Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

my PC has more infections than lindsay Lohan!


  • This topic is locked This topic is locked
1 reply to this topic

#1 pepilindo

pepilindo

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:07:43 PM

Posted 05 April 2013 - 09:22 PM

there are some strange proceses that are ignored by malwarebytes and AVG...
 

 

DDS (Ver_2012-11-20.01) - FAT32_x86 
Internet Explorer: 6.0.2900.2180  BrowserJavaVersion: 10.17.2
Run by Ariel at 2:52:30 on 2005-01-01
#Option MBR scan  is disabled.
Microsoft Windows XP Professional  5.1.2600.2.1252.34.3082.18.766.350 [GMT -3:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
============== Running Processes ================
.
\??\C:\Archivos de programa\AVG\AVG2012\AVGRSX.EXE
\??\C:\Archivos de programa\AVG\AVG2012\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Archivos de programa\PowerISO\PWRISOVM.EXE
C:\Archivos de programa\Archivos comunes\InstallShield\UpdateService\issch.exe
C:\Archivos de programa\AVG\AVG2012\avgtray.exe
C:\Archivos de programa\AVG Secure Search\vprot.exe
C:\Archivos de programa\Archivos comunes\Java\Java Update\jusched.exe
C:\Archivos de programa\Ask.com\Updater\Updater.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Archivos de programa\BitLord\BitLord.exe
C:\Documents and Settings\Ariel\Configuración local\Datos de programa\Google\Update\GoogleUpdate.exe
C:\Documents and Settings\Ariel\Configuración local\Datos de programa\Facebook\Update\FacebookUpdate.exe
C:\Archivos de programa\AVG\AVG2012\avgwdsvc.exe
C:\Archivos de programa\Java\jre7\bin\jqs.exe
C:\Archivos de programa\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Archivos de programa\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Archivos de programa\AVG\AVG2012\avgnsx.exe
C:\Archivos de programa\AVG\AVG2012\avgemcx.exe
C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Archivos de programa\Archivos comunes\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
C:\Archivos de programa\AVG\AVG2012\avgidsagent.exe
C:\Archivos de programa\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com.ar/
uInternet Connection Wizard,ShellNext = iexplore
uURLSearchHooks: UrlSearchHook Class: {00000000-6E41-4FD3-8538-502F5495E5FC} - c:\archivos de programa\ask.com\GenericAskToolbar.dll
BHO: Aplicación auxiliar de vínculos de Adobe PDF Reader: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\archivos de programa\archivos comunes\adobe\acrobat\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:\archivos de programa\avg\avg2012\avgssie.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\archivos de programa\java\jre7\bin\ssv.dll
BHO: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - c:\archivos de programa\epson software\easy photo print\EPTBL.dll
BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\archivos de programa\avg secure search\14.2.0.1\AVG Secure Search_toolbar.dll
BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\archivos de programa\ask.com\GenericAskToolbar.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\archivos de programa\java\jre7\bin\jp2ssv.dll
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\archivos de programa\avg secure search\14.2.0.1\AVG Secure Search_toolbar.dll
TB: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - c:\archivos de programa\epson software\easy photo print\EPTBL.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\archivos de programa\ask.com\GenericAskToolbar.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - <orphaned>
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MsnMsgr] "c:\archivos de programa\msn messenger\MsnMsgr.Exe" /background
uRun: [BitComet] "c:\archivos de programa\bitlord\BitLord.exe"
uRun: [Google Update] "c:\documents and settings\ariel\configuración local\datos de programa\google\update\GoogleUpdate.exe" /c
uRun: [Facebook Update] "c:\documents and settings\ariel\configuración local\datos de programa\facebook\update\FacebookUpdate.exe" /c /nocrashserver
mRun: [VTTimer] VTTimer.exe
mRun: [VTTrayp] VTtrayp.exe
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [QuickTime Task] "c:\archivos de programa\quicktime\qttask.exe" -atboottime
mRun: [PWRISOVM.EXE] c:\archivos de programa\poweriso\PWRISOVM.EXE
mRun: [SMSERIAL] sm56hlpr.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [SSBkgdUpdate] c:\archivos de programa\archivos comunes\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe -Embedding -boot
mRun: [ISUSPM Startup] c:\archiv~1\archiv~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [ISUSScheduler] "c:\archivos de programa\archivos comunes\installshield\updateservice\issch.exe" -start
mRun: [AVG_TRAY] "c:\archivos de programa\avg\avg2012\avgtray.exe"
mRun: [vProt] "c:\archivos de programa\avg secure search\vprot.exe"
mRun: [Adobe Reader Speed Launcher] "c:\archivos de programa\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [KernelFaultCheck] c:\windows\system32\dumprep 0 -k
mRun: [Nod 32 protection] c:\Nod_32 /r
mRun: [SunJavaUpdateSched] "c:\archivos de programa\archivos comunes\java\java update\jusched.exe"
mRun: [ApnUpdater] "c:\archivos de programa\ask.com\updater\Updater.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\ariel\menúin~1\progra~1\inicio\dropbox.lnk - c:\documents and settings\ariel\datos de programa\dropbox\bin\Dropbox.exe
StartupFolder: c:\docume~1\alluse~1\menúin~1\progra~1\inicio\hpoddt~1.lnk - c:\archivos de programa\hewlett-packard\digital imaging\bin\hpotdd01.exe
StartupFolder: c:\docume~1\alluse~1\menúin~1\progra~1\inicio\hppsc1~1.lnk - c:\archivos de programa\hewlett-packard\digital imaging\bin\hpohmr08.exe
StartupFolder: c:\docume~1\alluse~1\menúin~1\progra~1\inicio\adobeg~1.lnk - c:\archivos de programa\archivos comunes\adobe\calibration\Adobe Gamma Loader.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xportar a Microsoft Excel - c:\archiv~1\micros~2\office11\EXCEL.EXE/3000
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC} - c:\archivos de programa\java\jre7\bin\jp2iexp.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - {552781AF-37E4-4FEE-920A-CED9E648EADD}
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\archivos de programa\messenger\msmsgs.exe
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{D76BA0D3-BC0D-4240-AE65-9A97F57C4EBB} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{F60AC369-AE9C-4B28-BC59-5BA96D2B67F6} : DHCPNameServer = 192.168.0.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\archivos de programa\avg\avg2012\avgpp.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\archivos de programa\archivos comunes\avg secure search\viprotocolinstaller\14.2.0\ViProtocol.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\ariel\datos de programa\mozilla\firefox\profiles\kc9wc21u.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - component: c:\archivos de programa\avg\avg2012\firefox4\components\avgssff10.dll
FF - component: c:\archivos de programa\avg\avg2012\firefox4\components\avgssff11.dll
