| |||||||
| Foro de Virus y Spywares Ayuda con: Malwares - Virus - Spywares - Troyanos - Adwares - Worms - Hijackers - Dialers - Rootkits - Keylogger - etc.) Plantéanos tu problema en este sector. No ponga su log de HijackThis aquí !! |
 |
| | Enviar a: | Herramientas |
 | 
08/08/08, 10:57:08
|  |
| ||||
 Mi pc infecta cualquier pendrive que conecto y mis discos duros Cada vez que coloco cualquier pendrive mi pc la infecta con varios virus que el Karpesky me detecta... o infecta discos duros o particiones de estos le pase el dss.exe y me informa otras infecciones. De antemano muchas gracias por su ayuda Pego a continuaciòn reporte Karpesky y reporte Deckard's System Scanner -----------------------------------REPORTE KARPESKY-------------------------------------------- Protection : running -------------------- Total scanned: 11957 Detected: 22 Untreated: 0 Attacks blocked: 0 Start time: 08/08/2008 07:53:16 a.m. Duration: 00:50:13 Detected -------- Status Object ------ ------ deleted: Trojan program Trojan.Win32.Vaklik.cnl File: C:\e.com deleted: Trojan program Trojan.Win32.Vaklik.cms File: C:\kn6jhgc.cmd deleted: Trojan program Backdoor.Win32.Hupigon.dckd File: C:\EDUARDO\PROGRAMAS\anti-virus-spywares\SDFix.exe/SDFix\apps\swsc.exe//UPX deleted: Trojan program Trojan-Downloader.Win32.Agent.yvr File: C:\EDUARDO\PROGRAMAS\HIPER-SNAP\HSnap-DX_6[1].11.02_by_soft-best.net.rar/crack\HprSnap6.exe deleted: Trojan program Trojan.Win32.Vaklik.cnl File: D:\e.com deleted: Trojan program Trojan.Win32.Vaklik.cms File: D:\kn6jhgc.cmd deleted: Trojan program Trojan-GameThief.Win32.OnLineGames.smxj File: D:\WINDOWS\system32\ckvo0.dll deleted: virus Worm.Win32.AutoRun.llz File: D:\WINDOWS\system32\ckvo1.dll deleted: Trojan program Trojan.Win32.Vaklik.cnl File: E:\e.com deleted: Trojan program Trojan.Win32.Vaklik.cms File: E:\kn6jhgc.cmd deleted: Trojan program Trojan.Win32.KillWin.gf File: H:\@b@ddon.exe deleted: Trojan program Trojan-DDoS.Win32.Agent.bv File: H:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe//PE_Patch.PNH//PE-Crypt.PNH deleted: virus Worm.Win32.AutoRun.dha File: H:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\keygen.exe deleted: Trojan program Trojan.Win32.Vaklik.cnl File: D:\System Volume Information\_restore{E553A3D0-0A1B-4D9E-857F-32962D41C013}\RP2\A0000121.com deleted: Trojan program Trojan.Win32.Vaklik.cnl File: C:\System Volume Information\_restore{E553A3D0-0A1B-4D9E-857F-32962D41C013}\RP2\A0000094.com deleted: Trojan program Trojan.Win32.Vaklik.cms File: C:\System Volume Information\_restore{E553A3D0-0A1B-4D9E-857F-32962D41C013}\RP2\A0000095.cmd deleted: Trojan program Trojan.Win32.Vaklik.cms File: D:\System Volume Information\_restore{E553A3D0-0A1B-4D9E-857F-32962D41C013}\RP2\A0000122.cmd deleted: Trojan program Trojan-GameThief.Win32.OnLineGames.smxj File: D:\System Volume Information\_restore{E553A3D0-0A1B-4D9E-857F-32962D41C013}\RP2\A0000130.dll deleted: virus Worm.Win32.AutoRun.llz File: D:\System Volume Information\_restore{E553A3D0-0A1B-4D9E-857F-32962D41C013}\RP2\A0000131.dll deleted: Trojan program Trojan.Win32.Vaklik.cnl File: E:\System Volume Information\_restore{E553A3D0-0A1B-4D9E-857F-32962D41C013}\RP2\A0000132.com deleted: Trojan program Trojan.Win32.Vaklik.cms File: E:\System Volume Information\_restore{E553A3D0-0A1B-4D9E-857F-32962D41C013}\RP2\A0000133.cmd deleted: Trojan program Trojan.Win32.Vaklik.ckn File: G:\1rfw8hjr.com Events ------ Time Event ---- ----- 04/08/2008 05:14:02 p.m. You are advised to perform a full computer scan as soon as possible. 04/08/2008 05:14:03 p.m. Database is out of date, leaving your computer at risk of infection. Please update your database. 04/08/2008 05:14:03 p.m. Protection of your computer is enabled. 04/08/2008 05:14:27 p.m. Process D:\Archivos de programa\SUPERAntiSpyware\SUPERAntiSpyware.exe (PID: 1200): attempt to perform suspicious actions is allowed. 04/08/2008 05:14:34 p.m. Process D:\Archivos de programa\SUPERAntiSpyware\SUPERAntiSpyware.exe (PID: 1200): attempt to perform suspicious actions is allowed. 04/08/2008 05:24:17 p.m. Please restart your computer to complete the installation of new or updated protection components. 04/08/2008 05:24:34 p.m. Please restart your computer to complete the installation of new or updated protection components. 04/08/2008 05:24:34 p.m. Update completed successfully 04/08/2008 05:24:43 p.m. Protection of your computer is not running. You are advised to resume protection. 04/08/2008 05:26:06 p.m. You are advised to perform a full computer scan as soon as possible. 04/08/2008 05:26:06 p.m. Protection of your computer is enabled. 04/08/2008 05:26:15 p.m. Process D:\Archivos de programa\SUPERAntiSpyware\SUPERAntiSpyware.exe (PID: 1312): attempt to perform suspicious actions is allowed. 04/08/2008 05:26:15 p.m. Process D:\Archivos de programa\SUPERAntiSpyware\SUPERAntiSpyware.exe (PID: 1312): attempt to perform suspicious actions is allowed. 04/08/2008 05:27:07 p.m. File C:\e.com: detected: Trojan program 'Trojan.Win32.Vaklik.cnl'. 04/08/2008 05:27:07 p.m. Security threats have been detected. You are advised to neutralize them immediately. 04/08/2008 05:27:07 p.m. File C:\e.com: is still infected, postponed. 04/08/2008 05:27:08 p.m. File C:\kn6jhgc.cmd: detected: Trojan program 'Trojan.Win32.Vaklik.cms'. 04/08/2008 05:27:08 p.m. File C:\kn6jhgc.cmd: is still infected, postponed. 0 04/08/2008 05:51:14 p.m. File C:\EDUARDO\PROGRAMAS\anti-virus-spywares\SDFix.exe/SDFix\apps\swsc.exe//UPX: detected: Trojan program 'Backdoor.Win32.Hupigon.dckd'. 04/08/2008 05:51:14 p.m. Security threats have been detected. You are advised to neutralize them immediately. 04/08/2008 05:51:14 p.m. File C:\EDUARDO\PROGRAMAS\anti-virus-spywares\SDFix.exe/SDFix\apps\swsc.exe//UPX: is still infected, postponed. 04/08/2008 06  02 p.m. File C:\EDUARDO\PROGRAMAS\HIPER-SNAP\HSnap-DX_6[1].11.02_by_soft-best.net.rar/crack\HprSnap6.exe: detected: Trojan program 'Trojan-Downloader.Win32.Agent.yvr'.04/08/2008 06 02 p.m. File C:\EDUARDO\PROGRAMAS\HIPER-SNAP\HSnap-DX_6[1].11.02_by_soft-best.net.rar/crack\HprSnap6.exe: is still infected, postponed.04/08/2008 06:13:31 p.m. Process D:\Archivos de programa\Windows Live\Messenger\MsnMsgr.Exe (PID: 1436): attempt to perform suspicious actions is allowed. 