PDA

View Full Version : new one - virtumonde



set2008
2008-09-11, 03:49
Hi I need help for this...:red:
many thanks for your support...:)
:mad::mad::mad:
my log is:
Logfile of random's system information tool (written by random/random)
Run by Leonardo at 2008-09-10 21:46:37
Microsoft Windows XP Professional
System drive C: has 34 GB (88%) free of 38 GB
Total RAM: 255 MB (32% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:47:26 p.m., on 10/09/2008
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Archivos de programa\Eset\nod32kui.exe
C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Archivos de programa\Eset\nod32krn.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\taskmgr.exe
C:\Archivos de programa\Internet Explorer\iexplore.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Leonardo\Mis documentos\RSIT.exe
C:\Archivos de programa\trend micro\Leonardo.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60446
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60446
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60446
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARCHIV~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {55737035-1B75-48DD-A4D8-66155D8AC7A3} - C:\WINDOWS\system32\opnlJdeE.dll
O2 - BHO: (no name) - {C9FACE63-92B5-47D1-894E-F06AE76644B7} - C:\WINDOWS\System32\ssqRLFvV.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [nod32kui] "C:\Archivos de programa\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\RunOnce: [SpybotSnD] "C:\Archivos de programa\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARCHIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARCHIV~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARCHIV~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1220797520144
O20 - AppInit_DLLs: ompkfa.dll nxbngw.dll tfhfiu.dll
O20 - Winlogon Notify: opnlJdeE - C:\WINDOWS\SYSTEM32\opnlJdeE.dll
O23 - Service: Google Updater Service (gusvc) - Google - C:\Archivos de programa\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Archivos de programa\Eset\nod32krn.exe

--
End of file - 3661 bytes

Registry dump

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\ARCHIV~1\SPYBOT~1\SDHelper.dll [2008-07-07 1562448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{55737035-1B75-48DD-A4D8-66155D8AC7A3}]
C:\WINDOWS\system32\opnlJdeE.dll [2008-09-09 27648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C9FACE63-92B5-47D1-894E-F06AE76644B7}]
C:\WINDOWS\System32\ssqRLFvV.dll [2008-09-10 236544]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E718888-423F-11D2-876E-00A0C9082467} - &Radio - C:\WINDOWS\System32\msdxm.ocx [2001-09-28 847388]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"nod32kui"=C:\Archivos de programa\Eset\nod32kui.exe [2008-09-07 949376]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SpybotSnD"=C:\Archivos de programa\Spybot - Search & Destroy\SpybotSD.exe [2008-07-07 4891472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="ompkfa.dll nxbngw.dll tfhfiu.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\opnlJdeE]
C:\WINDOWS\system32\opnlJdeE.dll [2008-09-09 27648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{55737035-1B75-48DD-A4D8-66155D8AC7A3}"=C:\WINDOWS\system32\opnlJdeE.dll [2008-09-09 27648]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
C:\WINDOWS\System32\ssqRLFvV

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

File associations

.js - edit - C:\WINDOWS\System32\Notepad.exe %1
.js - open - C:\WINDOWS\System32\WScript.exe "%1" %*
.vbs - edit - C:\WINDOWS\System32\Notepad.exe %1
.vbs - open - C:\WINDOWS\System32\WScript.exe "%1" %*

List of files/folders created in the last three months

2008-09-10 19:15:59 ----SH---- C:\WINDOWS\System32\rgcskhea.ini
2008-09-10 19:15:54 ----A---- C:\WINDOWS\System32\aehkscgr.dll
2008-09-10 19:08:38 ----A---- C:\WINDOWS\System32\tfhfiu.dll
2008-09-10 19:08:23 ----A---- C:\WINDOWS\System32\xnjbobph.dll
2008-09-10 19:08:12 ----A---- C:\WINDOWS\System32\jqhejdwd.dll
2008-09-10 19:07:12 ----SH---- C:\WINDOWS\System32\rxokvhia.ini
2008-09-10 19:06:49 ----A---- C:\WINDOWS\System32\cblkvlcu.dll
2008-09-10 18:50:10 ----A---- C:\WINDOWS\System32\hrmaqmtt.dll
2008-09-10 18:48:47 ----SH---- C:\WINDOWS\System32\aahonlwi.ini
2008-09-10 18:47:59 ----A---- C:\WINDOWS\System32\jkpksrsu.dll
2008-09-10 18:47:10 ----ASH---- C:\WINDOWS\System32\VvFLRqss.ini2
2008-09-10 18:47:10 ----ASH---- C:\WINDOWS\System32\VvFLRqss.ini
2008-09-10 18:46:49 ----A---- C:\WINDOWS\System32\ssqRLFvV.dll
2008-09-10 18:32:27 ----A---- C:\WINDOWS\System32\gaftftng.tmp
2008-09-10 16:53:01 ----SH---- C:\WINDOWS\System32\gaftftng.ini
2008-09-10 16:52:48 ----A---- C:\WINDOWS\System32\gntftfag.dll
2008-09-10 16:52:39 ----A---- C:\WINDOWS\pskt.ini
2008-09-10 16:52:31 ----A---- C:\WINDOWS\System32\anscmrjw.dll
2008-09-10 13:59:40 ----D---- C:\Archivos de programa\trend micro
2008-09-10 13:59:36 ----D---- C:\rsit
2008-09-10 12:39:23 ----A---- C:\WINDOWS\ntbtlog.txt
2008-09-09 21:38:34 ----A---- C:\WINDOWS\System32\mcrh.tmp
2008-09-09 20:27:26 ----A---- C:\WINDOWS\System32\nxbngw.dll
2008-09-09 20:27:22 ----A---- C:\WINDOWS\System32\fwganjlf.dll
2008-09-09 16:56:02 ----A---- C:\WINDOWS\wininit.ini
2008-09-09 16:55:42 ----SH---- C:\WINDOWS\System32\cwwotpac.ini
2008-09-09 10:51:36 ----SH---- C:\WINDOWS\System32\hltolbpj.ini
2008-09-09 10:49:40 ----A---- C:\WINDOWS\System32\OMPKFA.DLL.ren
2008-09-09 10:49:35 ----A---- C:\WINDOWS\System32\cergtgat.dll
2008-09-09 10:49:29 ----A---- C:\WINDOWS\BM3768b064.txt
2008-09-09 10:48:57 ----A---- C:\WINDOWS\System32\3f784786-.txt
2008-09-09 10:48:19 ----ASH---- C:\WINDOWS\System32\fMllknpo.ini2
2008-09-09 10:48:19 ----ASH---- C:\WINDOWS\System32\fMllknpo.ini
2008-09-09 10:48:09 ----A---- C:\WINDOWS\System32\opnkllMf.dll.ren
2008-09-09 10:43:02 ----A---- C:\WINDOWS\System32\opnlJdeE.dll
2008-09-09 08:14:02 ----D---- C:\Documents and Settings\Leonardo\Datos de programa\Macromedia
2008-09-09 06:17:40 ----D---- C:\Documents and Settings\Leonardo\Datos de programa\Google
2008-09-09 05:56:57 ----D---- C:\Documents and Settings\All Users\Datos de programa\Adobe
2008-09-09 05:46:52 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2008-09-09 05:35:01 ----D---- C:\Documents and Settings\All Users\Datos de programa\NOS
2008-09-09 05:34:57 ----D---- C:\Archivos de programa\NOS
2008-09-08 21:33:47 ----D---- C:\Archivos de programa\BitTorrent
2008-09-07 15:40:50 ----A---- C:\WINDOWS\System32\imon.dll
2008-09-07 15:37:50 ----D---- C:\Archivos de programa\ESET
2008-09-07 14:03:39 ----D---- C:\Archivos de programa\eMule
2008-09-07 14:00:18 ----A---- C:\WINDOWS\IE4 Error Log.txt
2008-09-07 13:04:45 ----D---- C:\Documents and Settings\All Users\Datos de programa\Spybot - Search & Destroy
2008-09-07 13:04:45 ----D---- C:\Archivos de programa\Spybot - Search & Destroy
2008-09-07 12:10:27 ----A---- C:\WINDOWS\System32\mdimon.dll
2008-09-07 12:05:26 ----D---- C:\Archivos de programa\Microsoft.NET
2008-09-07 12:02:09 ----D---- C:\Archivos de programa\Archivos comunes\DESIGNER
2008-09-07 12:01:44 ----D---- C:\Archivos de programa\Microsoft Works
2008-09-07 12:01:13 ----D---- C:\Archivos de programa\Microsoft Visual Studio
2008-09-07 11:59:55 ----D---- C:\WINDOWS\SHELLNEW
2008-09-07 11:58:58 ----D---- C:\Archivos de programa\Microsoft Office
2008-09-07 11:53:54 ----RHD---- C:\MSOCache
2008-09-07 11:43:43 ----D---- C:\WINDOWS\System32\bits
2008-09-07 11:43:37 ----N---- C:\WINDOWS\System32\spmsg.dll
2008-09-07 11:43:26 ----HDC---- C:\WINDOWS\$NtUninstallKB842773$
2008-09-07 11:42:01 ----D---- C:\itshfbc
2008-09-07 11:29:33 ----N---- C:\WINDOWS\System32\bitsprx3.dll
2008-09-07 11:29:33 ----N---- C:\WINDOWS\System32\bitsprx2.dll
2008-09-07 11:29:33 ----A---- C:\WINDOWS\System32\winhttp.dll
2008-09-07 11:29:33 ----A---- C:\WINDOWS\System32\qmgrprxy.dll
2008-09-07 11:26:35 ----A---- C:\WINDOWS\System32\wups2.dll
2008-09-07 11:26:35 ----A---- C:\WINDOWS\System32\wups.dll
2008-09-07 11:26:35 ----A---- C:\WINDOWS\System32\wucltui.dll.mui
2008-09-07 11:26:35 ----A---- C:\WINDOWS\System32\wucltui.dll
2008-09-07 11:26:35 ----A---- C:\WINDOWS\System32\wuaueng.dll.mui
2008-09-07 11:26:32 ----A---- C:\WINDOWS\System32\wuapi.dll.mui
2008-09-07 11:26:32 ----A---- C:\WINDOWS\System32\wuapi.dll
2008-09-07 11:25:45 ----D---- C:\WINDOWS\SoftwareDistribution
2008-09-07 10:41:04 ----D---- C:\Documents and Settings\All Users\Datos de programa\Google
2008-09-07 10:41:04 ----D---- C:\Archivos de programa\Google
2008-09-07 10:08:31 ----D---- C:\Archivos de programa\DX Monitor
2008-09-06 19:49:20 ----D---- C:\Archivos de programa\YStress
2008-09-06 18:53:03 ----A---- C:\WINDOWS\System32\msodbc13.dll
2008-09-06 18:51:48 ----A---- C:\WINDOWS\unvise32.exe
2008-09-06 18:51:45 ----D---- C:\Archivos de programa\ScreenFlash Pro 1.3
2008-09-06 18:46:17 ----D---- C:\Archivos de programa\EasyPal
2008-09-06 18:44:46 ----D---- C:\Archivos de programa\Beam_DX
2008-09-06 18:40:31 ----D---- C:\Archivos de programa\AziPoint
2008-09-06 18:39:20 ----A---- C:\WINDOWS\azmap2.INI
2008-09-06 18:37:42 ----D---- C:\Archivos de programa\Azmap
2008-09-06 18:27:50 ----D---- C:\Archivos de programa\Wav2MP3 Wizard
2008-09-06 18:26:48 ----D---- C:\Archivos de programa\WinMorse