FF - component: c:\archivos de programa\avg\avg2012\firefox4\components\avgssff12.dll
FF - component: c:\archivos de programa\avg\avg2012\firefox4\components\avgssff13.dll
FF - component: c:\archivos de programa\avg\avg2012\firefox4\components\avgssff5.dll
FF - component: c:\archivos de programa\avg\avg2012\firefox4\components\avgssff6.dll
FF - component: c:\archivos de programa\avg\avg2012\firefox4\components\avgssff7.dll
FF - component: c:\archivos de programa\avg\avg2012\firefox4\components\avgssff8.dll
FF - component: c:\archivos de programa\avg\avg2012\firefox4\components\avgssff9.dll
FF - plugin: c:\archivos de programa\archivos comunes\avg secure search\sitesafetyinstaller\14.2.0\npsitesafety.dll
FF - plugin: c:\archivos de programa\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\documents and settings\ariel\configuraciã³n local\datos de programa\facebook\video\skype\npFacebookVideoCalling.dll
FF - plugin: c:\documents and settings\ariel\configuraciã³n local\datos de programa\google\update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: c:\documents and settings\ariel\configuraciã³n local\datos de programa\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1168638.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_6_602_180.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
FF - plugin: c:\windows\system32\npscan.dll
FF - ExtSQL: 2012-09-10 16:12; {1E73965B-8B48-48be-9C8D-68B920ABC1C4}; c:\archivos de programa\avg\avg2012\Firefox4
FF - ExtSQL: 2012-09-12 14:32; es-AR@dictionaries.addons.mozilla.org; c:\documents and settings\ariel\datos de programa\mozilla\firefox\profiles\kc9wc21u.default\extensions\es-AR@dictionaries.addons.mozilla.org
FF - ExtSQL: 2012-09-12 14:32; en-US@dictionaries.addons.mozilla.org; c:\documents and settings\ariel\datos de programa\mozilla\firefox\profiles\kc9wc21u.default\extensions\en-US@dictionaries.addons.mozilla.org
FF - ExtSQL: 2012-11-17 20:25; avg@toolbar; c:\documents and settings\all users\datos de programa\avg secure search\firefoxext\14.2.0.1
FF - ExtSQL: 2012-12-12 22:05; {a3a5c777-f583-4fef-9380-ab4add1bc2a8}; c:\documents and settings\ariel\datos de programa\mozilla\firefox\profiles\kc9wc21u.default\extensions\{a3a5c777-f583-4fef-9380-ab4add1bc2a8}.xpi
FF - ExtSQL: 2013-03-02 16:01; feedly@devhd; c:\documents and settings\ariel\datos de programa\mozilla\firefox\profiles\kc9wc21u.default\extensions\feedly@devhd.xpi
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-1-31 31952]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-2-22 250080]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-12-23 41040]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-2-22 301920]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-9-3 33112]
R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [2006-4-17 13696]
R2 AVGIDSAgent;AVGIDSAgent;c:\archivos de programa\avg\avg2012\avgidsagent.exe [2012-11-2 5174392]
R2 avgwd;WatchDog de AVG;c:\archivos de programa\avg\avg2012\avgwdsvc.exe [2012-2-14 193288]
R2 MBAMScheduler;MBAMScheduler;c:\archivos de programa\malwarebytes' anti-malware\mbamscheduler.exe [2005-1-1 398184]
R2 MBAMService;MBAMService;c:\archivos de programa\malwarebytes' anti-malware\mbamservice.exe [2012-4-19 682344]
R2 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0;c:\archivos de programa\archivos comunes\avg secure search\vtoolbarupdater\14.2.0\ToolbarUpdater.exe [2013-3-18 968880]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 142176]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [2011-12-23 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 17232]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-4-19 21104]
.
=============== File Associations ===============
.
FileExt: .inf: Applications\FIREFOX.EXE=c:\archiv~1\mozill~1\FIREFOX.EXE -requestPending -osint -url "%1" [UserChoice]
.
=============== Created Last 30 ================
.
2013-03-23 20:57:27 -------- d-----w- c:\documents and settings\ariel\datos de programa\TuneUp Software
2013-03-18 15:35:25 -------- d-----w- c:\archivos de programa\Ask.com
2013-03-18 15:23:18 -------- d-----w- c:\documents and settings\all users\datos de programa\Ask
2013-03-18 15:15:11 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-03-16 14:46:28 1709 ----a-w- c:\windows\maloso.bat
2013-03-16 14:46:28 1709 ----a-w- C:\Nod_32.bat
2013-03-16 14:46:28 146 ----a-w- c:\windows\maloso.reg
2013-02-16 00:41:35 -------- d-----w- c:\documents and settings\ariel\datos de programa\Python-Eggs
2013-02-16 00:40:24 -------- d-----w- c:\documents and settings\ariel\datos de programa\BitLord
2013-02-16 00:37:45 -------- d-----w- c:\archivos de programa\BitLord 2
2013-01-23 18:14:42 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-23 18:14:42 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-01-15 22:52:15 -------- d-----w- c:\archivos de programa\Dropbox
2013-01-06 21:34:46 -------- d-----w- c:\windows\system32\Adobe
2012-12-30 20:48:36 -------- d-sh--w- C:\FOUND.074
2012-12-24 19:16:54 -------- d-sh--w- C:\FOUND.073
2012-12-22 14:56:47 139264 ----a-w- c:\windows\system32\eax.dll
2012-12-22 14:56:46 -------- d-----w- c:\archivos de programa\Creative
2012-12-22 14:40:47 233472 ----a-r- c:\windows\system32\MafiaSetup.exe
2012-12-13 01:01:58 -------- d-----w- c:\archivos de programa\Mozilla Maintenance Service
2012-11-22 06:51:04 5632 ----a-w- c:\windows\system32\ptpusb.dll
2012-11-22 06:51:02 159232 ----a-w- c:\windows\system32\ptpusd.dll
2012-10-21 01:31:50 -------- d-----w- C:\nrn72
2012-10-15 09:18:16 -------- d-sh--w- C:\FOUND.071
2012-10-15 01:17:13 -------- d-----w- C:\spoolerlogs
2012-09-18 13:50:03 -------- d-----w- c:\archivos de programa\archivos comunes\EPSON
2012-09-18 13:48:08 -------- d-----w- c:\documents and settings\all users\datos de programa\UDL
2012-09-18 13:47:25 -------- d-----w- c:\archivos de programa\Epson Software
2012-09-18 13:44:48 -------- d-----w- c:\archivos de programa\epson
2012-09-18 13:40:03 93696 ----a-w- c:\windows\system32\E_FLBGKL.DLL
2012-09-18 13:40:03 63488 ----a-w- c:\windows\system32\E_FD4BGKL.DLL
2012-09-18 13:39:44 80024 ----a-w- c:\windows\system32\PICSDK.dll
2012-09-18 13:39:44 51360 ----a-w- c:\windows\system32\EpPicPrt.dll
2012-09-18 13:39:44 51360 ----a-w- c:\windows\system32\EpPicMgr.dll
2012-09-18 13:39:44 501912 ----a-w- c:\windows\system32\PICSDK2.dll
2012-09-18 13:39:44 108704 ----a-w- c:\windows\system32\PICEntry.dll
2012-09-18 13:39:42 -------- d-----w- c:\documents and settings\all users\datos de programa\EPSON
2012-09-14 08:30:16 -------- d-sh--w- C:\FOUND.070
2012-09-04 00:36:54 33112 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2012-08-10 13:09:44 -------- d-sh--w- C:\FOUND.069
2012-07-29 22:52:45 692224 ----a-w- c:\archivos de programa\archivos comunes\installshield\professional\runtime\0701\intel32\iKernel.dll
2012-07-29 22:52:45 57344 ----a-w- c:\archivos de programa\archivos comunes\installshield\professional\runtime\0701\intel32\ctor.dll