05/08/2008 08:48:24 a.m. You are advised to perform a full computer scan as soon as possible. 05/08/2008 08:48:24 a.m. Protection of your computer is enabled. 05/08/2008 08:48:34 a.m. Process D:\Archivos de programa\SUPERAntiSpyware\SUPERAntiSpyware.exe (PID: 1416): attempt to perform suspicious actions is allowed. 05/08/2008 08:48:34 a.m. Process D:\Archivos de programa\SUPERAntiSpyware\SUPERAntiSpyware.exe (PID: 1416): attempt to perform suspicious actions is allowed. 05/08/2008 08:49:55 a.m. Update completed successfully 05/08/2008 10:50:23 a.m. File D:\WINDOWS\system32\ckvo0.dll: detected: Trojan program 'Trojan-GameThief.Win32.OnLineGames.smxj'. 05/08/2008 10:50:23 a.m. File D:\WINDOWS\system32\ckvo0.dll: is still infected, postponed. 05/08/2008 10:50:23 a.m. File D:\WINDOWS\system32\ckvo1.dll: detected: virus 'Worm.Win32.AutoRun.llz'. 05/08/2008 10:50:23 a.m. File D:\WINDOWS\system32\ckvo1.dll: is still infected, postponed. 05/08/2008 10:55:48 a.m. File E:\e.com: detected: Trojan program 'Trojan.Win32.Vaklik.cnl'. 05/08/2008 10:55:49 a.m. File E:\e.com: is still infected, postponed. 05/08/2008 10:55:49 a.m. File E:\kn6jhgc.cmd: detected: Trojan program 'Trojan.Win32.Vaklik.cms'. 05/08/2008 10:55:49 a.m. File E:\kn6jhgc.cmd: is still infected, postponed. 05/08/2008 11:01:38 a.m. File d:\e.com: detected: Trojan program 'Trojan.Win32.Vaklik.cnl'. 05/08/2008 11:01:50 a.m. File d:\e.com: deleted. 05/08/2008 11:01:50 a.m. File d:\kn6jhgc.cmd: detected: Trojan program 'Trojan.Win32.Vaklik.cms'. 05/08/2008 11:01:53 a.m. File d:\kn6jhgc.cmd: deleted. 05/08/2008 11:01:53 a.m. File d:\windows\system32\ckvo0.dll: detected: Trojan program 'Trojan-GameThief.Win32.OnLineGames.smxj'. 05/08/2008 11:01:54 a.m. File d:\windows\system32\ckvo0.dll: deleted. 05/08/2008 11:01:54 a.m. File d:\windows\system32\ckvo1.dll: detected: virus 'Worm.Win32.AutoRun.llz'. 05/08/2008 11:01:55 a.m. File d:\windows\system32\ckvo1.dll: deleted. 05/08/2008 11:01:55 a.m. File e:\e.com: detected: Trojan program 'Trojan.Win32.Vaklik.cnl'. 05/08/2008 11:01:56 a.m. File e:\e.com: deleted. 05/08/2008 11:01:56 a.m. File e:\kn6jhgc.cmd: detected: Trojan program 'Trojan.Win32.Vaklik.cms'. 05/08/2008 11:01:57 a.m. File e:\kn6jhgc.cmd: deleted. 05/08/2008 11:04:39 a.m. Process D:\WINDOWS\system32\msiexec.exe (PID: 2940): suspicious action. Attempt to list of modules executed during system startup (key \REGISTRY\USER\S-1-5-21-1390067357-920026266-725345543-1003\Software\Adobe\MediaBrowser_saved, value D:\DOCUME~1\Eduardo\CONFIG~1\Temp\{B74D4E10-6884-0000-0000-000000000103}\MediaBrowser.re, data ). 05/08/2008 11:09:39 a.m. Process D:\WINDOWS\system32\msiexec.exe (PID: 2940): attempt to list of modules executed during system startup (key \REGISTRY\USER\S-1-5-21-1390067357-920026266-725345543-1003\Software\Adobe\MediaBrowser_saved, value D:\DOCUME~1\Eduardo\CONFIG~1\Temp\{B74D4E10-6884-0000-0000-000000000103}\MediaBrowser.re, data ) allowed. 