Blog Registrarse Manuales Programas Glosario

Regresar   Foro de InfoSpyware » Spyware - Adware - Hijackers - Malwares » Foro Oficial de HijackThis en español
Actualizar Error al inciar xp en svchost.exe no written
 

Para evitar Virus, Spyware y otros Malwares, te recomendamos mantenerte informado en: InfoSpyware Blog


Foro Oficial de HijackThis en español Analizamos tu log de HijackThis para eliminar Hijackers, Spyware, Adware, ToolBars, Virus, Troyanos y Malwares en gral. Antes lea las Políticas del Foro de HijackThis.

Respuesta
 
Enviar a: Herramientas
  post #1  
Antiguo 15/03/10, 10:51:33
Usuario
  
Registrado: mar 2010
Ubicación: bcn
Mensajes: 5
Error al inciar xp en svchost.exe no written
Buenas a todos,
al iniciar el pc me sale "svchost.exe intruccion "0x7c92b1fa" no written.

Cuando paso el Malwarebytes' Anti-Malware me detecta dos en :
Hkey_Local_Machine\System\Currentcontrolset\Servic es\...

uno en bits\ImagePath
y el otro el wuauserv\ImagePath

y aunque le de a eliminar me dice que eliminados y puesto en cuarentena pero si le vuelvo a pasar siguen estando ahi, este proceso tambien lo he hecho en modo seguro.
He pasado dos antivirus y el SUPERAntiSpyware y no consiga nada.
Os pego el log de hijackthis por si es de utilidad :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:36:25, on 15/03/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Archivos de programa\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Archivos de programa\Diskeeper Corporation\Diskeeper\DkService.exe
C:\WINDOWS\System32\svchost.exe
C:\Archivos de programa\Archivos comunes\InstallShield\Driver\1050\Intel 32\IDriverT.exe
C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
C:\Archivos de programa\Archivos comunes\InterVideo\RegMgr\iviRegMgr.exe
C:\Archivos de programa\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\LMabcoms.exe
C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\Explorer.EXE
C:\Archivos de programa\Norton Internet Security\Engine\17.5.0.127\ccSvcHst.exe
C:\Archivos de programa\Archivos comunes\Microsoft Shared\Source Engine\OSE.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\Installer\MSI9E.tmp
C:\Archivos de programa\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\Archivos de programa\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Archivos de programa\Archivos comunes\Lenovo\tvt_reg_monitor_svc.exe
C:\Archivos de programa\Lenovo\Rescue and Recovery\rrpservice.exe
C:\Archivos de programa\Lenovo\Rescue and Recovery\rrservice.exe
c:\Archivos de programa\Archivos comunes\Lenovo\Scheduler\tvtsched.exe
C:\Archivos de programa\Lenovo\Rescue and Recovery\ADM\IUService.exe
C:\Archivos de programa\Archivos comunes\Lenovo\Logger\logmon.exe
c:\archivos de programa\lenovo\system update\suservice.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Archivos de programa\ePrompter\ePrompter.exe
C:\Archivos de programa\Norton Internet Security\Engine\17.5.0.127\ccSvcHst.exe
C:\Archivos de programa\Diskeeper Corporation\Diskeeper\DkIcon.exe
C:\WINDOWS\system32\mstsc.exe
C:\Archivos de programa\Internet Explorer\iexplore.exe
C:\Archivos de programa\Windows Live\Toolbar\wltuser.exe
C:\Archivos de programa\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.es/0SEESES/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.es/0SEESES/SAOS01?FORM=TOOLBR
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo.live.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Archivos de programa\Norton Internet Security\Engine\17.5.0.127\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Archivos de programa\Norton Internet Security\Engine\17.5.0.127\IPSBHO.DLL
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Archivos de programa\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Archivos de programa\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Archivos de programa\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Archivos de programa\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dl l
O2 - BHO: ThinkVantage Password Manager - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Archivos de programa\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Archivos de programa\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Archivos de programa\Norton Internet Security\Engine\17.5.0.127\coIEPlg.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\ARCHIV~1\ARCHIV~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [] (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Servicio de red')
O4 - HKUS\S-1-5-20\..\RunOnce: [] (User 'Servicio de red')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [] (User 'Default user')
O4 - Startup: ePrompter.lnk = C:\Archivos de programa\ePrompter\ePrompter.exe
O4 - Startup: Outlook Express.lnk = C:\Archivos de programa\Outlook Express\msimn.exe
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Archivos de programa\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O9 - Extra 'Tools' menuitem: ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Archivos de programa\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)
O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)
O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARCHIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1256739178211
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1268377335765
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1251974381781
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4890E7A6-2B7E-4C5F-B831-FE52031562F0}: NameServer = 80.58.61.250,80.58.61.254
O20 - Winlogon Notify: !SASWinLogon - C:\Archivos de programa\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Servicio de transferencia inteligente en segundo plano (BITS) - Unknown owner - C:\WINDOWS\
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Archivos de programa\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Archivos de programa\Archivos comunes\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Archivos de programa\Archivos comunes\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Archivos de programa\Java\jre6\bin\jqs.exe
O23 - Service: lmab_device - - C:\WINDOWS\system32\LMabcoms.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Archivos de programa\Norton Internet Security\Engine\17.5.0.127\ccSvcHst.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SolidConverterPDFReadSpool (SCPDFReadSpool) - Solid Documents, LLC - C:\WINDOWS\Installer\MSI9E.tmp
O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\archivos de programa\lenovo\system update\suservice.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Archivos de programa\Archivos comunes\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: TVT Backup Protection Service - Unknown owner - C:\Archivos de programa\Lenovo\Rescue and Recovery\rrpservice.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Archivos de programa\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - c:\Archivos de programa\Archivos comunes\Lenovo\Scheduler\tvtsched.exe
O23 - Service: tvtnetwk - Unknown owner - C:\Archivos de programa\Lenovo\Rescue and Recovery\ADM\IUService.exe
O23 - Service: Actualizaciones automáticas (wuauserv) - Unknown owner - C:\WINDOWS\
O24 - Desktop Component 0: (no name) - (no file)

--
End of file - 10744 bytes
Responder Con Cita
InfoSpyware

  post #2  
Antiguo 15/03/10, 12:23:51
Avatar de Leosolari
Moderador Gral.
  
Registrado: jun 2007
Ubicación: argentina
Mensajes: 26.270
Re: Error al inciar xp en svchost.exe no written
Hola Symbel


Descargá estas herramientas a tu escritorio:

º Ccleaner. Lo instalas según Su Manual

º Malwarebytes. Lo instalas y actualizas según su manual, PERO NO LO EJECUTES AUN

º ComboFix.exe y guárdalo en el escritorio.


Cerrá todos los programas, ejecutas HijackThis , tildas las casillas de estas entradas y presionas


R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.es/0SEESES/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.es/0SEESES/SAOS01?FORM=TOOLBR

R3 - Default URLSearchHook is missing

O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)
O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)





Cita:
Ejecutá Ccleaner usando sus opciones "Limpiador" y "Registro".

Cita:
Ejecutá Malwarebytes.
Hacé un "escaneo completo". Una vez finalizado, si te detecta algo eliges " quitar lo seleccionado " como lo indica Esta Imagen
Si te pide reiniciar, lo haces.

Ejecutá ComboFix.exe

* Cerrá todas las ventanas abiertas.

* Hacé doble clic al archivo ComboFix.exe y seguí las instrucciones.
Cuando termine su trabajo, ComboFix generará un registro en C:\ComboFix.txt.

*Nota*
Mientras CF este trabajando no muevas el mouse, ya que pararía su proceso.
ComboFix puede reiniciar automáticamente el PC para completar el proceso de eliminación.

Cita:
Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.
* Reiniciá y pega el reporte de C:\ComboFix.txt en este mismo mensaje y nos comentás como funciona el ordenador ahora.

Cita:
No vuelvas a utilizar ComboFix ni ningun otro programa antivirus hasta que no te de una respuesta...


  • Reiniciá y pegá el reporte de C:\ComboFix.txt en este mismo mensaje.


Cita:
PD: No vuelvas a ejecutar ComboFix ni ningun otro programa antivirus hasta que vuelva con una respuesta, ya que puedes hacer cambiar las cosas.


En tu próxima respuesta, debes poner lo siguiente:

º El reporte de malwarebyte´s, que se encuentra en su pestaña REGISTROS
º El reporte de ComboFix
º Un nuevo log de Hijackthis
º Como funciona tu pc ahora


Saludos
NO DESESPERES....SIGUE LUCHANDO


* Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
* Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
* No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.
Responder Con Cita
  post #3  
Antiguo 16/03/10, 03:38:35
Usuario
  
Registrado: mar 2010
Ubicación: bcn
Mensajes: 5
Re: Error al inciar xp en svchost.exe no written
He seguido la instrucciones,mi pc reinicia con el mismo error descrito.
Pongo los reportes solicitados:
Malwarebytes' Anti-Malware 1.44
Versión de la Base de Datos: 3872
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.11

16/03/2010 9:11:32
mbam-log-2010-03-16 (09-11-32).txt

Tipo de examen : Examen Completo (C:\|)
Objetos examinados: 200067
Tiempo transcurrido: 33 minute(s), 0 second(s)

Procesos en Memoria Infectados: 0
Módulos en Memoria Infectados: 0
Claves del Registro Infectadas: 0
Valores del Registro Infectados: 0
Elementos de Datos del Registro Infectados: 2
Carpetas Infectadas: 0
Ficheros Infectados: 0

Procesos en Memoria Infectados:
(No se han detectado elementos maliciosos)

Módulos en Memoria Infectados:
(No se han detectado elementos maliciosos)

Claves del Registro Infectadas:
(No se han detectado elementos maliciosos)

Valores del Registro Infectados:
(No se han detectado elementos maliciosos)

Elementos de Datos del Registro Infectados:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Servic es\BITS\ImagePath (Hijack.WindowsUpdates) -> Bad: (%fystemRoot%\system32\svchost.exe -k netsvcs) Good: (%SystemRoot%\System32\svchost.exe -k netsvcs) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Servic es\wuauserv\ImagePath (Hijack.WindowsUpdates) -> Bad: (%fystemroot%\system32\svchost.exe -k netsvcs) Good: (%SystemRoot%\System32\svchost.exe -k netsvcs) -> Quarantined and deleted successfully.

Carpetas Infectadas:
(No se han detectado elementos maliciosos)

Ficheros Infectados:
(No se han detectado elementos maliciosos)


--------------

ComboFix 10-03-15.04 - poli-02 16/03/2010 9:17.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.34.3082.18.2038.1330 [GMT 1:00]
Running from: c:\documents and settings\poli-02\Escritorio\ComboFix.exe
AV: Norton Internet Security *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.
ADS - WINDOWS: deleted 24 bytes in 1 streams.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\poli-02\Datos de programa\.#
c:\recycler\S-1-5-21-578718077-3994156706-829061628-500
c:\windows\config.ini

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_TCPSR


((((((((((((((((((((((((( Files Created from 2010-02-16 to 2010-03-16 )))))))))))))))))))))))))))))))
.

2010-03-16 08:21 . 2010-03-16 08:21 -------- d-----w- c:\windows\LastGood
2010-03-16 05:58 . 2010-03-15 08:10 84912 ----a-w- c:\documents and settings\All Users\Datos de programa\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs \20100315.022\NAVENG.SYS
2010-03-16 05:58 . 2010-03-15 08:10 2747440 ----a-w- c:\documents and settings\All Users\Datos de programa\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs \20100315.022\CCERASER.DLL
2010-03-16 05:58 . 2010-03-15 08:10 259440 ----a-w- c:\documents and settings\All Users\Datos de programa\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs \20100315.022\ECMSVR32.DLL
2010-03-16 05:58 . 2010-03-15 08:10 1324720 ----a-w- c:\documents and settings\All Users\Datos de programa\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs \20100315.022\NAVEX15.SYS
2010-03-16 05:58 . 2009-08-29 09:00 371248 ----a-w- c:\documents and settings\All Users\Datos de programa\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs \20100315.022\EECTRL.SYS
2010-03-16 05:58 . 2009-08-29 09:00 177520 ----a-w- c:\documents and settings\All Users\Datos de programa\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs \20100315.022\NAVENG32.DLL
2010-03-16 05:58 . 2009-08-29 09:00 1647984 ----a-w- c:\documents and settings\All Users\Datos de programa\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs \20100315.022\NAVEX32A.DLL
2010-03-16 05:58 . 2009-08-29 09:00 102448 ----a-w- c:\documents and settings\All Users\Datos de programa\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs \20100315.022\ERASER.SYS
2010-03-15 16:38 . 2010-03-16 07:35 -------- d-----w- c:\documents and settings\All Users\Datos de programa\Spybot - Search & Destroy
2010-03-15 16:38 . 2010-03-15 16:55 -------- d-----w- c:\archivos de programa\Spybot - Search & Destroy
2010-03-15 15:36 . 2010-03-15 15:36 -------- d-----w- c:\archivos de programa\Trend Micro
2010-03-15 08:10 . 2009-10-28 22:37 343088 ----a-w- c:\documents and settings\All Users\Datos de programa\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\2 0100312.001\IDSvix86.sys
2010-03-15 08:10 . 2009-10-28 22:37 329592 ----a-w- c:\documents and settings\All Users\Datos de programa\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\2 0100312.001\IDSXpx86.sys
2010-03-15 08:10 . 2009-10-28 22:37 811896 ----a-w- c:\documents and settings\All Users\Datos de programa\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\2 0100312.001\Scxpx86.dll
2010-03-15 08:10 . 2009-10-28 22:37 488312 ----a-w- c:\documents and settings\All Users\Datos de programa\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\2 0100312.001\IDSxpx86.dll
2010-03-15 08:10 . 2009-10-28 22:37 466992 ----a-w- c:\documents and settings\All Users\Datos de programa\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\2 0100312.001\IDSviA64.sys
2010-03-15 08:07 . 2009-12-10 03:16 784752 ----a-r- c:\documents and settings\All Users\Datos de programa\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\components\c oFFPlgn.dll
2010-03-15 08:07 . 2009-08-30 00:16 164216 ----a-r- c:\documents and settings\All Users\Datos de programa\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\components\ IPSFFPl.dll
2010-03-15 08:06 . 2010-03-15 08:06 -------- d-----w- c:\archivos de programa\Symantec
2010-03-15 08:06 . 2010-03-15 08:06 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL
2010-03-15 08:06 . 2010-03-15 08:06 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2010-03-15 08:06 . 2009-08-26 22:13 900464 ----a-w- c:\documents and settings\All Users\Datos de programa\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\OCS\hsplayer.dll
2010-03-15 08:06 . 2009-09-01 08:48 893296 ----a-w- c:\documents and settings\All Users\Datos de programa\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\CLT\cltLMSx.dll
2010-03-15 08:06 . 2010-03-15 10:11 -------- d-----w- c:\windows\system32\drivers\NIS
2010-03-15 08:06 . 2010-03-15 08:06 -------- d-----w- c:\archivos de programa\Norton Internet Security
2010-03-12 11:23 . 2010-03-12 11:23 52224 ----a-w- c:\documents and settings\poli-02\Datos de programa\SUPERAntiSpyware.com\SUPERAntiSpyware\SDD LLS\SD10005.dll
2010-03-12 11:23 . 2010-03-15 06:45 117760 ----a-w- c:\documents and settings\poli-02\Datos de programa\SUPERAntiSpyware.com\SUPERAntiSpyware\SDD LLS\UIREPAIR.DLL
2010-03-12 11:22 . 2010-03-12 11:22 -------- d-----w- c:\archivos de programa\SUPERAntiSpyware
2010-03-12 09:58 . 2008-04-14 02:18 26624 ----a-w- c:\documents and settings\LocalService\Datos de programa\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2010-03-11 16:49 . 2010-03-11 16:49 -------- d-----w- c:\archivos de programa\Archivos comunes\Wise Installation Wizard
2010-03-11 15:46 . 2010-03-11 15:46 -------- d-----w- c:\documents and settings\poli-02\Datos de programa\Malwarebytes
2010-03-11 15:46 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-03-11 15:46 . 2010-03-11 15:46 -------- d-----w- c:\documents and settings\All Users\Datos de programa\Malwarebytes
2010-03-11 15:46 . 2010-03-11 15:46 -------- d-----w- c:\archivos de programa\Malwarebytes' Anti-Malware
2010-03-11 15:46 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-03-11 07:08 . 2010-03-11 07:08 -------- d-----w- C:\portable_nero_burning_rom_8.1.1.3
2010-03-10 07:07 . 2010-03-10 07:07 -------- d-----w- c:\documents and settings\poli-02\Datos de programa\Tific
2010-03-10 06:48 . 2010-03-10 14:58 -------- d-----w- c:\archivos de programa\Unlocker
2010-03-10 06:39 . 2010-03-10 06:39 -------- d-----w- c:\archivos de programa\Windows Sidebar
2010-03-10 06:39 . 2010-03-15 08:06 -------- d-----w- c:\archivos de programa\NortonInstaller
2010-03-01 13:37 . 2010-03-01 13:37 -------- d-----w- c:\documents and settings\Luca\Configuración local
2010-03-01 13:37 . 2010-03-01 13:37 -------- d-----w- c:\documents and settings\Luca
2010-02-26 07:44 . 2010-02-26 07:49 -------- d-----w- c:\archivos de programa\PDF Editor 2
2010-02-26 07:44 . 2010-02-26 07:44 73216 ----a-w- c:\windows\cadkasdeinst01s.exe
2010-02-23 16:32 . 2010-02-23 16:32 -------- d-----w- c:\archivos de programa\Recuva
2010-02-23 15:16 . 2010-02-23 15:16 -------- d-----w- c:\documents and settings\All Users\Datos de programa\IObit

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2010-03-16 07:28 . 2008-11-27 10:33 -------- d---a-w- c:\archivos de programa\ePrompter
2010-03-15 15:11 . 2009-02-11 14:21 -------- d-----w- c:\archivos de programa\MagicTune Premium
2010-03-15 14:22 . 2009-10-09 06:16 -------- d-----w- c:\documents and settings\All Users\Datos de programa\Lavasoft
2010-03-15 08:24 . 2008-09-24 02:58 -------- d---a-w- c:\archivos de programa\Archivos comunes\Symantec Shared
2010-03-15 08:06 . 2010-03-15 08:06 805 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2010-03-15 08:06 . 2010-03-15 08:06 7443 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2010-03-15 08:06 . 2008-11-28 07:11 -------- d---a-w- c:\documents and settings\All Users\Datos de programa\Norton
2010-03-15 08:06 . 2008-11-28 07:10 -------- d-----w- c:\documents and settings\All Users\Datos de programa\NortonInstaller
2010-03-15 05:47 . 2009-12-21 05:59 -------- d-----w- c:\windows\system32\config\systemprofile\Datos de programa\SolidDocuments
2010-03-12 11:22 . 2009-10-09 10:33 -------- d-----w- c:\documents and settings\poli-02\Datos de programa\SUPERAntiSpyware.com
2010-03-11 16:07 . 2009-12-22 06:08 1324 ----a-w- c:\windows\system32\d3d9caps.dat
2010-03-10 13:49 . 2009-12-18 09:33 -------- d-----w- c:\documents and settings\poli-02\Datos de programa\SolidDocuments
2010-03-10 07:02 . 2006-01-27 19:30 564996 ----a-w- c:\windows\system32\perfh00A.dat
2010-03-10 07:02 . 2006-01-27 19:30 116020 ----a-w- c:\windows\system32\perfc00A.dat
2010-02-26 08:36 . 2008-11-27 16:40 -------- d---a-w- c:\archivos de programa\CCleaner
2010-02-11 17:45 . 2010-02-11 17:45 676912 ----a-w- c:\documents and settings\All Users\Datos de programa\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\ 20100211.001\BHDrvx64.sys
2010-02-11 17:45 . 2010-02-11 17:45 611216 ----a-w- c:\documents and settings\All Users\Datos de programa\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\ 20100211.001\bbRGen.dll
2010-02-11 17:45 . 2010-02-11 17:45 536112 ----a-w- c:\documents and settings\All Users\Datos de programa\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\ 20100211.001\BHDrvx86.sys
2010-02-11 17:45 . 2010-02-11 17:45 201616 ----a-w- c:\documents and settings\All Users\Datos de programa\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\ 20100211.001\BHRules.dll
2010-02-11 17:45 . 2010-02-11 17:45 1406352 ----a-w- c:\documents and settings\All Users\Datos de programa\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\ 20100211.001\BHEngine.dll
2010-01-27 07:02 . 2010-01-27 07:02 -------- d-----w- c:\archivos de programa\Archivos comunes\OverDrive Shared
2010-01-26 06:38 . 2010-01-26 06:38 -------- d-----w- c:\documents and settings\poli-02\Datos de programa\calibre
2009-12-18 13:55 . 2009-12-18 13:55 7680 ----a-w- c:\documents and settings\poli-02\Datos de programa\Thinstall\Alcohol_120%_v1.9.6.5429\400000 c00002i\Alcohol.exe
2009-12-18 13:55 . 2009-12-18 13:55 7680 ----a-w- c:\documents and settings\poli-02\Datos de programa\Thinstall\Alcohol_120%_v1.9.6.5429\400000 60900002i\_Alcohol.exe
2009-12-18 13:55 . 2009-12-18 13:55 7680 ----a-w- c:\documents and settings\poli-02\Datos de programa\Thinstall\Alcohol_120%_v1.9.6.5429\400000 4900003i\StarWindServiceAE.exe
2009-12-18 13:51 . 2009-12-18 13:51 685816 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-12-18 09:31 . 2009-12-18 09:31 2686232 ----a-w- c:\documents and settings\All Users\Datos de programa\SolidDocuments\Installer\Solid Converter PDF\poli-02\SolidSFX_Data\components\vcredist_x86.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"SpybotSD TeaTimer"="c:\archivos de programa\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-03-21 141848]
"Persistence"="c:\windows\system32\igfxpers.ex e" [2008-03-21 137752]
"ISUSPM Startup"="c:\archiv~1\ARCHIV~1\INSTAL~1\UPDATE~1\I SUSPM.exe" [2004-07-27 221184]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\poli-02\Men£ Inicio\Programas\Inicio\
ePrompter.lnk - c:\archivos de programa\ePrompter\ePrompter.exe [2008-11-27 782336]
Outlook Express.lnk - c:\archivos de programa\Outlook Express\msimn.exe [2006-1-27 60416]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="c:\documents and settings\All Users\Datos de programa\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 13:21 548352 ----a-w- c:\archivos de programa\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2009-09-04 10:08 935288 ----a-r- c:\archivos de programa\Archivos comunes\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-10-03 02:08 35696 ----a-w- c:\archivos de programa\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-10-11 03:17 149280 ----a-w- c:\archivos de programa\Java\jre6\bin\jusched.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\run-]
"CTFMON.EXE"=c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\run-]
"Adobe Reader Speed Launcher"="c:\archivos de programa\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"DLA"=c:\windows\System32\DLA\DLACTRLW.EXE
"HotKeysCmds"=c:\windows\system32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Archivos de programa\\Java\\jre6\\bin\\java.exe"=
"c:\\WINDOWS\\system32\\lmabcoms.exe"=
"c:\\Archivos de programa\\Lexmark\\ErrorApp\\LMab1err.EXE"=
"c:\\Archivos de programa\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Archivos de programa\\Windows Live\\Messenger\\msnmsgr.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [18/12/2009 14:51 685816]
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1105000.07F\ symds.sys [15/03/2010 10:10 328752]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1105000 .07F\symefa.sys [15/03/2010 10:10 172592]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Datos de programa\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\ 20100211.001\BHDrvx86.sys [11/02/2010 18:45 536112]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NIS\1105000.0 7F\cchpx86.sys [15/03/2010 10:10 501888]
R1 SASDIFSV;SASDIFSV;c:\archivos de programa\SUPERAntiSpyware\sasdifsv.sys [17/02/2010 10:25 12872]
R1 SASKUTIL;SASKUTIL;c:\archivos de programa\SUPERAntiSpyware\SASKUTIL.SYS [17/02/2010 10:15 66632]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1105000.07F \ironx86.sys [15/03/2010 10:10 116272]
R2 NIS;Norton Internet Security;c:\archivos de programa\Norton Internet Security\Engine\17.5.0.127\ccsvchst.exe [15/03/2010 10:10 126392]
R2 SCPDFReadSpool;SolidConverterPDFReadSpool;c:\windo ws\Installer\MSI9E.tmp [18/12/2009 10:31 189760]
R2 TVT Backup Protection Service;TVT Backup Protection Service;c:\archivos de programa\Lenovo\Rescue and Recovery\rrpservice.exe [11/07/2007 19:38 569344]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\archivo s de programa\Archivos comunes\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [15/03/2010 9:10 102448]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Datos de programa\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\2 0100312.001\IDSXpx86.sys [15/03/2010 9:10 329592]
R3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\drivers\tvti2c.sys [22/05/2007 14:59 30336]
S3 SASENUM;SASENUM;c:\archivos de programa\SUPERAntiSpyware\SASENUM.SYS [17/02/2010 10:15 12872]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Contents of the 'Scheduled Tasks' folder