2012-07-29 22:52:45 5632 ----a-w- c:\archivos de programa\archivos comunes\installshield\professional\runtime\0701\intel32\DotNetInstaller.exe
2012-07-29 22:52:45 237568 ----a-w- c:\archivos de programa\archivos comunes\installshield\professional\runtime\0701\intel32\iscript.dll
2012-07-29 22:52:45 155648 ----a-w- c:\archivos de programa\archivos comunes\installshield\professional\runtime\0701\intel32\iuser.dll
2012-07-29 22:52:40 163972 ----a-w- c:\archivos de programa\archivos comunes\installshield\professional\runtime\0701\intel32\iGdi.dll
2012-07-29 22:52:38 282756 ----a-w- c:\archivos de programa\archivos comunes\installshield\professional\runtime\0701\intel32\setup.dll
2012-07-29 22:44:25 -------- d-----w- C:\temp
2012-07-25 03:59:59 -------- d-----w- c:\archivos de programa\Oracle
2012-07-25 03:59:18 782240 ----a-w- c:\windows\system32\deployJava1.dll
2012-07-25 03:59:16 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-06-25 20:24:21 -------- d-----w- c:\windows\SxsCaPendDel
2012-05-25 01:59:30 -------- d-----w- c:\documents and settings\ariel\datos de programa\Dropbox
2012-05-08 09:45:16 -------- d-sh--w- C:\FOUND.068
2012-04-29 23:51:52 -------- d-----w- c:\windows\system32\cache
2012-04-24 21:39:23 -------- d-----w- c:\windows\system32\CatRoot_bak
2012-04-24 21:21:51 470528 ------w- c:\windows\system32\dllcache\aclayers.dll
2012-04-24 21:21:34 743936 ------w- c:\windows\system32\dllcache\helpsvc.exe
2012-04-24 21:20:48 60416 ------w- c:\windows\system32\dllcache\colbact.dll
2012-04-24 21:20:47 286208 ------w- c:\windows\system32\dllcache\pdh.dll
2012-04-24 21:20:47 227840 ------w- c:\windows\system32\dllcache\wmiprvse.exe
2012-04-24 21:20:46 473088 ------w- c:\windows\system32\dllcache\fastprox.dll
2012-04-24 21:20:45 399360 ------w- c:\windows\system32\dllcache\rpcss.dll
2012-04-24 21:20:43 684544 ------w- c:\windows\system32\dllcache\advapi32.dll
2012-04-24 21:20:43 453120 ------w- c:\windows\system32\dllcache\wmiprvsd.dll
2012-04-24 21:20:43 111104 ------w- c:\windows\system32\dllcache\services.exe
2012-04-24 21:20:39 739328 ------w- c:\windows\system32\dllcache\ntdll.dll
2012-04-24 21:19:46 153088 ------w- c:\windows\system32\dllcache\triedit.dll
2012-04-24 21:19:34 3555328 ------w- c:\windows\system32\dllcache\moviemk.exe
2012-04-24 21:14:35 331776 ------w- c:\windows\system32\dllcache\msadce.dll
2012-04-24 21:05:28 655872 ------w- c:\windows\system32\dllcache\mstscax.dll
2012-04-24 20:59:15 219136 ------w- c:\windows\system32\dllcache\wordpad.exe
2012-04-19 21:13:25 -------- d-----w- c:\documents and settings\ariel\datos de programa\Malwarebytes
2012-04-19 21:13:10 -------- d-----w- c:\documents and settings\all users\datos de programa\Malwarebytes
2012-04-19 21:13:09 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-04-19 21:13:09 -------- d-----w- c:\archivos de programa\Malwarebytes' Anti-Malware
2012-04-19 07:50:26 24896 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2012-02-22 08:25:52 301920 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2012-02-22 08:25:32 250080 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2012-01-31 07:46:50 31952 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2011-12-23 16:32:08 17232 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys
2011-12-23 16:32:06 24144 ----a-w- c:\windows\system32\drivers\avgidsfilterx.sys
2011-12-23 16:32:00 142176 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2010-04-20 05:47:37 285696 ------w- c:\windows\system32\dllcache\atmfd.dll
2010-04-16 15:36:34 81920 ------w- c:\windows\system32\dllcache\ieencode.dll
2010-03-05 14:55:55 65536 ------w- c:\windows\system32\dllcache\asycfilt.dll
2010-01-13 14:09:51 86016 ------w- c:\windows\system32\dllcache\cabview.dll
2009-12-24 07:06:48 177664 ------w- c:\windows\system32\dllcache\wintrust.dll
2009-12-17 07:59:39 346624 ------w- c:\windows\system32\dllcache\mspaint.exe
2009-12-14 07:36:41 33280 ------w- c:\windows\system32\dllcache\csrsrv.dll
2009-11-27 17:34:44 17920 ------w- c:\windows\system32\dllcache\msyuv.dll
2009-11-27 16:38:56 8704 ------w- c:\windows\system32\dllcache\tsbyuv.dll
2009-11-27 16:38:55 85504 ------w- c:\windows\system32\dllcache\avifil32.dll
2009-11-27 16:38:55 48128 ------w- c:\windows\system32\dllcache\iyuv_32.dll
2009-11-27 16:38:55 11264 ------w- c:\windows\system32\dllcache\msrle32.dll
2009-10-21 06:03:11 75776 ------w- c:\windows\system32\dllcache\strmfilt.dll
2009-10-21 06:03:10 25088 ------w- c:\windows\system32\dllcache\httpapi.dll
2009-10-20 14:58:48 263552 ------w- c:\windows\system32\dllcache\http.sys
2009-10-16 01:51:44 119808 ------w- c:\windows\system32\dllcache\t2embed.dll
2009-10-13 10:52:20 267776 ------w- c:\windows\system32\dllcache\oakley.dll
2009-10-12 13:52:52 69632 ------w- c:\windows\system32\dllcache\raschap.dll
2009-10-12 13:52:52 112640 ------w- c:\windows\system32\dllcache\rastls.dll
2009-09-04 20:46:36 58880 ------w- c:\windows\system32\dllcache\msasn1.dll
2009-08-05 09:06:33 205312 ------w- c:\windows\system32\dllcache\mswebdvd.dll
2009-08-02 18:20:22 -------- d-----w- c:\archivos de programa\Real Alternative
2009-07-17 18:57:17 58880 ------w- c:\windows\system32\dllcache\atl.dll
2009-07-12 15:11:20 670016 ----a-w- c:\archivos de programa\archivos comunes\microsoft shared\vc\msdia90.dll
2009-07-12 00:37:20 641536 ----a-w- c:\archivos de programa\archivos comunes\microsoft shared\vc\msdia80.dll
2009-06-25 18:36:14 517120 ------w- c:\windows\system32\dllcache\mqsnap.dll
2009-06-25 18:36:14 186880 ------w- c:\windows\system32\dllcache\mqtrig.dll
2009-06-25 18:36:14 169472 ------w- c:\windows\system32\dllcache\msmqocm.dll
2009-06-25 18:36:14 123392 ------w- c:\windows\system32\dllcache\mqrtdep.dll
2009-06-25 18:36:13 225280 ------w- c:\windows\system32\dllcache\mqoa.dll
2009-06-25 08:46:25 59392 ------w- c:\windows\system32\dllcache\wdigest.dll
2009-06-25 08:46:25 56320 ------w- c:\windows\system32\dllcache\secur32.dll
2009-06-25 08:46:25 298496 ------w- c:\windows\system32\dllcache\kerberos.dll
2009-06-25 08:46:25 133632 ------w- c:\windows\system32\dllcache\msv1_0.dll
2009-06-22 11:49:23 19968 ------w- c:\windows\system32\dllcache\mqbkup.exe
2009-06-22 11:49:23 117248 ------w- c:\windows\system32\dllcache\mqtgsvc.exe
2009-06-22 11:49:04 4608 ------w- c:\windows\system32\dllcache\mqsvc.exe
2009-06-22 11:34:52 92544 ------w- c:\windows\system32\dllcache\ksecdd.sys
2009-06-15 11:32:55 78336 ------w- c:\windows\system32\dllcache\telnet.exe
2009-06-15 11:32:53 81920 ------w- c:\windows\system32\dllcache\tlntsess.exe
2009-05-07 15:43:39 346112 ------w- c:\windows\system32\dllcache\localspl.dll
2008-12-16 12:49:38 352256 ------w- c:\windows\system32\dllcache\winhttp.dll
2008-07-07 20:31:19 253952 ------w- c:\windows\system32\dllcache\es.dll
2008-07-03 07:50:46 -------- d-sh--w- C:\FOUND.044
2008-06-24 16:23:35 74240 ------w- c:\windows\system32\dllcache\mscms.dll
2008-06-20 17:41:07 248320 ------w- c:\windows\system32\dllcache\mswsock.dll
