Scribd Logo
Upload

Welcome to Scribd!

  • 157 views

    Combo Fix

    Uploaded by

    cesar_palacio_14
    The document is a log file from ComboFix, a program used to detect and remove malware. It lists files and folders that were deleted or created on the system between January 13th and February 13th. It also provides a 'Find3M' report listing large files on the system and a 'Sigcheck' report identifying files that are not digitally signed by their publishers.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as TXT, PDF, TXT or read online from Scribd

    Combo Fix

    Uploaded by

    cesar_palacio_14
    157 views12 pages
    The document is a log file from ComboFix, a program used to detect and remove malware. It lists files and folders that were deleted or created on the system between January 13th and February 13th. It also provides a 'Find3M' report listing large files on the system and a 'Sigcheck' report identifying files that are not digitally signed by their publishers.

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    The document is a log file from ComboFix, a program used to detect and remove malware. It lists files and folders that were deleted or created on the system between January 13th and February 13th. It also provides a 'Find3M' report listing large files on the system and a 'Sigcheck' report identifying files that are not digitally signed by their publishers.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as TXT, PDF, TXT or read online from Scribd
    Download as txt, pdf, or txt
    157 views12 pages

    Combo Fix

    Uploaded by

    cesar_palacio_14
    The document is a log file from ComboFix, a program used to detect and remove malware. It lists files and folders that were deleted or created on the system between January 13th and February 13th. It also provides a 'Find3M' report listing large files on the system and a 'Sigcheck' report identifying files that are not digitally signed by their publishers.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as TXT, PDF, TXT or read online from Scribd
    Download as txt, pdf, or txt
    You are on page 1of 12

    ComboFix 13-02-13.02 - ALCALDIA 13/02/2013 18:01:31.18.

    4 - x86
    Microsoft Windows XP Professional 5.1.2600.3.1252.34.3082.18.3017.2277 [GMT -5:
    00]
    Running from: d:\escritorio\ComboFix.exe
    .
    WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))
    )))))))))))))))))))))))))))))
    .
    .
    c:\docume~1\ALCALDIA\CONFIG~1\Temp\jna6866796397702668782.dll
    c:\documents and settings\ALCALDIA\Configuracin local\temp\jna6866796397702668782
    .dll
    .
    .
    ((((((((((((((((((((((((( Files Created from 2013-01-13 to 2013-02-13 )))))))
    ))))))))))))))))))))))))
    .
    .
    2013-02-13 20:12 . 2013-02-13 20:12
    -------d-----wc:\archi
    vos de programa\Microsoft Synchronization Services
    2013-02-13 20:12 . 2013-02-13 20:12
    -------d-----wc:\docum
    ents and settings\All Users\Microsoft
    2013-02-13 20:12 . 2013-02-13 20:12
    -------d-----wc:\archi
    vos de programa\Microsoft.NET
    2013-02-13 20:12 . 2013-02-13 20:12
    -------d-----wc:\archi
    vos de programa\Microsoft Sync Framework
    2013-02-13 20:12 . 2013-02-13 20:12
    -------d-----wc:\archi
    vos de programa\Microsoft SQL Server Compact Edition
    2013-02-13 20:08 . 2013-02-13 20:08
    -------d-----wc:\archi
    vos de programa\Microsoft Visual Studio 8
    2013-02-13 20:07 . 2013-02-13 20:07
    -------d-----wc:\archi
    vos de programa\Microsoft Analysis Services
    2013-02-13 20:01 . 2013-02-13 20:01
    -------d-----wc:\archi
    vos de programa\Defraggler
    2013-02-13 16:08 . 2013-02-13 16:08
    -------d-----wc:\windo
    ws\system32\wbem\Repository
    2013-02-13 16:06 . 2013-02-13 16:06
    -------d-----rC:\MSOCa
    che
    2013-02-07 15:28 . 2013-02-07 15:28
    -------d-----wc:\archi
    vos de programa\Maycotech
    2013-02-01 20:57 . 2008-04-14 12:00
    26624 ----a-wc:\documents and
    settings\LocalService\Datos de programa\Microsoft\UPnP Device Host\upnphost\udh
    isapi.dll
    2013-02-01 20:57 . 2013-02-01 20:57
    -------d-----wc:\docum
    ents and settings\ALCALDIA\Configuracin local\Datos de programa\Samsung
    2013-02-01 20:57 . 2013-02-01 20:57
    -------d-----wc:\docum
    ents and settings\ALCALDIA\Datos de programa\Samsung
    2013-02-01 20:53 . 2013-02-01 20:53
    -------d-----wc:\docum
    ents and settings\All Users\Datos de programa\Samsung
    2013-02-01 20:53 . 2013-02-01 20:53
    -------d-----wC:\5ec87
    689c0f40dc97bfd1826fcb3a4
    2013-02-01 20:53 . 2013-02-01 20:53
    -------d-----wc:\windo
    ws\system32\drivers\umdf
    2013-02-01 20:52 . 2013-02-01 20:53
    -------d-----wC:\babcc
    7765bd82fb7bfbaae
    2013-01-29 15:08 . 2008-08-19 00:18
    77824 ----a-wc:\windows\syste
    m32\fmcodec.DLL

