Virtumonde.dll or Trojan.Vundo.H

[csnomolas]

can somebody help me? my pc is infected by Virtumonde.dll or Trojan.Vundo.H

***** i have this log file

Malwarebytes' Anti-Malware 1.41
Versión de la Base de Datos: 2941
Windows 5.1.2600 Service Pack 3

11/10/2009 05:20:40 p.m.
mbam-log-2009-10-11 (17-20-40).txt

Tipo de examen : Examen Rápido
Objetos examinados: 124090
Tiempo transcurrido: 6 minute(s), 8 second(s)

Procesos en Memoria Infectados: 0
Módulos en Memoria Infectados: 0
Claves del Registro Infectadas: 3
Valores del Registro Infectados: 0
Elementos de Datos del Registro Infectados: 0
Carpetas Infectadas: 0
Ficheros Infectados: 1

Procesos en Memoria Infectados:
(No se han detectado elementos maliciosos)

Módulos en Memoria Infectados:
(No se han detectado elementos maliciosos)

Claves del Registro Infectadas:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{66886c3b-ef97-4f7f-8f58-a1199d737492} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ehenzdga (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{66886c3b-ef97-4f7f-8f58-a1199d737492} (Trojan.Vundo.H) -> Delete on reboot.

Valores del Registro Infectados:
(No se han detectado elementos maliciosos)

Elementos de Datos del Registro Infectados:
(No se han detectado elementos maliciosos)

Carpetas Infectadas:
(No se han detectado elementos maliciosos)

Ficheros Infectados:
c:\WINDOWS\system32\khwveve.dll (Trojan.Vundo.H) -> Delete on reboot.

***** and Hijack log file *****

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 05:21:50 p.m., on 11/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Archivos de programa\Prodigy Antivirus\Prodigy Antivirus\pavsrv51.exe
C:\Archivos de programa\Prodigy Antivirus\Prodigy Antivirus\AVENGINE.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Archivos de programa\Java\jre6\bin\jqs.exe
C:\Archivos de programa\Prodigy Antivirus\Prodigy Antivirus\PsCtrls.exe
C:\Archivos de programa\Archivos comunes\Panda Software\PavShld\pavprsrv.exe
C:\Archivos de programa\Prodigy Antivirus\Prodigy Antivirus\PsImSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
C:\WINDOWS\Explorer.EXE
C:\Archivos de programa\Prodigy Antivirus\Prodigy Antivirus\ApvxdWin.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Archivos de programa\Prodigy Antivirus\Prodigy Antivirus\WebProxy.exe
C:\Archivos de programa\Sony\VAIO Update 2\VAIOUpdt.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\Archivos de programa\Java\jre6\bin\jusched.exe
C:\Archivos de programa\EPSON\Ink Monitor\InkMonitor.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Archivos de programa\Archivos comunes\Real\Update_OB\realsched.exe
C:\Archivos de programa\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Archivos de programa\802.11 Wireless LAN\802.11g Wireless USB 2.0 Adapter HW.14 V.1.00\WlanCU.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Archivos de programa\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Archivos de programa\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Archivos de programa\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Archivos de programa\Search Settings\kb128\SearchSettings.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Archivos de programa\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARCHIV~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {66886C3B-EF97-4F7F-8F58-A1199D737492} - c:\windows\system32\khwveve.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Archivos de programa\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Archivos de programa\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Archivos de programa\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Archivos de programa\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {E2315096-5869-42DA-8FAA-C78BE4E0401C} - (no file)
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Archivos de programa\Search Settings\kb128\SearchSettings.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Archivos de programa\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Archivos de programa\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Archivos de programa\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Archivos de programa\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [VAIOSurvey] C:\Archivos de programa\Sony\VAIO Survey\LASurvey.exe
O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Archivos de programa\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Ink Monitor] C:\Archivos de programa\EPSON\Ink Monitor\InkMonitor.exe
O4 - HKLM\..\Run: [nwiz] C:\Archivos de programa\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TkBellExe] "C:\Archivos de programa\Archivos comunes\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Archivos de programa\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [APVXDWIN] "C:\Archivos de programa\Prodigy Antivirus\Prodigy Antivirus\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SearchSettings] C:\Archivos de programa\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Archivos de programa\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Archivos de programa\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Archivos de programa\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Servicio de red')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Wireless Configuration Utility HW.14.lnk = C:\Archivos de programa\802.11 Wireless LAN\802.11g Wireless USB 2.0 Adapter HW.14 V.1.00\WlanCU.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARCHIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARCHIV~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARCHIV~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sony-latin.com/vaio/info
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} (VaioInfo.CMClass) - http://esupport.sony.com/VaioInfo.CAB
O16 - DPF: {15589FA1-C456-11CE-BF01-00AA0055595A} - http://w4s2.work4sure.com/c/ge/w4sgeen9.exe
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/actives.../as2stubie.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1250660547133
O16 - DPF: {6531D99C-0D0E-4293-B3CB-A3E1D0D41847} (AhnASP Control) - https://boveda.banamex.com.mx/AhnASP.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1250660770383
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/actives.../as2stubie.cab
O16 - DPF: {A1D886C6-4039-4451-97A9-515F5BE5D4C2} (mkdplusCtrl Class) - https://boveda.banamex.com.mx/mkdplus.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Archivos de programa\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: ehenzdga - C:\WINDOWS\SYSTEM32\khwveve.dll
O23 - Service: Google Software Updater (gusvc) - Google - C:\Archivos de programa\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Archivos de programa\Archivos comunes\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Archivos de programa\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\ARCHIV~1\ARCHIV~1\SONYSH~1\AVLib\PACSPT~1.EXE
O23 - Service: Panda Software Controller - Panda Software International - C:\Archivos de programa\Prodigy Antivirus\Prodigy Antivirus\PsCtrls.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Archivos de programa\Archivos comunes\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Archivos de programa\Prodigy Antivirus\Prodigy Antivirus\pavsrv51.exe
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Archivos de programa\Prodigy Antivirus\Prodigy Antivirus\PsImSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\ARCHIV~1\ARCHIV~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment File Import Service - Sony Corporation - C:\Archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter - Sony Corporation - C:\Archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Archivos de programa\Sony\vaio media integrated server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Archivos de programa\Sony\vaio media integrated server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Archivos de programa\Sony\vaio media integrated server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Archivos de programa\Sony\vaio media integrated server\Platform\VmGateway.exe
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Sony Corporation - C:\Archivos de programa\Sony\vaio media integrated server\Video\GPVSvr.exe
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Sony Corporation - C:\Archivos de programa\Sony\vaio media integrated server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Archivos de programa\Sony\vaio media integrated server\Platform\UPnPFramework.exe

--
End of file - 12818 bytes
========================================

Edit, Spybot log in second post removed, please see the FAQ.
"BEFORE you POST"(READ this Procedure BEFORE Requesting Assistance)

[Shaba]

Hi csnomolas

We will begin with ComboFix.exe. Please visit this webpage for download links, and instructions for running the tool:
This tool is not a toy and not for everyday use.
ComboFix SHOULD NOT be used unless requested by a forum helper

http://www.bleepingcomputer.com/comb...o-use-combofix

Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
If you need help to disable your protection programs see here.

When finished, it will produce a log for you. Please include the C:\ComboFix.txt in your next reply along with a fresh HijackThis log.

[csnomolas]

Combo and HJT logs were done
but they exceed the text limit
so i attached hjt log

ComboFix 09-10-13.01 - Papá 14/10/2009 5:45.1.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.34.3082.18.767.302 [GMT -5:00]
Running from: c:\documents and settings\Papá\Mis documentos\down\ComboFix.exe
AV: Prodigy Antivirus *On-access scanning disabled* (Updated) {EEE2D94A-D4C1-421A-AB2C-2CE8FE51747A}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\archivos de programa\Search Settings
c:\archivos de programa\Search Settings\kb128\SeARchsettings.dll
c:\archivos de programa\Search Settings\kb128\SearchSettingsRes409.dll
c:\archivos de programa\Search Settings\SearchSettings.exe
c:\recycler\S-1-5-21-1645522239-1644491937-1801674531-1003
c:\recycler\S-1-5-21-1703658371-3696553963-2023833634-1003
c:\recycler\S-1-5-21-2411556091-331814778-2047695641-1003
c:\recycler\S-1-5-21-2640250844-1987579305-2858704861-1003
c:\recycler\S-1-5-21-4163429351-1001844230-2977629215-1003
c:\recycler\S-1-5-21-880980304-2263851132-1359217650-1003
c:\windows\Installer\c6a67.msi
c:\windows\setup.exe
c:\windows\system32\drivers\gvirpkxg.sys
c:\windows\system32\drivers\rzxuwdoc.sys
c:\windows\system32\ijdvnojc.dll
c:\windows\system32\khwveve.dll
c:\windows\system32\pizkuut.dll
c:\windows\system32\QTWMCI32.DLL

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_RZXUWDOC
-------\Service_rzxuwdoc


((((((((((((((((((((((((( Files Created from 2009-09-14 to 2009-10-14 )))))))))))))))))))))))))))))))
.

2009-10-12 23:55 . 2009-10-12 23:55 -------- d-----w- c:\archivos de programa\ERUNT
2009-10-12 22:07 . 2009-10-12 22:07 -------- d-----w- c:\documents and settings\Carlos\Datos de programa\Malwarebytes
2009-10-11 21:47 . 2009-10-11 21:47 -------- d-----w- c:\windows\Downloaded Installations
2009-10-11 19:08 . 2009-10-11 19:08 -------- d-----w- c:\documents and settings\Karla\Datos de programa\Malwarebytes
2009-10-11 13:00 . 2009-09-10 19:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-11 13:00 . 2009-10-11 13:00 -------- d-----w- c:\archivos de programa\Malwarebytes' Anti-Malware
2009-10-11 13:00 . 2009-10-11 13:00 -------- d-----w- c:\documents and settings\All Users\Datos de programa\Malwarebytes
2009-10-11 13:00 . 2009-09-10 19:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-10 18:55 . 2009-10-10 18:55 -------- d-----w- c:\archivos de programa\Trend Micro
2009-10-10 13:26 . 2003-04-24 12:00 259184 -c--a-w- c:\windows\system32\dllcache\winhelp.exe
2009-10-10 12:08 . 2008-06-19 22:24 28544 ----a-w- c:\windows\system32\drivers\pavboot.sys
2009-10-01 20:36 . 2009-10-01 20:36 -------- d-----w- c:\documents and settings\Carlos\Datos de programa\Search Settings
2009-09-30 02:20 . 2009-09-30 02:20 -------- d-----w- c:\documents and settings\Chelo\Datos de programa\Search Settings
2009-09-21 02:01 . 2009-09-22 07:40 -------- d-----w- c:\archivos de programa\Yahoo!
2009-09-21 01:59 . 2009-09-21 01:59 -------- d-----w- c:\archivos de programa\The Weather Channel FW
2009-09-17 02:24 . 2009-09-17 02:24 -------- d-----w- c:\archivos de programa\MSXML 4.0
2009-09-16 18:17 . 2009-09-16 18:17 -------- d-----w- c:\documents and settings\Karla\Datos de programa\Search Settings
2009-09-16 18:17 . 2009-09-16 18:17 -------- d-----w- c:\documents and settings\Karla\Datos de programa\Dealio
2009-09-16 13:22 . 2009-10-06 22:00 -------- d-----w- c:\archivos de programa\Patrician III - Imperio de los Mares
2009-09-16 13:00 . 2009-09-16 13:01 -------- d-----w- C:\Click to DVD 2
2009-09-16 00:26 . 2009-03-27 06:16 12672 ----a-w- c:\windows\system32\drivers\cpuz132_x32.sys
2009-09-16 00:26 . 2009-09-16 00:26 -------- d-----w- c:\archivos de programa\CPUID

