstallKB950762_0$\spuninst\updspa pi.dll
- 2005-07-26 04:39:46 243,200 ------w c:\windows\$NtUninstallKB950974$\es.dll
- 2007-08-21 07:15:44 683,520 ------w c:\windows\$NtUninstallKB951066$\inetcomm.dll
- 2008-04-14 12:01:02 272,128 ------w c:\windows\$NtUninstallKB951376-v2$\bthport.sys
+ 2008-04-14 12:01:02 272,128 ------w c:\windows\$NtUninstallKB951376-v2_0$\bthport.sys
+ 2007-11-30 12:18:52 231,288 ------w c:\windows\$NtUninstallKB951376-v2_0$\spuninst\spuninst.exe
+ 2007-11-30 12:18:52 382,840 ------w c:\windows\$NtUninstallKB951376-v2_0$\spuninst\updspapi.dll
+ 2007-11-30 12:18:52 231,288 ------w c:\windows\$NtUninstallKB951376_0$\spuninst\spunin st.exe
+ 2007-11-30 12:18:52 382,840 ------w c:\windows\$NtUninstallKB951376_0$\spuninst\updspa pi.dll
- 2007-10-29 22:35:14 1,287,680 ------w c:\windows\$NtUninstallKB951698$\quartz.dll
+ 2007-10-29 22:35:14 1,287,680 ------w c:\windows\$NtUninstallKB951698_0$\quartz.dll
+ 2007-11-30 12:18:52 231,288 ------w c:\windows\$NtUninstallKB951698_0$\spuninst\spunin st.exe
+ 2007-11-30 13:39:22 382,840 ------w c:\windows\$NtUninstallKB951698_0$\spuninst\updspa pi.dll
- 2006-03-16 01:00:00 331,776 ------w c:\windows\$NtUninstallKB952287$\msadce.dll
- 2005-06-29 01:46:00 74,240 ------w c:\windows\$NtUninstallKB952954$\mscms.dll
- 2008-03-19 10:47:00 1,845,248 ------w c:\windows\$NtUninstallKB954211$\win32k.sys
- 2008-04-21 07:56:58 3,066,880 ------w c:\windows\$NtUninstallKB956390$\mshtml.dll
- 2008-04-21 07:56:58 1,499,136 ------w c:\windows\$NtUninstallKB956390$\shdocvw.dll
- 2008-04-21 07:56:58 618,496 ------w c:\windows\$NtUninstallKB956390$\urlmon.dll
- 2008-04-21 07:57:00 666,624 ------w c:\windows\$NtUninstallKB956390$\wininet.dll
- 2006-03-16 01:00:00 138,496 ------w c:\windows\$NtUninstallKB956803$\afd.sys
- 2007-02-28 10:16:00 2,017,280 ------w c:\windows\$NtUninstallKB956841$\ntkrnlpa.exe
- 2007-02-28 10:53:04 2,137,600 ------w c:\windows\$NtUninstallKB956841$\ntoskrnl.exe
- 2006-08-14 10:34:42 332,928 ------w c:\windows\$NtUninstallKB957095$\srv.sys
- 2006-08-17 12:28:28 332,288 ------w c:\windows\$NtUninstallKB958644$\netapi32.dll
- 2006-10-04 14:05:26 39,424 ------w c:\windows\AppPatch\acadproc.dll
+ 2008-04-14 00:11:48 39,424 ----a-w c:\windows\AppPatch\acadproc.dll
- 2006-03-16 01:00:00 1,852,416 ------w c:\windows\AppPatch\AcGenral.dll
+ 2008-04-14 00:11:48 1,852,928 ----a-w c:\windows\AppPatch\AcGenral.dll
- 2006-03-16 01:00:00 450,048 ------w c:\windows\AppPatch\AcLayers.dll
+ 2008-04-14 00:11:48 451,072 ----a-w c:\windows\AppPatch\AcLayers.dll
- 2006-03-16 01:00:00 137,728 ------w c:\windows\AppPatch\AcLua.dll
+ 2008-04-14 00:11:48 141,312 ----a-w c:\windows\AppPatch\AcLua.dll
- 2006-03-16 01:00:00 244,736 ------w c:\windows\AppPatch\AcSpecfc.dll
+ 2008-04-14 00:11:48 245,248 ----a-w c:\windows\AppPatch\AcSpecfc.dll
- 2006-03-16 01:00:00 116,224 ------w c:\windows\AppPatch\AcXtrnal.dll
+ 2008-04-14 00:11:48 116,224 ----a-w c:\windows\AppPatch\AcXtrnal.dll
- 2006-12-02 03:54:54 8,704 ------w c:\windows\assembly\GAC\Accessibility\1.0.3300.0__ b03f5f7f11d50a3a\Accessibility.dll
+ 2008-11-14 23:07:58 8,704 ----a-w c:\windows\assembly\GAC\Accessibility\1.0.3300.0__ b03f5f7f11d50a3a\Accessibility.dll
+ 2008-11-14 23:19:52 110,592 ----a-w c:\windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f 11d50a3a\adodb.dll