List of drivers

R1 nod32drv;nod32drv; C:\WINDOWS\System32\system32\drivers\nod32drv.sys []
R2 AMON;AMON; C:\WINDOWS\System32\system32\drivers\amon.sys []
R2 DLPortIO;DriverLINX Port I/O Driver; \??\C:\WINDOWS\System32\DRIVERS\DLPortIO.SYS []
R2 MixPortDriver;MixPortDriver; C:\WINDOWS\System32\drivers\MixPortDriver.sys [2002-05-03 3623]
R3 cwrwdm;Controlador WDM de SoundFusion(TM); C:\WINDOWS\System32\DRIVERS\cwrwdm.sys [2001-08-17 46848]
R3 GNCT511;Genius VideoCAM NB; C:\WINDOWS\System32\DRIVERS\gnct511.sys [2002-11-14 229376]
R3 nv4;nv4; C:\WINDOWS\System32\DRIVERS\nv4.sys [2001-08-17 731648]
R3 rtl8029;Controlador de Windows NT del adaptador Ethernet PCI basado en Realtek RTL8029(AS); C:\WINDOWS\System32\DRIVERS\RTL8029.SYS [2001-08-17 19017]
R3 usbhub;Concentrador habilitado USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2001-09-28 50688]
R3 usbuhci;Controlador minipuerto de la controladora de host universal USB de Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2001-09-28 18944]
R3 WS2IFSL;Entorno de compatibilidad con proveedores de servicios no IFS de Windows Socket 2.0; C:\WINDOWS\System32\System32\drivers\ws2ifsl.sys []
R4 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\System32\drivers\sp_rsdrv2.sys []
S2 zntport;ioctrl driver ; \??\C:\WINDOWS\System32\zntport.sys []
S3 CCDECODE;Descodificador de título cerrado; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2001-08-17 16256]
S3 giveio;giveio; \??\C:\WINDOWS\System32\giveio.sys []
S3 HidUsb;Controlador de clases HID de Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 mouhid;Controlador HID de mouse; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-22 12416]
S3 MSTEE;Convertidor Tee/Sink-to-Sink de transferencia de Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2001-08-17 4992]
S3 NABTSFEC;Códec NABTS/FEC VBI; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2001-08-17 83712]
S3 NdisIP;Conexión de TV/Vídeo de Microsoft; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2001-08-17 8064]
S3 S3SAVAGE4M;S3SAVAGE4M; C:\WINDOWS\System32\DRIVERS\s3sav4m.sys [2001-08-17 77824]
S3 SiSV;SiSV; C:\WINDOWS\System32\DRIVERS\SiSV.sys [2001-08-17 50432]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2001-08-17 10752]
S3 streamip;Receptor BDA IP; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2001-08-17 14592]
S3 trid3d;trid3d; C:\WINDOWS\System32\DRIVERS\trid3dm.sys [2001-08-17 222336]
S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\System32\DRIVERS\TVICHW32.SYS []
S3 USBSTOR;Dispositivo de almacenamiento masivo de datos USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2001-08-17 21760]
S3 WSTCODEC;Códec de teletexto estándar mundial; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2001-08-17 18560]
S4 IntelIde;IntelIde; C:\WINDOWS\System32\drivers\IntelIde.sys []

List of services

R2 MDM;Machine Debug Manager; C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 NOD32krn;NOD32 Kernel Service; C:\Archivos de programa\Eset\nod32krn.exe [2008-09-07 552064]
S3 gusvc;Google Updater Service; C:\Archivos de programa\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-09-09 156656]
S3 ose;Office Source Engine; C:\Archivos de programa\Archivos comunes\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

-----------------EOF-----------------


"BEFORE you POST"(READ this Procedure BEFORE Requesting Assistance) (http://forums.spybot.info/showthread.php?t=288)

pskelley
2008-09-12, 03:01
Welcome to Safer Networking, I wish to be sure you have viewed and understand this information.
"BEFORE you POST" (READ this Procedure before Requesting Assistance)
http://forums.spybot.info/showthread.php?t=288
All advice given is taken at your own risk.
Please make sure you have read this information so we are on the same page.

Appears you missed the directions considering you posted information not requested, but you missed this.

http://forums.spybot.info/showthread.php?t=425

Update Your Windows XP.
You are currently using an unpatched version of Windows XP.
Before attempting to remove malware, it is CRITICAL that you update to Service Pack 1a.
Get SP1a here : http://www.microsoft.com/windowsxp/downloads/updates/sp1/default.mspx
You should also get SP2, but NOT NOW, rather only after your machine is clean.
After updating your Windows to SP1a, post a new HijackThis log please, using the Post Reply button.

Thanks

set2008
2008-09-12, 19:05
:oops: I regret not having started the thread in the right way...
:)I am grateful for the quick response and try to solve the drawback...
I hope to get in the right way to solve it and follow the order suggested...

:red:this is my new log...

:mad:Logfile of random's system information tool (written by random/random)
Run by Leonardo at 2008-09-12 00:35:20
Microsoft Windows XP Professional Service Pack 1
System drive C: has 32 GB (84%) free of 38 GB
Total RAM: 255 MB (21% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 0:36:18, on 12/09/2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Archivos de programa\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Archivos de programa\Eset\nod32krn.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\msiexec.exe
C:\Archivos de programa\Eset\nod32kui.exe
C:\Archivos de programa\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Archivos de programa\Messenger\msmsgs.exe
C:\WINDOWS\System32\taskmgr.exe
C:\Documents and Settings\Leonardo\Mis documentos\RSIT.exe
C:\Archivos de programa\trend micro\Leonardo.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60446
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60446
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARCHIV~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {55737035-1B75-48DD-A4D8-66155D8AC7A3} - C:\WINDOWS\system32\opnlJdeE.dll
O2 - BHO: (no name) - {582B83E6-4F3E-4A2A-B7E1-2550D8ABB0D4} - C:\WINDOWS\System32\ssqRLFvV.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [nod32kui] "C:\Archivos de programa\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Archivos de programa\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Archivos de programa\Messenger\msmsgs.exe" /background
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARCHIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARCHIV~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARCHIV~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1220797520144
O20 - AppInit_DLLs: ompkfa.dll nxbngw.dll tfhfiu.dll bmgvkl.dll
O20 - Winlogon Notify: opnlJdeE - C:\WINDOWS\SYSTEM32\opnlJdeE.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Archivos de programa\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Archivos de programa\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Archivos de programa\Eset\nod32krn.exe

--
End of file - 3742 bytes

Registry dump

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\ARCHIV~1\SPYBOT~1\SDHelper.dll [2008-07-07 1562448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{55737035-1B75-48DD-A4D8-66155D8AC7A3}]
C:\WINDOWS\system32\opnlJdeE.dll [2008-09-09 27648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{582B83E6-4F3E-4A2A-B7E1-2550D8ABB0D4}]
C:\WINDOWS\System32\ssqRLFvV.dll [2008-09-10 236544]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E718888-423F-11D2-876E-00A0C9082467} - &Radio - C:\WINDOWS\System32\msdxm.ocx [2002-09-09 845852]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"nod32kui"=C:\Archivos de programa\Eset\nod32kui.exe [2008-09-07 949376]
"Adobe Reader Speed Launcher"=C:\Archivos de programa\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=C:\Archivos de programa\Messenger\msmsgs.exe [2002-09-09 1511453]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="ompkfa.dll nxbngw.dll tfhfiu.dll bmgvkl.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\opnlJdeE]
C:\WINDOWS\system32\opnlJdeE.dll [2008-09-09 27648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{55737035-1B75-48DD-A4D8-66155D8AC7A3}"=C:\WINDOWS\system32\opnlJdeE.dll [2008-09-09 27648]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
C:\WINDOWS\System32\ssqRLFvV