2010-03-16 c:\windows\Tasks\AWC AutoSweep.job
- c:\archivos de programa\IObit\Advanced SystemCare 3\AutoSweep.exe [2009-12-02 13:11]

2010-03-15 c:\windows\Tasks\AWC Update.job
- c:\archivos de programa\IObit\Advanced SystemCare 3\IObitUpdate.exe [2009-12-02 12:38]

2010-01-08 c:\windows\Tasks\SmartDefrag.job
- c:\archivos de programa\IObit\IObit SmartDefrag\IObit SmartDefrag.exe [2010-01-08 12:48]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xportar a Microsoft Excel - c:\archiv~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: {4890E7A6-2B7E-4C5F-B831-FE52031562F0} = 80.58.61.250,80.58.61.254
.
- - - - ORPHANS REMOVED - - - -

ShellExecuteHooks-{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - (no file)
SafeBoot-ati0sixx.sys
SafeBoot-ati1uxxx.sys
SafeBoot-ati2wyxx.sys
SafeBoot-ati3ilxx.sys
SafeBoot-ati3kmxx.sys
SafeBoot-ati3wtxx.sys
SafeBoot-ati4plxx.sys
SafeBoot-ati4rtxx.sys
SafeBoot-ati5jvxx.sys
SafeBoot-ati5lxxx.sys
SafeBoot-ati5myxx.sys
SafeBoot-ati5uxxx.sys
SafeBoot-ati5xaxx.sys
SafeBoot-ati6avxx.sys
SafeBoot-ati6roxx.sys
SafeBoot-ati7htxx.sys
SafeBoot-ati7tgxx.sys



************************************************** ************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-16 09:23
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

************************************************** ************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: TUKERNEL.EXE CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys sptd.sys >>UNKNOWN [0x8A9A48AC]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf763bf28
\Driver\ACPI -> ACPI.sys @ 0xf74abcb8
\Driver\atapi -> atapi.sys @ 0xf7833b40
IoDeviceObjectType ->\Device\Harddisk0\DR0 ->NDIS: Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller -> SendCompleteHandler -> NDIS.sys @ 0xba7e8bb0
PacketIndicateHandler -> NDIS.sys @ 0xba7f5a21
SendHandler -> NDIS.sys @ 0xba7d387b
user & kernel MBR OK

************************************************** ************************

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\N IS]
"ImagePath"="\"c:\archivos de programa\Norton Internet Security\Engine\17.5.0.127\ccSvcHst.exe\" /s \"NIS\" /m \"c:\archivos de programa\Norton Internet Security\Engine\17.5.0.127\diMaster.dll\" /prefetch:1"

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\S CPDFReadSpool]
"ImagePath"="c:\windows\Installer\MSI9E.tmp"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Internet Explorer\Desktop\Old WorkAreas]
@DACL=(02 0000)
@SACL=
"NoOfOldWorkAreas"=dword:00000001
"OldWorkAreaRects"=hex:00,00,00,00,00,00,00,00,20, 03,00,00,3a,02,00,00

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Internet Explorer\Desktop\SafeMode]
@DACL=(02 0000)
@SACL=

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Internet Explorer\Desktop\Scheme]
@DACL=(02 0000)
@SACL=
"Edit"=""
"Display"=""

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Internet Explorer\Document Windows]
@DACL=(02 0000)
@SACL=
"Maximized"="no"
"height"=hex:00,00,00,00
"width"=hex:00,00,00,80
"x"=hex:00,00,00,80
"y"=hex:00,00,00,00

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Internet Explorer\Download]
@DACL=(02 0000)
@SACL=
"CheckExeSignatures"="yes"

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Internet Explorer\Extensions]
@DACL=(02 0000)
@SACL=

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Internet Explorer\Help_Menu_URLs]
@DACL=(02 0000)
@SACL=

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Internet Explorer\International]
@DACL=(02 0000)
@SACL=
@=""
"CodePointToFontMap"=hex:22,00,00,00,54,00,69,00,6 d,00,65,00,73,00,20,00,4e,00,
65,00,77,00,20,00,52,00,6f,00,6d,00,61,00,6e,00,00 ,00,00,00,00,00,00,00,00,\
"AcceptLanguage"="es"

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Internet Explorer\International\CpMRU]
@DACL=(02 0000)
"Enable"=dword:00000001
"Size"=dword:0000000a
"InitHits"=dword:00000064
"Factor"=dword:00000014
"Cache"=hex:9f,4e,00,00,39,00,00,00,e2,04,00,00,09 ,00,00,00,bd,6f,00,00,07,00,
00,00,b0,6f,00,00,03,00,00,00,e8,04,00,00,02,00,00 ,00,2c,c4,00,00,01,00,00,\

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Internet Explorer\InternetRegistry]
@DACL=(02 0000)
@SACL=

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Internet Explorer\LowRegistry]
@DACL=(02 0000)
@SACL=

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Internet Explorer\LowRegistry\Extensions]
@DACL=(02 0000)

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Internet Explorer\New Windows]
@DACL=(02 0000)
@SACL=
"PopupMgr"=dword:00000001
"PlaySound"=dword:00000001
"UseSecBand"=dword:00000001

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Internet Explorer\New Windows\Allow]
@DACL=(02 0000)

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Internet Explorer\SearchScopes]
@DACL=(02 0000)
@SACL=
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
"Version"=dword:00000001

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Internet Explorer\SearchUrl]
@DACL=(02 0000)
@SACL=
@="http://g.msn.es/0SEESES/SAOS01?FORM=TOOLBR"

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Internet Explorer\Security]
@DACL=(02 0000)
@SACL=
"Sending_Security"="Medium"
"Viewing_Security"="Low"
"Safety Warning Level"="Query"

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Internet Explorer\Security\AntiPhishing]
@DACL=(02 0000)

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Internet Explorer\Services]
@DACL=(02 0000)
@SACL=
@=""

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Internet Explorer\Settings]
@DACL=(02 0000)
@SACL=
"Anchor Color Visited"="128,0,128"
"Anchor Color"="0,0,255"
"Background Color"="192,192,192"
"Text Color"="0,0,0"
"Use Anchor Hover Color"="No"

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Internet Explorer\Toolbar]
@DACL=(02 0000)
@SACL=
"LinksFolderName"="Vínculos"
"Locked"=dword:00000001
"SaveLinksOrder"=hex:01,00,00,00
"ShowDiscussionButton"="Yes"

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Internet Explorer\Toolbar\Explorer]
@DACL=(02 0000)
"ITBarLayout"=hex:11,00,00,00,4c,00,00,00,00,00,00 ,00,24,00,00,00,1b,00,00,00,
56,00,00,00,01,00,00,00,20,07,00,00,a0,0f,00,00,05 ,00,00,00,62,05,00,00,26,\

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
@DACL=(02 0000)
"{01E04581-4EEE-11D0-BFE9-00AA005B4383}"=hex:81,45,e0,01,ee,4e,d0,11,bf,e9,0 0,
aa,00,5b,43,83,10,00,00,00,00,00,00,00,01,e0,32,f4 ,01,00,00,00
"ITBarLayout"=hex:11,00,00,00,4c,00,00,00,00,00,00 ,00,24,00,00,00,1b,00,00,00,
56,00,00,00,01,00,00,00,20,07,00,00,a0,0f,00,00,05 ,00,00,00,62,05,00,00,26,\

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
@DACL=(02 0000)
"{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}"=hex:ad,1d,ad,bd,46,c9,17,4a,ad,c1,6 4,
b5,b4,ff,55,d0
"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"=hex:e3,ef,eb,7f,19,6b,49,43,98,d2,f f,
b0,9d,4b,49,ca,00,10,03,00,00
"ITBar7Layout"=hex:13,00,00,00,00,00,00,00,00,00,0 0,00,30,00,00,00,10,00,00,00,
00,00,00,00,01,00,00,00,00,07,00,00,5e,01,00,00,07 ,00,00,00,49,05,00,00,00,\

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Internet Explorer\URLSearchHooks]
@DACL=(02 0000)
@SACL=
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"=""

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\MediaPlayer\Preferences\Pr oxySettings]
@DACL=(02 0000)
@SACL=

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.docm\OpenWithProgids]
@DACL=(02 0000)
@SACL=
"Word.DocumentMacroEnabled.12"=hex(0):

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.docx\OpenWithProgids]
@DACL=(02 0000)
@SACL=
"Word.Document.12"=hex(0):

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.dotm\OpenWithProgids]
@DACL=(02 0000)
@SACL=
"Word.TemplateMacroEnabled.12"=hex(0):

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.dotx\OpenWithProgids]
@DACL=(02 0000)
@SACL=
"Word.Template.12"=hex(0):

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.potx\OpenWithProgids]
@DACL=(02 0000)
@SACL=
"PowerPoint.Template.12"=hex(0):

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.ppam\OpenWithProgids]
@DACL=(02 0000)
@SACL=
"PowerPoint.Addin.12"=hex(0):

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.ppsm\OpenWithProgids]
@DACL=(02 0000)
@SACL=
"PowerPoint.SlideShowMacroEnabled.12"=hex(0):

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.ppsx\OpenWithProgids]
@DACL=(02 0000)
@SACL=
"PowerPoint.SlideShow.12"=hex(0):

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.wri\OpenWithProgids]
@DACL=(02 0000)
@SACL=
"wrifile"=hex(0):

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.xlam\OpenWithProgids]
@DACL=(02 0000)
@SACL=
"Excel.AddInMacroEnabled"=hex(0):

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.xlsb\OpenWithProgids]
@DACL=(02 0000)
@SACL=
"Excel.SheetBinaryMacroEnabled.12"=hex(0):

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.xlsm\OpenWithProgids]
@DACL=(02 0000)
@SACL=
"Excel.SheetMacroEnabled.12"=hex(0):

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.xltm\OpenWithProgids]
@DACL=(02 0000)
@SACL=
"Excel.TemplateMacroEnabled"=hex(0):

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.xltx\OpenWithProgids]
@DACL=(02 0000)
@SACL=
"Excel.Template"=hex(0):

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Streams\0]
@DACL=(02 0000)
@SACL=
"ViewView2"=hex:1c,00,00,00,06,00,00,00,00,00,00,0 0,00,00,9c,00,00,00,00,00,01,
00,00,00,ff,ff,ff,ff,f0,f0,f0,f0,14,00,03,00,cc,01 ,00,00,00,00,00,00,30,00,\

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Streams\Desktop]
@DACL=(02 0000)
@SACL=
"Toolbars"=hex:11,00,00,00,00,00,00,00
"TaskbarWinXP"=hex:0c,00,00,00,08,00,00,00,04,00,0 0,00,00,00,00,00,b0,e2,2b,d8,
64,57,d0,11,a9,6e,00,c0,4f,d7,05,a2,22,00,1c,00,0a ,11,00,00,1a,00,00,00,01,\
"Upgrade"=dword:00000001

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Windows\Shell\Bags\1]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Classes\DSP.DSP\CLSID]
@DACL=(02 0000)
@SACL=
@="{9C123EA9-AEC9-4f75-BBC0-7565FA1398966}"

[HKEY_LOCAL_MACHINE\software\Classes\DSP.DSP\CurVer]
@DACL=(02 0000)
@SACL=
@="DSP.DSP.1"

[HKEY_LOCAL_MACHINE\software\Classes\DSP.DSPDMOProp _Chorus.1\CLSID]
@DACL=(02 0000)
@SACL=
@="{6F63B172-5543-4593-91CE-EDBA65B9FACDB}"

[HKEY_LOCAL_MACHINE\software\InterVideo Inc.\InterVideo Register Manager]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Microsoft\Advanced INF Setup\IE UserData NT\RegBackup]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Microsoft\Advanced INF Setup\IE.HKCUZoneInfo\RegBackup]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Microsoft\Advanced INF Setup\IE40.UserAgent\RegBackup]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Microsoft\Advanced INF Setup\IEHomePageInfo\RegBackup]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\ 10.0]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\ Objects\Effects\Alchemy]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\ services]
@DACL=(02 0000)
@SACL=
"NoServices"=dword:00000000

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\ Settings]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\ UIPlugins\{BF8A714C-7486-498D-8541-A71710FAFAE5}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="res://wmccpl.dll/RT_STRING/#101"
"Description"="res://wmccpl.dll/RT_STRING/#102"
"Capabilities"=dword:00000002

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows Media Device Manager\KnownDeviceClasses]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows Media Device Manager\KnownDevices]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows Media Device Manager\Plugins\SCP\SCPTRANS]
@DACL=(02 0000)
@SACL=
"ProgID"="MsScp.SCPTRANS.1"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows Media Device Manager\Plugins\SP\WMDMCESP]
@DACL=(02 0000)
@SACL=
"ProgID"="WMDMCESP.WMDMCESP"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows Media Device Manager\Plugins\SP\WPDSp]
@DACL=(02 0000)
@SACL=
"PnPAware"=dword:00000001
"ProgID"="WPDSp.WPDServiceProvider"

[HKEY_LOCAL_MACHINE\software\MimarSinan\InstallAwar e]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Realtek Semiconductor Corp.\Realtek High Definition Audio Driver]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Sonic\MediaHub\Launche rs\{E64D5384-2CBC-4831-9853-DFCBF7593FEF}\LaunchWinDVDCreator]
@DACL=(02 0000)
@SACL=
"ShellExecute"=expand:"%PROGRAMFILES%\\intervideo\ \Wcreator3\\WCreator.exe"

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft]
@DACL=(02 0000)
@SACL=
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(976)
c:\archivos de programa\SUPERAntiSpyware\SASWINLO.dll

- - - - - - - > 'explorer.exe'(3400)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\archivos de programa\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
c:\archivos de programa\Diskeeper Corporation\Diskeeper\DkService.exe
c:\windows\Microsoft.NET\Framework\v3.0\WPF\Presen tationFontCache.exe
c:\archivos de programa\Archivos comunes\InstallShield\Driver\1050\Intel 32\IDriverT.exe
c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
c:\archivos de programa\Archivos comunes\InterVideo\RegMgr\iviRegMgr.exe
c:\archivos de programa\Java\jre6\bin\jqs.exe
c:\windows\system32\LMabcoms.exe
c:\archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\archivos de programa\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
c:\archivos de programa\Archivos comunes\Microsoft Shared\Source Engine\OSE.EXE
c:\windows\system32\HPZipm12.exe
c:\archivos de programa\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\archivos de programa\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\archivos de programa\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\archivos de programa\Archivos comunes\Lenovo\tvt_reg_monitor_svc.exe
c:\archivos de programa\Lenovo\Rescue and Recovery\rrservice.exe
c:\archivos de programa\Archivos comunes\Lenovo\Scheduler\tvtsched.exe
c:\archivos de programa\Lenovo\Rescue and Recovery\ADM\IUService.exe
c:\archivos de programa\lenovo\system update\suservice.exe
c:\archivos de programa\Archivos comunes\Lenovo\Logger\logmon.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
c:\archivos de programa\Diskeeper Corporation\Diskeeper\DkIcon.exe
c:\windows\system32\igfxsrvc.exe
.
************************************************** ************************
.
Completion time: 2010-03-16 09:27:09 - machine was rebooted
ComboFix-quarantined-files.txt 2010-03-16 08:27

Pre-Run: 293.311.930.368 bytes libres
Post-Run: 293.052.104.704 bytes libres

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOW S
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Micro soft Windows XP Professional" /noexecute=optin /fastdetect /TUTag=NND3SQ /Kernel=TUKernel.exe
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Micro soft Windows XP Professional" /noexecute=optin /fastdetect

Current=3 Default=3 Failed=2 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 2124C7D5F50B5E2DA76F18C51A07297E



------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:36:14, on 16/03/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Archivos de programa\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Archivos de programa\Diskeeper Corporation\Diskeeper\DkService.exe
C:\WINDOWS\System32\svchost.exe
C:\Archivos de programa\Archivos comunes\InstallShield\Driver\1050\Intel 32\IDriverT.exe
C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
C:\Archivos de programa\Archivos comunes\InterVideo\RegMgr\iviRegMgr.exe
C:\Archivos de programa\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\LMabcoms.exe
C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Archivos de programa\Norton Internet Security\Engine\17.5.0.127\ccSvcHst.exe
C:\Archivos de programa\Archivos comunes\Microsoft Shared\Source Engine\OSE.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\Installer\MSI9E.tmp
C:\Archivos de programa\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\Archivos de programa\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Archivos de programa\Archivos comunes\Lenovo\tvt_reg_monitor_svc.exe
C:\Archivos de programa\Lenovo\Rescue and Recovery\rrpservice.exe
C:\Archivos de programa\Lenovo\Rescue and Recovery\rrservice.exe
c:\Archivos de programa\Archivos comunes\Lenovo\Scheduler\tvtsched.exe
C:\Archivos de programa\Lenovo\Rescue and Recovery\ADM\IUService.exe
c:\archivos de programa\lenovo\system update\suservice.exe
C:\WINDOWS\Explorer.EXE
C:\Archivos de programa\Norton Internet Security\Engine\17.5.0.127\ccSvcHst.exe
C:\Archivos de programa\Archivos comunes\Lenovo\Logger\logmon.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Archivos de programa\Spybot - Search & Destroy\TeaTimer.exe
C:\Archivos de programa\ePrompter\ePrompter.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Archivos de programa\Diskeeper Corporation\Diskeeper\DkIcon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Archivos de programa\Internet Explorer\iexplore.exe
C:\Archivos de programa\Windows Live\Toolbar\wltuser.exe
C:\Archivos de programa\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\SoftwareDistribution\Download\e44b95597 7d85f4a5e14d2ebd23ce6ef\update\update.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARCHIV~1\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Archivos de programa\Norton Internet Security\Engine\17.5.0.127\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Archivos de programa\Norton Internet Security\Engine\17.5.0.127\IPSBHO.DLL
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Archivos de programa\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Archivos de programa\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Archivos de programa\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Archivos de programa\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dl l
O2 - BHO: ThinkVantage Password Manager - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Archivos de programa\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Archivos de programa\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Archivos de programa\Norton Internet Security\Engine\17.5.0.127\coIEPlg.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\ARCHIV~1\ARCHIV~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Archivos de programa\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: ePrompter.lnk = C:\Archivos de programa\ePrompter\ePrompter.exe
O4 - Startup: Outlook Express.lnk = C:\Archivos de programa\Outlook Express\msimn.exe
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Archivos de programa\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O9 - Extra 'Tools' menuitem: ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Archivos de programa\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARCHIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARCHIV~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARCHIV~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1256739178211
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1268377335765
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1251974381781
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4890E7A6-2B7E-4C5F-B831-FE52031562F0}: NameServer = 80.58.61.250,80.58.61.254
O20 - Winlogon Notify: !SASWinLogon - C:\Archivos de programa\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Archivos de programa\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Archivos de programa\Archivos comunes\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Archivos de programa\Archivos comunes\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Archivos de programa\Java\jre6\bin\jqs.exe
O23 - Service: lmab_device - - C:\WINDOWS\system32\LMabcoms.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Archivos de programa\Norton Internet Security\Engine\17.5.0.127\ccSvcHst.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SolidConverterPDFReadSpool (SCPDFReadSpool) - Solid Documents, LLC - C:\WINDOWS\Installer\MSI9E.tmp
O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\archivos de programa\lenovo\system update\suservice.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Archivos de programa\Archivos comunes\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: TVT Backup Protection Service - Unknown owner - C:\Archivos de programa\Lenovo\Rescue and Recovery\rrpservice.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Archivos de programa\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - c:\Archivos de programa\Archivos comunes\Lenovo\Scheduler\tvtsched.exe
O23 - Service: tvtnetwk - Unknown owner - C:\Archivos de programa\Lenovo\Rescue and Recovery\ADM\IUService.exe
O24 - Desktop Component 0: (no name) - (no file)

--
End of file - 10436 bytes
Responder Con Cita
  post #4  
Antiguo 16/03/10, 07:10:10
Avatar de Leosolari
Moderador Gral.
  