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-11 18:54 . 2009-08-19 16:53 -------- d-----w- c:\archivos de programa\American Conquest - Edición de oro
2009-10-10 13:33 . 2009-08-24 16:23 -------- d-----w- c:\archivos de programa\Spybot - Search & Destroy
2009-10-10 13:04 . 2009-08-24 23:54 -------- d-----w- c:\archivos de programa\SUPERAntiSpyware
2009-10-07 22:32 . 2009-08-31 01:15 -------- d-----w- c:\archivos de programa\BASpeed v6
2009-09-22 07:43 . 2009-08-24 22:22 -------- d-----w- c:\archivos de programa\Google
2009-09-16 19:18 . 2009-08-19 22:30 77921 ----a-w- c:\windows\system32\v3w32se2.dll
2009-09-16 13:30 . 2009-08-19 16:51 -------- d--h--w- c:\archivos de programa\FX Uninstall Information
2009-09-16 13:20 . 2009-09-16 13:09 -------- d-----w- c:\archivos de programa\Free Easy Burner
2009-09-13 13:19 . 2009-09-13 12:49 -------- d-----w- c:\archivos de programa\PestPatrol
2009-08-26 00:19 . 2009-08-26 00:19 -------- d-----w- c:\documents and settings\Karla\Datos de programa\AdobeUM
2009-08-24 23:54 . 2009-08-24 23:54 -------- d-----w- c:\documents and settings\All Users\Datos de programa\SUPERAntiSpyware.com
2009-08-24 23:53 . 2009-08-24 23:53 -------- d-----w- c:\archivos de programa\Archivos comunes\Wise Installation Wizard
2009-08-24 23:02 . 2009-08-24 22:32 -------- d---a-w- c:\documents and settings\All Users\Datos de programa\TEMP
2009-08-24 16:30 . 2009-08-24 16:23 -------- d-----w- c:\documents and settings\All Users\Datos de programa\Spybot - Search & Destroy
2009-08-24 16:11 . 2009-08-24 15:45 -------- d-----w- c:\archivos de programa\Windows Desktop Search
2009-08-24 16:09 . 2004-05-07 21:58 52236 ----a-w- c:\windows\system32\perfc00A.dat
2009-08-24 16:09 . 2004-05-07 21:58 365802 ----a-w- c:\windows\system32\perfh00A.dat
2009-08-24 15:42 . 2009-08-24 15:42 -------- d-----w- c:\archivos de programa\Windows Media Connect 2
2009-08-24 11:22 . 2009-08-23 23:25 1281456 ----a-w- c:\windows\system32\drivers\ahnsze.sys
2009-08-24 11:22 . 2009-08-21 18:31 1644208 ----a-w- c:\windows\system32\drivers\v3engine.sys
2009-08-23 19:04 . 2009-08-23 19:04 -------- d-----w- c:\archivos de programa\Panda Security
2009-08-23 18:42 . 2009-08-23 18:42 262 ----a-w- c:\windows\system32\PavCPL.dat
2009-08-23 18:42 . 2009-08-23 18:42 -------- d-----w- c:\archivos de programa\Prodigy Antivirus
2009-08-23 18:42 . 2004-05-07 13:44 -------- d--h--w- c:\archivos de programa\InstallShield Installation Information
2009-08-23 18:40 . 2009-08-19 07:23 -------- d-----w- c:\archivos de programa\Archivos comunes\Panda Software
2009-08-23 16:48 . 2009-08-23 16:47 -------- d-----w- c:\archivos de programa\QuickTime
2009-08-23 16:47 . 2009-08-23 16:47 -------- d-----w- c:\documents and settings\All Users\Datos de programa\Apple Computer
2009-08-23 16:47 . 2009-08-23 16:47 -------- d-----w- c:\archivos de programa\Apple Software Update
2009-08-23 16:47 . 2009-08-23 16:47 -------- d-----w- c:\documents and settings\All Users\Datos de programa\Apple
2009-08-23 16:03 . 2009-08-23 16:03 -------- d-----w- c:\documents and settings\Carlos\Datos de programa\AdobeUM
2009-08-21 22:20 . 2009-08-21 22:20 -------- d-----w- c:\documents and settings\Chelo\Datos de programa\AdobeUM
2009-08-21 18:28 . 2009-08-21 18:28 -------- d-----w- c:\archivos de programa\Archivos comunes\AhnLab
2009-08-21 16:08 . 2009-08-21 16:08 -------- d-----w- c:\archivos de programa\Philips
2009-08-21 14:56 . 2009-08-21 14:56 -------- d-----w- c:\archivos de programa\Archivos comunes\Real
2009-08-21 14:56 . 2009-08-21 14:56 -------- d-----w- c:\archivos de programa\Archivos comunes\xing shared
2009-08-21 14:56 . 2009-08-21 14:56 -------- d-----w- c:\archivos de programa\Real
2009-08-21 14:40 . 2009-08-21 14:40 -------- d-----w- c:\documents and settings\NetworkService\Datos de programa\aipstnhb
2009-08-21 14:05 . 2009-08-21 14:05 -------- d-----w- c:\documents and settings\Carlos\Datos de programa\aipstnhb
2009-08-19 22:44 . 2009-08-19 22:44 -------- d-----w- c:\documents and settings\Karla\Datos de programa\aipstnhb
2009-08-19 22:25 . 2009-08-19 22:25 206 ----a-w- c:\documents and settings\Karla\jlxsro.bat
2009-08-19 22:19 . 2009-08-19 22:19 206 ----a-w- c:\documents and settings\Karla\tvjdcx.bat
2009-08-19 21:49 . 2009-08-19 21:49 -------- d-----w- c:\documents and settings\All Users\Datos de programa\Office Genuine Advantage
2009-08-19 19:45 . 2009-08-19 19:45 -------- d-----w- c:\archivos de programa\Microsoft.NET
2009-08-19 16:41 . 2009-08-19 16:41 -------- d-----w- c:\archivos de programa\NVIDIA Corporation
2009-08-19 16:41 . 2009-08-19 16:41 -------- d-----w- c:\documents and settings\All Users\Datos de programa\NVIDIA Corporation
2009-08-19 16:36 . 2009-08-19 16:32 -------- d-----w- c:\archivos de programa\epson
2009-08-19 16:35 . 2009-08-19 16:33 -------- d-----w- c:\archivos de programa\Smart Panel
2009-08-19 15:19 . 2009-08-19 15:19 767328 ----a-w- c:\windows\system32\kdfinj.dll
2009-08-19 15:05 . 2009-08-19 15:05 -------- d-----w- c:\archivos de programa\AhnLab
2009-08-19 09:25 . 2009-08-19 09:25 664 ----a-w- c:\windows\system32\d3d9caps.dat
2009-08-19 09:06 . 2009-08-19 09:06 -------- d-----w- c:\archivos de programa\802.11 Wireless LAN
2009-08-19 07:57 . 2009-08-19 07:57 21035 ----a-w- c:\windows\system32\drivers\AegisP.sys
2009-08-19 07:42 . 2009-08-19 07:43 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-08-19 07:42 . 2004-05-07 14:27 -------- d-----w- c:\archivos de programa\Java
2009-08-19 07:26 . 2009-08-19 07:26 -------- d-----w- c:\documents and settings\All Users\Datos de programa\sentinel
2009-08-19 07:22 . 2004-05-10 17:06 -------- d-----w- c:\archivos de programa\Archivos comunes\Symantec Shared
2009-08-19 07:21 . 2004-05-10 17:06 -------- d-----w- c:\archivos de programa\Symantec
2009-08-19 07:10 . 2004-05-10 17:06 -------- d-----w- c:\documents and settings\All Users\Datos de programa\Symantec
2009-08-19 07:03 . 2009-08-19 07:03 552 ----a-w- c:\windows\system32\d3d8caps.dat
2009-08-19 06:28 . 2004-05-10 16:57 -------- d-----w- c:\documents and settings\All Users\Datos de programa\Sony Corporation
2009-08-19 06:27 . 2004-05-10 16:54 -------- d-----w- c:\archivos de programa\Sony
2009-08-19 06:26 . 2009-08-19 06:22 -------- d-----w- c:\archivos de programa\Archivos comunes\Adobe
2009-08-19 06:20 . 2004-05-07 14:28 -------- d-----w- c:\archivos de programa\Archivos comunes\Sony Shared
2009-08-19 06:20 . 2009-08-19 06:20 -------- d-----w- c:\documents and settings\All Users\Datos de programa\VAIO Media Platform
2009-08-19 06:20 . 2004-05-07 13:44 -------- d-----w- c:\archivos de programa\Archivos comunes\InstallShield
2009-08-19 06:16 . 2009-08-19 06:16 -------- d-----w- c:\archivos de programa\drag'n drop cd+dvd
2009-08-19 06:16 . 2009-08-19 06:16 -------- d-----w- c:\archivos de programa\InterVideo
2009-08-19 06:11 . 2009-08-19 06:11 0 ---ha-r- c:\windows\system32\drivers\Sony_PCV-RS43M(LA).mrk
2009-08-05 09:00 . 2009-08-19 06:22 205312 ----a-w- c:\windows\system32\mswebdvd.dll
2009-07-29 04:36 . 2004-05-07 21:58 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-07-29 04:36 . 2004-05-07 21:58 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-07-28 09:54 . 2009-08-19 15:19 133632 ----a-w- c:\windows\system32\drivers\Mkd2kfNT.sys
2009-07-17 19:03 . 2004-05-07 21:58 58880 ----a-w- c:\windows\system32\atl.dll
.

------- Sigcheck -------

[-] 2008-04-14 . E28818BD591F8AF8FBE9897472B9665E . 77824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\browser.dll
[-] 2008-04-14 . E28818BD591F8AF8FBE9897472B9665E . 77824 . . [5.1.2600.5512] . . c:\windows\system32\browser.dll
[-] 2004-08-19 . D01CFCC753B09E70F5B7622501FF5383 . 77312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\browser.dll

[-] 2008-04-14 . 618A4C7A7C0CA86DA884C8C0FACAD8C2 . 617472 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll
[-] 2008-04-14 . 618A4C7A7C0CA86DA884C8C0FACAD8C2 . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2008-04-14 . 08D17A982CD6191B34D1B8C8A2E694B6 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
[-] 2006-08-25 . 3E555C1ABB1F5DF1649B83B1878AC123 . 617472 . . [5.82] . . c:\windows\$NtServicePackUninstall$\comctl32.dll
[-] 2006-08-25 . 27CDCD592CCCBC1A5A62A0DE169B5BBB . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
[-] 2004-08-19 . EDA7A1054484AF5DD29A648081E93107 . 611328 . . [5.82] . . c:\windows\$NtUninstallKB923191$\comctl32.dll
[-] 2004-08-19 . A2126F1E83B97EEA496164748A9E3A8E . 1050624 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
[-] 2003-04-24 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\I386\ASMS\6000\MSFT\WINDOWS\COMMON\CONTROLS\COMCTL32.DLL
[-] 2003-04-24 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
[-] 2003-04-24 . 606F8CCD040C99CD0C3ABB001F42F763 . 921600 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805\comctl32.dll

[-] 2008-04-14 . E423C9C1946C656E0E4840210A0A8681 . 62464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\cryptsvc.dll
[-] 2008-04-14 . E423C9C1946C656E0E4840210A0A8681 . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll
[-] 2004-08-19 . 149CFFBF77CC1306FC535557CF513B91 . 60416 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\cryptsvc.dll
[-] 2003-04-24 12:00 . !HASH: COULD NOT OPEN FILE !!!!! . 53248 . . [------] . . c:\windows\$NtUninstallKB826939$\cryptsvc.dll

[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\asyncmac.sys
[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys
[-] 2004-08-04 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\asyncmac.sys

[-] 2003-04-24 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys

[-] 2008-04-14 . 188DDD286BC0DAEA6984858C6A4D7BBF . 25088 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kbdclass.sys
[-] 2008-04-14 . 188DDD286BC0DAEA6984858C6A4D7BBF . 25088 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys
[-] 2004-08-19 . 71BFDDA7B3006B45B18D8BAC92BC9993 . 25088 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\kbdclass.sys

[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ndis.sys
[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys
[-] 2004-08-04 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ndis.sys

[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntfs.sys
[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys
[-] 2004-08-04 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ntfs.sys
[-] 2003-04-24 . E3AE9C79498210A5F39FE5A9AD62BC55 . 561920 . . [5.1.2600.1106] . . c:\windows\I386\NTFS.SYS

[-] 2003-04-24 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys

[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
[-] 2006-04-20 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892] . . c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys
[-] 2006-04-20 . 1DBF125862891817F374F407626967F4 . 359808 . . [5.1.2600.2892] . . c:\windows\$NtServicePackUninstall$\tcpip.sys
[-] 2004-08-04 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB917953$\tcpip.sys

[-] 2008-07-07 20:27 . A225DD0D0489BD580781D19524A10B19 . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll
[-] 2008-07-07 20:27 . A225DD0D0489BD580781D19524A10B19 . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll
[-] 2008-07-07 20:25 . 6EC3C2A5CEA41B78BB55B30444292CB8 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
[-] 2008-04-14 02:18 . 76ABF3BB5A6D684641EC92B28240811D . 246272 . . [2001.12.4414.701] . . c:\windows\$NtUninstallKB950974$\es.dll
[-] 2008-04-14 02:18 . 76ABF3BB5A6D684641EC92B28240811D . 246272 . . [2001.12.4414.701] . . c:\windows\ServicePackFiles\i386\es.dll
[-] 2005-07-26 04:39 . F746B60F151FB18C48746229840D0114 . 243200 . . [2001.12.4414.308] . . c:\windows\SoftwareDistribution\Download\3ba5fa56e389dfb1c4d0a29bea7774d6\sp2gdr\es.dll
[-] 2005-07-26 04:38 . D60FA38B15820B4790375B616D6EBC81 . 227328 . . [2001.12.4414.62] . . c:\windows\SoftwareDistribution\Download\3ba5fa56e389dfb1c4d0a29bea7774d6\sp1qfe\es.dll
[-] 2005-07-26 04:29 . 0D0F85237E32538F58278D673032676A . 243200 . . [2001.12.4414.308] . . c:\windows\SoftwareDistribution\Download\3ba5fa56e389dfb1c4d0a29bea7774d6\sp2qfe\es.dll
[-] 2004-08-19 22:42 . 86F565E6FDD0C0776089D2F92AB1FC3F . 243200 . . [2001.12.4414.258] . . c:\windows\$NtServicePackUninstall$\es.dll
[-] 2003-04-24 12:00 . !HASH: COULD NOT OPEN FILE !!!!! . 225280 . . [------] . . c:\windows\$NtUninstallKB828741$\es.dll

[-] 2008-04-14 . 95DF6A7520912B1040F748A287EA382A . 110080 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\imm32.dll
[-] 2008-04-14 . 95DF6A7520912B1040F748A287EA382A . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll
[-] 2004-08-19 . BE2282FBEAFBB76577D47B06071139BB . 110080 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\imm32.dll

[-] 2009-03-21 . 7DC06BF4CBC3FCD7557D8D69DFBD49F5 . 1042944 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll
[-] 2009-03-21 . 7DC06BF4CBC3FCD7557D8D69DFBD49F5 . 1042944 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll
[-] 2009-03-21 . 97D5372816EC546BD035EDAEDB5E6918 . 1044992 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[-] 2008-04-14 . F43FE49CF77EC1CEF9DB9E67BDDB970F . 1042944 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426$\kernel32.dll
[-] 2008-04-14 . F43FE49CF77EC1CEF9DB9E67BDDB970F . 1042944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kernel32.dll
[-] 2006-07-05 . 104C9E03B077BF78AD2543827138E8AC . 1038336 . . [5.1.2600.2945] . . c:\windows\$hf_mig$\KB917422\SP2QFE\kernel32.dll
[-] 2006-07-05 . A3D705C5D5612792C804DD771608CBE6 . 1037312 . . [5.1.2600.2945] . . c:\windows\$NtServicePackUninstall$\kernel32.dll
[-] 2004-08-19 . 730DA000741545C7E5E176E1E9EA687D . 1036800 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB917422$\kernel32.dll

[-] 2008-04-14 . FB67F1E092AB9967D0CD17300D751874 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\linkinfo.dll
[-] 2008-04-14 . FB67F1E092AB9967D0CD17300D751874 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll
[-] 2005-09-01 . C4E7CEFD3802415865E631BE3AB6AC3B . 19968 . . [5.1.2600.2751] . . c:\windows\$hf_mig$\KB900725\SP2QFE\linkinfo.dll
[-] 2005-09-01 . EB7A3E05F297799847AACFA00B4B9218 . 19968 . . [5.1.2600.2751] . . c:\windows\$NtServicePackUninstall$\linkinfo.dll
[-] 2004-08-19 . 30FD47F2A925D0BB59792AB3920A1DAD . 18944 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB900725$\linkinfo.dll

[-] 2008-04-14 . 87F15A88AA3376B48F75D7D176B312A0 . 22016 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lpk.dll
[-] 2008-04-14 . 87F15A88AA3376B48F75D7D176B312A0 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll
[-] 2004-08-19 . 24B2A5D3EE366A3E9C1E0941363618C7 . 22016 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lpk.dll

[-] 2008-04-14 . 671ACA589DA3733FAC878A751C5BF0ED . 13312 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lsass.exe
[-] 2008-04-14 . 671ACA589DA3733FAC878A751C5BF0ED . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe
[-] 2004-08-19 . 2B0B88652C9F6714FD4886839B3B0442 . 13312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lsass.exe

[-] 2009-07-19 . 671EAF969638213A95BA3A88D0D896B8 . 5937152 . . [8.00.6001.18812] . . c:\windows\SoftwareDistribution\Download\0a070ec3d08c10bac197eb999f30bde7\SP3GDR\mshtml.dll
[-] 2009-07-19 . 671EAF969638213A95BA3A88D0D896B8 . 5937152 . . [8.00.6001.18812] . . c:\windows\system32\mshtml.dll
[-] 2009-07-19 . 671EAF969638213A95BA3A88D0D896B8 . 5937152 . . [8.00.6001.18812] . . c:\windows\system32\dllcache\mshtml.dll
[-] 2009-07-19 . 10C7D33C7CFD50D9D9F3ECE522F451AB . 5938176 . . [8.00.6001.22902] . . c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\mshtml.dll
[-] 2009-07-19 . 10C7D33C7CFD50D9D9F3ECE522F451AB . 5938176 . . [8.00.6001.22902] . . c:\windows\SoftwareDistribution\Download\0a070ec3d08c10bac197eb999f30bde7\SP3QFE\mshtml.dll
[-] 2009-07-18 . 88CCAF04428700ACBC38B646C1679D7E . 3090432 . . [6.00.2900.5848] . . c:\windows\ie8\mshtml.dll
[-] 2009-07-18 . 4870B28196C638B3B12ED63B9968CA75 . 3090944 . . [6.00.2900.5848] . . c:\windows\$hf_mig$\KB972260\SP3QFE\mshtml.dll
[-] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB972260-IE8\mshtml.dll
[-] 2008-04-14 . 85B88C504D1527978F1C2FBE6A41E799 . 3066880 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB972260$\mshtml.dll
[-] 2008-04-14 . 85B88C504D1527978F1C2FBE6A41E799 . 3066880 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\mshtml.dll
[-] 2006-06-30 17:38 . 20A4D4AB4DA4CB2F5FE98CF61673C114 . 2710528 . . [6.00.2800.1562] . . c:\windows\SoftwareDistribution\Download\ccefbbb327790854d0d5a9e49d76b96a\RTMQFE\mshtml.dll
[-] 2006-06-30 15:52 . B936DEACC98C18437059DDFB38ADF807 . 2703872 . . [6.00.2800.1561] . . c:\windows\SoftwareDistribution\Download\ccefbbb327790854d0d5a9e49d76b96a\rtmgdr\mshtml.dll
[-] 2004-08-19 . 704A274451F90D166DEAF4ED3AEAE14E . 3003392 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\mshtml.dll