    2013-01-25 16:12 . 2012-08-21 18:01


    26840 ----a-wc:\windows\syste
    m32\drivers\GEARAspiWDM.sys
    2013-01-25 16:11 . 2013-01-25 16:11
    -------d-----wc:\archi
    vos de programa\iPod
    2013-01-25 16:11 . 2013-01-25 16:12
    -------d-----wc:\docum
    ents and settings\All Users\Datos de programa\188F1432-103A-4ffb-80F1-36B633C5C9
    E1
    2013-01-25 16:11 . 2013-01-25 16:12
    -------d-----wc:\archi
    vos de programa\iTunes
    2013-01-17 16:05 . 2013-01-17 16:05
    -------d-----wc:\archi
    vos de programa\SolidDocuments
    2013-01-17 13:40 . 2013-01-12 08:30
    94112 ----a-wc:\windows\syste
    m32\WindowsAccessBridge.dll
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))
    )))))))))))))))))))))))))))))))
    .
    2013-02-13 21:08 . 2012-06-13 18:30
    74096 ----a-wc:\windows\syste
    m32\FlashPlayerCPLApp.cpl
    2013-02-13 21:08 . 2012-06-13 18:30
    697712 ----a-wc:\windows\syste
    m32\FlashPlayerApp.exe
    2013-01-12 08:00 . 2012-06-13 18:35
    143872 ----a-wc:\windows\syste
    m32\javacpl.cpl
    2012-12-18 15:06 . 2012-12-18 15:06
    90112 ----a-wc:\windows\MAMCi
    tyDownload.ocx
    2012-12-18 15:06 . 2012-12-18 15:06
    330240 ----a-wc:\windows\MASet
    upCaller.dll
    2012-12-18 15:06 . 2012-12-18 15:06
    30568 ----a-wc:\windows\Music
    cityDownload.exe
    2012-12-18 15:06 . 2012-12-18 15:06
    974848 ----a-wc:\windows\syste
    m32\cis-2.4.dll
    2012-12-18 15:06 . 2012-12-18 15:06
    81920 ----a-wc:\windows\syste
    m32\issacapi_bs-2.3.dll
    2012-12-18 15:06 . 2012-12-18 15:06
    65536 ----a-wc:\windows\syste
    m32\issacapi_pe-2.3.dll
    2012-12-18 15:06 . 2012-12-18 15:06
    57344 ----a-wc:\windows\syste
    m32\MTXSYNCICON.dll
    2012-12-18 15:06 . 2012-12-18 15:06
    57344 ----a-wc:\windows\syste
    m32\MK_Lyric.dll
    2012-12-18 15:06 . 2012-12-18 15:06
    57344 ----a-wc:\windows\syste
    m32\issacapi_se-2.3.dll
    2012-12-18 15:06 . 2012-12-18 15:06
    569344 ----a-wc:\windows\syste
    m32\muzdecode.ax
    2012-12-18 15:06 . 2012-12-18 15:06
    491520 ----a-wc:\windows\syste
    m32\muzapp.dll
    2012-12-18 15:06 . 2012-12-18 15:06
    49152 ----a-wc:\windows\syste
    m32\MaJGUILib.dll
    2012-12-18 15:06 . 2012-12-18 15:06
    45320 ----a-wc:\windows\syste
    m32\MAMACExtract.dll
    2012-12-18 15:06 . 2012-12-18 15:06
    45056 ----a-wc:\windows\syste
    m32\MaXMLProto.dll
    2012-12-18 15:06 . 2012-12-18 15:06
    45056 ----a-wc:\windows\syste
    m32\MACXMLProto.dll
    2012-12-18 15:06 . 2012-12-18 15:06
    40960 ----a-wc:\windows\syste
    m32\MTTELECHIP.dll
    2012-12-18 15:06 . 2012-12-18 15:06
    352256 ----a-wc:\windows\syste
    m32\MSLUR71.dll
    2012-12-18 15:06 . 2012-12-18 15:06
    258048 ----a-wc:\windows\syste