Registrado: jun 2007
Ubicación: argentina
Mensajes: 26.270
Re: Error al inciar xp en svchost.exe no written
Y como va el ordenador......????
NO DESESPERES....SIGUE LUCHANDO


* Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
* Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
* No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.
Responder Con Cita
  post #5  
Antiguo 16/03/10, 10:29:10
Usuario
  
Registrado: mar 2010
Ubicación: bcn
Mensajes: 5
Re: Error al inciar xp en svchost.exe no written
El ordenador tal como te comento en el post anterior sigue igual, esta funcional (ya lo estaba antes) pero sigue saliendo la misma ventana de error al iniciar el xp justo antes de introducir la contraseña de usuario.
Y no noto diferencia alguna entre cancelar o depurar la ventana del error
y el malwarebytes dice que los elimina pero siguen alli.
Responder Con Cita
  post #6  
Antiguo 16/03/10, 13:02:35
Avatar de Leosolari
Moderador Gral.
  
Registrado: jun 2007
Ubicación: argentina
Mensajes: 26.270
Re: Error al inciar xp en svchost.exe no written
Realiza lo siguiente :
  • Clic en INICIO > EJECUTAR >
    • Y ahí pones notepad.exe y ACEPTAR
    • Ahora copia y pega el texto del cuadro de mas abajo dentro del Notepad

Código:
KillAll::

NetSvc:: 
BITS
wuauserv

  • Guarda este archivo con el nombre CFScript.txt
  • Arrastra y suelta el archivo CFScript.txt dentro del archivo ComboFix.exe como lo muestra el screenshot de abajo.



  • ComboFix comenzará otra vez a ejecutarse. Cuando termine generara un nuevo reporte que tendras que pegar en este mismo tema.

Después de reiniciar, comprobas en funcionamiento y nos comentás.

saludos
NO DESESPERES....SIGUE LUCHANDO


* Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
* Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
* No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.
Responder Con Cita
  post #7  
Antiguo 17/03/10, 02:29:28
Usuario
  
Registrado: mar 2010
Ubicación: bcn
Mensajes: 5
Re: Error al inciar xp en svchost.exe no written
No se porque pero no me deja introducir todo en un mensaje me pone "El texto que has ingresado es muy largo (126865 caracteres). Por favor acórtalo a 75000 caracteres de largo" por esa causa pongo dos post seguidos

Proceso realizado, en primer lugar comentar que le ordenador reincia con el mismo error descrito anteriormente, en segundo lugar segun indicaciones copio y pego log.

ComboFix 10-03-15.04 - poli-02 17/03/2010 7:55.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.34.3082.18.2038.1449 [GMT 1:00]
Running from: c:\documents and settings\poli-02\Escritorio\Seguridad\ComboFix.exe
Command switches used :: c:\documents and settings\poli-02\Escritorio\Seguridad\CFScript.txt
AV: Norton Internet Security *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.

((((((((((((((((((((((((( Files Created from 2010-02-17 to 2010-03-17 )))))))))))))))))))))))))))))))
.

2010-03-16 14:30 . 2010-03-15 08:10 84912 ----a-w- c:\documents and settings\All Users\Datos de programa\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs \20100316.003\NAVENG.SYS
2010-03-16 14:30 . 2010-03-15 08:10 2747440 ----a-w- c:\documents and settings\All Users\Datos de programa\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs \20100316.003\CCERASER.DLL
2010-03-16 14:30 . 2010-03-15 08:10 259440 ----a-w- c:\documents and settings\All Users\Datos de programa\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs \20100316.003\ECMSVR32.DLL
2010-03-16 14:30 . 2010-03-15 08:10 1324720 ----a-w- c:\documents and settings\All Users\Datos de programa\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs \20100316.003\NAVEX15.SYS
2010-03-16 14:30 . 2009-08-29 09:00 371248 ----a-w- c:\documents and settings\All Users\Datos de programa\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs \20100316.003\EECTRL.SYS
2010-03-16 14:30 . 2009-08-29 09:00 177520 ----a-w- c:\documents and settings\All Users\Datos de programa\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs \20100316.003\NAVENG32.DLL
2010-03-16 14:30 . 2009-08-29 09:00 1647984 ----a-w- c:\documents and settings\All Users\Datos de programa\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs \20100316.003\NAVEX32A.DLL
2010-03-16 14:30 . 2009-08-29 09:00 102448 ----a-w- c:\documents and settings\All Users\Datos de programa\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs \20100316.003\ERASER.SYS
2010-03-16 08:33 . 2009-10-15 16:32 81920 ------w- c:\windows\system32\dllcache\fontsub.dll
2010-03-16 08:33 . 2009-10-15 16:32 119808 ------w- c:\windows\system32\dllcache\t2embed.dll
2010-03-16 08:33 . 2009-02-06 10:10 227840 ------w- c:\windows\system32\dllcache\wmiprvse.exe
2010-03-16 08:33 . 2009-03-06 14:20 286720 ------w- c:\windows\system32\dllcache\pdh.dll
2010-03-16 08:33 . 2009-02-09 11:23 111104 ------w- c:\windows\system32\dllcache\services.exe
2010-03-16 08:33 . 2009-02-09 10:52 401408 ------w- c:\windows\system32\dllcache\rpcss.dll
2010-03-16 08:33 . 2009-02-09 10:52 473600 ------w- c:\windows\system32\dllcache\fastprox.dll
2010-03-16 08:33 . 2009-02-06 10:39 35328 ------w- c:\windows\system32\dllcache\sc.exe
2010-03-16 08:32 . 2009-02-09 10:52 453120 ------w- c:\windows\system32\dllcache\wmiprvsd.dll
2010-03-16 08:32 . 2009-06-21 21:47 153088 ------w- c:\windows\system32\dllcache\triedit.dll
2010-03-16 08:32 . 2009-10-23 15:28 3558912 ------w- c:\windows\system32\dllcache\moviemk.exe
2010-03-16 08:32 . 2009-07-10 13:27 1315328 ------w- c:\windows\system32\dllcache\msoe.dll
2010-03-15 16:38 . 2010-03-16 15:23 -------- d-----w- c:\documents and settings\All Users\Datos de programa\Spybot - Search & Destroy
2010-03-15 16:38 . 2010-03-15 16:55 -------- d-----w- c:\archivos de programa\Spybot - Search & Destroy
2010-03-15 15:36 . 2010-03-15 15:36 -------- d-----w- c:\archivos de programa\Trend Micro
2010-03-15 08:10 . 2009-10-28 22:37 343088 ----a-w- c:\documents and settings\All Users\Datos de programa\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\2 0100312.001\IDSvix86.sys
2010-03-15 08:10 . 2009-10-28 22:37 329592 ----a-w- c:\documents and settings\All Users\Datos de programa\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\2 0100312.001\IDSXpx86.sys
2010-03-15 08:10 . 2009-10-28 22:37 811896 ----a-w- c:\documents and settings\All Users\Datos de programa\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\2 0100312.001\Scxpx86.dll
2010-03-15 08:10 . 2009-10-28 22:37 488312 ----a-w- c:\documents and settings\All Users\Datos de programa\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\2 0100312.001\IDSxpx86.dll
2010-03-15 08:10 . 2009-10-28 22:37 466992 ----a-w- c:\documents and settings\All Users\Datos de programa\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\2 0100312.001\IDSviA64.sys
2010-03-15 08:07 . 2009-12-10 03:16 784752 ----a-r- c:\documents and settings\All Users\Datos de programa\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\components\c oFFPlgn.dll
2010-03-15 08:07 . 2009-08-30 00:16 164216 ----a-r- c:\documents and settings\All Users\Datos de programa\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\components\ IPSFFPl.dll
2010-03-15 08:06 . 2010-03-15 08:06 -------- d-----w- c:\archivos de programa\Symantec
2010-03-15 08:06 . 2010-03-15 08:06 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL
2010-03-15 08:06 . 2010-03-15 08:06 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2010-03-15 08:06 . 2009-08-26 22:13 900464 ----a-w- c:\documents and settings\All Users\Datos de programa\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\OCS\hsplayer.dll
2010-03-15 08:06 . 2009-09-01 08:48 893296 ----a-w- c:\documents and settings\All Users\Datos de programa\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\CLT\cltLMSx.dll
2010-03-15 08:06 . 2010-03-15 10:11 -------- d-----w- c:\windows\system32\drivers\NIS
2010-03-15 08:06 . 2010-03-15 08:06 -------- d-----w- c:\archivos de programa\Norton Internet Security
2010-03-12 11:23 . 2010-03-12 11:23 52224 ----a-w- c:\documents and settings\poli-02\Datos de programa\SUPERAntiSpyware.com\SUPERAntiSpyware\SDD LLS\SD10005.dll
2010-03-12 11:23 . 2010-03-15 06:45 117760 ----a-w- c:\documents and settings\poli-02\Datos de programa\SUPERAntiSpyware.com\SUPERAntiSpyware\SDD LLS\UIREPAIR.DLL
2010-03-12 11:22 . 2010-03-12 11:22 -------- d-----w- c:\archivos de programa\SUPERAntiSpyware
2010-03-12 09:58 . 2008-04-14 02:18 26624 ----a-w- c:\documents and settings\LocalService\Datos de programa\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2010-03-11 16:49 . 2010-03-11 16:49 -------- d-----w- c:\archivos de programa\Archivos comunes\Wise Installation Wizard
2010-03-11 15:46 . 2010-03-11 15:46 -------- d-----w- c:\documents and settings\poli-02\Datos de programa\Malwarebytes
2010-03-11 15:46 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-03-11 15:46 . 2010-03-11 15:46 -------- d-----w- c:\documents and settings\All Users\Datos de programa\Malwarebytes
2010-03-11 15:46 . 2010-03-11 15:46 -------- d-----w- c:\archivos de programa\Malwarebytes' Anti-Malware
2010-03-11 15:46 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-03-11 07:08 . 2010-03-11 07:08 -------- d-----w- C:\portable_nero_burning_rom_8.1.1.3
2010-03-10 07:07 . 2010-03-10 07:07 -------- d-----w- c:\documents and settings\poli-02\Datos de programa\Tific
2010-03-10 06:48 . 2010-03-10 14:58 -------- d-----w- c:\archivos de programa\Unlocker
2010-03-10 06:39 . 2010-03-10 06:39 -------- d-----w- c:\archivos de programa\Windows Sidebar
2010-03-10 06:39 . 2010-03-15 08:06 -------- d-----w- c:\archivos de programa\NortonInstaller
2010-03-01 13:37 . 2010-03-01 13:37 -------- d-----w- c:\documents and settings\Luca\Configuración local
2010-03-01 13:37 . 2010-03-01 13:37 -------- d-----w- c:\documents and settings\Luca
2010-02-26 07:44 . 2010-02-26 07:49 -------- d-----w- c:\archivos de programa\PDF Editor 2
2010-02-26 07:44 . 2010-02-26 07:44 73216 ----a-w- c:\windows\cadkasdeinst01s.exe
2010-02-23 16:32 . 2010-02-23 16:32 -------- d-----w- c:\archivos de programa\Recuva
2010-02-23 15:16 . 2010-02-23 15:16 -------- d-----w- c:\documents and settings\All Users\Datos de programa\IObit

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2010-03-17 06:57 . 2006-01-27 19:30 564996 ----a-w- c:\windows\system32\perfh00A.dat
2010-03-17 06:57 . 2006-01-27 19:30 116020 ----a-w- c:\windows\system32\perfc00A.dat
2010-03-17 06:49 . 2008-11-27 10:33 -------- d---a-w- c:\archivos de programa\ePrompter
2010-03-16 11:16 . 2008-11-24 14:10 -------- d---a-w- c:\archivos de programa\Archivos comunes\Adobe
2010-03-16 10:53 . 2008-11-28 07:11 -------- d---a-w- c:\documents and settings\All Users\Datos de programa\Norton
2010-03-15 15:11 . 2009-02-11 14:21 -------- d-----w- c:\archivos de programa\MagicTune Premium
2010-03-15 14:22 . 2009-10-09 06:16 -------- d-----w- c:\documents and settings\All Users\Datos de programa\Lavasoft
2010-03-15 08:24 . 2008-09-24 02:58 -------- d---a-w- c:\archivos de programa\Archivos comunes\Symantec Shared
2010-03-15 08:06 . 2010-03-15 08:06 805 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2010-03-15 08:06 . 2010-03-15 08:06 7443 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2010-03-15 08:06 . 2008-11-28 07:10 -------- d-----w- c:\documents and settings\All Users\Datos de programa\NortonInstaller
2010-03-15 05:47 . 2009-12-21 05:59 -------- d-----w- c:\windows\system32\config\systemprofile\Datos de programa\SolidDocuments
2010-03-12 11:22 . 2009-10-09 10:33 -------- d-----w- c:\documents and settings\poli-02\Datos de programa\SUPERAntiSpyware.com
2010-03-11 16:07 . 2009-12-22 06:08 1324 ----a-w- c:\windows\system32\d3d9caps.dat
2010-03-10 13:49 . 2009-12-18 09:33 -------- d-----w- c:\documents and settings\poli-02\Datos de programa\SolidDocuments
2010-02-26 08:36 . 2008-11-27 16:40 -------- d---a-w- c:\archivos de programa\CCleaner
2010-02-11 17:45 . 2010-02-11 17:45 676912 ----a-w- c:\documents and settings\All Users\Datos de programa\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\ 20100211.001\BHDrvx64.sys
2010-02-11 17:45 . 2010-02-11 17:45 611216 ----a-w- c:\documents and settings\All Users\Datos de programa\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\ 20100211.001\bbRGen.dll
2010-02-11 17:45 . 2010-02-11 17:45 536112 ----a-w- c:\documents and settings\All Users\Datos de programa\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\ 20100211.001\BHDrvx86.sys
2010-02-11 17:45 . 2010-02-11 17:45 201616 ----a-w- c:\documents and settings\All Users\Datos de programa\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\ 20100211.001\BHRules.dll
2010-02-11 17:45 . 2010-02-11 17:45 1406352 ----a-w- c:\documents and settings\All Users\Datos de programa\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\ 20100211.001\BHEngine.dll
2010-01-27 07:02 . 2010-01-27 07:02 -------- d-----w- c:\archivos de programa\Archivos comunes\OverDrive Shared
2010-01-26 06:38 . 2010-01-26 06:38 -------- d-----w- c:\documents and settings\poli-02\Datos de programa\calibre
2010-01-05 09:55 . 2006-01-27 19:30 832512 ----a-w- c:\windows\system32\wininet.dll
2010-01-05 09:55 . 2006-01-27 19:29 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-01-05 09:55 . 2006-01-27 19:29 17408 ------w- c:\windows\system32\corpol.dll
2009-12-31 16:50 . 2006-01-27 19:29 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-18 13:55 . 2009-12-18 13:55 7680 ----a-w- c:\documents and settings\poli-02\Datos de programa\Thinstall\Alcohol_120%_v1.9.6.5429\400000 c00002i\Alcohol.exe
2009-12-18 13:55 . 2009-12-18 13:55 7680 ----a-w- c:\documents and settings\poli-02\Datos de programa\Thinstall\Alcohol_120%_v1.9.6.5429\400000 60900002i\_Alcohol.exe
2009-12-18 13:55 . 2009-12-18 13:55 7680 ----a-w- c:\documents and settings\poli-02\Datos de programa\Thinstall\Alcohol_120%_v1.9.6.5429\400000 4900003i\StarWindServiceAE.exe
2009-12-18 13:51 . 2009-12-18 13:51 685816 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-12-18 09:31 . 2009-12-18 09:31 2686232 ----a-w- c:\documents and settings\All Users\Datos de programa\SolidDocuments\Installer\Solid Converter PDF\poli-02\SolidSFX_Data\components\vcredist_x86.exe
.