[-] 2008-06-20 . 738AE6EEE9531C826E212BF686B0C5E5 . 248320 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll
[-] 2008-06-20 . 738AE6EEE9531C826E212BF686B0C5E5 . 248320 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll
[-] 2008-06-20 . DC10B07F256C8EDF6642015E380C741E . 248320 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
[-] 2008-04-14 . AD893C9D3A09081D55A4BDFBC66AD592 . 248320 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\mswsock.dll
[-] 2008-04-14 . AD893C9D3A09081D55A4BDFBC66AD592 . 248320 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\mswsock.dll
[-] 2004-08-19 . 10558FED65AAA5DC95125E069AE65036 . 248320 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\mswsock.dll

[-] 2008-04-14 . CD2BBB52DFAAB666B812A51B1E96F2A0 . 407040 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netlogon.dll
[-] 2008-04-14 . CD2BBB52DFAAB666B812A51B1E96F2A0 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll
[-] 2004-08-19 . 7FD182B1B80117C353983565D60B1CAF . 407040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netlogon.dll

[-] 2008-04-14 . A48884C9359EE9F1FC8F3F0D93FB1D95 . 198144 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netman.dll
[-] 2008-04-14 . A48884C9359EE9F1FC8F3F0D93FB1D95 . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll
[-] 2005-08-22 . 7BDB3A1B78A33455F3704AA12B9A0FE1 . 197632 . . [5.1.2600.2743] . . c:\windows\$NtServicePackUninstall$\netman.dll
[-] 2005-08-22 . 157B6FCB58270E3DF3ED67D316DCECE0 . 197632 . . [5.1.2600.2743] . . c:\windows\$hf_mig$\KB905414\SP2QFE\netman.dll
[-] 2004-08-19 . 25128473F0D3FD431F74CC5BAFA123CA . 198144 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB905414$\netman.dll

[-] 2009-02-11 . 6BC8E4AAFC98B556B8FB616AD30CD5A3 . 2191616 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[-] 2009-02-09 . 0A413FFFE5C2FC00D5F8F6FF4B3F6889 . 2191488 . . [5.1.2600.5755] . . c:\windows\Driver Cache\i386\ntoskrnl.exe
[-] 2009-02-09 . 0A413FFFE5C2FC00D5F8F6FF4B3F6889 . 2191488 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\ntoskrnl.exe
[-] 2009-02-09 . 2D8C2432BEA47DB81880C468DCB4DE9E . 2147840 . . [5.1.2600.5755] . . c:\windows\system32\ntoskrnl.exe
[-] 2008-04-14 . 6468827016FA22CAE81D7059F1A974C0 . 2191360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntoskrnl.exe
[-] 2008-04-14 . 5865859247703A0E7211267AB92A02B7 . 2147840 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntoskrnl.exe
[-] 2005-03-02 . 39C0091FD92038A4671C7D8791BD996E . 2181888 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe
[-] 2005-03-02 . D5917EA3E42A67953213805F8E50CCD7 . 2138112 . . [5.1.2600.2622] . . c:\windows\$NtServicePackUninstall$\ntoskrnl.exe
[-] 2004-08-19 . DEC879BE42071616F07F73B4CF0C367B . 2150912 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\ntoskrnl.exe
[-] 2003-04-24 12:00 . !HASH: COULD NOT OPEN FILE !!!!! . 2044544 . . [------] . . c:\windows\$NtUninstallKB826939$\ntoskrnl.exe

[-] 2008-04-14 . 56DE6FD410B277C4345D7A2C3414DB64 . 17408 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\powrprof.dll
[-] 2008-04-14 . 56DE6FD410B277C4345D7A2C3414DB64 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll
[-] 2004-08-19 . 75EFF6383C2F9BC1198C5351754D27AC . 17408 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\powrprof.dll

[-] 2008-04-14 . 8EE9639C01B92490E09638CAA1B16C3C . 409088 . . [6.7.2600.5512] . . c:\windows\ServicePackFiles\i386\qmgr.dll
[-] 2008-04-14 . 8EE9639C01B92490E09638CAA1B16C3C . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll
[-] 2008-04-14 . 8EE9639C01B92490E09638CAA1B16C3C . 409088 . . [6.7.2600.5512] . . c:\windows\system32\bits\qmgr.dll
[-] 2004-08-19 . 02451268DC47E4DC228210DA0E3C3274 . 382464 . . [6.6.2600.2180] . . c:\windows\$NtServicePackUninstall$\qmgr.dll
[-] 2003-04-24 . 08CE366B9C953931A4C88F4C8402056C . 222720 . . [6.2.2600.1106] . . c:\windows\$NtUninstallKB842773$\qmgr.dll

[-] 2009-02-09 . AEF41FC6F108CC4F94F9B4E96AFA9C70 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[-] 2009-02-09 . 97869C55F562B777987100EA30AD8108 . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll
[-] 2009-02-09 . 97869C55F562B777987100EA30AD8108 . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll
[-] 2008-04-14 . 53D02EFFA72CA5C57687BEE20610ABA6 . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\rpcss.dll
[-] 2008-04-14 . 53D02EFFA72CA5C57687BEE20610ABA6 . 399360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rpcss.dll
[-] 2005-07-26 . 976254AD656275E76D88A6247F364E66 . 397824 . . [5.1.2600.2726] . . c:\windows\SoftwareDistribution\Download\3ba5fa56e389dfb1c4d0a29bea7774d6\sp2gdr\rpcss.dll
[-] 2005-07-26 . 09958DCE08CE19D4AA4B98C913722378 . 276992 . . [5.1.2600.1720] . . c:\windows\SoftwareDistribution\Download\3ba5fa56e389dfb1c4d0a29bea7774d6\sp1qfe\rpcss.dll
[-] 2005-07-26 . 78793AAE30E77A07D6C5A378D163B909 . 398336 . . [5.1.2600.2726] . . c:\windows\SoftwareDistribution\Download\3ba5fa56e389dfb1c4d0a29bea7774d6\sp2qfe\rpcss.dll
[-] 2005-01-14 . 9198D6916237BEABF2316AA3F6F5BDB0 . 395776 . . [5.1.2600.2595] . . c:\windows\$NtServicePackUninstall$\rpcss.dll
[-] 2005-01-14 . 0A2452E3786E4C4F3467580FA6D8905B . 395776 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\rpcss.dll
[-] 2004-08-19 . 86945706EBF0460631917E967BAB3CC4 . 395776 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB873333$\rpcss.dll
[-] 2003-08-25 20:35 . !HASH: COULD NOT OPEN FILE !!!!! . 260608 . . [------] . . c:\windows\$NtUninstallKB826939$\rpcss.dll
[-] 2003-08-25 20:35 . !HASH: COULD NOT OPEN FILE !!!!! . 260608 . . [------] . . c:\windows\$NtUninstallKB828741$\rpcss.dll
[-] 2003-04-24 . C72081ECEF138F42FF51470B2C88B744 . 260608 . . [5.1.2600.1106] . . c:\windows\$NtUninstallKB824146$\rpcss.dll

[-] 2008-04-14 . B6BE3C96CD33336A551DB3F2299A8E69 . 185856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\scecli.dll
[-] 2008-04-14 . B6BE3C96CD33336A551DB3F2299A8E69 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll
[-] 2004-08-19 . C6347748F2E9F310EA1E1915482ABFEF . 184832 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\scecli.dll

[-] 2009-02-09 . 953DF7327510DF0DE048B8E80E504EF9 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\services.exe
[-] 2009-02-09 . 953DF7327510DF0DE048B8E80E504EF9 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe
[-] 2009-02-09 . AA6E1769469F9D15603A619FC1FB9E18 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[-] 2008-04-14 . D658A8C2FC7B2AD53D1259741A09EE04 . 109056 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\services.exe
[-] 2008-04-14 . D658A8C2FC7B2AD53D1259741A09EE04 . 109056 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe
[-] 2004-08-19 . F9852F505E0699BB83D5C6321917040B . 108544 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\services.exe

[-] 2008-04-14 . D5AC9FA63EBEFD7AACCB14BA0DB1BAC3 . 5120 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfc.dll
[-] 2008-04-14 . D5AC9FA63EBEFD7AACCB14BA0DB1BAC3 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll
[-] 2004-08-19 . CA557E5E31C7BCFC2CB61CCFE9F6C945 . 5120 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfc.dll

[-] 2008-04-14 . CDD2DC6AE65084481E723E746C20539A . 57856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\spoolsv.exe
[-] 2008-04-14 . CDD2DC6AE65084481E723E746C20539A . 57856 . . [5.1.2600.5512] . . c:\windows\system32\spoolsv.exe
[-] 2005-06-11 . AD3D9D191AEA7B5445FE1D82FFBB4788 . 57856 . . [5.1.2600.2696] . . c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
[-] 2005-06-10 . DA81EC57ACD4CDC3D4C51CF3D409AF9F . 57856 . . [5.1.2600.2696] . . c:\windows\$NtServicePackUninstall$\spoolsv.exe
[-] 2004-08-19 . 1CF5AF263287CF6FEBF31539833EAF4A . 57856 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB896423$\spoolsv.exe

[-] 2008-04-14 . 4F2340F0BD5B6365C38E74DD391919A8 . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\svchost.exe
[-] 2008-04-14 . 4F2340F0BD5B6365C38E74DD391919A8 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe
[-] 2004-08-19 . FA03E1FC17F38FBDBA81470D08B3E416 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\svchost.exe

[-] 2008-04-14 . 04A5B8EA326951DB27DF60A14F2999FF . 249856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tapisrv.dll
[-] 2008-04-14 . 04A5B8EA326951DB27DF60A14F2999FF . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll
[-] 2005-07-08 . 861E25215BA370D4CA9337C2BC0E647F . 249344 . . [5.1.2600.2716] . . c:\windows\$hf_mig$\KB893756\SP2QFE\tapisrv.dll
[-] 2005-07-08 . FB0794BE642E50D2284A8841043B5867 . 249344 . . [5.1.2600.2716] . . c:\windows\$NtServicePackUninstall$\tapisrv.dll
[-] 2004-08-19 . C2DC3F102C351FA6D4BDAF2B927EAFC2 . 246272 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB893756$\tapisrv.dll

[-] 2008-04-14 . DA8898129E0075C7DE4DEE457514A73C . 579584 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll
[-] 2008-04-14 . DA8898129E0075C7DE4DEE457514A73C . 579584 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[-] 2005-03-02 . 37CE819E8ECB3517B9981A886876EF72 . 578048 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll
[-] 2005-03-02 . DDA46F3DBCF32727E93976B09FBB0E83 . 578048 . . [5.1.2600.2622] . . c:\windows\$NtServicePackUninstall$\user32.dll
[-] 2004-08-19 . 5D5C9CC377A70D036816E7EA55F3CA73 . 578048 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\user32.dll
[-] 2003-04-24 12:00 . !HASH: COULD NOT OPEN FILE !!!!! . 561152 . . [------] . . c:\windows\$NtUninstallKB826939$\user32.dll
[-] 2002-11-22 19:31 . !HASH: COULD NOT OPEN FILE !!!!! . 529920 . . [------] . . c:\windows\$NtUninstallKB824141$\user32.dll

[-] 2008-04-14 . F5B8745B9A90EAF17E30C0574E049AA3 . 26624 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\userinit.exe
[-] 2008-04-14 . F5B8745B9A90EAF17E30C0574E049AA3 . 26624 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe
[-] 2004-08-19 . 7B30B4D55B4562C733A5DDF6D6F72B3F . 25088 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\userinit.exe

[-] 2009-07-03 . 8F6A726D4643272F26FFCE8A4FA673DF . 915456 . . [8.00.6001.22896] . . c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\wininet.dll
[-] 2009-07-03 . 8F6A726D4643272F26FFCE8A4FA673DF . 915456 . . [8.00.6001.22896] . . c:\windows\SoftwareDistribution\Download\0a070ec3d08c10bac197eb999f30bde7\SP3QFE\wininet.dll
[-] 2009-07-03 . A4FC622288C2331B6D25FB7F1CBB03E2 . 915456 . . [8.00.6001.18806] . . c:\windows\SoftwareDistribution\Download\0a070ec3d08c10bac197eb999f30bde7\SP3GDR\wininet.dll
[-] 2009-07-03 . A4FC622288C2331B6D25FB7F1CBB03E2 . 915456 . . [8.00.6001.18806] . . c:\windows\system32\wininet.dll
[-] 2009-07-03 . A4FC622288C2331B6D25FB7F1CBB03E2 . 915456 . . [8.00.6001.18806] . . c:\windows\system32\dllcache\wininet.dll
[-] 2009-06-26 . F032FBCBA859642CFFC3A72F93A77317 . 669184 . . [6.00.2900.5835] . . c:\windows\ie8\wininet.dll
[-] 2009-06-26 . F7DA1ABB4F650C1E1480B4E8DB0A4166 . 670720 . . [6.00.2900.5835] . . c:\windows\$hf_mig$\KB972260\SP3QFE\wininet.dll
[-] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB972260-IE8\wininet.dll
[-] 2008-04-14 . A9A84CFC20D5F4C609E9CBF9491B8DF6 . 668672 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB972260$\wininet.dll
[-] 2008-04-14 . A9A84CFC20D5F4C609E9CBF9491B8DF6 . 668672 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\wininet.dll
[-] 2006-06-23 19:46 . 6F1FB4C3043237472566DDB4A1B2972A . 591872 . . [6.00.2800.1560] . . c:\windows\SoftwareDistribution\Download\ccefbbb327790854d0d5a9e49d76b96a\RTMQFE\wininet.dll
[-] 2006-06-23 18:28 . 52DDEAE11E39BA0526E87BDF73B443EA . 579584 . . [6.00.2800.1559] . . c:\windows\SoftwareDistribution\Download\ccefbbb327790854d0d5a9e49d76b96a\rtmgdr\wininet.dll
[-] 2004-08-19 . 80BB109560A23B9C18427855CA5305E6 . 658944 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\wininet.dll

[-] 2008-04-14 . 213C80D912880BBF04453D09FFCCB28C . 510976 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe
[-] 2008-04-14 . 213C80D912880BBF04453D09FFCCB28C . 510976 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[-] 2004-08-19 . FCB59D25D628B4D3181DC816D14679DD . 505344 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\winlogon.exe

[-] 2008-04-14 . 22DB5B3DA7005C6472D35BEF3FFDA5EC . 82432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2_32.dll
[-] 2008-04-14 . 22DB5B3DA7005C6472D35BEF3FFDA5EC . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll
[-] 2004-08-19 . B4A90738BA4355F187BD26D6C112082B . 82944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2_32.dll

[-] 2008-04-14 . 7522F548A84ABAD8FA516DE5AB3931EF . 1036288 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 7522F548A84ABAD8FA516DE5AB3931EF . 1036288 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2004-08-19 . 89C8DD146CEAF482D82822766437D93F . 1034752 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\explorer.exe
[-] 2003-04-24 . 64764B2B0B0314932AA8EC10C30EB2AE . 1006592 . . [6.00.2800.1106] . . c:\windows\$NtUninstallKB825121$\explorer.exe

