Blog Registrarse Manuales Programas Glosario

Regresar   Foro de Spyware » Spyware - Adware - Hijackers - Malwares » Foro Oficial de HijackThis en español
Actualizar Virus bloquea actividad PC
 

Para evitar Virus, Spyware y otros Malwares, te recomendamos mantenerte informado en: InfoSpyware Blog


Foro Oficial de HijackThis en español Analizamos tu log de HijackThis para eliminar Hijackers, Spyware, Adware, ToolBars, Virus, Troyanos y Malwares en gral. Antes lea las Políticas del Foro de HijackThis.

Respuesta
Página 1 de 2 1 2
 
Enviar a: Herramientas
  post #1  
Antiguo 06/10/09, 04:51:49
Usuario
  
Registrado: jul 2009
Ubicación: madrid
Mensajes: 11
Malware Virus bloquea actividad PC
Buenos dias

Estoy luchando desde el domingo con una infeccion que me bloquea, despues de unos minutos del arranque, cualquier actividad del PC, sea la que sea.

Pincho con el puntero del ratón sobre cualquier icono, y no pasa nada..
No me deja apagar el PC porque tambien bloquea la barra de windows.
CTL-ALT-SUP no hace nada.
Si estoy descargando algo, se queda colgado con la barra de progreso detenida.
Pasando el antivirus, se queda en un x% y no pasa nada más
El superantispyware se queda colgado bajando la actualización de virus, asi que no puedo ejecutarlo.
Lo desinstalo para volver a instalar y se queda colgado en medio de la desinstalacion
etc, etc, etc

En fin un desastre
Tengo XP SP3 y Mcafee permanentemente actualizado

Aqui os pasteo el log de hijacthis que consegui copiar en una unidad usb antes de que el pc se quedara nuevamente colgado.

Agradezco desde ya vuestra ayuda que siempre me ha resultado muy util.
Salu2


QUOTE
--------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:57:51, on 05/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Winamp\winampa.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\WINDOWS\system32\WDBtnMgr.exe
C:\Program Files\Ahead\ODD Toolkit\DVDTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\LaCie\Backup Software\LaCieBackup.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Telefonica\Kit ADSL USB\dslmon.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\My Book\WD Backup\uBBMonitor.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\drwtsn32.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://es.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://es.search.yahoo.com/search?fr=mcafee&p=%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://support.euro.dell.com/segment.asp?country=es&language=es
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [EPSON Stylus Photo R200 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0H 2.EXE /P30 "EPSON Stylus Photo R200 Series" /O6 "USB002" /M "Stylus Photo R200"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [DVDTray] C:\Program Files\Ahead\ODD Toolkit\DVDTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [LaCie Backup] C:\Program Files\LaCie\Backup Software\\LaCieBackup.exe /background
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
O4 - HKCU\..\Run: [WAB] C:\Documents and Settings\y\Application Data\Macromedia\Common\2a29604a19.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [rundll32.exe] (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [WAB] C:\Documents and Settings\y\Application Data\Macromedia\Common\2a29604a19.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: mhbupd32.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: mhbupd32.exe (User 'Default user')
O4 - Startup: mhbupd32.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Consola KIT ADSL.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: WD Backup Monitor.lnk = C:\Program Files\My Book\WD Backup\uBBMonitor.exe
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.cert.fnmt.es
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {7A252985-D109-46C7-9667-4D30A70006A2} (SIACrypto Class) - https://www.delta.mtas.es/activex/deltaActiveX.dll
O16 - DPF: {B785FA3C-1DE9-4D20-8396-613C486FE95E} (AeatCtl Class) - https://www4.aeat.es/es13/h/cactivex.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://80.34.88.249/activex/AMC.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Intel® Quick Resume Technology Drivers (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 15464 bytes


UNQUOTE
-----------
Responder Con Cita
InfoSpyware

  post #2  
Antiguo 06/10/09, 09:53:29
Avatar de Leosolari
Moderador
  
Registrado: jun 2007
Ubicación: argentina
Mensajes: 17.100
Re: Virus bloquea actividad PC
Hola manolitachen


Descarga lo siguiente:

º CCLEANER. Lo instalas según Su Manual

º MALWAREBYTE´S. Lo instalas y actualizas según su manual, PERO NO LO EJECUTES AUN



Cierra todos los programas, ejecutas HijackThis , tildas las casillas de estas entradas y presionas "FIX Cheked"


O4 - S-1-5-18 Startup: mhbupd32.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: mhbupd32.exe (User 'Default user')
O4 - Startup: mhbupd32.exe



Ejecuta CCLEANER usando sus opciones "Limpiador" y "Registro".


Ejecuta MALWAREBYTE´S.
Hacé un "escaneo completo". Una vez finalizado, si te detecta algo eliges " quitar lo seleccionado ".
Si te pide reiniciar, lo haces.


En tu próxima respuesta, debes poner lo siguiente:

º El reporte de malwarebyte´s, que se encuentra en su pestaña REGISTROS
º Un nuevo log de Hijackthis
º Como funciona tu pc ahora

Saludos
NO DESESPERES....SIGUE LUCHANDO.

Novedades del Foro | Antivirus Online | Eliminar Malwares | Políticas del Foro | Blog

* Ayúdanos haciendo una DONACIÓN para poder seguir Ayudando.
* Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
* No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.
Responder Con Cita
  post #3  
Antiguo 07/10/09, 06:51:05
Usuario
  
Registrado: jul 2009
Ubicación: madrid
Mensajes: 11
Re: Virus bloquea actividad PC
Muchas gracias por tu rapida respuesta, Leosolari.

He intentado hacer lo que indicabas con resultado nefasto.

El ccleaner, bien
Sin embargo, después de instalar el malwarebyte, no pude actualizarlo porque el pc se queda colgado "conectando con malwarebyte.org"
Corrí el programa de todas formas, y se quedó colgado cuando llevaba examinado un 25% aprox.
Hasta ese momento habia detectado varias infecciones del "backdoor.bot" en varias claves del registro correspondientes el explorer en HKEY_USERS/DEFAULT, pero no deja eleminarlas (tambien se queda colgado con el mensaje "poniendo en cuarentena")

Arranque en safe mode y volvi a correr el malwarebyte.
Ahora sí completó el escaneo, detectó nuevamente amenazas, y tampoco dejó eliminarlas (mismo mensaje, mismo bloqueo).
Como temía que se bloquease al intentar eliminar, saqué el log antes de dar la orden.
Luego saqué el log de hijackthis.

Aquí van los dos logs.
Nuevamente, muchas gracias


QUOTE
---------
Malwarebytes' Anti-Malware 1.41
Versión de la Base de Datos: 2775
Windows 5.1.2600 Service Pack 3 (Safe Mode)

07/10/2009 8:28:36
mbam-log-2009-10-07 (08-28-26).txt

Tipo de examen : Examen Completo (C:\|)
Objetos examinados: 238916
Tiempo transcurrido: 41 minute(s), 25 second(s)

Procesos en Memoria Infectados: 0
Módulos en Memoria Infectados: 0
Claves del Registro Infectadas: 3
Valores del Registro Infectados: 2
Elementos de Datos del Registro Infectados: 8
Carpetas Infectadas: 0
Ficheros Infectados: 5

Procesos en Memoria Infectados:
(No se han detectado elementos maliciosos)

Módulos en Memoria Infectados:
(No se han detectado elementos maliciosos)

Claves del Registro Infectadas:
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\Cur rentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> No action taken.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explo rer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> No action taken.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explo rer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> No action taken.

Valores del Registro Infectados:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run\rundll32.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\UID (Malware.Trace) -> No action taken.

Elementos de Datos del Registro Infectados:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\aux1 (Hijack.Sound) -> Bad: (C:\DOCUME~1\y\APPLIC~1\MACROM~1\Common\2a29604a1. dll) Good: (wdmaud.drv) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\aux2 (Hijack.Sound) -> Bad: (C:\DOCUME~1\y\APPLIC~1\MACROM~1\Common\2a29604a1. dll) Good: (wdmaud.drv) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\midi1 (Hijack.Sound) -> Bad: (C:\DOCUME~1\y\APPLIC~1\MACROM~1\Common\2a29604a1. dll) Good: (wdmaud.drv) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\midi2 (Hijack.Sound) -> Bad: (C:\DOCUME~1\y\APPLIC~1\MACROM~1\Common\2a29604a1. dll) Good: (wdmaud.drv) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\mixer1 (Hijack.Sound) -> Bad: (C:\DOCUME~1\y\APPLIC~1\MACROM~1\Common\2a29604a1. dll) Good: (wdmaud.drv) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\mixer2 (Hijack.Sound) -> Bad: (C:\DOCUME~1\y\APPLIC~1\MACROM~1\Common\2a29604a1. dll) Good: (wdmaud.drv) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\wave1 (Hijack.Sound) -> Bad: (C:\DOCUME~1\y\APPLIC~1\MACROM~1\Common\2a29604a1. dll) Good: (wdmaud.drv) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\wave2 (Hijack.Sound) -> Bad: (C:\DOCUME~1\y\APPLIC~1\MACROM~1\Common\2a29604a1. dll) Good: (wdmaud.drv) -> No action taken.

Carpetas Infectadas:
(No se han detectado elementos maliciosos)

Ficheros Infectados:
C:\Documents and Settings\y\Application Data\Macromedia\Common\2a29604a1.dll (Hijack.Sound) -> No action taken.
C:\Documents and Settings\y\Application Data\wiaserva.log (Malware.Trace) -> No action taken.
C:\WINDOWS\system32\sdra64.exe (Trojan.FakeAlert) -> No action taken.
C:\WINDOWS\msacm32.drv (Trojan.Agent) -> No action taken.
C:\WINDOWS\wuasirvy.dll (Trojan.Banker) -> No action taken.

UNQUOTE
------------





QUOTE
---------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:37:01, on 07/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\WINDOWS\system32\WDBtnMgr.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Ahead\ODD Toolkit\DVDTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\LaCie\Backup Software\LaCieBackup.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Telefonica\Kit ADSL USB\dslmon.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\My Book\WD Backup\uBBMonitor.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://es.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://es.search.yahoo.com/search?fr=mcafee&p=%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://support.euro.dell.com/segment.asp?country=es&language=es
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [EPSON Stylus Photo R200 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0H 2.EXE /P30 "EPSON Stylus Photo R200 Series" /O6 "USB002" /M "Stylus Photo R200"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [DVDTray] C:\Program Files\Ahead\ODD Toolkit\DVDTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [LaCie Backup] C:\Program Files\LaCie\Backup Software\\LaCieBackup.exe /background
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
O4 - HKCU\..\Run: [WAB] C:\Documents and Settings\y\Application Data\Macromedia\Common\2a29604a19.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [rundll32.exe] (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [WAB] C:\Documents and Settings\y\Application Data\Macromedia\Common\2a29604a19.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Consola KIT ADSL.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: WD Backup Monitor.lnk = C:\Program Files\My Book\WD Backup\uBBMonitor.exe
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.cert.fnmt.es
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {7A252985-D109-46C7-9667-4D30A70006A2} (SIACrypto Class) - https://www.delta.mtas.es/activex/deltaActiveX.dll
O16 - DPF: {B785FA3C-1DE9-4D20-8396-613C486FE95E} (AeatCtl Class) - https://www4.aeat.es/es13/h/cactivex.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://80.34.88.249/activex/AMC.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Intel® Quick Resume Technology Drivers (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 15404 bytes

UNQUOTE
------------
Responder Con Cita
  post #4  
Antiguo 07/10/09, 08:41:45
Avatar de Leosolari
Moderador
  
Registrado: jun 2007
Ubicación: argentina
Mensajes: 17.100
Re: Virus bloquea actividad PC
Hola

- Descarga la herramienta ComboFix.exe y guárdala en el escritorio.
  • Desactiva temporalmente el Antivirus y/o Antispyware.
  • Cierra todas las ventanas abiertas.
  • Hacele doble clic al archivo ComboFix.exe y seguí las instrucciones.
  • Cuando termine, generara un registro en C:\ComboFix.txt.
    • *Nota* Mientras CF este trabajando no mover el mouse ya que pararía su proceso.
    • *Nota* ComboFix puede reiniciar automáticamente el PC para completar el proceso de eliminación.
Cita:
Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.
  • Reinicia y pega el reporte de C:\ComboFix.txt en este mismo mensaje.


Cita:
PD: No vuelvas a ejecutar ComboFix ni ningun otro programa antivirus hasta que vuelva con una respuesta, ya que puedes hacer cambiar las cosas.
NO DESESPERES....SIGUE LUCHANDO.

Novedades del Foro | Antivirus Online | Eliminar Malwares | Políticas del Foro | Blog

* Ayúdanos haciendo una DONACIÓN para poder seguir Ayudando.
* Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
* No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.
Responder Con Cita
  post #5  
Antiguo 07/10/09, 12:15:19
Usuario
  
Registrado: jul 2009
Ubicación: madrid
Mensajes: 11
Re: Virus bloquea actividad PC
Buenas tardes (españolas) Leosolari
Muchas gracias de nuevo

No he podido correr el combofix en modo normal porque se quedaba colgado en el stage 30 o asi.
Asi que lo ejecuté en safe mode ... no sé si eso influye en las acciones o el resultado.

Mi impresión es que algo ha mejorado, porque ya llevo 15 minutos en modo normal y todavia no se ha colgado, pero aun no me atrevo a gritar ¡¡¡ hurraaaaaaaaa !!! (espero a que me autorizes)

Pego el log de combofix en dos trozos porque me ha salido un mensaje diciendo que tiene demasiados caracteres y que lo acorte.

Salu2


QUOTE
---------

ComboFix 09-10-06.04 - y 07/10/2009 16:48.5.2 - NTFSx86 MINIMAL
Microsoft Windows XP Professional 5.1.2600.3.1252.34.1033.18.1022.663 [GMT 2:00]
Running from: c:\documents and settings\y\Desktop\ComboFix.exe
AV: McAfee VirusScan *On-access scanning disabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\y\Application Data\wiaserva.log
c:\documents and settings\y\My Documents\cc_20091006_184337.reg
c:\windows\AUTOLNCH.REG
c:\windows\Installer\3b44b.msi
c:\windows\msacm32.drv
c:\windows\sdfixwcs.dll
c:\windows\system32\logs
c:\windows\system32\logs\{0FD21F50-AD91-4B69-98AC-1A0F9472A44D}.log
c:\windows\system32\sdra64.exe
c:\windows\system32\wbem\proquota.exe
c:\windows\wuasirvy.dll

c:\windows\system32\proquota.exe was missing
Restored copy from - c:\windows\ServicePackFiles\i386\proquota.exe

.
((((((((((((((((((((((((( Files Created from 2009-09-07 to 2009-10-07 )))))))))))))))))))))))))))))))
.