((((((((((((((((((((((((((((( SnapShot@2010-03-16_08.23.40 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-03-17 07:00 . 2010-03-17 07:00 16384 c:\windows\Temp\Perflib_Perfdata_a50.dat
+ 2010-03-17 06:58 . 2010-03-17 06:58 16384 c:\windows\Temp\Perflib_Perfdata_640.dat
+ 2010-03-17 06:58 . 2010-03-17 06:58 16384 c:\windows\Temp\Perflib_Perfdata_234.dat
+ 2008-10-16 13:09 . 2009-08-06 18:24 44768 c:\windows\system32\wups2.dll
+ 2006-01-27 11:45 . 2009-08-06 18:24 35552 c:\windows\system32\wups.dll
+ 2006-01-27 19:30 . 2009-06-25 08:26 54272 c:\windows\system32\wdigest.dll
+ 2008-09-24 02:39 . 2010-01-23 08:11 46080 c:\windows\system32\tzchange.exe
+ 2006-01-27 19:30 . 2009-06-15 10:44 81920 c:\windows\system32\tlntsess.exe
+ 2006-01-27 19:29 . 2009-06-15 10:44 78336 c:\windows\system32\telnet.exe
- 2006-01-27 11:48 . 2007-11-30 11:18 26488 c:\windows\system32\spupdsvc.exe
+ 2006-01-27 11:48 . 2008-07-09 07:39 26488 c:\windows\system32\spupdsvc.exe
+ 2009-01-30 09:30 . 2009-05-26 11:40 18808 c:\windows\system32\spmsg.dll
+ 2006-01-27 19:30 . 2009-06-25 08:26 56832 c:\windows\system32\secur32.dll
+ 2006-01-27 19:30 . 2009-02-06 10:39 35328 c:\windows\system32\sc.exe
- 2006-01-27 19:30 . 2008-04-14 02:18 79872 c:\windows\system32\raschap.dll
+ 2006-01-27 19:30 . 2009-10-12 13:39 79872 c:\windows\system32\raschap.dll
- 2006-01-27 19:30 . 2008-12-20 22:47 44544 c:\windows\system32\pngfilt.dll
+ 2006-01-27 19:30 . 2010-01-05 09:55 44544 c:\windows\system32\pngfilt.dll
+ 2006-01-27 19:30 . 2010-03-17 06:57 90234 c:\windows\system32\perfc009.dat
- 2006-01-27 19:30 . 2010-03-10 07:02 90234 c:\windows\system32\perfc009.dat
+ 2006-01-27 19:29 . 2008-06-12 14:22 91648 c:\windows\system32\mtxoci.dll
- 2006-01-27 19:29 . 2008-04-14 02:18 91648 c:\windows\system32\mtxoci.dll
+ 2006-01-27 19:29 . 2008-06-12 14:22 66560 c:\windows\system32\mtxclu.dll
- 2006-01-27 19:29 . 2008-04-14 02:18 66560 c:\windows\system32\mtxclu.dll
+ 2004-08-19 15:42 . 2009-11-27 17:13 17920 c:\windows\system32\msyuv.dll
+ 2006-01-27 19:30 . 2009-11-27 16:08 28672 c:\windows\system32\msvidc32.dll
- 2006-01-27 19:30 . 2008-04-14 02:18 11264 c:\windows\system32\msrle32.dll
+ 2006-01-27 19:30 . 2009-11-27 16:08 11264 c:\windows\system32\msrle32.dll
- 2006-11-07 19:03 . 2008-12-20 22:46 52224 c:\windows\system32\msfeedsbs.dll
+ 2006-11-07 19:03 . 2010-01-05 09:55 52224 c:\windows\system32\msfeedsbs.dll
- 2006-01-27 11:43 . 2008-04-14 02:18 58880 c:\windows\system32\msdtclog.dll
+ 2006-01-27 11:43 . 2008-06-12 14:22 58880 c:\windows\system32\msdtclog.dll
+ 2006-01-27 19:30 . 2009-09-04 21:04 58880 c:\windows\system32\msasn1.dll
+ 2006-01-27 19:29 . 2010-01-05 09:55 27648 c:\windows\system32\jsproxy.dll
- 2006-01-27 19:29 . 2008-12-20 22:46 27648 c:\windows\system32\jsproxy.dll
+ 2004-08-19 15:42 . 2009-11-27 16:08 48128 c:\windows\system32\iyuv_32.dll
- 2006-11-07 01:26 . 2008-12-19 09:10 13824 c:\windows\system32\ieudinit.exe
+ 2006-11-07 01:26 . 2009-12-31 15:33 13824 c:\windows\system32\ieudinit.exe
+ 2006-01-27 19:29 . 2010-01-05 09:55 44544 c:\windows\system32\iernonce.dll
- 2006-01-27 19:29 . 2008-12-20 22:46 44544 c:\windows\system32\iernonce.dll
- 2006-01-27 19:29 . 2008-12-19 09:11 70656 c:\windows\system32\ie4uinit.exe
+ 2006-01-27 19:29 . 2009-12-31 15:33 70656 c:\windows\system32\ie4uinit.exe
- 2006-10-17 09:58 . 2008-12-20 22:46 63488 c:\windows\system32\icardie.dll
+ 2006-10-17 09:58 . 2010-01-05 09:55 63488 c:\windows\system32\icardie.dll
+ 2006-01-27 19:29 . 2009-10-15 16:32 81920 c:\windows\system32\fontsub.dll
+ 2006-01-27 19:29 . 2009-06-24 11:18 92928 c:\windows\system32\drivers\ksecdd.sys
+ 2006-01-27 11:45 . 2009-08-06 18:24 35552 c:\windows\system32\dllcache\wups.dll
+ 2009-06-25 08:26 . 2009-06-25 08:26 54272 c:\windows\system32\dllcache\wdigest.dll
+ 2009-06-15 10:44 . 2009-06-15 10:44 81920 c:\windows\system32\dllcache\tlntsess.exe
+ 2009-06-15 10:44 . 2009-06-15 10:44 78336 c:\windows\system32\dllcache\telnet.exe
+ 2009-06-25 08:26 . 2009-06-25 08:26 56832 c:\windows\system32\dllcache\secur32.dll
+ 2009-10-12 13:39 . 2009-10-12 13:39 79872 c:\windows\system32\dllcache\raschap.dll
- 2006-10-17 09:58 . 2008-12-20 22:47 44544 c:\windows\system32\dllcache\pngfilt.dll
+ 2006-10-17 09:58 . 2010-01-05 09:55 44544 c:\windows\system32\dllcache\pngfilt.dll
+ 2008-06-12 14:22 . 2008-06-12 14:22 91648 c:\windows\system32\dllcache\mtxoci.dll
+ 2008-06-12 14:22 . 2008-06-12 14:22 66560 c:\windows\system32\dllcache\mtxclu.dll
+ 2009-11-27 17:13 . 2009-11-27 17:13 17920 c:\windows\system32\dllcache\msyuv.dll
+ 2009-11-27 16:08 . 2009-11-27 16:08 28672 c:\windows\system32\dllcache\msvidc32.dll
+ 2009-11-27 16:08 . 2009-11-27 16:08 11264 c:\windows\system32\dllcache\msrle32.dll
+ 2008-08-26 08:11 . 2010-01-05 09:55 52224 c:\windows\system32\dllcache\msfeedsbs.dll
- 2008-08-26 08:11 . 2008-12-20 22:46 52224 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2008-06-12 14:22 . 2008-06-12 14:22 58880 c:\windows\system32\dllcache\msdtclog.dll
+ 2009-09-04 21:04 . 2009-09-04 21:04 58880 c:\windows\system32\dllcache\msasn1.dll
+ 2009-06-24 11:18 . 2009-06-24 11:18 92928 c:\windows\system32\dllcache\ksecdd.sys
+ 2006-01-27 19:29 . 2010-01-05 09:55 27648 c:\windows\system32\dllcache\jsproxy.dll
- 2006-01-27 19:29 . 2008-12-20 22:46 27648 c:\windows\system32\dllcache\jsproxy.dll
+ 2009-11-27 16:08 . 2009-11-27 16:08 48128 c:\windows\system32\dllcache\iyuv_32.dll
+ 2008-08-25 08:38 . 2009-12-31 15:33 13824 c:\windows\system32\dllcache\ieudinit.exe
- 2008-08-25 08:38 . 2008-12-19 09:10 13824 c:\windows\system32\dllcache\ieudinit.exe
+ 2006-11-07 01:26 . 2010-01-05 09:55 44544 c:\windows\system32\dllcache\iernonce.dll
- 2006-11-07 01:26 . 2008-12-20 22:46 44544 c:\windows\system32\dllcache\iernonce.dll
+ 2010-01-05 09:55 . 2010-01-05 09:55 78336 c:\windows\system32\dllcache\ieencode.dll
+ 2006-11-07 01:26 . 2009-12-31 15:33 70656 c:\windows\system32\dllcache\ie4uinit.exe
- 2006-11-07 01:26 . 2008-12-19 09:11 70656 c:\windows\system32\dllcache\ie4uinit.exe
+ 2008-08-26 08:11 . 2010-01-05 09:55 63488 c:\windows\system32\dllcache\icardie.dll
- 2008-08-26 08:11 . 2008-12-20 22:46 63488 c:\windows\system32\dllcache\icardie.dll
+ 2006-01-27 19:29 . 2009-12-14 07:09 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2006-01-27 19:29 . 2010-01-05 09:55 17408 c:\windows\system32\dllcache\corpol.dll
+ 2006-01-27 19:29 . 2009-11-27 16:08 85504 c:\windows\system32\dllcache\avifil32.dll
- 2006-01-27 19:29 . 2008-04-14 02:18 85504 c:\windows\system32\dllcache\avifil32.dll
- 2006-01-27 19:29 . 2008-04-14 02:18 58880 c:\windows\system32\dllcache\atl.dll
+ 2006-01-27 19:29 . 2009-07-17 19:03 58880 c:\windows\system32\dllcache\atl.dll
+ 2006-01-27 19:29 . 2009-12-14 07:09 33280 c:\windows\system32\csrsrv.dll
- 2006-01-27 19:29 . 2008-04-14 02:18 85504 c:\windows\system32\avifil32.dll
+ 2006-01-27 19:29 . 2009-11-27 16:08 85504 c:\windows\system32\avifil32.dll
- 2006-01-27 19:29 . 2008-04-14 02:18 58880 c:\windows\system32\atl.dll
+ 2006-01-27 19:29 . 2009-07-17 19:03 58880 c:\windows\system32\atl.dll
+ 2008-11-25 03:59 . 2008-11-25 03:59 31560 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspn et_wp.exe
+ 2009-06-24 18:56 . 2009-06-24 18:56 73728 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updat es\hotfix.exe
- 2007-04-13 19:58 . 2007-04-13 19:58 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscor sn.dll
+ 2008-05-27 23:49 . 2008-05-27 23:49 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscor sn.dll
- 2007-04-13 19:57 . 2007-04-13 19:57 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscor ie.dll
+ 2008-05-27 23:49 . 2008-05-27 23:49 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscor ie.dll
- 2007-04-13 19:57 . 2007-04-13 19:57 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPe rfMonExt.dll
+ 2008-05-27 23:49 . 2008-05-27 23:49 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPe rfMonExt.dll
+ 2008-05-28 00:30 . 2008-05-28 00:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspne t_wp.exe
- 2007-04-13 20:30 . 2007-04-13 20:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspne t_wp.exe
+ 2010-03-16 16:56 . 2010-03-16 16:56 32768 c:\windows\Installer\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}\icon.exe
+ 2010-03-16 16:56 . 2008-12-20 22:47 44544 c:\windows\ie7updates\KB978207-IE7\pngfilt.dll
+ 2010-03-16 16:56 . 2008-12-20 22:46 52224 c:\windows\ie7updates\KB978207-IE7\msfeedsbs.dll
+ 2010-03-16 16:56 . 2008-12-20 22:46 27648 c:\windows\ie7updates\KB978207-IE7\jsproxy.dll
+ 2010-03-16 16:56 . 2008-12-19 09:10 13824 c:\windows\ie7updates\KB978207-IE7\ieudinit.exe
+ 2010-03-16 16:56 . 2008-12-20 22:46 44544 c:\windows\ie7updates\KB978207-IE7\iernonce.dll
+ 2010-03-16 16:56 . 2008-04-14 02:18 81920 c:\windows\ie7updates\KB978207-IE7\ieencode.dll
+ 2010-03-16 16:56 . 2008-12-19 09:11 70656 c:\windows\ie7updates\KB978207-IE7\ie4uinit.exe
+ 2010-03-16 16:56 . 2008-12-20 22:46 63488 c:\windows\ie7updates\KB978207-IE7\icardie.dll
+ 2010-03-16 16:56 . 2008-04-14 02:18 35328 c:\windows\ie7updates\KB978207-IE7\corpol.dll
+ 2009-11-27 17:13 . 2009-11-27 17:13 17920 c:\windows\Driver Cache\i386\msyuv.dll
+ 2009-11-27 16:08 . 2009-11-27 16:08 48128 c:\windows\Driver Cache\i386\iyuv_32.dll
+ 2010-03-16 16:57 . 2010-03-16 16:57 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System .Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_31c2b 2d0\System.Drawing.Design.dll
+ 2010-03-16 16:57 . 2010-03-16 16:57 61440 c:\windows\assembly\NativeImages1_v1.1.4322\Custom Marshalers\1.0.5000.0__b03f5f7f11d50a3a_d4fbb2bf\C ustomMarshalers.dll
+ 2010-03-17 05:58 . 2010-03-17 05:58 24576 c:\windows\assembly\NativeImages_v2.0.50727_32\Wia Proxy32\49609a49c384253d333feeae9a59ad9a\WiaProxy3 2.ni.exe
+ 2010-03-17 05:48 . 2010-03-17 05:48 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIA utomationProvider\b4a9e413d5cd6d6ec2d50aa05381e293 \UIAutomationProvider.ni.dll
+ 2010-03-17 05:59 . 2010-03-17 05:59 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Windows.Pres#\8acb476a0d4ee17a12881e17ae74a6af \System.Windows.Presentation.ni.dll
+ 2010-03-17 05:59 . 2010-03-17 05:59 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Web.DynamicD#\4b87ca3482a3c0ee733e028ecee7de65 \System.Web.DynamicData.Design.ni.dll
+ 2010-03-17 05:58 . 2010-03-17 05:58 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.ComponentMod#\a0c71055364bd356971791284c3fb910 \System.ComponentModel.DataAnnotations.ni.dll
+ 2010-03-17 05:58 . 2010-03-17 05:58 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.AddIn.Contra#\f9a75bbdc2ce7db578b5977766a09b99 \System.AddIn.Contract.ni.dll
+ 2010-03-17 05:57 . 2010-03-17 05:57 44032 c:\windows\assembly\NativeImages_v2.0.50727_32\std ole\d5508d1d8577e42bcff02286c9a182b4\stdole.ni.dll
+ 2010-03-17 05:57 . 2010-03-17 05:57 14848 c:\windows\assembly\NativeImages_v2.0.50727_32\SBA IUI\50a5885e0c38da8bb485d59c8a6a5531\SBAIUI.ni.dll
+ 2010-03-17 05:46 . 2010-03-17 05:46 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\Pre sentationFontCac#\3dd0f86c966c75755d62eab8ddf0634c \PresentationFontCache.ni.exe
+ 2010-03-16 17:06 . 2010-03-16 17:06 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\Pre sentationCFFRast#\034d081fe294bab1ee1ecc98c1181424 \PresentationCFFRasterizer.ni.dll
+ 2010-03-17 05:57 . 2010-03-17 05:57 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.Vsa\f2673aec397c52796aef05bb9d2668df\Micros oft.Vsa.ni.dll
+ 2010-03-17 05:57 . 2010-03-17 05:57 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.VisualC\1ded203bd27031c3a5e3441f94b528c0\Mi crosoft.VisualC.ni.dll
+ 2010-03-17 05:58 . 2010-03-17 05:58 52224 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.SqlServer#\aa5fca2e3fe76559eb909ea1e90a5480 \microsoft.sqlserver.setup.resources.ni.dll
+ 2010-03-17 05:58 . 2010-03-17 05:58 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.SqlServer#\6e5ef1154588cf87669a1c431211c253 \Microsoft.SqlServer.CustomControls.ni.dll
+ 2010-03-17 05:58 . 2010-03-17 05:58 18432 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.SqlServer#\293e7432bda18653227089dd77af437d \microsoft.sqlserver.gridcontrol.resources.ni.dll
+ 2010-03-17 05:58 . 2010-03-17 05:58 69632 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.NetEnterp#\fefcf1e6701e48c97aca037dc9e98559 \microsoft.netenterpriseservers.exceptionmessagebo x.resources.ni.dll
+ 2010-03-17 05:57 . 2010-03-17 05:57 62976 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.Interop.e#\f468a02a480ee06b80592900bfa914f6 \Microsoft.Interop.eCRM.Ole.ni.dll
+ 2010-03-17 05:57 . 2010-03-17 05:57 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.Interop.e#\5e0031a1bd73e55af4c43b66760ddf66 \Microsoft.Interop.eCRM.NetFw.ni.dll
+ 2010-03-17 05:58 . 2010-03-17 05:58 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.Build.Fra#\d513fe1a81c441e7656a9b062cff4e9f \Microsoft.Build.Framework.ni.dll
+ 2010-03-17 05:58 . 2010-03-17 05:58 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.Build.Fra#\c5d504724d7f351b1d034615dbb72a2a \Microsoft.Build.Framework.ni.dll
+ 2010-03-17 05:58 . 2010-03-17 05:58 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\Int erop.WIA\3567e9f972165d48ab1ca52739705122\Interop. WIA.ni.dll
+ 2010-03-17 05:58 . 2010-03-17 05:58 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\Ext ensibility\c78bae30a7c9328ef4d9f7dae03a5950\Extens ibility.ni.dll
+ 2010-03-17 05:58 . 2010-03-17 05:58 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfs vc\a664ccab020f93f1d533919f57131190\dfsvc.ni.exe
+ 2010-03-17 05:57 . 2010-03-17 05:57 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Acc essibility\e63d6d26b8a664cfdfbd4ad75e03c14d\Access ibility.ni.dll
- 2009-12-15 11:09 . 2009-12-15 11:09 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExp ressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.Regu larExpressions.dll
+ 2010-03-16 17:05 . 2010-03-16 17:05 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExp ressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.Regu larExpressions.dll
- 2009-12-15 11:09 . 2009-12-15 11:09 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design \2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.d ll
+ 2010-03-16 17:05 . 2010-03-16 17:05 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design \2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.d ll
+ 2010-03-16 17:05 . 2010-03-16 17:05 81920 c:\windows\assembly\GAC_MSIL\System.Configuration. Install\2.0.0.0__b03f5f7f11d50a3a\System.Configura tion.Install.dll
- 2009-12-15 11:09 . 2009-12-15 11:09 81920 c:\windows\assembly\GAC_MSIL\System.Configuration. Install\2.0.0.0__b03f5f7f11d50a3a\System.Configura tion.Install.dll
+ 2010-03-16 17:05 . 2010-03-16 17:05 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0 __b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2009-12-15 11:09 . 2009-12-15 11:09 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0 __b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2010-03-16 17:05 . 2010-03-16 17:05 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.Code DOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.V sa.Vb.CodeDOMProcessor.dll
- 2009-12-15 11:09 . 2009-12-15 11:09 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.Code DOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.V sa.Vb.CodeDOMProcessor.dll
- 2009-12-15 11:09 . 2009-12-15 11:09 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic .Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBas ic.Vsa.dll
+ 2010-03-16 17:05 . 2010-03-16 17:05 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic .Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBas ic.Vsa.dll
- 2009-12-15 11:09 . 2009-12-15 11:09 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utili ties\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Uti lities.dll
+ 2010-03-16 17:05 . 2010-03-16 17:05 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utili ties\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Uti lities.dll
- 2009-12-15 11:09 . 2009-12-15 11:09 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Frame work\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Fra mework.dll
+ 2010-03-16 17:05 . 2010-03-16 17:05 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Frame work\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Fra mework.dll
- 2009-12-15 11:09 . 2009-12-15 11:09 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5 f7f11d50a3a\IEHost.dll
+ 2010-03-16 17:05 . 2010-03-16 17:05 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5 f7f11d50a3a\IEHost.dll
+ 2010-03-16 17:05 . 2010-03-16 17:05 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b0 3f5f7f11d50a3a\cscompmgd.dll
- 2009-12-15 11:09 . 2009-12-15 11:09 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b0 3f5f7f11d50a3a\cscompmgd.dll
+ 2010-03-16 17:05 . 2010-03-16 17:05 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0 __b03f5f7f11d50a3a\Accessibility.dll
- 2009-12-15 11:09 . 2009-12-15 11:09 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0 __b03f5f7f11d50a3a\Accessibility.dll
- 2009-12-15 11:09 . 2009-12-15 11:09 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b0 3f5f7f11d50a3a\ISymWrapper.dll
+ 2010-03-16 17:05 . 2010-03-16 17:05 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b0 3f5f7f11d50a3a\ISymWrapper.dll
+ 2010-03-16 17:05 . 2010-03-16 17:05 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0. 0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2009-12-15 11:09 . 2009-12-15 11:09 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0. 0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2010-03-16 17:05 . 2010-03-16 17:05 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a 3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2009-12-15 11:09 . 2009-12-15 11:09 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a 3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2001-08-22 22:15 . 2009-11-27 16:08 8704 c:\windows\system32\tsbyuv.dll
+ 2009-11-27 16:08 . 2009-11-27 16:08 8704 c:\windows\system32\dllcache\tsbyuv.dll
+ 2009-11-27 16:08 . 2009-11-27 16:08 8704 c:\windows\Driver Cache\i386\tsbyuv.dll
- 2009-12-15 11:09 . 2009-12-15 11:09 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0 .0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2010-03-16 17:05 . 2010-03-16 17:05 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0 .0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2010-03-16 17:05 . 2010-03-16 17:05 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0 .0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2009-12-15 11:09 . 2009-12-15 11:09 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0 .0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2009-12-15 11:09 . 2009-12-15 11:09 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f 5f7f11d50a3a\IIEHost.dll
+ 2010-03-16 17:05 . 2010-03-16 17:05 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f 5f7f11d50a3a\IIEHost.dll
- 2009-12-15 11:09 . 2009-12-15 11:09 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0_ _b03f5f7f11d50a3a\IEExecRemote.dll
+ 2010-03-16 17:05 . 2010-03-16 17:05 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0_ _b03f5f7f11d50a3a\IEExecRemote.dll
+ 2010-03-16 17:05 . 2010-03-16 17:05 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b0 3f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2009-12-15 11:09 . 2009-12-15 11:09 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b0 3f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2010-03-16 17:05 . 2010-03-16 17:05 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b0 3f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2009-12-15 11:09 . 2009-12-15 11:09 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b0 3f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2006-01-27 19:30 . 2009-04-01 22:02 604160 c:\windows\system32\wmspdmod.dll
+ 2006-01-27 19:30 . 2009-07-13 09:08 286720 c:\windows\system32\wmpdxm.dll
+ 2006-01-27 19:30 . 2009-06-10 06:15 132096 c:\windows\system32\wkssvc.dll
- 2006-01-27 19:30 . 2008-04-14 02:18 132096 c:\windows\system32\wkssvc.dll
- 2006-01-27 19:30 . 2008-04-14 02:18 354304 c:\windows\system32\winhttp.dll
+ 2006-01-27 19:30 . 2008-12-16 12:31 354304 c:\windows\system32\winhttp.dll
+ 2008-09-05 22:30 . 2009-03-10 21:18 969600 c:\windows\system32\WgaTray.exe
+ 2008-09-05 22:31 . 2009-03-10 21:18 265096 c:\windows\system32\WgaLogon.dll
+ 2006-01-27 19:30 . 2010-01-05 09:55 233472 c:\windows\system32\webcheck.dll
- 2006-01-27 19:30 . 2008-12-20 22:47 233472 c:\windows\system32\webcheck.dll
+ 2006-01-27 11:43 . 2009-02-06 10:10 227840 c:\windows\system32\wbem\wmiprvse.exe
+ 2006-01-27 11:43 . 2009-02-09 10:52 453120 c:\windows\system32\wbem\wmiprvsd.dll
+ 2006-01-27 11:43 . 2009-02-09 10:52 473600 c:\windows\system32\wbem\fastprox.dll