- 2006-12-02 04:18:34 117,248 ------w c:\windows\assembly\GAC\BDATunePIA\6.0.3000.0__31b f3856ad364e35\bdatunepia.dll
+ 2008-11-14 23:19:20 117,248 ----a-w c:\windows\assembly\GAC\BDATunePIA\6.0.3000.0__31b f3856ad364e35\bdatunepia.dll
- 2006-12-02 03:54:52 12,288 ------w c:\windows\assembly\GAC\cscompmgd\7.0.3300.0__b03f 5f7f11d50a3a\cscompmgd.dll
+ 2008-11-14 23:07:54 12,288 ----a-w c:\windows\assembly\GAC\cscompmgd\7.0.3300.0__b03f 5f7f11d50a3a\cscompmgd.dll
- 2006-12-02 03:54:54 34,816 ------w c:\windows\assembly\GAC\CustomMarshalers\1.0.3300. 0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2008-11-14 23:07:56 34,816 ----a-w c:\windows\assembly\GAC\CustomMarshalers\1.0.3300. 0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2006-12-02 04:18:34 102,400 ------w c:\windows\assembly\GAC\ehCIR\6.0.3000.0__31bf3856 ad364e35\ehCIR.dll
+ 2008-11-14 23:19:16 102,400 ----a-w c:\windows\assembly\GAC\ehCIR\6.0.3000.0__31bf3856 ad364e35\ehCIR.dll
- 2007-08-01 21:39:26 1,863,680 ------w c:\windows\assembly\GAC\EhCM\6.0.3000.0__31bf3856a d364e35\ehcm.dll
+ 2008-11-14 23:19:20 1,863,680 ----a-w c:\windows\assembly\GAC\EhCM\6.0.3000.0__31bf3856a d364e35\EhCM.dll
- 2006-12-02 04:18:34 192,512 ------w c:\windows\assembly\GAC\ehcommon\6.0.3000.0__31bf3 856ad364e35\ehcommon.dll
+ 2008-11-14 23:19:20 192,512 ----a-w c:\windows\assembly\GAC\ehcommon\6.0.3000.0__31bf3 856ad364e35\ehcommon.dll
- 2007-08-01 21:39:28 868,352 ------w c:\windows\assembly\GAC\ehepg\6.0.3000.0__31bf3856 ad364e35\ehepg.dll
+ 2008-11-14 23:19:18 868,352 ----a-w c:\windows\assembly\GAC\ehepg\6.0.3000.0__31bf3856 ad364e35\ehepg.dll
- 2006-12-02 04:18:34 126,976 ------w c:\windows\assembly\GAC\ehepgdat\6.0.3000.0__31bf3 856ad364e35\ehepgdat.dll
+ 2008-11-14 23:19:16 126,976 ----a-w c:\windows\assembly\GAC\ehepgdat\6.0.3000.0__31bf3 856ad364e35\ehepgdat.dll
- 2006-12-02 04:18:34 110,592 ------w c:\windows\assembly\GAC\ehExtCOM\6.0.3000.0__31bf3 856ad364e35\ehExtCOM.dll
+ 2008-11-14 23:19:24 110,592 ----a-w c:\windows\assembly\GAC\ehExtCOM\6.0.3000.0__31bf3 856ad364e35\ehExtCOM.dll
- 2006-12-02 04:18:34 8,192 ------w c:\windows\assembly\GAC\ehiExtCOM\6.0.3000.0__31bf 3856ad364e35\ehiExtCOM.dll
+ 2008-11-14 23:19:14 8,192 ----a-w c:\windows\assembly\GAC\ehiExtCOM\6.0.3000.0__31bf 3856ad364e35\ehiExtCOM.dll
- 2006-12-02 04:18:34 73,728 ------w c:\windows\assembly\GAC\ehiExtens\6.0.3000.0__31bf 3856ad364e35\ehiExtens.dll
+ 2008-11-14 23:19:14 73,728 ----a-w c:\windows\assembly\GAC\ehiExtens\6.0.3000.0__31bf 3856ad364e35\ehiExtens.dll
- 2006-12-02 04:18:34 167,936 ------w c:\windows\assembly\GAC\ehiMsgr\6.0.3000.0__31bf38 56ad364e35\ehiMsgr.dll
+ 2008-11-14 23:19:18 167,936 ----a-w c:\windows\assembly\GAC\ehiMsgr\6.0.3000.0__31bf38 56ad364e35\ehiMsgr.dll
- 2007-08-01 21:39:28 204,800 ------w c:\windows\assembly\GAC\ehiPlay\6.0.3000.0__31bf38 56ad364e35\ehiplay.dll
+ 2008-11-14 23:19:16 204,800 ----a-w c:\windows\assembly\GAC\ehiPlay\6.0.3000.0__31bf38 56ad364e35\ehiPlay.dll
- 2006-12-02 04:18:34 389,120 ------w c:\windows\assembly\GAC\ehiProxy\6.0.3000.0__31bf3 856ad364e35\ehiProxy.dll
+ 2008-11-14 23:19:16 389,120 ----a-w c:\windows\assembly\GAC\ehiProxy\6.0.3000.0__31bf3 856ad364e35\ehiProxy.dll
- 2006-12-02 04:18:34 18,944 ------w c:\windows\assembly\GAC\ehiUserXp\6.0.3000.0__31bf 3856ad364e35\ehiuserxp.dll
+ 2008-11-14 23:19:18 18,944 ----a-w c:\windows\assembly\GAC\ehiUserXp\6.0.3000.0__31bf 3856ad364e35\ehiuserxp.dll