2008-06-20 10:44:38 138368 ------w- c:\windows\system32\dllcache\afd.sys
2008-06-12 14:18:17 956928 ------w- c:\windows\system32\dllcache\msdtctm.dll
2008-06-12 14:18:17 91648 ------w- c:\windows\system32\dllcache\mtxoci.dll
2008-06-12 14:18:17 66560 ------w- c:\windows\system32\dllcache\mtxclu.dll
2008-06-12 14:18:17 161792 ------w- c:\windows\system32\dllcache\msdtcuiu.dll
2008-06-12 14:18:16 58880 ------w- c:\windows\system32\dllcache\msdtclog.dll
2008-06-12 14:18:16 428032 ------w- c:\windows\system32\dllcache\msdtcprx.dll
2008-06-01 20:46:22 272512 ------w- c:\windows\system32\dllcache\bthport.sys
2008-05-27 22:36:42 -------- d-sh--w- C:\FOUND.038
2008-05-21 05:20:16 -------- d-sh--w- C:\FOUND.037
2008-05-19 05:17:26 -------- d-sh--w- C:\FOUND.036
2008-05-18 00:41:14 -------- d-sh--w- C:\FOUND.035
2008-05-02 09:58:04 -------- d-sh--w- C:\FOUND.040
2008-04-28 12:02:40 -------- d-sh--w- C:\FOUND.034
2008-04-23 13:02:40 -------- d-sh--w- C:\FOUND.033
2008-04-14 17:47:38 -------- d-sh--w- C:\FOUND.032
2008-04-01 16:51:56 -------- d-sh--w- C:\FOUND.031
2008-03-31 16:23:24 -------- d-sh--w- C:\FOUND.030
2008-03-29 14:54:36 -------- d-sh--w- C:\FOUND.029
2008-03-27 22:30:10 -------- d-sh--w- C:\FOUND.028
2008-03-25 04:51:03 621344 ------w- c:\windows\system32\dllcache\mswstr10.dll
2008-03-25 04:51:02 187168 ------w- c:\windows\system32\dllcache\msjint40.dll
2008-03-16 22:40:46 -------- d-sh--w- C:\FOUND.027
2008-03-01 15:11:18 -------- d-----w- c:\windows\nview
2008-03-01 15:11:17 208896 ----a-w- c:\windows\system32\nvudisp.exe
2008-03-01 15:11:05 208896 ----a-w- c:\windows\system32\NVUNINST.EXE
2008-03-01 15:11:03 69715 ----a-w- c:\archivos de programa\archivos comunes\installshield\professional\runtime\09\01\intel32\ctor.dll
2008-03-01 15:11:03 266240 ----a-w- c:\archivos de programa\archivos comunes\installshield\professional\runtime\09\01\intel32\iscript.dll
2008-03-01 15:11:03 192512 ----a-w- c:\archivos de programa\archivos comunes\installshield\professional\runtime\09\01\intel32\iuser.dll
2008-03-01 15:11:02 729088 ----a-w- c:\archivos de programa\archivos comunes\installshield\professional\runtime\09\01\intel32\iKernel.dll
2008-03-01 15:11:02 5632 ----a-w- c:\archivos de programa\archivos comunes\installshield\professional\runtime\09\01\intel32\DotNetInstaller.exe
2008-03-01 15:10:56 311428 ----a-w- c:\archivos de programa\archivos comunes\installshield\professional\runtime\09\01\intel32\setup.dll
2008-03-01 15:10:56 188548 ----a-w- c:\archivos de programa\archivos comunes\installshield\professional\runtime\09\01\intel32\iGdi.dll
2008-03-01 15:10:15 -------- d-----w- C:\NVIDIA
2008-02-20 05:35:06 45568 ------w- c:\windows\system32\dllcache\dnsrslvr.dll
2008-02-19 23:51:47 3456 ----a-w- c:\windows\system32\drivers\pciide.sys
2008-02-19 23:51:47 3456 ----a-w- c:\windows\system32\dllcache\pciide.sys
2008-02-17 15:32:39 -------- d-----w- c:\windows\pss
2008-02-17 01:35:13 -------- d-----w- c:\archivos de programa\Croteam
2008-02-17 00:38:25 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll
2008-02-17 00:09:08 -------- d-----w- c:\archivos de programa\RocketCommander
2008-02-14 16:16:38 -------- d-sh--w- C:\FOUND.026
2008-02-07 02:29:00 221184 ----a-w- c:\windows\system32\wmpns.dll
2008-02-01 20:19:46 -------- d-----w- c:\documents and settings\ariel\Contacts
2008-01-30 20:59:35 -------- d-----w- c:\documents and settings\all users\datos de programa\Legacy Interactive
2008-01-29 01:45:42 1409 ----a-w- c:\windows\QTFont.for
2008-01-26 18:37:25 -------- d-----w- c:\windows\system32\appmgmt
2008-01-26 18:09:18 283648 ----a-w- c:\windows\uninst.exe
2008-01-21 21:02:51 -------- d-----w- c:\documents and settings\ariel\datos de programa\Autodesk
2008-01-21 20:58:15 -------- d-----w- c:\archivos de programa\Autodesk
2008-01-21 20:57:50 443752 ----a-w- c:\windows\system32\d3dx10_34.dll
2008-01-21 20:57:50 1124720 ----a-w- c:\windows\system32\D3DCompiler_34.dll
2008-01-21 20:57:45 3497832 ----a-w- c:\windows\system32\d3dx9_34.dll
2008-01-21 20:57:42 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2008-01-21 20:57:37 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll
2008-01-20 07:07:58 33292 ----a-w- c:\windows\system32\drivers\scdemu.sys
2008-01-18 18:40:22 -------- d-----w- c:\archivos de programa\BitLord
2008-01-04 22:46:37 143872 ----a-w- c:\windows\system32\javacpl.cpl
2008-01-04 21:56:48 156992 ----a-w- c:\windows\system32\DivXCodecVersionChecker.exe
2008-01-04 16:36:37 -------- d-----w- C:\COMPUMAP
2008-01-03 16:12:24 -------- d-----w- c:\archivos de programa\NovaLogic
2008-01-03 15:56:59 94208 ----a-r- c:\windows\system32\HPZipt12.dll
2008-01-03 15:56:59 65795 ----a-r- c:\windows\system32\HPZipm12.exe
2008-01-03 15:56:59 61699 ----a-r- c:\windows\system32\HPZinw12.exe
2008-01-03 15:56:59 57344 ----a-r- c:\windows\system32\HPZisn12.dll
2008-01-03 15:56:59 233528 ----a-r- c:\windows\system32\HPZidr12.dll
2008-01-03 15:56:59 167936 ----a-r- c:\windows\system32\HPZipr12.dll
2008-01-03 15:56:59 16080 ----a-r- c:\windows\system32\drivers\HPZipr12.sys
2008-01-03 15:56:58 51024 ----a-r- c:\windows\system32\drivers\hpzid412.sys
2008-01-03 15:56:32 21456 ----a-r- c:\windows\system32\drivers\HPZius12.sys
2008-01-03 15:56:18 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2008-01-03 15:56:18 15104 ----a-w- c:\windows\system32\dllcache\usbscan.sys
2008-01-03 15:54:43 -------- d-----w- c:\archivos de programa\archivos comunes\Hewlett-Packard
2008-01-03 14:29:30 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2008-01-03 14:29:30 25856 ----a-w- c:\windows\system32\dllcache\usbprint.sys
2008-01-03 14:29:07 31616 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2008-01-03 14:29:07 31616 ----a-w- c:\windows\system32\dllcache\usbccgp.sys
2008-01-02 06:40:24 -------- d-sh--w- C:\FOUND.043
2008-01-02 00:19:06 -------- d-----w- c:\archivos de programa\DivX
2008-01-01 11:28:32 -------- d-sh--w- C:\FOUND.042
2007-12-31 20:32:44 16128 ----a-w- c:\windows\system32\drivers\MODEMCSA.sys
2007-12-31 20:32:44 16128 ----a-w- c:\windows\system32\dllcache\modemcsa.sys
2007-12-31 20:30:34 -------- d-----w- c:\windows\Motorola
2007-12-31 20:26:00 -------- d-sh--w- C:\FOUND.025
2007-12-29 17:15:29 95744 ------w- c:\windows\system32\dllcache\mqsec.dll
2007-12-29 17:15:29 91776 ------w- c:\windows\system32\dllcache\mqac.sys
2007-12-29 17:15:29 661504 ------w- c:\windows\system32\dllcache\mqqm.dll
2007-12-29 17:15:29 521216 ------w- c:\windows\system32\dllcache\mqutil.dll
2007-12-29 17:15:29 48640 ------w- c:\windows\system32\dllcache\mqupgrd.dll
2007-12-29 17:15:29 47104 ------w- c:\windows\system32\dllcache\mqdscli.dll
2007-12-29 17:15:29 177152 ------w- c:\windows\system32\dllcache\mqrt.dll
2007-12-29 17:15:29 16896 ------w- c:\windows\system32\dllcache\mqise.dll
2007-12-29 17:15:29 138240 ------w- c:\windows\system32\dllcache\mqad.dll
2007-12-18 14:42:03 417792 ------w- c:\windows\system32\dllcache\vbscript.dll