- 2006-01-27 19:30 . 2008-12-20 22:47 105984 c:\windows\system32\url.dll
+ 2006-01-27 19:30 . 2010-01-05 09:55 105984 c:\windows\system32\url.dll
+ 2006-01-27 19:30 . 2009-10-15 16:32 119808 c:\windows\system32\t2embed.dll
- 2006-01-27 19:30 . 2008-10-03 10:03 247326 c:\windows\system32\strmdll.dll
+ 2006-01-27 19:30 . 2009-08-26 08:01 247326 c:\windows\system32\strmdll.dll
+ 2006-01-27 19:30 . 2009-12-08 09:24 474624 c:\windows\system32\shlwapi.dll
- 2006-01-27 19:30 . 2008-04-14 02:18 474624 c:\windows\system32\shlwapi.dll
+ 2006-01-27 19:30 . 2009-02-09 11:23 111104 c:\windows\system32\services.exe
+ 2006-01-27 19:30 . 2009-06-25 08:26 147456 c:\windows\system32\schannel.dll
+ 2006-01-27 19:29 . 2009-02-09 10:52 401408 c:\windows\system32\rpcss.dll
+ 2006-01-27 19:30 . 2009-04-15 14:54 585216 c:\windows\system32\rpcrt4.dll
+ 2006-01-27 19:30 . 2009-10-12 13:39 150016 c:\windows\system32\rastls.dll
+ 2006-01-27 19:30 . 2010-03-17 06:57 492214 c:\windows\system32\perfh009.dat
- 2006-01-27 19:30 . 2010-03-10 07:02 492214 c:\windows\system32\perfh009.dat
+ 2006-01-27 19:30 . 2009-03-06 14:20 286720 c:\windows\system32\pdh.dll
- 2006-01-27 19:30 . 2008-04-14 02:18 286720 c:\windows\system32\pdh.dll
- 2006-01-27 19:30 . 2008-12-20 22:47 102912 c:\windows\system32\occache.dll
+ 2006-01-27 19:30 . 2010-01-05 09:55 102912 c:\windows\system32\occache.dll
+ 2006-01-27 19:30 . 2009-10-13 10:33 271360 c:\windows\system32\oakley.dll
- 2006-01-27 19:30 . 2008-04-14 02:18 271360 c:\windows\system32\oakley.dll
+ 2006-01-27 19:30 . 2009-02-09 10:52 739328 c:\windows\system32\ntdll.dll
+ 2006-01-27 19:30 . 2009-08-05 09:00 205312 c:\windows\system32\mswebdvd.dll
+ 2006-01-27 19:30 . 2009-09-11 14:18 136192 c:\windows\system32\msv1_0.dll
+ 2006-01-27 19:30 . 2010-01-05 09:55 671232 c:\windows\system32\mstime.dll
- 2006-01-27 19:30 . 2008-12-20 22:47 671232 c:\windows\system32\mstime.dll
+ 2006-01-27 19:30 . 2010-01-05 09:55 193024 c:\windows\system32\msrating.dll
- 2006-01-27 19:30 . 2008-12-20 22:47 193024 c:\windows\system32\msrating.dll
+ 2006-01-27 19:30 . 2010-01-05 09:55 477696 c:\windows\system32\mshtmled.dll
- 2006-01-27 19:30 . 2008-12-20 22:47 477696 c:\windows\system32\mshtmled.dll
- 2006-11-07 19:03 . 2008-12-20 22:46 459264 c:\windows\system32\msfeeds.dll
+ 2006-11-07 19:03 . 2010-01-05 09:55 459264 c:\windows\system32\msfeeds.dll
- 2006-01-27 19:29 . 2008-04-14 02:18 161792 c:\windows\system32\msdtcuiu.dll
+ 2006-01-27 19:29 . 2008-06-12 14:22 161792 c:\windows\system32\msdtcuiu.dll
+ 2006-01-27 19:29 . 2008-06-12 14:22 956928 c:\windows\system32\msdtctm.dll
- 2006-01-27 19:29 . 2008-04-14 02:18 956928 c:\windows\system32\msdtctm.dll
+ 2006-01-27 19:29 . 2008-06-12 14:22 428032 c:\windows\system32\msdtcprx.dll
+ 2006-01-27 19:29 . 2009-06-25 08:26 734720 c:\windows\system32\lsasrv.dll
+ 2006-01-27 19:29 . 2009-05-07 15:33 347648 c:\windows\system32\localspl.dll
+ 2006-01-27 19:29 . 2009-06-25 08:26 301568 c:\windows\system32\kerberos.dll
+ 2006-01-27 19:29 . 2009-08-13 15:21 512000 c:\windows\system32\jscript.dll
- 2006-01-27 19:29 . 2008-05-09 10:55 512000 c:\windows\system32\jscript.dll
+ 2006-10-17 09:57 . 2010-01-05 09:55 268288 c:\windows\system32\iertutil.dll
+ 2006-01-27 19:29 . 2010-01-05 09:55 192512 c:\windows\system32\iepeers.dll
+ 2006-01-27 19:29 . 2010-01-05 09:55 385024 c:\windows\system32\iedkcs32.dll
+ 2006-10-17 09:27 . 2010-01-05 09:55 380928 c:\windows\system32\ieapfltr.dll
- 2006-01-27 19:29 . 2008-12-19 05:23 161792 c:\windows\system32\ieakui.dll
+ 2006-01-27 19:29 . 2009-12-18 13:04 161792 c:\windows\system32\ieakui.dll
- 2006-01-27 19:29 . 2008-12-20 22:46 230400 c:\windows\system32\ieaksie.dll
+ 2006-01-27 19:29 . 2010-01-05 09:55 230400 c:\windows\system32\ieaksie.dll
- 2006-01-27 19:29 . 2008-12-20 22:46 153088 c:\windows\system32\ieakeng.dll
+ 2006-01-27 19:29 . 2010-01-05 09:55 153088 c:\windows\system32\ieakeng.dll
+ 2006-01-27 11:37 . 2010-03-17 05:45 350584 c:\windows\system32\FNTCACHE.DAT
- 2006-01-27 11:37 . 2009-12-18 16:49 350584 c:\windows\system32\FNTCACHE.DAT
- 2006-01-27 19:29 . 2008-12-20 22:46 133120 c:\windows\system32\extmgr.dll
+ 2006-01-27 19:29 . 2010-01-05 09:55 133120 c:\windows\system32\extmgr.dll
- 2006-01-27 19:29 . 2008-12-20 22:46 214528 c:\windows\system32\dxtrans.dll
+ 2006-01-27 19:29 . 2010-01-05 09:55 214528 c:\windows\system32\dxtrans.dll
- 2006-01-27 19:29 . 2008-12-20 22:46 347136 c:\windows\system32\dxtmsft.dll
+ 2006-01-27 19:29 . 2010-01-05 09:55 347136 c:\windows\system32\dxtmsft.dll
+ 2006-01-27 19:29 . 2009-12-04 18:22 455424 c:\windows\system32\drivers\mrxsmb.sys
+ 2006-01-27 19:30 . 2009-04-01 22:02 604160 c:\windows\system32\dllcache\wmspdmod.dll
+ 2006-01-27 19:30 . 2009-07-13 09:08 286720 c:\windows\system32\dllcache\wmpdxm.dll
+ 2009-06-10 06:15 . 2009-06-10 06:15 132096 c:\windows\system32\dllcache\wkssvc.dll
+ 2006-01-27 19:30 . 2010-01-05 09:55 832512 c:\windows\system32\dllcache\wininet.dll
+ 2008-12-16 12:31 . 2008-12-16 12:31 354304 c:\windows\system32\dllcache\winhttp.dll
+ 2008-09-05 22:30 . 2009-03-10 21:18 969600 c:\windows\system32\dllcache\WgaTray.exe
+ 2008-09-05 22:31 . 2009-03-10 21:18 265096 c:\windows\system32\dllcache\wgaLogon.dll
+ 2006-11-07 19:03 . 2010-01-05 09:55 233472 c:\windows\system32\dllcache\webcheck.dll
- 2006-11-07 19:03 . 2008-12-20 22:47 233472 c:\windows\system32\dllcache\webcheck.dll
+ 2006-01-27 19:30 . 2010-01-05 09:55 105984 c:\windows\system32\dllcache\url.dll
- 2006-01-27 19:30 . 2008-12-20 22:47 105984 c:\windows\system32\dllcache\url.dll
+ 2006-01-27 19:30 . 2009-08-26 08:01 247326 c:\windows\system32\dllcache\strmdll.dll
- 2006-01-27 19:30 . 2008-10-03 10:03 247326 c:\windows\system32\dllcache\strmdll.dll
+ 2008-11-20 15:29 . 2009-12-31 16:50 353792 c:\windows\system32\dllcache\srv.sys
+ 2009-12-08 09:24 . 2009-12-08 09:24 474624 c:\windows\system32\dllcache\shlwapi.dll
+ 2006-01-27 19:30 . 2009-06-25 08:26 147456 c:\windows\system32\dllcache\schannel.dll
+ 2009-04-15 14:54 . 2009-04-15 14:54 585216 c:\windows\system32\dllcache\rpcrt4.dll
+ 2009-10-12 13:39 . 2009-10-12 13:39 150016 c:\windows\system32\dllcache\rastls.dll
- 2006-10-17 10:04 . 2008-12-20 22:47 102912 c:\windows\system32\dllcache\occache.dll
+ 2006-10-17 10:04 . 2010-01-05 09:55 102912 c:\windows\system32\dllcache\occache.dll
+ 2009-10-13 10:33 . 2009-10-13 10:33 271360 c:\windows\system32\dllcache\oakley.dll
+ 2006-01-27 19:30 . 2009-02-09 10:52 739328 c:\windows\system32\dllcache\ntdll.dll
+ 2009-08-05 09:00 . 2009-08-05 09:00 205312 c:\windows\system32\dllcache\mswebdvd.dll
+ 2009-06-25 08:26 . 2009-09-11 14:18 136192 c:\windows\system32\dllcache\msv1_0.dll
+ 2006-11-07 19:03 . 2010-01-05 09:55 671232 c:\windows\system32\dllcache\mstime.dll
- 2006-11-07 19:03 . 2008-12-20 22:47 671232 c:\windows\system32\dllcache\mstime.dll
- 2006-10-17 10:05 . 2008-12-20 22:47 193024 c:\windows\system32\dllcache\msrating.dll
+ 2006-10-17 10:05 . 2010-01-05 09:55 193024 c:\windows\system32\dllcache\msrating.dll
- 2006-11-07 19:03 . 2008-12-20 22:47 477696 c:\windows\system32\dllcache\mshtmled.dll
+ 2006-11-07 19:03 . 2010-01-05 09:55 477696 c:\windows\system32\dllcache\mshtmled.dll
+ 2008-08-26 08:11 . 2010-01-05 09:55 459264 c:\windows\system32\dllcache\msfeeds.dll
- 2008-08-26 08:11 . 2008-12-20 22:46 459264 c:\windows\system32\dllcache\msfeeds.dll
+ 2008-06-12 14:22 . 2008-06-12 14:22 161792 c:\windows\system32\dllcache\msdtcuiu.dll
+ 2008-06-12 14:22 . 2008-06-12 14:22 956928 c:\windows\system32\dllcache\msdtctm.dll
+ 2008-06-12 14:22 . 2008-06-12 14:22 428032 c:\windows\system32\dllcache\msdtcprx.dll
+ 2008-11-20 15:27 . 2009-12-04 18:22 455424 c:\windows\system32\dllcache\mrxsmb.sys
+ 2006-01-27 19:29 . 2009-06-25 08:26 734720 c:\windows\system32\dllcache\lsasrv.dll
+ 2009-05-07 15:33 . 2009-05-07 15:33 347648 c:\windows\system32\dllcache\localspl.dll
+ 2009-06-25 08:26 . 2009-06-25 08:26 301568 c:\windows\system32\dllcache\kerberos.dll
+ 2006-01-27 19:29 . 2009-08-13 15:21 512000 c:\windows\system32\dllcache\jscript.dll
- 2006-01-27 19:29 . 2008-05-09 10:55 512000 c:\windows\system32\dllcache\jscript.dll
+ 2006-10-17 10:04 . 2009-12-18 13:05 634648 c:\windows\system32\dllcache\iexplore.exe
+ 2008-08-26 08:11 . 2010-01-05 09:55 268288 c:\windows\system32\dllcache\iertutil.dll
+ 2006-11-07 19:03 . 2010-01-05 09:55 192512 c:\windows\system32\dllcache\iepeers.dll
+ 2006-11-07 01:27 . 2010-01-05 09:55 385024 c:\windows\system32\dllcache\iedkcs32.dll
+ 2008-08-26 08:11 . 2010-01-05 09:55 380928 c:\windows\system32\dllcache\ieapfltr.dll
- 2006-11-07 01:25 . 2008-12-19 05:23 161792 c:\windows\system32\dllcache\ieakui.dll
+ 2006-11-07 01:25 . 2009-12-18 13:04 161792 c:\windows\system32\dllcache\ieakui.dll
- 2006-11-07 01:27 . 2008-12-20 22:46 230400 c:\windows\system32\dllcache\ieaksie.dll
+ 2006-11-07 01:27 . 2010-01-05 09:55 230400 c:\windows\system32\dllcache\ieaksie.dll
+ 2006-11-07 01:26 . 2010-01-05 09:55 153088 c:\windows\system32\dllcache\ieakeng.dll
- 2006-11-07 01:26 . 2008-12-20 22:46 153088 c:\windows\system32\dllcache\ieakeng.dll
- 2006-11-07 19:03 . 2008-12-20 22:46 133120 c:\windows\system32\dllcache\extmgr.dll
+ 2006-11-07 19:03 . 2010-01-05 09:55 133120 c:\windows\system32\dllcache\extmgr.dll
- 2006-10-17 09:57 . 2008-12-20 22:46 214528 c:\windows\system32\dllcache\dxtrans.dll
+ 2006-10-17 09:57 . 2010-01-05 09:55 214528 c:\windows\system32\dllcache\dxtrans.dll
- 2006-10-17 09:58 . 2008-12-20 22:46 347136 c:\windows\system32\dllcache\dxtmsft.dll
+ 2006-10-17 09:58 . 2010-01-05 09:55 347136 c:\windows\system32\dllcache\dxtmsft.dll
+ 2006-01-27 19:29 . 2010-01-05 09:55 124928 c:\windows\system32\dllcache\advpack.dll
- 2006-01-27 19:29 . 2008-12-20 22:46 124928 c:\windows\system32\dllcache\advpack.dll
+ 2006-01-27 19:29 . 2009-02-09 10:52 685056 c:\windows\system32\dllcache\advapi32.dll
- 2006-01-27 19:29 . 2008-04-14 02:18 685056 c:\windows\system32\dllcache\advapi32.dll
+ 2006-01-27 19:29 . 2009-11-21 15:58 471552 c:\windows\system32\dllcache\aclayers.dll
+ 2006-01-27 19:29 . 2010-01-05 09:55 124928 c:\windows\system32\advpack.dll
- 2006-01-27 19:29 . 2008-12-20 22:46 124928 c:\windows\system32\advpack.dll
+ 2006-01-27 19:29 . 2009-02-09 10:52 685056 c:\windows\system32\advapi32.dll
- 2006-01-27 19:29 . 2008-04-14 02:18 685056 c:\windows\system32\advapi32.dll
+ 2008-11-25 03:59 . 2008-11-25 03:59 436040 c:\windows\Microsoft.NET\Framework\v2.0.50727\webe ngine.dll
- 2008-07-25 10:17 . 2008-07-25 10:17 486400 c:\windows\Microsoft.NET\Framework\v2.0.50727\Syst em.Data.OracleClient.dll
+ 2008-11-25 03:59 . 2008-11-25 03:59 486400 c:\windows\Microsoft.NET\Framework\v2.0.50727\Syst em.Data.OracleClient.dll
+ 2008-11-25 03:59 . 2008-11-25 03:59 364872 c:\windows\Microsoft.NET\Framework\v2.0.50727\msco rjit.dll
+ 2009-08-07 22:51 . 2009-08-07 22:51 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\msco rdacwks.dll
+ 2008-05-27 23:49 . 2008-05-27 23:49 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscor ld.dll
- 2007-04-13 19:58 . 2007-04-13 19:58 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscor ld.dll
+ 2008-05-27 23:48 . 2008-05-27 23:48 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscor jit.dll
- 2007-04-13 19:56 . 2007-04-13 19:56 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscor jit.dll
+ 2008-05-28 00:30 . 2008-05-28 00:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspne t_isapi.dll
- 2007-04-13 20:30 . 2007-04-13 20:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspne t_isapi.dll
+ 2008-12-13 08:58 . 2008-12-13 08:58 754688 c:\windows\Installer\1d074fc.msp
+ 2009-03-20 10:48 . 2009-03-20 10:48 183808 c:\windows\Installer\1d074d8.msp
+ 2010-03-16 16:56 . 2010-03-16 16:56 429568 c:\windows\Installer\1d074b9.msi
+ 2010-03-16 16:56 . 2008-12-20 22:47 826368 c:\windows\ie7updates\KB978207-IE7\wininet.dll
+ 2010-03-16 16:56 . 2008-12-20 22:47 233472 c:\windows\ie7updates\KB978207-IE7\webcheck.dll
+ 2010-03-16 16:56 . 2008-12-20 22:47 105984 c:\windows\ie7updates\KB978207-IE7\url.dll
+ 2010-03-16 16:56 . 2009-05-26 11:40 401272 c:\windows\ie7updates\KB978207-IE7\spuninst\updspapi.dll
+ 2010-03-16 16:56 . 2009-05-26 11:40 233848 c:\windows\ie7updates\KB978207-IE7\spuninst\spuninst.exe
+ 2010-03-16 16:56 . 2008-12-20 22:47 102912 c:\windows\ie7updates\KB978207-IE7\occache.dll
+ 2010-03-16 16:56 . 2008-12-20 22:47 671232 c:\windows\ie7updates\KB978207-IE7\mstime.dll
+ 2010-03-16 16:56 . 2008-12-20 22:47 193024 c:\windows\ie7updates\KB978207-IE7\msrating.dll
+ 2010-03-16 16:56 . 2008-12-20 22:47 477696 c:\windows\ie7updates\KB978207-IE7\mshtmled.dll
+ 2010-03-16 16:56 . 2008-12-20 22:46 459264 c:\windows\ie7updates\KB978207-IE7\msfeeds.dll
+ 2010-03-16 16:56 . 2008-12-19 05:25 634024 c:\windows\ie7updates\KB978207-IE7\iexplore.exe
+ 2010-03-16 16:56 . 2008-12-20 22:46 267776 c:\windows\ie7updates\KB978207-IE7\iertutil.dll
+ 2010-03-16 16:56 . 2006-11-07 19:03 191488 c:\windows\ie7updates\KB978207-IE7\iepeers.dll
+ 2010-03-16 16:56 . 2008-12-20 22:46 384512 c:\windows\ie7updates\KB978207-IE7\iedkcs32.dll
+ 2010-03-16 16:56 . 2008-12-20 22:46 383488 c:\windows\ie7updates\KB978207-IE7\ieapfltr.dll
+ 2010-03-16 16:56 . 2008-12-19 05:23 161792 c:\windows\ie7updates\KB978207-IE7\ieakui.dll
+ 2010-03-16 16:56 . 2008-12-20 22:46 230400 c:\windows\ie7updates\KB978207-IE7\ieaksie.dll
+ 2010-03-16 16:56 . 2008-12-20 22:46 153088 c:\windows\ie7updates\KB978207-IE7\ieakeng.dll
+ 2010-03-16 16:56 . 2008-12-20 22:46 133120 c:\windows\ie7updates\KB978207-IE7\extmgr.dll
+ 2010-03-16 16:56 . 2008-12-20 22:46 214528 c:\windows\ie7updates\KB978207-IE7\dxtrans.dll
+ 2010-03-16 16:56 . 2008-12-20 22:46 347136 c:\windows\ie7updates\KB978207-IE7\dxtmsft.dll
+ 2010-03-16 16:56 . 2008-12-20 22:46 124928 c:\windows\ie7updates\KB978207-IE7\advpack.dll
+ 2008-11-20 15:27 . 2009-12-04 18:22 455424 c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2010-03-16 16:58 . 2010-03-16 16:58 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System .Drawing\1.0.5000.0__b03f5f7f11d50a3a_b7cdc0d9\Sys tem.Drawing.dll
+ 2010-03-16 16:58 . 2010-03-16 16:58 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System .Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_9682c b7c\System.Drawing.Design.dll
+ 2010-03-16 16:58 . 2010-03-16 16:58 118784 c:\windows\assembly\NativeImages1_v1.1.4322\Custom Marshalers\1.0.5000.0__b03f5f7f11d50a3a_ffa0a27c\C ustomMarshalers.dll
+ 2010-03-17 05:57 . 2010-03-17 05:57 539136 c:\windows\assembly\NativeImages_v2.0.50727_32\Xce ed.Zip\3b13d2c8b76423ed2a6236d660dea671\Xceed.Zip. ni.dll
+ 2010-03-17 05:58 . 2010-03-17 05:58 661504 c:\windows\assembly\NativeImages_v2.0.50727_32\Xce ed.Grid.UIStyle\63bc13fa79cc8a3a6d7609c5509794cc\X ceed.Grid.UIStyle.ni.dll
+ 2010-03-17 05:57 . 2010-03-17 05:57 311808 c:\windows\assembly\NativeImages_v2.0.50727_32\Xce ed.FileSystem\64c1b5b82f9c60d2b4f8b5f1f0d65312\Xce ed.FileSystem.ni.dll
+ 2010-03-17 05:57 . 2010-03-17 05:57 267264 c:\windows\assembly\NativeImages_v2.0.50727_32\Xce ed.Compression\274e84974b9f28de2ca0e3451ae062f7\Xc eed.Compression.ni.dll
+ 2010-03-17 05:57 . 2010-03-17 05:57 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\Wsa tConfig\e2098e43d115155d6ba91ba3a7e577cf\WsatConfi g.ni.exe
+ 2010-03-17 05:48 . 2010-03-17 05:48 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\Win dowsFormsIntegra#\bf92bc207f927cbbd6dfc9dc0c3eae68 \WindowsFormsIntegration.ni.dll
+ 2010-03-17 05:48 . 2010-03-17 05:48 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIA utomationTypes\6f488b7644dc50a083868e91a4014466\UI AutomationTypes.ni.dll
+ 2010-03-17 05:48 . 2010-03-17 05:48 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIA utomationClient\c2fbf25609b704061a93500efa6f241d\U IAutomationClient.ni.dll
+ 2010-03-17 05:59 . 2010-03-17 05:59 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Xml.Linq\eb23b78564687badff1bd1f1d0a0ec97\Syst em.Xml.Linq.ni.dll
+ 2010-03-17 05:59 . 2010-03-17 05:59 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Web.Routing\e7666364bf9f3ba5f4833c9efedd8218\S ystem.Web.Routing.ni.dll
+ 2010-03-17 05:57 . 2010-03-17 05:57 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Web.RegularE#\b5f1b8791e6c47e5bd5e7018c346c586 \System.Web.RegularExpressions.ni.dll
+ 2010-03-17 05:59 . 2010-03-17 05:59 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Web.Extensio#\884eacddf339b8b342f66aedff5f8ef9 \System.Web.Extensions.Design.ni.dll
+ 2010-03-17 05:59 . 2010-03-17 05:59 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Web.Entity\9e199645bd26f1afe58ebe185d1e7f0f\Sy stem.Web.Entity.ni.dll
+ 2010-03-17 05:59 . 2010-03-17 05:59 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Web.Entity.D#\652017ebe962ab2eb271c2524f31cd61 \System.Web.Entity.Design.ni.dll
+ 2010-03-17 05:59 . 2010-03-17 05:59 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Web.DynamicD#\d0070c1c1a642ae30394e00bc0d82336 \System.Web.DynamicData.ni.dll
+ 2010-03-17 05:59 . 2010-03-17 05:59 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Web.Abstract#\1896753d02d146be1988d32241300f51 \System.Web.Abstractions.ni.dll
+ 2010-03-17 05:57 . 2010-03-17 05:57 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Transactions\408e637346ef628a3f54fb1b9b83ac9f\ System.Transactions.ni.dll
+ 2010-03-17 05:57 . 2010-03-17 05:57 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.ServiceProce#\1f61bccb700d687775cf778dd77752e9 \System.ServiceProcess.ni.dll
+ 2010-03-17 05:57 . 2010-03-17 05:57 676352 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Security\a9e9b885a6601469c4058375cc74d856\Syst em.Security.ni.dll
+ 2010-03-17 05:57 . 2010-03-17 05:57 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Runtime.Seri#\9bc34a79af9c3ed2cf17a0226c769b4c \System.Runtime.Serialization.Formatters.Soap.ni.d ll
+ 2010-03-17 05:57 . 2010-03-17 05:57 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Runtime.Remo#\af21e3011fb4e107b13ea5c40c351ec4 \System.Runtime.Remoting.ni.dll
+ 2010-03-17 05:59 . 2010-03-17 05:59 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Net\5f74a84e9d28c2332c51f6e30da0e125\System.Ne t.ni.dll
+ 2010-03-17 05:57 . 2010-03-17 05:57 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Management\2c208e4c5521f31057ea7d6e93c6a567\Sy stem.Management.ni.dll
+ 2010-03-17 05:59 . 2010-03-17 05:59 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Management.I#\818b20a7c6f3b2fe97bf008ca24080c1 \System.Management.Instrumentation.ni.dll
+ 2010-03-17 05:56 . 2010-03-17 05:56 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.IO.Log\6c273eb9d1ee8b66b5ecb073de4b785d\System .IO.Log.ni.dll
+ 2010-03-17 05:58 . 2010-03-17 05:58 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.IdentityMode#\7222db518afb4eaaa138824278249bc7 \System.IdentityModel.Selectors.ni.dll
+ 2010-03-17 05:57 . 2010-03-17 05:57 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.EnterpriseSe#\8a7d0bd0057a8ed38291d5662248f7a1 \System.EnterpriseServices.Wrapper.dll
+ 2010-03-17 05:57 . 2010-03-17 05:57 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.EnterpriseSe#\8a7d0bd0057a8ed38291d5662248f7a1 \System.EnterpriseServices.ni.dll
+ 2010-03-17 05:48 . 2010-03-17 05:48 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Drawing.Desi#\ca6d7208c0fb72ff97429f2636ced321 \System.Drawing.Design.ni.dll
+ 2010-03-17 05:59 . 2010-03-17 05:59 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.DirectorySer#\c92fc19800e701c90f90ab7a2ab44c47 \System.DirectoryServices.AccountManagement.ni.dll
+ 2010-03-17 05:57 . 2010-03-17 05:57 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.DirectorySer#\a601f47a98ee67df424685c9a66ea449 \System.DirectoryServices.Protocols.ni.dll
+ 2010-03-17 05:59 . 2010-03-17 05:59 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Data.Service#\b91b44015859163646f210d284f7166a \System.Data.Services.Client.ni.dll
+ 2010-03-17 05:59 . 2010-03-17 05:59 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Data.Service#\1b35297e07b85071daecdb06f96750a1 \System.Data.Services.Design.ni.dll
+ 2010-03-17 05:59 . 2010-03-17 05:59 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Data.Entity.#\cf906bf9146d1f0013451ec63b58e064 \System.Data.Entity.Design.ni.dll
+ 2010-03-17 05:58 . 2010-03-17 05:58 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Data.DataSet#\4ff4134b0d490c090e03d74e104517c4 \System.Data.DataSetExtensions.ni.dll
+ 2010-03-17 05:57 . 2010-03-17 05:57 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Configuration\7c743462baccf29b3567b0e3ec9ac134 \System.Configuration.ni.dll
+ 2010-03-17 05:57 . 2010-03-17 05:57 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Configuratio#\443e3a85c491b2de4a2ac654cb957484 \System.Configuration.Install.ni.dll
+ 2010-03-17 05:58 . 2010-03-17 05:58 633856
Responder Con Cita
  post #8  
Antiguo 17/03/10, 02:30:14
Usuario
  