[-] 2008-04-14 . 0F021B29E0C2C9D897258399FB2149CD . 343040 . . [7.0.2600.5512] . . c:\windows\ServicePackFiles\i386\msvcrt.dll
[-] 2008-04-14 . 0F021B29E0C2C9D897258399FB2149CD . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll
[-] 2008-04-14 . B1CB86D70023988360DA136B317D8546 . 343040 . . [7.0.2600.5512] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
[-] 2004-08-19 . 3CDD949F8340F06FD99667B4F75409D0 . 343040 . . [7.0.2600.2180] . . c:\windows\$NtServicePackUninstall$\msvcrt.dll
[-] 2004-08-19 . C19174138C9DAB560E4324374C5F739E . 343040 . . [7.0.2600.2180] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll
[-] 2003-04-24 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\I386\ASMS\7000\MSFT\WINDOWS\MSWINCRT\MSVCRT.DLL
[-] 2003-04-24 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll
[-] 2003-04-24 . 1B2C477D8847E4123DD8761D2E9008F7 . 323072 . . [7.0.2600.1106] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.10.0_x-ww_d8862ba3\msvcrt.dll

[-] 2008-04-14 . 0F30EEC6013FCF76693405EC4A7DF899 . 171520 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll
[-] 2008-04-14 . 0F30EEC6013FCF76693405EC4A7DF899 . 171520 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2004-08-19 . C791D16BF25264738B14873436293BD0 . 171008 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll

[-] 2008-04-14 . B2718EC9DC738E915D4177498E92BC4D . 13824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wscntfy.exe
[-] 2008-04-14 . B2718EC9DC738E915D4177498E92BC4D . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe
[-] 2004-08-19 . 9C90A6DBE5D43E189F199172675D6312 . 13824 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wscntfy.exe

[-] 2008-04-14 . 14FDADCF05A37582399DAF1DA1DE1C7B . 129024 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\xmlprov.dll
[-] 2008-04-14 . 14FDADCF05A37582399DAF1DA1DE1C7B . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll
[-] 2004-08-19 . 843E0DB8042A8C0D749EB2B9EFA54F24 . 129536 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\xmlprov.dll

[-] 2008-04-14 . 2744C713F0217BD8FFD13E2EF731371C . 56320 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\eventlog.dll
[-] 2008-04-14 . 2744C713F0217BD8FFD13E2EF731371C . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll
[-] 2004-08-19 . 5696DF4EF09C375CE42FB2DDE1E68AB7 . 55808 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\eventlog.dll

[-] 2008-04-14 . 2A1E1DF559B291583903D2F9CC504522 . 1572352 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfcfiles.dll
[-] 2008-04-14 . 2A1E1DF559B291583903D2F9CC504522 . 1572352 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
[-] 2004-08-19 . AAFD7382D64710AE3A6F1DEE5020CF19 . 1548800 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfcfiles.dll

[-] 2008-04-14 . DAAE1CB1B1875B760496E7D3336DA1AD . 15360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2008-04-14 . DAAE1CB1B1875B760496E7D3336DA1AD . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
[-] 2004-08-19 . 25ECFA69AF1563FDE8DFD31F9954497A . 15360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe

[-] 2008-04-14 . E424F05B07AC4357DC08D06218D76C7C . 59904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regsvc.dll
[-] 2008-04-14 . E424F05B07AC4357DC08D06218D76C7C . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll
[-] 2004-08-19 . D025E953864EBEBAB5933086D15C4FC6 . 59904 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regsvc.dll

[-] 2008-04-14 . 51BE25C404D3DD344C6079DE715E4977 . 193536 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\schedsvc.dll
[-] 2008-04-14 . 51BE25C404D3DD344C6079DE715E4977 . 193536 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll
[-] 2004-08-19 . 0125649B3C00D037E07FD7BCEF7B653B . 192000 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\schedsvc.dll

[-] 2008-04-14 . CA70EDBF32032EA53F114CB930741CB5 . 135168 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\shsvcs.dll
[-] 2008-04-14 . CA70EDBF32032EA53F114CB930741CB5 . 135168 . . [6.00.2900.5512] . . c:\windows\system32\shsvcs.dll
[-] 2004-08-19 . DBCF824BA771A1F27E6F5124D0516358 . 134656 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\shsvcs.dll

[-] 2008-04-14 . B622A432EF02895DE4AA38AC8B85FA4C . 71680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ssdpsrv.dll
[-] 2008-04-14 . B622A432EF02895DE4AA38AC8B85FA4C . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll
[-] 2004-08-19 . 4AFF5EA8BF2362C3D5001295FDEB3ABD . 71680 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ssdpsrv.dll

[-] 2008-04-14 . 288B20D56D5F0EC4BCC77FBFA5A81740 . 296960 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\termsrv.dll
[-] 2008-04-14 . 288B20D56D5F0EC4BCC77FBFA5A81740 . 296960 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll
[-] 2004-08-19 . C2038466BE5A6A76EFD592FA0B459E17 . 296960 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\termsrv.dll

[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\agp440.sys
[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\system32\drivers\agp440.sys
[-] 2004-08-04 . 2C428FA0C3E3A01ED93C9B2A27D8D4BB . 42368 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\agp440.sys

[-] 2003-04-24 . 1C905333C0B9F3D7C68DDF25E54B00F9 . 12032 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys

[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ServicePackFiles\i386\aec.sys
[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys
[-] 2004-08-04 05:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\$NtServicePackUninstall$\aec.sys

[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ip6fw.sys
[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys
[-] 2004-08-04 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ip6fw.sys

[-] 2008-04-14 02:18 . 27415CEEB58C8C2F92AFF8CFE2517A3C . 927504 . . [4.1.0.61] . . c:\windows\ServicePackFiles\i386\mfc40u.dll
[-] 2008-04-14 02:18 . 27415CEEB58C8C2F92AFF8CFE2517A3C . 927504 . . [4.1.0.61] . . c:\windows\system32\mfc40u.dll
[-] 2003-04-24 12:00 . F1197F879AF9ED702D3E6EBCD3B99107 . 924432 . . [4.1.6140] . . c:\windows\$NtServicePackUninstall$\mfc40u.dll

[-] 2008-04-14 . 047E70B04B288439245DDC8DD1A31982 . 33792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msgsvc.dll
[-] 2008-04-14 . 047E70B04B288439245DDC8DD1A31982 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll
[-] 2004-08-19 . CA33F6547C49E749E47FB6A0D1DBE192 . 33792 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msgsvc.dll
[-] 2003-04-24 12:00 . !HASH: COULD NOT OPEN FILE !!!!! . 34304 . . [------] . . c:\windows\$NtUninstallKB828035$\msgsvc.dll

[-] 2008-04-14 02:18 . 57CF215B0250DE0C4AE36ABC8AE31BE4 . 52736 . . [9.0.1.56] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll
[-] 2006-10-19 02:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll
[-] 2006-10-19 02:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\dllcache\mspmsnsv.dll
[-] 2005-01-28 13:53 . 140EF97B64F560FD78643CAE2CDAD838 . 25088 . . [10.0.3790.3802] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll
[-] 2005-01-28 13:53 . 140EF97B64F560FD78643CAE2CDAD838 . 25088 . . [10.0.3790.3802] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll
[-] 2004-08-19 22:42 . 7BB55C1143F8270467928AA843A48192 . 52736 . . [9.0.1.56] . . c:\windows\$NtServicePackUninstall$\mspmsnsv.dll
[-] 2004-08-19 22:42 . 7BB55C1143F8270467928AA843A48192 . 52736 . . [9.0.1.56] . . c:\windows\ServicePackFiles\i386\mspmsnsv.dll

[-] 2009-02-11 . 2050C3BAB913974643D43C1A414CACB5 . 2068480 . . [5.1.2600.5755] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe
[-] 2009-02-11 . 2050C3BAB913974643D43C1A414CACB5 . 2068480 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\ntkrnlpa.exe
[-] 2009-02-09 . E1CC2E793C0A50D18BFAEB2A0C5A8762 . 2026496 . . [5.1.2600.5755] . . c:\windows\system32\ntkrnlpa.exe
[-] 2009-02-09 . 9B5E5D325CEDBB10A9A86679634A38CC . 2068608 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[-] 2008-04-14 . B4604169BB187939CAE61D62B41E85E0 . 2026496 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe
[-] 2008-04-14 . 2E2931A58B112CDF2A99B00B5DACDBE4 . 2068224 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntkrnlpa.exe
[-] 2005-03-02 . 03550E4B6C37D2D31A029E95CCA0354B . 2059264 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe
[-] 2005-03-02 . EFE0662D7F3D16C5058A00A328D79C6E . 2017792 . . [5.1.2600.2622] . . c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe
[-] 2004-08-19 . 90AA698B03FAFEE217268AB443D7B4A9 . 2017792 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\ntkrnlpa.exe
[-] 2003-04-24 12:00 . !HASH: COULD NOT OPEN FILE !!!!! . 1950208 . . [------] . . c:\windows\$NtUninstallKB826939$\ntkrnlpa.exe

[-] 2008-04-14 02:18 . D60C40D71A4D874C903255E4827AFA0C . 437760 . . [5.1.2400.5512] . . c:\windows\ServicePackFiles\i386\ntmssvc.dll
[-] 2008-04-14 02:18 . D60C40D71A4D874C903255E4827AFA0C . 437760 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll
[-] 2004-08-19 22:42 . 395948DEE2B0F534A8C70687CC6DD7CA . 437760 . . [5.1.2400.2180] . . c:\windows\$NtServicePackUninstall$\ntmssvc.dll

[-] 2008-04-14 . 7594203F459ABDB5FE53C08D6B1BD53B . 186368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\upnphost.dll
[-] 2008-04-14 . 7594203F459ABDB5FE53C08D6B1BD53B . 186368 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll
[-] 2004-08-19 . 4B48358383940F6E559DA2F64753029F . 185344 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\upnphost.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\archivos de programa\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2003-11-15 335872]
"IgfxTray"="c:\windows\System32\igfxtray.exe" [2003-04-07 155648]
"HotKeysCmds"="c:\windows\System32\hkcmd.exe" [2003-04-07 114688]
"VAIO Update 2"="c:\archivos de programa\Sony\VAIO Update 2\VAIOUpdt.exe" [2004-01-17 135168]
"ezShieldProtector for Px"="c:\windows\System32\ezSP_Px.exe" [2002-08-20 40960]
"VAIOSurvey"="c:\archivos de programa\Sony\VAIO Survey\LASurvey.exe" [2003-08-20 765952]
"VAIO Recovery"="c:\windows\Sonysys\VAIO Recovery\PartSeal.exe" [2003-12-15 28672]
"SunJavaUpdateSched"="c:\archivos de programa\Java\jre6\bin\jusched.exe" [2009-08-19 149280]
"Ink Monitor"="c:\archivos de programa\EPSON\Ink Monitor\InkMonitor.exe" [2004-05-05 262210]
"nwiz"="c:\archivos de programa\NVIDIA Corporation\nView\nwiz.exe" [2009-07-09 1657376]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-14 13877248]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-07-14 86016]
"TkBellExe"="c:\archivos de programa\Archivos comunes\Real\Update_OB\realsched.exe" [2009-08-21 198160]
"QuickTime Task"="c:\archivos de programa\QuickTime\qttask.exe" [2009-05-26 413696]
"APVXDWIN"="c:\archivos de programa\Prodigy Antivirus\Prodigy Antivirus\APVXDWIN.EXE" [2007-10-04 455984]
"Google Quick Search Box"="c:\archivos de programa\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2009-09-22 122368]
"Malwarebytes Anti-Malware (reboot)"="c:\archivos de programa\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"AGRSMMSG"="AGRSMMSG.exe" - c:\windows\AGRSMMSG.exe [2003-05-23 88363]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Pap*\Men£ Inicio\Programas\Inicio\
ERUNT AutoBackup.lnk - c:\archivos de programa\ERUNT\AUTOBACK.EXE [2005-10-20 38912]

c:\documents and settings\All Users\Men£ Inicio\Programas\Inicio\
Wireless Configuration Utility HW.14.lnk - c:\archivos de programa\802.11 Wireless LAN\802.11g Wireless USB 2.0 Adapter HW.14 V.1.00\WlanCU.exe [2006-9-12 569344]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\archivos de programa\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-10-10 13:04 548352 ----a-w- c:\archivos de programa\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
2007-02-16 00:02 50736 ----a-w- c:\windows\system32\avldr.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Archivos de programa\\Sony\\click to dvd 2\\CtoDvd.exe"=

R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [10/10/2009 07:08 a.m. 28544]
R1 SASDIFSV;SASDIFSV;c:\archivos de programa\SUPERAntiSpyware\sasdifsv.sys [05/08/2009 04:06 p.m. 9968]
R1 SASKUTIL;SASKUTIL;c:\archivos de programa\SUPERAntiSpyware\SASKUTIL.SYS [05/08/2009 04:06 p.m. 74480]
R1 ShldDrv;Panda File Shield Driver;c:\windows\system32\drivers\ShlDrv51.sys [23/08/2009 01:40 p.m. 38968]
R2 cpuz132;cpuz132;c:\windows\system32\drivers\cpuz132_x32.sys [15/09/2009 07:26 p.m. 12672]
R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [19/08/2009 02:57 a.m. 38144]
R2 PavProc;Panda Process Protection Driver;c:\windows\system32\drivers\PavProc.sys [23/08/2009 01:40 p.m. 178872]
R2 VAIO Entertainment File Import Service;VAIO Entertainment File Import Service;c:\archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe [19/08/2009 01:19 a.m. 86098]
S3 AhnRghNt;AhnRghNt;c:\windows\system32\drivers\ahnRghNT.sys [23/08/2009 06:25 p.m. 28288]
S3 AhnSZE;AhnSZE;c:\windows\system32\drivers\ahnsze.sys [23/08/2009 06:25 p.m. 1281456]
S3 ASZFltNt;ASZFltNt;\??\c:\archiv~1\AhnLab\ASP\SpyZero\ASZFltNt.sys --> c:\archiv~1\AhnLab\ASP\SpyZero\ASZFltNt.sys [?]
S3 Mkd2kfNt;Mkd2kfNt;c:\windows\system32\drivers\Mkd2kfNT.sys [19/08/2009 10:19 a.m. 133632]
S3 Mkd2Nadr;Mkd2Nadr;c:\windows\system32\drivers\Mkd2Nadr.sys [19/08/2009 10:19 a.m. 79360]
S3 RTLWUSB;802.11g USB 2.0 WLAN Dongle;c:\windows\system32\drivers\RTL8187.sys [11/01/2007 10:16 p.m. 169472]
S3 SASENUM;SASENUM;c:\archivos de programa\SUPERAntiSpyware\SASENUM.SYS [05/08/2009 04:06 p.m. 7408]
S3 VAIO Entertainment UPnP Client Adapter;VAIO Entertainment UPnP Client Adapter;c:\archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe -RunBySCM --> c:\archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe -RunBySCM [?]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - RZXUWDOC
*Deregistered* - rzxuwdoc

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
bkfqpioi

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-08-23 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\archivos de programa\Apple Software Update\SoftwareUpdate.exe [2008-07-30 17:34]

2009-10-14 c:\windows\Tasks\User_Feed_Synchronization-{8E30AB05-3BEF-462D-882A-4215B2FBBE5A}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 09:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.mx/
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportar a Microsoft Excel - c:\archiv~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
LSP: c:\archivos de programa\Prodigy Antivirus\Prodigy Antivirus\pavlsp.dll
DPF: {A1D886C6-4039-4451-97A9-515F5BE5D4C2} - hxxps://boveda.banamex.com.mx/mkdplus.cab
.
- - - - ORPHANS REMOVED - - - -