    m32\muzoggsp.ax
    2012-12-18 15:06 . 2012-12-18 15:06
    245760 ----a-wc:\windows\syste
    m32\MSCLib.dll
    2012-12-18 15:06 . 2012-12-18 15:06
    24576 ----a-wc:\windows\syste
    m32\MASetupCleaner.exe
    2012-12-18 15:06 . 2012-12-18 15:06
    200704 ----a-wc:\windows\syste
    m32\muzwmts.dll
    2012-12-18 15:06 . 2012-12-18 15:06
    155648 ----a-wc:\windows\syste
    m32\MSFLib.dll
    2012-12-18 15:06 . 2012-12-18 15:06
    143360 ----a-wc:\windows\syste
    m32\3DAudio.ax
    2012-12-18 15:06 . 2012-12-18 15:06
    135168 ----a-wc:\windows\syste
    m32\muzaf1.dll
    2012-12-18 15:06 . 2012-12-18 15:06
    131072 ----a-wc:\windows\syste
    m32\muzmpgsp.ax
    2012-12-18 15:06 . 2012-12-18 15:06
    122880 ----a-wc:\windows\syste
    m32\muzeffect.ax
    2012-12-18 15:06 . 2012-12-18 15:06
    118784 ----a-wc:\windows\syste
    m32\MaDRM.dll
    2012-12-18 15:06 . 2012-12-18 15:06
    110592 ----a-wc:\windows\syste
    m32\muzmp4sp.ax
    2012-12-18 15:06 . 2012-09-05 15:53
    319456 ----a-wc:\windows\syste
    m32\DIFxAPI.dll
    2012-12-17 15:41 . 2012-06-13 18:35
    859072 ----a-wc:\windows\syste
    m32\npdeployJava1.dll
    2012-12-17 15:41 . 2012-06-13 18:35
    779704 ----a-wc:\windows\syste
    m32\deployJava1.dll
    2012-12-06 18:40 . 2012-12-06 18:40
    22784 ----a-wc:\windows\syste
    m32\drivers\RimUsb.sys
    2012-12-07 20:18 . 2012-12-07 20:18
    262112 ------wc:\archivos de p
    rograma\mozilla firefox\components\browsercomps.dll
    .
    .
    ------- Sigcheck ------Note: Unsigned files aren't necessarily malware.
    .
    [-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] .
    . c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
    [-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] .
    . c:\windows\system32\dllcache\tcpip.sys
    [-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] .
    . c:\windows\system32\drivers\tcpip.sys
    [7] 2008-04-14 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] .
    . c:\windows\erdnt\cache\tcpip.sys
    .
    [-] 2012-07-06 . DCA0E43CB14D2390FAA5A21B9DC92274 . 78336 . . [5.1.2600.6260] .
    . c:\windows\system32\browser.dll
    [-] 2012-07-06 . DCA0E43CB14D2390FAA5A21B9DC92274 . 78336 . . [5.1.2600.6260] .
    . c:\windows\system32\dllcache\browser.dll
    [-] 2012-07-06 . 88F61096EDAF97F86128ED9007802709 . 78336 . . [5.1.2600.6260] .
    . c:\windows\$hf_mig$\KB2705219\SP3QFE\browser.dll
    [7] 2008-04-14 . E28818BD591F8AF8FBE9897472B9665E . 77824 . . [5.1.2600.5512] .
    . c:\windows\erdnt\cache\browser.dll
    .
    [-] 2009-02-09 . AEF41FC6F108CC4F94F9B4E96AFA9C70 . 401408 . . [5.1.2600.5755] .
    . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
    [-] 2009-02-09 . 97869C55F562B777987100EA30AD8108 . 401408 . . [5.1.2600.5755] .
    . c:\windows\system32\rpcss.dll
    [-] 2009-02-09 . 97869C55F562B777987100EA30AD8108 . 401408 . . [5.1.2600.5755] .
    . c:\windows\system32\dllcache\rpcss.dll

    [7] 2008-04-14 . 53D02EFFA72CA5C57687BEE20610ABA6 . 399360 . . [5.1.2600.5512] .