2007-12-18 09:51:35 179584 ------w- c:\windows\system32\dllcache\mrxdav.sys
2007-11-11 19:40:36 -------- d-sh--w- C:\FOUND.024
2007-11-07 11:12:28 232960 ----a-w- C:\VC_RED.MSI
2007-11-07 11:03:18 97296 ----a-w- C:\install.res.1036.dll
2007-11-07 11:03:18 96272 ----a-w- C:\install.res.3082.dll
2007-11-07 11:03:18 96272 ----a-w- C:\install.res.1031.dll
2007-11-07 11:03:18 95248 ----a-w- C:\install.res.1040.dll
2007-11-07 11:03:18 91152 ----a-w- C:\install.res.1033.dll
2007-11-07 11:03:18 81424 ----a-w- C:\install.res.1041.dll
2007-11-07 11:03:18 79888 ----a-w- C:\install.res.1042.dll
2007-11-07 11:03:18 76304 ----a-w- C:\install.res.1028.dll
2007-11-07 11:03:18 75792 ----a-w- C:\install.res.2052.dll
2007-11-07 11:03:18 562688 ----a-w- C:\install.exe
2007-10-29 22:43:41 1297408 ------w- c:\windows\system32\dllcache\quartz.dll
2007-10-11 19:06:00 584192 ------w- c:\windows\system32\dllcache\rpcrt4.dll
2007-07-25 20:48:19 -------- d-----w- c:\windows\CAVTemp
2007-06-30 20:40:18 23776 ----a-w- c:\windows\system32\wucltui.dll.mui
2007-06-30 20:40:18 18144 ----a-w- c:\windows\system32\wuaueng.dll.mui
2007-06-30 20:40:18 15584 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2007-06-30 20:40:18 15584 ----a-w- c:\windows\system32\wuapi.dll.mui
2007-06-13 13:22:28 1035776 ------w- c:\windows\system32\dllcache\explorer.exe
2007-05-19 18:59:32 -------- d-----w- c:\archivos de programa\ZC2.10
2007-05-17 11:30:03 550912 ------w- c:\windows\system32\dllcache\oleaut32.dll
2007-05-11 01:52:34 95864 ----a-w- c:\archivos de programa\internet explorer\plugins\nppdf32.dll
2007-05-08 14:10:18 16874376 ----a-w- c:\archivos de programa\archivos comunes\microsoft shared\office12\MSO.DLL
2007-04-29 18:05:52 -------- d-----w- c:\documents and settings\ariel\datos de programa\Armagetron
2007-04-29 18:05:11 -------- d-----w- c:\documents and settings\all users\datos de programa\Armagetron
2007-04-25 14:22:37 168448 ------w- c:\windows\system32\dllcache\schannel.dll
2007-04-23 10:32:54 364160 ------w- c:\windows\system32\dllcache\update.sys
2007-03-17 13:45:06 293376 ------w- c:\windows\system32\dllcache\winsrv.dll
2007-03-08 15:36:30 578560 ------w- c:\windows\system32\dllcache\user32.dll
2007-03-08 15:36:30 40960 ------w- c:\windows\system32\dllcache\mf3216.dll
2007-03-08 15:36:30 283648 ------w- c:\windows\system32\dllcache\gdi32.dll
2007-03-08 15:32:46 1851008 ------w- c:\windows\system32\dllcache\win32k.sys
2007-02-28 19:03:52 334336 ------w- c:\windows\system32\dllcache\wiaservc.dll
2007-02-09 11:10:35 574464 ------w- c:\windows\system32\dllcache\ntfs.sys
2007-02-08 16:34:22 -------- d-sh--w- C:\FOUND.023
2007-02-05 20:18:39 185344 ------w- c:\windows\system32\dllcache\upnphost.dll
2007-02-04 19:41:39 12416 ----a-w- c:\windows\system32\drivers\mouhid.sys
2007-02-04 19:41:39 12416 ----a-w- c:\windows\system32\dllcache\mouhid.sys
2007-02-04 19:41:35 9600 ----a-w- c:\windows\system32\drivers\hidusb.sys
2007-02-04 19:41:35 9600 ----a-w- c:\windows\system32\dllcache\hidusb.sys
2006-12-26 13:09:05 536576 ------w- c:\windows\system32\dllcache\msado15.dll
2006-12-26 13:09:05 200704 ------w- c:\windows\system32\dllcache\msadox.dll
2006-12-26 13:09:05 180224 ------w- c:\windows\system32\dllcache\msadomd.dll
2006-12-26 13:09:05 102400 ------w- c:\windows\system32\dllcache\msjro.dll
2006-12-19 21:49:47 134656 ------w- c:\windows\system32\dllcache\shsvcs.dll
2006-12-19 18:22:36 2183808 ------w- c:\windows\system32\dllcache\ntoskrnl.exe
2006-12-19 18:22:36 2060800 ------w- c:\windows\system32\dllcache\ntkrnlpa.exe
2006-12-19 18:22:21 2139648 ------w- c:\windows\system32\dllcache\ntkrnlmp.exe
2006-12-19 18:22:18 2019328 ------w- c:\windows\system32\dllcache\ntkrpamp.exe
2006-12-02 20:09:49 -------- d-----w- c:\archivos de programa\Runtime Software
2006-12-02 18:15:06 -------- d-----w- c:\windows\system32\NtmsData
2006-11-29 23:30:17 -------- d-----w- c:\archivos de programa\Cheating-Death
2006-11-27 14:54:17 433152 ------w- c:\windows\system32\dllcache\riched20.dll
2006-11-27 14:54:16 539136 ------w- c:\windows\system32\dllcache\msftedit.dll
2006-11-26 18:21:07 -------- d-----w- c:\documents and settings\ariel\datos de programa\Dev-Cpp
2006-11-22 23:02:06 -------- d-sh--w- C:\FOUND.022
2006-11-22 00:58:36 -------- d-sh--w- C:\FOUND.021
2006-11-20 19:10:41 -------- d-----w- c:\archivos de programa\Counter-Strike 1.6
2006-11-18 19:15:43 -------- d-----w- c:\archivos de programa\MSXML 4.0
2006-11-18 19:15:40 -------- d-----w- C:\c4b8619090f354fa31c48a77b0
2006-11-14 00:04:02 -------- d-sh--w- C:\FOUND.020
2006-11-08 05:06:15 86528 ------w- c:\windows\system32\dllcache\directdb.dll
2006-11-08 05:06:15 85504 ------w- c:\windows\system32\dllcache\wabimp.dll
2006-11-08 05:06:15 683520 ------w- c:\windows\system32\dllcache\inetcomm.dll
2006-11-08 05:06:15 510976 ------w- c:\windows\system32\dllcache\wab32.dll
2006-11-08 05:06:15 1315840 ------w- c:\windows\system32\dllcache\msoe.dll
2006-11-04 17:14:00 1245696 ----a-w- c:\windows\system32\msxml4.dll
2006-10-27 18:18:34 1658152 ----a-w- c:\archivos de programa\archivos comunes\microsoft shared\office12\OGL.DLL
2006-10-27 18:12:32 1082144 ----a-w- c:\archivos de programa\archivos comunes\microsoft shared\office12\RICHED20.DLL
2006-10-26 23:13:04 932688 ----a-w- c:\archivos de programa\archivos comunes\microsoft shared\office12\msoshext.dll
2006-10-26 17:31:34 80696 ----a-w- c:\archivos de programa\archivos comunes\microsoft shared\office12\1033\xlsrvintl.dll
2006-10-26 16:56:44 757008 ----a-w- c:\archivos de programa\archivos comunes\microsoft shared\office12\MSPTLS.DLL
2006-10-23 15:18:53 474624 ------w- c:\windows\system32\dllcache\shlwapi.dll
2006-10-23 15:18:50 1023488 ------w- c:\windows\system32\dllcache\browseui.dll
2006-10-20 01:38:50 716288 ------w- c:\windows\system32\dllcache\sxs.dll
2006-10-16 14:52:37 -------- d-----w- c:\archivos de programa\MVM 2005 - Virtua Tennis
2006-10-16 14:39:59 -------- d-----w- c:\archivos de programa\PowerISO
2006-10-14 08:13:25 981760 ------w- c:\windows\system32\dllcache\mfc42u.dll
2006-10-13 12:36:47 65536 ------w- c:\windows\system32\dllcache\nwwks.dll
2006-10-13 12:36:47 144384 ------w- c:\windows\system32\dllcache\nwprovau.dll
2006-10-13 10:23:15 163584 ------w- c:\windows\system32\dllcache\nwrdr.sys
2006-10-12 14:04:11 57344 ----a-w- c:\windows\system32\dllcache\agentdpv.dll
2006-10-12 14:04:11 42496 ------w- c:\windows\system32\dllcache\agentdp2.dll
2006-10-12 11:09:53 256512 ------w- c:\windows\system32\dllcache\agentsvr.exe
2006-10-04 21:20:26 -------- d--h--r- C:\$VAULT$.AVG
2006-10-04 21:11:54 -------- d-sh--w- C:\FOUND.019
2006-10-04 20:19:24 -------- d--h--w- c:\archivos de programa\FX Uninstall Information
2006-10-01 17:56:44 -------- d-sh--w- C:\FOUND.018
2006-09-25 12:06:26 -------- d-sh--w- C:\FOUND.017
2006-09-18 14:16:05 851968 ----a-w- c:\archivos de programa\archivos comunes\microsoft shared\vgx\SET12.tmp
2006-09-17 15:27:27 23040 ------w- c:\windows\system32\dllcache\fltmc.exe
