Professional Documents
Culture Documents
)))))))))))))))))))))))))))))))
.
2014-11-11 20:02 . 2012-06-03 14:15
701104 ----a-wc:\windows\syste
m32\FlashPlayerApp.exe
2014-11-11 20:02 . 2012-01-15 04:56
71344 ----a-wc:\windows\syste
m32\FlashPlayerCPLApp.cpl
2014-11-05 12:57 . 2014-07-13 17:36
70384 ----a-wc:\windows\syste
m32\drivers\aswmonflt.sys
2014-11-05 12:57 . 2013-06-01 11:32
787800 ----a-wc:\windows\syste
m32\drivers\aswsnx.sys
2014-11-05 12:56 . 2014-07-13 17:43
24184 ----a-wc:\windows\syste
m32\drivers\aswHwid.sys
2014-11-05 12:56 . 2014-07-13 17:36
49944 ----a-wc:\windows\syste
m32\drivers\aswRvrt.sys
2014-11-05 12:56 . 2014-07-13 17:36
206248 ----a-wc:\windows\syste
m32\drivers\aswVmm.sys
2014-11-05 12:56 . 2013-06-01 11:32
422760 ----a-wc:\windows\syste
m32\drivers\aswsp.sys
2014-11-05 12:56 . 2013-06-01 11:32
57928 ----a-wc:\windows\syste
m32\drivers\aswTdi.sys
2014-11-05 12:56 . 2013-06-01 11:32
55240 ----a-wc:\windows\syste
m32\drivers\aswRdr.sys
2014-09-26 23:16 . 2012-06-03 13:33
145408 ----a-wc:\windows\syste
m32\javacpl.cpl
2014-08-31 01:48 . 2012-01-14 16:36
90112 ----a-wc:\windows\DUMP5
f65.tmp
2014-08-31 01:11 . 2012-01-14 16:36
90112 ----a-wc:\windows\DUMP6
002.tmp
2014-08-24 16:59 . 2014-08-24 16:59
718497 ----a-wc:\windows\unins
000.exe
.
.
------- Sigcheck ------Note: Unsigned files aren't necessarily malware.
.
[-] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] .
. c:\windows\ServicePackFiles\i386\atapi.sys
[-] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] .
. c:\windows\system32\drivers\atapi.sys
[-] 2006-03-02 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] .
. c:\windows\$NtServicePackUninstall$\atapi.sys
.
[-] 2008-04-14 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] .
. c:\windows\ServicePackFiles\i386\asyncmac.sys
[-] 2008-04-14 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] .
. c:\windows\system32\drivers\asyncmac.sys
[-] 2006-03-02 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] .
. c:\windows\$NtServicePackUninstall$\asyncmac.sys
.
[-] 2012-01-15 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:
\windows\system32\dllcache\beep.sys
[-] 2012-01-15 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:
\windows\system32\drivers\beep.sys
.
[-] 2008-04-14 . 188DDD286BC0DAEA6984858C6A4D7BBF . 25088 . . [5.1.2600.5512] .
. c:\windows\ServicePackFiles\i386\kbdclass.sys
[-] 2008-04-14 . 188DDD286BC0DAEA6984858C6A4D7BBF . 25088 . . [5.1.2600.5512] .
. c:\windows\system32\drivers\kbdclass.sys
. c:\windows\$NtServicePackUninstall$\netman.dll
.
[-] 2008-04-14 12:48 . 93F4E612C695E81512110956454E6E25 . 837120 . . [2001.12.44
14.700] . . c:\windows\ServicePackFiles\i386\comres.dll
[-] 2008-04-14 12:48 . 93F4E612C695E81512110956454E6E25 . 837120 . . [2001.12.44
14.700] . . c:\windows\system32\comres.dll
[-] 2006-03-02 10:00 . DECF5947EF11B06D716E08D0B86FC62A . 837120 . . [2001.12.44
14.258] . . c:\windows\$NtServicePackUninstall$\comres.dll
.
[-] 2008-04-14 . 8EE9639C01B92490E09638CAA1B16C3C . 409088 . . [6.7.2600.5512] .
. c:\windows\ServicePackFiles\i386\qmgr.dll
[-] 2008-04-14 . 8EE9639C01B92490E09638CAA1B16C3C . 409088 . . [6.7.2600.5512] .
. c:\windows\system32\qmgr.dll
[-] 2008-04-14 . 8EE9639C01B92490E09638CAA1B16C3C . 409088 . . [6.7.2600.5512] .
. c:\windows\system32\bits\qmgr.dll
[-] 2006-03-02 . 02451268DC47E4DC228210DA0E3C3274 . 382464 . . [6.6.2600.2180] .
. c:\windows\$NtServicePackUninstall$\qmgr.dll
.
[-] 2009-02-09 . AEF41FC6F108CC4F94F9B4E96AFA9C70 . 401408 . . [5.1.2600.5755] .