2009-10-07 14:54 . 2008-04-14 00:12 50176 ----a-w- c:\windows\system32\proquota.exe
2009-10-06 18:58 . 2009-09-10 12:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-06 18:58 . 2009-09-10 12:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-06 18:58 . 2009-10-06 18:58 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-06 05:35 . 2009-10-06 05:35 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-10-05 15:26 . 2009-10-06 04:19 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-10-05 14:44 . 2009-10-06 04:16 -------- d-----w- c:\program files\SpywareBlaster
2009-10-05 14:43 . 2009-10-05 14:43 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-10-05 14:43 . 2009-10-06 05:47 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-10-05 14:43 . 2009-10-05 14:43 -------- d-----w- c:\documents and settings\y\Application Data\SUPERAntiSpyware.com
2009-10-05 14:34 . 2009-10-05 14:34 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2009-10-04 07:08 . 2009-10-04 07:08 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCach e
2009-09-28 19:03 . 2009-09-16 12:25 712704 ----a-w- c:\windows\system32\Gisscide.dll
2009-09-28 19:03 . 2009-08-31 12:41 4739116 ----a-w- c:\windows\system32\etfile32.dll
2009-09-28 19:03 . 2009-08-31 12:40 626688 ----a-w- c:\windows\system32\entapi32.dll
2009-09-28 19:03 . 2009-08-31 12:40 430080 ----a-w- c:\windows\system32\enterr.dll
2009-09-24 22:59 . 2009-09-24 22:59 104512 ----a-w- c:\windows\system32\drivers\AnyDVD.sys
2009-09-11 17:08 . 2009-09-11 17:08 24744 ----a-w- c:\windows\system32\drivers\ElbyCDIO.sys
2009-09-09 19:11 . 2009-06-21 21:44 153088 ------w- c:\windows\system32\dllcache\triedit.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2009-10-03 08:35 . 2009-03-12 20:00 -------- d-----w- c:\documents and settings\y\Application Data\dvdcss
2009-10-03 07:34 . 2008-10-01 05:13 -------- d-----w- c:\documents and settings\LocalService\Application Data\SACore
2009-10-02 04:56 . 2009-01-23 15:56 -------- d-----w- c:\program files\Mozilla Thunderbird
2009-09-25 07:18 . 2009-03-27 06:43 -------- d-----w- c:\program files\Allok RM RMVB to AVI MPEG DVD Converter
2009-09-24 14:37 . 2007-09-22 07:57 -------- d-----w- c:\documents and settings\All Users\Application Data\DVD Shrink
2009-09-14 04:09 . 2006-04-03 07:47 -------- d-----w- c:\program files\McAfee
2009-09-10 06:19 . 2006-08-11 05:13 20 ---h--w- c:\documents and settings\All Users\Application Data\PKP_DLec.DAT
2009-08-31 15:40 . 2006-04-07 14:27 102944 ----a-w- c:\documents and settings\y\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-08-05 09:01 . 2005-12-05 23:18 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-07-17 19:01 . 2005-12-05 23:18 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-16 10:32 . 2007-02-17 11:23 120136 ----a-w- c:\windows\system32\drivers\Mpfp.sys
2009-07-13 08:08 . 2005-12-05 23:19 286720 ----a-w- c:\windows\system32\wmpdxm.dll
2006-06-09 15:59 . 2006-04-07 14:27 104 --sh--r- c:\windows\system32\094686BB2B.sys
2007-01-18 13:09 . 2006-05-16 04:46 88 --sh--r- c:\windows\system32\2BBB864609.sys
2007-01-18 13:09 . 2006-04-07 14:27 5852 --sha-w- c:\windows\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((( SnapShot_2009-07-31_03.53.46 )))))))))))))))))))))))))))))))))))))))))
.
+ 2005-12-05 23:18 . 2009-06-25 08:25 54272 c:\windows\system32\wdigest.dll
+ 2007-01-29 08:58 . 2009-07-14 11:03 46080 c:\windows\system32\tzchange.exe
+ 2008-07-29 19:10 . 2008-07-29 19:10 26112 c:\windows\system32\TsWpfWrp.exe
+ 2005-12-05 23:18 . 2009-06-12 12:31 80896 c:\windows\system32\tlntsess.exe
+ 2005-12-05 23:18 . 2009-06-12 12:31 76288 c:\windows\system32\telnet.exe
+ 2007-04-02 15:47 . 2008-07-06 12:06 89088 c:\windows\system32\spool\prtprocs\w32x86\filterpi pelineprintproc.dll
- 2005-12-05 23:18 . 2009-02-03 19:59 56832 c:\windows\system32\secur32.dll
+ 2005-12-05 23:18 . 2009-06-25 08:25 56832 c:\windows\system32\secur32.dll
+ 2008-07-29 17:59 . 2008-07-29 17:59 43544 c:\windows\system32\PresentationHostProxy.dll
+ 2005-12-05 23:18 . 2009-08-31 08:35 71732 c:\windows\system32\perfc009.dat
- 2007-10-23 23:47 . 2007-10-23 23:47 15360 c:\windows\system32\mui\0409\mscorees.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 15360 c:\windows\system32\mui\0409\mscorees.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 83968 c:\windows\system32\mscories.dll
+ 2008-07-29 17:24 . 2008-07-29 17:24 97800 c:\windows\system32\infocardapi.dll
+ 2008-07-29 17:24 . 2008-07-29 17:24 11264 c:\windows\system32\icardres.dll
+ 2008-07-29 19:10 . 2008-07-29 19:10 73720 c:\windows\system32\dxva2.dll
- 2007-02-17 11:23 . 2009-03-25 09:06 40552 c:\windows\system32\drivers\mfesmfk.sys
+ 2007-02-17 11:23 . 2009-07-08 11:44 40552 c:\windows\system32\drivers\mfesmfk.sys
+ 2007-02-17 11:23 . 2009-07-08 11:43 34248 c:\windows\system32\drivers\mferkdk.sys
- 2007-02-17 11:23 . 2009-03-25 09:06 35272 c:\windows\system32\drivers\mfebopk.sys
+ 2007-02-17 11:23 . 2009-07-08 11:44 35272 c:\windows\system32\drivers\mfebopk.sys
+ 2007-02-17 11:23 . 2009-07-08 11:44 79816 c:\windows\system32\drivers\mfeavfk.sys
+ 2005-12-05 23:18 . 2009-06-24 11:18 92928 c:\windows\system32\drivers\ksecdd.sys
+ 2009-06-25 08:25 . 2009-06-25 08:25 54272 c:\windows\system32\dllcache\wdigest.dll
+ 2009-06-12 12:31 . 2009-06-12 12:31 80896 c:\windows\system32\dllcache\tlntsess.exe
+ 2009-06-12 12:31 . 2009-06-12 12:31 76288 c:\windows\system32\dllcache\telnet.exe
+ 2009-02-03 19:59 . 2009-06-25 08:25 56832 c:\windows\system32\dllcache\secur32.dll
- 2009-02-03 19:59 . 2009-02-03 19:59 56832 c:\windows\system32\dllcache\secur32.dll
+ 2009-06-24 11:18 . 2009-06-24 11:18 92928 c:\windows\system32\dllcache\ksecdd.sys
+ 2006-10-14 14:43 . 2008-07-06 12:06 89088 c:\windows\system32\dllcache\filterpipelineprintpr oc.dll
+ 2009-06-10 14:13 . 2009-06-10 14:13 84992 c:\windows\system32\dllcache\avifil32.dll
+ 2009-07-17 19:01 . 2009-07-17 19:01 58880 c:\windows\system32\dllcache\atl.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 96760 c:\windows\system32\dfshim.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 96760 c:\windows\system32\dfshim.dll
+ 2009-08-01 05:29 . 2009-10-06 16:33 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2006-04-07 14:12 . 2009-10-06 16:33 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2006-04-07 14:12 . 2009-07-31 03:37 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2009-10-04 07:08 . 2009-10-04 07:08 16384 c:\windows\system32\config\systemprofile\IETldCach e\index.dat
+ 2006-04-07 14:12 . 2009-10-06 16:33 32768 c:\windows\system32\config\systemprofile\Cookies\i ndex.dat
- 2006-04-07 14:12 . 2009-07-31 03:37 32768 c:\windows\system32\config\systemprofile\Cookies\i ndex.dat
+ 2005-12-05 23:18 . 2009-06-10 14:13 84992 c:\windows\system32\avifil32.dll
- 2005-12-05 23:18 . 2008-04-14 00:11 84992 c:\windows\system32\avifil32.dll
+ 2008-07-29 21:40 . 2008-07-29 21:40 70648 c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
+ 2008-07-29 21:40 . 2008-07-29 21:40 91136 c:\windows\Microsoft.NET\Framework\v3.5\MSBuild.ex e
+ 2008-07-29 21:40 . 2008-07-29 21:40 41984 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft. VisualC.STLCLR.dll
+ 2008-07-29 21:40 . 2008-07-29 21:40 40960 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft. Data.Entity.Build.Tasks.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 89080 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2052.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 92664 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1042.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 95224 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1041.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 89592 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1028.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 84480 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2052.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 94720 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1042.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 97792 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1041.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 84992 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1028.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 97280 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\DeleteTemp.exe
+ 2008-07-29 21:40 . 2008-07-29 21:40 95224 c:\windows\Microsoft.NET\Framework\v3.5\EdmGen.exe
+ 2008-07-29 21:40 . 2008-07-29 21:40 78856 c:\windows\Microsoft.NET\Framework\v3.5\DataSvcUti l.exe
+ 2008-07-29 21:40 . 2008-07-29 21:40 41984 c:\windows\Microsoft.NET\Framework\v3.5\AddInUtil. exe
+ 2008-07-29 21:40 . 2008-07-29 21:40 41992 c:\windows\Microsoft.NET\Framework\v3.5\AddInProce ss32.exe
+ 2008-07-29 21:40 . 2008-07-29 21:40 41992 c:\windows\Microsoft.NET\Framework\v3.5\AddInProce ss.exe
+ 2008-07-29 19:10 . 2008-07-29 19:10 46104 c:\windows\Microsoft.NET\Framework\v3.0\WPF\Presen tationFontCache.exe
+ 2008-07-29 17:59 . 2008-07-29 17:59 32768 c:\windows\Microsoft.NET\Framework\v3.0\WPF\Presen tationCFFRasterizer.dll
- 2006-10-20 19:21 . 2006-10-20 19:21 32768 c:\windows\Microsoft.NET\Framework\v3.0\WPF\Presen tationCFFRasterizer.dll
+ 2008-07-29 19:10 . 2008-07-29 19:10 71160 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PenIMC .dll
+ 2008-07-29 17:32 . 2008-07-29 17:32 17448 c:\windows\Microsoft.NET\Framework\v3.0\Windows Workflow Foundation\PerformanceCounterInstaller.exe
+ 2008-07-29 17:16 . 2008-07-29 17:16 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
+ 2008-07-29 17:16 . 2008-07-29 17:16 73728 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.Install.dll
+ 2008-07-29 17:16 . 2008-07-29 17:16 20504 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceMonikerSupport.dll
+ 2008-07-29 17:16 . 2008-07-29 17:16 11280 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 37896 c:\windows\Microsoft.NET\Framework\v2.0.50727\WMIN et_Utils.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 37896 c:\windows\Microsoft.NET\Framework\v2.0.50727\WMIN et_Utils.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 81400 c:\windows\Microsoft.NET\Framework\v2.0.50727\TLBR EF.DLL
- 2007-10-23 23:47 . 2007-10-23 23:47 81400 c:\windows\Microsoft.NET\Framework\v2.0.50727\TLBR EF.DLL
+ 2008-07-25 09:17 . 2008-07-25 09:17 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\Syst em.Web.RegularExpressions.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 57392 c:\windows\Microsoft.NET\Framework\v2.0.50727\Syst em.EnterpriseServices.Thunk.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 57392 c:\windows\Microsoft.NET\Framework\v2.0.50727\Syst em.EnterpriseServices.Thunk.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\Syst em.Drawing.Design.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\Syst em.Drawing.Design.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\Syst em.Configuration.Install.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\Syst em.Configuration.Install.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 95232 c:\windows\Microsoft.NET\Framework\v2.0.50727\ShFu sRes.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 95232 c:\windows\Microsoft.NET\Framework\v2.0.50727\ShFu sRes.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 16896 c:\windows\Microsoft.NET\Framework\v2.0.50727\sbsc mp20_mscorlib.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 16896 c:\windows\Microsoft.NET\Framework\v2.0.50727\sbsc mp20_mscorlib.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 61952 c:\windows\Microsoft.NET\Framework\v2.0.50727\regt libv12.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17 61952 c:\windows\Microsoft.NET\Framework\v2.0.50727\regt libv12.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegS vcs.exe
- 2007-10-23 23:47 . 2007-10-23 23:47 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegS vcs.exe
- 2007-10-23 23:47 . 2007-10-23 23:47 53248 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegA sm.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17 53248 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegA sm.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17 88584 c:\windows\Microsoft.NET\Framework\v2.0.50727\Perf Counter.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 24584 c:\windows\Microsoft.NET\Framework\v2.0.50727\norm alization.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 24584 c:\windows\Microsoft.NET\Framework\v2.0.50727\norm alization.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 31744 c:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\ 0409\mscorsecr.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 31744 c:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\ 0409\mscorsecr.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 19456 c:\windows\Microsoft.NET\Framework\v2.0.50727\msco rtim.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 19456 c:\windows\Microsoft.NET\Framework\v2.0.50727\msco rtim.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe
- 2007-10-23 23:47 . 2007-10-23 23:47 18944 c:\windows\Microsoft.NET\Framework\v2.0.50727\msco rsn.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 18944 c:\windows\Microsoft.NET\Framework\v2.0.50727\msco rsn.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 77312 c:\windows\Microsoft.NET\Framework\v2.0.50727\msco rsec.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 77312 c:\windows\Microsoft.NET\Framework\v2.0.50727\msco rsec.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 94208 c:\windows\Microsoft.NET\Framework\v2.0.50727\msco rld.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 94208 c:\windows\Microsoft.NET\Framework\v2.0.50727\msco rld.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 46592 c:\windows\Microsoft.NET\Framework\v2.0.50727\msco rie.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 83456 c:\windows\Microsoft.NET\Framework\v2.0.50727\msco rdbc.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 83456 c:\windows\Microsoft.NET\Framework\v2.0.50727\msco rdbc.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBu ild.exe
- 2007-10-23 23:47 . 2007-10-23 23:47 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBu ild.exe
- 2007-10-23 23:47 . 2007-10-23 23:47 97792 c:\windows\Microsoft.NET\Framework\v2.0.50727\MmcA spExt.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 97792 c:\windows\Microsoft.NET\Framework\v2.0.50727\MmcA spExt.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 12800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Micr osoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 12800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Micr osoft.Vsa.Vb.CodeDOMProcessor.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\Micr osoft.Vsa.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\Micr osoft.Vsa.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\Micr osoft.VisualBasic.Vsa.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\Micr osoft.VisualBasic.Vsa.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\Micr osoft.Build.Utilities.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\Micr osoft.Build.Utilities.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\Micr osoft.Build.Framework.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\Micr osoft.Build.Framework.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc. exe
- 2007-10-23 23:47 . 2007-10-23 23:47 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc. exe
+ 2008-07-25 09:17 . 2008-07-25 09:17 72192 c:\windows\Microsoft.NET\Framework\v2.0.50727\ISym Wrapper.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 72192 c:\windows\Microsoft.NET\Framework\v2.0.50727\ISym Wrapper.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 65032 c:\windows\Microsoft.NET\Framework\v2.0.50727\Inst allUtilLib.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 65032 c:\windows\Microsoft.NET\Framework\v2.0.50727\Inst allUtilLib.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\Inst allUtil.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\Inst allUtil.exe
- 2007-10-23 23:47 . 2007-10-23 23:47 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEHo st.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEHo st.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 18936 c:\windows\Microsoft.NET\Framework\v2.0.50727\fusi on.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 18936 c:\windows\Microsoft.NET\Framework\v2.0.50727\fusi on.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 62968 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfdl l.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 35320 c:\windows\Microsoft.NET\Framework\v2.0.50727\cvtr es.exe
+ 2008-07-25 09:16 . 2008-07-25 09:16 35320 c:\windows\Microsoft.NET\Framework\v2.0.50727\cvtr es.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17 69120 c:\windows\Microsoft.NET\Framework\v2.0.50727\Cust omMarshalers.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 69120 c:\windows\Microsoft.NET\Framework\v2.0.50727\Cust omMarshalers.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 27136 c:\windows\Microsoft.NET\Framework\v2.0.50727\Cult ure.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 27136 c:\windows\Microsoft.NET\Framework\v2.0.50727\Cult ure.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\csco mpmgd.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\csco mpmgd.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 80376 c:\windows\Microsoft.NET\Framework\v2.0.50727\csc. exe
- 2007-10-23 23:47 . 2007-10-23 23:47 80376 c:\windows\Microsoft.NET\Framework\v2.0.50727\csc. exe
+ 2008-07-25 09:17 . 2008-07-25 09:17 89608 c:\windows\Microsoft.NET\Framework\v2.0.50727\CORP erfMonExt.dll
+ 2008-11-25 02:59 . 2008-11-25 02:59 31560 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspn et_wp.exe
+ 2008-07-25 09:16 . 2008-07-25 09:16 34312 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspn et_state.exe
+ 2008-07-25 09:16 . 2008-07-25 09:16 33288 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspn et_regiis.exe
- 2007-10-23 23:47 . 2007-10-23 23:47 24576 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspn et_regbrowsers.exe
+ 2008-07-25 09:16 . 2008-07-25 09:16 24576 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspn et_regbrowsers.exe
- 2007-10-23 23:47 . 2007-10-23 23:47 84480 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspn et_rc.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 84480 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspn et_rc.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 33800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Aspn et_perf.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 17416 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspn et_isapi.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 22024 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspn et_filter.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 22024 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspn et_filter.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspn et_compiler.exe
+ 2008-07-25 09:16 . 2008-07-25 09:16 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspn et_compiler.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17 58880 c:\windows\Microsoft.NET\Framework\v2.0.50727\AppL aunch.exe
+ 2008-07-25 09:16 . 2008-07-25 09:16 98808 c:\windows\Microsoft.NET\Framework\v2.0.50727\alin k.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\Acce ssibility.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\Acce ssibility.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 13824 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033 \CvtResUI.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 13824 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033 \CvtResUI.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033 \alinkui.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033 \alinkui.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 96768 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscor mmc.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 16896 c:\windows\Microsoft.NET\Framework\SharedReg12.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 16896 c:\windows\Microsoft.NET\Framework\SharedReg12.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 16896 c:\windows\Microsoft.NET\Framework\sbscmp20_perfco unter.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 16896 c:\windows\Microsoft.NET\Framework\sbscmp20_perfco unter.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 16896 c:\windows\Microsoft.NET\Framework\sbscmp20_mscorw ks.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 16896 c:\windows\Microsoft.NET\Framework\sbscmp20_mscorw ks.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 16896 c:\windows\Microsoft.NET\Framework\sbscmp10.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 16896 c:\windows\Microsoft.NET\Framework\sbscmp10.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 82944 c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe
+ 2008-07-25 09:16 . 2008-07-25 09:16 82944 c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe
+ 2008-07-29 19:07 . 2008-07-29 19:07 23040 c:\windows\Installer\d0ffa4.msp
+ 2009-08-31 08:28 . 2009-08-31 08:28 88576 c:\windows\Installer\ccc786.msi
+ 2009-10-06 05:47 . 2009-10-06 05:47 65024 c:\windows\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF15.exe
+ 2009-10-06 05:47 . 2009-10-06 05:47 18944 c:\windows\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF13.exe
+ 2009-08-31 08:29 . 2008-07-06 12:06 89088 c:\windows\Driver Cache\i386\filterpipelineprintproc.dll
+ 2009-08-31 15:41 . 2009-08-31 15:41 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIA utomationProvider\a715aa442ef87ae99b3ade185599249d \UIAutomationProvider.ni.dll
+ 2009-08-31 16:10 . 2009-08-31 16:10 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Windows.Pres#\423f794d1f4ed6e120fbb02e436491cb \System.Windows.Presentation.ni.dll
+ 2009-08-31 16:10 . 2009-08-31 16:10 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Web.DynamicD#\19ca1747c1ea18a3b639b302bca8df93 \System.Web.DynamicData.Design.ni.dll
+ 2009-08-31 16:08 . 2009-08-31 16:08 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.ComponentMod#\532438e2acfcadc469a4d468c51f8451 \System.ComponentModel.DataAnnotations.ni.dll
+ 2009-08-31 16:08 . 2009-08-31 16:08 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.AddIn.Contra#\597b20e1b053d6a510cfe033c07a63e6 \System.AddIn.Contract.ni.dll
+ 2009-08-31 15:41 . 2009-08-31 15:41 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\Pre sentationFontCac#\2d7408a0232f2e2efd0d7adf5dfa733a \PresentationFontCache.ni.exe
+ 2009-08-31 08:36 . 2009-08-31 08:36 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\Pre sentationCFFRast#\c8fd2d9233f8ea3031fb16f697635231 \PresentationCFFRasterizer.ni.dll
+ 2009-08-31 16:09 . 2009-08-31 16:09 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.Vsa\790cf1edb17ee41b59be62ecbd59613b\Micros oft.Vsa.ni.dll
+ 2009-08-31 15:41 . 2009-08-31 15:41 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.VisualC\ec83ec80653eb20ccc6ed42075c90aee\Mi crosoft.VisualC.ni.dll
+ 2009-08-31 08:36 . 2009-08-31 08:36 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.Build.Fra#\e9aba2eab90d647356f65e66053da02b \Microsoft.Build.Framework.ni.dll
+ 2009-08-31 16:08 . 2009-08-31 16:08 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.Build.Fra#\28343d470d992f169ca0e7cdb3cc3117 \Microsoft.Build.Framework.ni.dll
+ 2009-08-31 16:08 . 2009-08-31 16:08 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfs vc\f4e38208e88cb4cc314a1d6543b9fcc6\dfsvc.ni.exe
+ 2009-08-31 15:41 . 2009-08-31 15:41 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Acc essibility\11eb4f6606ba01e5128805759121ea6c\Access ibility.ni.dll
+ 2009-08-31 08:30 . 2009-08-31 08:30 94208 c:\windows\assembly\GAC_MSIL\WindowsFormsIntegrati on\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegrati on.dll
+ 2009-08-31 08:30 . 2009-08-31 08:30 98304 c:\windows\assembly\GAC_MSIL\UIAutomationTypes\3.0 .0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2009-08-31 08:30 . 2009-08-31 08:30 40960 c:\windows\assembly\GAC_MSIL\UIAutomationProvider\ 3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2009-08-31 08:31 . 2009-08-31 08:31 12288 c:\windows\assembly\GAC_MSIL\System.Windows.Presen tation\3.5.0.0__b77a5c561934e089\System.Windows.Pr esentation.dll
+ 2009-08-31 08:32 . 2009-08-31 08:32 61440 c:\windows\assembly\GAC_MSIL\System.Web.Routing\3. 5.0.0__31bf3856ad364e35\System.Web.Routing.dll
+ 2009-08-31 08:34 . 2009-08-31 08:34 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExp ressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.Regu larExpressions.dll
+ 2009-08-31 08:31 . 2009-08-31 08:31 32768 c:\windows\assembly\GAC_MSIL\System.Web.DynamicDat a.Design\3.5.0.0__31bf3856ad364e35\System.Web.Dyna micData.Design.dll
+ 2009-08-31 08:31 . 2009-08-31 08:31 77824 c:\windows\assembly\GAC_MSIL\System.Web.Abstractio ns\3.5.0.0__31bf3856ad364e35\System.Web.Abstractio ns.dll
+ 2009-08-31 08:30 . 2009-08-31 08:30 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.W asHosting\3.0.0.0__b77a5c561934e089\System.Service Model.WasHosting.dll
+ 2009-08-31 08:30 . 2009-08-31 08:30 73728 c:\windows\assembly\GAC_MSIL\System.ServiceModel.I nstall\3.0.0.0__b77a5c561934e089\System.ServiceMod el.Install.dll
- 2008-04-11 06:38 . 2008-04-11 06:38 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design \2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.d ll
+ 2009-08-31 08:34 . 2009-08-31 08:34 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design \2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.d ll
+ 2009-08-31 08:31 . 2009-08-31 08:31 53248 c:\windows\assembly\GAC_MSIL\System.Data.DataSetEx tensions\3.5.0.0__b77a5c561934e089\System.Data.Dat aSetExtensions.dll
+ 2009-08-31 08:34 . 2009-08-31 08:34 81920 c:\windows\assembly\GAC_MSIL\System.Configuration. Install\2.0.0.0__b03f5f7f11d50a3a\System.Configura tion.Install.dll
- 2008-04-11 06:38 . 2008-04-11 06:38 81920 c:\windows\assembly\GAC_MSIL\System.Configuration. Install\2.0.0.0__b03f5f7f11d50a3a\System.Configura tion.Install.dll
+ 2009-08-31 08:31 . 2009-08-31 08:31 57344 c:\windows\assembly\GAC_MSIL\System.ComponentModel .DataAnnotations\3.5.0.0__31bf3856ad364e35\System. ComponentModel.DataAnnotations.dll
+ 2009-08-31 08:31 . 2009-08-31 08:31 45056 c:\windows\assembly\GAC_MSIL\System.AddIn.Contract \2.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.d ll
+ 2009-08-31 08:30 . 2009-08-31 08:30 46104 c:\windows\assembly\GAC_MSIL\PresentationFontCache \3.0.0.0__31bf3856ad364e35\PresentationFontCache.e xe
+ 2009-08-31 08:30 . 2009-08-31 08:30 32768 c:\windows\assembly\GAC_MSIL\PresentationCFFRaster izer\3.0.0.0__31bf3856ad364e35\PresentationCFFRast erizer.dll
- 2007-04-02 15:47 . 2007-04-02 15:47 32768 c:\windows\assembly\GAC_MSIL\PresentationCFFRaster izer\3.0.0.0__31bf3856ad364e35\PresentationCFFRast erizer.dll
- 2008-04-11 06:38 . 2008-04-11 06:38 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0 __b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2009-08-31 08:34 . 2009-08-31 08:34 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0 __b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2009-08-31 08:34 . 2009-08-31 08:34 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.Code DOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.V sa.Vb.CodeDOMProcessor.dll
- 2008-04-11 06:38 . 2008-04-11 06:38 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.Code DOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.V sa.Vb.CodeDOMProcessor.dll
+ 2009-08-31 08:31 . 2009-08-31 08:31 41984 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC.STL CLR\1.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.ST LCLR.dll
+ 2009-08-31 08:34 . 2009-08-31 08:34 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic .Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBas ic.Vsa.dll
- 2008-04-11 06:38 . 2008-04-11 06:38 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic .Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBas ic.Vsa.dll
+ 2009-08-31 08:34 . 2009-08-31 08:34 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utili ties\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Uti lities.dll
- 2008-04-11 06:38 . 2008-04-11 06:38 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utili ties\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Uti lities.dll