    . c:\windows\erdnt\cache\rpcss.dll
    .
    [-] 2009-02-09 . 953DF7327510DF0DE048B8E80E504EF9 . 111104 . . [5.1.2600.5755] .
    . c:\windows\system32\services.exe
    [-] 2009-02-09 . 953DF7327510DF0DE048B8E80E504EF9 . 111104 . . [5.1.2600.5755] .
    . c:\windows\system32\dllcache\services.exe
    [-] 2009-02-09 . AA6E1769469F9D15603A619FC1FB9E18 . 111104 . . [5.1.2600.5755] .
    . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
    [7] 2008-04-14 . D658A8C2FC7B2AD53D1259741A09EE04 . 109056 . . [5.1.2600.5512] .
    . c:\windows\erdnt\cache\services.exe
    .
    [-] 2010-08-17 . 258DD5D4283FD9F9A7166BE9AE45CE73 . 58880 . . [5.1.2600.6024] .
    . c:\windows\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
    [-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] .
    . c:\windows\system32\spoolsv.exe
    [-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] .
    . c:\windows\system32\dllcache\spoolsv.exe
    [7] 2008-04-14 . CDD2DC6AE65084481E723E746C20539A . 57856 . . [5.1.2600.5512] .
    . c:\windows\erdnt\cache\spoolsv.exe
    .
    [-] 2010-08-23 . 3DDEC846E57F668C07407F3AC3B66220 . 617472 . . [5.82] . . c:\win
    dows\system32\comctl32.dll
    [-] 2010-08-23 . 3DDEC846E57F668C07407F3AC3B66220 . 617472 . . [5.82] . . c:\win
    dows\system32\dllcache\comctl32.dll
    [-] 2010-08-23 . 24B09ED0C5B019A5198A74504179EEB0 . 1054208 . . [6.0] . . c:\win
    dows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028
    _x-ww_61e65202\comctl32.dll
    [7] 2008-04-14 . 618A4C7A7C0CA86DA884C8C0FACAD8C2 . 617472 . . [5.82] . . c:\win
    dows\erdnt\cache\comctl32.dll
    [7] 2008-04-14 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\wind
    ows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1
    382d70a\comctl32.dll
    [7] 2008-04-14 . 08D17A982CD6191B34D1B8C8A2E694B6 . 1054208 . . [6.0] . . c:\win
    dows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512
    _x-ww_35d4ce83\comctl32.dll
    .
    [-] 2008-07-07 20:27 . A225DD0D0489BD580781D19524A10B19 . 253952 . . [2001.12.44
    14.706] . . c:\windows\system32\es.dll
    [-] 2008-07-07 20:27 . A225DD0D0489BD580781D19524A10B19 . 253952 . . [2001.12.44
    14.706] . . c:\windows\system32\dllcache\es.dll
    [-] 2008-07-07 20:25 . 6EC3C2A5CEA41B78BB55B30444292CB8 . 253952 . . [2001.12.44
    14.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
    [7] 2008-04-14 12:00 . 76ABF3BB5A6D684641EC92B28240811D . 246272 . . [2001.12.44
    14.701] . . c:\windows\erdnt\cache\es.dll
    .
    [-] 2009-03-21 . 7DC06BF4CBC3FCD7557D8D69DFBD49F5 . 1042944 . . [5.1.2600.5781]
    . . c:\windows\system32\kernel32.dll
    [-] 2009-03-21 . 7DC06BF4CBC3FCD7557D8D69DFBD49F5 . 1042944 . . [5.1.2600.5781]
    . . c:\windows\system32\dllcache\kernel32.dll
    [-] 2009-03-21 . 97D5372816EC546BD035EDAEDB5E6918 . 1044992 . . [5.1.2600.5781]
    . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
    [7] 2008-04-14 . F43FE49CF77EC1CEF9DB9E67BDDB970F . 1042944 . . [5.1.2600.5512]
    . . c:\windows\erdnt\cache\kernel32.dll
    .
    [-] 2008-06-20 . DC10B07F256C8EDF6642015E380C741E . 248320 . . [5.1.2600.5625] .
    . c:\windows\$hf_mig$\KB2509553\SP3QFE\mswsock.dll
    [-] 2008-06-20 . 5E11D375C92A0DDA7AC4D487FC4E1978 . 248320 . . [5.1.2600.5625] .
    . c:\windows\system32\mswsock.dll
    [-] 2008-06-20 . 5E11D375C92A0DDA7AC4D487FC4E1978 . 248320 . . [5.1.2600.5625] .

    . c:\windows\system32\dllcache\mswsock.dll
    [7] 2008-04-14 . AD893C9D3A09081D55A4BDFBC66AD592 . 248320 . . [5.1.2600.5512] .
    . c:\windows\erdnt\cache\mswsock.dll
    .
    [-] 2011-11-01 . 494276CFE71555AE0F3234C1B227E67A . 1288192 . . [5.1.2600.6168]
    . . c:\windows\system32\ole32.dll
    [-] 2011-11-01 . 494276CFE71555AE0F3234C1B227E67A . 1288192 . . [5.1.2600.6168]
    . . c:\windows\system32\dllcache\ole32.dll
    [-] 2011-11-01 . E8C2FA9AC16C25C0AB0677BA12D74BC1 . 1288704 . . [5.1.2600.6168]
    . . c:\windows\$hf_mig$\KB2624667\SP3QFE\ole32.dll
    [-] 2010-07-16 . BCFEA258277FB42DD7F447EB61C34D06 . 1288704 . . [5.1.2600.6010]
    . . c:\windows\$hf_mig$\KB979687\SP3QFE\ole32.dll
    [7] 2008-04-14 . 463D57BF9FE5871208FF99399360A57D . 1287168 . . [5.1.2600.5512]
    . . c:\windows\erdnt\cache\ole32.dll
    .
    [-] 2010-04-16 . A8374FF31AC6EDEBB806D2B61D44618D . 406016 . . [1.0420.2600.5969
    ] . . c:\windows\system32\usp10.dll
    [-] 2010-04-16 . A8374FF31AC6EDEBB806D2B61D44618D . 406016 . . [1.0420.2600.5969
    ] . . c:\windows\system32\dllcache\usp10.dll
    [-] 2010-04-16 . 964D29711065A944E1BEC7FD676E61D9 . 406016 . . [1.0420.2600.5969
    ] . . c:\windows\$hf_mig$\KB981322\SP3QFE\usp10.dll
    [7] 2008-04-14 . D2ABEB6AF76DA414D1FFF8B409F00635 . 406016 . . [1.0420.2600.5512
    ] . . c:\windows\erdnt\cache\usp10.dll
    .
    [-] 2009-07-27 . 1F617C5A76215C380478D750CE92CC73 . 135168 . . [6.00.2900.5853]
    . . c:\windows\system32\shsvcs.dll
    [-] 2009-07-27 . 1F617C5A76215C380478D750CE92CC73 . 135168 . . [6.00.2900.5853]
    . . c:\windows\system32\dllcache\shsvcs.dll
    [-] 2009-07-27 . 8A34F9730A2206726B1BE4DC4209CAB9 . 135168 . . [6.00.2900.5853]
    . . c:\windows\$hf_mig$\KB971029\SP3QFE\shsvcs.dll
    [7] 2008-04-14 . CA70EDBF32032EA53F114CB930741CB5 . 135168 . . [6.00.2900.5512]
    . . c:\windows\erdnt\cache\shsvcs.dll
    .
    [-] 2010-12-09 . 48AADE1D5F48819A4C3978C09AAD1DC9 . 742912 . . [5.1.2600.6055] .
    . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntdll.dll
    [-] 2010-12-09 . 45B458684F0471C4F25A31A0BE4D2C70 . 742912 . . [5.1.2600.6055] .
    . c:\windows\system32\ntdll.dll
    [-] 2010-12-09 . 45B458684F0471C4F25A31A0BE4D2C70 . 742912 . . [5.1.2600.6055] .
    . c:\windows\system32\dllcache\ntdll.dll
    [-] 2009-02-09 . 6CBEC637D1B5A19A1C91F2B84E03CDE2 . 739840 . . [5.1.2600.5755] .
    . c:\windows\$hf_mig$\KB956572\SP3QFE\ntdll.dll
    [7] 2008-04-14 . 91346D0D58E9FA1C75D8D0319F281745 . 730624 . . [5.1.2600.5512] .
    . c:\windows\erdnt\cache\ntdll.dll
    .
    [-] 2010-09-18 07:18 . C7D2DE04EEA71D72EB0A8793FA6E9FC1 . 953856 . . [4.1.6151]
    . . c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll
    [-] 2010-09-18 06:53 . 46EF24BCFAF0F7AB46B1A80CCC5BCC71 . 953856 . . [4.1.6151]
    . . c:\windows\system32\mfc40u.dll
    [-] 2010-09-18 06:53 . 46EF24BCFAF0F7AB46B1A80CCC5BCC71 . 953856 . . [4.1.6151]
    . . c:\windows\system32\dllcache\mfc40u.dll
    [7] 2008-04-14 12:00 . 27415CEEB58C8C2F92AFF8CFE2517A3C . 927504 . . [4.1.0.61]
    . . c:\windows\erdnt\cache\mfc40u.dll
    .
    [-] 2012-05-05 . 022FD032105D0A6C02794B9C84BAB0E6 . 2071552 . . [5.1.2600.6223]
    . . c:\windows\Driver Cache\i386\ntkrnlpa.exe
    [-] 2012-05-05 . 022FD032105D0A6C02794B9C84BAB0E6 . 2071552 . . [5.1.2600.6223]
    . . c:\windows\system32\dllcache\ntkrnlpa.exe
    [-] 2012-05-05 . 638EC396B4E753BEE2A46D95F7072A52 . 2029056 . . [5.1.2600.6223]
    . . c:\windows\system32\ntkrnlpa.exe
    [-] 2012-05-05 . 539C2C08DB474D3E35D0591B453705C5 . 2071552 . . [5.1.2600.6223]