Registrado: mar 2010
Ubicación: bcn
Mensajes: 5
Re: Error al inciar xp en svchost.exe no written
2.parte
c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.AddIn\cba35f47925431a54d0e6ae147a292f1\System. AddIn.ni.dll
+ 2010-03-17 05:57 . 2010-03-17 05:57 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMS vcHost\6af32fe5cbec0aa54e2efa6910c73651\SMSvcHost. ni.exe
+ 2010-03-17 05:57 . 2010-03-17 05:57 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMD iagnostics\7602d7687fb9bd21cd9ae60d2b187c99\SMDiag nostics.ni.dll
+ 2010-03-17 05:57 . 2010-03-17 05:57 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\Ser viceModelReg\a23dc25782df04533a13e348203e4dc5\Serv iceModelReg.ni.exe
+ 2010-03-17 05:57 . 2010-03-17 05:57 107520 c:\windows\assembly\NativeImages_v2.0.50727_32\SBA IREPORTING\cb6ca5aeb7be1cd72c7bbff161d064d1\SBAIRE PORTING.ni.dll
+ 2010-03-17 05:57 . 2010-03-17 05:57 636416 c:\windows\assembly\NativeImages_v2.0.50727_32\SBA IAPIV2\f421938a06bf637b4e6f31f34e6c4006\SBAIAPIV2. ni.dll
+ 2010-03-17 05:57 . 2010-03-17 05:57 532992 c:\windows\assembly\NativeImages_v2.0.50727_32\SBA IAPI\e258a2ea4a299a30e6a16e420421501c\SBAIAPI.ni.d ll
+ 2010-03-17 05:47 . 2010-03-17 05:47 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\Pre sentationFramewo#\96f74da5fc40b92f09069230bc0df4f0 \PresentationFramework.Royale.ni.dll
+ 2010-03-17 05:47 . 2010-03-17 05:47 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\Pre sentationFramewo#\3bb4d16b042b72c2c85a0f8ac9d48f28 \PresentationFramework.Luna.ni.dll
+ 2010-03-17 05:47 . 2010-03-17 05:47 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\Pre sentationFramewo#\30c5c2682d3c5bdaa83bb9a36ee48afa \PresentationFramework.Aero.ni.dll
+ 2010-03-17 05:47 . 2010-03-17 05:47 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\Pre sentationFramewo#\07e952efd70f5608e221a008e6231ace \PresentationFramework.Classic.ni.dll
+ 2010-03-17 05:58 . 2010-03-17 05:58 896000 c:\windows\assembly\NativeImages_v2.0.50727_32\Pai ntDotNet.SystemL#\84507114b982aafa914c6275539b058a \PaintDotNet.SystemLayer.ni.dll
+ 2010-03-17 05:58 . 2010-03-17 05:58 158720 c:\windows\assembly\NativeImages_v2.0.50727_32\Pai ntDotNet.SystemL#\1faef98c4a0b7c2af18edab074d25a57 \PaintDotNet.SystemLayer.Native.x86.ni.dll
+ 2010-03-17 05:58 . 2010-03-17 05:58 389632 c:\windows\assembly\NativeImages_v2.0.50727_32\Pai ntDotNet.Resourc#\1772ceacd75c76185ef9becfa754898c \PaintDotNet.Resources.ni.dll
+ 2010-03-17 05:58 . 2010-03-17 05:58 795648 c:\windows\assembly\NativeImages_v2.0.50727_32\Pai ntDotNet.Effects\bd8dd3ba45f813dd0591b1e3841a9ba3\ PaintDotNet.Effects.ni.dll
+ 2010-03-17 05:58 . 2010-03-17 05:58 657408 c:\windows\assembly\NativeImages_v2.0.50727_32\Pai ntDotNet.Data\40b399904776f9f52c74c6f280a04503\Pai ntDotNet.Data.ni.dll
+ 2010-03-17 05:58 . 2010-03-17 05:58 768000 c:\windows\assembly\NativeImages_v2.0.50727_32\Pai ntDotNet.Base\9d653679f511da1e2835de797c8fbab9\Pai ntDotNet.Base.ni.dll
+ 2010-03-17 05:58 . 2010-03-17 05:58 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSB uild\eade8c1c9c1e8e5ffb50e6c9b9af0f6a\MSBuild.ni.e xe
+ 2010-03-17 05:57 . 2010-03-17 05:57 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.Transacti#\fc4d66e0a92b3767006a84f2519d2457 \Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2010-03-17 05:58 . 2010-03-17 05:58 989184 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.SqlServer#\fe850e1c91814bda449dfd9182b9b4c4 \Microsoft.SqlServer.WizardFrameworkLite.ni.dll
+ 2010-03-17 05:58 . 2010-03-17 05:58 530432 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.SqlServer#\d7ea2018a9d7f99ac9443e0fe6a47e3a \Microsoft.SqlServer.GridControl.ni.dll
+ 2010-03-17 05:58 . 2010-03-17 05:58 336384 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.SqlServer#\9427b481088964fda02e95ddc72697b1 \microsoft.sqlserver.wizardframeworklite.resources .ni.dll
+ 2010-03-17 05:58 . 2010-03-17 05:58 355840 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.SqlServer#\92ad34568cb1f05993a0f3de1a4e397e \Microsoft.SqlServer.Setup.ni.dll
+ 2010-03-17 05:58 . 2010-03-17 05:58 231936 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.NetEnterp#\706da1a166233589443d483e43b66310 \Microsoft.NetEnterpriseServers.ExceptionMessageBo x.ni.dll
+ 2010-03-17 05:58 . 2010-03-17 05:58 350208 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.Iris.Impo#\ab74b108b7f031eab9e7db7b282f4dd2 \Microsoft.Iris.ImportExportDataAccess.ni.dll
+ 2010-03-17 05:58 . 2010-03-17 05:58 385024 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.Iris.Impo#\86fb10b1416bfa09c5f71b5e1398e1c4 \Microsoft.Iris.ImportExport.ni.dll
+ 2010-03-17 05:57 . 2010-03-17 05:57 152064 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.Interop.M#\aaad918ff5df6d6fb668e1228e89e4b4 \Microsoft.Interop.Mapi.Interfaces.ni.dll
+ 2010-03-17 05:57 . 2010-03-17 05:57 177664 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.Interop.M#\697e069b3b0529fd1dd5e3527634fdbb \Microsoft.Interop.Mapi.PropTags.ni.dll
+ 2010-03-17 05:58 . 2010-03-17 05:58 595968 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.Interop.e#\fdd44a34a8884dba5e23a50fc6c8ca20 \Microsoft.Interop.eCRM.MSComCtl.ni.dll
+ 2010-03-17 05:57 . 2010-03-17 05:57 945152 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.Interop.e#\f3d86c5996ae54bafd11d7b428f458ac \Microsoft.Interop.eCRM.msforms.ni.dll
+ 2010-03-17 05:57 . 2010-03-17 05:57 472064 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.Interop.e#\eaf0eb6eb80891fde9545d2060834868 \Microsoft.Interop.eCRM.Publisher.ni.dll
+ 2010-03-17 05:57 . 2010-03-17 05:57 318976 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.Interop.e#\adcf66dc0aef03877fb7a7b934b6a0c0 \Microsoft.Interop.eCRM.SHDocVw.ni.dll
+ 2010-03-17 05:57 . 2010-03-17 05:57 493056 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.eCRM.Offi#\b99d2249dcb81d928274de876f20580e \Microsoft.eCRM.Office.ni.dll
+ 2010-03-17 05:57 . 2010-03-17 05:57 108544 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.eCRM.AxSH#\f734e49c74b32bf4e1595a631d19cf76 \Microsoft.eCRM.AxSHDocVw.ni.dll
+ 2010-03-17 05:57 . 2010-03-17 05:57 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.BusinessS#\4b79cbdcd12037a890f2d797197bcd0c \Microsoft.BusinessSolutions.eCRM.DataSync.ni.dll
+ 2010-03-17 05:58 . 2010-03-17 05:58 860160 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.BusinessS#\0d3613cb7e15f49cf420660ff21eaed9 \Microsoft.BusinessSolutions.eCRM.OutlookAddIn.Imp ortExportUI.ni.dll
+ 2010-03-17 05:58 . 2010-03-17 05:58 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.Build.Uti#\58ca3ecc52b7246b448c109817198a0b \Microsoft.Build.Utilities.ni.dll
+ 2010-03-17 05:58 . 2010-03-17 05:58 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.Build.Uti#\4dd43724dd92026577c6f588270137a0 \Microsoft.Build.Utilities.v3.5.ni.dll
+ 2010-03-17 05:58 . 2010-03-17 05:58 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.Build.Eng#\8c651f75bb741330370986dcad8e9e5b \Microsoft.Build.Engine.ni.dll
+ 2010-03-17 05:58 . 2010-03-17 05:58 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.Build.Con#\a6dcbae619ccd938bfe808c54d6d3ae0 \Microsoft.Build.Conversion.v3.5.ni.dll
+ 2010-03-17 05:57 . 2010-03-17 05:57 390144 c:\windows\assembly\NativeImages_v2.0.50727_32\Iri s.Mapi.MessageSt#\bb2e3e9ed321aca8964659a4f665ef1a \Iris.Mapi.MessageStore.ni.dll
+ 2010-03-17 05:58 . 2010-03-17 05:58 518656 c:\windows\assembly\NativeImages_v2.0.50727_32\ICS harpCode.SharpZi#\f73e92fa544b940a6f1849227fc33c54 \ICSharpCode.SharpZipLib.ni.dll
+ 2010-03-17 05:58 . 2010-03-17 05:58 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\Cus tomMarshalers\77688ce14f221ed94a9f442ae4736123\Cus tomMarshalers.ni.dll
+ 2010-03-17 05:57 . 2010-03-17 05:57 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\Com SvcConfig\a17c65f0cffaa4f792dd38d50df9d526\ComSvcC onfig.ni.exe
+ 2010-03-17 05:57 . 2010-03-17 05:57 469504 c:\windows\assembly\NativeImages_v2.0.50727_32\BCM MSIDCRL.Managed\b945c11a4d4ed466286044646b4bf16c\B CMMSIDCRL.Managed.ni.dll
+ 2010-03-17 05:57 . 2010-03-17 05:57 484352 c:\windows\assembly\NativeImages_v2.0.50727_32\BCM Common\7904dc02ecd7a26ecec78945403d2a9c\BCMCommon. ni.dll
+ 2010-03-17 05:57 . 2010-03-17 05:57 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\Asp NetMMCExt\85d7c111956b478766d90625b35d963f\AspNetM MCExt.ni.dll
- 2009-12-15 11:09 . 2009-12-15 11:09 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2 .0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2010-03-16 17:05 . 2010-03-16 17:05 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2 .0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2010-03-16 17:05 . 2010-03-16 17:05 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0 .0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2009-12-15 11:09 . 2009-12-15 11:09 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0 .0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2009-12-15 11:12 . 2009-12-15 11:12 139264 c:\windows\assembly\GAC_MSIL\System.Web.Entity\3.5 .0.0__b77a5c561934e089\System.Web.Entity.dll
+ 2010-03-16 17:02 . 2010-03-16 17:02 139264 c:\windows\assembly\GAC_MSIL\System.Web.Entity\3.5 .0.0__b77a5c561934e089\System.Web.Entity.dll
+ 2010-03-16 17:02 . 2010-03-16 17:02 229376 c:\windows\assembly\GAC_MSIL\System.Web.DynamicDat a\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData .dll
- 2009-12-15 11:09 . 2009-12-15 11:09 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess \2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.d ll
+ 2010-03-16 17:05 . 2010-03-16 17:05 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess \2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.d ll
- 2009-12-15 11:09 . 2009-12-15 11:09 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0 .0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-03-16 17:05 . 2010-03-16 17:05 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0 .0__b03f5f7f11d50a3a\System.Security.dll
- 2009-12-15 11:09 . 2009-12-15 11:09 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serial ization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\ System.Runtime.Serialization.Formatters.Soap.dll
+ 2010-03-16 17:05 . 2010-03-16 17:05 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serial ization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\ System.Runtime.Serialization.Formatters.Soap.dll
- 2009-12-15 11:09 . 2009-12-15 11:09 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoti ng\2.0.0.0__b77a5c561934e089\System.Runtime.Remoti ng.dll
+ 2010-03-16 17:05 . 2010-03-16 17:05 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoti ng\2.0.0.0__b77a5c561934e089\System.Runtime.Remoti ng.dll
+ 2010-03-16 17:05 . 2010-03-16 17:05 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0. 0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2009-12-15 11:09 . 2009-12-15 11:09 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0. 0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2010-03-16 17:05 . 2010-03-16 17:05 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0 .0.0__b03f5f7f11d50a3a\System.Management.dll
- 2009-12-15 11:09 . 2009-12-15 11:09 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0 .0.0__b03f5f7f11d50a3a\System.Management.dll
- 2009-12-15 11:09 . 2009-12-15 11:09 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0. 0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2010-03-16 17:05 . 2010-03-16 17:05 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0. 0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2010-03-16 17:05 . 2010-03-16 17:05 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServi ces\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServ ices.dll
- 2009-12-15 11:09 . 2009-12-15 11:09 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServi ces\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServ ices.dll
+ 2010-03-16 17:05 . 2010-03-16 17:05 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServi ces.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.Dir ectoryServices.Protocols.dll
- 2009-12-15 11:09 . 2009-12-15 11:09 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServi ces.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.Dir ectoryServices.Protocols.dll
- 2009-12-15 11:09 . 2009-12-15 11:09 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0 .0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2010-03-16 17:05 . 2010-03-16 17:05 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0 .0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2009-12-15 11:09 . 2009-12-15 11:09 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2. 0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2010-03-16 17:05 . 2010-03-16 17:05 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2. 0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2010-03-16 17:02 . 2010-03-16 17:02 442368 c:\windows\assembly\GAC_MSIL\System.Data.Services\ 3.5.0.0__b77a5c561934e089\System.Data.Services.dll
- 2009-12-15 11:12 . 2009-12-15 11:12 442368 c:\windows\assembly\GAC_MSIL\System.Data.Services\ 3.5.0.0__b77a5c561934e089\System.Data.Services.dll
- 2009-12-15 11:12 . 2009-12-15 11:12 294912 c:\windows\assembly\GAC_MSIL\System.Data.Services. Client\3.5.0.0__b77a5c561934e089\System.Data.Servi ces.Client.dll
+ 2010-03-16 17:02 . 2010-03-16 17:02 294912 c:\windows\assembly\GAC_MSIL\System.Data.Services. Client\3.5.0.0__b77a5c561934e089\System.Data.Servi ces.Client.dll
- 2009-12-15 11:09 . 2009-12-15 11:09 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\ 2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2010-03-16 17:05 . 2010-03-16 17:05 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\ 2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2009-12-15 11:09 . 2009-12-15 11:09 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03 f5f7f11d50a3a\sysglobl.dll
+ 2010-03-16 17:05 . 2010-03-16 17:05 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03 f5f7f11d50a3a\sysglobl.dll
+ 2010-03-16 17:05 . 2010-03-16 17:05 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic \8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.d ll
- 2009-12-15 11:09 . 2009-12-15 11:09 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic \8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.d ll
- 2009-12-15 11:09 . 2009-12-15 11:09 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic .Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft .VisualBasic.Compatibility.dll
+ 2010-03-16 17:05 . 2010-03-16 17:05 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic .Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft .VisualBasic.Compatibility.dll
- 2009-12-15 11:09 . 2009-12-15 11:09 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic .Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Micr osoft.VisualBasic.Compatibility.Data.dll
+ 2010-03-16 17:05 . 2010-03-16 17:05 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic .Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Micr osoft.VisualBasic.Compatibility.Data.dll
- 2009-12-15 11:09 . 2009-12-15 11:09 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0 .0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2010-03-16 17:05 . 2010-03-16 17:05 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0 .0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2010-03-16 17:05 . 2010-03-16 17:05 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks \2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.d ll
- 2009-12-15 11:09 . 2009-12-15 11:09 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks \2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.d ll
- 2009-12-15 11:09 . 2009-12-15 11:09 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engin e\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine .dll
+ 2010-03-16 17:05 . 2010-03-16 17:05 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engin e\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine .dll
+ 2010-03-16 17:05 . 2010-03-16 17:05 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0_ _b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2009-12-15 11:09 . 2009-12-15 11:09 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0_ _b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2010-03-16 17:05 . 2010-03-16 17:05 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0 .0.0__b77a5c561934e089\System.Transactions.dll
- 2009-12-15 11:09 . 2009-12-15 11:09 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0 .0.0__b77a5c561934e089\System.Transactions.dll
+ 2010-03-16 17:05 . 2010-03-16 17:05 113664 c:\windows\assembly\GAC_32\System.EnterpriseServic es\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServ ices.Wrapper.dll
- 2009-12-15 11:09 . 2009-12-15 11:09 113664 c:\windows\assembly\GAC_32\System.EnterpriseServic es\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServ ices.Wrapper.dll
+ 2010-03-16 17:05 . 2010-03-16 17:05 258048 c:\windows\assembly\GAC_32\System.EnterpriseServic es\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServ ices.dll
- 2009-12-15 11:09 . 2009-12-15 11:09 258048 c:\windows\assembly\GAC_32\System.EnterpriseServic es\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServ ices.dll
+ 2010-03-16 17:05 . 2010-03-16 17:05 486400 c:\windows\assembly\GAC_32\System.Data.OracleClien t\2.0.0.0__b77a5c561934e089\System.Data.OracleClie nt.dll
- 2009-12-15 11:09 . 2009-12-15 11:09 486400 c:\windows\assembly\GAC_32\System.Data.OracleClien t\2.0.0.0__b77a5c561934e089\System.Data.OracleClie nt.dll
+ 2006-01-27 19:29 . 2009-11-21 15:58 471552 c:\windows\AppPatch\aclayers.dll
+ 2010-03-16 08:34 . 2009-08-13 13:56 1748992 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_65 95b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll
+ 2009-07-20 23:03 . 2009-07-20 23:03 1348432 c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf34 5378f_4.20.9876.0_x-ww_a621d1d5\msxml4.dll
+ 2006-01-27 19:30 . 2009-05-20 03:56 2458112 c:\windows\system32\WMVCore.dll
- 2006-01-27 19:30 . 2008-06-18 04:03 2458112 c:\windows\system32\WMVCore.dll
+ 2006-01-27 19:30 . 2009-07-13 09:08 5537792 c:\windows\system32\wmp.dll
- 2006-01-27 19:30 . 2007-04-30 07:20 5537792 c:\windows\system32\wmp.dll
+ 2006-01-27 19:29 . 2009-08-14 15:14 1850752 c:\windows\system32\win32k.sys
+ 2006-01-27 19:30 . 2010-01-05 09:55 1168384 c:\windows\system32\urlmon.dll
- 2006-01-27 19:30 . 2008-04-14 02:18 1440256 c:\windows\system32\query.dll
+ 2006-01-27 19:30 . 2009-07-17 16:16 1440256 c:\windows\system32\query.dll
+ 2006-01-27 19:30 . 2009-11-27 17:13 1297920 c:\windows\system32\quartz.dll
- 2006-01-27 19:29 . 2008-08-14 13:23 2147840 c:\windows\system32\ntoskrnl.exe
+ 2006-01-27 19:29 . 2009-12-09 10:09 2147840 c:\windows\system32\ntoskrnl.exe
- 2004-08-19 15:33 . 2008-08-14 13:23 2026496 c:\windows\system32\ntkrnlpa.exe
+ 2004-08-19 15:33 . 2009-12-09 10:09 2026496 c:\windows\system32\ntkrnlpa.exe
+ 2008-08-29 19:06 . 2009-07-31 09:03 1372672 c:\windows\system32\msxml6.dll
+ 2009-07-20 23:05 . 2009-07-20 23:05 1348432 c:\windows\system32\msxml4.dll
+ 2006-01-27 19:30 . 2009-07-31 04:33 1172480 c:\windows\system32\msxml3.dll
+ 2006-01-27 11:43 . 2009-06-10 08:21 2066432 c:\windows\system32\mstscax.dll
+ 2006-01-27 19:30 . 2010-01-05 09:55 3599360 c:\windows\system32\mshtml.dll
+ 2008-09-05 22:30 . 2009-03-10 21:18 1482112 c:\windows\system32\LegitCheckControl.dll
- 2006-01-27 19:29 . 2008-04-14 02:18 1042944 c:\windows\system32\kernel32.dll
+ 2006-01-27 19:29 . 2009-03-21 14:08 1042944 c:\windows\system32\kernel32.dll
+ 2006-11-07 19:03 . 2010-01-05 09:55 6067200 c:\windows\system32\ieframe.dll
+ 2006-09-05 21:01 . 2009-06-29 08:33 2452872 c:\windows\system32\ieapfltr.dat
+ 2006-01-27 19:30 . 2009-05-20 03:56 2458112 c:\windows\system32\dllcache\WMVCore.dll
- 2006-01-27 19:30 . 2008-06-18 04:03 2458112 c:\windows\system32\dllcache\WMVCore.dll
+ 2006-01-27 19:30 . 2009-07-13 09:08 5537792 c:\windows\system32\dllcache\wmp.dll
- 2006-01-27 19:30 . 2007-04-30 07:20 5537792 c:\windows\system32\dllcache\wmp.dll
+ 2008-11-20 15:28 . 2009-08-14 15:14 1850752 c:\windows\system32\dllcache\win32k.sys
+ 2006-01-27 19:30 . 2010-01-05 09:55 1168384 c:\windows\system32\dllcache\urlmon.dll
+ 2009-07-17 16:16 . 2009-07-17 16:16 1440256 c:\windows\system32\dllcache\query.dll
+ 2008-05-07 05:11 . 2009-11-27 17:13 1297920 c:\windows\system32\dllcache\quartz.dll
+ 2008-11-20 15:26 . 2009-12-09 10:09 2191616 c:\windows\system32\dllcache\ntoskrnl.exe
- 2008-11-20 15:26 . 2008-08-14 13:23 2191616 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2008-11-20 15:26 . 2009-12-09 10:09 2026496 c:\windows\system32\dllcache\ntkrpamp.exe
- 2008-11-20 15:26 . 2008-08-14 13:23 2026496 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2008-11-20 15:26 . 2009-12-09 10:09 2068480 c:\windows\system32\dllcache\ntkrnlpa.exe
- 2008-11-20 15:26 . 2008-08-14 13:23 2068480 c:\windows\system32\dllcache\ntkrnlpa.exe
- 2006-01-27 19:29 . 2008-08-14 13:23 2147840 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2006-01-27 19:29 . 2009-12-09 10:09 2147840 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2008-04-14 02:18 . 2009-07-31 09:03 1372672 c:\windows\system32\dllcache\msxml6.dll
+ 2008-11-20 15:28 . 2009-07-31 04:33 1172480 c:\windows\system32\dllcache\msxml3.dll
+ 2009-06-10 08:21 . 2009-06-10 08:21 2066432 c:\windows\system32\dllcache\mstscax.dll
+ 2006-11-07 19:03 . 2010-01-05 09:55 3599360 c:\windows\system32\dllcache\mshtml.dll
- 2006-01-27 19:29 . 2008-04-14 02:18 1042944 c:\windows\system32\dllcache\kernel32.dll
+ 2006-01-27 19:29 . 2009-03-21 14:08 1042944 c:\windows\system32\dllcache\kernel32.dll
+ 2008-10-03 17:12 . 2010-01-05 09:55 6067200 c:\windows\system32\dllcache\ieframe.dll
+ 2007-04-17 09:32 . 2009-06-29 08:33 2452872 c:\windows\system32\dllcache\ieapfltr.dat
+ 2008-12-05 18:35 . 2008-12-05 18:35 1736528 c:\windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx _v0300.dll
+ 2008-12-05 19:12 . 2008-12-05 19:12 5931008 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll
- 2008-07-29 18:16 . 2008-07-29 18:16 5931008 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll
- 2008-07-25 10:17 . 2008-07-25 10:17 2048000 c:\windows\Microsoft.NET\Framework\v2.0.50727\Syst em.XML.dll
+ 2008-11-25 03:59 . 2008-11-25 03:59 2048000 c:\windows\Microsoft.NET\Framework\v2.0.50727\Syst em.XML.dll
+ 2008-11-25 03:59 . 2008-11-25 03:59 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\Syst em.Web.dll
+ 2009-08-07 22:51 . 2009-08-07 22:51 5812560 c:\windows\Microsoft.NET\Framework\v2.0.50727\msco rwks.dll
- 2008-07-25 10:17 . 2008-07-25 10:17 4546560 c:\windows\Microsoft.NET\Framework\v2.0.50727\msco rlib.dll
+ 2009-08-07 22:51 . 2009-08-07 22:51 4546560 c:\windows\Microsoft.NET\Framework\v2.0.50727\msco rlib.dll
+ 2008-05-28 00:35 . 2008-05-28 00:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\Syste m.Web.dll
- 2007-04-13 20:35 . 2007-04-13 20:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\Syste m.Web.dll
- 2007-04-13 20:35 . 2007-04-13 20:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\Syste m.dll
+ 2008-05-28 00:35 . 2008-05-28 00:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\Syste m.dll
+ 2008-05-27 23:48 . 2008-05-27 23:48 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscor wks.dll
- 2007-04-13 19:57 . 2007-04-13 19:57 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscor wks.dll
- 2007-04-13 19:57 . 2007-04-13 19:57 2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscor svr.dll
+ 2008-05-27 23:48 . 2008-05-27 23:48 2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscor svr.dll
- 2007-04-13 19:50 . 2007-04-13 19:50 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscor lib.dll
+ 2008-05-27 23:43 . 2008-05-27 23:43 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscor lib.dll
+ 2010-03-16 11:16 . 2010-03-16 11:16 3962368 c:\windows\Installer\987388.msi
+ 2008-12-13 08:57 . 2008-12-13 08:57 8397824 c:\windows\Installer\1d074e7.msp
+ 2010-03-16 16:56 . 2008-12-20 22:47 1160192 c:\windows\ie7updates\KB978207-IE7\urlmon.dll
+ 2010-03-16 16:56 . 2009-01-16 20:05 3594752 c:\windows\ie7updates\KB978207-IE7\mshtml.dll
+ 2010-03-16 16:56 . 2008-12-20 22:46 6066688 c:\windows\ie7updates\KB978207-IE7\ieframe.dll
+ 2010-03-16 16:56 . 2007-04-17 09:32 2455488 c:\windows\ie7updates\KB978207-IE7\ieapfltr.dat
+ 2008-11-20 15:26 . 2009-12-09 10:09 2191616 c:\windows\Driver Cache\i386\ntoskrnl.exe
- 2008-11-20 15:26 . 2008-08-14 13:23 2191616 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2008-11-20 15:26 . 2009-12-09 10:09 2026496 c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2008-11-20 15:26 . 2008-08-14 13:23 2026496 c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2008-11-20 15:26 . 2008-08-14 13:23 2068480 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2008-11-20 15:26 . 2009-12-09 10:09 2068480 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2008-11-20 15:26 . 2009-12-09 10:09 2147840 c:\windows\Driver Cache\i386\ntkrnlmp.exe
- 2008-11-20 15:26 . 2008-08-14 13:23 2147840 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2010-03-16 16:57 . 2010-03-16 16:57 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System \1.0.5000.0__b77a5c561934e089_370b2e57\System.dll
+ 2010-03-16 16:58 . 2010-03-16 16:58 4792320 c:\windows\assembly\NativeImages1_v1.1.4322\System \1.0.5000.0__b77a5c561934e089_306c98c3\System.dll
+ 2010-03-16 16:57 . 2010-03-16 16:57 2088960 c:\windows\assembly\NativeImages1_v1.1.4322\System .Xml\1.0.5000.0__b77a5c561934e089_de94635f\System. Xml.dll
+ 2010-03-16 16:58 . 2010-03-16 16:58 5513216 c:\windows\assembly\NativeImages1_v1.1.4322\System .Xml\1.0.5000.0__b77a5c561934e089_7134c62d\System. Xml.dll
+ 2010-03-16 16:58 . 2010-03-16 16:58 7884800 c:\windows\assembly\NativeImages1_v1.1.4322\System .Windows.Forms\1.0.5000.0__b77a5c561934e089_e362ef 33\System.Windows.Forms.dll
+ 2010-03-16 16:57 . 2010-03-16 16:57 3018752 c:\windows\assembly\NativeImages1_v1.1.4322\System .Windows.Forms\1.0.5000.0__b77a5c561934e089_2ba2b6 a0\System.Windows.Forms.dll
+ 2010-03-16 16:58 . 2010-03-16 16:58 2244608 c:\windows\assembly\NativeImages1_v1.1.4322\System .Drawing\1.0.5000.0__b03f5f7f11d50a3a_ffa0e234\Sys tem.Drawing.dll
+ 2010-03-16 16:58 . 2010-03-16 16:58 1470464 c:\windows\assembly\NativeImages1_v1.1.4322\System .Design\1.0.5000.0__b03f5f7f11d50a3a_b7ffa82f\Syst em.Design.dll
+ 2010-03-16 16:58 . 2010-03-16 16:58 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System .Design\1.0.5000.0__b03f5f7f11d50a3a_635eee74\Syst em.Design.dll
+ 2010-03-16 16:58 . 2010-03-16 16:58 8908800 c:\windows\assembly\NativeImages1_v1.1.4322\mscorl ib\1.0.5000.0__b77a5c561934e089_e278d77d\mscorlib. dll
+ 2010-03-16 16:58 . 2010-03-16 16:58 3391488 c:\windows\assembly\NativeImages1_v1.1.4322\mscorl ib\1.0.5000.0__b77a5c561934e089_baf03b8a\mscorlib. dll
+ 2010-03-17 05:58 . 2010-03-17 05:58 2102272 c:\windows\assembly\NativeImages_v2.0.50727_32\Xce ed.Grid\eafd1fe2672e600c6a61bbcc237c62f8\Xceed.Gri d.ni.dll
+ 2010-03-16 17:06 . 2010-03-16 17:06 3313664 c:\windows\assembly\NativeImages_v2.0.50727_32\Win dowsBase\204d6e5b335134f23ca37638b9227ecf\WindowsB ase.ni.dll
+ 2010-03-17 05:48 . 2010-03-17 05:48 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIA utomationClients#\0f2ed6a204eb13841e99b77025464afc \UIAutomationClientsideProviders.ni.dll
+ 2010-03-16 17:06 . 2010-03-16 17:06 7868416 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem\3de5bd01124463d7862bd173af90bc83\System.ni.dll
+ 2010-03-17 05:48 . 2010-03-17 05:48 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Xml\5913d3f81e77194ec833991b1047a532\System.Xm l.ni.dll
+ 2010-03-17 05:59 . 2010-03-17 05:59 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.WorkflowServ#\fa48917b13629d8effa80dd4a2f2973d \System.WorkflowServices.ni.dll
+ 2010-03-17 05:59 . 2010-03-17 05:59 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Workflow.Run#\6fe66ee6f3c81996bc148f1ebe7ec030 \System.Workflow.Runtime.ni.dll
+ 2010-03-17 05:59 . 2010-03-17 05:59 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Workflow.Com#\9d0b61f2f1ebdc300bd970f594c422ef \System.Workflow.ComponentModel.ni.dll
+ 2010-03-17 05:59 . 2010-03-17 05:59 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Workflow.Act#\65328898148a720d394f802f192fc2a0 \System.Workflow.Activities.ni.dll
+ 2010-03-17 05:57 . 2010-03-17 05:57 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Web.Services\ea07ac791bb5cb9f83679e3dd1a0c0cc\ System.Web.Services.ni.dll
+ 2010-03-17 05:59 . 2010-03-17 05:59 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Web.Mobile\29e2f8b1fb691ced973acf49fcee6ec1\Sy stem.Web.Mobile.ni.dll
+ 2010-03-17 05:59 . 2010-03-17 05:59 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Web.Extensio#\981dea02bc63c0c083e335adf9018788 \System.Web.Extensions.ni.dll
+ 2010-03-17 05:48 . 2010-03-17 05:48 1917440 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Speech\99594bae1d022502925f5b9dfcdaae9a\System .Speech.ni.dll
+ 2010-03-17 05:59 . 2010-03-17 05:59 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.ServiceModel#\e182695d05ea57257568bc5f3208aca7 \System.ServiceModel.Web.ni.dll
+ 2010-03-17 05:56 . 2010-03-17 05:56 2338304 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Runtime.Seri#\67ad55827f2542552b576170f0a7dc56 \System.Runtime.Serialization.ni.dll
+ 2010-03-17 05:48 . 2010-03-17 05:48 1035264 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Printing\e5313735a40c0800f116e27fba4754db\Syst em.Printing.ni.dll
+ 2010-03-17 05:56 . 2010-03-17 05:56 1056768 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.IdentityModel\c3b18fef5c6dc3bcdbe5df699fd21a55 \System.IdentityModel.ni.dll
+ 2010-03-17 05:48 . 2010-03-17 05:48 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Drawing\abb2ac7e08bee026f857d8fa36f9fe6f\Syste m.Drawing.ni.dll
+ 2010-03-17 05:57 . 2010-03-17 05:57 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.DirectorySer#\f47ebb9db460874b1bcbfc391dc970b1 \System.DirectoryServices.ni.dll
+ 2010-03-17 05:57 . 2010-03-17 05:57 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Deployment\c94a427baa7683f4221b91f90c18461b\Sy stem.Deployment.ni.dll
+ 2010-03-17 05:47 . 2010-03-17 05:47 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Data\694c07365e0fd6bba0bc304d4d2404a7\System.D ata.ni.dll
+ 2010-03-17 05:57 . 2010-03-17 05:57 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Data.SqlXml\272152f0cc139490729e215611a4b244\S ystem.Data.SqlXml.ni.dll
+ 2010-03-17 05:59 . 2010-03-17 05:59 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Data.Services\112a48e34620a0210eb850040da8a31b \System.Data.Services.ni.dll
+ 2010-03-17 05:57 . 2010-03-17 05:57 1115136 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Data.OracleC#\ffa1018e8022964eb51025c2c6d8727a \System.Data.OracleClient.ni.dll
+ 2010-03-17 05:47 . 2010-03-17 05:47 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Data.Linq\32788c58ff9f8324460604cf1fe7681b\Sys tem.Data.Linq.ni.dll
+ 2010-03-17 05:59 . 2010-03-17 05:59 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Data.Entity\9012cac7819660f61f1c69cf8e4f2ccf\S ystem.Data.Entity.ni.dll
+ 2010-03-17 05:47 . 2010-03-17 05:47 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Core\c0a42d2ad8a4078040b334f6770ea11f\System.C ore.ni.dll
+ 2010-03-17 05:47 . 2010-03-17 05:47 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\Rea chFramework\954685c29689d2a6126ceca1fd55e904\Reach Framework.ni.dll
+ 2010-03-17 05:47 . 2010-03-17 05:47 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\Pre sentationUI\a3a6f52ce1d09a7bdccc8e7fc664792d\Prese ntationUI.ni.dll
+ 2010-03-16 17:06 . 2010-03-16 17:06 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\Pre sentationBuildTa#\f906701365083c1473db31519147e263 \PresentationBuildTasks.ni.dll
+ 2010-03-17 05:58 . 2010-03-17 05:58 3130368 c:\windows\assembly\NativeImages_v2.0.50727_32\Pai ntDotNet\6316dd99901836d0c364f6816b270d29\PaintDot Net.ni.exe
+ 2010-03-17 05:58 . 2010-03-17 05:58 1842176 c:\windows\assembly\NativeImages_v2.0.50727_32\Pai ntDotNet.Core\4cb948d2aca284c06ce58788f17146fe\Pai ntDotNet.Core.ni.dll
+ 2010-03-17 05:57 . 2010-03-17 05:57 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.VisualBas#\6eee9b772b6d12d3dbd82f118c2ab2e5 \Microsoft.VisualBasic.ni.dll
+ 2010-03-17 05:57 . 2010-03-17 05:57 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.Transacti#\f19e9b439636d0744597fff1331cad04 \Microsoft.Transactions.Bridge.ni.dll
+ 2010-03-17 05:57 . 2010-03-17 05:57 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.JScript\5b1af7b5be24c7ace065fe1c81c2b650\Mi crosoft.JScript.ni.dll
+ 2010-03-17 05:57 . 2010-03-17 05:57 1039872 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.Interop.M#\c95037bd8b2bfd0484e2d8221125e822 \Microsoft.Interop.Mapi.Impl.ni.dll
+ 2010-03-17 05:58 . 2010-03-17 05:58 2479104 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.Interop.e#\af99bb68d12326000c157308daa7b5c5 \Microsoft.Interop.eCRM.Excel.ni.dll
+ 2010-03-17 05:57 . 2010-03-17 05:57 1486848 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.Interop.e#\27dc61c4ebcb770d223f637b08943523 \Microsoft.Interop.eCRM.Word.ni.dll
+ 2010-03-17 05:58 . 2010-03-17 05:58 2830848 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.BusinessS#\c9a9ef49459949dbc1ce690cf327abbe \Microsoft.BusinessSolutions.eCRM.Reports2.ni.dll
+ 2010-03-17 05:58 . 2010-03-17 05:58 1491456 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.BusinessS#\af62affe5428cd6d2748dc302f311279 \Microsoft.BusinessSolutions.eCRM.OutlookAddIn.ni. dll
+ 2010-03-17 05:57 . 2010-03-17 05:57 4066816 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.BusinessS#\abbaadd4f580d1baeb8793751adb7e1e \Microsoft.BusinessSolutions.eCRM.OutlookAddIn.CSU tils.ni.dll
+ 2010-03-17 05:58 . 2010-03-17 05:58 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.Build.Tas#\9eec1cc7ac37e0c7f3205e8156149c5a \Microsoft.Build.Tasks.ni.dll
+ 2010-03-17 05:58 . 2010-03-17 05:58 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.Build.Tas#\28c0730288453d57d5dcd62903c4d31b \Microsoft.Build.Tasks.v3.5.ni.dll
+ 2010-03-17 05:58 . 2010-03-17 05:58 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.Build.Eng#\5dd4f58999eed37c12aee7ea9f9863ac \Microsoft.Build.Engine.ni.dll
+ 2010-03-17 05:57 . 2010-03-17 05:57 3795968 c:\windows\assembly\NativeImages_v2.0.50727_32\Bus inessLayer\a66fe61da20109fce9eca21e48638b1b\Busine ssLayer.ni.dll
+ 2010-03-17 05:57 . 2010-03-17 05:57 1526272 c:\windows\assembly\NativeImages_v2.0.50727_32\BCM Res\b9a00580f5179f99b8ce4b83acfb32b3\BCMRes.ni.dll
+ 2010-03-16 17:05 . 2010-03-16 17:05 3149824 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5 c561934e089\System.dll
- 2009-12-15 11:09 . 2009-12-15 11:09 3149824 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5 c561934e089\System.dll
+ 2010-03-16 17:05 . 2010-03-16 17:05 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b 77a5c561934e089\System.XML.dll
- 2009-12-15 11:09 . 2009-12-15 11:09 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b 77a5c561934e089\System.XML.dll
+ 2010-03-16 17:05 . 2010-03-16 17:05 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\ 2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2009-12-15 11:09 . 2009-12-15 11:09 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\ 2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2010-03-16 17:02 . 2010-03-16 17:02 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions \3.5.0.0__31bf3856ad364e35\System.Web.Extensions.d ll
- 2009-12-15 11:12 . 2009-12-15 11:12 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions \3.5.0.0__31bf3856ad364e35\System.Web.Extensions.d ll
- 2009-12-15 11:11 . 2009-12-15 11:11 5931008 c:\windows\assembly\GAC_MSIL\System.ServiceModel\3 .0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2010-03-16 17:02 . 2010-03-16 17:02 5931008 c:\windows\assembly\GAC_MSIL\System.ServiceModel\3 .0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2010-03-16 17:05 . 2010-03-16 17:05 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0 __b03f5f7f11d50a3a\System.Design.dll
- 2009-12-15 11:09 . 2009-12-15 11:09 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0 __b03f5f7f11d50a3a\System.Design.dll
+ 2010-03-16 17:02 . 2010-03-16 17:02 5283840 c:\windows\assembly\GAC_MSIL\PresentationFramework \3.0.0.0__31bf3856ad364e35\PresentationFramework.d ll
- 2009-12-15 11:11 . 2009-12-15 11:11 5283840 c:\windows\assembly\GAC_MSIL\PresentationFramework \3.0.0.0__31bf3856ad364e35\PresentationFramework.d ll
+ 2010-03-16 17:05 . 2010-03-16 17:05 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03 f5f7f11d50a3a\System.Web.dll
- 2009-12-15 11:09 . 2009-12-15 11:09 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b7 7a5c561934e089\System.Data.dll
+ 2010-03-16 17:05 . 2010-03-16 17:05 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b7 7a5c561934e089\System.Data.dll
- 2009-12-15 11:09 . 2009-12-15 11:09 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5 c561934e089\mscorlib.dll
+ 2010-03-16 17:05 . 2010-03-16 17:05 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5 c561934e089\mscorlib.dll
- 2008-11-20 17:01 . 2008-11-20 17:01 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c5 61934e089\System.dll
+ 2010-03-16 16:57 . 2010-03-16 16:57 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c5 61934e089\System.dll
- 2008-11-20 17:01 . 2008-11-20 17:01 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03 f5f7f11d50a3a\System.Web.dll
+ 2010-03-16 16:57 . 2010-03-16 16:57 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03 f5f7f11d50a3a\System.Web.dll
+ 2009-08-10 20:08 . 2009-08-10 20:08 11315712 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updat es\M953297\M953297Uninstall.msp
+ 2009-08-14 19:32 . 2009-08-14 19:32 11110912 c:\windows\Installer\1d07505.msp
+ 2008-12-13 09:21 . 2008-12-13 09:21 10473472 c:\windows\Installer\1d074f1.msp
+ 2009-08-10 13:09 . 2009-08-10 13:09 17254912 c:\windows\Installer\1d074cf.msp
+ 2010-03-17 05:48 . 2010-03-17 05:48 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Windows.Forms\d2ea8d76f015817db1607075812b555f \System.Windows.Forms.ni.dll
+ 2010-03-17 05:57 . 2010-03-17 05:57 11796992 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Web\5cea03cfb008f2eac1439a9905467f37\System.We b.ni.dll
+ 2010-03-17 05:56 . 2010-03-17 05:56 17317888 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.ServiceModel\06d6eab93282d2b136a377bd50b7c5a9\ System.ServiceModel.ni.dll
+ 2010-03-17 05:48 . 2010-03-17 05:48 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Design\8b82e08c008924d51833cb0884bcbfc5\System .Design.ni.dll
+ 2010-03-17 05:46 . 2010-03-17 05:46 14327808 c:\windows\assembly\NativeImages_v2.0.50727_32\Pre sentationFramewo#\58c7ac6b6054038dc9346d7ec8e32b4c \PresentationFramework.ni.dll
+ 2010-03-17 05:46 . 2010-03-17 05:46 12216320 c:\windows\assembly\NativeImages_v2.0.50727_32\Pre sentationCore\94badbd64df59de7da249f71da38b1c2\Pre sentationCore.ni.dll
+ 2010-03-16 17:06 . 2010-03-16 17:06 11486720 c:\windows\assembly\NativeImages_v2.0.50727_32\msc orlib\7124a40b9998f7b63c86bd1a2125ce26\mscorlib.ni .dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"SpybotSD TeaTimer"="c:\archivos de programa\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-03-21 141848]
"Persistence"="c:\windows\system32\igfxpers.ex e" [2008-03-21 137752]
"ISUSPM Startup"="c:\archiv~1\ARCHIV~1\INSTAL~1\UPDATE~1\I SUSPM.exe" [2004-07-27 221184]
"Adobe Reader Speed Launcher"="c:\archivos de programa\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\archivos de programa\Archivos comunes\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\poli-02\Men£ Inicio\Programas\Inicio\
ePrompter.lnk - c:\archivos de programa\ePrompter\ePrompter.exe [2008-11-27 782336]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="c:\documents and settings\All Users\Datos de programa\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 13:21 548352 ----a-w- c:\archivos de programa\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\ati0sixx.sys]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\ati1uxxx.sys]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\ati2wyxx.sys]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\ati3ilxx.sys]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\ati3kmxx.sys]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\ati3wtxx.sys]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\ati4plxx.sys]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\ati4rtxx.sys]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\ati5jvxx.sys]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\ati5lxxx.sys]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\ati5myxx.sys]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\ati5uxxx.sys]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\ati5xaxx.sys]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\ati6avxx.sys]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\ati6roxx.sys]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\ati7htxx.sys]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\ati7tgxx.sys]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2009-12-11 14:57 948672 ----a-r- c:\archivos de programa\Archivos comunes\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-12-22 00:57 35760 ----a-w- c:\archivos de programa\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-10-11 03:17 149280 ----a-w- c:\archivos de programa\Java\jre6\bin\jusched.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\run-]
"CTFMON.EXE"=c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\run-]
"Adobe Reader Speed Launcher"="c:\archivos de programa\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"DLA"=c:\windows\System32\DLA\DLACTRLW.EXE
"HotKeysCmds"=c:\windows\system32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Archivos de programa\\Java\\jre6\\bin\\java.exe"=
"c:\\WINDOWS\\system32\\lmabcoms.exe"=
"c:\\Archivos de programa\\Lexmark\\ErrorApp\\LMab1err.EXE"=
"c:\\Archivos de programa\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Archivos de programa\\Windows Live\\Messenger\\msnmsgr.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [18/12/2009 14:51 685816]
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1105000.07F\ symds.sys [15/03/2010 10:10 328752]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1105000 .07F\symefa.sys [15/03/2010 10:10 172592]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Datos de programa\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\ 20100211.001\BHDrvx86.sys [11/02/2010 18:45 536112]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NIS\1105000.0 7F\cchpx86.sys [15/03/2010 10:10 501888]
R1 SASDIFSV;SASDIFSV;c:\archivos de programa\SUPERAntiSpyware\sasdifsv.sys [17/02/2010 10:25 12872]
R1 SASKUTIL;SASKUTIL;c:\archivos de programa\SUPERAntiSpyware\SASKUTIL.SYS [17/02/2010 10:15 66632]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1105000.07F \ironx86.sys [15/03/2010 10:10 116272]
R2 NIS;Norton Internet Security;c:\archivos de programa\Norton Internet Security\Engine\17.5.0.127\ccsvchst.exe [15/03/2010 10:10 126392]
R2 SCPDFReadSpool;SolidConverterPDFReadSpool;c:\windo ws\Installer\MSI9E.tmp [18/12/2009 10:31 189760]
R2 TVT Backup Protection Service;TVT Backup Protection Service;c:\archivos de programa\Lenovo\Rescue and Recovery\rrpservice.exe [11/07/2007 19:38 569344]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\archivo s de programa\Archivos comunes\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [15/03/2010 9:10 102448]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Datos de programa\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\2 0100312.001\IDSXpx86.sys [15/03/2010 9:10 329592]
R3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\drivers\tvti2c.sys [22/05/2007 14:59 30336]
S3 SASENUM;SASENUM;c:\archivos de programa\SUPERAntiSpyware\SASENUM.SYS [17/02/2010 10:15 12872]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Contents of the 'Scheduled Tasks' folder