+ 2009-08-31 08:31 . 2009-08-31 08:31 94208 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utili ties.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Buil d.Utilities.v3.5.dll
+ 2009-08-31 08:31 . 2009-08-31 08:31 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Frame work\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Fra mework.dll
- 2008-04-11 06:38 . 2008-04-11 06:38 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Frame work\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Fra mework.dll
+ 2009-08-31 08:34 . 2009-08-31 08:34 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Frame work\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Fra mework.dll
- 2008-04-11 06:38 . 2008-04-11 06:38 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5 f7f11d50a3a\IEHost.dll
+ 2009-08-31 08:34 . 2009-08-31 08:34 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5 f7f11d50a3a\IEHost.dll
- 2008-04-11 06:38 . 2008-04-11 06:38 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b0 3f5f7f11d50a3a\cscompmgd.dll
+ 2009-08-31 08:34 . 2009-08-31 08:34 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b0 3f5f7f11d50a3a\cscompmgd.dll
- 2008-04-11 06:38 . 2008-04-11 06:38 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0 __b03f5f7f11d50a3a\Accessibility.dll
+ 2009-08-31 08:34 . 2009-08-31 08:34 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0 __b03f5f7f11d50a3a\Accessibility.dll
+ 2009-08-31 08:34 . 2009-08-31 08:34 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b0 3f5f7f11d50a3a\ISymWrapper.dll
- 2008-04-11 06:38 . 2008-04-11 06:38 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b0 3f5f7f11d50a3a\ISymWrapper.dll
- 2008-04-11 06:38 . 2008-04-11 06:38 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0. 0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2009-08-31 08:34 . 2009-08-31 08:34 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0. 0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2008-09-19 14:41 . 2008-09-19 14:41 77824 c:\windows\assembly\GAC\SonicMCEBurnEngine\0.9.0.0 __17c52700e9a64fd0\SonicMCEBurnEngine.dll
+ 2009-09-10 04:20 . 2009-09-10 04:20 77824 c:\windows\assembly\GAC\SonicMCEBurnEngine\0.9.0.0 __17c52700e9a64fd0\SonicMCEBurnEngine.dll
- 2008-09-19 14:41 . 2008-09-19 14:41 45056 c:\windows\assembly\GAC\Microsoft.MediaCenter\6.0. 3100.0__31bf3856ad364e35\Microsoft.MediaCenter.dll
+ 2009-09-10 04:20 . 2009-09-10 04:20 45056 c:\windows\assembly\GAC\Microsoft.MediaCenter\6.0. 3100.0__31bf3856ad364e35\Microsoft.MediaCenter.dll
- 2008-09-19 14:41 . 2008-09-19 14:41 53248 c:\windows\assembly\GAC\ehiWUapi\6.0.3000.0__31bf3 856ad364e35\ehiWUapi.dll
+ 2009-09-10 04:20 . 2009-09-10 04:20 53248 c:\windows\assembly\GAC\ehiWUapi\6.0.3000.0__31bf3 856ad364e35\ehiWUapi.dll
+ 2009-09-10 04:20 . 2009-09-10 04:20 18944 c:\windows\assembly\GAC\ehiUserXp\6.0.3000.0__31bf 3856ad364e35\ehiuserxp.dll
- 2008-09-19 14:41 . 2008-09-19 14:41 18944 c:\windows\assembly\GAC\ehiUserXp\6.0.3000.0__31bf 3856ad364e35\ehiuserxp.dll
+ 2009-09-10 04:20 . 2009-09-10 04:20 73728 c:\windows\assembly\GAC\ehiExtens\6.0.3000.0__31bf 3856ad364e35\ehiExtens.dll
- 2008-09-19 14:41 . 2008-09-19 14:41 73728 c:\windows\assembly\GAC\ehiExtens\6.0.3000.0__31bf 3856ad364e35\ehiExtens.dll
+ 2009-08-31 08:24 . 2008-04-14 00:11 58880 c:\windows\$NtUninstallKB973507$\atl.dll
+ 2009-08-31 08:36 . 2008-04-14 00:11 84992 c:\windows\$NtUninstallKB971557$\avifil32.dll
+ 2009-08-31 08:20 . 2008-10-23 10:06 62976 c:\windows\$NtUninstallKB970653-v3$\tzchange.exe
+ 2009-08-31 08:20 . 2009-07-16 04:14 14336 c:\windows\$NtUninstallKB970653-v3$\spuninst\tzchange.dll
+ 2009-09-03 11:40 . 2008-04-14 00:12 49152 c:\windows\$NtUninstallKB968389$\wdigest.dll
+ 2009-09-03 11:40 . 2009-02-03 19:59 56832 c:\windows\$NtUninstallKB968389$\secur32.dll
+ 2009-09-03 11:40 . 2008-04-13 18:31 92288 c:\windows\$NtUninstallKB968389$\ksecdd.sys
+ 2009-08-31 08:37 . 2008-04-14 00:12 78336 c:\windows\$NtUninstallKB960859$\tlntsess.exe
+ 2009-08-31 08:37 . 2008-04-14 00:12 75776 c:\windows\$NtUninstallKB960859$\telnet.exe
+ 2009-08-31 08:24 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB973869\update\spcustom.dll
+ 2009-08-31 08:24 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB973869\spmsg.dll
+ 2009-08-31 08:20 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB973815\update\spcustom.dll
+ 2009-08-31 08:20 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB973815\spmsg.dll
+ 2009-08-31 08:24 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB973507\update\spcustom.dll
+ 2009-08-31 08:24 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB973507\spmsg.dll
+ 2009-07-17 19:25 . 2009-07-17 19:25 58880 c:\windows\$hf_mig$\KB973507\SP3QFE\atl.dll
+ 2009-08-31 08:23 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB973354\update\spcustom.dll
+ 2009-08-31 08:23 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB973354\spmsg.dll
+ 2009-08-31 08:37 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB971657\update\spcustom.dll
+ 2009-08-31 08:37 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB971657\spmsg.dll
+ 2009-08-31 08:36 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB971557\update\spcustom.dll
+ 2009-08-31 08:36 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB971557\spmsg.dll
+ 2009-06-10 14:01 . 2009-06-10 14:01 84992 c:\windows\$hf_mig$\KB971557\SP3QFE\avifil32.dll
+ 2009-09-03 11:40 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB968389\update\spcustom.dll
+ 2009-09-03 11:40 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB968389\spmsg.dll
+ 2009-06-25 08:41 . 2009-06-25 08:41 54272 c:\windows\$hf_mig$\KB968389\SP3QFE\wdigest.dll
+ 2009-06-25 08:41 . 2009-06-25 08:41 56832 c:\windows\$hf_mig$\KB968389\SP3QFE\secur32.dll
+ 2009-06-24 10:28 . 2009-06-24 10:28 92928 c:\windows\$hf_mig$\KB968389\SP3QFE\ksecdd.sys
+ 2009-08-31 08:37 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB960859\update\spcustom.dll
+ 2009-08-31 08:37 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB960859\spmsg.dll
+ 2009-06-12 12:03 . 2009-06-12 12:03 80896 c:\windows\$hf_mig$\KB960859\SP3QFE\tlntsess.exe
+ 2009-06-12 12:03 . 2009-06-12 12:03 76288 c:\windows\$hf_mig$\KB960859\SP3QFE\telnet.exe
+ 2009-08-31 08:36 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB956744\update\spcustom.dll
+ 2009-08-31 08:36 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB956744\spmsg.dll
- 2008-04-11 06:38 . 2008-04-11 06:38 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a 3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2009-08-31 08:34 . 2009-08-31 08:34 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a 3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2008-07-29 21:40 . 2008-07-29 21:40 5632 c:\windows\Microsoft.NET\Framework\v3.5\Sentinel.v 3.5Client.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 7168 c:\windows\Microsoft.NET\Framework\v2.0.50727\Micr osoft_VsaVb.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 7168 c:\windows\Microsoft.NET\Framework\v2.0.50727\Micr osoft_VsaVb.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\Micr osoft.VisualC.Dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\Micr osoft.VisualC.Dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 6656 c:\windows\Microsoft.NET\Framework\v2.0.50727\IIEH ost.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 6656 c:\windows\Microsoft.NET\Framework\v2.0.50727\IIEH ost.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 8192 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEEx ecRemote.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 8192 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEEx ecRemote.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 9728 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEEx ec.exe
- 2007-10-23 23:47 . 2007-10-23 23:47 9728 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEEx ec.exe
- 2007-10-23 23:47 . 2007-10-23 23:47 5120 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfsv c.exe
+ 2008-07-25 09:16 . 2008-07-25 09:16 5120 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfsv c.exe
+ 2009-10-06 05:47 . 2009-10-06 05:47 5120 c:\windows\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF16.exe
+ 2009-08-31 08:31 . 2009-08-31 08:31 5632 c:\windows\assembly\GAC_MSIL\Sentinel.v3.5Client\3 .5.0.0__b03f5f7f11d50a3a\Sentinel.v3.5Client.dll
+ 2009-08-31 08:34 . 2009-08-31 08:34 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0 .0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2008-04-11 06:38 . 2008-04-11 06:38 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0 .0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2009-08-31 08:34 . 2009-08-31 08:34 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0 .0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2008-04-11 06:37 . 2008-04-11 06:37 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0 .0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2008-04-11 06:38 . 2008-04-11 06:38 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f 5f7f11d50a3a\IIEHost.dll
+ 2009-08-31 08:34 . 2009-08-31 08:34 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f 5f7f11d50a3a\IIEHost.dll
+ 2009-08-31 08:34 . 2009-08-31 08:34 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0_ _b03f5f7f11d50a3a\IEExecRemote.dll
- 2008-04-11 06:38 . 2008-04-11 06:38 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0_ _b03f5f7f11d50a3a\IEExecRemote.dll
+ 2009-09-10 04:20 . 2009-09-10 04:20 8192 c:\windows\assembly\GAC\ehiExtCOM\6.0.3000.0__31bf 3856ad364e35\ehiExtCOM.dll
- 2008-09-19 14:41 . 2008-09-19 14:41 8192 c:\windows\assembly\GAC\ehiExtCOM\6.0.3000.0__31bf 3856ad364e35\ehiExtCOM.dll
+ 2009-08-31 08:34 . 2009-08-31 08:34 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b0 3f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2008-04-11 06:38 . 2008-04-11 06:38 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b0 3f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2008-04-11 06:38 . 2008-04-11 06:38 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b0 3f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2009-08-31 08:34 . 2009-08-31 08:34 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b0 3f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2007-11-07 00:19 . 2007-11-07 00:19 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a 1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll
+ 2007-11-07 00:19 . 2007-11-07 00:19 568832 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a 1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll
+ 2007-11-06 19:23 . 2007-11-06 19:23 224768 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a 1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcm90.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 635904 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a 1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 558080 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a 1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcp80.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a 1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcm80.dll
+ 2008-07-29 19:26 . 2008-07-29 19:26 301568 c:\windows\system32\XPSViewer\XPSViewer.exe
+ 2006-10-14 18:21 . 2008-07-06 12:06 575488 c:\windows\system32\xpsshhdr.dll
+ 2005-12-05 23:18 . 2009-06-10 06:14 132096 c:\windows\system32\wkssvc.dll
- 2005-12-05 23:18 . 2008-04-14 00:12 132096 c:\windows\system32\wkssvc.dll
+ 2008-07-29 17:59 . 2008-07-29 17:59 161296 c:\windows\system32\UIAutomationCore.dll
+ 2007-04-02 15:47 . 2008-07-06 12:06 765440 c:\windows\system32\spool\XPSEP\i386\mxdwdrv.dll
+ 2007-04-02 15:47 . 2008-07-06 12:06 765440 c:\windows\system32\spool\XPSEP\i386\i386\mxdwdrv. dll
+ 2007-04-02 15:47 . 2008-07-06 12:06 748032 c:\windows\system32\spool\XPSEP\amd64\mxdwdrv.dll
+ 2007-04-02 15:47 . 2008-07-06 12:06 748032 c:\windows\system32\spool\XPSEP\amd64\amd64\mxdwdr v.dll
+ 2007-04-02 15:47 . 2008-07-06 12:06 147456 c:\windows\system32\spool\prtprocs\x64\filterpipel ineprintproc.dll
+ 2006-10-14 14:44 . 2008-07-06 10:50 597504 c:\windows\system32\spool\prtprocs\w32x86\printfil terpipelinesvc.exe
+ 2006-04-08 06:33 . 2008-03-13 04:52 761344 c:\windows\system32\spool\drivers\w32x86\3\unires. dll
- 2006-04-08 06:33 . 2007-03-22 19:03 761344 c:\windows\system32\spool\drivers\w32x86\3\unires. dll
+ 2006-04-08 06:33 . 2008-07-06 12:06 744960 c:\windows\system32\spool\drivers\w32x86\3\unidrvu i.dll
+ 2006-04-08 06:33 . 2008-07-06 12:06 373248 c:\windows\system32\spool\drivers\w32x86\3\unidrv. dll
- 2006-04-08 06:33 . 2008-04-14 00:12 373248 c:\windows\system32\spool\drivers\w32x86\3\unidrv. dll
+ 2006-10-14 14:42 . 2008-07-06 12:06 198656 c:\windows\system32\spool\drivers\w32x86\3\mxdwdui .dll
+ 2006-10-14 14:43 . 2008-07-06 12:06 765440 c:\windows\system32\spool\drivers\w32x86\3\mxdwdrv .dll
+ 2005-12-05 23:18 . 2009-06-25 08:25 147456 c:\windows\system32\schannel.dll
+ 2006-10-14 14:43 . 2008-07-06 12:06 117760 c:\windows\system32\prntvpt.dll
+ 2008-07-29 17:59 . 2008-07-29 17:59 781344 c:\windows\system32\PresentationNative_v0300.dll
+ 2008-07-29 18:35 . 2008-07-29 18:35 326160 c:\windows\system32\PresentationHost.exe
+ 2008-07-29 17:59 . 2008-07-29 17:59 105016 c:\windows\system32\PresentationCFFRasterizerNativ e_v0300.dll
+ 2005-12-05 23:18 . 2009-08-31 08:35 442466 c:\windows\system32\perfh009.dat
+ 2005-12-05 23:18 . 2009-06-25 08:25 136192 c:\windows\system32\msv1_0.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 158720 c:\windows\system32\mscorier.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 158720 c:\windows\system32\mscorier.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 282112 c:\windows\system32\mscoree.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 282112 c:\windows\system32\mscoree.dll
+ 2005-12-05 23:18 . 2009-06-25 08:25 730112 c:\windows\system32\lsasrv.dll
+ 2005-12-05 23:18 . 2009-06-25 08:25 301568 c:\windows\system32\kerberos.dll
- 2005-12-05 23:18 . 2009-03-08 02:33 726528 c:\windows\system32\jscript.dll
+ 2005-12-05 23:18 . 2009-06-22 06:44 726528 c:\windows\system32\jscript.dll
+ 2008-07-29 17:24 . 2008-07-29 17:24 622080 c:\windows\system32\icardagt.exe
- 2005-12-05 23:28 . 2009-07-23 16:07 345016 c:\windows\system32\FNTCACHE.DAT
+ 2005-12-05 23:28 . 2009-08-31 15:38 345016 c:\windows\system32\FNTCACHE.DAT
+ 2008-07-29 19:10 . 2008-07-29 19:10 493048 c:\windows\system32\evr.dll
- 2007-02-17 11:23 . 2009-03-25 09:06 214024 c:\windows\system32\drivers\mfehidk.sys
+ 2007-02-17 11:23 . 2009-07-08 11:44 214024 c:\windows\system32\drivers\mfehidk.sys
+ 2006-10-14 18:21 . 2008-07-06 12:06 575488 c:\windows\system32\dllcache\xpsshhdr.dll
+ 2009-07-13 08:08 . 2009-07-13 08:08 286720 c:\windows\system32\dllcache\wmpdxm.dll
+ 2009-06-10 06:14 . 2009-06-10 06:14 132096 c:\windows\system32\dllcache\wkssvc.dll
+ 2008-12-05 06:54 . 2009-06-25 08:25 147456 c:\windows\system32\dllcache\schannel.dll
+ 2006-10-14 14:44 . 2008-07-06 10:50 597504 c:\windows\system32\dllcache\printfilterpipelinesv c.exe
+ 2009-08-05 09:01 . 2009-08-05 09:01 204800 c:\windows\system32\dllcache\mswebdvd.dll
+ 2009-06-25 08:25 . 2009-06-25 08:25 136192 c:\windows\system32\dllcache\msv1_0.dll
+ 2009-07-23 15:37 . 2009-06-25 08:25 730112 c:\windows\system32\dllcache\lsasrv.dll
+ 2009-06-25 08:25 . 2009-06-25 08:25 301568 c:\windows\system32\dllcache\kerberos.dll
- 2008-05-09 10:53 . 2009-03-08 02:33 726528 c:\windows\system32\dllcache\jscript.dll
+ 2008-05-09 10:53 . 2009-06-22 06:44 726528 c:\windows\system32\dllcache\jscript.dll
+ 2008-07-29 21:40 . 2008-07-29 21:40 196104 c:\windows\Microsoft.NET\Framework\v3.5\WFServices Reg.exe
+ 2008-07-29 21:40 . 2008-07-29 21:40 802816 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft. Build.Tasks.v3.5.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 984056 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapUI.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 107512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 111096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.3082.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 110072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2070.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1055.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 105976 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1053.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 107000 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1049.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 107512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1046.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 109048 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1045.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1044.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1043.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 110072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1040.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 111096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1038.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 101368 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1037.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 112120 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1036.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1035.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 113656 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1032.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 111608 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1031.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1030.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1029.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 102904 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1025.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 689152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vsscenario.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 413184 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vsbasereqs.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 632320 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs70uimgr.dll
+ 2009-08-31 08:31 . 2009-08-31 08:31 652800 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs_setup.msi
+ 2008-07-29 16:47 . 2008-07-29 16:47 110080 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 131584 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.3082.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 131072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2070.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 121344 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1055.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 121344 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1053.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 123904 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1049.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 122880 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1046.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 128512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1045.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 121856 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1044.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 129024 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1043.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 128512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1040.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 132096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1038.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 111104 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1037.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 133120 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1036.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 122368 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1035.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 137728 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1032.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 130048 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1031.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 126464 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1030.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 125440 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1029.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 113152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1025.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 269304 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
+ 2008-07-29 16:47 . 2008-07-29 16:47 177152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\HtmlLite.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 276984 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\dlmgr.dll
+ 2008-07-29 21:15 . 2008-07-29 21:15 225490 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\baseline.dat
+ 2008-07-29 21:40 . 2008-07-29 21:40 233976 c:\windows\Microsoft.NET\Framework\v3.5\1033\vbc7u i.dll
+ 2008-07-29 21:40 . 2008-07-29 21:40 168448 c:\windows\Microsoft.NET\Framework\v3.5\1033\cscom pui.dll
+ 2008-07-29 18:35 . 2008-07-29 18:35 864256 c:\windows\Microsoft.NET\Framework\v3.0\WPF\Presen tationUI.dll
+ 2008-07-29 17:59 . 2008-07-29 17:59 132120 c:\windows\Microsoft.NET\Framework\v3.0\WPF\Presen tationHostDLL.dll
+ 2008-07-29 17:16 . 2008-07-29 17:16 152576 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\WsatConfig.exe
+ 2008-07-29 17:16 . 2008-07-29 17:16 966656 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
+ 2008-07-29 17:16 . 2008-07-29 17:16 132096 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
+ 2008-07-29 17:16 . 2008-07-29 17:16 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
+ 2008-07-29 17:16 . 2008-07-29 17:16 156688 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelReg.exe
+ 2008-07-29 17:16 . 2008-07-29 17:16 163840 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.Dtc.dll
+ 2008-07-29 17:16 . 2008-07-29 17:16 397312 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.dll
+ 2008-07-29 17:24 . 2008-07-29 17:24 881664 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
+ 2008-07-29 17:16 . 2008-07-29 17:16 168968 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ComSvcConfig.exe
+ 2008-11-25 02:59 . 2008-11-25 02:59 436040 c:\windows\Microsoft.NET\Framework\v2.0.50727\webe ngine.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 839680 c:\windows\Microsoft.NET\Framework\v2.0.50727\Syst em.Web.Services.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 839680 c:\windows\Microsoft.NET\Framework\v2.0.50727\Syst em.Web.Services.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 835584 c:\windows\Microsoft.NET\Framework\v2.0.50727\Syst em.Web.Mobile.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 261632 c:\windows\Microsoft.NET\Framework\v2.0.50727\Syst em.Transactions.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 114688 c:\windows\Microsoft.NET\Framework\v2.0.50727\Syst em.ServiceProcess.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 114688 c:\windows\Microsoft.NET\Framework\v2.0.50727\Syst em.ServiceProcess.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\Syst em.Security.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\Syst em.Security.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 131072 c:\windows\Microsoft.NET\Framework\v2.0.50727\Syst em.Runtime.Serialization.Formatters.Soap.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 131072 c:\windows\Microsoft.NET\Framework\v2.0.50727\Syst em.Runtime.Serialization.Formatters.Soap.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 303104 c:\windows\Microsoft.NET\Framework\v2.0.50727\Syst em.Runtime.Remoting.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\Syst em.Messaging.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\Syst em.Messaging.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\Syst em.Management.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\Syst em.Management.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 113664 c:\windows\Microsoft.NET\Framework\v2.0.50727\Syst em.EnterpriseServices.Wrapper.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 113664 c:\windows\Microsoft.NET\Framework\v2.0.50727\Syst em.EnterpriseServices.Wrapper.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\Syst em.EnterpriseServices.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\Syst em.EnterpriseServices.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 626688 c:\windows\Microsoft.NET\Framework\v2.0.50727\Syst em.Drawing.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 188416 c:\windows\Microsoft.NET\Framework\v2.0.50727\Syst em.DirectoryServices.Protocols.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 188416 c:\windows\Microsoft.NET\Framework\v2.0.50727\Syst em.DirectoryServices.Protocols.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 401408 c:\windows\Microsoft.NET\Framework\v2.0.50727\Syst em.DirectoryServices.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 401408 c:\windows\Microsoft.NET\Framework\v2.0.50727\Syst em.DirectoryServices.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 970752 c:\windows\Microsoft.NET\Framework\v2.0.50727\Syst em.Deployment.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 745472 c:\windows\Microsoft.NET\Framework\v2.0.50727\Syst em.Data.SqlXml.dll
+ 2008-11-25 02:59 . 2008-11-25 02:59 486400 c:\windows\Microsoft.NET\Framework\v2.0.50727\Syst em.Data.OracleClient.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 425984 c:\windows\Microsoft.NET\Framework\v2.0.50727\Syst em.configuration.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 425984 c:\windows\Microsoft.NET\Framework\v2.0.50727\Syst em.configuration.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\sysg lobl.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\sysg lobl.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 392184 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS. dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 118784 c:\windows\Microsoft.NET\Framework\v2.0.50727\shfu sion.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 143360 c:\windows\Microsoft.NET\Framework\v2.0.50727\peve rify.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 100856 c:\windows\Microsoft.NET\Framework\v2.0.50727\ngen .exe
+ 2008-07-25 09:17 . 2008-07-25 09:17 230912 c:\windows\Microsoft.NET\Framework\v2.0.50727\msco rsvc.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 345600 c:\windows\Microsoft.NET\Framework\v2.0.50727\msco rrc.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 114176 c:\windows\Microsoft.NET\Framework\v2.0.50727\msco rpe.dll
+ 2008-11-25 02:59 . 2008-11-25 02:59 364872 c:\windows\Microsoft.NET\Framework\v2.0.50727\msco rjit.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 308224 c:\windows\Microsoft.NET\Framework\v2.0.50727\msco rdbi.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 308224 c:\windows\Microsoft.NET\Framework\v2.0.50727\msco rdbi.dll
+ 2008-11-25 02:59 . 2008-11-25 02:59 990032 c:\windows\Microsoft.NET\Framework\v2.0.50727\msco rdacwks.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 659456 c:\windows\Microsoft.NET\Framework\v2.0.50727\Micr osoft.VisualBasic.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\Micr osoft.VisualBasic.Compatibility.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\Micr osoft.VisualBasic.Compatibility.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\Micr osoft.VisualBasic.Compatibility.Data.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\Micr osoft.VisualBasic.Compatibility.Data.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 749568 c:\windows\Microsoft.NET\Framework\v2.0.50727\Micr osoft.JScript.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 749568 c:\windows\Microsoft.NET\Framework\v2.0.50727\Micr osoft.JScript.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 655360 c:\windows\Microsoft.NET\Framework\v2.0.50727\Micr osoft.Build.Tasks.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 655360 c:\windows\Microsoft.NET\Framework\v2.0.50727\Micr osoft.Build.Tasks.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 348160 c:\windows\Microsoft.NET\Framework\v2.0.50727\Micr osoft.Build.Engine.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 348160 c:\windows\Microsoft.NET\Framework\v2.0.50727\Micr osoft.Build.Engine.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 230904 c:\windows\Microsoft.NET\Framework\v2.0.50727\ilas m.exe