2006-09-17 15:27:27 16896 ------w- c:\windows\system32\dllcache\fltlib.dll
2006-09-17 15:27:27 128896 ------w- c:\windows\system32\dllcache\fltmgr.sys
2006-09-14 08:39:27 1022976 ----a-w- c:\windows\system32\dllcache\SET2D.tmp
2006-09-13 08:52:55 18432 ----a-w- c:\archivos de programa\internet explorer\SET19.tmp
2006-09-13 05:02:57 1172480 ------w- c:\windows\system32\dllcache\msxml3.dll
2006-09-04 07:10:34 1422088 ----a-w- c:\archivos de programa\archivos comunes\microsoft shared\office11\msxml5.dll
2006-09-04 07:10:32 91912 ----a-w- c:\archivos de programa\archivos comunes\microsoft shared\office11\1033\msxml5r.dll
2006-09-02 17:38:30 -------- d-sh--w- C:\FOUND.016
2006-08-26 15:25:14 -------- d-sh--w- C:\FOUND.015
2006-08-25 15:46:29 617472 ------w- c:\windows\system32\dllcache\comctl32.dll
2006-08-24 16:19:40 247326 ------w- c:\windows\system32\dllcache\strmdll.dll
2006-08-24 16:17:24 499766 ------w- c:\windows\system32\dllcache\dxmasf.dll
2006-08-17 12:29:42 729088 ------w- c:\windows\system32\dllcache\lsasrv.dll
2006-08-17 12:29:42 132096 ------w- c:\windows\system32\dllcache\wkssvc.dll
2006-08-16 11:59:05 100864 ------w- c:\windows\system32\dllcache\6to4svc.dll
2006-08-16 09:37:30 226880 ------w- c:\windows\system32\dllcache\tcpip6.sys
2006-08-15 22:01:35 247808 ----a-w- c:\windows\system32\npscan.dll
2006-08-15 08:50:53 -------- d-----w- C:\Program Files
2006-08-12 20:45:06 -------- d-sh--w- C:\FOUND.014
2006-08-12 20:41:58 -------- d-sh--w- C:\FOUND.013
2006-08-03 19:46:03 -------- d-----w- c:\archivos de programa\I.T.E ApS
2006-08-03 19:45:43 305152 ----a-w- c:\windows\IsUn040a.exe
2006-08-03 19:45:38 -------- d-----w- c:\documents and settings\ariel\WINDOWS
2006-07-30 23:23:54 -------- d-sh--w- C:\FOUND.012
2006-07-16 22:09:52 -------- d-sh--w- C:\FOUND.011
2006-07-14 15:40:13 332800 ------w- c:\windows\system32\dllcache\netapi32.dll
2006-07-13 13:35:06 8496640 ------w- c:\windows\system32\dllcache\shell32.dll
2006-07-11 21:13:14 -------- d-----w- c:\archivos de programa\Activision
2006-07-07 22:07:54 -------- d-sh--w- C:\FOUND.010
2006-07-05 10:56:30 1039360 ------w- c:\windows\system32\dllcache\kernel32.dll
2006-06-30 01:01:56 -------- d-sh--w- C:\FOUND.009
2006-06-26 17:41:27 8192 ------w- c:\windows\system32\dllcache\rasadhlp.dll
2006-06-22 10:48:10 181248 ------w- c:\windows\system32\dllcache\rasmans.dll
2006-06-22 05:13:50 1440256 ------w- c:\windows\system32\dllcache\query.dll
2006-06-22 05:13:49 69120 ------w- c:\windows\system32\dllcache\ciodm.dll
2006-06-20 15:59:10 -------- d-sh--w- C:\FOUND.008
2006-06-14 09:00:45 82944 ------w- c:\windows\system32\dllcache\wdmaud.sys
2006-06-14 08:47:46 6400 ------w- c:\windows\system32\dllcache\splitter.sys
2006-06-14 08:47:45 172416 ------w- c:\windows\system32\dllcache\kmixer.sys
2006-06-08 16:11:58 -------- d-sh--w- C:\FOUND.007
2006-06-05 19:01:08 -------- d-sh--w- C:\FOUND.006
2006-05-31 23:19:44 -------- d-sh--w- C:\FOUND.005
2006-05-29 15:28:58 1506816 ------w- c:\windows\system32\dllcache\shdocvw.dll
2006-05-28 01:18:50 -------- d-sh--w- C:\FOUND.004
2006-05-25 21:27:38 -------- d-sh--w- C:\FOUND.003
2006-05-24 22:03:42 -------- d-sh--w- C:\FOUND.002
2006-05-22 18:55:31 212992 ----a-w- c:\archivos de programa\archivos comunes\installshield\engine\6\intel 32\ILog.dll
2006-05-19 15:09:50 3086336 ------w- c:\windows\system32\dllcache\mshtml.dll
2006-05-19 13:18:51 95232 ------w- c:\windows\system32\dllcache\iphlpapi.dll
2006-05-19 13:18:51 148992 ----a-w- c:\windows\system32\dllcache\dnsapi.dll
2006-05-19 13:18:51 111616 ------w- c:\windows\system32\dllcache\dhcpcsvc.dll
2006-05-18 05:31:25 450560 ------w- c:\windows\system32\dllcache\jscript.dll
2006-05-17 16:32:08 -------- d-sh--w- C:\FOUND.001
2006-05-09 11:00:37 18432 ------w- c:\windows\system32\dllcache\iedw.exe
2006-05-05 09:47:57 174592 ------w- c:\windows\system32\dllcache\rdbss.sys
2006-05-05 09:41:45 454016 ------w- c:\windows\system32\dllcache\mrxsmb.sys
2006-05-01 15:44:35 -------- d-s---w- c:\documents and settings\ariel\UserData
2006-04-27 23:41:12 -------- d-----w- c:\archivos de programa\ea games
2006-04-21 16:50:59 -------- d-----w- c:\windows\system32\LogFiles
2006-04-21 06:12:27 352640 ------w- c:\windows\system32\dllcache\srv.sys
2006-04-20 11:51:50 360320 ----a-w- c:\windows\system32\dllcache\tcpip.sys
2006-04-19 23:13:36 -------- d-sh--w- C:\FOUND.000
2006-04-19 20:45:22 -------- d-----w- C:\I386
2006-04-19 20:42:46 827392 ----a-w- c:\archivos de programa\windows media player\wmsetsdk.exe
2006-04-19 20:42:46 47616 ----a-w- c:\archivos de programa\windows media player\msoobci.dll
2006-04-19 20:41:55 -------- d-----w- c:\windows\RegisteredPackages
2006-04-19 20:32:17 -------- d-----w- c:\archivos de programa\Microsoft Encarta
2006-04-19 20:30:13 114688 ----a-w- c:\archivos de programa\internet explorer\plugins\npqtplugin7.dll
2006-04-19 20:28:59 114688 ----a-w- c:\archivos de programa\internet explorer\plugins\npqtplugin6.dll
2006-04-19 20:28:59 114688 ----a-w- c:\archivos de programa\internet explorer\plugins\npqtplugin5.dll
2006-04-19 20:28:59 114688 ----a-w- c:\archivos de programa\internet explorer\plugins\npqtplugin4.dll
2006-04-19 20:28:59 114688 ----a-w- c:\archivos de programa\internet explorer\plugins\npqtplugin3.dll
2006-04-19 20:28:59 114688 ----a-w- c:\archivos de programa\internet explorer\plugins\npqtplugin2.dll
2006-04-19 20:28:59 114688 ----a-w- c:\archivos de programa\internet explorer\plugins\npqtplugin.dll
2006-04-19 20:24:30 -------- d-----w- c:\documents and settings\ariel\datos de programa\AVG7
2006-04-19 20:24:22 499712 ----a-w- c:\windows\system32\msvcp71.dll
2006-04-19 20:24:22 348160 ----a-w- c:\windows\system32\msvcr71.dll
2006-04-19 20:22:15 1024 ---h--r- c:\windows\system32\NTIDBD32.dll
2006-04-19 20:21:39 1024 ---h--r- c:\windows\system32\ntiembed.dll
2006-04-19 20:21:22 226816 ------w- c:\windows\system32\htvcdsvcd.ax
2006-04-19 20:21:22 -------- d-----w- c:\windows\Vbox
2006-04-19 20:21:19 9728 ------w- c:\windows\system\regsvr32.exe
2006-04-19 20:21:07 -------- d-----w- c:\windows\system32\Iosubsys
2006-04-19 20:20:55 -------- d-----w- c:\archivos de programa\NewTech Infosystems
2006-04-19 20:20:45 1024 ---h--r- c:\windows\system32\NTIMPEG2.dll
2006-04-19 20:20:45 1024 ---h--r- c:\windows\system32\NTICDMK32.dll
2006-04-19 20:20:41 6912 ----a-w- c:\windows\system32\drivers\NTIDrvr.sys
2006-04-19 20:15:38 25840 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\mdippr.dll
2006-04-19 20:15:38 24816 ----a-w- c:\windows\system32\mdimon.dll
2006-04-19 20:13:44 -------- d-----w- c:\windows\SHELLNEW
2006-04-18 23:09:48 -------- d-----w- c:\windows\system32\PreInstall
2006-04-18 23:09:46 -------- d--h--w- c:\windows\$hf_mig$
2006-04-18 22:42:22 -------- d-----w- c:\windows\system32\SoftwareDistribution
2006-04-18 00:05:03 -------- d-----w- c:\archivos de programa\EA SPORTS
2006-04-18 00:03:05 -------- d-----w- c:\windows\system32\wbem\AutoRecover
2006-04-18 00:02:58 -------- d-s---w- c:\windows\system32\Microsoft