BHO-{E2315096-5869-42DA-8FAA-C78BE4E0401C} - (no file)
HKLM-Run-SearchSettings - c:\archivos de programa\Search Settings\SearchSettings.exe
AddRemove-Patrician III - Imperio de los Mares - c:\windows\Desinstalar Patrician III - Imperio de los Mares.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-14 05:56
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|ÿÿÿÿÀ•€|ù•9~*]
"A0C0110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(664)
c:\archivos de programa\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
c:\windows\system32\avldr.dll

- - - - - - - > 'explorer.exe'(6428)
c:\windows\system32\WININET.dll
c:\archivos de programa\Google\Quick Search Box\bin\1.2.1150.158\qsb.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\archivos de programa\Prodigy Antivirus\Prodigy Antivirus\PAVSRV51.EXE
c:\archivos de programa\Prodigy Antivirus\Prodigy Antivirus\AVENGINE.EXE
c:\archivos de programa\Java\jre6\bin\jqs.exe
c:\archivos de programa\Prodigy Antivirus\Prodigy Antivirus\PsCtrlS.exe
c:\archivos de programa\Archivos comunes\Panda Software\PavShld\PavPrSrv.exe
c:\archivos de programa\Prodigy Antivirus\Prodigy Antivirus\PsImSvc.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\rundll32.exe
.
**************************************************************************
.
Completion time: 2009-10-14 6:03 - machine was rebooted
ComboFix-quarantined-files.txt 2009-10-14 11:03

Pre-Run: 33,231,953,920 bytes libres
Post-Run: 34,957,340,672 bytes libres

543 --- E O F --- 2009-09-17 02:24

[Shaba]

Please install recovery console manually as described in my link, rerun combofix and post back fresh logs (copy/pasted into reply)

[csnomolas]

I installed recovery console manually as described in your link, i rerun combofix and HJT(attached) the fresh logs are:

ComboFix 09-10-13.01 - Papá 14/10/2009 15:28.2.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.34.3082.18.767.377 [GMT -5:00]
Running from: c:\documents and settings\Papá\Mis documentos\down\ComboFix.exe
Command switches used :: c:\documents and settings\Papá\Mis documentos\down\WindowsXP-KB310994-SP2-Home-BootDisk-ESN.exe
AV: Prodigy Antivirus *On-access scanning disabled* (Updated) {EEE2D94A-D4C1-421A-AB2C-2CE8FE51747A}
.

((((((((((((((((((((((((( Files Created from 2009-09-14 to 2009-10-14 )))))))))))))))))))))))))))))))
.

2009-10-12 23:55 . 2009-10-12 23:55 -------- d-----w- c:\archivos de programa\ERUNT
2009-10-12 22:07 . 2009-10-12 22:07 -------- d-----w- c:\documents and settings\Carlos\Datos de programa\Malwarebytes
2009-10-11 21:47 . 2009-10-11 21:47 -------- d-----w- c:\windows\Downloaded Installations
2009-10-11 19:08 . 2009-10-11 19:08 -------- d-----w- c:\documents and settings\Karla\Datos de programa\Malwarebytes
2009-10-11 13:00 . 2009-09-10 19:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-11 13:00 . 2009-10-11 13:00 -------- d-----w- c:\archivos de programa\Malwarebytes' Anti-Malware
2009-10-11 13:00 . 2009-10-11 13:00 -------- d-----w- c:\documents and settings\All Users\Datos de programa\Malwarebytes
2009-10-11 13:00 . 2009-09-10 19:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-10 18:55 . 2009-10-10 18:55 -------- d-----w- c:\archivos de programa\Trend Micro
2009-10-10 13:26 . 2003-04-24 12:00 259184 -c--a-w- c:\windows\system32\dllcache\winhelp.exe
2009-10-10 12:08 . 2008-06-19 22:24 28544 ----a-w- c:\windows\system32\drivers\pavboot.sys
2009-10-01 20:36 . 2009-10-01 20:36 -------- d-----w- c:\documents and settings\Carlos\Datos de programa\Search Settings
2009-09-30 02:20 . 2009-09-30 02:20 -------- d-----w- c:\documents and settings\Chelo\Datos de programa\Search Settings
2009-09-21 02:01 . 2009-09-22 07:40 -------- d-----w- c:\archivos de programa\Yahoo!
2009-09-21 01:59 . 2009-09-21 01:59 -------- d-----w- c:\archivos de programa\The Weather Channel FW
2009-09-17 02:24 . 2009-09-17 02:24 -------- d-----w- c:\archivos de programa\MSXML 4.0
2009-09-16 18:17 . 2009-09-16 18:17 -------- d-----w- c:\documents and settings\Karla\Datos de programa\Search Settings
2009-09-16 18:17 . 2009-09-16 18:17 -------- d-----w- c:\documents and settings\Karla\Datos de programa\Dealio
2009-09-16 13:22 . 2009-10-06 22:00 -------- d-----w- c:\archivos de programa\Patrician III - Imperio de los Mares
2009-09-16 13:00 . 2009-09-16 13:01 -------- d-----w- C:\Click to DVD 2
2009-09-16 00:26 . 2009-03-27 06:16 12672 ----a-w- c:\windows\system32\drivers\cpuz132_x32.sys
2009-09-16 00:26 . 2009-09-16 00:26 -------- d-----w- c:\archivos de programa\CPUID

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-11 18:54 . 2009-08-19 16:53 -------- d-----w- c:\archivos de programa\American Conquest - Edición de oro
2009-10-10 13:33 . 2009-08-24 16:23 -------- d-----w- c:\archivos de programa\Spybot - Search & Destroy
2009-10-10 13:04 . 2009-08-24 23:54 -------- d-----w- c:\archivos de programa\SUPERAntiSpyware
2009-10-07 22:32 . 2009-08-31 01:15 -------- d-----w- c:\archivos de programa\BASpeed v6
2009-09-22 07:43 . 2009-08-24 22:22 -------- d-----w- c:\archivos de programa\Google
2009-09-16 19:18 . 2009-08-19 22:30 77921 ----a-w- c:\windows\system32\v3w32se2.dll
2009-09-16 13:30 . 2009-08-19 16:51 -------- d--h--w- c:\archivos de programa\FX Uninstall Information
2009-09-16 13:20 . 2009-09-16 13:09 -------- d-----w- c:\archivos de programa\Free Easy Burner
2009-09-13 13:19 . 2009-09-13 12:49 -------- d-----w- c:\archivos de programa\PestPatrol
2009-08-26 00:19 . 2009-08-26 00:19 -------- d-----w- c:\documents and settings\Karla\Datos de programa\AdobeUM
2009-08-24 23:54 . 2009-08-24 23:54 -------- d-----w- c:\documents and settings\All Users\Datos de programa\SUPERAntiSpyware.com
2009-08-24 23:53 . 2009-08-24 23:53 -------- d-----w- c:\archivos de programa\Archivos comunes\Wise Installation Wizard
2009-08-24 23:02 . 2009-08-24 22:32 -------- d---a-w- c:\documents and settings\All Users\Datos de programa\TEMP
2009-08-24 16:30 . 2009-08-24 16:23 -------- d-----w- c:\documents and settings\All Users\Datos de programa\Spybot - Search & Destroy
2009-08-24 16:11 . 2009-08-24 15:45 -------- d-----w- c:\archivos de programa\Windows Desktop Search
2009-08-24 16:09 . 2004-05-07 21:58 52236 ----a-w- c:\windows\system32\perfc00A.dat
2009-08-24 16:09 . 2004-05-07 21:58 365802 ----a-w- c:\windows\system32\perfh00A.dat
2009-08-24 15:42 . 2009-08-24 15:42 -------- d-----w- c:\archivos de programa\Windows Media Connect 2
2009-08-24 11:22 . 2009-08-23 23:25 1281456 ----a-w- c:\windows\system32\drivers\ahnsze.sys
2009-08-24 11:22 . 2009-08-21 18:31 1644208 ----a-w- c:\windows\system32\drivers\v3engine.sys
2009-08-23 19:04 . 2009-08-23 19:04 -------- d-----w- c:\archivos de programa\Panda Security
2009-08-23 18:42 . 2009-08-23 18:42 262 ----a-w- c:\windows\system32\PavCPL.dat
2009-08-23 18:42 . 2009-08-23 18:42 -------- d-----w- c:\archivos de programa\Prodigy Antivirus
2009-08-23 18:42 . 2004-05-07 13:44 -------- d--h--w- c:\archivos de programa\InstallShield Installation Information
2009-08-23 18:40 . 2009-08-19 07:23 -------- d-----w- c:\archivos de programa\Archivos comunes\Panda Software
2009-08-23 16:48 . 2009-08-23 16:47 -------- d-----w- c:\archivos de programa\QuickTime
2009-08-23 16:47 . 2009-08-23 16:47 -------- d-----w- c:\documents and settings\All Users\Datos de programa\Apple Computer
2009-08-23 16:47 . 2009-08-23 16:47 -------- d-----w- c:\archivos de programa\Apple Software Update
2009-08-23 16:47 . 2009-08-23 16:47 -------- d-----w- c:\documents and settings\All Users\Datos de programa\Apple
2009-08-23 16:03 . 2009-08-23 16:03 -------- d-----w- c:\documents and settings\Carlos\Datos de programa\AdobeUM
2009-08-21 22:20 . 2009-08-21 22:20 -------- d-----w- c:\documents and settings\Chelo\Datos de programa\AdobeUM
2009-08-21 18:28 . 2009-08-21 18:28 -------- d-----w- c:\archivos de programa\Archivos comunes\AhnLab
2009-08-21 16:08 . 2009-08-21 16:08 -------- d-----w- c:\archivos de programa\Philips
2009-08-21 14:56 . 2009-08-21 14:56 -------- d-----w- c:\archivos de programa\Archivos comunes\Real
2009-08-21 14:56 . 2009-08-21 14:56 -------- d-----w- c:\archivos de programa\Archivos comunes\xing shared
2009-08-21 14:56 . 2009-08-21 14:56 -------- d-----w- c:\archivos de programa\Real
2009-08-21 14:40 . 2009-08-21 14:40 -------- d-----w- c:\documents and settings\NetworkService\Datos de programa\aipstnhb
2009-08-21 14:05 . 2009-08-21 14:05 -------- d-----w- c:\documents and settings\Carlos\Datos de programa\aipstnhb
2009-08-19 22:44 . 2009-08-19 22:44 -------- d-----w- c:\documents and settings\Karla\Datos de programa\aipstnhb
2009-08-19 22:25 . 2009-08-19 22:25 206 ----a-w- c:\documents and settings\Karla\jlxsro.bat
2009-08-19 22:19 . 2009-08-19 22:19 206 ----a-w- c:\documents and settings\Karla\tvjdcx.bat
2009-08-19 21:49 . 2009-08-19 21:49 -------- d-----w- c:\documents and settings\All Users\Datos de programa\Office Genuine Advantage
2009-08-19 19:45 . 2009-08-19 19:45 -------- d-----w- c:\archivos de programa\Microsoft.NET
2009-08-19 16:41 . 2009-08-19 16:41 -------- d-----w- c:\archivos de programa\NVIDIA Corporation
2009-08-19 16:41 . 2009-08-19 16:41 -------- d-----w- c:\documents and settings\All Users\Datos de programa\NVIDIA Corporation
2009-08-19 16:36 . 2009-08-19 16:32 -------- d-----w- c:\archivos de programa\epson
2009-08-19 16:35 . 2009-08-19 16:33 -------- d-----w- c:\archivos de programa\Smart Panel
2009-08-19 15:19 . 2009-08-19 15:19 767328 ----a-w- c:\windows\system32\kdfinj.dll
2009-08-19 15:05 . 2009-08-19 15:05 -------- d-----w- c:\archivos de programa\AhnLab
2009-08-19 09:25 . 2009-08-19 09:25 664 ----a-w- c:\windows\system32\d3d9caps.dat
2009-08-19 09:06 . 2009-08-19 09:06 -------- d-----w- c:\archivos de programa\802.11 Wireless LAN
2009-08-19 07:57 . 2009-08-19 07:57 21035 ----a-w- c:\windows\system32\drivers\AegisP.sys
2009-08-19 07:42 . 2009-08-19 07:43 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-08-19 07:42 . 2004-05-07 14:27 -------- d-----w- c:\archivos de programa\Java
2009-08-19 07:26 . 2009-08-19 07:26 -------- d-----w- c:\documents and settings\All Users\Datos de programa\sentinel
2009-08-19 07:22 . 2004-05-10 17:06 -------- d-----w- c:\archivos de programa\Archivos comunes\Symantec Shared
2009-08-19 07:21 . 2004-05-10 17:06 -------- d-----w- c:\archivos de programa\Symantec
2009-08-19 07:10 . 2004-05-10 17:06 -------- d-----w- c:\documents and settings\All Users\Datos de programa\Symantec
2009-08-19 07:03 . 2009-08-19 07:03 552 ----a-w- c:\windows\system32\d3d8caps.dat
2009-08-19 06:28 . 2004-05-10 16:57 -------- d-----w- c:\documents and settings\All Users\Datos de programa\Sony Corporation
2009-08-19 06:27 . 2004-05-10 16:54 -------- d-----w- c:\archivos de programa\Sony
2009-08-19 06:26 . 2009-08-19 06:22 -------- d-----w- c:\archivos de programa\Archivos comunes\Adobe
2009-08-19 06:20 . 2004-05-07 14:28 -------- d-----w- c:\archivos de programa\Archivos comunes\Sony Shared
2009-08-19 06:20 . 2009-08-19 06:20 -------- d-----w- c:\documents and settings\All Users\Datos de programa\VAIO Media Platform
2009-08-19 06:20 . 2004-05-07 13:44 -------- d-----w- c:\archivos de programa\Archivos comunes\InstallShield
2009-08-19 06:16 . 2009-08-19 06:16 -------- d-----w- c:\archivos de programa\drag'n drop cd+dvd
2009-08-19 06:16 . 2009-08-19 06:16 -------- d-----w- c:\archivos de programa\InterVideo
2009-08-19 06:11 . 2009-08-19 06:11 0 ---ha-r- c:\windows\system32\drivers\Sony_PCV-RS43M(LA).mrk
2009-08-05 09:00 . 2009-08-19 06:22 205312 ----a-w- c:\windows\system32\mswebdvd.dll
2009-07-29 04:36 . 2004-05-07 21:58 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-07-29 04:36 . 2004-05-07 21:58 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-07-28 09:54 . 2009-08-19 15:19 133632 ----a-w- c:\windows\system32\drivers\Mkd2kfNT.sys
2009-07-17 19:03 . 2004-05-07 21:58 58880 ----a-w- c:\windows\system32\atl.dll
.