UNQUOTE
------------
Responder Con Cita
  post #6  
Antiguo 07/10/09, 12:16:39
Usuario
  
Registrado: jul 2009
Ubicación: madrid
Mensajes: 11
Re: Virus bloquea actividad PC
Continuación del log de combofix:


QUOTE
---------

- 2007-10-23 23:47 . 2007-10-23 23:47 230904 c:\windows\Microsoft.NET\Framework\v2.0.50727\ilas m.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17 798224 c:\windows\Microsoft.NET\Framework\v2.0.50727\Even tLogMessages.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 798224 c:\windows\Microsoft.NET\Framework\v2.0.50727\Even tLogMessages.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 575496 c:\windows\Microsoft.NET\Framework\v2.0.50727\dias ymreader.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\CasP ol.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\CasP ol.exe
- 2007-10-23 23:47 . 2007-10-23 23:47 507904 c:\windows\Microsoft.NET\Framework\v2.0.50727\AspN etMMCExt.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 507904 c:\windows\Microsoft.NET\Framework\v2.0.50727\AspN etMMCExt.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspn et_regsql.exe
+ 2008-07-25 09:16 . 2008-07-25 09:16 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspn et_regsql.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17 147968 c:\windows\Microsoft.NET\Framework\v2.0.50727\AdoN etDiag.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 147968 c:\windows\Microsoft.NET\Framework\v2.0.50727\AdoN etDiag.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 218112 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033 \Vsavb7rtUI.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 218112 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033 \Vsavb7rtUI.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 193016 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033 \vbc7ui.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 193016 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033 \vbc7ui.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 145408 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033 \cscompui.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 145408 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033 \cscompui.dll
+ 2008-12-13 07:58 . 2008-12-13 07:58 754688 c:\windows\Installer\d24fa1.msp
+ 2009-08-31 08:32 . 2009-08-31 08:32 648192 c:\windows\Installer\d24f7e.msi
+ 2008-07-29 19:23 . 2008-07-29 19:23 250880 c:\windows\Installer\d0ffad.msp
+ 2008-07-29 19:28 . 2008-07-29 19:28 278016 c:\windows\Installer\d0ffab.msp
+ 2008-07-29 17:40 . 2008-07-29 17:40 291840 c:\windows\Installer\d0ffa9.msp
+ 2009-08-31 08:30 . 2009-08-31 08:30 137728 c:\windows\Installer\d0ffa3.msi
+ 2008-07-29 15:35 . 2008-07-29 15:35 553472 c:\windows\Installer\ccc78b.msp
+ 2008-07-29 15:33 . 2008-07-29 15:33 506368 c:\windows\Installer\ccc789.msp
+ 2008-07-29 15:37 . 2008-07-29 15:37 911360 c:\windows\Installer\ccc788.msp
+ 2009-03-20 09:48 . 2009-03-20 09:48 183808 c:\windows\Installer\27d5263.msp
+ 2009-09-10 11:59 . 2008-07-08 13:02 382840 c:\windows\ie8updates\KB971961-IE8\spuninst\updspapi.dll
+ 2009-09-10 11:59 . 2008-07-08 13:02 231288 c:\windows\ie8updates\KB971961-IE8\spuninst\spuninst.exe
+ 2009-09-10 11:59 . 2009-03-08 02:33 726528 c:\windows\ie8updates\KB971961-IE8\jscript.dll
+ 2005-12-05 23:38 . 2009-08-18 08:55 179712 c:\windows\ehome\ehkeyctl.dll
+ 2009-08-31 08:29 . 2008-03-13 04:52 761344 c:\windows\Driver Cache\i386\unires.dll
+ 2009-08-31 08:29 . 2008-07-06 12:06 744960 c:\windows\Driver Cache\i386\unidrvui.dll
+ 2009-08-31 08:29 . 2008-07-06 12:06 373248 c:\windows\Driver Cache\i386\unidrv.dll
+ 2009-08-31 08:29 . 2008-07-06 12:06 198656 c:\windows\Driver Cache\i386\mxdwdui.dll
+ 2009-08-31 08:29 . 2008-07-06 12:06 765440 c:\windows\Driver Cache\i386\mxdwdrv.dll
+ 2009-08-31 16:07 . 2009-08-31 16:07 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\Wsa tConfig\2ef5bc3a2edd7570bb23886a4f32294a\WsatConfi g.ni.exe
+ 2009-08-31 15:44 . 2009-08-31 15:44 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\Win dowsFormsIntegra#\6a818099f0386e2356ae94f886a2196f \WindowsFormsIntegration.ni.dll
+ 2009-08-31 15:41 . 2009-08-31 15:41 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIA utomationTypes\a6d9503962d47c722231c1478f180695\UI AutomationTypes.ni.dll
+ 2009-08-31 15:44 . 2009-08-31 15:44 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIA utomationClient\5c028c3d8db6c0f0277673ea4a2d89fb\U IAutomationClient.ni.dll
+ 2009-08-31 16:10 . 2009-08-31 16:10 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Xml.Linq\c338a470b14851ce5987bb0f0869c310\Syst em.Xml.Linq.ni.dll
+ 2009-08-31 16:09 . 2009-08-31 16:09 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Web.Routing\bb77ea11f46ab438b2b7ed7c180011a1\S ystem.Web.Routing.ni.dll
+ 2009-08-31 15:43 . 2009-08-31 15:43 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Web.RegularE#\6ee255220d90dcbe80c990e443051cc5 \System.Web.RegularExpressions.ni.dll
+ 2009-08-31 16:10 . 2009-08-31 16:10 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Web.Extensio#\58f62044fa702ea6f936071aa5520baa \System.Web.Extensions.Design.ni.dll
+ 2009-08-31 16:10 . 2009-08-31 16:10 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Web.Entity\79c29ac85dd57dd485ab60118ac292ff\Sy stem.Web.Entity.ni.dll
+ 2009-08-31 16:10 . 2009-08-31 16:10 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Web.Entity.D#\d3d65e34fa60f0b6c72ca0d12ec89933 \System.Web.Entity.Design.ni.dll
+ 2009-08-31 16:10 . 2009-08-31 16:10 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Web.DynamicD#\b7891f5659db299dbd1b3c72db7edb9f \System.Web.DynamicData.ni.dll
+ 2009-08-31 16:09 . 2009-08-31 16:09 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Web.Abstract#\00ec08741a765c707bd9169346064a81 \System.Web.Abstractions.ni.dll
+ 2009-08-31 15:42 . 2009-08-31 15:42 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Transactions\5a555c9ae6984c40157cf940bb519f7c\ System.Transactions.ni.dll
+ 2009-08-31 15:43 . 2009-08-31 15:43 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.ServiceProce#\ea3366939280c1715f1c620e33ee3c8a \System.ServiceProcess.ni.dll
+ 2009-08-31 08:36 . 2009-08-31 08:36 676352 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Security\1c8df2da33222c048d683017f2095f04\Syst em.Security.ni.dll
+ 2009-08-31 15:41 . 2009-08-31 15:41 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Runtime.Seri#\bfd6e16d8c3589cd2bd3f8d46f0a5402 \System.Runtime.Serialization.Formatters.Soap.ni.d ll
+ 2009-08-31 15:42 . 2009-08-31 15:42 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Runtime.Remo#\2abd876a3c8a6b088fa6d8d39d901e3c \System.Runtime.Remoting.ni.dll
+ 2009-08-31 16:09 . 2009-08-31 16:09 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Net\519d9c618341b136f9b963ffb7495308\System.Ne t.ni.dll
+ 2009-08-31 16:10 . 2009-08-31 16:10 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Messaging\f48e3419fb2cb012fd160ae801600ae7\Sys tem.Messaging.ni.dll
+ 2009-08-31 16:09 . 2009-08-31 16:09 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Management\8642fdfbf02a6cb6f01169fe6fdb5d11\Sy stem.Management.ni.dll
+ 2009-08-31 16:09 . 2009-08-31 16:09 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Management.I#\1d3fbbd23ce1e8637ef4f40a8d23cd32 \System.Management.Instrumentation.ni.dll
+ 2009-08-31 16:06 . 2009-08-31 16:06 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.IO.Log\7c367a96b10d626ec8cbf8149272d845\System .IO.Log.ni.dll
+ 2009-08-31 16:06 . 2009-08-31 16:06 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.IdentityMode#\68e71147704ef0d34d9a4bece7767fc5 \System.IdentityModel.Selectors.ni.dll
+ 2009-08-31 15:42 . 2009-08-31 15:42 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.EnterpriseSe#\4267bd908175603006c6c90bb5d900c7 \System.EnterpriseServices.Wrapper.dll
+ 2009-08-31 15:42 . 2009-08-31 15:42 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.EnterpriseSe#\4267bd908175603006c6c90bb5d900c7 \System.EnterpriseServices.ni.dll
+ 2009-08-31 15:43 . 2009-08-31 15:43 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Drawing.Desi#\18bbe2b6717e7f1d1dd672526e9889ee \System.Drawing.Design.ni.dll
+ 2009-08-31 15:43 . 2009-08-31 15:43 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.DirectorySer#\c434a07332ce490711c27fd0edb7562f \System.DirectoryServices.Protocols.ni.dll
+ 2009-08-31 16:09 . 2009-08-31 16:09 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.DirectorySer#\8b3bb7a2c2f3ffe94c866283f1cd5957 \System.DirectoryServices.AccountManagement.ni.dll
+ 2009-08-31 16:09 . 2009-08-31 16:09 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Data.Service#\a4b887f476fa4b8746a93a9fc2208560 \System.Data.Services.Client.ni.dll
+ 2009-08-31 16:09 . 2009-08-31 16:09 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Data.Service#\1cf3acad6553d6c59df576794f4e8bd6 \System.Data.Services.Design.ni.dll
+ 2009-08-31 16:09 . 2009-08-31 16:09 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Data.Entity.#\392de34573f9f8ec885714f2f3e7f07f \System.Data.Entity.Design.ni.dll
+ 2009-08-31 16:08 . 2009-08-31 16:08 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Data.DataSet#\1db495ff00bbd14df4af6680c4de0653 \System.Data.DataSetExtensions.ni.dll
+ 2009-08-31 08:36 . 2009-08-31 08:36 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Configuration\b82c00e2d24305ad6cb08556e3779b75 \System.Configuration.ni.dll
+ 2009-08-31 15:43 . 2009-08-31 15:43 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Configuratio#\de514e484e49b04b016949d57ffac03e \System.Configuration.Install.ni.dll
+ 2009-08-31 16:08 . 2009-08-31 16:08 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.AddIn\ce984d754e3c0b6be4504b785cc43574\System. AddIn.ni.dll
+ 2009-08-31 15:44 . 2009-08-31 15:44 232448 c:\windows\assembly\NativeImages_v2.0.50727_32\sys globl\45067d0793a09d3431d26bfa55c5a76a\sysglobl.ni .dll
+ 2009-08-31 16:07 . 2009-08-31 16:07 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMS vcHost\045dd501b7257b1cc26083538ae69045\SMSvcHost. ni.exe
+ 2009-08-31 16:07 . 2009-08-31 16:07 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMD iagnostics\9790551187e294b4ed3aaa1c221891c7\SMDiag nostics.ni.dll
+ 2009-08-31 16:07 . 2009-08-31 16:07 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\Ser viceModelReg\10a0c9707876fc1f65e64b811a28b020\Serv iceModelReg.ni.exe
+ 2009-08-31 15:43 . 2009-08-31 15:43 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\Pre sentationFramewo#\f475294d8c7dc2dd4febeef27bc0417e \PresentationFramework.Classic.ni.dll
+ 2009-08-31 15:43 . 2009-08-31 15:43 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\Pre sentationFramewo#\8003abaf6bcf70f7eb620d06837e897b \PresentationFramework.Luna.ni.dll
+ 2009-08-31 15:43 . 2009-08-31 15:43 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\Pre sentationFramewo#\59a67874d8d8475faa5be1d993083d12 \PresentationFramework.Aero.ni.dll
+ 2009-08-31 15:43 . 2009-08-31 15:43 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\Pre sentationFramewo#\2c980c9a5051d723c6ec2a78a3d0e2b3 \PresentationFramework.Royale.ni.dll
+ 2009-08-31 16:08 . 2009-08-31 16:08 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSB uild\6d38e317128608bc4516ea46ab94590e\MSBuild.ni.e xe
+ 2009-08-31 16:07 . 2009-08-31 16:07 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.Transacti#\1820d6a012fc0e16c3e1d29d973cd2d0 \Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2009-08-31 08:36 . 2009-08-31 08:36 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.Build.Uti#\55b9eff9e23359faed4351386c062238 \Microsoft.Build.Utilities.ni.dll
+ 2009-08-31 16:08 . 2009-08-31 16:08 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.Build.Uti#\4217124db1ea5de5f1a1f3eea75e8d32 \Microsoft.Build.Utilities.v3.5.ni.dll
+ 2009-08-31 16:08 . 2009-08-31 16:08 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.Build.Eng#\96825c34d7e1f7df1923ff2123bed8da \Microsoft.Build.Engine.ni.dll
+ 2009-08-31 16:08 . 2009-08-31 16:08 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.Build.Con#\9b321ebf67587237f576df6104a32588 \Microsoft.Build.Conversion.v3.5.ni.dll
+ 2009-08-31 16:08 . 2009-08-31 16:08 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\Cus tomMarshalers\9bea05938bee3555c5aa8763d89a68f9\Cus tomMarshalers.ni.dll
+ 2009-08-31 16:07 . 2009-08-31 16:07 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\Com SvcConfig\12629e2f3e315459bee67cbbaac85cb2\ComSvcC onfig.ni.exe
+ 2009-08-31 16:08 . 2009-08-31 16:08 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\Asp NetMMCExt\b5b2feadc3943e3976daebc0bcd2b5e2\AspNetM MCExt.ni.dll
+ 2009-08-31 08:30 . 2009-08-31 08:30 385024 c:\windows\assembly\GAC_MSIL\UIAutomationClientsid eProviders\3.0.0.0__31bf3856ad364e35\UIAutomationC lientsideProviders.dll
+ 2009-08-31 08:30 . 2009-08-31 08:30 167936 c:\windows\assembly\GAC_MSIL\UIAutomationClient\3. 0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2009-08-31 08:31 . 2009-08-31 08:31 139264 c:\windows\assembly\GAC_MSIL\System.Xml.Linq\3.5.0 .0__b77a5c561934e089\System.Xml.Linq.dll
+ 2009-08-31 08:31 . 2009-08-31 08:31 507904 c:\windows\assembly\GAC_MSIL\System.WorkflowServic es\3.5.0.0__31bf3856ad364e35\System.WorkflowServic es.dll
+ 2009-08-31 08:30 . 2009-08-31 08:30 540672 c:\windows\assembly\GAC_MSIL\System.Workflow.Runti me\3.0.0.0__31bf3856ad364e35\System.Workflow.Runti me.dll
+ 2009-08-31 08:34 . 2009-08-31 08:34 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2 .0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2008-04-11 06:38 . 2008-04-11 06:38 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2 .0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2009-08-31 08:34 . 2009-08-31 08:34 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0 .0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2009-08-31 08:32 . 2009-08-31 08:32 335872 c:\windows\assembly\GAC_MSIL\System.Web.Extensions .Design\3.5.0.0__31bf3856ad364e35\System.Web.Exten sions.Design.dll
+ 2009-08-31 08:36 . 2009-08-31 08:36 139264 c:\windows\assembly\GAC_MSIL\System.Web.Entity\3.5 .0.0__b77a5c561934e089\System.Web.Entity.dll
+ 2009-08-31 08:31 . 2009-08-31 08:31 131072 c:\windows\assembly\GAC_MSIL\System.Web.Entity.Des ign\3.5.0.0__b77a5c561934e089\System.Web.Entity.De sign.dll
+ 2009-08-31 08:36 . 2009-08-31 08:36 229376 c:\windows\assembly\GAC_MSIL\System.Web.DynamicDat a\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData .dll
+ 2009-08-31 08:30 . 2009-08-31 08:30 688128 c:\windows\assembly\GAC_MSIL\System.Speech\3.0.0.0 __31bf3856ad364e35\System.Speech.dll
- 2007-04-02 15:47 . 2007-04-02 15:47 688128 c:\windows\assembly\GAC_MSIL\System.Speech\3.0.0.0 __31bf3856ad364e35\System.Speech.dll
- 2008-04-11 06:37 . 2008-04-11 06:37 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess \2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.d ll
+ 2009-08-31 08:34 . 2009-08-31 08:34 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess \2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.d ll
+ 2009-08-31 08:31 . 2009-08-31 08:31 569344 c:\windows\assembly\GAC_MSIL\System.ServiceModel.W eb\3.5.0.0__31bf3856ad364e35\System.ServiceModel.W eb.dll
+ 2009-08-31 08:34 . 2009-08-31 08:34 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0 .0__b03f5f7f11d50a3a\System.Security.dll
- 2008-04-11 06:37 . 2008-04-11 06:37 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0 .0__b03f5f7f11d50a3a\System.Security.dll
+ 2009-08-31 08:30 . 2009-08-31 08:30 966656 c:\windows\assembly\GAC_MSIL\System.Runtime.Serial ization\3.0.0.0__b77a5c561934e089\System.Runtime.S erialization.dll
- 2008-04-11 06:38 . 2008-04-11 06:38 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serial ization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\ System.Runtime.Serialization.Formatters.Soap.dll
+ 2009-08-31 08:34 . 2009-08-31 08:34 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serial ization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\ System.Runtime.Serialization.Formatters.Soap.dll
+ 2009-08-31 08:34 . 2009-08-31 08:34 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoti ng\2.0.0.0__b77a5c561934e089\System.Runtime.Remoti ng.dll
+ 2009-08-31 08:31 . 2009-08-31 08:31 233472 c:\windows\assembly\GAC_MSIL\System.Net\3.5.0.0__b 03f5f7f11d50a3a\System.Net.dll
- 2008-04-11 06:38 . 2008-04-11 06:38 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0. 0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2009-08-31 08:34 . 2009-08-31 08:34 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0. 0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2008-04-11 06:38 . 2008-04-11 06:38 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0 .0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2009-08-31 08:34 . 2009-08-31 08:34 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0 .0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2009-08-31 08:31 . 2009-08-31 08:31 143360 c:\windows\assembly\GAC_MSIL\System.Management.Ins trumentation\3.5.0.0__b77a5c561934e089\System.Mana gement.Instrumentation.dll
+ 2009-08-31 08:30 . 2009-08-31 08:30 131072 c:\windows\assembly\GAC_MSIL\System.IO.Log\3.0.0.0 __b03f5f7f11d50a3a\System.IO.Log.dll
- 2007-04-02 15:47 . 2007-04-02 15:47 131072 c:\windows\assembly\GAC_MSIL\System.IO.Log\3.0.0.0 __b03f5f7f11d50a3a\System.IO.Log.dll
+ 2009-08-31 08:30 . 2009-08-31 08:30 430080 c:\windows\assembly\GAC_MSIL\System.IdentityModel\ 3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2009-08-31 08:30 . 2009-08-31 08:30 126976 c:\windows\assembly\GAC_MSIL\System.IdentityModel. Selectors\3.0.0.0__b77a5c561934e089\System.Identit yModel.Selectors.dll