- 2006-12-02 04:18:34 278,528 ------w c:\windows\assembly\GAC\ehiVidCtl\6.0.3000.0__31bf 3856ad364e35\ehiVidCtl.dll
+ 2008-11-14 23:19:18 278,528 ----a-w c:\windows\assembly\GAC\ehiVidCtl\6.0.3000.0__31bf 3856ad364e35\ehiVidCtl.dll
- 2006-12-02 04:18:34 122,880 ------w c:\windows\assembly\GAC\ehiwmp\6.0.3000.0__31bf385 6ad364e35\ehiwmp.dll
+ 2008-11-14 23:19:14 122,880 ----a-w c:\windows\assembly\GAC\ehiwmp\6.0.3000.0__31bf385 6ad364e35\ehiwmp.dll
- 2006-12-02 04:18:34 53,248 ------w c:\windows\assembly\GAC\ehiWUapi\6.0.3000.0__31bf3 856ad364e35\ehiWUapi.dll
+ 2008-11-14 23:19:22 53,248 ----a-w c:\windows\assembly\GAC\ehiWUapi\6.0.3000.0__31bf3 856ad364e35\ehiWUapi.dll
- 2006-12-02 04:18:34 389,120 ------w c:\windows\assembly\GAC\ehRecObj\6.0.3000.0__31bf3 856ad364e35\ehRecObj.dll
+ 2008-11-14 23:19:14 389,120 ----a-w c:\windows\assembly\GAC\ehRecObj\6.0.3000.0__31bf3 856ad364e35\ehRecObj.dll
- 2006-12-02 03:54:54 7,168 ------w c:\windows\assembly\GAC\IEExecRemote\1.0.3300.0__b 03f5f7f11d50a3a\IEExecRemote.dll
+ 2008-11-14 23:08:02 7,168 ----a-w c:\windows\assembly\GAC\IEExecRemote\1.0.3300.0__b 03f5f7f11d50a3a\IEExecRemote.dll
- 2006-12-02 03:54:54 32,768 ------w c:\windows\assembly\GAC\IEHost\1.0.3300.0__b03f5f7 f11d50a3a\IEHost.dll
+ 2008-11-14 23:08:02 32,768 ----a-w c:\windows\assembly\GAC\IEHost\1.0.3300.0__b03f5f7 f11d50a3a\IEHost.dll
- 2006-12-02 03:54:54 4,096 ------w c:\windows\assembly\GAC\IIEHost\1.0.3300.0__b03f5f 7f11d50a3a\IIEHost.dll
+ 2008-11-14 23:08:02 4,096 ----a-w c:\windows\assembly\GAC\IIEHost\1.0.3300.0__b03f5f 7f11d50a3a\IIEHost.dll
- 2006-12-02 03:54:54 27,136 ------w c:\windows\assembly\GAC\ISymWrapper\1.0.3300.0__b0 3f5f7f11d50a3a\ISymWrapper.dll
+ 2008-11-14 23:08:04 27,136 ----a-w c:\windows\assembly\GAC\ISymWrapper\1.0.3300.0__b0 3f5f7f11d50a3a\ISymWrapper.dll
- 2006-12-02 03:54:52 712,704 ------w c:\windows\assembly\GAC\Microsoft.JScript\7.0.3300 .0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2008-11-14 23:07:54 712,704 ----a-w c:\windows\assembly\GAC\Microsoft.JScript\7.0.3300 .0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2006-12-02 04:18:34 45,056 ------w c:\windows\assembly\GAC\Microsoft.MediaCenter\6.0. 3100.0__31bf3856ad364e35\Microsoft.MediaCenter.dll
+ 2008-11-14 23:19:22 45,056 ----a-w c:\windows\assembly\GAC\Microsoft.MediaCenter\6.0. 3100.0__31bf3856ad364e35\Microsoft.MediaCenter.dll
- 2006-12-02 03:54:52 28,672 ------w c:\windows\assembly\GAC\Microsoft.VisualBasic.Vsa\ 7.0.3300.0__b03f5f7f11d50a3a\Microsoft.VisualBasic .Vsa.dll
+ 2008-11-14 23:07:54 28,672 ----a-w c:\windows\assembly\GAC\Microsoft.VisualBasic.Vsa\ 7.0.3300.0__b03f5f7f11d50a3a\Microsoft.VisualBasic .Vsa.dll
- 2006-12-02 03:54:54 286,720 ------w c:\windows\assembly\GAC\Microsoft.VisualBasic\7.0. 3300.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2008-11-14 23:07:56 286,720 ----a-w c:\windows\assembly\GAC\Microsoft.VisualBasic\7.0. 3300.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2006-12-02 03:54:54 5,632 ------w c:\windows\assembly\GAC\Microsoft.VisualC\7.0.3300 .0__b03f5f7f11d50a3a\Microsoft.VisualC.dll
+ 2008-11-14 23:07:56 5,632 ----a-w c:\windows\assembly\GAC\Microsoft.VisualC\7.0.3300 .0__b03f5f7f11d50a3a\Microsoft.VisualC.dll
- 2006-12-02 03:54:52 11,264 ------w c:\windows\assembly\GAC\Microsoft.Vsa.Vb.CodeDOMPr ocessor\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.Vsa .Vb.CodeDOMProcessor.dll