. c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[-] 2009-02-09 . 97869C55F562B777987100EA30AD8108 . 401408 . . [5.1.2600.5755] .
. c:\windows\system32\rpcss.dll
[-] 2009-02-09 . 97869C55F562B777987100EA30AD8108 . 401408 . . [5.1.2600.5755] .
. c:\windows\system32\dllcache\rpcss.dll
[-] 2008-04-14 . 53D02EFFA72CA5C57687BEE20610ABA6 . 399360 . . [5.1.2600.5512] .
. c:\windows\$NtUninstallKB956572$\rpcss.dll
[-] 2008-04-14 . 53D02EFFA72CA5C57687BEE20610ABA6 . 399360 . . [5.1.2600.5512] .
. c:\windows\ServicePackFiles\i386\rpcss.dll
[-] 2006-03-02 . 86945706EBF0460631917E967BAB3CC4 . 395776 . . [5.1.2600.2180] .
. c:\windows\$NtServicePackUninstall$\rpcss.dll
.
[-] 2009-02-09 . 953DF7327510DF0DE048B8E80E504EF9 . 111104 . . [5.1.2600.5755] .
. c:\windows\system32\services.exe
[-] 2009-02-09 . 953DF7327510DF0DE048B8E80E504EF9 . 111104 . . [5.1.2600.5755] .
. c:\windows\system32\dllcache\services.exe
[-] 2009-02-09 . AA6E1769469F9D15603A619FC1FB9E18 . 111104 . . [5.1.2600.5755] .
. c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[-] 2008-04-14 . D658A8C2FC7B2AD53D1259741A09EE04 . 109056 . . [5.1.2600.5512] .
. c:\windows\$NtUninstallKB956572$\services.exe
[-] 2008-04-14 . D658A8C2FC7B2AD53D1259741A09EE04 . 109056 . . [5.1.2600.5512] .
. c:\windows\ServicePackFiles\i386\services.exe
[-] 2006-03-02 . F9852F505E0699BB83D5C6321917040B . 108544 . . [5.1.2600.2180] .
. c:\windows\$NtServicePackUninstall$\services.exe
.
[-] 2010-08-17 . 258DD5D4283FD9F9A7166BE9AE45CE73 . 58880 . . [5.1.2600.6024] .
. c:\windows\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
[-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] .
. c:\windows\system32\spoolsv.exe
[-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] .
. c:\windows\system32\dllcache\spoolsv.exe
[-] 2008-04-14 . CDD2DC6AE65084481E723E746C20539A . 57856 . . [5.1.2600.5512] .
. c:\windows\$NtUninstallKB2347290$\spoolsv.exe
[-] 2008-04-14 . CDD2DC6AE65084481E723E746C20539A . 57856 . . [5.1.2600.5512] .
. c:\windows\ServicePackFiles\i386\spoolsv.exe
[-] 2006-03-02 . 1CF5AF263287CF6FEBF31539833EAF4A . 57856 . . [5.1.2600.2180] .
. c:\windows\$NtServicePackUninstall$\spoolsv.exe
.
[-] 2008-04-14 . 213C80D912880BBF04453D09FFCCB28C . 510976 . . [5.1.2600.5512] .
. c:\windows\ServicePackFiles\i386\winlogon.exe
[-] 2008-04-14 . 213C80D912880BBF04453D09FFCCB28C . 510976 . . [5.1.2600.5512] .
. c:\windows\system32\winlogon.exe
[-] 2006-03-02 . FCB59D25D628B4D3181DC816D14679DD . 505344 . . [5.1.2600.2180] .
. c:\windows\$NtServicePackUninstall$\winlogon.exe
.
[-] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] .
. c:\windows\ServicePackFiles\i386\ipsec.sys
[-] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] .
. c:\windows\system32\drivers\ipsec.sys
[-] 2006-03-02 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180] .
. c:\windows\$NtServicePackUninstall$\ipsec.sys
.
[-] 2010-08-23 . 3DDEC846E57F668C07407F3AC3B66220 . 617472 . . [5.82] . . c:\win
dows\system32\comctl32.dll
[-] 2010-08-23 . 3DDEC846E57F668C07407F3AC3B66220 . 617472 . . [5.82] . . c:\win
dows\system32\dllcache\comctl32.dll
[-] 2010-08-23 . 24B09ED0C5B019A5198A74504179EEB0 . 1054208 . . [6.0] . . c:\win
dows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028
_x-ww_61e65202\comctl32.dll
[-] 2008-04-14 . 618A4C7A7C0CA86DA884C8C0FACAD8C2 . 617472 . . [5.82] . . c:\win
dows\$NtUninstallKB2296011$\comctl32.dll
[-] 2008-04-14 . 618A4C7A7C0CA86DA884C8C0FACAD8C2 . 617472 . . [5.82] . . c:\win
dows\ServicePackFiles\i386\comctl32.dll
[-] 2008-04-14 . 08D17A982CD6191B34D1B8C8A2E694B6 . 1054208 . . [6.0] . . c:\win
dows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512
_x-ww_35d4ce83\comctl32.dll
[-] 2006-03-02 . EDA7A1054484AF5DD29A648081E93107 . 611328 . . [5.82] . . c:\win
dows\$NtServicePackUninstall$\comctl32.dll
[-] 2006-03-02 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\wind
ows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1
382d70a\comctl32.dll
[-] 2006-03-02 . A2126F1E83B97EEA496164748A9E3A8E . 1050624 . . [6.0] . . c:\win
dows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180
_x-ww_a84f1ff9\comctl32.dll
.