2010-03-17 c:\windows\Tasks\AWC AutoSweep.job
- c:\archivos de programa\IObit\Advanced SystemCare 3\AutoSweep.exe [2009-12-02 13:11]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xportar a Microsoft Excel - c:\archiv~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: {4890E7A6-2B7E-4C5F-B831-FE52031562F0} = 80.58.61.250,80.58.61.254
.

************************************************** ************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-17 07:59
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0


************************************************** ************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: TUKERNEL.EXE CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys sptd.sys >>UNKNOWN [0x8A9AC8AC]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf763bf28
\Driver\ACPI -> ACPI.sys @ 0xf74abcb8
\Driver\atapi -> atapi.sys @ 0xf7833b40
IoDeviceObjectType ->\Device\Harddisk0\DR0 ->NDIS: Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller -> SendCompleteHandler -> NDIS.sys @ 0xba7e8bb0
PacketIndicateHandler -> NDIS.sys @ 0xba7f5a21
SendHandler -> NDIS.sys @ 0xba7d387b
user & kernel MBR OK

************************************************** ************************

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\N IS]
"ImagePath"="\"c:\archivos de programa\Norton Internet Security\Engine\17.5.0.127\ccSvcHst.exe\" /s \"NIS\" /m \"c:\archivos de programa\Norton Internet Security\Engine\17.5.0.127\diMaster.dll\" /prefetch:1"

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\S CPDFReadSpool]
"ImagePath"="c:\windows\Installer\MSI9E.tmp"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Internet Explorer\Desktop\Old WorkAreas]
@DACL=(02 0000)
@SACL=
"NoOfOldWorkAreas"=dword:00000001
"OldWorkAreaRects"=hex:00,00,00,00,00,00,00,00,20, 03,00,00,3a,02,00,00

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Internet Explorer\Desktop\SafeMode]
@DACL=(02 0000)
@SACL=

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Internet Explorer\Desktop\Scheme]
@DACL=(02 0000)
@SACL=
"Edit"=""
"Display"=""

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Internet Explorer\Document Windows]
@DACL=(02 0000)
@SACL=
"Maximized"="no"
"height"=hex:00,00,00,00
"width"=hex:00,00,00,80
"x"=hex:00,00,00,80
"y"=hex:00,00,00,00

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Internet Explorer\Download]
@DACL=(02 0000)
@SACL=
"CheckExeSignatures"="yes"

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Internet Explorer\Extensions]
@DACL=(02 0000)
@SACL=

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Internet Explorer\Help_Menu_URLs]
@DACL=(02 0000)
@SACL=

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Internet Explorer\International]
@DACL=(02 0000)
@SACL=
@=""
"CodePointToFontMap"=hex:22,00,00,00,54,00,69,00,6 d,00,65,00,73,00,20,00,4e,00,
65,00,77,00,20,00,52,00,6f,00,6d,00,61,00,6e,00,00 ,00,00,00,00,00,00,00,00,\
"AcceptLanguage"="es"

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Internet Explorer\International\CpMRU]
@DACL=(02 0000)
"Enable"=dword:00000001
"Size"=dword:0000000a
"InitHits"=dword:00000064
"Factor"=dword:00000014
"Cache"=hex:9f,4e,00,00,39,00,00,00,e2,04,00,00,09 ,00,00,00,bd,6f,00,00,07,00,
00,00,b0,6f,00,00,03,00,00,00,e8,04,00,00,02,00,00 ,00,2c,c4,00,00,01,00,00,\

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Internet Explorer\InternetRegistry]
@DACL=(02 0000)
@SACL=

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Internet Explorer\LowRegistry]
@DACL=(02 0000)
@SACL=

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Internet Explorer\LowRegistry\Extensions]
@DACL=(02 0000)

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Internet Explorer\New Windows]
@DACL=(02 0000)
@SACL=
"PopupMgr"=dword:00000001
"PlaySound"=dword:00000001
"UseSecBand"=dword:00000001

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Internet Explorer\New Windows\Allow]
@DACL=(02 0000)

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Internet Explorer\SearchScopes]
@DACL=(02 0000)
@SACL=
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
"Version"=dword:00000001

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Internet Explorer\SearchUrl]
@DACL=(02 0000)
@SACL=
@="http://g.msn.es/0SEESES/SAOS01?FORM=TOOLBR"

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Internet Explorer\Security]
@DACL=(02 0000)
@SACL=
"Sending_Security"="Medium"
"Viewing_Security"="Low"
"Safety Warning Level"="Query"

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Internet Explorer\Security\AntiPhishing]
@DACL=(02 0000)

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Internet Explorer\Services]
@DACL=(02 0000)
@SACL=
@=""

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Internet Explorer\Settings]
@DACL=(02 0000)
@SACL=
"Anchor Color Visited"="128,0,128"
"Anchor Color"="0,0,255"
"Background Color"="192,192,192"
"Text Color"="0,0,0"
"Use Anchor Hover Color"="No"

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Internet Explorer\Toolbar]
@DACL=(02 0000)
@SACL=
"LinksFolderName"="Vínculos"
"Locked"=dword:00000001
"SaveLinksOrder"=hex:01,00,00,00
"ShowDiscussionButton"="Yes"

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Internet Explorer\Toolbar\Explorer]
@DACL=(02 0000)
"ITBarLayout"=hex:11,00,00,00,4c,00,00,00,00,00,00 ,00,24,00,00,00,1b,00,00,00,
56,00,00,00,01,00,00,00,20,07,00,00,a0,0f,00,00,05 ,00,00,00,62,05,00,00,26,\

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
@DACL=(02 0000)
"{01E04581-4EEE-11D0-BFE9-00AA005B4383}"=hex:81,45,e0,01,ee,4e,d0,11,bf,e9,0 0,
aa,00,5b,43,83,10,00,00,00,00,00,00,00,01,e0,32,f4 ,01,00,00,00
"ITBarLayout"=hex:11,00,00,00,4c,00,00,00,00,00,00 ,00,24,00,00,00,1b,00,00,00,
56,00,00,00,01,00,00,00,20,07,00,00,a0,0f,00,00,05 ,00,00,00,62,05,00,00,26,\

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
@DACL=(02 0000)
"{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}"=hex:ad,1d,ad,bd,46,c9,17,4a,ad,c1,6 4,
b5,b4,ff,55,d0
"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"=hex:e3,ef,eb,7f,19,6b,49,43,98,d2,f f,
b0,9d,4b,49,ca,00,10,03,00,00
"ITBar7Layout"=hex:13,00,00,00,00,00,00,00,00,00,0 0,00,30,00,00,00,10,00,00,00,
00,00,00,00,01,00,00,00,00,07,00,00,5e,01,00,00,07 ,00,00,00,49,05,00,00,00,\

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Internet Explorer\URLSearchHooks]
@DACL=(02 0000)
@SACL=
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"=""

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\MediaPlayer\Preferences\Pr oxySettings]
@DACL=(02 0000)
@SACL=

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.docm\OpenWithProgids]
@DACL=(02 0000)
@SACL=
"Word.DocumentMacroEnabled.12"=hex(0):

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.docx\OpenWithProgids]
@DACL=(02 0000)
@SACL=
"Word.Document.12"=hex(0):

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.dotm\OpenWithProgids]
@DACL=(02 0000)
@SACL=
"Word.TemplateMacroEnabled.12"=hex(0):

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.dotx\OpenWithProgids]
@DACL=(02 0000)
@SACL=
"Word.Template.12"=hex(0):

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.potx\OpenWithProgids]
@DACL=(02 0000)
@SACL=
"PowerPoint.Template.12"=hex(0):

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.ppam\OpenWithProgids]
@DACL=(02 0000)
@SACL=
"PowerPoint.Addin.12"=hex(0):

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.ppsm\OpenWithProgids]
@DACL=(02 0000)
@SACL=
"PowerPoint.SlideShowMacroEnabled.12"=hex(0):

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.ppsx\OpenWithProgids]
@DACL=(02 0000)
@SACL=
"PowerPoint.SlideShow.12"=hex(0):

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.wri\OpenWithProgids]
@DACL=(02 0000)
@SACL=
"wrifile"=hex(0):

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.xlam\OpenWithProgids]
@DACL=(02 0000)
@SACL=
"Excel.AddInMacroEnabled"=hex(0):

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.xlsb\OpenWithProgids]
@DACL=(02 0000)
@SACL=
"Excel.SheetBinaryMacroEnabled.12"=hex(0):

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.xlsm\OpenWithProgids]
@DACL=(02 0000)
@SACL=
"Excel.SheetMacroEnabled.12"=hex(0):

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.xltm\OpenWithProgids]
@DACL=(02 0000)
@SACL=
"Excel.TemplateMacroEnabled"=hex(0):

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.xltx\OpenWithProgids]
@DACL=(02 0000)
@SACL=
"Excel.Template"=hex(0):

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Streams\0]
@DACL=(02 0000)
@SACL=
"ViewView2"=hex:1c,00,00,00,06,00,00,00,00,00,00,0 0,00,00,9c,00,00,00,00,00,01,
00,00,00,ff,ff,ff,ff,f0,f0,f0,f0,14,00,03,00,cc,01 ,00,00,00,00,00,00,30,00,\

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Streams\Desktop]
@DACL=(02 0000)
@SACL=
"Toolbars"=hex:11,00,00,00,00,00,00,00
"TaskbarWinXP"=hex:0c,00,00,00,08,00,00,00,04,00,0 0,00,00,00,00,00,b0,e2,2b,d8,
64,57,d0,11,a9,6e,00,c0,4f,d7,05,a2,22,00,1c,00,0a ,11,00,00,1a,00,00,00,01,\
"Upgrade"=dword:00000001

[HKEY_USERS\S-1-5-21-56246540-2635712016-4243656799-1008\Software\Microsoft\Windows\Shell\Bags\1]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Classes\DSP.DSP\CLSID]
@DACL=(02 0000)
@SACL=
@="{9C123EA9-AEC9-4f75-BBC0-7565FA1398966}"

[HKEY_LOCAL_MACHINE\software\Classes\DSP.DSP\CurVer]
@DACL=(02 0000)
@SACL=
@="DSP.DSP.1"

[HKEY_LOCAL_MACHINE\software\Classes\DSP.DSPDMOProp _Chorus.1\CLSID]
@DACL=(02 0000)
@SACL=
@="{6F63B172-5543-4593-91CE-EDBA65B9FACDB}"

[HKEY_LOCAL_MACHINE\software\InterVideo Inc.\InterVideo Register Manager]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Microsoft\Advanced INF Setup\IE UserData NT\RegBackup]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Microsoft\Advanced INF Setup\IE.HKCUZoneInfo\RegBackup]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Microsoft\Advanced INF Setup\IE40.UserAgent\RegBackup]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Microsoft\Advanced INF Setup\IEHomePageInfo\RegBackup]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\ 10.0]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\ Objects\Effects\Alchemy]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\ services]
@DACL=(02 0000)
@SACL=
"NoServices"=dword:00000000

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\ Settings]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\ UIPlugins\{BF8A714C-7486-498D-8541-A71710FAFAE5}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="res://wmccpl.dll/RT_STRING/#101"
"Description"="res://wmccpl.dll/RT_STRING/#102"
"Capabilities"=dword:00000002

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows Media Device Manager\KnownDeviceClasses]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows Media Device Manager\KnownDevices]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows Media Device Manager\Plugins\SCP\SCPTRANS]
@DACL=(02 0000)
@SACL=
"ProgID"="MsScp.SCPTRANS.1"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows Media Device Manager\Plugins\SP\WMDMCESP]
@DACL=(02 0000)
@SACL=
"ProgID"="WMDMCESP.WMDMCESP"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows Media Device Manager\Plugins\SP\WPDSp]
@DACL=(02 0000)
@SACL=
"PnPAware"=dword:00000001
"ProgID"="WPDSp.WPDServiceProvider"

[HKEY_LOCAL_MACHINE\software\MimarSinan\InstallAwar e]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Realtek Semiconductor Corp.\Realtek High Definition Audio Driver]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Sonic\MediaHub\Launche rs\{E64D5384-2CBC-4831-9853-DFCBF7593FEF}\LaunchWinDVDCreator]
@DACL=(02 0000)
@SACL=
"ShellExecute"=expand:"%PROGRAMFILES%\\intervideo\ \Wcreator3\\WCreator.exe"

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft]
@DACL=(02 0000)
@SACL=
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(980)
c:\archivos de programa\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\WININET.dll

- - - - - - - > 'explorer.exe'(1464)
c:\windows\system32\WININET.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\archivos de programa\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
c:\archivos de programa\Diskeeper Corporation\Diskeeper\DkService.exe
c:\windows\Microsoft.NET\Framework\v3.0\WPF\Presen tationFontCache.exe
c:\archivos de programa\Archivos comunes\InstallShield\Driver\1050\Intel 32\IDriverT.exe
c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
c:\archivos de programa\Archivos comunes\InterVideo\RegMgr\iviRegMgr.exe
c:\archivos de programa\Java\jre6\bin\jqs.exe
c:\windows\system32\LMabcoms.exe
c:\archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\archivos de programa\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
c:\archivos de programa\Archivos comunes\Microsoft Shared\Source Engine\OSE.EXE
c:\windows\system32\HPZipm12.exe
c:\archivos de programa\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\archivos de programa\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\archivos de programa\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\archivos de programa\Archivos comunes\Lenovo\tvt_reg_monitor_svc.exe
c:\archivos de programa\Lenovo\Rescue and Recovery\rrservice.exe
c:\archivos de programa\Archivos comunes\Lenovo\Scheduler\tvtsched.exe
c:\archivos de programa\Lenovo\Rescue and Recovery\ADM\IUService.exe
c:\archivos de programa\lenovo\system update\suservice.exe
c:\archivos de programa\Archivos comunes\Lenovo\Logger\logmon.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\igfxsrvc.exe
c:\archivos de programa\Diskeeper Corporation\Diskeeper\DkIcon.exe
.
************************************************** ************************
.
Completion time: 2010-03-17 08:02:24 - machine was rebooted
ComboFix-quarantined-files.txt 2010-03-17 07:02
ComboFix2.txt 2010-03-16 08:27

Pre-Run: 294.886.477.824 bytes libres
Post-Run: 294.871.244.800 bytes libres

Current=3 Default=3 Failed=2 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - F34619B834276954EF6D6495BAE5E497


DAR EL TEMA POR CERRADO, NO LO PUDE SOLUCIONAR PERO AL FINAL HE FORMATEADO
Última edición por Symbel fecha: 18/03/10 a las 09:29:31.
Responder Con Cita
Respuesta

« Tema Anterior | Próximo Tema »
Herramientas

Reglas del foro
No puedes crear nuevos temas
No puedes responder temas
No puedes subir adjuntos
No puedes editar tus mensajes
BB code is activado
Las caritas están activado
Código [IMG] está activado
Código HTML está desactivado
Trackbacks are desactivado
Pingbacks are activado
Refbacks are activado

Temas Similares
Tema Autor Foro Respuestas Último mensaje
Problema Microsoft Visual c ++ Runtime (Cerrado) mariapassion Foro Oficial de HijackThis en español 1 05/03/10 09:22:21
MALWARE(Solucionado) simeone Temas Solucionados 3 23/11/09 08:44:46
Algo pasa...dr web 7.30 horas (Solucionado) simeone Temas Solucionados 15 23/11/09 08:37:21
Cada vez mas lenta Guanijei Ayuda General 5 01/02/09 18:25:45
Ayuda con Troyan Hourse PSW.Generic2.NCV Facunsion Foro de Virus y Spywares 4 26/02/08 19:23:04




Todas las horas son GMT -4. La hora es 21:29:32.

Sobre Nosotros - Contáctanos - Privacidad - Staff - Archivo - Blog  

Powered by: InfoSpyware, Versión 3.8.4
Copyright © 2005 - 2010,, ForoSpyware.com
© Copyright 2004 - 2010 InfoSpyware ® Todos los derechos reservados.
InfoSpyware es miembro de ASAP - Alliance of Security Analysis Professionals

 

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31