+ 2008-11-14 23:07:52 11,264 ----a-w c:\windows\assembly\GAC\Microsoft.Vsa.Vb.CodeDOMPr ocessor\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.Vsa .Vb.CodeDOMProcessor.dll
- 2006-12-02 03:54:52 18,944 ------w c:\windows\assembly\GAC\Microsoft.Vsa\7.0.3300.0__ b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2008-11-14 23:07:54 18,944 ----a-w c:\windows\assembly\GAC\Microsoft.Vsa\7.0.3300.0__ b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2006-12-02 03:54:52 6,656 ------w c:\windows\assembly\GAC\Microsoft_VsaVb\7.0.3300.0 __b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2008-11-14 23:07:54 6,656 ----a-w c:\windows\assembly\GAC\Microsoft_VsaVb\7.0.3300.0 __b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2008-11-14 23:19:52 229,376 ----a-w c:\windows\assembly\GAC\mscomctl\10.0.4504.0__31bf 3856ad364e35\MSCOMCTL.DLL
- 2006-12-02 03:54:54 1,564,672 ------w c:\windows\assembly\GAC\mscorcfg\1.0.3300.0__b03f5 f7f11d50a3a\mscorcfg.dll
+ 2008-11-14 23:08:04 1,564,672 ----a-w c:\windows\assembly\GAC\mscorcfg\1.0.3300.0__b03f5 f7f11d50a3a\mscorcfg.dll
+ 2008-11-14 23:19:52 4,096 ----a-w c:\windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f 5f7f11d50a3a\msdatasrc.dll
- 2006-12-02 03:54:54 32,768 ------w c:\windows\assembly\GAC\Regcode\1.0.3300.0__b03f5f 7f11d50a3a\RegCode.dll
+ 2008-11-14 23:07:56 32,768 ----a-w c:\windows\assembly\GAC\Regcode\1.0.3300.0__b03f5f 7f11d50a3a\RegCode.dll
- 2006-12-02 04:18:34 77,824 ------w c:\windows\assembly\GAC\SonicMCEBurnEngine\0.9.0.0__17c52700e9a64fd0\SonicMCEBurnEngine.dll
+ 2008-11-14 23:19:22 77,824 ----a-w c:\windows\assembly\GAC\SonicMCEBurnEngine\0.9.0.0__17c52700e9a64fd0\SonicMCEBurnEngine.dll
+ 2008-11-14 23:19:52 16,384 ----a-w c:\windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7 f11d50a3a\stdole.dll
- 2006-12-02 03:54:54 77,824 ------w c:\windows\assembly\GAC\System.Configuration.Insta ll\1.0.3300.0__b03f5f7f11d50a3a\System.Configurati on.Install.dll
+ 2008-11-14 23:07:58 77,824 ----a-w c:\windows\assembly\GAC\System.Configuration.Insta ll\1.0.3300.0__b03f5f7f11d50a3a\System.Configurati on.Install.dll
- 2006-12-02 03:54:54 1,179,648 ------w c:\windows\assembly\GAC\System.Data\1.0.3300.0__b7 7a5c561934e089\System.Data.dll
+ 2008-11-14 23:08:00 1,179,648 ----a-w c:\windows\assembly\GAC\System.Data\1.0.3300.0__b7 7a5c561934e089\System.Data.dll
- 2006-12-02 03:54:54 1,695,744 ------w c:\windows\assembly\GAC\System.Design\1.0.3300.0__ b03f5f7f11d50a3a\System.Design.dll
+ 2008-11-14 23:08:00 1,695,744 ----a-w c:\windows\assembly\GAC\System.Design\1.0.3300.0__ b03f5f7f11d50a3a\System.Design.dll
- 2006-12-02 03:54:54 86,016 ------w c:\windows\assembly\GAC\System.DirectoryServices\1 .0.3300.0__b03f5f7f11d50a3a\System.DirectoryServic es.dll
+ 2008-11-14 23:07:58 86,016 ----a-w c:\windows\assembly\GAC\System.DirectoryServices\1 .0.3300.0__b03f5f7f11d50a3a\System.DirectoryServic es.dll
- 2006-12-02 03:54:54 65,536 ------w c:\windows\assembly\GAC\System.Drawing.Design\1.0. 3300.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2008-11-14 23:07:58 65,536 ----a-w c:\windows\assembly\GAC\System.Drawing.Design\1.0. 3300.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2006-12-02 03:54:54 462,848 ------w c:\windows\assembly\GAC\System.Drawing\1.0.3300.0_ _b03f5f7f11d50a3a\System.Drawing.dll