- 2007-04-02 15:47 . 2007-04-02 15:47 126976 c:\windows\assembly\GAC_MSIL\System.IdentityModel. Selectors\3.0.0.0__b77a5c561934e089\System.Identit yModel.Selectors.dll
+ 2009-08-31 08:34 . 2009-08-31 08:34 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0. 0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2009-08-31 08:34 . 2009-08-31 08:34 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServi ces\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServ ices.dll
- 2008-04-11 06:38 . 2008-04-11 06:38 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServi ces\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServ ices.dll
- 2008-04-11 06:38 . 2008-04-11 06:38 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServi ces.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.Dir ectoryServices.Protocols.dll
+ 2009-08-31 08:34 . 2009-08-31 08:34 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServi ces.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.Dir ectoryServices.Protocols.dll
+ 2009-08-31 08:31 . 2009-08-31 08:31 286720 c:\windows\assembly\GAC_MSIL\System.DirectoryServi ces.AccountManagement\3.5.0.0__b77a5c561934e089\Sy stem.DirectoryServices.AccountManagement.dll
+ 2009-08-31 08:34 . 2009-08-31 08:34 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0 .0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2009-08-31 08:34 . 2009-08-31 08:34 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2. 0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2009-08-31 08:36 . 2009-08-31 08:36 442368 c:\windows\assembly\GAC_MSIL\System.Data.Services\ 3.5.0.0__b77a5c561934e089\System.Data.Services.dll
+ 2009-08-31 08:31 . 2009-08-31 08:31 114688 c:\windows\assembly\GAC_MSIL\System.Data.Services. Design\3.5.0.0__b77a5c561934e089\System.Data.Servi ces.Design.dll
+ 2009-08-31 08:36 . 2009-08-31 08:36 294912 c:\windows\assembly\GAC_MSIL\System.Data.Services. Client\3.5.0.0__b77a5c561934e089\System.Data.Servi ces.Client.dll
+ 2009-08-31 08:31 . 2009-08-31 08:31 684032 c:\windows\assembly\GAC_MSIL\System.Data.Linq\3.5. 0.0__b77a5c561934e089\System.Data.Linq.dll
+ 2009-08-31 08:31 . 2009-08-31 08:31 229376 c:\windows\assembly\GAC_MSIL\System.Data.Entity.De sign\3.5.0.0__b77a5c561934e089\System.Data.Entity. Design.dll
+ 2009-08-31 08:31 . 2009-08-31 08:31 667648 c:\windows\assembly\GAC_MSIL\System.Core\3.5.0.0__ b77a5c561934e089\System.Core.dll
- 2008-04-11 06:37 . 2008-04-11 06:37 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\ 2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2009-08-31 08:34 . 2009-08-31 08:34 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\ 2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2009-08-31 08:31 . 2009-08-31 08:31 163840 c:\windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0_ _b77a5c561934e089\System.AddIn.dll
+ 2009-08-31 08:34 . 2009-08-31 08:34 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03 f5f7f11d50a3a\sysglobl.dll
- 2008-04-11 06:38 . 2008-04-11 06:38 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03 f5f7f11d50a3a\sysglobl.dll
+ 2009-08-31 08:30 . 2009-08-31 08:30 110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0 __b77a5c561934e089\SMdiagnostics.dll
- 2007-04-02 15:47 . 2007-04-02 15:47 528384 c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0. 0__31bf3856ad364e35\ReachFramework.dll
+ 2009-08-31 08:30 . 2009-08-31 08:30 528384 c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0. 0__31bf3856ad364e35\ReachFramework.dll
+ 2009-08-31 08:30 . 2009-08-31 08:30 864256 c:\windows\assembly\GAC_MSIL\PresentationUI\3.0.0. 0__31bf3856ad364e35\PresentationUI.dll
+ 2009-08-31 08:30 . 2009-08-31 08:30 163840 c:\windows\assembly\GAC_MSIL\PresentationFramework .Royale\3.0.0.0__31bf3856ad364e35\PresentationFram ework.Royale.dll
+ 2009-08-31 08:30 . 2009-08-31 08:30 397312 c:\windows\assembly\GAC_MSIL\PresentationFramework .Luna\3.0.0.0__31bf3856ad364e35\PresentationFramew ork.Luna.dll
+ 2009-08-31 08:30 . 2009-08-31 08:30 139264 c:\windows\assembly\GAC_MSIL\PresentationFramework .Classic\3.0.0.0__31bf3856ad364e35\PresentationFra mework.Classic.dll
+ 2009-08-31 08:30 . 2009-08-31 08:30 196608 c:\windows\assembly\GAC_MSIL\PresentationFramework .Aero\3.0.0.0__31bf3856ad364e35\PresentationFramew ork.Aero.dll
+ 2009-08-31 08:30 . 2009-08-31 08:30 598016 c:\windows\assembly\GAC_MSIL\PresentationBuildTask s\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks .dll
+ 2009-08-31 08:34 . 2009-08-31 08:34 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic \8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.d ll
- 2008-04-11 06:38 . 2008-04-11 06:38 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic .Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft .VisualBasic.Compatibility.dll
+ 2009-08-31 08:34 . 2009-08-31 08:34 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic .Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft .VisualBasic.Compatibility.dll
+ 2009-08-31 08:34 . 2009-08-31 08:34 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic .Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Micr osoft.VisualBasic.Compatibility.Data.dll
- 2008-04-11 06:38 . 2008-04-11 06:38 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic .Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Micr osoft.VisualBasic.Compatibility.Data.dll
+ 2009-08-31 08:30 . 2009-08-31 08:30 397312 c:\windows\assembly\GAC_MSIL\Microsoft.Transaction s.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Trans actions.Bridge.dll
- 2008-04-11 06:38 . 2008-04-11 06:38 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0 .0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2009-08-31 08:34 . 2009-08-31 08:34 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0 .0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2009-08-31 08:34 . 2009-08-31 08:34 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks \2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.d ll
- 2008-04-11 06:38 . 2008-04-11 06:38 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks \2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.d ll
+ 2009-08-31 08:31 . 2009-08-31 08:31 802816 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks .v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Ta sks.v3.5.dll
+ 2009-08-31 08:31 . 2009-08-31 08:31 733184 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engin e\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine .dll
+ 2009-08-31 08:34 . 2009-08-31 08:34 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engin e\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine .dll
- 2008-04-11 06:38 . 2008-04-11 06:38 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engin e\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine .dll
+ 2009-08-31 08:31 . 2009-08-31 08:31 106496 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Conve rsion.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Bui ld.Conversion.v3.5.dll
+ 2009-08-31 08:34 . 2009-08-31 08:34 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0_ _b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2008-04-11 06:37 . 2008-04-11 06:37 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0_ _b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2009-08-31 08:34 . 2009-08-31 08:34 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0 .0.0__b77a5c561934e089\System.Transactions.dll
+ 2009-08-31 08:30 . 2009-08-31 08:30 368640 c:\windows\assembly\GAC_32\System.Printing\3.0.0.0 __31bf3856ad364e35\System.Printing.dll
- 2008-04-11 06:38 . 2008-04-11 06:38 113664 c:\windows\assembly\GAC_32\System.EnterpriseServic es\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServ ices.Wrapper.dll
+ 2009-08-31 08:34 . 2009-08-31 08:34 113664 c:\windows\assembly\GAC_32\System.EnterpriseServic es\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServ ices.Wrapper.dll
- 2008-04-11 06:38 . 2008-04-11 06:38 258048 c:\windows\assembly\GAC_32\System.EnterpriseServic es\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServ ices.dll
+ 2009-08-31 08:34 . 2009-08-31 08:34 258048 c:\windows\assembly\GAC_32\System.EnterpriseServic es\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServ ices.dll
+ 2009-08-31 08:34 . 2009-08-31 08:34 486400 c:\windows\assembly\GAC_32\System.Data.OracleClien t\2.0.0.0__b77a5c561934e089\System.Data.OracleClie nt.dll
+ 2009-08-31 08:30 . 2009-08-31 08:30 163840 c:\windows\assembly\GAC_32\Microsoft.Transactions. Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Tra nsactions.Bridge.Dtc.dll
+ 2009-09-10 04:20 . 2009-09-10 04:20 389120 c:\windows\assembly\GAC\ehRecObj\6.0.3000.0__31bf3 856ad364e35\ehRecObj.dll
- 2008-09-19 14:41 . 2008-09-19 14:41 389120 c:\windows\assembly\GAC\ehRecObj\6.0.3000.0__31bf3 856ad364e35\ehRecObj.dll
- 2008-09-19 14:41 . 2008-09-19 14:41 122880 c:\windows\assembly\GAC\ehiwmp\6.0.3000.0__31bf385 6ad364e35\ehiwmp.dll
+ 2009-09-10 04:20 . 2009-09-10 04:20 122880 c:\windows\assembly\GAC\ehiwmp\6.0.3000.0__31bf385 6ad364e35\ehiwmp.dll
- 2008-09-19 14:41 . 2008-09-19 14:41 278528 c:\windows\assembly\GAC\ehiVidCtl\6.0.3000.0__31bf 3856ad364e35\ehiVidCtl.dll
+ 2009-09-10 04:20 . 2009-09-10 04:20 278528 c:\windows\assembly\GAC\ehiVidCtl\6.0.3000.0__31bf 3856ad364e35\ehiVidCtl.dll
+ 2009-09-10 04:20 . 2009-09-10 04:20 389120 c:\windows\assembly\GAC\ehiProxy\6.0.3000.0__31bf3 856ad364e35\ehiProxy.dll
- 2008-09-19 14:41 . 2008-09-19 14:41 389120 c:\windows\assembly\GAC\ehiProxy\6.0.3000.0__31bf3 856ad364e35\ehiProxy.dll
- 2008-09-19 14:41 . 2008-09-19 14:41 204800 c:\windows\assembly\GAC\ehiPlay\6.0.3000.0__31bf38 56ad364e35\ehiPlay.dll
+ 2009-09-10 04:20 . 2009-09-10 04:20 204800 c:\windows\assembly\GAC\ehiPlay\6.0.3000.0__31bf38 56ad364e35\ehiPlay.dll
- 2008-09-19 14:41 . 2008-09-19 14:41 167936 c:\windows\assembly\GAC\ehiMsgr\6.0.3000.0__31bf38 56ad364e35\ehiMsgr.dll
+ 2009-09-10 04:20 . 2009-09-10 04:20 167936 c:\windows\assembly\GAC\ehiMsgr\6.0.3000.0__31bf38 56ad364e35\ehiMsgr.dll
+ 2009-09-10 04:20 . 2009-09-10 04:20 110592 c:\windows\assembly\GAC\ehExtCOM\6.0.3000.0__31bf3 856ad364e35\ehExtCOM.dll
- 2008-09-19 14:41 . 2008-09-19 14:41 110592 c:\windows\assembly\GAC\ehExtCOM\6.0.3000.0__31bf3 856ad364e35\ehExtCOM.dll
- 2008-09-19 14:41 . 2008-09-19 14:41 126976 c:\windows\assembly\GAC\ehepgdat\6.0.3000.0__31bf3 856ad364e35\ehepgdat.dll
+ 2009-09-10 04:20 . 2009-09-10 04:20 126976 c:\windows\assembly\GAC\ehepgdat\6.0.3000.0__31bf3 856ad364e35\ehepgdat.dll
- 2008-09-19 14:41 . 2008-09-19 14:41 864256 c:\windows\assembly\GAC\ehepg\6.0.3000.0__31bf3856 ad364e35\ehepg.dll
+ 2009-09-10 04:20 . 2009-09-10 04:20 864256 c:\windows\assembly\GAC\ehepg\6.0.3000.0__31bf3856 ad364e35\ehepg.dll
+ 2009-09-10 04:20 . 2009-09-10 04:20 192512 c:\windows\assembly\GAC\ehcommon\6.0.3000.0__31bf3 856ad364e35\ehcommon.dll
- 2008-09-19 14:41 . 2008-09-19 14:41 192512 c:\windows\assembly\GAC\ehcommon\6.0.3000.0__31bf3 856ad364e35\ehcommon.dll
+ 2009-09-10 04:20 . 2009-09-10 04:20 102400 c:\windows\assembly\GAC\ehCIR\6.0.3000.0__31bf3856 ad364e35\ehCIR.dll
- 2008-09-19 14:41 . 2008-09-19 14:41 102400 c:\windows\assembly\GAC\ehCIR\6.0.3000.0__31bf3856 ad364e35\ehCIR.dll
+ 2009-09-10 04:20 . 2009-09-10 04:20 117248 c:\windows\assembly\GAC\BDATunePIA\6.0.3000.0__31b f3856ad364e35\bdatunepia.dll
- 2008-09-19 14:41 . 2008-09-19 14:41 117248 c:\windows\assembly\GAC\BDATunePIA\6.0.3000.0__31b f3856ad364e35\bdatunepia.dll
+ 2009-08-31 08:24 . 2008-07-08 13:02 382840 c:\windows\$NtUninstallKB973869$\spuninst\updspapi .dll
+ 2009-08-31 08:24 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB973869$\spuninst\spuninst .exe
+ 2009-08-31 08:20 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB973815$\spuninst\updspapi .dll
+ 2009-08-31 08:20 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB973815$\spuninst\spuninst .exe
+ 2009-08-31 08:20 . 2008-04-14 00:12 203776 c:\windows\$NtUninstallKB973815$\mswebdvd.dll
+ 2009-08-31 08:23 . 2004-08-10 04:00 278528 c:\windows\$NtUninstallKB973540_WM9$\wmpdxm.dll
+ 2009-08-31 08:23 . 2007-07-27 08:41 382840 c:\windows\$NtUninstallKB973540_WM9$\spuninst\upds papi.dll
+ 2009-08-31 08:23 . 2007-07-27 08:41 231288 c:\windows\$NtUninstallKB973540_WM9$\spuninst\spun inst.exe
+ 2009-08-31 08:24 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB973507$\spuninst\updspapi .dll
+ 2009-08-31 08:24 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB973507$\spuninst\spuninst .exe
+ 2009-08-31 08:23 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB973354$\spuninst\updspapi .dll
+ 2009-08-31 08:23 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB973354$\spuninst\spuninst .exe
+ 2009-08-31 08:37 . 2008-04-14 00:12 132096 c:\windows\$NtUninstallKB971657$\wkssvc.dll
+ 2009-08-31 08:37 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB971657$\spuninst\updspapi .dll
+ 2009-08-31 08:37 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB971657$\spuninst\spuninst .exe
+ 2009-08-31 08:36 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB971557$\spuninst\updspapi .dll
+ 2009-08-31 08:36 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB971557$\spuninst\spuninst .exe
+ 2009-08-31 08:20 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB970653-v3$\spuninst\updspapi.dll
+ 2009-08-31 08:20 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB970653-v3$\spuninst\spuninst.exe
+ 2009-09-03 11:40 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB968389$\spuninst\updspapi .dll
+ 2009-09-03 11:40 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB968389$\spuninst\spuninst .exe
+ 2009-09-03 11:40 . 2008-12-05 06:54 144896 c:\windows\$NtUninstallKB968389$\schannel.dll
+ 2009-09-03 11:40 . 2008-04-14 00:12 132608 c:\windows\$NtUninstallKB968389$\msv1_0.dll
+ 2009-09-03 11:40 . 2009-02-09 12:10 729088 c:\windows\$NtUninstallKB968389$\lsasrv.dll
+ 2009-09-03 11:40 . 2008-04-14 00:11 299520 c:\windows\$NtUninstallKB968389$\kerberos.dll
+ 2009-09-01 15:58 . 2007-11-30 11:18 382840 c:\windows\$NtUninstallKB961118$\spuninst\updspapi .dll
+ 2009-09-01 15:58 . 2007-11-30 11:18 231288 c:\windows\$NtUninstallKB961118$\spuninst\spuninst .exe
+ 2009-08-31 08:37 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB960859$\spuninst\updspapi .dll
+ 2009-08-31 08:37 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB960859$\spuninst\spuninst .exe
+ 2009-08-31 08:36 . 2008-07-08 13:02 382840 c:\windows\$NtUninstallKB956744$\spuninst\updspapi .dll
+ 2009-08-31 08:36 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB956744$\spuninst\spuninst .exe
+ 2009-08-31 08:24 . 2008-07-08 13:02 382840 c:\windows\$hf_mig$\KB973869\update\updspapi.dll
+ 2009-08-31 08:24 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB973869\update\update.exe
+ 2009-08-31 08:24 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB973869\spuninst.exe
+ 2009-08-31 08:20 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB973815\update\updspapi.dll
+ 2009-08-31 08:20 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB973815\update\update.exe
+ 2009-08-31 08:20 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB973815\spuninst.exe
+ 2009-08-05 08:52 . 2009-08-05 08:52 204800 c:\windows\$hf_mig$\KB973815\SP3QFE\mswebdvd.dll
+ 2009-08-31 08:24 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB973507\update\updspapi.dll
+ 2009-08-31 08:24 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB973507\update\update.exe
+ 2009-08-31 08:24 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB973507\spuninst.exe
+ 2009-08-31 08:23 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB973354\update\updspapi.dll
+ 2009-08-31 08:23 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB973354\update\update.exe
+ 2009-08-31 08:23 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB973354\spuninst.exe
+ 2009-08-31 08:37 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB971657\update\updspapi.dll
+ 2009-08-31 08:37 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB971657\update\update.exe
+ 2009-08-31 08:37 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB971657\spuninst.exe
+ 2009-06-10 06:17 . 2009-06-10 06:17 134144 c:\windows\$hf_mig$\KB971657\SP3QFE\wkssvc.dll
+ 2009-08-31 08:36 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB971557\update\updspapi.dll
+ 2009-08-31 08:36 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB971557\update\update.exe
+ 2009-08-31 08:36 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB971557\spuninst.exe
+ 2009-09-03 11:40 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB968389\update\updspapi.dll
+ 2009-09-03 11:40 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB968389\update\update.exe
+ 2009-09-03 11:40 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB968389\spuninst.exe
+ 2009-06-25 08:41 . 2009-06-25 08:41 147456 c:\windows\$hf_mig$\KB968389\SP3QFE\schannel.dll
+ 2009-06-25 08:41 . 2009-06-25 08:41 136704 c:\windows\$hf_mig$\KB968389\SP3QFE\msv1_0.dll
+ 2009-06-26 09:41 . 2009-06-26 09:41 730112 c:\windows\$hf_mig$\KB968389\SP3QFE\lsasrv.dll
+ 2009-06-25 08:41 . 2009-06-25 08:41 301568 c:\windows\$hf_mig$\KB968389\SP3QFE\kerberos.dll
+ 2009-08-31 08:37 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB960859\update\updspapi.dll
+ 2009-08-31 08:37 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB960859\update\update.exe
+ 2009-08-31 08:37 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB960859\spuninst.exe