[-] 2008-04-14 . E423C9C1946C656E0E4840210A0A8681 . 62464 . . [5.1.2600.5512] .
. c:\windows\ServicePackFiles\i386\cryptsvc.dll
[-] 2008-04-14 . E423C9C1946C656E0E4840210A0A8681 . 62464 . . [5.1.2600.5512] .
. c:\windows\system32\cryptsvc.dll
[-] 2006-03-02 . 149CFFBF77CC1306FC535557CF513B91 . 60416 . . [5.1.2600.2180] .
. c:\windows\$NtServicePackUninstall$\cryptsvc.dll
.
[-] 2008-07-07 20:27 . A225DD0D0489BD580781D19524A10B19 . 253952 . . [2001.12.44
14.706] . . c:\windows\system32\es.dll
[-] 2008-07-07 20:27 . A225DD0D0489BD580781D19524A10B19 . 253952 . . [2001.12.44
14.706] . . c:\windows\system32\dllcache\es.dll
[-] 2008-07-07 20:25 . 6EC3C2A5CEA41B78BB55B30444292CB8 . 253952 . . [2001.12.44
14.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
[-] 2008-04-14 12:48 . 76ABF3BB5A6D684641EC92B28240811D . 246272 . . [2001.12.44
14.701] . . c:\windows\$NtUninstallKB950974$\es.dll
[-] 2008-04-14 12:48 . 76ABF3BB5A6D684641EC92B28240811D . 246272 . . [2001.12.44
14.701] . . c:\windows\ServicePackFiles\i386\es.dll
[-] 2006-03-02 10:00 . 86F565E6FDD0C0776089D2F92AB1FC3F . 243200 . . [2001.12.44
14.258] . . c:\windows\$NtServicePackUninstall$\es.dll
.
[-] 2008-04-14 . 95DF6A7520912B1040F748A287EA382A . 110080 . . [5.1.2600.5512] .
. c:\windows\ServicePackFiles\i386\imm32.dll
[-] 2008-04-14 . 95DF6A7520912B1040F748A287EA382A . 110080 . . [5.1.2600.5512] .
. c:\windows\system32\imm32.dll
[-] 2006-03-02 . BE2282FBEAFBB76577D47B06071139BB . 110080 . . [5.1.2600.2180] .
. c:\windows\$NtServicePackUninstall$\imm32.dll
.
[-] 2012-10-03 . 32A43970B5B4042D00D7652B89EA838B . 1043456 . . [5.1.2600.6293]
. . c:\windows\system32\kernel32.dll
[-] 2012-10-03 . 32A43970B5B4042D00D7652B89EA838B . 1043456 . . [5.1.2600.6293]
. . c:\windows\system32\dllcache\kernel32.dll
[-] 2012-10-03 . 34A51DE07EB51D7F0A8EEA573F58FC31 . 1044992 . . [5.1.2600.6293]
. . c:\windows\$hf_mig$\KB2758857\SP3QFE\kernel32.dll
[-] 2009-03-21 . 7DC06BF4CBC3FCD7557D8D69DFBD49F5 . 1042944 . . [5.1.2600.5781]
. . c:\windows\$NtUninstallKB2758857$\kernel32.dll
[-] 2009-03-21 . 97D5372816EC546BD035EDAEDB5E6918 . 1044992 . . [5.1.2600.5781]
. . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[-] 2008-04-14 . F43FE49CF77EC1CEF9DB9E67BDDB970F . 1042944 . . [5.1.2600.5512]
. . c:\windows\$NtUninstallKB959426$\kernel32.dll
[-] 2008-04-14 . F43FE49CF77EC1CEF9DB9E67BDDB970F . 1042944 . . [5.1.2600.5512]
. . c:\windows\ServicePackFiles\i386\kernel32.dll
[-] 2006-03-02 . 730DA000741545C7E5E176E1E9EA687D . 1036800 . . [5.1.2600.2180]
. . c:\windows\$NtServicePackUninstall$\kernel32.dll
.
[-] 2008-04-14 . FB67F1E092AB9967D0CD17300D751874 . 19968 . . [5.1.2600.5512] .
. c:\windows\ServicePackFiles\i386\linkinfo.dll
[-] 2008-04-14 . FB67F1E092AB9967D0CD17300D751874 . 19968 . . [5.1.2600.5512] .