    . . c:\windows\$hf_mig$\KB2707511\SP3QFE\ntkrnlpa.exe
    [-] 2012-04-11 . F3364F7432D706F7550FBA400DEC258E . 2071552 . . [5.1.2600.6206]
    . . c:\windows\$hf_mig$\KB2676562\SP3QFE\ntkrnlpa.exe
    [-] 2010-12-10 . 9F35605BC629F27AA34423B9DE652284 . 2071808 . . [5.1.2600.6055]
    . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrnlpa.exe
    [-] 2009-02-09 . 9B5E5D325CEDBB10A9A86679634A38CC . 2068608 . . [5.1.2600.5755]
    . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
    [7] 2008-04-14 . B4604169BB187939CAE61D62B41E85E0 . 2026496 . . [5.1.2600.5512]
    . . c:\windows\erdnt\cache\ntkrnlpa.exe
    .
    [-] 2012-05-05 . CE21A80B5956FE8C3C0EA78654BB913F . 2195072 . . [5.1.2600.6223]
    . . c:\windows\Driver Cache\i386\ntoskrnl.exe
    [-] 2012-05-05 . CE21A80B5956FE8C3C0EA78654BB913F . 2195072 . . [5.1.2600.6223]
    . . c:\windows\system32\dllcache\ntoskrnl.exe
    [-] 2012-05-05 . 715C530B6FD52E3F730A2977D29D1A0A . 2150912 . . [5.1.2600.6223]
    . . c:\windows\system32\ntoskrnl.exe
    [-] 2012-05-05 . D9C76CE9F26D6A0725FE9C241819149A . 2195072 . . [5.1.2600.6223]
    . . c:\windows\$hf_mig$\KB2707511\SP3QFE\ntoskrnl.exe
    [-] 2012-04-11 . 90EB3AFD0833502E05D1D7A4B6F238A5 . 2195072 . . [5.1.2600.6206]
    . . c:\windows\$hf_mig$\KB2676562\SP3QFE\ntoskrnl.exe
    [-] 2010-12-09 . 4F2053B8B0D20F4B398A95BDD1905893 . 2195200 . . [5.1.2600.6055]
    . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntoskrnl.exe
    [-] 2009-02-11 . 6BC8E4AAFC98B556B8FB616AD30CD5A3 . 2191616 . . [5.1.2600.5755]
    . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
    [7] 2008-04-14 . 5865859247703A0E7211267AB92A02B7 . 2147840 . . [5.1.2600.5512]
    . . c:\windows\erdnt\cache\ntoskrnl.exe
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))
    )))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Spark"="c:\archivos de programa\Spark\Spark.exe" [2011-07-01 433664]
    "KiesPreload"="c:\archivos de programa\Samsung\Kies\Kies.exe" [2012-12-20 147610
    4]
    "KiesAirMessage"="c:\archivos de programa\Samsung\Kies\KiesAirMessage.exe" [2012
    -12-18 578560]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CANON DR2010C SVC"="DR201SVC.dll" [2009-09-15 143360]
    "APSDaemon"="c:\archivos de programa\Archivos comunes\Apple\Apple Application Su
    pport\APSDaemon.exe" [2012-11-28 59280]
    "Adobe ARM"="c:\archivos de programa\Archivos comunes\Adobe\ARM\1.0\AdobeARM.exe
    " [2012-12-03 946352]
    "iTunesHelper"="c:\archivos de programa\iTunes\iTunesHelper.exe" [2012-12-12 152
    544]
    "KiesTrayAgent"="c:\archivos de programa\Samsung\Kies\KiesTrayAgent.exe" [2012-1
    2-20 310280]
    "BCSSync"="c:\archivos de programa\Microsoft Office\Office14\BCSSync.exe" [201003-13 91520]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "DisableStatusMessages"= 1 (0x1)
    .