+ 2009-08-31 08:36 . 2008-07-08 13:02 382840 c:\windows\$hf_mig$\KB956744\update\updspapi.dll
+ 2009-08-31 08:36 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB956744\update\update.exe
+ 2009-08-31 08:36 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB956744\spuninst.exe
+ 2006-10-14 18:22 . 2008-07-06 12:06 1676288 c:\windows\system32\xpssvcs.dll
- 2005-12-05 23:19 . 2008-06-11 00:58 2330624 c:\windows\system32\WMVCore.dll
+ 2005-12-05 23:19 . 2009-06-08 20:24 2330624 c:\windows\system32\WMVCore.dll
+ 2005-12-05 23:19 . 2009-07-13 08:08 5537792 c:\windows\system32\wmp.dll
- 2005-12-05 23:19 . 2007-04-30 06:20 5537792 c:\windows\system32\wmp.dll
+ 2007-04-02 15:47 . 2008-07-06 12:06 1676288 c:\windows\system32\spool\XPSEP\i386\xpssvcs.dll
+ 2007-04-02 15:47 . 2008-07-06 12:06 1676288 c:\windows\system32\spool\XPSEP\i386\i386\xpssvcs. dll
+ 2007-04-02 15:47 . 2008-07-06 15:36 2936832 c:\windows\system32\spool\XPSEP\amd64\xpssvcs.dll
+ 2007-04-02 15:47 . 2008-07-06 15:36 2936832 c:\windows\system32\spool\XPSEP\amd64\amd64\xpssvc s.dll
+ 2006-10-14 18:22 . 2008-07-06 12:06 1676288 c:\windows\system32\spool\drivers\w32x86\3\XpsSvcs .dll
+ 2005-12-05 23:37 . 2009-06-10 07:19 2066432 c:\windows\system32\mstscax.dll
+ 2006-10-14 18:22 . 2008-07-06 12:06 1676288 c:\windows\system32\dllcache\xpssvcs.dll
+ 2006-12-17 07:30 . 2009-06-08 20:24 2330624 c:\windows\system32\dllcache\WMVCore.dll
- 2006-12-17 07:30 . 2008-06-11 00:58 2330624 c:\windows\system32\dllcache\WMVCore.dll
+ 2009-07-13 08:08 . 2009-07-13 08:08 5537792 c:\windows\system32\dllcache\wmp.dll
+ 2009-06-10 07:19 . 2009-06-10 07:19 2066432 c:\windows\system32\dllcache\mstscax.dll
+ 2009-08-31 05:01 . 2009-07-10 13:27 1315328 c:\windows\system32\dllcache\msoe.dll
+ 2008-07-29 21:40 . 2008-07-29 21:40 1720824 c:\windows\Microsoft.NET\Framework\v3.5\vbc.exe
+ 2008-07-29 16:47 . 2008-07-29 16:47 1054208 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs_setup.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 1364992 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\SITSetup.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 1064448 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\gencomp.dll
+ 2008-07-29 21:40 . 2008-07-29 21:40 1548280 c:\windows\Microsoft.NET\Framework\v3.5\csc.exe
+ 2008-12-05 17:35 . 2008-12-05 17:35 1736528 c:\windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx _v0300.dll
+ 2008-12-05 18:12 . 2008-12-05 18:12 5931008 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 1344000 c:\windows\Microsoft.NET\Framework\v2.0.50727\VsaV b7rt.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 1344000 c:\windows\Microsoft.NET\Framework\v2.0.50727\VsaV b7rt.dll
- 2007-10-23 23:47 . 2007-10-23 23:47 1172472 c:\windows\Microsoft.NET\Framework\v2.0.50727\vbc. exe
+ 2008-07-25 09:17 . 2008-07-25 09:17 1172472 c:\windows\Microsoft.NET\Framework\v2.0.50727\vbc. exe
+ 2008-11-25 02:59 . 2008-11-25 02:59 2048000 c:\windows\Microsoft.NET\Framework\v2.0.50727\Syst em.XML.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\Syst em.Windows.Forms.dll
+ 2008-11-25 02:59 . 2008-11-25 02:59 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\Syst em.Web.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 3149824 c:\windows\Microsoft.NET\Framework\v2.0.50727\Syst em.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 5062656 c:\windows\Microsoft.NET\Framework\v2.0.50727\Syst em.Design.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 2933248 c:\windows\Microsoft.NET\Framework\v2.0.50727\Syst em.Data.dll
+ 2008-11-25 02:59 . 2008-11-25 02:59 5813576 c:\windows\Microsoft.NET\Framework\v2.0.50727\msco rwks.dll
+ 2008-11-25 02:59 . 2008-11-25 02:59 4546560 c:\windows\Microsoft.NET\Framework\v2.0.50727\msco rlib.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 1163768 c:\windows\Microsoft.NET\Framework\v2.0.50727\csco mp.dll
+ 2008-12-13 07:57 . 2008-12-13 07:57 8397824 c:\windows\Installer\d24f8c.msp
+ 2008-07-29 17:26 . 2008-07-29 17:26 1043456 c:\windows\Installer\d0ffac.msp
+ 2008-07-29 18:37 . 2008-07-29 18:37 2679808 c:\windows\Installer\d0ffaa.msp
+ 2008-07-29 19:15 . 2008-07-29 19:15 3697664 c:\windows\Installer\d0ffa8.msp
+ 2008-07-29 17:34 . 2008-07-29 17:34 1448448 c:\windows\Installer\d0ffa7.msp
+ 2008-07-29 18:22 . 2008-07-29 18:22 4137984 c:\windows\Installer\d0ffa6.msp
+ 2008-07-29 17:18 . 2008-07-29 17:18 3376640 c:\windows\Installer\d0ffa5.msp
+ 2008-07-29 15:45 . 2008-07-29 15:45 2543616 c:\windows\Installer\ccc78f.msp
+ 2008-07-29 15:29 . 2008-07-29 15:29 2926080 c:\windows\Installer\ccc78e.msp
+ 2008-07-29 15:41 . 2008-07-29 15:41 6487040 c:\windows\Installer\ccc78d.msp
+ 2008-07-29 15:39 . 2008-07-29 15:39 3403264 c:\windows\Installer\ccc78c.msp
+ 2008-07-29 15:43 . 2008-07-29 15:43 1013248 c:\windows\Installer\ccc78a.msp
+ 2008-07-29 15:31 . 2008-07-29 15:31 6083072 c:\windows\Installer\ccc787.msp
+ 2009-10-06 05:47 . 2009-10-06 05:47 1583616 c:\windows\Installer\35719.msi
+ 2009-08-31 08:37 . 2009-08-31 08:37 3313664 c:\windows\assembly\NativeImages_v2.0.50727_32\Win dowsBase\14cd5f4b61d35f9b76327d6be9853755\WindowsB ase.ni.dll
+ 2009-08-31 15:44 . 2009-08-31 15:44 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIA utomationClients#\f3c7957351aec85f526a3350c9718b1e \UIAutomationClientsideProviders.ni.dll
+ 2009-08-31 08:36 . 2009-08-31 08:36 7868416 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem\80978a322d7dd39f0a71be1251ae395a\System.ni.dll
+ 2009-08-31 08:36 . 2009-08-31 08:36 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Xml\773a9786013451d3baaeff003dc4230f\System.Xm l.ni.dll
+ 2009-08-31 16:10 . 2009-08-31 16:10 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.WorkflowServ#\ac1750e78d79520dcf19195772eff1b6 \System.WorkflowServices.ni.dll
+ 2009-08-31 16:10 . 2009-08-31 16:10 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Workflow.Run#\d265da36954fcb4cb7ad5adc693ea0f2 \System.Workflow.Runtime.ni.dll
+ 2009-08-31 16:10 . 2009-08-31 16:10 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Workflow.Com#\693a8fbe6f7ad6e4e429052da4317e59 \System.Workflow.ComponentModel.ni.dll
+ 2009-08-31 16:10 . 2009-08-31 16:10 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Workflow.Act#\cc99fbbac0b6e4e9ca62093e49b0c16b \System.Workflow.Activities.ni.dll
+ 2009-08-31 15:42 . 2009-08-31 15:42 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Web.Services\b57bb002a655920cbfa2bee29d1e22b7\ System.Web.Services.ni.dll
+ 2009-08-31 16:10 . 2009-08-31 16:10 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Web.Mobile\81197e32ec931f439b3114e9031b65d6\Sy stem.Web.Mobile.ni.dll
+ 2009-08-31 16:09 . 2009-08-31 16:09 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Web.Extensio#\7f64c9d25471b72e1e957bdfe67947c8 \System.Web.Extensions.ni.dll
+ 2009-08-31 15:44 . 2009-08-31 15:44 1917440 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Speech\63cf639b6e0a3c25c1643c85016e7422\System .Speech.ni.dll
+ 2009-08-31 16:09 . 2009-08-31 16:09 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.ServiceModel#\340cad17fe57947eacbc8fa2cea780da \System.ServiceModel.Web.ni.dll
+ 2009-08-31 16:06 . 2009-08-31 16:06 2338304 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Runtime.Seri#\034c91b133dee73d452652c52767b5ea \System.Runtime.Serialization.ni.dll
+ 2009-08-31 15:42 . 2009-08-31 15:42 1035264 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Printing\646ab52eef343380aa002c220dc31e13\Syst em.Printing.ni.dll
+ 2009-08-31 16:06 . 2009-08-31 16:06 1056768 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.IdentityModel\c2de8479e54852f56996f79bc93acb13 \System.IdentityModel.ni.dll
+ 2009-08-31 15:41 . 2009-08-31 15:41 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Drawing\3da96ee075bab9202626ae44c18d226c\Syste m.Drawing.ni.dll
+ 2009-08-31 15:42 . 2009-08-31 15:42 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.DirectorySer#\543aced762f6b0c3f8e037955941afc6 \System.DirectoryServices.ni.dll
+ 2009-08-31 15:41 . 2009-08-31 15:41 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Deployment\a6b58624486714fa71e5e35186850ff0\Sy stem.Deployment.ni.dll
+ 2009-08-31 15:42 . 2009-08-31 15:42 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Data\c70731047b0022638b3f9fb158948a03\System.D ata.ni.dll
+ 2009-08-31 08:36 . 2009-08-31 08:36 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Data.SqlXml\826b09ab0d0e36f4d631b4cd335df511\S ystem.Data.SqlXml.ni.dll
+ 2009-08-31 16:09 . 2009-08-31 16:09 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Data.Services\956a513dcbd44d5a6801840ef2b0b47b \System.Data.Services.ni.dll
+ 2009-08-31 15:43 . 2009-08-31 15:43 1115136 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Data.OracleC#\283ecfbaa6a6fab76c8b544a4a89d5ce \System.Data.OracleClient.ni.dll
+ 2009-08-31 15:43 . 2009-08-31 15:43 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Data.Linq\0bbec79460b1137df5313f9baf7b246f\Sys tem.Data.Linq.ni.dll
+ 2009-08-31 16:09 . 2009-08-31 16:09 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Data.Entity\6479f975b105808a8d9e7a7fdc762551\S ystem.Data.Entity.ni.dll
+ 2009-08-31 15:43 . 2009-08-31 15:43 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Core\47d87251e93256c635eb73403b8db33e\System.C ore.ni.dll
+ 2009-08-31 15:42 . 2009-08-31 15:42 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\Rea chFramework\4bfb3048bf200a6a8592d1b4ba861a7f\Reach Framework.ni.dll
+ 2009-08-31 15:42 . 2009-08-31 15:42 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\Pre sentationUI\6bafb1a2a73794ddb9761cb321c9e7e2\Prese ntationUI.ni.dll
+ 2009-08-31 08:36 . 2009-08-31 08:36 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\Pre sentationBuildTa#\e634bc4c4a00635a0a254febab0e2e2c \PresentationBuildTasks.ni.dll
+ 2009-08-31 16:08 . 2009-08-31 16:08 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.VisualBas#\1c86afc399d0fdd8e069266ffbe748d1 \Microsoft.VisualBasic.ni.dll
+ 2009-08-31 16:07 . 2009-08-31 16:07 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.Transacti#\6b2f62f5e981913fce1d223f645d9ddf \Microsoft.Transactions.Bridge.ni.dll
+ 2009-08-31 16:09 . 2009-08-31 16:09 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.JScript\b261961046545831aa60963e84905968\Mi crosoft.JScript.ni.dll
+ 2009-08-31 16:08 . 2009-08-31 16:08 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.Build.Tas#\bd241492d96db39f20e758c13c845033 \Microsoft.Build.Tasks.ni.dll
+ 2009-08-31 16:08 . 2009-08-31 16:08 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.Build.Tas#\a47100d8f4574bed2d49d83d0ab8964e \Microsoft.Build.Tasks.v3.5.ni.dll
+ 2009-08-31 16:08 . 2009-08-31 16:08 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.Build.Eng#\6cfe582681724965fb817e8ece5f0909 \Microsoft.Build.Engine.ni.dll
+ 2009-08-31 08:30 . 2009-08-31 08:30 1245184 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__ 31bf3856ad364e35\WindowsBase.dll
+ 2009-08-31 08:34 . 2009-08-31 08:34 3149824 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5 c561934e089\System.dll
+ 2009-08-31 08:34 . 2009-08-31 08:34 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b 77a5c561934e089\System.XML.dll
+ 2009-08-31 08:30 . 2009-08-31 08:30 1630208 c:\windows\assembly\GAC_MSIL\System.Workflow.Compo nentModel\3.0.0.0__31bf3856ad364e35\System.Workflo w.ComponentModel.dll
+ 2009-08-31 08:30 . 2009-08-31 08:30 1138688 c:\windows\assembly\GAC_MSIL\System.Workflow.Activ ities\3.0.0.0__31bf3856ad364e35\System.Workflow.Ac tivities.dll
+ 2009-08-31 08:34 . 2009-08-31 08:34 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\ 2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2009-08-31 08:36 . 2009-08-31 08:36 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions \3.5.0.0__31bf3856ad364e35\System.Web.Extensions.d ll
+ 2009-08-31 08:35 . 2009-08-31 08:35 5931008 c:\windows\assembly\GAC_MSIL\System.ServiceModel\3 .0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2009-08-31 08:34 . 2009-08-31 08:34 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0 __b03f5f7f11d50a3a\System.Design.dll
+ 2009-08-31 08:31 . 2009-08-31 08:31 2879488 c:\windows\assembly\GAC_MSIL\System.Data.Entity\3. 5.0.0__b77a5c561934e089\System.Data.Entity.dll
+ 2009-08-31 08:35 . 2009-08-31 08:35 5283840 c:\windows\assembly\GAC_MSIL\PresentationFramework \3.0.0.0__31bf3856ad364e35\PresentationFramework.d ll
+ 2009-08-31 08:34 . 2009-08-31 08:34 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03 f5f7f11d50a3a\System.Web.dll
+ 2009-08-31 08:34 . 2009-08-31 08:34 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b7 7a5c561934e089\System.Data.dll
+ 2009-08-31 08:30 . 2009-08-31 08:30 4210688 c:\windows\assembly\GAC_32\PresentationCore\3.0.0. 0__31bf3856ad364e35\PresentationCore.dll
+ 2009-08-31 08:34 . 2009-08-31 08:34 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5 c561934e089\mscorlib.dll
- 2008-09-19 14:41 . 2008-09-19 14:41 1863680 c:\windows\assembly\GAC\EhCM\6.0.3000.0__31bf3856a d364e35\EhCM.dll
+ 2009-09-10 04:20 . 2009-09-10 04:20 1863680 c:\windows\assembly\GAC\EhCM\6.0.3000.0__31bf3856a d364e35\EhCM.dll
+ 2009-08-31 08:23 . 2007-04-30 06:20 5537792 c:\windows\$NtUninstallKB973540_WM9$\wmp.dll
+ 2009-08-31 08:23 . 2008-04-14 00:12 1314816 c:\windows\$NtUninstallKB973354$\msoe.dll
+ 2009-08-31 08:36 . 2008-04-14 00:11 2061824 c:\windows\$NtUninstallKB956744$\mstscax.dll
+ 2009-07-10 16:54 . 2009-07-10 16:54 1315328 c:\windows\$hf_mig$\KB973354\SP3QFE\msoe.dll
+ 2009-08-31 05:01 . 2009-06-09 15:21 2067968 c:\windows\$hf_mig$\KB956744\SP3QFE\lhmstscx.dll
+ 2009-07-23 15:57 . 2009-08-28 21:38 24689600 c:\windows\system32\MRT.exe
+ 2008-12-13 08:21 . 2008-12-13 08:21 10473472 c:\windows\Installer\d24f96.msp
+ 2009-08-31 15:41 . 2009-08-31 15:41 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Windows.Forms\63406259e94d5c0ff5b79401dfe113ce \System.Windows.Forms.ni.dll
+ 2009-08-31 15:42 . 2009-08-31 15:42 11796992 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Web\3963ce03d445a8619abbf388d590134b\System.We b.ni.dll
+ 2009-08-31 16:07 . 2009-08-31 16:07 17317888 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.ServiceModel\4146033013edebd7e0cb604e504ebfee\ System.ServiceModel.ni.dll
+ 2009-08-31 15:43 . 2009-08-31 15:43 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Design\8ee220bc3cce4f7bbd7818946519ed7f\System .Design.ni.dll
+ 2009-08-31 15:42 . 2009-08-31 15:42 14327808 c:\windows\assembly\NativeImages_v2.0.50727_32\Pre sentationFramewo#\96e710f47c601cba3f2348a8d11ddede \PresentationFramework.ni.dll
+ 2009-08-31 15:40 . 2009-08-31 15:40 12216320 c:\windows\assembly\NativeImages_v2.0.50727_32\Pre sentationCore\956375d487cbef36165b3250030e3574\Pre sentationCore.ni.dll
+ 2009-08-31 08:35 . 2009-08-31 08:35 11486720 c:\windows\assembly\NativeImages_v2.0.50727_32\msc orlib\6d667f19d687361886990f3ca0f49816\mscorlib.ni .dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"NBJ"="c:\program files\Ahead\Nero BackItUp\NBJ.exe" [2005-07-14 1961984]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-06-09 2363392]
"LaCie Backup"="c:\program files\LaCie\Backup Software\\LaCieBackup.exe" [2006-07-06 2596864]
"AnyDVD"="c:\program files\SlySoft\AnyDVD\AnyDVDtray.exe" [2009-09-25 3058624]
"WAB"="c:\documents and settings\y\Application Data\Macromedia\Common\2a29604a19.exe" [2009-10-07 3584]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-09-15 1998576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-12-14 7323648]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2005-06-17 139264]
"DMXLauncher"="c:\program files\Dell\Media Experience\DMXLauncher.exe" [2005-10-05 94208]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 81920]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-09-08 122940]
"EPSON Stylus Photo R200 Series"="c:\windows\System32\spool\DRIVERS\W32X86\ 3\E_S4I0H2.EXE" [2003-09-11 99840]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2006-10-25 35328]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-09-29 155648]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-03-21 69632]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.e xe" [2001-07-09 155648]
"DVDTray"="c:\program files\Ahead\ODD Toolkit\DVDTray.exe" [2004-09-03 65536]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-11-14 286720]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2007-11-15 267048]
"mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2009-07-09 645328]
"Acrobat Assistant 7.0"="c:\program files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2004-12-14 483328]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"SigmatelSysTrayApp"="stsystra.exe" - c:\windows\stsystra.exe [2005-03-22 339968]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" - c:\windows\KHALMNPR.Exe [2004-12-10 49152]
"WD Button Manager"="WDBtnMgr.exe" - c:\windows\system32\WDBtnMgr.exe [2008-03-09 364544]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"WAB"="c:\documents and settings\y\Application Data\Macromedia\Common\2a29604a19.exe" [2009-10-07 3584]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Acrobat Speed Launcher.lnk - c:\windows\Installer\{AC76BA86-1033-F400-7760-000000000002}\SC_Acrobat.exe [2008-7-5 25214]
Consola KIT ADSL.lnk - c:\program files\Telefonica\Kit ADSL USB\dslmon.exe [2006-4-7 901272]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2006-4-20 434176]
NkbMonitor.exe.lnk - c:\program files\Nikon\PictureProject\NkbMonitor.exe [2006-8-11 118784]
WD Backup Monitor.lnk - c:\program files\My Book\WD Backup\uBBMonitor.exe [2007-1-5 98304]