. c:\windows\system32\linkinfo.dll
[-] 2006-03-02 . 30FD47F2A925D0BB59792AB3920A1DAD . 18944 . . [5.1.2600.2180] .
. c:\windows\$NtServicePackUninstall$\linkinfo.dll
.
[-] 2008-04-14 . 87F15A88AA3376B48F75D7D176B312A0 . 22016 . . [5.1.2600.5512] .
. c:\windows\ServicePackFiles\i386\lpk.dll
[-] 2008-04-14 . 87F15A88AA3376B48F75D7D176B312A0 . 22016 . . [5.1.2600.5512] .
. c:\windows\system32\lpk.dll
[-] 2006-03-02 . 24B2A5D3EE366A3E9C1E0941363618C7 . 22016 . . [5.1.2600.2180] .
. c:\windows\$NtServicePackUninstall$\lpk.dll
.
[-] 2013-05-17 . 0283E7E8395E0488F682A10274BF3718 . 6014976 . . [8.00.6001.23501
] . . c:\windows\system32\mshtml.dll
[-] 2013-05-17 . 0283E7E8395E0488F682A10274BF3718 . 6014976 . . [8.00.6001.23501
] . . c:\windows\system32\dllcache\mshtml.dll
[-] 2009-12-21 . 9306870D424C7537EB4AA7C8D6396D4B . 5942784 . . [8.00.6001.18876
] . . c:\windows\ie8updates\KB2838727-IE8\mshtml.dll
[-] 2009-12-21 . 6B30E56722654210DD55FE794488FEE8 . 5945856 . . [8.00.6001.22967
] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\mshtml.dll
[-] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702
] . . c:\windows\ie8updates\KB978207-IE8\mshtml.dll
[-] 2008-04-14 . 85B88C504D1527978F1C2FBE6A41E799 . 3066880 . . [6.00.2900.5512]
. . c:\windows\ie8\mshtml.dll
[-] 2008-04-14 . 85B88C504D1527978F1C2FBE6A41E799 . 3066880 . . [6.00.2900.5512]
. . c:\windows\ServicePackFiles\i386\mshtml.dll
[-] 2006-03-02 . 0DAB3544C86DD21C5F4643A4C01C64A1 . 3070464 . . [6.00.2900.2853]
. . c:\windows\$NtServicePackUninstall$\mshtml.dll
[-] 2006-02-21 . 8A8E859BEB0ED39C9497522671BF9704 . 3073024 . . [6.00.2900.2853]
. . c:\windows\$hf_mig$\KB911164\SP2QFE\mshtml.dll
.
[-] 2008-04-14 . 0F021B29E0C2C9D897258399FB2149CD . 343040 . . [7.0.2600.5512] .
. c:\windows\ServicePackFiles\i386\msvcrt.dll
[-] 2008-04-14 . 0F021B29E0C2C9D897258399FB2149CD . 343040 . . [7.0.2600.5512] .
. c:\windows\system32\msvcrt.dll
[-] 2008-04-14 . B1CB86D70023988360DA136B317D8546 . 343040 . . [7.0.2600.5512] .
. c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0
.2600.5512_x-ww_3fd60d63\msvcrt.dll
[-] 2006-03-02 . 3CDD949F8340F06FD99667B4F75409D0 . 343040 . . [7.0.2600.2180] .
. c:\windows\$NtServicePackUninstall$\msvcrt.dll
. c:\windows\$NtServicePackUninstall$\tapisrv.dll
.
[-] 2008-04-14 . DA8898129E0075C7DE4DEE457514A73C . 579584 . . [5.1.2600.5512] .
. c:\windows\ServicePackFiles\i386\user32.dll
[-] 2008-04-14 . DA8898129E0075C7DE4DEE457514A73C . 579584 . . [5.1.2600.5512] .
. c:\windows\system32\user32.dll
[-] 2006-03-02 . 5D5C9CC377A70D036816E7EA55F3CA73 . 578048 . . [5.1.2600.2180] .
. c:\windows\$NtServicePackUninstall$\user32.dll
.
[-] 2008-04-14 . F5B8745B9A90EAF17E30C0574E049AA3 . 26624 . . [5.1.2600.5512] .
. c:\windows\ServicePackFiles\i386\userinit.exe
[-] 2008-04-14 . F5B8745B9A90EAF17E30C0574E049AA3 . 26624 . . [5.1.2600.5512] .
. c:\windows\system32\userinit.exe
[-] 2006-03-02 . 7B30B4D55B4562C733A5DDF6D6F72B3F . 25088 . . [5.1.2600.2180] .
. c:\windows\$NtServicePackUninstall$\userinit.exe
.