------- Sigcheck -------

[-] 2008-04-14 . E28818BD591F8AF8FBE9897472B9665E . 77824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\browser.dll
[-] 2008-04-14 . E28818BD591F8AF8FBE9897472B9665E . 77824 . . [5.1.2600.5512] . . c:\windows\system32\browser.dll
[-] 2004-08-19 . D01CFCC753B09E70F5B7622501FF5383 . 77312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\browser.dll

[-] 2008-04-14 . 618A4C7A7C0CA86DA884C8C0FACAD8C2 . 617472 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll
[-] 2008-04-14 . 618A4C7A7C0CA86DA884C8C0FACAD8C2 . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2008-04-14 . 08D17A982CD6191B34D1B8C8A2E694B6 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
[-] 2006-08-25 . 3E555C1ABB1F5DF1649B83B1878AC123 . 617472 . . [5.82] . . c:\windows\$NtServicePackUninstall$\comctl32.dll
[-] 2006-08-25 . 27CDCD592CCCBC1A5A62A0DE169B5BBB . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
[-] 2004-08-19 . EDA7A1054484AF5DD29A648081E93107 . 611328 . . [5.82] . . c:\windows\$NtUninstallKB923191$\comctl32.dll
[-] 2004-08-19 . A2126F1E83B97EEA496164748A9E3A8E . 1050624 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
[-] 2003-04-24 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\I386\ASMS\6000\MSFT\WINDOWS\COMMON\CONTROLS\COMCTL32.DLL
[-] 2003-04-24 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
[-] 2003-04-24 . 606F8CCD040C99CD0C3ABB001F42F763 . 921600 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805\comctl32.dll

[-] 2008-04-14 . E423C9C1946C656E0E4840210A0A8681 . 62464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\cryptsvc.dll
[-] 2008-04-14 . E423C9C1946C656E0E4840210A0A8681 . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll
[-] 2004-08-19 . 149CFFBF77CC1306FC535557CF513B91 . 60416 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\cryptsvc.dll
[-] 2003-04-24 12:00 . !HASH: COULD NOT OPEN FILE !!!!! . 53248 . . [------] . . c:\windows\$NtUninstallKB826939$\cryptsvc.dll

[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\asyncmac.sys
[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys
[-] 2004-08-04 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\asyncmac.sys

[-] 2003-04-24 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys

[-] 2008-04-14 . 188DDD286BC0DAEA6984858C6A4D7BBF . 25088 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kbdclass.sys
[-] 2008-04-14 . 188DDD286BC0DAEA6984858C6A4D7BBF . 25088 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys
[-] 2004-08-19 . 71BFDDA7B3006B45B18D8BAC92BC9993 . 25088 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\kbdclass.sys

[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ndis.sys
[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys
[-] 2004-08-04 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ndis.sys

[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntfs.sys
[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys
[-] 2004-08-04 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ntfs.sys
[-] 2003-04-24 . E3AE9C79498210A5F39FE5A9AD62BC55 . 561920 . . [5.1.2600.1106] . . c:\windows\I386\NTFS.SYS

[-] 2003-04-24 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys

[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
[-] 2006-04-20 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892] . . c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys
[-] 2006-04-20 . 1DBF125862891817F374F407626967F4 . 359808 . . [5.1.2600.2892] . . c:\windows\$NtServicePackUninstall$\tcpip.sys
[-] 2004-08-04 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB917953$\tcpip.sys

[-] 2008-07-07 20:27 . A225DD0D0489BD580781D19524A10B19 . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll
[-] 2008-07-07 20:27 . A225DD0D0489BD580781D19524A10B19 . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll
[-] 2008-07-07 20:25 . 6EC3C2A5CEA41B78BB55B30444292CB8 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
[-] 2008-04-14 02:18 . 76ABF3BB5A6D684641EC92B28240811D . 246272 . . [2001.12.4414.701] . . c:\windows\$NtUninstallKB950974$\es.dll
[-] 2008-04-14 02:18 . 76ABF3BB5A6D684641EC92B28240811D . 246272 . . [2001.12.4414.701] . . c:\windows\ServicePackFiles\i386\es.dll
[-] 2005-07-26 04:39 . F746B60F151FB18C48746229840D0114 . 243200 . . [2001.12.4414.308] . . c:\windows\SoftwareDistribution\Download\3ba5fa56e389dfb1c4d0a29bea7774d6\sp2gdr\es.dll
[-] 2005-07-26 04:38 . D60FA38B15820B4790375B616D6EBC81 . 227328 . . [2001.12.4414.62] . . c:\windows\SoftwareDistribution\Download\3ba5fa56e389dfb1c4d0a29bea7774d6\sp1qfe\es.dll
[-] 2005-07-26 04:29 . 0D0F85237E32538F58278D673032676A . 243200 . . [2001.12.4414.308] . . c:\windows\SoftwareDistribution\Download\3ba5fa56e389dfb1c4d0a29bea7774d6\sp2qfe\es.dll
[-] 2004-08-19 22:42 . 86F565E6FDD0C0776089D2F92AB1FC3F . 243200 . . [2001.12.4414.258] . . c:\windows\$NtServicePackUninstall$\es.dll
[-] 2003-04-24 12:00 . !HASH: COULD NOT OPEN FILE !!!!! . 225280 . . [------] . . c:\windows\$NtUninstallKB828741$\es.dll

[-] 2008-04-14 . 95DF6A7520912B1040F748A287EA382A . 110080 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\imm32.dll
[-] 2008-04-14 . 95DF6A7520912B1040F748A287EA382A . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll
[-] 2004-08-19 . BE2282FBEAFBB76577D47B06071139BB . 110080 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\imm32.dll

[-] 2009-03-21 . 7DC06BF4CBC3FCD7557D8D69DFBD49F5 . 1042944 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll
[-] 2009-03-21 . 7DC06BF4CBC3FCD7557D8D69DFBD49F5 . 1042944 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll
[-] 2009-03-21 . 97D5372816EC546BD035EDAEDB5E6918 . 1044992 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[-] 2008-04-14 . F43FE49CF77EC1CEF9DB9E67BDDB970F . 1042944 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426$\kernel32.dll
[-] 2008-04-14 . F43FE49CF77EC1CEF9DB9E67BDDB970F . 1042944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kernel32.dll
[-] 2006-07-05 . 104C9E03B077BF78AD2543827138E8AC . 1038336 . . [5.1.2600.2945] . . c:\windows\$hf_mig$\KB917422\SP2QFE\kernel32.dll
[-] 2006-07-05 . A3D705C5D5612792C804DD771608CBE6 . 1037312 . . [5.1.2600.2945] . . c:\windows\$NtServicePackUninstall$\kernel32.dll
[-] 2004-08-19 . 730DA000741545C7E5E176E1E9EA687D . 1036800 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB917422$\kernel32.dll

[-] 2008-04-14 . FB67F1E092AB9967D0CD17300D751874 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\linkinfo.dll
[-] 2008-04-14 . FB67F1E092AB9967D0CD17300D751874 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll
[-] 2005-09-01 . C4E7CEFD3802415865E631BE3AB6AC3B . 19968 . . [5.1.2600.2751] . . c:\windows\$hf_mig$\KB900725\SP2QFE\linkinfo.dll
[-] 2005-09-01 . EB7A3E05F297799847AACFA00B4B9218 . 19968 . . [5.1.2600.2751] . . c:\windows\$NtServicePackUninstall$\linkinfo.dll
[-] 2004-08-19 . 30FD47F2A925D0BB59792AB3920A1DAD . 18944 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB900725$\linkinfo.dll

[-] 2008-04-14 . 87F15A88AA3376B48F75D7D176B312A0 . 22016 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lpk.dll
[-] 2008-04-14 . 87F15A88AA3376B48F75D7D176B312A0 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll
[-] 2004-08-19 . 24B2A5D3EE366A3E9C1E0941363618C7 . 22016 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lpk.dll

[-] 2008-04-14 . 671ACA589DA3733FAC878A751C5BF0ED . 13312 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lsass.exe
[-] 2008-04-14 . 671ACA589DA3733FAC878A751C5BF0ED . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe
[-] 2004-08-19 . 2B0B88652C9F6714FD4886839B3B0442 . 13312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lsass.exe

[-] 2009-07-19 . 671EAF969638213A95BA3A88D0D896B8 . 5937152 . . [8.00.6001.18812] . . c:\windows\SoftwareDistribution\Download\0a070ec3d08c10bac197eb999f30bde7\SP3GDR\mshtml.dll
[-] 2009-07-19 . 671EAF969638213A95BA3A88D0D896B8 . 5937152 . . [8.00.6001.18812] . . c:\windows\system32\mshtml.dll
[-] 2009-07-19 . 671EAF969638213A95BA3A88D0D896B8 . 5937152 . . [8.00.6001.18812] . . c:\windows\system32\dllcache\mshtml.dll
[-] 2009-07-19 . 10C7D33C7CFD50D9D9F3ECE522F451AB . 5938176 . . [8.00.6001.22902] . . c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\mshtml.dll
[-] 2009-07-19 . 10C7D33C7CFD50D9D9F3ECE522F451AB . 5938176 . . [8.00.6001.22902] . . c:\windows\SoftwareDistribution\Download\0a070ec3d08c10bac197eb999f30bde7\SP3QFE\mshtml.dll
[-] 2009-07-18 . 88CCAF04428700ACBC38B646C1679D7E . 3090432 . . [6.00.2900.5848] . . c:\windows\ie8\mshtml.dll
[-] 2009-07-18 . 4870B28196C638B3B12ED63B9968CA75 . 3090944 . . [6.00.2900.5848] . . c:\windows\$hf_mig$\KB972260\SP3QFE\mshtml.dll
[-] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB972260-IE8\mshtml.dll
[-] 2008-04-14 . 85B88C504D1527978F1C2FBE6A41E799 . 3066880 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB972260$\mshtml.dll
[-] 2008-04-14 . 85B88C504D1527978F1C2FBE6A41E799 . 3066880 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\mshtml.dll
[-] 2006-06-30 17:38 . 20A4D4AB4DA4CB2F5FE98CF61673C114 . 2710528 . . [6.00.2800.1562] . . c:\windows\SoftwareDistribution\Download\ccefbbb327790854d0d5a9e49d76b96a\RTMQFE\mshtml.dll
[-] 2006-06-30 15:52 . B936DEACC98C18437059DDFB38ADF807 . 2703872 . . [6.00.2800.1561] . . c:\windows\SoftwareDistribution\Download\ccefbbb327790854d0d5a9e49d76b96a\rtmgdr\mshtml.dll
[-] 2004-08-19 . 704A274451F90D166DEAF4ED3AEAE14E . 3003392 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\mshtml.dll

[-] 2008-06-20 . 738AE6EEE9531C826E212BF686B0C5E5 . 248320 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll
[-] 2008-06-20 . 738AE6EEE9531C826E212BF686B0C5E5 . 248320 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll
[-] 2008-06-20 . DC10B07F256C8EDF6642015E380C741E . 248320 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
[-] 2008-04-14 . AD893C9D3A09081D55A4BDFBC66AD592 . 248320 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\mswsock.dll
[-] 2008-04-14 . AD893C9D3A09081D55A4BDFBC66AD592 . 248320 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\mswsock.dll
[-] 2004-08-19 . 10558FED65AAA5DC95125E069AE65036 . 248320 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\mswsock.dll

[-] 2008-04-14 . CD2BBB52DFAAB666B812A51B1E96F2A0 . 407040 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netlogon.dll
[-] 2008-04-14 . CD2BBB52DFAAB666B812A51B1E96F2A0 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll
[-] 2004-08-19 . 7FD182B1B80117C353983565D60B1CAF . 407040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netlogon.dll

[-] 2008-04-14 . A48884C9359EE9F1FC8F3F0D93FB1D95 . 198144 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netman.dll
[-] 2008-04-14 . A48884C9359EE9F1FC8F3F0D93FB1D95 . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll
[-] 2005-08-22 . 7BDB3A1B78A33455F3704AA12B9A0FE1 . 197632 . . [5.1.2600.2743] . . c:\windows\$NtServicePackUninstall$\netman.dll
[-] 2005-08-22 . 157B6FCB58270E3DF3ED67D316DCECE0 . 197632 . . [5.1.2600.2743] . . c:\windows\$hf_mig$\KB905414\SP2QFE\netman.dll
[-] 2004-08-19 . 25128473F0D3FD431F74CC5BAFA123CA . 198144 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB905414$\netman.dll

[-] 2009-02-11 . 6BC8E4AAFC98B556B8FB616AD30CD5A3 . 2191616 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[-] 2009-02-09 . 0A413FFFE5C2FC00D5F8F6FF4B3F6889 . 2191488 . . [5.1.2600.5755] . . c:\windows\Driver Cache\i386\ntoskrnl.exe
[-] 2009-02-09 . 0A413FFFE5C2FC00D5F8F6FF4B3F6889 . 2191488 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\ntoskrnl.exe
[-] 2009-02-09 . 2D8C2432BEA47DB81880C468DCB4DE9E . 2147840 . . [5.1.2600.5755] . . c:\windows\system32\ntoskrnl.exe
[-] 2008-04-14 . 6468827016FA22CAE81D7059F1A974C0 . 2191360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntoskrnl.exe
[-] 2008-04-14 . 5865859247703A0E7211267AB92A02B7 . 2147840 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntoskrnl.exe
[-] 2005-03-02 . 39C0091FD92038A4671C7D8791BD996E . 2181888 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe
[-] 2005-03-02 . D5917EA3E42A67953213805F8E50CCD7 . 2138112 . . [5.1.2600.2622] . . c:\windows\$NtServicePackUninstall$\ntoskrnl.exe
[-] 2004-08-19 . DEC879BE42071616F07F73B4CF0C367B . 2150912 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\ntoskrnl.exe
[-] 2003-04-24 12:00 . !HASH: COULD NOT OPEN FILE !!!!! . 2044544 . . [------] . . c:\windows\$NtUninstallKB826939$\ntoskrnl.exe

[-] 2008-04-14 . 56DE6FD410B277C4345D7A2C3414DB64 . 17408 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\powrprof.dll
[-] 2008-04-14 . 56DE6FD410B277C4345D7A2C3414DB64 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll
[-] 2004-08-19 . 75EFF6383C2F9BC1198C5351754D27AC . 17408 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\powrprof.dll

[-] 2008-04-14 . 8EE9639C01B92490E09638CAA1B16C3C . 409088 . . [6.7.2600.5512] . . c:\windows\ServicePackFiles\i386\qmgr.dll
[-] 2008-04-14 . 8EE9639C01B92490E09638CAA1B16C3C . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll
[-] 2008-04-14 . 8EE9639C01B92490E09638CAA1B16C3C . 409088 . . [6.7.2600.5512] . . c:\windows\system32\bits\qmgr.dll
[-] 2004-08-19 . 02451268DC47E4DC228210DA0E3C3274 . 382464 . . [6.6.2600.2180] . . c:\windows\$NtServicePackUninstall$\qmgr.dll
[-] 2003-04-24 . 08CE366B9C953931A4C88F4C8402056C . 222720 . . [6.2.2600.1106] . . c:\windows\$NtUninstallKB842773$\qmgr.dll

[-] 2009-02-09 . AEF41FC6F108CC4F94F9B4E96AFA9C70 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[-] 2009-02-09 . 97869C55F562B777987100EA30AD8108 . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll
[-] 2009-02-09 . 97869C55F562B777987100EA30AD8108 . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll
[-] 2008-04-14 . 53D02EFFA72CA5C57687BEE20610ABA6 . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\rpcss.dll
[-] 2008-04-14 . 53D02EFFA72CA5C57687BEE20610ABA6 . 399360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rpcss.dll
[-] 2005-07-26 . 976254AD656275E76D88A6247F364E66 . 397824 . . [5.1.2600.2726] . . c:\windows\SoftwareDistribution\Download\3ba5fa56e389dfb1c4d0a29bea7774d6\sp2gdr\rpcss.dll
[-] 2005-07-26 . 09958DCE08CE19D4AA4B98C913722378 . 276992 . . [5.1.2600.1720] . . c:\windows\SoftwareDistribution\Download\3ba5fa56e389dfb1c4d0a29bea7774d6\sp1qfe\rpcss.dll
[-] 2005-07-26 . 78793AAE30E77A07D6C5A378D163B909 . 398336 . . [5.1.2600.2726] . . c:\windows\SoftwareDistribution\Download\3ba5fa56e389dfb1c4d0a29bea7774d6\sp2qfe\rpcss.dll
[-] 2005-01-14 . 9198D6916237BEABF2316AA3F6F5BDB0 . 395776 . . [5.1.2600.2595] . . c:\windows\$NtServicePackUninstall$\rpcss.dll
[-] 2005-01-14 . 0A2452E3786E4C4F3467580FA6D8905B . 395776 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\rpcss.dll
[-] 2004-08-19 . 86945706EBF0460631917E967BAB3CC4 . 395776 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB873333$\rpcss.dll
[-] 2003-08-25 20:35 . !HASH: COULD NOT OPEN FILE !!!!! . 260608 . . [------] . . c:\windows\$NtUninstallKB826939$\rpcss.dll
[-] 2003-08-25 20:35 . !HASH: COULD NOT OPEN FILE !!!!! . 260608 . . [------] . . c:\windows\$NtUninstallKB828741$\rpcss.dll
[-] 2003-04-24 . C72081ECEF138F42FF51470B2C88B744 . 260608 . . [5.1.2600.1106] . . c:\windows\$NtUninstallKB824146$\rpcss.dll