+ 2008-11-14 23:08:02 462,848 ----a-w c:\windows\assembly\GAC\System.Drawing\1.0.3300.0_ _b03f5f7f11d50a3a\System.Drawing.dll
- 2006-12-02 03:54:54 212,992 ------w c:\windows\assembly\GAC\System.EnterpriseServices\ 1.0.3300.0__b03f5f7f11d50a3a\System.EnterpriseServ ices.dll
+ 2008-11-14 23:07:56 212,992 ----a-w c:\windows\assembly\GAC\System.EnterpriseServices\ 1.0.3300.0__b03f5f7f11d50a3a\System.EnterpriseServ ices.dll
- 2006-12-02 03:54:54 48,640 ------w c:\windows\assembly\GAC\System.EnterpriseServices\ 1.0.3300.0__b03f5f7f11d50a3a\System.EnterpriseServ ices.Thunk.dll
+ 2008-11-14 23:07:56 48,640 ----a-w c:\windows\assembly\GAC\System.EnterpriseServices\ 1.0.3300.0__b03f5f7f11d50a3a\System.EnterpriseServ ices.Thunk.dll
- 2006-12-02 03:54:54 352,256 ------w c:\windows\assembly\GAC\System.Management\1.0.3300 .0__b03f5f7f11d50a3a\System.Management.dll
+ 2008-11-14 23:08:04 352,256 ----a-w c:\windows\assembly\GAC\System.Management\1.0.3300 .0__b03f5f7f11d50a3a\System.Management.dll
- 2006-12-02 03:54:54 241,664 ------w c:\windows\assembly\GAC\System.Messaging\1.0.3300. 0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2008-11-14 23:08:02 241,664 ----a-w c:\windows\assembly\GAC\System.Messaging\1.0.3300. 0__b03f5f7f11d50a3a\System.Messaging.dll
- 2006-12-02 03:54:54 311,296 ------w c:\windows\assembly\GAC\System.Runtime.Remoting\1. 0.3300.0__b77a5c561934e089\System.Runtime.Remoting .dll
+ 2008-11-14 23:08:04 311,296 ----a-w c:\windows\assembly\GAC\System.Runtime.Remoting\1. 0.3300.0__b77a5c561934e089\System.Runtime.Remoting .dll
- 2006-12-02 03:54:54 131,072 ------w c:\windows\assembly\GAC\System.Runtime.Serializati on.Formatters.Soap\1.0.3300.0__b03f5f7f11d50a3a\Sy stem.Runtime.Serialization.Formatters.Soap.dll
+ 2008-11-14 23:08:04 131,072 ----a-w c:\windows\assembly\GAC\System.Runtime.Serializati on.Formatters.Soap\1.0.3300.0__b03f5f7f11d50a3a\Sy stem.Runtime.Serialization.Formatters.Soap.dll
- 2006-12-02 03:54:54 77,824 ------w c:\windows\assembly\GAC\System.Security\1.0.3300.0 __b03f5f7f11d50a3a\System.Security.dll
+ 2008-11-14 23:07:56 77,824 ----a-w c:\windows\assembly\GAC\System.Security\1.0.3300.0 __b03f5f7f11d50a3a\System.Security.dll
- 2006-12-02 03:54:54 126,976 ------w c:\windows\assembly\GAC\System.ServiceProcess\1.0. 3300.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2008-11-14 23:07:58 126,976 ----a-w c:\windows\assembly\GAC\System.ServiceProcess\1.0. 3300.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2006-12-02 03:54:54 61,440 ------w c:\windows\assembly\GAC\System.Web.RegularExpressi ons\1.0.3300.0__b03f5f7f11d50a3a\System.Web.Regula rExpressions.dll
+ 2008-11-14 23:07:58 61,440 ----a-w c:\windows\assembly\GAC\System.Web.RegularExpressi ons\1.0.3300.0__b03f5f7f11d50a3a\System.Web.Regula rExpressions.dll
- 2006-12-02 03:54:54 507,904 ------w c:\windows\assembly\GAC\System.Web.Services\1.0.33 00.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2008-11-14 23:08:00 507,904 ----a-w c:\windows\assembly\GAC\System.Web.Services\1.0.33 00.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2007-07-11 14:05:02 1,200,128 ------w c:\windows\assembly\GAC\System.Web\1.0.3300.0__b03 f5f7f11d50a3a\System.Web.dll
+ 2008-11-14 23:07:58 1,200,128 ----a-w c:\windows\assembly\GAC\System.Web\1.0.3300.0__b03 f5f7f11d50a3a\System.Web.dll