[-] 2013-05-07 . 2BEB88C4812509A228BF1563CF9A0E57 . 920064 . . [8.00.6001.23499]
. . c:\windows\system32\wininet.dll
[-] 2013-05-07 . 2BEB88C4812509A228BF1563CF9A0E57 . 920064 . . [8.00.6001.23499]
. . c:\windows\system32\dllcache\wininet.dll
[-] 2009-12-21 . 07C16FB10B03E5213168ACFB1321D351 . 916480 . . [8.00.6001.18876]
. . c:\windows\ie8updates\KB2838727-IE8\wininet.dll
[-] 2009-12-21 . 6CBD5B8F04EDE222091025DDFF1741ED . 916480 . . [8.00.6001.22967]
. . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\wininet.dll
[-] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702]
. . c:\windows\ie8updates\KB978207-IE8\wininet.dll
[-] 2008-04-14 . A9A84CFC20D5F4C609E9CBF9491B8DF6 . 668672 . . [6.00.2900.5512]
. . c:\windows\ie8\wininet.dll
[-] 2008-04-14 . A9A84CFC20D5F4C609E9CBF9491B8DF6 . 668672 . . [6.00.2900.5512]
. . c:\windows\ServicePackFiles\i386\wininet.dll
[-] 2006-03-02 . 80BB109560A23B9C18427855CA5305E6 . 658944 . . [6.00.2900.2180]
. . c:\windows\$NtServicePackUninstall$\wininet.dll
.
[-] 2008-04-14 . 22DB5B3DA7005C6472D35BEF3FFDA5EC . 82432 . . [5.1.2600.5512] .
. c:\windows\ServicePackFiles\i386\ws2_32.dll
[-] 2008-04-14 . 22DB5B3DA7005C6472D35BEF3FFDA5EC . 82432 . . [5.1.2600.5512] .
. c:\windows\system32\ws2_32.dll
[-] 2006-03-02 . B4A90738BA4355F187BD26D6C112082B . 82944 . . [5.1.2600.2180] .
. c:\windows\$NtServicePackUninstall$\ws2_32.dll
.
[-] 2008-04-14 . F7EE4BBFB48437EDC6F7F061DE1E8F2F . 19968 . . [5.1.2600.5512] .
. c:\windows\ServicePackFiles\i386\ws2help.dll
[-] 2008-04-14 . F7EE4BBFB48437EDC6F7F061DE1E8F2F . 19968 . . [5.1.2600.5512] .
. c:\windows\system32\ws2help.dll
[-] 2006-03-02 . 0EDF3501370A14BEFB27526CD06FACEE . 19968 . . [5.1.2600.2180] .
. c:\windows\$NtServicePackUninstall$\ws2help.dll
.
[-] 2008-04-14 . 7522F548A84ABAD8FA516DE5AB3931EF . 1036288 . . [6.00.2900.5512]
. . c:\windows\explorer.exe
[-] 2008-04-14 . 7522F548A84ABAD8FA516DE5AB3931EF . 1036288 . . [6.00.2900.5512]
. . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2006-03-02 . 89C8DD146CEAF482D82822766437D93F . 1034752 . . [6.00.2900.2180]
. . c:\windows\$NtServicePackUninstall$\explorer.exe
.
[-] 2008-04-14 . F4B9F9AA2F72FAD20D09C3E3FF2BE224 . 152064 . . [5.1.2600.5512] .
. c:\windows\regedit.exe
[-] 2008-04-14 . F4B9F9AA2F72FAD20D09C3E3FF2BE224 . 152064 . . [5.1.2600.5512] .
. c:\windows\ServicePackFiles\i386\regedit.exe
[-] 2006-03-02 . 2BA8F4A46C83C6D3A02E9073A304F82C . 152064 . . [5.1.2600.2180] .
. c:\windows\$NtServicePackUninstall$\regedit.exe
.
[-] 2011-11-01 . 494276CFE71555AE0F3234C1B227E67A .
. . c:\windows\system32\ole32.dll
[-] 2011-11-01 . 494276CFE71555AE0F3234C1B227E67A .
. . c:\windows\system32\dllcache\ole32.dll
[-] 2011-11-01 . E8C2FA9AC16C25C0AB0677BA12D74BC1 .
. . c:\windows\$hf_mig$\KB2624667\SP3QFE\ole32.dll
[-] 2010-07-16 . 448FE53C1B2671DB712C8E8838E4263F .
. . c:\windows\$NtUninstallKB2624667$\ole32.dll
[-] 2010-07-16 . BCFEA258277FB42DD7F447EB61C34D06 .
. . c:\windows\$hf_mig$\KB979687\SP3QFE\ole32.dll
[-] 2008-04-14 . 463D57BF9FE5871208FF99399360A57D .
. . c:\windows\$NtUninstallKB979687$\ole32.dll
[-] 2008-04-14 . 463D57BF9FE5871208FF99399360A57D .
. . c:\windows\ServicePackFiles\i386\ole32.dll
[-] 2006-03-02 . 4284D0170197D37F0D37F55B89B3FDB7 .