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
    BootExecute
    REG_MULTI_SZ
    autocheck autochk *\0c:\archiv~1\AVG\AVG2012\avg
    rsx.exe /sync /restart
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Authentication Packages REG_MULTI_SZ
    msv1_0 nwprovau
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.s
    ys]
    @="Driver"
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Men Inicio^Programas^In
    icio^REALTEK RTL8185 Wireless LAN Utility.lnk]
    path=c:\documents and settings\All Users\Men Inicio\Programas\Inicio\REALTEK RTL8
    185 Wireless LAN Utility.lnk
    backup=c:\windows\pss\REALTEK RTL8185 Wireless LAN Utility.lnkCommon Startup
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe AR
    M]
    2012-12-03 07:35
    946352 ------wc:\archivos de programa\Archivos
    comunes\Adobe\ARM\1.0\AdobeARM.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CANON DR
    2010C SVC]
    2009-09-15 14:44
    143360 ------wc:\windows\system32\DR201SVC.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CANON DR
    2510C SVC]
    2009-09-15 14:47
    143360 ------wc:\windows\system32\DR251SVC.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPUsageT
    rackingLEDM]
    2009-08-04 22:21
    30264 ------wc:\archivos de programa\HP\HP UT
    LEDM\bin\hppusg.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
    2010-04-17 03:12
    3872080 ------wc:\archivos de programa\Windows
    Live\Messenger\msnmsgr.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spark]
    2011-07-01 14:57
    433664 ------wc:\archivos de programa\Spark\Sp
    ark.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaU
    pdateSched]
    2012-07-03 14:04
    252848 ------wc:\archivos de programa\Archivos
    comunes\Java\Java Update\jusched.exe
    .
    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
    "ctfmon.exe"=c:\windows\system32\ctfmon.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
    "CANON DR2010C SVC"=rundll32.exe DR201SVC.dll,EntryPointUserMessage
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\Authoriz
    edApplications\List]
    "%windir%\\system32\\sessmgr.exe"=