[hkey_local_machine\software\microsoft\windows\curr entversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 13:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\mcmscsvc]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\MCODS]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\iPod\\bin\\iPodService.exe"=
"c:\\Program Files\\McAfee\\VirusScan\\Mcshield.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\jqs.exe"=
"c:\\Program Files\\McAfee\\MPF\\MpfSrv.exe"=
"c:\\Program Files\\Common Files\\Nero\\Nero BackItUp 4\\NBService.exe"=
"c:\\WINDOWS\\ehome\\ehrecvr.exe"=
"c:\\Program Files\\Intel\\Intel Matrix Storage Manager\\IAANTMon.exe"=
"c:\\Program Files\\McAfee\\MSC\\mcmscsvc.exe"=
"c:\\Program Files\\McAfee\\MSK\\msksrver.exe"=
"c:\\WINDOWS\\system32\\spoolsv.exe"=
"c:\\Program Files\\McAfee\\SiteAdvisor\\McSACore.exe"=
"c:\\Program Files\\Common Files\\Apple\\Mobile Device Support\\bin\\AppleMobileDeviceService.exe"=
"c:\\WINDOWS\\system32\\dllhost.exe"=
"c:\\Program Files\\Common Files\\LightScribe\\LSSrvc.exe"=
"c:\\Program Files\\Common Files\\Microsoft Shared\\Windows Live\\WLLoginProxy.exe"=
"c:\\Program Files\\Common Files\\LightScribe\\LightScribeControlPanel.exe"=
"c:\\MAGIX\\Common\\Database\\bin\\FABS.exe"=
"c:\\Program Files\\Logitech\\SetPoint\\SetPoint.exe"=
"%windir%\\system32\\drivers\\svchost.exe"=
"c:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"=