. . c:\windows\$NtServicePackUninstall$\ole32.dll
.
[-] 2010-04-16 . A8374FF31AC6EDEBB806D2B61D44618D .
] . . c:\windows\system32\usp10.dll
[-] 2010-04-16 . A8374FF31AC6EDEBB806D2B61D44618D .
] . . c:\windows\system32\dllcache\usp10.dll
[-] 2010-04-16 . 964D29711065A944E1BEC7FD676E61D9 .
] . . c:\windows\$hf_mig$\KB981322\SP3QFE\usp10.dll
[-] 2008-04-14 . D2ABEB6AF76DA414D1FFF8B409F00635 .
] . . c:\windows\$NtUninstallKB981322$\usp10.dll
[-] 2008-04-14 . D2ABEB6AF76DA414D1FFF8B409F00635 .
] . . c:\windows\ServicePackFiles\i386\usp10.dll
[-] 2006-03-02 . 0405987EE320AB0572E463C1E69C0121 .
] . . c:\windows\$NtServicePackUninstall$\usp10.dll
.
[-] 2008-04-14 . D9A84134776399F6BD244BC456076575 .
c:\windows\ServicePackFiles\i386\ksuser.dll
[-] 2008-04-14 . D9A84134776399F6BD244BC456076575 .
c:\windows\system32\ksuser.dll
[-] 2008-04-14 . D9A84134776399F6BD244BC456076575 .
c:\windows\system32\dllcache\ksuser.dll
.
[-] 2008-04-14 . DAAE1CB1B1875B760496E7D3336DA1AD .
. c:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2008-04-14 . DAAE1CB1B1875B760496E7D3336DA1AD .
. c:\windows\system32\ctfmon.exe
[-] 2006-03-02 . 25ECFA69AF1563FDE8DFD31F9954497A .
. c:\windows\$NtServicePackUninstall$\ctfmon.exe
.
[-] 2009-07-27 . 1F617C5A76215C380478D750CE92CC73 .
. . c:\windows\system32\shsvcs.dll
[-] 2009-07-27 . 1F617C5A76215C380478D750CE92CC73 .
. . c:\windows\system32\dllcache\shsvcs.dll
[-] 2009-07-27 . 8A34F9730A2206726B1BE4DC4209CAB9 .
. . c:\windows\$hf_mig$\KB971029\SP3QFE\shsvcs.dll
[-] 2008-04-14 . CA70EDBF32032EA53F114CB930741CB5 .
. . c:\windows\$NtUninstallKB971029$\shsvcs.dll
[-] 2008-04-14 . CA70EDBF32032EA53F114CB930741CB5 .
. . c:\windows\ServicePackFiles\i386\shsvcs.dll
[-] 2006-03-02 . DBCF824BA771A1F27E6F5124D0516358 .
. . c:\windows\$NtServicePackUninstall$\shsvcs.dll
.
[-] 2008-04-14 . B5D9EFEBE404A9A2C74EF27E1823A78B .
c:\windows\ServicePackFiles\i386\msimg32.dll
1288192 . . [5.1.2600.6168]
1288192 . . [5.1.2600.6168]
1288704 . . [5.1.2600.6168]
1287680 . . [5.1.2600.6010]
1288704 . . [5.1.2600.6010]
1287168 . . [5.1.2600.5512]
1287168 . . [5.1.2600.5512]
1281024 . . [5.1.2600.2180]
406016 . . [1.0420.2600.5969
406016 . . [1.0420.2600.5969
406016 . . [1.0420.2600.5969
406016 . . [1.0420.2600.5512
406016 . . [1.0420.2600.5512
406528 . . [1.0420.2600.2180
4096 . . [5.3.2600.5512] . .
4096 . . [5.3.2600.5512] . .
4096 . . [5.3.2600.5512] . .
15360 . . [5.1.2600.5512] .
15360 . . [5.1.2600.5512] .
15360 . . [5.1.2600.2180] .
135168 . . [6.00.2900.5853]
135168 . . [6.00.2900.5853]
135168 . . [6.00.2900.5853]
135168 . . [6.00.2900.5512]
135168 . . [6.00.2900.5512]
134656 . . [6.00.2900.2180]
4608 . . [5.1.2600.5512] . .
4608 . . [5.1.2600.5512] . .
4608 . . [5.1.2600.2180] . .
171520 . . [5.1.2600.5512] .
171520 . . [5.1.2600.5512] .
171008 . . [5.1.2600.2180] .
13824 . . [5.1.2600.5512] .
13824 . . [5.1.2600.5512] .
13824 . . [5.1.2600.2180] .
129024 . . [5.1.2600.5512] .
129024 . . [5.1.2600.5512] .
129536 . . [5.1.2600.2180] .
742912 . . [5.1.2600.6055] .
742912 . . [5.1.2600.6055] .
742912 . . [5.1.2600.6055] .
739840 . . [5.1.2600.5755] .
739328 . . [5.1.2600.5755] .