- 2006-12-02 03:54:54 2,002,944 ------w c:\windows\assembly\GAC\System.Windows.Forms\1.0.3 300.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2008-11-14 23:08:00 2,002,944 ----a-w c:\windows\assembly\GAC\System.Windows.Forms\1.0.3 300.0__b77a5c561934e089\System.Windows.Forms.dll
- 2006-12-02 03:54:54 1,302,528 ------w c:\windows\assembly\GAC\System.Xml\1.0.3300.0__b77 a5c561934e089\System.Xml.dll
+ 2008-11-14 23:08:00 1,302,528 ----a-w c:\windows\assembly\GAC\System.Xml\1.0.3300.0__b77 a5c561934e089\System.Xml.dll
- 2006-12-02 03:54:54 1,179,648 ------w c:\windows\assembly\GAC\System\1.0.3300.0__b77a5c5 61934e089\System.dll
+ 2008-11-14 23:08:02 1,179,648 ----a-w c:\windows\assembly\GAC\System\1.0.3300.0__b77a5c5 61934e089\System.dll
+ 2008-11-14 23:05:44 61,440 ----a-w c:\windows\assembly\NativeImages1_v1.0.3705\Custom Marshalers\1.0.3300.0__b03f5f7f11d50a3a_47708390\C ustomMarshalers.dll
+ 2008-11-14 23:05:50 3,301,376 ----a-w c:\windows\assembly\NativeImages1_v1.0.3705\mscorl ib\1.0.3300.0__b77a5c561934e089_f5e967ae\mscorlib. dll
+ 2008-11-14 23:05:58 1,454,080 ----a-w c:\windows\assembly\NativeImages1_v1.0.3705\System .Design\1.0.3300.0__b03f5f7f11d50a3a_d77f3e3f\Syst em.Design.dll
+ 2008-11-14 23:06:02 90,112 ----a-w c:\windows\assembly\NativeImages1_v1.0.3705\System .Drawing.Design\1.0.3300.0__b03f5f7f11d50a3a_8c0c9 b66\System.Drawing.Design.dll
+ 2008-11-14 23:06:00 847,872 ----a-w c:\windows\assembly\NativeImages1_v1.0.3705\System .Drawing\1.0.3300.0__b03f5f7f11d50a3a_ab91849d\Sys tem.Drawing.dll
+ 2008-11-14 23:06:06 2,953,216 ----a-w c:\windows\assembly\NativeImages1_v1.0.3705\System .Windows.Forms\1.0.3300.0__b77a5c561934e089_94c276 ef\System.Windows.Forms.dll
+ 2008-11-14 23:06:08 2,027,520 ----a-w c:\windows\assembly\NativeImages1_v1.0.3705\System .Xml\1.0.3300.0__b77a5c561934e089_35837344\System. Xml.dll
+ 2008-11-14 23:05:52 1,855,488 ----a-w c:\windows\assembly\NativeImages1_v1.0.3705\System \1.0.3300.0__b77a5c561934e089_f00b525a\System.dll
+ 2008-11-14 23:18:26 258,048 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\BDATun ePIA\6.0.3000.0__31bf3856ad364e35_1d316830\BDATune PIA.dll
+ 2008-11-14 23:17:02 159,744 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\ehCIR\ 6.0.3000.0__31bf3856ad364e35_7a063554\ehCIR.dll
+ 2008-11-14 23:18:16 2,326,528 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\EhCM\6 .0.3000.0__31bf3856ad364e35_4b53f795\EhCM.dll
+ 2008-11-14 23:18:24 299,008 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\ehcomm on\6.0.3000.0__31bf3856ad364e35_1d8ea7f6\ehcommon. dll
+ 2008-11-14 23:18:04 1,306,624 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\ehepg\ 6.0.3000.0__31bf3856ad364e35_a67683c1\ehepg.dll
+ 2008-11-14 23:17:04 167,936 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\ehepgd at\6.0.3000.0__31bf3856ad364e35_fac15188\ehepgdat. dll
+ 2008-11-14 23:18:54 167,936 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\ehExtC OM\6.0.3000.0__31bf3856ad364e35_4de99b3d\ehExtCOM. dll
+ 2008-11-14 23:19:10 155,648 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\ehExtH ost\6.0.3000.0__31bf3856ad364e35_c711b1a7\ehExtHos t.exe
+ 2008-11-14 23:16:50 10,752 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\ehiExt COM\6.0.3000.0__31bf3856ad364e35_bd5e2516\ehiExtCO M.dll
+ 2008-11-14 23:16:52 102,400 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\ehiExt ens\6.0.3000.0__31bf3856ad364e35_cf9cd740\ehiExten s.dll
+ 2008-11-14 23:17:38 266,240 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\ehiMsg r\6.0.3000.0__31bf3856ad364e35_06bf9958\ehiMsgr.dl l