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

File associations

.js - edit - C:\WINDOWS\System32\Notepad.exe %1
.js - open - C:\WINDOWS\System32\WScript.exe "%1" %*
.vbs - edit - C:\WINDOWS\System32\Notepad.exe %1
.vbs - open - C:\WINDOWS\System32\WScript.exe "%1" %*

List of files/folders created in the last three months

2008-09-12 00:31:11 ----A---- C:\WINDOWS\OEWABLog.txt
2008-09-12 00:29:46 ----D---- C:\WINDOWS\Prefetch
2008-09-12 00:12:44 ----D---- C:\WINDOWS\ServicePackFiles
2008-09-12 00:12:43 ----D---- C:\WINDOWS\ehome
2008-09-11 23:51:10 ----A---- C:\WINDOWS\System32\zipfldr.dll
2008-09-11 23:51:09 ----A---- C:\WINDOWS\System32\xenroll.dll
2008-09-11 23:51:09 ----A---- C:\WINDOWS\System32\xactsrv.dll
2008-09-11 23:51:09 ----A---- C:\WINDOWS\System32\wzcsvc.dll
2008-09-11 23:51:09 ----A---- C:\WINDOWS\System32\wzcsapi.dll
2008-09-11 23:51:09 ----A---- C:\WINDOWS\System32\wzcdlg.dll
2008-09-11 23:51:09 ----A---- C:\WINDOWS\System32\wuauserv.dll
2008-09-11 23:51:08 ----A---- C:\WINDOWS\System32\wtsapi32.dll
2008-09-11 23:51:08 ----A---- C:\WINDOWS\System32\wsnmp32.dll
2008-09-11 23:51:08 ----A---- C:\WINDOWS\System32\wship6.dll
2008-09-11 23:51:08 ----A---- C:\WINDOWS\System32\wow32.dll
2008-09-11 23:51:06 ----A---- C:\WINDOWS\System32\wmvdmoe.dll
2008-09-11 23:51:04 ----A---- C:\WINDOWS\System32\wmv8dmod.dll
2008-09-11 23:51:04 ----A---- C:\WINDOWS\System32\wmstream.dll
2008-09-11 23:51:04 ----A---- C:\WINDOWS\System32\wmsdmoe.dll
2008-09-11 23:51:02 ----A---- C:\WINDOWS\System32\wmpui.dll
2008-09-11 23:51:02 ----A---- C:\WINDOWS\System32\wmpstub.exe
2008-09-11 23:51:02 ----A---- C:\WINDOWS\System32\wmpshell.dll
2008-09-11 23:51:01 ----A---- C:\WINDOWS\System32\wmploc.dll
2008-09-11 23:51:00 ----A---- C:\WINDOWS\System32\wmpcore.dll
2008-09-11 23:50:59 ----A---- C:\WINDOWS\System32\wmpcd.dll
2008-09-11 23:50:55 ----A---- C:\WINDOWS\System32\wlnotify.dll
2008-09-11 23:50:54 ----A---- C:\WINDOWS\System32\wldap32.dll
2008-09-11 23:50:54 ----A---- C:\WINDOWS\System32\winsta.dll
2008-09-11 23:50:53 ----A---- C:\WINDOWS\System32\winmm.dll
2008-09-11 23:50:52 ----A---- C:\WINDOWS\System32\wininet.dll
2008-09-11 23:50:51 ----A---- C:\WINDOWS\winhlp32.exe
2008-09-11 23:50:49 ----A---- C:\WINDOWS\System32\wiaservc.dll
2008-09-11 23:50:49 ----A---- C:\WINDOWS\System32\wiadss.dll
2008-09-11 23:50:49 ----A---- C:\WINDOWS\System32\wextract.exe
2008-09-11 23:50:48 ----A---- C:\WINDOWS\System32\webvw.dll
2008-09-11 23:50:47 ----A---- C:\WINDOWS\System32\webclnt.dll
2008-09-11 23:50:45 ----A---- C:\WINDOWS\System32\webcheck.dll
2008-09-11 23:50:41 ----A---- C:\WINDOWS\System32\w32time.dll
2008-09-11 23:50:41 ----A---- C:\WINDOWS\System32\vssapi.dll
2008-09-11 23:50:39 ----A---- C:\WINDOWS\System32\vfwwdm32.dll
2008-09-11 23:50:39 ----A---- C:\WINDOWS\System32\vdmredir.dll
2008-09-11 23:50:39 ----A---- C:\WINDOWS\System32\vbscript.dll
2008-09-11 23:50:38 ----A---- C:\WINDOWS\System32\uxtheme.dll
2008-09-11 23:50:38 ----A---- C:\WINDOWS\System32\utilman.exe
2008-09-11 23:50:38 ----A---- C:\WINDOWS\System32\usp10.dll
2008-09-11 23:50:32 ----A---- C:\WINDOWS\System32\urlmon.dll
2008-09-11 23:50:32 ----A---- C:\WINDOWS\System32\url.dll
2008-09-11 23:50:31 ----A---- C:\WINDOWS\System32\ups.exe
2008-09-11 23:50:31 ----A---- C:\WINDOWS\System32\upnpui.dll
2008-09-11 23:50:31 ----A---- C:\WINDOWS\System32\upnphost.dll
2008-09-11 23:50:31 ----A---- C:\WINDOWS\System32\upnp.dll
2008-09-11 23:50:29 ----A---- C:\WINDOWS\System32\umpnpmgr.dll
2008-09-11 23:50:29 ----A---- C:\WINDOWS\System32\umandlg.dll
2008-09-11 23:50:29 ----A---- C:\WINDOWS\System32\udhisapi.dll
2008-09-11 23:50:28 ----A---- C:\WINDOWS\System32\tscupgrd.exe
2008-09-11 23:50:28 ----A---- C:\WINDOWS\System32\tscfgwmi.dll
2008-09-11 23:50:27 ----A---- C:\WINDOWS\System32\trkwks.dll
2008-09-11 23:50:27 ----A---- C:\WINDOWS\System32\tracert.exe
2008-09-11 23:50:25 ----A---- C:\WINDOWS\System32\themeui.dll
2008-09-11 23:50:24 ----A---- C:\WINDOWS\System32\termsrv.dll
2008-09-11 23:50:24 ----A---- C:\WINDOWS\System32\telnet.exe
2008-09-11 23:50:22 ----A---- C:\WINDOWS\System32\taskmgr.exe
2008-09-11 23:50:22 ----A---- C:\WINDOWS\System32\tapisrv.dll
2008-09-11 23:50:21 ----A---- C:\WINDOWS\System32\tapi32.dll
2008-09-11 23:50:18 ----A---- C:\WINDOWS\System32\sxs.dll
2008-09-11 23:50:15 ----A---- C:\WINDOWS\System32\strmdll.dll
2008-09-11 23:50:15 ----A---- C:\WINDOWS\System32\storprop.dll
2008-09-11 23:50:15 ----A---- C:\WINDOWS\System32\stobject.dll
2008-09-11 23:50:15 ----A---- C:\WINDOWS\System32\sti_ci.dll
2008-09-11 23:50:14 ----A---- C:\WINDOWS\System32\sti.dll
2008-09-11 23:50:11 ----A---- C:\WINDOWS\System32\ssdpsrv.dll
2008-09-11 23:50:11 ----A---- C:\WINDOWS\System32\ssdpapi.dll
2008-09-11 23:50:10 ----A---- C:\WINDOWS\System32\srsvc.dll
2008-09-11 23:50:10 ----A---- C:\WINDOWS\System32\srrstr.dll
2008-09-11 23:50:10 ----A---- C:\WINDOWS\System32\srclient.dll
2008-09-11 23:50:08 ----A---- C:\WINDOWS\System32\sqlsrv32.dll
2008-09-11 23:50:06 ----A---- C:\WINDOWS\System32\spoolss.dll
2008-09-11 23:50:05 ----A---- C:\WINDOWS\System32\spider.exe
2008-09-11 23:50:03 ----A---- C:\WINDOWS\System32\snmpapi.dll
2008-09-11 23:50:02 ----A---- C:\WINDOWS\System32\smlogsvc.exe
2008-09-11 23:50:02 ----A---- C:\WINDOWS\System32\smlogcfg.dll
2008-09-11 23:50:00 ----A---- C:\WINDOWS\System32\slayerxp.dll
2008-09-11 23:50:00 ----A---- C:\WINDOWS\System32\skeys.exe
2008-09-11 23:50:00 ----A---- C:\WINDOWS\System32\sigverif.exe
2008-09-11 23:49:59 ----A---- C:\WINDOWS\System32\sigtab.dll
2008-09-11 23:49:59 ----A---- C:\WINDOWS\System32\shsvcs.dll
2008-09-11 23:49:59 ----A---- C:\WINDOWS\System32\shmgrate.exe
2008-09-11 23:49:58 ----A---- C:\WINDOWS\System32\shlwapi.dll
2008-09-11 23:49:57 ----A---- C:\WINDOWS\System32\shimgvw.dll
2008-09-11 23:49:57 ----A---- C:\WINDOWS\System32\shimeng.dll
2008-09-11 23:49:57 ----A---- C:\WINDOWS\System32\shgina.dll
2008-09-11 23:49:57 ----A---- C:\WINDOWS\System32\shfolder.dll
2008-09-11 23:49:50 ----A---- C:\WINDOWS\System32\shell32.dll
2008-09-11 23:49:49 ----A---- C:\WINDOWS\System32\shdocvw.dll
2008-09-11 23:49:45 ----A---- C:\WINDOWS\System32\sfcfiles.dll
2008-09-11 23:49:45 ----A---- C:\WINDOWS\System32\sfc_os.dll
2008-09-11 23:49:43 ----A---- C:\WINDOWS\System32\setup.exe
2008-09-11 23:49:42 ----A---- C:\WINDOWS\System32\sensapi.dll
2008-09-11 23:49:42 ----A---- C:\WINDOWS\System32\sens.dll
2008-09-11 23:49:42 ----A---- C:\WINDOWS\System32\secur32.dll