    "c:\\Archivos de programa\\Spark\\Spark.exe"=
    "c:\\Archivos de programa\\Windows Live\\Messenger\\msnmsgr.exe"=
    "c:\\Archivos de programa\\Bonjour\\mDNSResponder.exe"=
    "c:\\Archivos de programa\\Archivos comunes\\Apple\\Apple Application Support\\W
    ebKit2WebProcess.exe"=
    "c:\\Documents and Settings\\ALCALDIA\\Configuracin local\\Datos de programa\\Tor
    ch\\Plugins\\Torrent\\TorchTorrent.exe"=
    "c:\\Archivos de programa\\iTunes\\iTunes.exe"=
    "c:\\Archivos de programa\\Microsoft Office\\Office14\\GROOVE.EXE"=
    "c:\\Archivos de programa\\Microsoft Office\\Office14\\ONENOTE.EXE"=
    "c:\\Archivos de programa\\Microsoft Office\\Office14\\OUTLOOK.EXE"=
    .
    R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [04/09/2012 11:11
    24896]
    R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [04
    /09/2012 11:11 31952]
    R0 SFAUDIO;Sonic Focus DSP Driver;c:\windows\system32\drivers\sfaudio.sys [28/03
    /2008 11:14 24064]
    R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [04/09/2012 11
    :11 301248]
    R2 BrcmMgmtAgent;Broadcom Management Agent;c:\archivos de programa\Broadcom\Mgmt
    Agent\BrcmMgmtAgent.exe [14/01/2011 17:10 130560]
    R2 DOSMEMIO;MEMIO;c:\windows\system32\MEMIO.SYS [17/07/2012 9:24 4300]
    R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [05/09/
    2012 16:08 38144]
    R2 HP LaserJet Service;HP LaserJet Service;c:\archivos de programa\HP\HPLaserJet
    Service\HPLaserJetService.exe [24/06/2009 10:57 136704]
    R2 HPSIService;HP SI Service;c:\windows\system32\HPSIsvc.exe [12/10/2012 11:23 9
    9896]
    R2 SCPDFReadSpool;SolidConverterPDFReadSpool;c:\windows\Installer\MSI1B8.tmp [17
    /01/2013 11:05 177784]
    R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [04/09/2012 11:11 309
    44]
    R3 cnnctfy2MP;cnnctfy2MP;c:\windows\system32\drivers\cnnctfy2.sys [24/07/2012 10
    :08 31344]
    R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windo
    ws\system32\drivers\e1k5132.sys [08/11/2012 17:27 168616]
    R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [05/09/2012 11:11 36608]
    S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [04/0
    9/2012 11:11 235216]
    S2 Connectify;Connectify; [x]
    S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [0
    4/09/2012 11:11 30944]
    S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [04/0
    9/2012 11:11 139856]
    S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [04/0
    9/2012 11:11 24144]
    S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [04/09/2012
    11:11 17232]
    S3 cnnctfy2;Connectify Service;c:\windows\system32\drivers\cnnctfy2.sys [24/07/2
    012 10:08 31344]
    S3 EUCR;ENE USB Mass Storage;c:\windows\system32\drivers\EUCR6SK.sys [29/06/2012
    10:11 26112]
    S3 HPKBCCID;HP Keyboard Smart Card Driver;c:\windows\system32\drivers\HPKBCCID.s
    ys [05/08/2009 6:56 48256]
    S3 mvusbews;USB EWS Device;c:\windows\system32\drivers\mvusbews.sys [12/10/2012
    11:23 17408]
    S3 SRS_PremiumSound_Service;SRS Labs Premium Sound;c:\windows\system32\drivers\S
    RS_PremiumSound_i386.sys [13/06/2012 14:49 246000]
    S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32

    \drivers\ssadbus.sys [01/02/2013 15:56 121064]


    S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadm
    dfl.sys [01/02/2013 15:56 12776]
    S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm
    .sys [01/02/2013 15:56 136808]
    S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32
    \drivers\ssadserd.sys [01/02/2013 15:56 114280]
    S3 STCFUx32;STC DFU Driver;c:\windows\system32\drivers\STCFUx32.sys [24/01/2007
    2:01 7680]
    .
    --- Other Services/Drivers In Memory --.
    *NewlyCreated* - BASFND
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    HPZ12 REG_MULTI_SZ
    Pml Driver HPZ12 Net Driver HPZ12
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D3
    45-D564-463c-AFF1-A69D9E530F96}]
    2013-02-13 20:54
    1607120 ----a-wc:\archivos de programa\Google\C
    hrome\Application\24.0.1312.57\Installer\chrmstp.exe
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2013-02-13 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-13 21
    :08]
    .
    2012-12-26 c:\windows\Tasks\AppleSoftwareUpdate.job
    - c:\archivos de programa\Apple Software Update\SoftwareUpdate.exe [2011-06-01 2
    2:57]
    .
    2013-02-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\archivos de programa\Google\Update\GoogleUpdate.exe [2013-02-13 20:54]
    .
    2013-02-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\archivos de programa\Google\Update\GoogleUpdate.exe [2013-02-13 20:54]
    .
    .
    ------- Supplementary Scan ------.
    ustart page = hxxp://172.23.50.135:8080/intranet2/
    uInternet Settings,ProxyOverride = *.local
    IE: &Enviar a OneNote - c:\archiv~1\MICROS~2\Office14\ONBttnIE.dll/105
    IE: E&xportar a Microsoft Excel - c:\archiv~1\MICROS~2\Office14\EXCEL.EXE/3000
    TCP: DhcpNameServer = 172.23.50.12
    FF - ProfilePath - c:\documents and settings\ALCALDIA\Datos de programa\Mozilla\
    Firefox\Profiles\z2wpxu14.default\
    FF - prefs.js: browser.startup.homepage - hxxps://www.google.com.co/
    FF - prefs.js: network.proxy.ftp - 203.117.130.15
    FF - prefs.js: network.proxy.ftp_port - 80
    FF - prefs.js: network.proxy.http - 203.117.130.15
    FF - prefs.js: network.proxy.http_port - 80
    FF - prefs.js: network.proxy.socks - 203.117.130.15
    FF - prefs.js: network.proxy.socks_port - 80
    FF - prefs.js: network.proxy.ssl - 203.117.130.15
    FF - prefs.js: network.proxy.ssl_port - 80
    FF - prefs.js: network.proxy.type - 0
    FF - ExtSQL: 2013-01-24 11:31; {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}; c:\archiv
    os de programa\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}