+ 2008-11-14 23:17:06 380,928 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\ehiPla y\6.0.3000.0__31bf3856ad364e35_8635aa87\ehiPlay.dl l
+ 2008-11-14 23:17:08 565,248 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\ehiPro xy\6.0.3000.0__31bf3856ad364e35_c95b13f3\ehiProxy. dll
+ 2008-11-14 23:17:12 40,960 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\ehiUse rXp\6.0.3000.0__31bf3856ad364e35_bd6e6fff\ehiUserX p.dll
+ 2008-11-14 23:20:00 458,752 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\ehiVid Ctl\6.0.3000.0__31bf3856ad364e35_4f1c7c23\ehiVidCt l.dll
+ 2008-11-14 23:16:48 180,224 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\ehiwmp \6.0.3000.0__31bf3856ad364e35_84f5187b\ehiwmp.dll
+ 2008-11-14 23:18:30 69,632 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\ehiWUa pi\6.0.3000.0__31bf3856ad364e35_459e90ac\ehiWUapi. dll
+ 2008-11-14 23:17:00 684,032 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\ehRecO bj\6.0.3000.0__31bf3856ad364e35_dbb43063\ehRecObj. dll
+ 2008-11-14 23:19:08 6,336,512 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\ehshel l\6.0.3000.0__31bf3856ad364e35_c95b7367\ehshell.ex e
+ 2008-11-14 23:18:32 65,536 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\Micros oft.MediaCenter\6.0.3100.0__31bf3856ad364e35_88d78 ae8\Microsoft.MediaCenter.dll
+ 2008-11-14 23:18:52 20,480 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\SonicM CEBurnEngine\0.9.0.0__17c52700e9a64fd0_cda49350\SonicMCEBurnEngi ne.dll
- 2008-06-13 1450 272,128 ------w c:\windows\Driver Cache\i386\bthport.sys
+ 2008-06-13 12:05:52 272,128 ------w c:\windows\Driver Cache\i386\bthport.sys
- 2006-05-05 09:41:46 453,120 ------w c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2008-10-24 11:21:10 455,296 ------w c:\windows\Driver Cache\i386\mrxsmb.sys
- 2008-08-14 09:55:02 2,142,720 ------w c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2008-08-14 10:09:26 2,145,280 ------w c:\windows\Driver Cache\i386\ntkrnlmp.exe
- 2008-08-14 09:18:44 2,062,976 ------w c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2008-08-14 09:33:16 2,066,048 ------w c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2008-08-14 09:18:46 2,020,864 ------w c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2008-08-14 09:33:16 2,023,936 ------w c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2008-08-14 09:57:20 2,185,984 ------w c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2008-08-14 10:11:02 2,189,184 ------w c:\windows\Driver Cache\i386\ntoskrnl.exe
- 2007-06-13 11:23:08 1,033,216 ----a-w c:\windows\explorer.exe
+ 2008-04-14 00:12:20 1,033,728 ----a-w c:\windows\explorer.exe
- 2006-03-16 01:00:00 34,816 ------w c:\windows\Help\sniffpol.dll
+ 2008-04-14 00:12:06 34,816 ------w c:\windows\Help\sniffpol.dll
- 2006-03-16 01:00:00 33,280 ------w c:\windows\Help\sstub.dll
+ 2008-04-14 00:12:08 33,280 ------w c:\windows\Help\sstub.dll
- 2006-03-16 01:00:00 279,040 ------w c:\windows\Help\tshoot.dll
+ 2008-04-14 00:12:08 279,040 ------w c:\windows\Help\tshoot.dll
- 2005-05-26 23:22:02 10,752 ----a-w c:\windows\hh.exe
+ 2008-04-14 00:12:22 10,752 ----a-w c:\windows\hh.exe
+ 2008-04-14 00:11:48 61,440 ------w c:\windows\ie7\admparse.dll
+ 2008-04-14 00:11:48 99,840 ------w c:\windows\ie7\advpack.dll