2008-09-11 23:49:42 ----A---- C:\WINDOWS\System32\sdbinst.exe
2008-09-11 23:49:41 ----A---- C:\WINDOWS\System32\schedsvc.dll
2008-09-11 23:49:40 ----A---- C:\WINDOWS\System32\scesrv.dll
2008-09-11 23:49:40 ----A---- C:\WINDOWS\System32\scecli.dll
2008-09-11 23:49:40 ----A---- C:\WINDOWS\System32\sccsccp.dll
2008-09-11 23:49:40 ----A---- C:\WINDOWS\System32\sccbase.dll
2008-09-11 23:49:38 ----A---- C:\WINDOWS\System32\runonce.exe
2008-09-11 23:49:38 ----A---- C:\WINDOWS\System32\rtcshare.exe
2008-09-11 23:49:35 ----A---- C:\WINDOWS\System32\rtcdll.dll
2008-09-11 23:49:34 ----A---- C:\WINDOWS\System32\rsaenh.dll
2008-09-11 23:49:34 ----A---- C:\WINDOWS\System32\rpcss.dll
2008-09-11 23:49:33 ----A---- C:\WINDOWS\System32\rpcrt4.dll
2008-09-11 23:49:32 ----A---- C:\WINDOWS\System32\riched20.dll
2008-09-11 23:49:32 ----A---- C:\WINDOWS\System32\remotepg.dll
2008-09-11 23:49:32 ----A---- C:\WINDOWS\System32\regapi.dll
2008-09-11 23:49:32 ----A---- C:\WINDOWS\System32\reg.exe
2008-09-11 23:49:32 ----A---- C:\WINDOWS\System32\redir.exe
2008-09-11 23:49:32 ----A---- C:\WINDOWS\regedit.exe
2008-09-11 23:49:31 ----A---- C:\WINDOWS\System32\rdsaddin.exe
2008-09-11 23:49:31 ----A---- C:\WINDOWS\System32\rdpwsx.dll
2008-09-11 23:49:31 ----A---- C:\WINDOWS\System32\rdpsnd.dll
2008-09-11 23:49:30 ----A---- C:\WINDOWS\System32\rdpdd.dll
2008-09-11 23:49:30 ----A---- C:\WINDOWS\System32\rdpclip.exe
2008-09-11 23:49:30 ----A---- C:\WINDOWS\System32\rdchost.dll
2008-09-11 23:49:29 ----A---- C:\WINDOWS\System32\rcimlby.exe
2008-09-11 23:49:29 ----A---- C:\WINDOWS\System32\rastls.dll
2008-09-11 23:49:29 ----A---- C:\WINDOWS\System32\rassapi.dll
2008-09-11 23:49:28 ----A---- C:\WINDOWS\System32\rasppp.dll
2008-09-11 23:49:28 ----A---- C:\WINDOWS\System32\rasmans.dll
2008-09-11 23:49:27 ----A---- C:\WINDOWS\System32\raschap.dll
2008-09-11 23:49:23 ----A---- C:\WINDOWS\System32\query.dll
2008-09-11 23:49:22 ----A---- C:\WINDOWS\System32\quartz.dll
2008-09-11 23:49:21 ----A---- C:\WINDOWS\System32\qedit.dll
2008-09-11 23:49:21 ----A---- C:\WINDOWS\System32\qdvd.dll
2008-09-11 23:49:21 ----A---- C:\WINDOWS\System32\qcap.dll
2008-09-11 23:49:19 ----A---- C:\WINDOWS\System32\psbase.dll
2008-09-11 23:49:19 ----A---- C:\WINDOWS\System32\psapi.dll
2008-09-11 23:49:17 ----A---- C:\WINDOWS\System32\pngfilt.dll
2008-09-11 23:49:16 ----A---- C:\WINDOWS\System32\ping.exe
2008-09-11 23:49:16 ----A---- C:\WINDOWS\System32\pid.dll
2008-09-11 23:49:13 ----A---- C:\WINDOWS\System32\pdh.dll
2008-09-11 23:49:11 ----A---- C:\WINDOWS\System32\pautoenr.dll
2008-09-11 23:49:10 ----A---- C:\WINDOWS\System32\packager.exe
2008-09-11 23:49:08 ----A---- C:\WINDOWS\System32\osk.exe
2008-09-11 23:49:07 ----A---- C:\WINDOWS\System32\opengl32.dll
2008-09-11 23:49:07 ----A---- C:\WINDOWS\System32\oleprn.dll
2008-09-11 23:49:04 ----A---- C:\WINDOWS\System32\ole32.dll
2008-09-11 23:49:02 ----A---- C:\WINDOWS\System32\offfilt.dll
2008-09-11 23:49:02 ----A---- C:\WINDOWS\System32\odbctrac.dll
2008-09-11 23:49:02 ----A---- C:\WINDOWS\System32\odbcp32r.dll
2008-09-11 23:49:02 ----A---- C:\WINDOWS\System32\odbccu32.dll
2008-09-11 23:49:02 ----A---- C:\WINDOWS\System32\odbccr32.dll
2008-09-11 23:49:01 ----A---- C:\WINDOWS\System32\odbccp32.dll
2008-09-11 23:49:01 ----A---- C:\WINDOWS\System32\odbcconf.exe
2008-09-11 23:49:01 ----A---- C:\WINDOWS\System32\odbcconf.dll
2008-09-11 23:49:01 ----A---- C:\WINDOWS\System32\odbcbcp.dll
2008-09-11 23:49:01 ----A---- C:\WINDOWS\System32\odbcad32.exe
2008-09-11 23:49:01 ----A---- C:\WINDOWS\System32\odbc32gt.dll
2008-09-11 23:49:01 ----A---- C:\WINDOWS\System32\odbc32.dll
2008-09-11 23:49:00 ----A---- C:\WINDOWS\System32\oakley.dll
2008-09-11 23:48:49 ----N---- C:\WINDOWS\System32\nv4_disp.dll
2008-09-11 23:48:33 ----A---- C:\WINDOWS\System32\ntshrui.dll
2008-09-11 23:48:29 ----A---- C:\WINDOWS\System32\ntmssvc.dll
2008-09-11 23:48:29 ----A---- C:\WINDOWS\System32\ntmsdba.dll
2008-09-11 23:48:29 ----A---- C:\WINDOWS\System32\ntmsapi.dll
2008-09-11 23:48:28 ----A---- C:\WINDOWS\System32\ntmarta.dll
2008-09-11 23:48:28 ----A---- C:\WINDOWS\System32\ntlanman.dll
2008-09-11 23:48:10 ----A---- C:\WINDOWS\System32\npptools.dll
2008-09-11 23:48:10 ----A---- C:\WINDOWS\System32\nmmkcert.dll
2008-09-11 23:48:09 ----A---- C:\WINDOWS\System32\nlhtml.dll
2008-09-11 23:48:08 ----A---- C:\WINDOWS\System32\newdev.dll
2008-09-11 23:48:05 ----N---- C:\WINDOWS\System32\wmvcore2.dll
2008-09-11 23:47:44 ----N---- C:\WINDOWS\System32\winbrand.dll
2008-09-11 23:47:42 ----N---- C:\WINDOWS\System32\xpsp1res.dll
2008-09-11 23:47:38 ----N---- C:\WINDOWS\System32\sbeio.dll
2008-09-11 23:47:37 ----N---- C:\WINDOWS\System32\sbe.dll
2008-09-11 23:47:30 ----N---- C:\WINDOWS\System32\mssap.dll
2008-09-11 23:47:28 ----N---- C:\WINDOWS\System32\msftedit.dll
2008-09-11 23:47:20 ----N---- C:\WINDOWS\System32\hccoin.dll
2008-09-11 23:47:20 ----N---- C:\WINDOWS\System32\faxpatch.exe
2008-09-11 23:47:19 ----N---- C:\WINDOWS\System32\encdec.dll
2008-09-11 23:47:19 ----N---- C:\WINDOWS\System32\encapi.dll
2008-09-11 23:47:19 ----N---- C:\WINDOWS\System32\dsprpres.dll
2008-09-11 23:47:16 ----N---- C:\WINDOWS\System32\ati3d2ag.dll
2008-09-11 23:47:08 ----N---- C:\WINDOWS\System32\ati3d1ag.dll
2008-09-11 23:46:57 ----N---- C:\WINDOWS\System32\ati2dvag.dll
2008-09-11 23:46:54 ----N---- C:\WINDOWS\System32\ati2dvaa.dll
2008-09-11 23:46:48 ----A---- C:\WINDOWS\System32\netshell.dll
2008-09-11 23:46:46 ----A---- C:\WINDOWS\System32\netsetup.exe
2008-09-11 23:46:45 ----A---- C:\WINDOWS\System32\netplwiz.dll
2008-09-11 23:46:45 ----A---- C:\WINDOWS\System32\netman.dll
2008-09-11 23:46:44 ----A---- C:\WINDOWS\System32\netlogon.dll
2008-09-11 23:46:44 ----A---- C:\WINDOWS\System32\netdde.exe
2008-09-11 23:46:43 ----A---- C:\WINDOWS\System32\netcfgx.dll
2008-09-11 23:46:43 ----A---- C:\WINDOWS\System32\netapi32.dll
2008-09-11 23:46:43 ----A---- C:\WINDOWS\System32\net1.exe
2008-09-11 23:46:42 ----A---- C:\WINDOWS\System32\net.exe
2008-09-11 23:46:42 ----A---- C:\WINDOWS\System32\nddenb32.dll
2008-09-11 23:46:41 ----A---- C:\WINDOWS\System32\ncobjapi.dll
2008-09-11 23:46:40 ----A---- C:\WINDOWS\System32\msxml3.dll
2008-09-11 23:46:37 ----A---- C:\WINDOWS\System32\msxml2.dll
2008-09-11 23:46:35 ----A---- C:\WINDOWS\System32\msxbde40.dll
2008-09-11 23:46:35 ----A---- C:\WINDOWS\System32\mswebdvd.dll
2008-09-11 23:46:33 ----A---- C:\WINDOWS\System32\msvidctl.dll