    FF - user.js: network.http.max-connections-per-server - 8
    FF - user.js: network.http.max-persistent-connections-per-server - 4
    FF - user.js: nglayout.initialpaint.delay - 600
    FF - user.js: content.notify.interval - 600000
    FF - user.js: content.max.tokenizing.time - 1800000
    FF - user.js: content.switch.threshold - 600000
    FF - user.js: extensions.funmoods.hmpg - true
    FF - user.js: extensions.funmoods.hmpgUrl - hxxp://searchfunmoods.com/?f=1&a=tes
    t331&chnl=test331&cd=2XzuyEtN2Y1L1QzutDtDtCzz0EyByE0BtC0E0BzytD0C0AyDtN0D0Tzu0Ct
    ByCyDtN1L2XzutBtFtCtFtBtFtAtAtC&cr=1047224899
    FF - user.js: extensions.funmoods.dfltSrch - true
    FF - user.js: extensions.funmoods.srchPrvdr - Search
    FF - user.js: extensions.funmoods.dnsErr - true
    FF - user.js: extensions.funmoods_i.newTab - true
    FF - user.js: extensions.funmoods.newTabUrl - hxxp://searchfunmoods.com/?f=2&a=t
    est331&chnl=test331&cd=2XzuyEtN2Y1L1QzutDtDtCzz0EyByE0BtC0E0BzytD0C0AyDtN0D0Tzu0
    CtByCyDtN1L2XzutBtFtCtFtBtFtAtAtC&cr=1047224899
    FF - user.js: extensions.funmoods.tlbrSrchUrl - hxxp://searchfunmoods.com/?f=3&a
    =test331&chnl=test331&cd=2XzuyEtN2Y1L1QzutDtDtCzz0EyByE0BtC0E0BzytD0C0AyDtN0D0Tz
    u0CtByCyDtN1L2XzutBtFtCtFtBtFtAtAtC&cr=1047224899&q=
    FF - user.js: extensions.funmoods.id - 0018E74B1EB90CA5
    FF - user.js: extensions.funmoods.instlDay - 15604
    FF - user.js: extensions.funmoods.vrsn - 1.5.23.22
    FF - user.js: extensions.funmoods.vrsni - 1.5.23.22
    FF - user.js: extensions.funmoods_i.vrsnTs - 1.5.23.2213:44:6
    FF - user.js: extensions.funmoods.prtnrId - funmoods
    FF - user.js: extensions.funmoods.prdct - funmoods
    FF - user.js: extensions.funmoods.aflt - test331
    FF - user.js: extensions.funmoods_i.smplGrp - none
    FF - user.js: extensions.funmoods.tlbrId - base
    FF - user.js: extensions.funmoods.instlRef - test331
    FF - user.js: extensions.funmoods.dfltLng FF - user.js: extensions.funmoods.excTlbr - false
    FF - user.js: extensions.funmoods.autoRvrt - false
    FF - user.js: extensions.funmoods.envrmnt - production
    FF - user.js: extensions.funmoods.isdcmntcmplt - true
    FF - user.js: extensions.funmoods.mntrvrsn - 1.3.0
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http:/
    /www.gmer.net
    Rootkit scan 2013-02-13 18:06
    Windows 5.1.2600 Service Pack 3 NTFS
    .
    scanning hidden processes ...
    .
    scanning hidden autostart entries ...
    .
    scanning hidden files ...
    .
    scan completed successfully
    hidden files: 0
    .
    **************************************************************************
    .
    [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SCPDFReadSpool]
    "ImagePath"="c:\windows\Installer\MSI1B8.tmp"
    .

    --------------------- LOCKED REGISTRY KEYS --------------------.


    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66
    }]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502
    _149_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66
    }\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66
    }\LocalServer32]
    @="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66
    }\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C
    9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C
    9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C
    9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
    @="?????????????????? v1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
    @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
    @="?????????????????? v2"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
    @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
    .
    --------------------- DLLs Loaded Under Running Processes --------------------.
    - - - - - - - > 'explorer.exe'(1364)
    c:\windows\system32\WININET.dll
    c:\archiv~1\ARCHIV~1\MICROS~1\OFFICE14\Cultures\office.odf
    c:\archiv~1\MICROS~2\Office14\3082\GrooveIntlResource.dll
    c:\windows\system32\msi.dll
    c:\windows\system32\webcheck.dll
    c:\windows\system32\WPDShServiceObj.dll
    c:\windows\system32\PortableDeviceTypes.dll
    c:\windows\system32\PortableDeviceApi.dll
    .
    ------------------------ Other Running Processes ------------------------

    .
    c:\archivos de programa\Archivos comunes\Apple\Mobile Device Support\AppleMobile
    DeviceService.exe
    c:\archivos de programa\Bonjour\mDNSResponder.exe
    c:\archivos de programa\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
    c:\windows\system32\wbem\wmiapsrv.exe
    c:\windows\system32\wscntfy.exe
    c:\windows\system32\rundll32.exe
    c:\archivos de programa\iPod\bin\iPodService.exe
    .
    **************************************************************************
    .
    Completion time: 2013-02-13 18:08:53 - machine was rebooted
    ComboFix-quarantined-files.txt 2013-02-13 23:08
    ComboFix2.txt 2013-02-01 22:14
    ComboFix3.txt 2013-01-23 14:44
    .
    Pre-Run: 125.125.656.576 bytes libres
    Post-Run: 125.150.060.544 bytes libres
    .
    - - End Of File - - F91E8081F6A2BF4E3B9C34A2342ADB4E

    You might also like