+ 2008-04-14 00:11:52 357,888 ------w c:\windows\ie7\dxtmsft.dll
+ 2008-04-14 00:11:52 205,312 ------w c:\windows\ie7\dxtrans.dll
+ 2008-04-14 00:11:54 55,808 ------w c:\windows\ie7\extmgr.dll
+ 2008-04-14 00:11:54 38,912 ------w c:\windows\ie7\hmmapi.dll
+ 2008-04-14 00:12:22 34,304 ------w c:\windows\ie7\ie4uinit.exe
+ 2008-04-14 00:11:54 143,360 ------w c:\windows\ie7\ieakeng.dll
+ 2008-04-14 00:11:54 216,576 ------w c:\windows\ie7\ieaksie.dll
+ 2006-03-16 01:00:00 221,184 ------w c:\windows\ie7\ieakui.dll
+ 2008-04-14 00:11:54 323,584 ------w c:\windows\ie7\iedkcs32.dll
+ 2008-04-14 00:12:22 18,432 ------w c:\windows\ie7\iedw.exe
+ 2008-04-14 00:11:54 251,904 ------w c:\windows\ie7\iepeers.dll
+ 2008-04-14 00:11:54 48,640 ------w c:\windows\ie7\iernonce.dll
+ 2008-04-14 00:11:54 62,976 ------w c:\windows\ie7\iesetup.dll
+ 2008-04-14 00:12:22 93,184 ------w c:\windows\ie7\iexplore.exe
+ 2008-04-14 00:11:54 35,840 ------w c:\windows\ie7\imgutil.dll
+ 2008-04-14 00:11:56 96,256 ------w c:\windows\ie7\inseng.dll
+ 2008-04-14 00:11:56 15,872 ------w c:\windows\ie7\jsproxy.dll
+ 2008-04-14 00:11:56 22,016 ------w c:\windows\ie7\licmgr10.dll
+ 2008-04-14 00:12:28 29,184 ------w c:\windows\ie7\mshta.exe
+ 2008-08-20 05:30:54 3,067,904 ------w c:\windows\ie7\mshtml.dll
+ 2008-04-14 00:12:00 449,024 ------w c:\windows\ie7\mshtmled.dll
+ 2008-04-13 16:26:26 56,832 ------w c:\windows\ie7\mshtmler.dll
+ 2006-03-16 01:00:00 146,432 ------w c:\windows\ie7\msls31.dll
+ 2008-04-14 00:12:00 146,432 ------w c:\windows\ie7\msrating.dll
+ 2008-04-14 00:12:00 532,480 ------w c:\windows\ie7\mstime.dll
+ 2008-04-14 00:12:02 96,256 ------w c:\windows\ie7\occache.dll
+ 2008-04-14 00:12:02 39,424 ------w c:\windows\ie7\pngfilt.dll
+ 2007-08-13 17:54:42 32,960 ------w c:\windows\ie7\spuninst\iecustom.dll
+ 2007-08-13 17:52:06 66,048 ----a-w c:\windows\ie7\spuninst\ieResetIcons.exe
+ 2006-09-06 16:43:16 213,216 ------w c:\windows\ie7\spuninst\spuninst.exe
+ 2006-09-06 16:43:18 371,424 ------w c:\windows\ie7\spuninst\updspapi.dll
Responder Con Cita
Respuesta
Página 1 de 2 1 2

« Tema Anterior | Próximo Tema »
Herramientas

Reglas del foro
No puedes crear nuevos temas
No puedes responder temas
No puedes subir adjuntos
No puedes editar tus mensajes
BB code is activado
Las caritas están activado
Código [IMG] está activado
Código HTML está desactivado
Trackbacks are desactivado
Pingbacks are activado
Refbacks are activado

Temas Similares
Tema Autor Foro Respuestas Último mensaje
Pop Ups CiD o similar... T_T (Solucionado) Javito13 Temas Solucionados 6 22/04/08 18:22:47
Firefox pop ups (Solucionado) totolitox Temas Solucionados 3 23/07/06 04:12:36
Mi log, pop ups, cambio d pagina inicio, errores... (Solucionado) manu_tf Temas Solucionados 15 17/04/06 18:31:52
La maquina esta lenta y hay una lluvia de pop ups (Solucionado) DjZoros Temas Solucionados 9 01/04/06 19:10:30
me salen pop ups sin tener el internet explorer - [solucionado] serch Temas Solucionados 8 27/03/05 15:27:59




Todas las horas son GMT -4. La hora es 01:02:12.

Sobre Infospyware - Contáctanos - Políticas del Foro - Staff - Archivo - Blog  

Powered by: InfoSpyware, Versión 3.8.4
Copyright © 2004 - 2009, ForoSpyware.com
© Copyright 2005 - 2009 InfoSpyware ® Todos los derechos reservados.
InfoSpyware es miembro de ASAP - Alliance of Security Analysis Professionals

 

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31