2008-09-11 23:46:32 ----A---- C:\WINDOWS\System32\msvfw32.dll
2008-09-11 23:46:32 ----A---- C:\WINDOWS\System32\msvcrt.dll
2008-09-11 23:46:31 ----A---- C:\WINDOWS\System32\msvcp60.dll
2008-09-11 23:46:31 ----A---- C:\WINDOWS\System32\msutb.dll
2008-09-11 23:46:31 ----A---- C:\WINDOWS\System32\msuni11.dll
2008-09-11 23:46:30 ----A---- C:\WINDOWS\System32\mstscax.dll
2008-09-11 23:46:30 ----A---- C:\WINDOWS\System32\mstsc.exe
2008-09-11 23:46:30 ----A---- C:\WINDOWS\System32\mstinit.exe
2008-09-11 23:46:29 ----A---- C:\WINDOWS\System32\mstime.dll
2008-09-11 23:46:29 ----A---- C:\WINDOWS\System32\mstext40.dll
2008-09-11 23:46:29 ----A---- C:\WINDOWS\System32\mstask.dll
2008-09-11 23:46:28 ----A---- C:\WINDOWS\System32\msscp.dll
2008-09-11 23:46:28 ----A---- C:\WINDOWS\System32\msrle32.dll
2008-09-11 23:46:27 ----A---- C:\WINDOWS\System32\msrepl40.dll
2008-09-11 23:46:21 ----A---- C:\WINDOWS\System32\msrd2x40.dll
2008-09-11 23:46:21 ----A---- C:\WINDOWS\System32\msrating.dll
2008-09-11 23:46:21 ----A---- C:\WINDOWS\System32\mspmsp.dll
2008-09-11 23:46:21 ----A---- C:\WINDOWS\System32\mspbde40.dll
2008-09-11 23:46:20 ----A---- C:\WINDOWS\System32\mspaint.exe
2008-09-11 23:46:20 ----A---- C:\WINDOWS\System32\msorcl32.dll
2008-09-11 23:46:20 ----A---- C:\WINDOWS\System32\msoert2.dll
2008-09-11 23:46:20 ----A---- C:\WINDOWS\System32\msoeacct.dll
2008-09-11 23:46:17 ----A---- C:\WINDOWS\System32\msnsspc.dll
2008-09-11 23:46:08 ----A---- C:\WINDOWS\System32\msltus40.dll
2008-09-11 23:46:08 ----A---- C:\WINDOWS\System32\mslbui.dll
2008-09-11 23:46:07 ----A---- C:\WINDOWS\System32\msjtes40.dll
2008-09-11 23:46:06 ----A---- C:\WINDOWS\System32\msjetoledb40.dll
2008-09-11 23:46:05 ----A---- C:\WINDOWS\System32\msjet40.dll
2008-09-11 23:46:04 ----A---- C:\WINDOWS\System32\msisam11.dll
2008-09-11 23:46:03 ----A---- C:\WINDOWS\System32\msimtf.dll
2008-09-11 23:46:03 ----A---- C:\WINDOWS\System32\msimg32.dll
2008-09-11 23:46:01 ----A---- C:\WINDOWS\System32\msieftp.dll
2008-09-11 23:45:59 ----A---- C:\WINDOWS\System32\mshtmler.dll
2008-09-11 23:45:58 ----A---- C:\WINDOWS\System32\mshtmled.dll
2008-09-11 23:45:54 ----A---- C:\WINDOWS\System32\mshtml.dll
2008-09-11 23:45:52 ----A---- C:\WINDOWS\System32\msexcl40.dll
2008-09-11 23:45:52 ----A---- C:\WINDOWS\System32\msexch40.dll
2008-09-11 23:45:52 ----A---- C:\WINDOWS\System32\msdxmlc.dll
2008-09-11 23:45:51 ----A---- C:\WINDOWS\System32\msdtcprx.dll
2008-09-11 23:45:50 ----A---- C:\WINDOWS\System32\msdart.dll
2008-09-11 23:45:48 ----A---- C:\WINDOWS\System32\msctfp.dll
2008-09-11 23:45:48 ----A---- C:\WINDOWS\System32\msctf.dll
2008-09-11 23:45:48 ----A---- C:\WINDOWS\System32\mscpx32r.dll
2008-09-11 23:45:48 ----A---- C:\WINDOWS\System32\msconf.dll
2008-09-11 23:45:48 ----A---- C:\WINDOWS\System32\mscms.dll
2008-09-11 23:45:42 ----A---- C:\WINDOWS\System32\mplay32.exe
2008-09-11 23:45:40 ----A---- C:\WINDOWS\System32\moricons.dll
2008-09-11 23:45:40 ----A---- C:\WINDOWS\System32\mobsync.dll
2008-09-11 23:45:39 ----A---- C:\WINDOWS\System32\mnmdd.dll
2008-09-11 23:45:37 ----A---- C:\WINDOWS\System32\mmcndmgr.dll
2008-09-11 23:45:36 ----A---- C:\WINDOWS\System32\mindex.dll
2008-09-11 23:45:24 ----A---- C:\WINDOWS\System32\logonui.exe
2008-09-11 23:45:24 ----A---- C:\WINDOWS\System32\localui.dll
2008-09-11 23:45:23 ----A---- C:\WINDOWS\System32\lmrt.dll
2008-09-11 23:45:22 ----A---- C:\WINDOWS\System32\licwmi.dll
2008-09-11 23:45:22 ----A---- C:\WINDOWS\System32\licmgr10.dll
2008-09-11 23:41:21 ----A---- C:\WINDOWS\System32\kerberos.dll
2008-09-11 23:41:20 ----A---- C:\WINDOWS\System32\kd1394.dll
2008-09-11 23:41:20 ----A---- C:\WINDOWS\System32\ixsso.dll
2008-09-11 23:41:20 ----A---- C:\WINDOWS\System32\iuengine.dll
2008-09-11 23:41:20 ----A---- C:\WINDOWS\System32\iuctl.dll
2008-09-11 23:41:20 ----A---- C:\WINDOWS\System32\itss.dll
2008-09-11 23:41:19 ----A---- C:\WINDOWS\System32\pidgen.dll
2008-09-11 23:41:19 ----A---- C:\WINDOWS\System32\itircl.dll
2008-09-11 23:41:19 ----A---- C:\WINDOWS\System32\ipv6mon.dll
2008-09-11 23:41:19 ----A---- C:\WINDOWS\System32\ipv6.exe
2008-09-11 23:41:19 ----A---- C:\WINDOWS\System32\dpcdll.dll
2008-09-11 23:41:18 ----A---- C:\WINDOWS\System32\ipsecsvc.dll
2008-09-11 23:41:18 ----A---- C:\WINDOWS\System32\ippromon.dll
2008-09-11 23:41:17 ----A---- C:\WINDOWS\System32\ipnathlp.dll
2008-09-11 23:41:15 ----A---- C:\WINDOWS\System32\iphlpapi.dll
2008-09-11 23:41:15 ----A---- C:\WINDOWS\System32\ipconfig.exe
2008-09-11 23:41:14 ----A---- C:\WINDOWS\System32\wsecedit.dll
2008-09-11 23:41:13 ----A---- C:\WINDOWS\System32\tracerpt.exe
2008-09-11 23:41:13 ----A---- C:\WINDOWS\System32\tlntsvrp.dll
2008-09-11 23:41:13 ----A---- C:\WINDOWS\System32\tlntsvr.exe
2008-09-11 23:41:13 ----A---- C:\WINDOWS\System32\tlntsess.exe
2008-09-11 23:41:12 ----A---- C:\WINDOWS\System32\tlntadmn.exe
2008-09-11 23:41:08 ----N---- C:\WINDOWS\System32\spiisupd.exe
2008-09-11 23:41:08 ----A---- C:\WINDOWS\System32\schtasks.exe
2008-09-11 23:41:06 ----A---- C:\WINDOWS\System32\rsnotify.exe
2008-09-11 23:41:05 ----A---- C:\WINDOWS\System32\nwwks.dll
2008-09-11 23:41:01 ----A---- C:\WINDOWS\System32\mqutil.dll
2008-09-11 23:41:01 ----A---- C:\WINDOWS\System32\mqtrig.dll
2008-09-11 23:41:00 ----A---- C:\WINDOWS\System32\mqsnap.dll
2008-09-11 23:41:00 ----A---- C:\WINDOWS\System32\mqsec.dll
2008-09-11 23:41:00 ----A---- C:\WINDOWS\System32\mqrt.dll
2008-09-11 23:40:59 ----A---- C:\WINDOWS\System32\mqqm.dll
2008-09-11 23:40:59 ----A---- C:\WINDOWS\System32\mqise.dll
2008-09-11 23:40:59 ----A---- C:\WINDOWS\System32\mqad.dll
2008-09-11 23:40:50 ----A---- C:\WINDOWS\System32\gptext.dll
2008-09-11 23:40:50 ----A---- C:\WINDOWS\System32\gpresult.exe
2008-09-11 23:40:50 ----A---- C:\WINDOWS\System32\fdeploy.dll
2008-09-11 23:40:48 ----N---- C:\WINDOWS\System32\asr_pfu.exe
2008-09-11 23:40:48 ----A---- C:\WINDOWS\System32\appmgr.dll
2008-09-11 23:40:48 ----A---- C:\WINDOWS\System32\appmgmts.dll
2008-09-11 23:40:41 ----A---- C:\WINDOWS\System32\inseng.dll
2008-09-11 23:40:41 ----A---- C:\WINDOWS\System32\input.dll
2008-09-11 23:40:40 ----A---- C:\WINDOWS\System32\inetcomm.dll
2008-09-11 23:40:40 ----A---- C:\WINDOWS\System32\imm32.dll
2008-09-11 23:40:40 ----A---- C:\WINDOWS\System32\imgutil.dll
2008-09-11 23:40:40 ----A---- C:\WINDOWS\System32\imeshare.dll
2008-09-11 23:40:39 ----A---- C:\WINDOWS\System32\imapi.exe
2008-09-11 23:40:39 ----A---- C:\WINDOWS\System32\ils.dll