S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [15/09/2009 11:42 9968]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [15/09/2009 11:42 74480]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [01/10/2008 7:13 210216]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\magix\Common\Database\bin\fbserver.exe [05/05/2007 8:05 1527900]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\dr ivers\mbamswissarmy.sys [06/10/2009 20:58 38224]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [15/09/2009 11:42 7408]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - ADILOADER

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSe tup SIGNUP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Common Files\LightScribe\LSRunOnce.exe"
.
Contents of the 'Scheduled Tasks' folder

2009-10-02 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 13:57]

2008-06-14 c:\windows\Tasks\McDefragTask.job
- c:\program files\mcafee\mqc\QcConsol.exe [2007-02-17 19:26]

2008-03-01 c:\windows\Tasks\McQcTask.job
- c:\program files\mcafee\mqc\QcConsol.exe [2007-02-17 19:26]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://es.yahoo.com/
uInternet Connection Wizard,ShellNext = hxxp://support.euro.dell.com/segment.asp?country=es&language=es
uSearchURL,(Default) = hxxp://es.search.yahoo.com/search?fr=mcafee&p=%s
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&xportar a Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
Trusted Zone: fnmt.es\apuc.cert
Trusted Zone: fnmt.es\apus.cert
Trusted Zone: fnmt.es\www.cert
DPF: {7A252985-D109-46C7-9667-4D30A70006A2} - hxxps://www.delta.mtas.es/activex/deltaActiveX.dll
DPF: {B785FA3C-1DE9-4D20-8396-613C486FE95E} - hxxps://www4.aeat.es/es13/h/cactivex.cab
DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://80.34.88.249/activex/AMC.cab
FF - ProfilePath - c:\documents and settings\y\Application Data\Mozilla\Firefox\Profiles\38ka3t18.default\
FF - prefs.js: browser.startup.homepage - hxxp://es.yahoo.com/
FF - component: c:\program files\McAfee\SiteAdvisor\components\McFFPlg.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Media Player\npViewpoint.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
.
------- File Associations -------
.
txtfile=Notepad.exe "%1"
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-rundll32.exe - (no file)
AddRemove-IVA2006 - f:\aeat\IVA2006\UninstallerData\Uninstall IVA2006.exe
AddRemove-Retenciones2007 - f:\aeat\Retenciones2007\UninstallerData\Desinstala r Retenciones 2007.exe



************************************************** ************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-07 16:54
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

************************************************** ************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{1d7799d 6-a7af-438c-9d13-c0ee583f9763}]
@Denied: (Full) (Everyone)

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E916 4-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):f8,2d,e2,2d,89,2c,85,0a,ac,e3,f0,6 4,61,51,48,c1,20,38,ed,70,9c,
f4,29,3a,d0,6c,d3,d5,fc,1d,4f,c9,85,7a,d9,c6,86,6e ,4f,43,00,00,00,00,00,00,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(268)
c:\windows\system32\wininet.dll
c:\program files\SUPERAntiSpyware\SASWINLO.dll
.
Completion time: 2009-10-07 16:56
ComboFix-quarantined-files.txt 2009-10-07 14:56
ComboFix2.txt 2009-07-31 03:56
ComboFix3.txt 2009-07-28 05:29
ComboFix4.txt 2009-07-27 20:15

Pre-Run: 29.890.351.104 bytes free
Post-Run: 29.867.003.904 bytes libres

1115 --- E O F --- 2009-09-10 12:02



UNQUOTE
------------
Responder Con Cita
  post #7  
Antiguo 07/10/09, 12:31:26
Avatar de Leosolari
Moderador
  
Registrado: jun 2007
Ubicación: argentina
Mensajes: 17.100
Re: Virus bloquea actividad PC
Hola de nuevo

Desinstala CF de esta manera:
  • Ve a Inicio > Ejecutar
  • Escribe lo siguiente: ComboFix /u como muestra la imagen debajo:
    o
  • Esto activara el desinstalador de ComboFix abriendo su pantalla principal y luego de unos segundos veras ("ComboFix is uninstalled")

Esto realizara las siguientes tareas:

  • Se borraran:
    • ComboFix: sus archivos y carpetas.
    • VundoFix: copias de seguridad (si está presente)
    • La carpeta C:\Deckard (si está presente)
    • La carpeta C: _OtMoveIt (si está presente)
  • Restablece la configuración del reloj.
  • Ocultar extensiones de archivo (si es necesario.)
  • Oculta los archivos que estaban ocultos
  • Reactiva el "Restaurar Sistema"



Nos comentas como sigue el ordenador
NO DESESPERES....SIGUE LUCHANDO.

Novedades del Foro | Antivirus Online | Eliminar Malwares | Políticas del Foro | Blog

* Ayúdanos haciendo una DONACIÓN para poder seguir Ayudando.
* Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
* No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.
Responder Con Cita
  post #8  
Antiguo 08/10/09, 04:43:39
Usuario
  
Registrado: jul 2009
Ubicación: madrid
Mensajes: 11
Re: Virus bloquea actividad PC
Buenos dias (y malas noticias), Leosolari

Desinstalé ComboFix como me indicaste
Tambien el Superantispyware porque me daba muchos problemnas en el arranque

Al principio parecía que todo iba bien (como te dije ayer), pero duró poco tiempo.
El PC empezó a colgarse de nuevo con cualquier acción, bloqueandose incluso la barra de windows (lo que obliga a apagar el PC desconectandolo de la toma electrica ya que ni siquiera funciona el ctrl-alt-sup)
Intenté pasar el mcafee para ver si detectaba algo, y se quedó colgado en un 2% del escaneo.
Subiendo un fichero por ftp, a los 5 minutos ya no tenía ninguna actividad.
Incluso intentando escribir este texto (que no es que sea la biblia, precisamente), se quedó colgado y no me dejaba cerrar el explorer, no desconectar de internet, ni reiniciar, ni nada.
Asi que he tenido que esperar a hoy para mandar esto desde el PC del trabajo.

Pasé el hijacthis y saqué el log, por si te es util para detectar algo.

Muchas gracias por tu continuo esfuerzo
Salu2



QUOTE
_____

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:48:06, on 07/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\WINDOWS\system32\WDBtnMgr.exe
C:\Program Files\Ahead\ODD Toolkit\DVDTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\LaCie\Backup Software\LaCieBackup.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Telefonica\Kit ADSL USB\dslmon.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\My Book\WD Backup\uBBMonitor.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://es.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://es.search.yahoo.com/search?fr=mcafee&p=%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://support.euro.dell.com/segment.asp?country=es&language=es
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [EPSON Stylus Photo R200 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0H 2.EXE /P30 "EPSON Stylus Photo R200 Series" /O6 "USB002" /M "Stylus Photo R200"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [DVDTray] C:\Program Files\Ahead\ODD Toolkit\DVDTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [LaCie Backup] C:\Program Files\LaCie\Backup Software\\LaCieBackup.exe /background
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
O4 - HKCU\..\Run: [WAB] C:\Documents and Settings\y\Application Data\Macromedia\Common\2a29604a19.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [WAB] C:\Documents and Settings\y\Application Data\Macromedia\Common\2a29604a19.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Consola KIT ADSL.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: WD Backup Monitor.lnk = C:\Program Files\My Book\WD Backup\uBBMonitor.exe
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.cert.fnmt.es
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {7A252985-D109-46C7-9667-4D30A70006A2} (SIACrypto Class) - https://www.delta.mtas.es/activex/deltaActiveX.dll
O16 - DPF: {B785FA3C-1DE9-4D20-8396-613C486FE95E} (AeatCtl Class) - https://www4.aeat.es/es13/h/cactivex.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://80.34.88.249/activex/AMC.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Intel® Quick Resume Technology Drivers (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 14999 bytes


UNQUOTE
------------
Responder Con Cita
  post #9  
Antiguo 13/10/09, 07:53:47
Avatar de Leosolari
Moderador
  
Registrado: jun 2007
Ubicación: argentina
Mensajes: 17.100
Re: Virus bloquea actividad PC
Hola de nuevo.

Por favor, disulpa la tardanza. es que no estube por estos lados por razones forzosas.

Creo la mejor alternativa para lograr un sistema operativo estable y funcinal es que le le hagas un formateo a ese dico Rígido, ya que los daños que acusa (según ComboFix) son varios e irreversibles.

Si en algo puedo ayudarte, me lo indicas.

Saludos
NO DESESPERES....SIGUE LUCHANDO.

Novedades del Foro | Antivirus Online | Eliminar Malwares | Políticas del Foro | Blog

* Ayúdanos haciendo una DONACIÓN para poder seguir Ayudando.
* Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
* No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.
Responder Con Cita
  post #10  
Antiguo 13/10/09, 08:46:30
Usuario
  
Registrado: jul 2009
Ubicación: madrid
Mensajes: 11
Re: Virus bloquea actividad PC
Muchisimas gracias por tu gran ayuda, Leosolari

Voy a formatear y recuperar un backup que tengo de hace un par de meses, con lo que el trabajo perdido no será demasiado.

Nos vemos
Responder Con Cita
Respuesta
Página 1 de 2 1 2

« Tema Anterior | Próximo Tema »
Herramientas

Reglas del foro
No puedes crear nuevos temas
No puedes responder temas
No puedes subir adjuntos
No puedes editar tus mensajes
BB code is activado
Las caritas están activado
Código [IMG] está activado
Código HTML está desactivado
Trackbacks are desactivado
Pingbacks are activado
Refbacks are activado

Temas Similares
Tema Autor Foro Respuestas Último mensaje
Sys32_nov.exe y msdriver32.exe gooshee Foro de Virus y Spywares 18 18/09/09 14:35:25
Virus New WIN32 y New Poly Win32 j2pac Foro de Virus y Spywares 12 08/05/09 14:52:44
seguire infectado flony Foro de Virus y Spywares 17 21/03/09 20:38:01
Ayuda con estos problemas!!!!! (Terminado - Formateo) GASOLINAMAN Temas Solucionados 18 22/02/09 17:08:24
¿Como desinfectó este? Resultados de Panda Online (Solucionado) C_david Temas Solucionados 3 13/12/08 17:16:26




Todas las horas son GMT -4. La hora es 23:45:39.

Sobre Infospyware - Contáctanos - Políticas del Foro - Staff - Archivo - Blog  

Powered by: InfoSpyware, Versión 3.8.4
Copyright © 2004 - 2009, ForoSpyware.com
© Copyright 2005 - 2009 InfoSpyware ® Todos los derechos reservados.
InfoSpyware es miembro de ASAP - Alliance of Security Analysis Professionals

 

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31