[-] 2008-04-14 . B6BE3C96CD33336A551DB3F2299A8E69 . 185856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\scecli.dll
[-] 2008-04-14 . B6BE3C96CD33336A551DB3F2299A8E69 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll
[-] 2004-08-19 . C6347748F2E9F310EA1E1915482ABFEF . 184832 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\scecli.dll

[-] 2009-02-09 . 953DF7327510DF0DE048B8E80E504EF9 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\services.exe
[-] 2009-02-09 . 953DF7327510DF0DE048B8E80E504EF9 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe
[-] 2009-02-09 . AA6E1769469F9D15603A619FC1FB9E18 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[-] 2008-04-14 . D658A8C2FC7B2AD53D1259741A09EE04 . 109056 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\services.exe
[-] 2008-04-14 . D658A8C2FC7B2AD53D1259741A09EE04 . 109056 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe
[-] 2004-08-19 . F9852F505E0699BB83D5C6321917040B . 108544 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\services.exe

[-] 2008-04-14 . D5AC9FA63EBEFD7AACCB14BA0DB1BAC3 . 5120 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfc.dll
[-] 2008-04-14 . D5AC9FA63EBEFD7AACCB14BA0DB1BAC3 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll
[-] 2004-08-19 . CA557E5E31C7BCFC2CB61CCFE9F6C945 . 5120 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfc.dll

[-] 2008-04-14 . CDD2DC6AE65084481E723E746C20539A . 57856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\spoolsv.exe
[-] 2008-04-14 . CDD2DC6AE65084481E723E746C20539A . 57856 . . [5.1.2600.5512] . . c:\windows\system32\spoolsv.exe
[-] 2005-06-11 . AD3D9D191AEA7B5445FE1D82FFBB4788 . 57856 . . [5.1.2600.2696] . . c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
[-] 2005-06-10 . DA81EC57ACD4CDC3D4C51CF3D409AF9F . 57856 . . [5.1.2600.2696] . . c:\windows\$NtServicePackUninstall$\spoolsv.exe
[-] 2004-08-19 . 1CF5AF263287CF6FEBF31539833EAF4A . 57856 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB896423$\spoolsv.exe

[-] 2008-04-14 . 4F2340F0BD5B6365C38E74DD391919A8 . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\svchost.exe
[-] 2008-04-14 . 4F2340F0BD5B6365C38E74DD391919A8 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe
[-] 2004-08-19 . FA03E1FC17F38FBDBA81470D08B3E416 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\svchost.exe

[-] 2008-04-14 . 04A5B8EA326951DB27DF60A14F2999FF . 249856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tapisrv.dll
[-] 2008-04-14 . 04A5B8EA326951DB27DF60A14F2999FF . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll
[-] 2005-07-08 . 861E25215BA370D4CA9337C2BC0E647F . 249344 . . [5.1.2600.2716] . . c:\windows\$hf_mig$\KB893756\SP2QFE\tapisrv.dll
[-] 2005-07-08 . FB0794BE642E50D2284A8841043B5867 . 249344 . . [5.1.2600.2716] . . c:\windows\$NtServicePackUninstall$\tapisrv.dll
[-] 2004-08-19 . C2DC3F102C351FA6D4BDAF2B927EAFC2 . 246272 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB893756$\tapisrv.dll

[-] 2008-04-14 . DA8898129E0075C7DE4DEE457514A73C . 579584 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll
[-] 2008-04-14 . DA8898129E0075C7DE4DEE457514A73C . 579584 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[-] 2005-03-02 . 37CE819E8ECB3517B9981A886876EF72 . 578048 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll
[-] 2005-03-02 . DDA46F3DBCF32727E93976B09FBB0E83 . 578048 . . [5.1.2600.2622] . . c:\windows\$NtServicePackUninstall$\user32.dll
[-] 2004-08-19 . 5D5C9CC377A70D036816E7EA55F3CA73 . 578048 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\user32.dll
[-] 2003-04-24 12:00 . !HASH: COULD NOT OPEN FILE !!!!! . 561152 . . [------] . . c:\windows\$NtUninstallKB826939$\user32.dll
[-] 2002-11-22 19:31 . !HASH: COULD NOT OPEN FILE !!!!! . 529920 . . [------] . . c:\windows\$NtUninstallKB824141$\user32.dll

[-] 2008-04-14 . F5B8745B9A90EAF17E30C0574E049AA3 . 26624 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\userinit.exe
[-] 2008-04-14 . F5B8745B9A90EAF17E30C0574E049AA3 . 26624 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe
[-] 2004-08-19 . 7B30B4D55B4562C733A5DDF6D6F72B3F . 25088 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\userinit.exe

[-] 2009-07-03 . 8F6A726D4643272F26FFCE8A4FA673DF . 915456 . . [8.00.6001.22896] . . c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\wininet.dll
[-] 2009-07-03 . 8F6A726D4643272F26FFCE8A4FA673DF . 915456 . . [8.00.6001.22896] . . c:\windows\SoftwareDistribution\Download\0a070ec3d08c10bac197eb999f30bde7\SP3QFE\wininet.dll
[-] 2009-07-03 . A4FC622288C2331B6D25FB7F1CBB03E2 . 915456 . . [8.00.6001.18806] . . c:\windows\SoftwareDistribution\Download\0a070ec3d08c10bac197eb999f30bde7\SP3GDR\wininet.dll
[-] 2009-07-03 . A4FC622288C2331B6D25FB7F1CBB03E2 . 915456 . . [8.00.6001.18806] . . c:\windows\system32\wininet.dll
[-] 2009-07-03 . A4FC622288C2331B6D25FB7F1CBB03E2 . 915456 . . [8.00.6001.18806] . . c:\windows\system32\dllcache\wininet.dll
[-] 2009-06-26 . F032FBCBA859642CFFC3A72F93A77317 . 669184 . . [6.00.2900.5835] . . c:\windows\ie8\wininet.dll
[-] 2009-06-26 . F7DA1ABB4F650C1E1480B4E8DB0A4166 . 670720 . . [6.00.2900.5835] . . c:\windows\$hf_mig$\KB972260\SP3QFE\wininet.dll
[-] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB972260-IE8\wininet.dll
[-] 2008-04-14 . A9A84CFC20D5F4C609E9CBF9491B8DF6 . 668672 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB972260$\wininet.dll
[-] 2008-04-14 . A9A84CFC20D5F4C609E9CBF9491B8DF6 . 668672 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\wininet.dll
[-] 2006-06-23 19:46 . 6F1FB4C3043237472566DDB4A1B2972A . 591872 . . [6.00.2800.1560] . . c:\windows\SoftwareDistribution\Download\ccefbbb327790854d0d5a9e49d76b96a\RTMQFE\wininet.dll
[-] 2006-06-23 18:28 . 52DDEAE11E39BA0526E87BDF73B443EA . 579584 . . [6.00.2800.1559] . . c:\windows\SoftwareDistribution\Download\ccefbbb327790854d0d5a9e49d76b96a\rtmgdr\wininet.dll
[-] 2004-08-19 . 80BB109560A23B9C18427855CA5305E6 . 658944 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\wininet.dll

[-] 2008-04-14 . 213C80D912880BBF04453D09FFCCB28C . 510976 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe
[-] 2008-04-14 . 213C80D912880BBF04453D09FFCCB28C . 510976 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[-] 2004-08-19 . FCB59D25D628B4D3181DC816D14679DD . 505344 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\winlogon.exe

[-] 2008-04-14 . 22DB5B3DA7005C6472D35BEF3FFDA5EC . 82432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2_32.dll
[-] 2008-04-14 . 22DB5B3DA7005C6472D35BEF3FFDA5EC . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll
[-] 2004-08-19 . B4A90738BA4355F187BD26D6C112082B . 82944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2_32.dll

[-] 2008-04-14 . 7522F548A84ABAD8FA516DE5AB3931EF . 1036288 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 7522F548A84ABAD8FA516DE5AB3931EF . 1036288 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2004-08-19 . 89C8DD146CEAF482D82822766437D93F . 1034752 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\explorer.exe
[-] 2003-04-24 . 64764B2B0B0314932AA8EC10C30EB2AE . 1006592 . . [6.00.2800.1106] . . c:\windows\$NtUninstallKB825121$\explorer.exe

[-] 2008-04-14 . 0F021B29E0C2C9D897258399FB2149CD . 343040 . . [7.0.2600.5512] . . c:\windows\ServicePackFiles\i386\msvcrt.dll
[-] 2008-04-14 . 0F021B29E0C2C9D897258399FB2149CD . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll
[-] 2008-04-14 . B1CB86D70023988360DA136B317D8546 . 343040 . . [7.0.2600.5512] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
[-] 2004-08-19 . 3CDD949F8340F06FD99667B4F75409D0 . 343040 . . [7.0.2600.2180] . . c:\windows\$NtServicePackUninstall$\msvcrt.dll
[-] 2004-08-19 . C19174138C9DAB560E4324374C5F739E . 343040 . . [7.0.2600.2180] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll
[-] 2003-04-24 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\I386\ASMS\7000\MSFT\WINDOWS\MSWINCRT\MSVCRT.DLL
[-] 2003-04-24 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll
[-] 2003-04-24 . 1B2C477D8847E4123DD8761D2E9008F7 . 323072 . . [7.0.2600.1106] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.10.0_x-ww_d8862ba3\msvcrt.dll

[-] 2008-04-14 . 0F30EEC6013FCF76693405EC4A7DF899 . 171520 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll
[-] 2008-04-14 . 0F30EEC6013FCF76693405EC4A7DF899 . 171520 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2004-08-19 . C791D16BF25264738B14873436293BD0 . 171008 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll

[-] 2008-04-14 . B2718EC9DC738E915D4177498E92BC4D . 13824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wscntfy.exe
[-] 2008-04-14 . B2718EC9DC738E915D4177498E92BC4D . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe
[-] 2004-08-19 . 9C90A6DBE5D43E189F199172675D6312 . 13824 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wscntfy.exe

[-] 2008-04-14 . 14FDADCF05A37582399DAF1DA1DE1C7B . 129024 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\xmlprov.dll
[-] 2008-04-14 . 14FDADCF05A37582399DAF1DA1DE1C7B . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll
[-] 2004-08-19 . 843E0DB8042A8C0D749EB2B9EFA54F24 . 129536 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\xmlprov.dll

[-] 2008-04-14 . 2744C713F0217BD8FFD13E2EF731371C . 56320 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\eventlog.dll
[-] 2008-04-14 . 2744C713F0217BD8FFD13E2EF731371C . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll
[-] 2004-08-19 . 5696DF4EF09C375CE42FB2DDE1E68AB7 . 55808 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\eventlog.dll

[-] 2008-04-14 . 2A1E1DF559B291583903D2F9CC504522 . 1572352 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfcfiles.dll
[-] 2008-04-14 . 2A1E1DF559B291583903D2F9CC504522 . 1572352 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
[-] 2004-08-19 . AAFD7382D64710AE3A6F1DEE5020CF19 . 1548800 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfcfiles.dll

[-] 2008-04-14 . DAAE1CB1B1875B760496E7D3336DA1AD . 15360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2008-04-14 . DAAE1CB1B1875B760496E7D3336DA1AD . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
[-] 2004-08-19 . 25ECFA69AF1563FDE8DFD31F9954497A . 15360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe

[-] 2008-04-14 . E424F05B07AC4357DC08D06218D76C7C . 59904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regsvc.dll
[-] 2008-04-14 . E424F05B07AC4357DC08D06218D76C7C . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll
[-] 2004-08-19 . D025E953864EBEBAB5933086D15C4FC6 . 59904 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regsvc.dll

[-] 2008-04-14 . 51BE25C404D3DD344C6079DE715E4977 . 193536 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\schedsvc.dll
[-] 2008-04-14 . 51BE25C404D3DD344C6079DE715E4977 . 193536 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll
[-] 2004-08-19 . 0125649B3C00D037E07FD7BCEF7B653B . 192000 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\schedsvc.dll

[-] 2008-04-14 . CA70EDBF32032EA53F114CB930741CB5 . 135168 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\shsvcs.dll
[-] 2008-04-14 . CA70EDBF32032EA53F114CB930741CB5 . 135168 . . [6.00.2900.5512] . . c:\windows\system32\shsvcs.dll
[-] 2004-08-19 . DBCF824BA771A1F27E6F5124D0516358 . 134656 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\shsvcs.dll

[-] 2008-04-14 . B622A432EF02895DE4AA38AC8B85FA4C . 71680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ssdpsrv.dll
[-] 2008-04-14 . B622A432EF02895DE4AA38AC8B85FA4C . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll
[-] 2004-08-19 . 4AFF5EA8BF2362C3D5001295FDEB3ABD . 71680 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ssdpsrv.dll

[-] 2008-04-14 . 288B20D56D5F0EC4BCC77FBFA5A81740 . 296960 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\termsrv.dll
[-] 2008-04-14 . 288B20D56D5F0EC4BCC77FBFA5A81740 . 296960 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll
[-] 2004-08-19 . C2038466BE5A6A76EFD592FA0B459E17 . 296960 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\termsrv.dll

[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\agp440.sys
[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\system32\drivers\agp440.sys
[-] 2004-08-04 . 2C428FA0C3E3A01ED93C9B2A27D8D4BB . 42368 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\agp440.sys

[-] 2003-04-24 . 1C905333C0B9F3D7C68DDF25E54B00F9 . 12032 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys

[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ServicePackFiles\i386\aec.sys
[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys
[-] 2004-08-04 05:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\$NtServicePackUninstall$\aec.sys

[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ip6fw.sys
[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys
[-] 2004-08-04 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ip6fw.sys

[-] 2008-04-14 02:18 . 27415CEEB58C8C2F92AFF8CFE2517A3C . 927504 . . [4.1.0.61] . . c:\windows\ServicePackFiles\i386\mfc40u.dll
[-] 2008-04-14 02:18 . 27415CEEB58C8C2F92AFF8CFE2517A3C . 927504 . . [4.1.0.61] . . c:\windows\system32\mfc40u.dll
[-] 2003-04-24 12:00 . F1197F879AF9ED702D3E6EBCD3B99107 . 924432 . . [4.1.6140] . . c:\windows\$NtServicePackUninstall$\mfc40u.dll