2008-09-11 23:40:38 ----A---- C:\WINDOWS\System32\iesetup.dll
2008-09-11 23:40:38 ----A---- C:\WINDOWS\System32\iepeers.dll
2008-09-11 23:40:38 ----A---- C:\WINDOWS\System32\iedkcs32.dll
2008-09-11 23:40:38 ----A---- C:\WINDOWS\System32\ieaksie.dll
2008-09-11 23:40:37 ----A---- C:\WINDOWS\System32\ieakeng.dll
2008-09-11 23:40:37 ----A---- C:\WINDOWS\System32\ie4uinit.exe
2008-09-11 23:40:37 ----A---- C:\WINDOWS\System32\idq.dll
2008-09-11 23:40:35 ----A---- C:\WINDOWS\System32\icm32.dll
2008-09-11 23:40:35 ----A---- C:\WINDOWS\System32\icaapi.dll
2008-09-11 23:40:35 ----A---- C:\WINDOWS\System32\hnetcfg.dll
2008-09-11 23:40:34 ----A---- C:\WINDOWS\System32\hhsetup.dll
2008-09-11 23:40:33 ----A---- C:\WINDOWS\hh.exe
2008-09-11 23:40:30 ----A---- C:\WINDOWS\System32\HAL.DLL
2008-09-11 23:40:22 ----A---- C:\WINDOWS\System32\framebuf.dll
2008-09-11 23:39:45 ----A---- C:\WINDOWS\System32\fontview.exe
2008-09-11 23:39:45 ----A---- C:\WINDOWS\System32\fldrclnr.dll
2008-09-11 23:39:44 ----A---- C:\WINDOWS\System32\faultrep.dll
2008-09-11 23:39:44 ----A---- C:\WINDOWS\000001_.tmp
2008-09-11 23:39:43 ----A---- C:\WINDOWS\System32\expsrv.dll
2008-09-11 23:39:43 ----A---- C:\WINDOWS\System32\eventlog.dll
2008-09-11 23:39:43 ----A---- C:\WINDOWS\explorer.exe
2008-09-11 23:39:42 ----A---- C:\WINDOWS\System32\eudcedit.exe
2008-09-11 23:39:40 ----A---- C:\WINDOWS\System32\es.dll
2008-09-11 23:39:40 ----A---- C:\WINDOWS\System32\ersvc.dll
2008-09-11 23:39:40 ----A---- C:\WINDOWS\System32\els.dll
2008-09-11 23:39:39 ----A---- C:\WINDOWS\System32\dxtrans.dll
2008-09-11 23:39:39 ----A---- C:\WINDOWS\System32\dxtmsft.dll
2008-09-11 23:39:38 ----A---- C:\WINDOWS\System32\dxmrtp.dll
2008-09-11 23:39:37 ----A---- C:\WINDOWS\System32\dxmasf.dll
2008-09-11 23:39:35 ----A---- C:\WINDOWS\System32\dxdiag.exe
2008-09-11 23:39:34 ----A---- C:\WINDOWS\System32\dwwin.exe
2008-09-11 23:39:34 ----A---- C:\WINDOWS\System32\duser.dll
2008-09-11 23:39:34 ----A---- C:\WINDOWS\System32\dumprep.exe
2008-09-11 23:39:34 ----A---- C:\WINDOWS\System32\dssenh.dll
2008-09-11 23:39:34 ----A---- C:\WINDOWS\System32\dsquery.dll
2008-09-11 23:39:34 ----A---- C:\WINDOWS\System32\dsprop.dll
2008-09-11 23:39:33 ----A---- C:\WINDOWS\System32\ds32gt.dll
2008-09-11 23:39:31 ----A---- C:\WINDOWS\System32\dpwsockx.dll
2008-09-11 23:39:31 ----A---- C:\WINDOWS\System32\dpvsetup.exe
2008-09-11 23:39:31 ----A---- C:\WINDOWS\System32\dpvoice.dll
2008-09-11 23:39:30 ----A---- C:\WINDOWS\System32\dpnhupnp.dll
2008-09-11 23:39:30 ----A---- C:\WINDOWS\System32\dpnhpast.dll
2008-09-11 23:39:30 ----A---- C:\WINDOWS\System32\dpnet.dll
2008-09-11 23:39:30 ----A---- C:\WINDOWS\System32\docprop2.dll
2008-09-11 23:39:30 ----A---- C:\WINDOWS\System32\dnsapi.dll
2008-09-11 23:39:30 ----A---- C:\WINDOWS\System32\dmusic.dll
2008-09-11 23:39:30 ----A---- C:\WINDOWS\System32\dmstyle.dll
2008-09-11 23:39:30 ----A---- C:\WINDOWS\System32\dmscript.dll
2008-09-11 23:39:30 ----A---- C:\WINDOWS\System32\dmloader.dll
2008-09-11 23:39:29 ----A---- C:\WINDOWS\System32\dmime.dll
2008-09-11 23:39:29 ----A---- C:\WINDOWS\System32\dmcompos.dll
2008-09-11 23:39:29 ----A---- C:\WINDOWS\System32\dmband.dll
2008-09-11 23:39:28 ----A---- C:\WINDOWS\System32\dinput8.dll
2008-09-11 23:39:28 ----A---- C:\WINDOWS\System32\dinput.dll
2008-09-11 23:39:28 ----A---- C:\WINDOWS\System32\digest.dll
2008-09-11 23:39:28 ----A---- C:\WINDOWS\System32\dgnet.dll
2008-09-11 23:39:28 ----A---- C:\WINDOWS\System32\dfsshlex.dll
2008-09-11 23:39:28 ----A---- C:\WINDOWS\System32\dfrgui.dll
2008-09-11 23:39:27 ----A---- C:\WINDOWS\System32\dfrgsnap.dll
2008-09-11 23:39:27 ----A---- C:\WINDOWS\System32\dfrgntfs.exe
2008-09-11 23:39:27 ----A---- C:\WINDOWS\System32\dfrgfat.exe
2008-09-11 23:39:27 ----A---- C:\WINDOWS\System32\devmgr.dll
2008-09-11 23:39:26 ----A---- C:\WINDOWS\System32\defrag.exe
2008-09-11 23:39:25 ----A---- C:\WINDOWS\System32\ddraw.dll
2008-09-11 23:39:25 ----A---- C:\WINDOWS\System32\dbnmpntw.dll
2008-09-11 23:39:25 ----A---- C:\WINDOWS\System32\dbnetlib.dll
2008-09-11 23:39:25 ----A---- C:\WINDOWS\System32\dbmsvinn.dll
2008-09-11 23:39:25 ----A---- C:\WINDOWS\System32\dbmsrpcn.dll
2008-09-11 23:39:25 ----A---- C:\WINDOWS\System32\dbmsadsn.dll
2008-09-11 23:39:24 ----A---- C:\WINDOWS\System32\dbghelp.dll
2008-09-11 23:39:23 ----A---- C:\WINDOWS\System32\danim.dll
2008-09-11 23:39:22 ----A---- C:\WINDOWS\System32\d3d8.dll
2008-09-11 23:39:22 ----A---- C:\WINDOWS\System32\ctfmon.exe
2008-09-11 23:39:22 ----A---- C:\WINDOWS\System32\cscui.dll
2008-09-11 23:39:21 ----A---- C:\WINDOWS\System32\cryptui.dll
2008-09-11 23:39:21 ----A---- C:\WINDOWS\System32\cryptsvc.dll
2008-09-11 23:39:21 ----A---- C:\WINDOWS\System32\cryptdlg.dll
2008-09-11 23:39:21 ----A---- C:\WINDOWS\System32\crypt32.dll
2008-09-11 23:39:20 ----A---- C:\WINDOWS\System32\credui.dll
2008-09-11 23:39:20 ----A---- C:\WINDOWS\System32\conime.exe
2008-09-11 23:39:18 ----A---- C:\WINDOWS\System32\comsvcs.dll
2008-09-11 23:39:18 ----A---- C:\WINDOWS\System32\compatui.dll
2008-09-11 23:39:17 ----A---- C:\WINDOWS\System32\cmdl32.exe
2008-09-11 23:39:17 ----A---- C:\WINDOWS\System32\cmdial32.dll
2008-09-11 23:39:16 ----A---- C:\WINDOWS\System32\clusapi.dll
2008-09-11 23:39:16 ----A---- C:\WINDOWS\System32\clipbrd.exe
2008-09-11 23:39:16 ----A---- C:\WINDOWS\System32\ciodm.dll
2008-09-11 23:39:14 ----A---- C:\WINDOWS\System32\cfgbkend.dll
2008-09-11 23:39:14 ----A---- C:\WINDOWS\System32\cewmdm.dll
2008-09-11 23:39:14 ----A---- C:\WINDOWS\System32\certcli.dll
2008-09-11 23:39:13 ----A---- C:\WINDOWS\System32\catsrvut.dll
2008-09-11 23:39:12 ----A---- C:\WINDOWS\System32\cabinet.dll
2008-09-11 23:39:12 ----A---- C:\WINDOWS\System32\browsewm.dll
2008-09-11 23:39:12 ----A---- C:\WINDOWS\System32\browseui.dll
2008-09-11 23:39:12 ----A---- C:\WINDOWS\System32\browser.dll
2008-09-11 23:39:12 ----A---- C:\WINDOWS\System32\browselc.dll
2008-09-11 23:39:11 ----A---- C:\WINDOWS\System32\batt.dll
2008-09-11 23:39:11 ----A---- C:\WINDOWS\System32\avifil32.dll
2008-09-11 23:39:11 ----A---- C:\WINDOWS\System32\autolfn.exe
2008-09-11 23:39:10 ----A---- C:\WINDOWS\System32\audiosrv.dll
2008-09-11 23:39:10 ----A---- C:\WINDOWS\System32\atl.dll
2008-09-11 23:38:19 ----A---- C:\WINDOWS\System32\at.exe
2008-09-11 23:38:19 ----A---- C:\WINDOWS\System32\asfsipc.dll
2008-09-11 23:38:19 ----A---- C:\WINDOWS\System32\asferror.dll
2008-09-11 23:38:17 ----A---- C:\WINDOWS\System32\apphelp.dll