2006-04-18 00:00:35 -------- d-sh--w- C:\Recycled
.
==================== Find3M  ====================
.
2010-06-14 14:30:28 743936 ----a-w- c:\windows\pchealth\helpctr\binaries\HelpSvc.exe
2010-05-02 08:26:02 1851008 ----a-w- c:\windows\system32\win32k.sys
2010-04-20 05:47:38 285696 ----a-w- c:\windows\system32\atmfd.dll
2010-04-16 15:36:38 664576 ----a-w- c:\windows\system32\wininet.dll
2010-04-16 15:36:38 61952 ----a-w- c:\windows\system32\tdc.ocx
2010-04-16 15:36:34 81920 ------w- c:\windows\system32\ieencode.dll
2010-04-16 15:26:20 371200 ------w- c:\windows\system32\html.iec
2010-03-10 08:03:50 417792 ----a-w- c:\windows\system32\vbscript.dll
2010-03-05 14:55:56 65536 ----a-w- c:\windows\system32\asycfilt.dll
2010-02-24 12:31:30 454016 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-16 19:33:02 2183808 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-02-16 19:33:02 2060800 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-02-12 04:46:10 100864 ----a-w- c:\windows\system32\6to4svc.dll
2010-02-11 12:01:44 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys
2010-02-05 18:39:54 1297408 ----a-w- c:\windows\system32\quartz.dll
2010-01-29 15:07:04 683520 ----a-w- c:\windows\system32\inetcomm.dll
2010-01-29 14:44:30 307260 ----a-w- c:\windows\system32\l3codeca.acm
2010-01-29 14:44:30 143422 ----a-w- c:\windows\system32\l3codecx.ax
2010-01-13 14:09:52 86016 ----a-w- c:\windows\system32\cabview.dll
2009-12-31 16:14:12 352640 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-24 07:06:48 177664 ----a-w- c:\windows\system32\wintrust.dll
2009-12-17 07:59:40 346624 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:36:42 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-11-27 17:34:44 17920 ----a-w- c:\windows\system32\msyuv.dll
2009-11-27 16:38:56 8704 ----a-w- c:\windows\system32\tsbyuv.dll
2009-11-27 16:38:56 85504 ----a-w- c:\windows\system32\avifil32.dll
2009-11-27 16:38:56 48128 ----a-w- c:\windows\system32\iyuv_32.dll
2009-11-27 16:38:56 28672 ----a-w- c:\windows\system32\msvidc32.dll
2009-11-27 16:38:56 11264 ----a-w- c:\windows\system32\msrle32.dll
2009-11-21 16:42:12 470528 ----a-w- c:\windows\apppatch\AcLayers.dll
2009-10-21 06:03:12 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 06:03:10 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 14:58:48 263552 ----a-w- c:\windows\system32\drivers\http.sys
2009-10-16 01:51:44 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-10-15 17:21:44 82432 ----a-w- c:\windows\system32\fontsub.dll
2009-10-13 10:52:20 267776 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:52:52 69632 ----a-w- c:\windows\system32\raschap.dll
2009-10-12 13:52:52 112640 ----a-w- c:\windows\system32\rastls.dll
2009-09-11 14:35:10 133632 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 20:46:36 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-09-01 14:33:34 282654 ----a-w- c:\windows\system32\msaud32.acm
2009-08-26 08:15:40 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-25 09:47:56 352256 ----a-w- c:\windows\system32\winhttp.dll
2009-08-06 22:24:10 217816 ----a-w- c:\windows\system32\wuaucpl.cpl
2009-08-05 09:06:34 205312 ----a-w- c:\windows\system32\mswebdvd.dll
2009-07-31 04:58:50 1172480 ----a-w- c:\windows\system32\msxml3.dll
2009-07-17 18:57:18 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-17 16:27:00 1440256 ----a-w- c:\windows\system32\query.dll
2009-07-13 13:08:14 286720 ----a-w- c:\windows\system32\wmpdxm.dll
2009-06-25 18:36:14 95744 ----a-w- c:\windows\system32\mqsec.dll
2009-06-25 18:36:14 661504 ----a-w- c:\windows\system32\mqqm.dll
2009-06-25 18:36:14 521216 ----a-w- c:\windows\system32\mqutil.dll
2009-06-25 18:36:14 517120 ----a-w- c:\windows\system32\mqsnap.dll
2009-06-25 18:36:14 48640 ----a-w- c:\windows\system32\mqupgrd.dll
2009-06-25 18:36:14 47104 ----a-w- c:\windows\system32\mqdscli.dll
2009-06-25 18:36:14 225280 ----a-w- c:\windows\system32\mqoa.dll
2009-06-25 18:36:14 186880 ----a-w- c:\windows\system32\mqtrig.dll
2009-06-25 18:36:14 177152 ----a-w- c:\windows\system32\mqrt.dll
2009-06-25 18:36:14 16896 ----a-w- c:\windows\system32\mqise.dll
2009-06-25 18:36:14 138240 ----a-w- c:\windows\system32\mqad.dll
2009-06-25 18:36:14 123392 ----a-w- c:\windows\system32\mqrtdep.dll
2009-06-25 08:46:26 729088 ----a-w- c:\windows\system32\lsasrv.dll
2009-06-25 08:46:26 59392 ----a-w- c:\windows\system32\wdigest.dll
2009-06-25 08:46:26 56320 ----a-w- c:\windows\system32\secur32.dll
2009-06-25 08:46:26 298496 ----a-w- c:\windows\system32\kerberos.dll
2009-06-25 08:46:26 168448 ----a-w- c:\windows\system32\schannel.dll
2009-06-22 11:49:24 19968 ----a-w- c:\windows\system32\mqbkup.exe
2009-06-22 11:49:24 117248 ----a-w- c:\windows\system32\mqtgsvc.exe
2009-06-22 11:49:04 4608 ----a-w- c:\windows\system32\mqsvc.exe
2009-06-22 11:48:44 91776 ----a-w- c:\windows\system32\drivers\mqac.sys
2009-06-22 11:34:52 92544 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-06-15 11:32:56 78336 ----a-w- c:\windows\system32\telnet.exe
2009-06-15 11:32:54 81920 ----a-w- c:\windows\system32\tlntsess.exe
2009-06-10 06:31:14 132096 ----a-w- c:\windows\system32\wkssvc.dll
2009-06-05 07:55:24 655872 ----a-w- c:\windows\system32\mstscax.dll
2009-05-07 15:43:40 346112 ----a-w- c:\windows\system32\localspl.dll
2009-04-15 15:17:26 584192 ----a-w- c:\windows\system32\rpcrt4.dll
2009-04-10 04:01:42 530280 ----a-w- c:\windows\system32\wmspdmod.dll
2009-03-06 14:46:02 286208 ----a-w- c:\windows\system32\pdh.dll
2009-02-09 10:20:32 684544 ----a-w- c:\windows\system32\advapi32.dll
2009-02-09 10:20:32 473088 ----a-w- c:\windows\system32\wbem\fastprox.dll
2009-02-09 10:20:32 399360 ----a-w- c:\windows\system32\rpcss.dll
2009-02-09 10:20:30 739328 ----a-w- c:\windows\system32\ntdll.dll
2009-02-09 10:20:30 453120 ----a-w- c:\windows\system32\wbem\wmiprvsd.dll
2009-02-09 10:08:26 111104 ----a-w- c:\windows\system32\services.exe
2009-02-06 16:54:36 35328 ----a-w- c:\windows\system32\sc.exe
2009-02-06 16:39:30 227840 ----a-w- c:\windows\system32\wbem\wmiprvse.exe
2008-10-23 13:00:06 283648 ----a-w- c:\windows\system32\gdi32.dll
2008-08-14 09:51:44 138368 ----a-w- c:\windows\system32\drivers\afd.sys
2008-07-09 07:39:18 26488 ----a-w- c:\windows\system32\spupdsvc.exe
2008-07-07 20:31:20 253952 ----a-w- c:\windows\system32\es.dll
2008-06-24 16:23:36 74240 ----a-w- c:\windows\system32\mscms.dll
2008-06-20 17:41:08 248320 ----a-w- c:\windows\system32\mswsock.dll
2008-06-20 10:45:14 360320 ----a-w- c:\windows\system32\drivers\tcpip.sys
2008-06-14 17:59:52 272512 ------w- c:\windows\system32\drivers\bthport.sys
2008-06-12 14:18:18 956928 ----a-w- c:\windows\system32\msdtctm.dll
2008-06-12 14:18:18 91648 ----a-w- c:\windows\system32\mtxoci.dll
2008-06-12 14:18:18 66560 ----a-w- c:\windows\system32\mtxclu.dll
2008-06-12 14:18:18 161792 ----a-w- c:\windows\system32\msdtcuiu.dll
2008-06-12 14:18:16 58880 ----a-w- c:\windows\system32\msdtclog.dll
.
============= FINISH:  2:56:57,64 ===============
 