730624 . . [5.1.2600.5512] .
730624 . . [5.1.2600.5512] .
732672 . . [5.1.2600.2180] .
177152 . . [5.1.2600.5512] .
177152 . . [5.1.2600.5512] .
177152 . . [5.1.2600.2180] .
56320 . . [5.1.2600.5512] .
56320 . . [5.1.2600.5512] .
55808 . . [5.1.2600.2180] .
1572352 . . [5.1.2600.5512]
1572352 . . [5.1.2600.5512]
. . c:\windows\system32\sfcfiles.dll
[-] 2006-03-02 . AAFD7382D64710AE3A6F1DEE5020CF19 . 1548800 . . [5.1.2600.2180]
. . c:\windows\$NtServicePackUninstall$\sfcfiles.dll
.
[-] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] .
. c:\windows\ServicePackFiles\i386\ipsec.sys
[-] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] .
. c:\windows\system32\drivers\ipsec.sys
[-] 2006-03-02 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180] .
. c:\windows\$NtServicePackUninstall$\ipsec.sys
.
[-] 2008-04-14 . E424F05B07AC4357DC08D06218D76C7C . 59904 . . [5.1.2600.5512] .
. c:\windows\ServicePackFiles\i386\regsvc.dll
[-] 2008-04-14 . E424F05B07AC4357DC08D06218D76C7C . 59904 . . [5.1.2600.5512] .
. c:\windows\system32\regsvc.dll
[-] 2006-03-02 . D025E953864EBEBAB5933086D15C4FC6 . 59904 . . [5.1.2600.2180] .
. c:\windows\$NtServicePackUninstall$\regsvc.dll
.
[-] 2008-04-14 . 51BE25C404D3DD344C6079DE715E4977 . 193536 . . [5.1.2600.5512] .
. c:\windows\ServicePackFiles\i386\schedsvc.dll
[-] 2008-04-14 . 51BE25C404D3DD344C6079DE715E4977 . 193536 . . [5.1.2600.5512] .
. c:\windows\system32\schedsvc.dll
[-] 2006-03-02 . 0125649B3C00D037E07FD7BCEF7B653B . 192000 . . [5.1.2600.2180] .
. c:\windows\$NtServicePackUninstall$\schedsvc.dll
.
[-] 2008-04-14 . B622A432EF02895DE4AA38AC8B85FA4C . 71680 . . [5.1.2600.5512] .
. c:\windows\ServicePackFiles\i386\ssdpsrv.dll
[-] 2008-04-14 . B622A432EF02895DE4AA38AC8B85FA4C . 71680 . . [5.1.2600.5512] .
. c:\windows\system32\ssdpsrv.dll
[-] 2006-03-02 . 4AFF5EA8BF2362C3D5001295FDEB3ABD . 71680 . . [5.1.2600.2180] .
. c:\windows\$NtServicePackUninstall$\ssdpsrv.dll
.
[-] 2008-04-14 . 288B20D56D5F0EC4BCC77FBFA5A81740 . 296960 . . [5.1.2600.5512] .
. c:\windows\ServicePackFiles\i386\termsrv.dll
[-] 2008-04-14 . 288B20D56D5F0EC4BCC77FBFA5A81740 . 296960 . . [5.1.2600.5512] .
. c:\windows\system32\termsrv.dll
[-] 2006-03-02 . C2038466BE5A6A76EFD592FA0B459E17 . 296960 . . [5.1.2600.2180] .
. c:\windows\$NtServicePackUninstall$\termsrv.dll
.
[-] 2008-04-14 . 54B34DA91EAF52A8EAC654CED8977980 . 347136 . . [5.1.2600.5512] .
. c:\windows\ServicePackFiles\i386\hnetcfg.dll
[-] 2008-04-14 . 54B34DA91EAF52A8EAC654CED8977980 . 347136 . . [5.1.2600.5512] .
. c:\windows\system32\hnetcfg.dll
[-] 2006-03-02 . ED424C815B96ECDB3167914E84189B1D . 347136 . . [5.1.2600.2180] .
. c:\windows\$NtServicePackUninstall$\hnetcfg.dll
.
[-] 2008-04-14 . 30CD42BFCDAFEFE8567B9E527DD3AE08 . 175104 . . [5.1.2600.5512] .
. c:\windows\ServicePackFiles\i386\appmgmts.dll
[-] 2008-04-14 . 30CD42BFCDAFEFE8567B9E527DD3AE08 . 175104 . . [5.1.2600.5512] .
. c:\windows\system32\appmgmts.dll
[-] 2006-03-02 . 0CF68B185221E5B162EF1B0559428B40 . 175104 . . [5.1.2600.2180] .
. c:\windows\$NtServicePackUninstall$\appmgmts.dll
.
[-] 2006-03-02 . 1C905333C0B9F3D7C68DDF25E54B00F9 . 12032 . . [5.1.2600.0] . . c
:\windows\system32\drivers\acpiec.sys
.