[-] 2008-04-14 . 047E70B04B288439245DDC8DD1A31982 . 33792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msgsvc.dll
[-] 2008-04-14 . 047E70B04B288439245DDC8DD1A31982 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll
[-] 2004-08-19 . CA33F6547C49E749E47FB6A0D1DBE192 . 33792 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msgsvc.dll
[-] 2003-04-24 12:00 . !HASH: COULD NOT OPEN FILE !!!!! . 34304 . . [------] . . c:\windows\$NtUninstallKB828035$\msgsvc.dll

[-] 2008-04-14 02:18 . 57CF215B0250DE0C4AE36ABC8AE31BE4 . 52736 . . [9.0.1.56] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll
[-] 2006-10-19 02:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll
[-] 2006-10-19 02:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\dllcache\mspmsnsv.dll
[-] 2005-01-28 13:53 . 140EF97B64F560FD78643CAE2CDAD838 . 25088 . . [10.0.3790.3802] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll
[-] 2005-01-28 13:53 . 140EF97B64F560FD78643CAE2CDAD838 . 25088 . . [10.0.3790.3802] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll
[-] 2004-08-19 22:42 . 7BB55C1143F8270467928AA843A48192 . 52736 . . [9.0.1.56] . . c:\windows\$NtServicePackUninstall$\mspmsnsv.dll
[-] 2004-08-19 22:42 . 7BB55C1143F8270467928AA843A48192 . 52736 . . [9.0.1.56] . . c:\windows\ServicePackFiles\i386\mspmsnsv.dll

[-] 2009-02-11 . 2050C3BAB913974643D43C1A414CACB5 . 2068480 . . [5.1.2600.5755] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe
[-] 2009-02-11 . 2050C3BAB913974643D43C1A414CACB5 . 2068480 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\ntkrnlpa.exe
[-] 2009-02-09 . E1CC2E793C0A50D18BFAEB2A0C5A8762 . 2026496 . . [5.1.2600.5755] . . c:\windows\system32\ntkrnlpa.exe
[-] 2009-02-09 . 9B5E5D325CEDBB10A9A86679634A38CC . 2068608 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[-] 2008-04-14 . B4604169BB187939CAE61D62B41E85E0 . 2026496 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe
[-] 2008-04-14 . 2E2931A58B112CDF2A99B00B5DACDBE4 . 2068224 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntkrnlpa.exe
[-] 2005-03-02 . 03550E4B6C37D2D31A029E95CCA0354B . 2059264 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe
[-] 2005-03-02 . EFE0662D7F3D16C5058A00A328D79C6E . 2017792 . . [5.1.2600.2622] . . c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe
[-] 2004-08-19 . 90AA698B03FAFEE217268AB443D7B4A9 . 2017792 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\ntkrnlpa.exe
[-] 2003-04-24 12:00 . !HASH: COULD NOT OPEN FILE !!!!! . 1950208 . . [------] . . c:\windows\$NtUninstallKB826939$\ntkrnlpa.exe

[-] 2008-04-14 02:18 . D60C40D71A4D874C903255E4827AFA0C . 437760 . . [5.1.2400.5512] . . c:\windows\ServicePackFiles\i386\ntmssvc.dll
[-] 2008-04-14 02:18 . D60C40D71A4D874C903255E4827AFA0C . 437760 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll
[-] 2004-08-19 22:42 . 395948DEE2B0F534A8C70687CC6DD7CA . 437760 . . [5.1.2400.2180] . . c:\windows\$NtServicePackUninstall$\ntmssvc.dll

[-] 2008-04-14 . 7594203F459ABDB5FE53C08D6B1BD53B . 186368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\upnphost.dll
[-] 2008-04-14 . 7594203F459ABDB5FE53C08D6B1BD53B . 186368 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll
[-] 2004-08-19 . 4B48358383940F6E559DA2F64753029F . 185344 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\upnphost.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\archivos de programa\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-09-22 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\archivos de programa\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2003-11-15 335872]
"IgfxTray"="c:\windows\System32\igfxtray.exe" [2003-04-07 155648]
"HotKeysCmds"="c:\windows\System32\hkcmd.exe" [2003-04-07 114688]
"VAIO Update 2"="c:\archivos de programa\Sony\VAIO Update 2\VAIOUpdt.exe" [2004-01-17 135168]
"ezShieldProtector for Px"="c:\windows\System32\ezSP_Px.exe" [2002-08-20 40960]
"VAIOSurvey"="c:\archivos de programa\Sony\VAIO Survey\LASurvey.exe" [2003-08-20 765952]
"VAIO Recovery"="c:\windows\Sonysys\VAIO Recovery\PartSeal.exe" [2003-12-15 28672]
"SunJavaUpdateSched"="c:\archivos de programa\Java\jre6\bin\jusched.exe" [2009-08-19 149280]
"Ink Monitor"="c:\archivos de programa\EPSON\Ink Monitor\InkMonitor.exe" [2004-05-05 262210]
"nwiz"="c:\archivos de programa\NVIDIA Corporation\nView\nwiz.exe" [2009-07-09 1657376]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-14 13877248]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-07-14 86016]
"TkBellExe"="c:\archivos de programa\Archivos comunes\Real\Update_OB\realsched.exe" [2009-08-21 198160]
"QuickTime Task"="c:\archivos de programa\QuickTime\qttask.exe" [2009-05-26 413696]
"APVXDWIN"="c:\archivos de programa\Prodigy Antivirus\Prodigy Antivirus\APVXDWIN.EXE" [2007-10-04 455984]
"Google Quick Search Box"="c:\archivos de programa\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2009-09-22 122368]
"Malwarebytes Anti-Malware (reboot)"="c:\archivos de programa\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"AGRSMMSG"="AGRSMMSG.exe" - c:\windows\AGRSMMSG.exe [2003-05-23 88363]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Pap*\Men£ Inicio\Programas\Inicio\
ERUNT AutoBackup.lnk - c:\archivos de programa\ERUNT\AUTOBACK.EXE [2005-10-20 38912]

c:\documents and settings\All Users\Men£ Inicio\Programas\Inicio\
Wireless Configuration Utility HW.14.lnk - c:\archivos de programa\802.11 Wireless LAN\802.11g Wireless USB 2.0 Adapter HW.14 V.1.00\WlanCU.exe [2006-9-12 569344]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\archivos de programa\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-10-10 13:04 548352 ----a-w- c:\archivos de programa\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
2007-02-16 00:02 50736 ----a-w- c:\windows\system32\avldr.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Archivos de programa\\Sony\\click to dvd 2\\CtoDvd.exe"=

R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [10/10/2009 07:08 a.m. 28544]
R1 SASDIFSV;SASDIFSV;c:\archivos de programa\SUPERAntiSpyware\sasdifsv.sys [05/08/2009 04:06 p.m. 9968]
R1 SASKUTIL;SASKUTIL;c:\archivos de programa\SUPERAntiSpyware\SASKUTIL.SYS [05/08/2009 04:06 p.m. 74480]
R1 ShldDrv;Panda File Shield Driver;c:\windows\system32\drivers\ShlDrv51.sys [23/08/2009 01:40 p.m. 38968]
R2 cpuz132;cpuz132;c:\windows\system32\drivers\cpuz132_x32.sys [15/09/2009 07:26 p.m. 12672]
R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [19/08/2009 02:57 a.m. 38144]
R2 PavProc;Panda Process Protection Driver;c:\windows\system32\drivers\PavProc.sys [23/08/2009 01:40 p.m. 178872]
R2 VAIO Entertainment File Import Service;VAIO Entertainment File Import Service;c:\archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe [19/08/2009 01:19 a.m. 86098]
S3 AhnRghNt;AhnRghNt;c:\windows\system32\drivers\ahnRghNT.sys [23/08/2009 06:25 p.m. 28288]
S3 AhnSZE;AhnSZE;c:\windows\system32\drivers\ahnsze.sys [23/08/2009 06:25 p.m. 1281456]
S3 ASZFltNt;ASZFltNt;\??\c:\archiv~1\AhnLab\ASP\SpyZero\ASZFltNt.sys --> c:\archiv~1\AhnLab\ASP\SpyZero\ASZFltNt.sys [?]
S3 Mkd2kfNt;Mkd2kfNt;c:\windows\system32\drivers\Mkd2kfNT.sys [19/08/2009 10:19 a.m. 133632]
S3 Mkd2Nadr;Mkd2Nadr;c:\windows\system32\drivers\Mkd2Nadr.sys [19/08/2009 10:19 a.m. 79360]
S3 RTLWUSB;802.11g USB 2.0 WLAN Dongle;c:\windows\system32\drivers\RTL8187.sys [11/01/2007 10:16 p.m. 169472]
S3 SASENUM;SASENUM;c:\archivos de programa\SUPERAntiSpyware\SASENUM.SYS [05/08/2009 04:06 p.m. 7408]
S3 VAIO Entertainment UPnP Client Adapter;VAIO Entertainment UPnP Client Adapter;c:\archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe -RunBySCM --> c:\archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe -RunBySCM [?]

--- Other Services/Drivers In Memory ---

*Deregistered* - SjyPkt

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
bkfqpioi

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-08-23 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\archivos de programa\Apple Software Update\SoftwareUpdate.exe [2008-07-30 17:34]

2009-10-14 c:\windows\Tasks\User_Feed_Synchronization-{8E30AB05-3BEF-462D-882A-4215B2FBBE5A}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 09:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.mx/
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportar a Microsoft Excel - c:\archiv~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
LSP: c:\archivos de programa\Prodigy Antivirus\Prodigy Antivirus\pavlsp.dll
DPF: {A1D886C6-4039-4451-97A9-515F5BE5D4C2} - hxxps://boveda.banamex.com.mx/mkdplus.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-14 15:34
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|ÿÿÿÿÀ•€|ù•9~*]
"A0C0110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(820)
c:\archivos de programa\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
c:\windows\system32\avldr.dll

- - - - - - - > 'explorer.exe'(16136)
c:\windows\system32\WININET.dll
c:\archivos de programa\Google\Quick Search Box\bin\1.2.1150.158\qsb.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2009-10-14 15:38
ComboFix-quarantined-files.txt 2009-10-14 20:38
ComboFix2.txt 2009-10-14 11:03

Pre-Run: 34,906,497,024 bytes libres
Post-Run: 34,901,987,328 bytes libres

WindowsXP-KB310994-SP2-Home-BootDisk-ESN.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn

507 --- E O F --- 2009-09-17 02:24

[Shaba]

Please copy/paste HijackThis log as well to your reply

[csnomolas]

Here you have the HJT log file


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 03:40:43 p.m., on 14/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Archivos de programa\Prodigy Antivirus\Prodigy Antivirus\pavsrv51.exe
C:\Archivos de programa\Prodigy Antivirus\Prodigy Antivirus\AVENGINE.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Archivos de programa\Prodigy Antivirus\Prodigy Antivirus\PsCtrls.exe
C:\Archivos de programa\Archivos comunes\Panda Software\PavShld\pavprsrv.exe
C:\Archivos de programa\Prodigy Antivirus\Prodigy Antivirus\PsImSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\System32\svchost.exe
C:\Archivos de programa\Sony\VAIO Update 2\VAIOUpdt.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Archivos de programa\Archivos comunes\Real\Update_OB\realsched.exe
C:\Archivos de programa\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Archivos de programa\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Archivos de programa\802.11 Wireless LAN\802.11g Wireless USB 2.0 Adapter HW.14 V.1.00\WlanCU.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
C:\Archivos de programa\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Archivos de programa\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARCHIV~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Archivos de programa\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Archivos de programa\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Archivos de programa\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Archivos de programa\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Archivos de programa\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Archivos de programa\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Archivos de programa\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Archivos de programa\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [VAIOSurvey] C:\Archivos de programa\Sony\VAIO Survey\LASurvey.exe
O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Archivos de programa\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Ink Monitor] C:\Archivos de programa\EPSON\Ink Monitor\InkMonitor.exe
O4 - HKLM\..\Run: [nwiz] C:\Archivos de programa\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TkBellExe] "C:\Archivos de programa\Archivos comunes\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Archivos de programa\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [APVXDWIN] "C:\Archivos de programa\Prodigy Antivirus\Prodigy Antivirus\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Archivos de programa\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Archivos de programa\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [swg] "C:\Archivos de programa\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: ERUNT AutoBackup.lnk = C:\Archivos de programa\ERUNT\AUTOBACK.EXE
O4 - Global Startup: Wireless Configuration Utility HW.14.lnk = C:\Archivos de programa\802.11 Wireless LAN\802.11g Wireless USB 2.0 Adapter HW.14 V.1.00\WlanCU.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARCHIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARCHIV~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARCHIV~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sony-latin.com/vaio/info
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} (VaioInfo.CMClass) - http://esupport.sony.com/VaioInfo.CAB
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/actives.../as2stubie.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1250660547133
O16 - DPF: {6531D99C-0D0E-4293-B3CB-A3E1D0D41847} (AhnASP Control) - https://boveda.banamex.com.mx/AhnASP.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1250660770383
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/actives.../as2stubie.cab
O16 - DPF: {A1D886C6-4039-4451-97A9-515F5BE5D4C2} (mkdplusCtrl Class) - https://boveda.banamex.com.mx/mkdplus.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Archivos de programa\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Google Software Updater (gusvc) - Google - C:\Archivos de programa\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Archivos de programa\Archivos comunes\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Archivos de programa\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\ARCHIV~1\ARCHIV~1\SONYSH~1\AVLib\PACSPT~1.EXE
O23 - Service: Panda Software Controller - Panda Software International - C:\Archivos de programa\Prodigy Antivirus\Prodigy Antivirus\PsCtrls.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Archivos de programa\Archivos comunes\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Archivos de programa\Prodigy Antivirus\Prodigy Antivirus\pavsrv51.exe
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Archivos de programa\Prodigy Antivirus\Prodigy Antivirus\PsImSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\ARCHIV~1\ARCHIV~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment File Import Service - Sony Corporation - C:\Archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter - Sony Corporation - C:\Archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Archivos de programa\Sony\vaio media integrated server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Archivos de programa\Sony\vaio media integrated server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Archivos de programa\Sony\vaio media integrated server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Archivos de programa\Sony\vaio media integrated server\Platform\VmGateway.exe
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Sony Corporation - C:\Archivos de programa\Sony\vaio media integrated server\Video\GPVSvr.exe
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Sony Corporation - C:\Archivos de programa\Sony\vaio media integrated server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Archivos de programa\Sony\vaio media integrated server\Platform\UPnPFramework.exe

--
End of file - 11557 bytes

[Shaba]

Please upload these two files to http://virusscan.jotti.org and post back results:

c:\windows\ServicePackFiles\i386\browser.dll
c:\windows\system32\browser.dll

[csnomolas]

Scan results are:

c:\windows\ServicePackFiles\i386\browser.dll

Jotti's malware scan
Filename: browser.dll
Status: Scan finished. 0 out of 21 scanners reported malware.
Scan taken on: Fri 16 Oct 2009 22:34:40 (CET) Permalink



--------------------------------------------------------------------------------
Additional info
File size: 77824 bytes
Filetype: PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit
MD5: e28818bd591f8af8fbe9897472b9665e
SHA1: 238a4f78e0d18badc9dd5d63cb801902cb846969


c:\windows\system32\browser.dll

Jotti's malware scan
browser.dll
Status: Scan finished. 0 out of 21 scanners reported malware.
Scan taken on: Fri 16 Oct 2009 22:31:44 (CET) Permalink



--------------------------------------------------------------------------------
Additional info
File size: 77824 bytes
Filetype: PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit
MD5: e28818bd591f8af8fbe9897472b9665e
SHA1: 238a4f78e0d18badc9dd5d63cb801902cb846969

[Shaba]

Please go to start - run - services.msc - ok .

Let me know if Cryptographic service is running.