Attached Files

  • Attached File  dds.txt   50.19KB   0 downloads


BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,256 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:43 PM

Posted 07 April 2013 - 08:03 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===
Please download ComboFix from one of these locations:
Link 1
Link 2
IMPORTANT !!! Save ComboFix.exe to your Desktop
  • Disable your Anti-Virus and Anti-Spyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools.
  • Double click on ComboFix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
  • Some Rookit infection may damage your boot sector. The Windows Recovery Console may be needed to restore it. Do not bypass this installation. You may regret it.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
RcAuto1.gif
Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
whatnext.png
Click on Yes, to continue scanning for malware.
When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

Note: If you have difficulty properly disabling your protection programs, refer to this link --> http://www.bleepingcomputer.com/forums/topic114351.html

Do not mouse click ComboFix's window while it's running. That may cause it to stall

Note: If after running ComboFix you get this error message "Illegal operation attempted on a registry key that has been marked for deletion." when attempting to run a program all you need to do is restart the computer to reset the registry.
===

Third party programs if not up to date can be the cause of infiltration an infection.

Please run this security check for my review.

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
===

Search and delete the AdWare, PUP (Potentially Unwanted Program) installed on your computer.

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete tab follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Rn].txt (n is a number).
Please paste the logs in your next reply, DO NOT ATTACH THEM
Let me know what problem persists.

Edited by nasdaq, 07 April 2013 - 08:04 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users