[-] 2008-04-14 03:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3
142] . . c:\windows\ServicePackFiles\i386\aec.sys
[-] 2008-04-14 03:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3
142] . . c:\windows\system32\dllcache\aec.sys
R2 SCPDFReadSpool;SolidConverterPDFReadSpool;c:\windows\Installer\MSIA.tmp [13/0
7/2014 11:45 a.m. 163656]
R2 TeamViewer9;TeamViewer 9;c:\archivos de programa\TeamViewer\Version9\TeamView
er_Service.exe [14/10/2014 07:23 p.m. 4799760]
R3 BrYNSvc;BrYNSvc;c:\archivos de programa\Browny02\BrYNSvc.exe [13/07/2014 11:4
7 a.m. 282112]
S2 mglupdate;Maxiget Update Servicio (mglupdate);c:\archivos de programa\Maxiget
\Updater\MaxigetUpdater.exe [24/08/2014 12:02 p.m. 131480]
S3 apf001;apf001;d:\game\SoftnyxGame3\LoveRitmoLS\apf001.sys [01/11/2012 06:17 a
.m. 10872]
S3 apf003;apf003;c:\windows\system32\apf003.sys [01/09/2012 07:40 p.m. 13232]
S3 mglupdatem;Maxiget Update Servicio (mglupdatem);c:\archivos de programa\Maxig
et\Updater\MaxigetUpdater.exe [24/08/2014 12:02 p.m. 131480]
S3 xhunter1;xhunter1;\??\c:\windows\xhunter1.sys --> c:\windows\xhunter1.sys [?]
S3 xspirit;xspirit;\??\c:\windows\xspirit.sys --> c:\windows\xspirit.sys [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D3
45-D564-463c-AFF1-A69D9E530F96}]
2014-10-27 19:38
1089352 ----a-wc:\archivos de programa\Google\C
hrome\Application\38.0.2125.111\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-11-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-03 20
:02]
.
2014-11-16 c:\windows\Tasks\avast! Emergency Update.job
- c:\archivos de programa\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-05 12:
56]
.
2014-11-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\archivos de programa\Google\Update\GoogleUpdate.exe [2012-12-08 19:33]
.
2014-11-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\archivos de programa\Google\Update\GoogleUpdate.exe [2012-12-08 19:33]
.
2014-11-16 c:\windows\Tasks\MaxigetUpdaterTaskMachineCore.job
- c:\archivos de programa\Maxiget\Updater\MaxigetUpdater.exe [2014-08-24 02:07]
.
2014-11-16 c:\windows\Tasks\MaxigetUpdaterTaskMachineUA.job
- c:\archivos de programa\Maxiget\Updater\MaxigetUpdater.exe [2014-08-24 02:07]
.
2014-11-16 c:\windows\Tasks\User_Feed_Synchronization-{42F2F744-BF77-4A5A-9828-E
5EC74E32C15}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 09:31]
.
.
------- Supplementary Scan ------.
uStart Page = https://www.yahoo.com?fr=hp-avast&type=avastbcl
mStart Page = https://www.yahoo.com?fr=hp-avast&type=avastbcl
mSearch Bar = https://www.yahoo.com?fr=hp-avast&type=avastbcl
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\archiv~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: Interfaces\{B644D154-41E6-42E3-8738-5331D5D24565}: NameServer = 200.48.225.
130,200.48.225.146
.
- - - - ORPHANS REMOVED - - - .
BHO-{EFC91ACA-519F-428D-8472-81E158609D25} - c:\archiv~1\HOMEPA~1\IEBand.dll
Toolbar-{C4FB9EEC-5B29-486B-ACD1-D93A4396E567} - c:\archiv~1\HOMEPA~1\IEBand.dll
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http:/
/www.gmer.net
Rootkit scan 2014-11-16 12:43
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\pdfcDispatcher]
"ImagePath"="c:\archivos de programa\PDF Complete\pdfsvc.exe /startedbyscm:66B66
708-40E2BE4D-pdfcService"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SCPDFReadSpool]
"ImagePath"="c:\windows\Installer\MSIA.tmp"
.
--------------------- LOCKED REGISTRY KEYS --------------------.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F
}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_15_0_0_2
23_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F
}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F
}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_15_0_0_223_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F
}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A1082370
13BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A1082370
13BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A1082370
13BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes --------------------.
- - - - - - - > 'winlogon.exe'(764)
c:\windows\system32\l3codeca.acm
.
Completion time: 2014-11-16 12:47:51
ComboFix-quarantined-files.txt 2014-11-16 17:47
ComboFix2.txt 2014-10-11 15:52
.
Pre-Run: 1,437,782,016 bytes libres
Post-Run: 1,467,219,968 bytes libres
.
- - End Of File - - 0DEA55C465E480015B8DB58A83CB37DF
792F61657FECE3D17A9122B4EE282847