2008-09-11 23:38:15 ----A---- C:\WINDOWS\System32\alg.exe
2008-09-11 23:38:15 ----A---- C:\WINDOWS\System32\ahui.exe
2008-09-11 23:38:12 ----A---- C:\WINDOWS\System32\advpack.dll
2008-09-11 23:38:11 ----A---- C:\WINDOWS\System32\adsnt.dll
2008-09-11 23:38:11 ----A---- C:\WINDOWS\System32\adsmsext.dll
2008-09-11 23:38:11 ----A---- C:\WINDOWS\System32\adsldpc.dll
2008-09-11 23:38:11 ----A---- C:\WINDOWS\System32\adsldp.dll
2008-09-11 23:38:02 ----A---- C:\WINDOWS\System32\6to4svc.dll
2008-09-11 21:08:54 ----A---- C:\WINDOWS\ntbtlog.txt
2008-09-11 20:04:16 ----SD---- C:\WINDOWS\System32\Microsoft
2008-09-11 20:03:28 ----D---- C:\Archivos de programa\Lavasoft
2008-09-11 20:03:16 ----D---- C:\Documents and Settings\All Users\Datos de programa\Lavasoft
2008-09-11 20:00:31 ----D---- C:\Archivos de programa\Archivos comunes\Wise Installation Wizard
2008-09-11 19:54:04 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-09-11 19:11:40 ----SH---- C:\WINDOWS\System32\txtagast.ini
2008-09-11 19:11:19 ----A---- C:\WINDOWS\System32\tsagatxt.dll
2008-09-11 19:09:47 ----A---- C:\WINDOWS\System32\bmgvkl.dll
2008-09-11 19:09:42 ----A---- C:\WINDOWS\System32\ttggskvd.dll
2008-09-11 19:09:28 ----A---- C:\WINDOWS\pskt.ini
2008-09-11 19:09:02 ----A---- C:\WINDOWS\System32\lpuorrtk.dll
2008-09-11 16:00:57 ----D---- C:\Documents and Settings\All Users\Datos de programa\Adobe
2008-09-10 19:15:59 ----SH---- C:\WINDOWS\System32\rgcskhea.ini
2008-09-10 19:15:54 ----A---- C:\WINDOWS\System32\aehkscgr.dll
2008-09-10 19:08:38 ----A---- C:\WINDOWS\System32\tfhfiu.dll
2008-09-10 19:08:23 ----A---- C:\WINDOWS\System32\xnjbobph.dll
2008-09-10 19:07:12 ----SH---- C:\WINDOWS\System32\rxokvhia.ini
2008-09-10 19:06:49 ----A---- C:\WINDOWS\System32\cblkvlcu.dll
2008-09-10 18:50:10 ----A---- C:\WINDOWS\System32\hrmaqmtt.dll
2008-09-10 18:48:47 ----SH---- C:\WINDOWS\System32\aahonlwi.ini
2008-09-10 18:47:59 ----A---- C:\WINDOWS\System32\jkpksrsu.dll
2008-09-10 18:47:10 ----ASH---- C:\WINDOWS\System32\VvFLRqss.ini2
2008-09-10 18:47:10 ----ASH---- C:\WINDOWS\System32\VvFLRqss.ini
2008-09-10 18:46:49 ----A---- C:\WINDOWS\System32\ssqRLFvV.dll
2008-09-10 18:32:27 ----A---- C:\WINDOWS\System32\gaftftng.tmp
2008-09-10 16:53:01 ----SH---- C:\WINDOWS\System32\gaftftng.ini
2008-09-10 16:52:48 ----A---- C:\WINDOWS\System32\gntftfag.dll
2008-09-10 16:52:31 ----A---- C:\WINDOWS\System32\anscmrjw.dll
2008-09-10 13:59:40 ----D---- C:\Archivos de programa\trend micro
2008-09-10 13:59:36 ----D---- C:\rsit
2008-09-09 21:38:34 ----A---- C:\WINDOWS\System32\mcrh.tmp
2008-09-09 20:27:26 ----A---- C:\WINDOWS\System32\nxbngw.dll
2008-09-09 20:27:22 ----A---- C:\WINDOWS\System32\fwganjlf.dll
2008-09-09 16:56:02 ----A---- C:\WINDOWS\wininit.ini
2008-09-09 16:55:42 ----SH---- C:\WINDOWS\System32\cwwotpac.ini
2008-09-09 10:51:36 ----SH---- C:\WINDOWS\System32\hltolbpj.ini
2008-09-09 10:49:40 ----A---- C:\WINDOWS\System32\OMPKFA.DLL.ren
2008-09-09 10:49:35 ----A---- C:\WINDOWS\System32\cergtgat.dll
2008-09-09 10:49:29 ----A---- C:\WINDOWS\BM3768b064.txt
2008-09-09 10:48:57 ----A---- C:\WINDOWS\System32\3f784786-.txt
2008-09-09 10:48:19 ----ASH---- C:\WINDOWS\System32\fMllknpo.ini2
2008-09-09 10:48:19 ----ASH---- C:\WINDOWS\System32\fMllknpo.ini
2008-09-09 10:48:09 ----A---- C:\WINDOWS\System32\opnkllMf.dll.ren
2008-09-09 10:43:02 ----A---- C:\WINDOWS\System32\opnlJdeE.dll
2008-09-09 08:14:02 ----D---- C:\Documents and Settings\Leonardo\Datos de programa\Macromedia
2008-09-09 06:17:40 ----D---- C:\Documents and Settings\Leonardo\Datos de programa\Google
2008-09-09 05:46:52 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2008-09-08 21:33:47 ----D---- C:\Archivos de programa\BitTorrent
2008-09-07 15:40:50 ----A---- C:\WINDOWS\System32\imon.dll
2008-09-07 15:37:50 ----D---- C:\Archivos de programa\ESET
2008-09-07 14:03:39 ----D---- C:\Archivos de programa\eMule
2008-09-07 14:00:18 ----A---- C:\WINDOWS\IE4 Error Log.txt
2008-09-07 13:04:45 ----D---- C:\Documents and Settings\All Users\Datos de programa\Spybot - Search & Destroy
2008-09-07 13:04:45 ----D---- C:\Archivos de programa\Spybot - Search & Destroy
2008-09-07 12:10:27 ----A---- C:\WINDOWS\System32\mdimon.dll
2008-09-07 12:05:26 ----D---- C:\Archivos de programa\Microsoft.NET
2008-09-07 12:02:09 ----D---- C:\Archivos de programa\Archivos comunes\DESIGNER
2008-09-07 12:01:44 ----D---- C:\Archivos de programa\Microsoft Works
2008-09-07 12:01:13 ----D---- C:\Archivos de programa\Microsoft Visual Studio
2008-09-07 11:59:55 ----D---- C:\WINDOWS\SHELLNEW
2008-09-07 11:58:58 ----D---- C:\Archivos de programa\Microsoft Office
2008-09-07 11:53:54 ----RHD---- C:\MSOCache
2008-09-07 11:43:43 ----D---- C:\WINDOWS\System32\bits
2008-09-07 11:43:37 ----N---- C:\WINDOWS\System32\spmsg.dll
2008-09-07 11:43:26 ----HDC---- C:\WINDOWS\$NtUninstallKB842773$
2008-09-07 11:42:01 ----D---- C:\itshfbc
2008-09-07 11:29:33 ----N---- C:\WINDOWS\System32\bitsprx3.dll
2008-09-07 11:29:33 ----N---- C:\WINDOWS\System32\bitsprx2.dll
2008-09-07 11:29:33 ----A---- C:\WINDOWS\System32\winhttp.dll
2008-09-07 11:29:33 ----A---- C:\WINDOWS\System32\qmgrprxy.dll
2008-09-07 11:26:35 ----A---- C:\WINDOWS\System32\wups2.dll
2008-09-07 11:26:35 ----A---- C:\WINDOWS\System32\wups.dll
2008-09-07 11:26:35 ----A---- C:\WINDOWS\System32\wucltui.dll.mui
2008-09-07 11:26:35 ----A---- C:\WINDOWS\System32\wucltui.dll
2008-09-07 11:26:35 ----A---- C:\WINDOWS\System32\wuaueng.dll.mui
2008-09-07 11:26:32 ----A---- C:\WINDOWS\System32\wuapi.dll.mui
2008-09-07 11:26:32 ----A---- C:\WINDOWS\System32\wuapi.dll
2008-09-07 11:25:45 ----D---- C:\WINDOWS\SoftwareDistribution
2008-09-07 10:41:04 ----D---- C:\Archivos de programa\Google
2008-09-07 10:08:31 ----D---- C:\Archivos de programa\DX Monitor
2008-09-06 19:49:20 ----D---- C:\Archivos de programa\YStress
2008-09-06 18:53:03 ----A---- C:\WINDOWS\System32\msodbc13.dll
2008-09-06 18:51:48 ----A---- C:\WINDOWS\unvise32.exe
2008-09-06 18:51:45 ----D---- C:\Archivos de programa\ScreenFlash Pro 1.3
2008-09-06 18:46:17 ----D---- C:\Archivos de programa\EasyPal
2008-09-06 18:44:46 ----D---- C:\Archivos de programa\Beam_DX
2008-09-06 18:40:31 ----D---- C:\Archivos de programa\AziPoint
2008-09-06 18:39:20 ----A---- C:\WINDOWS\azmap2.INI
2008-09-06 18:37:42 ----D---- C:\Archivos de programa\Azmap
2008-09-06 18:27:50 ----D---- C:\Archivos de programa\Wav2MP3 Wizard
2008-09-06 18:26:48 ----D---- C:\Archivos de programa\WinMorse

List of drivers

R1 nod32drv;nod32drv; C:\WINDOWS\System32\system32\drivers\nod32drv.sys []
R2 AMON;AMON; C:\WINDOWS\System32\system32\drivers\amon.sys []
R2 DLPortIO;DriverLINX Port I/O Driver; \??\C:\WINDOWS\System32\DRIVERS\DLPortIO.SYS []
R2 MixPortDriver;MixPortDriver; C:\WINDOWS\System32\drivers\MixPortDriver.sys [2002-05-03 3623]
R3 cwrwdm;Controlador WDM de SoundFusion(TM); C:\WINDOWS\System32\DRIVERS\cwrwdm.sys [2001-08-17 46848]
R3 GNCT511;Genius VideoCAM NB; C:\WINDOWS\System32\DRIVERS\gnct511.sys [2002-11-14 229376]
R3 nv4;nv4; C:\WINDOWS\System32\DRIVERS\nv4.sys [2001-08-17 731648]
R3 rtl8029;Controlador de Windows NT del adaptador Ethernet PCI basado en Realtek RTL8029(AS); C:\WINDOWS\System32\DRIVERS\RTL8029.SYS [2001-08-17 19017]
R3 usbhub;Concentrador habilitado USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2002-08-29 51968]
R3 usbuhci;Controlador minipuerto de la controladora de host universal USB de Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2002-08-29 19328]
R3 WS2IFSL;Entorno de compatibilidad con proveedores de servicios no IFS de Windows Socket 2.0; C:\WINDOWS\System32\System32\drivers\ws2ifsl.sys []
S2 zntport;ioctrl driver ; \??\C:\WINDOWS\System32\zntport.sys []
S3 CCDECODE;Descodificador de título cerrado; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2002-08-29 16384]
S3 giveio;giveio; \??\C:\WINDOWS\System32\giveio.sys []
S3 HidUsb;Controlador de clases HID de Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 mouhid;Controlador HID de mouse; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-22 12416]
S3 MSTEE;Convertidor Tee/Sink-to-Sink de transferencia de Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-08-29 4992]
S3 NABTSFEC;Códec NABTS/FEC VBI; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2001-08-17 83712]
S3 NdisIP;Conexión de TV/Vídeo de Microsoft; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2001-08-17 8064]
S3 S3SAVAGE4M;S3SAVAGE4M; C:\WINDOWS\System32\DRIVERS\s3sav4m.sys [2001-08-17 77824]
S3 SiSV;SiSV; C:\WINDOWS\System32\DRIVERS\SiSV.sys [2001-08-17 50432]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2001-08-17 10752]
S3 streamip;Receptor BDA IP; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2001-08-17 14592]
S3 trid3d;trid3d; C:\WINDOWS\System32\DRIVERS\trid3dm.sys [2001-08-17 222336]
S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\System32\DRIVERS\TVICHW32.SYS []
S3 USBSTOR;Dispositivo de almacenamiento masivo de datos USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2002-08-29 21760]
S3 WSTCODEC;Códec de teletexto estándar mundial; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2001-08-17 18560]
S4 IntelIde;IntelIde; C:\WINDOWS\System32\drivers\IntelIde.sys []

List of services

R2 aawservice;Lavasoft Ad-Aware Service; C:\Archivos de programa\Lavasoft\Ad-Aware\aawservice.exe [2008-06-02 611664]
R2 MDM;Machine Debug Manager; C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 NOD32krn;NOD32 Kernel Service; C:\Archivos de programa\Eset\nod32krn.exe [2008-09-07 552064]
S3 gusvc;Google Updater Service; C:\Archivos de programa\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-09-09 156656]
S3 ose;Office Source Engine; C:\Archivos de programa\Archivos comunes\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

-----------------EOF-----------------


:)Best Regards

pskelley
2008-09-12, 19:19
Welcome to Safer Networking, I wish to be sure you have viewed and understand this information.
"BEFORE you POST" (READ this Procedure before Requesting Assistance)
http://forums.spybot.info/showthread.php?t=288
All advice given is taken at your own risk.
Please make sure you have read this information so we are on the same page.

Once again I ask this:
Please make sure you have read this information so we are on the same page.

"BEFORE you POST"(READ this Procedure BEFORE Requesting Assistance)
http://forums.spybot.info/showthread.php?t=288


3) HiJackThis log - Trend Micro HijackThis 2.0.2
Click here to download HJTInstall.exe
Save HJTInstall.exe to your desktop.
Doubleclick on the HJTInstall.exe icon on your desktop.
By default it will install to C:\Program Files\Trend Micro\HijackThis .
Click on Install.
It will create a HijackThis icon on the desktop.
Once installed, it will launch Hijackthis.
Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
Click on "Edit > Select All" then click on "Edit > Copy" and Paste the entire contents of the log (no attachments) into your (Click --> ) own new topic
DO NOT use the AnalyseThis button, its findings are dangerous if misinterpreted.
DO NOT have Hijackthis fix anything yet. Most of what HJT lists will be harmless or even required by your Operating System, a helper will guide you.

Provide:
a) The HJT log only.
Thanks

pskelley
2008-09-18, 19:53
Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team
a PM with the address of the thread. This applies only to the original topic starter.

If it has been five days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh HijackThis log and a link to your previous thread.

If it has been less than five days since your last response and you need the thread re-opened, please send me or your helper a private message (pm). A valid, working link to the closed topic is required.

Everyone else please begin a New Topic.