05/08/2008 11:09:56 a.m. Update completed successfully 05/08/2008 11:11:06 a.m. Process D:\WINDOWS\system32\msiexec.exe (PID: 2940): suspicious action. Attempt to list of modules executed during system startup (key \REGISTRY\USER\S-1-5-21-1390067357-920026266-725345543-1003\Software\Adobe\Bridge\Preferences, value D:\DOCUME~1\Eduardo\CONFIG~1\Temp\Bridge.re, data ). 05/08/2008 11:12:31 a.m. Process D:\WINDOWS\system32\msiexec.exe (PID: 2940): attempt to list of modules executed during system startup (key \REGISTRY\USER\S-1-5-21-1390067357-920026266-725345543-1003\Software\Adobe\Bridge\Preferences, value D:\DOCUME~1\Eduardo\CONFIG~1\Temp\Bridge.re, data ) allowed. 05/08/2008 11:12:31 a.m. Process D:\WINDOWS\system32\msiexec.exe (PID: 2940): suspicious action. Attempt to list of modules executed during system startup (key \REGISTRY\USER\S-1-5-21-1390067357-920026266-725345543-1003\Software\Adobe\MediaBrowser, value D:\DOCUME~1\Eduardo\CONFIG~1\Temp\Bridge.re, data ). 05/08/2008 11:13:38 a.m. Process D:\WINDOWS\system32\msiexec.exe (PID: 2940): attempt to list of modules executed during system startup (key \REGISTRY\USER\S-1-5-21-1390067357-920026266-725345543-1003\Software\Adobe\MediaBrowser, value D:\DOCUME~1\Eduardo\CONFIG~1\Temp\Bridge.re, data ) allowed. 05/08/2008 11:17:45 a.m. Some protection components are disabled. You are advised to enable them. 05/08/2008 11:17:45 a.m. Protection of your computer is disabled. You are advised to enable protection. 05/08/2008 11:17:59 a.m. Protection of your computer is enabled. 05/08/2008 11:20:40 a.m. You are advised to perform a full computer scan as soon as possible. 05/08/2008 11:20:40 a.m. Protection of your computer is enabled. 05/08/2008 11:20:50 a.m. Process D:\Archivos de programa\SUPERAntiSpyware\SUPERAntiSpyware.exe (PID: 1164): attempt to perform suspicious actions is allowed. 05/08/2008 11:20:50 a.m. Process D:\Archivos de programa\SUPERAntiSpyware\SUPERAntiSpyware.exe (PID: 1164): attempt to perform suspicious actions is allowed. 05/08/2008 03:00:20 p.m. Update completed successfully 05/08/2008 03:03:02 p.m. File H:\@b@ddon.exe: detected: Trojan program 'Trojan.Win32.KillWin.gf'. 05/08/2008 03:03:02 p.m. Security threats have been detected. You are advised to neutralize them immediately. 05/08/2008 03:03:02 p.m. File H:\@b@ddon.exe: is still infected, postponed. 05/08/2008 03:03:03 p.m. File H:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe//PE_Patch.PNH//PE-Crypt.PNH: detected: Trojan program 'Trojan-DDoS.Win32.Agent.bv'. 05/08/2008 03:03:03 p.m. File H:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe//PE_Patch.PNH//PE-Crypt.PNH: is still infected, postponed. 05/08/2008 03:03:03 p.m. File H:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\keygen.exe: detected: virus 'Worm.Win32.AutoRun.dha'. 05/08/2008 03:03:03 p.m. File H:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\keygen.exe: is still infected, postponed. 05/08/2008 03:03:03 p.m. File h:\@b@ddon.exe: detected: Trojan program 'Trojan.Win32.KillWin.gf'. 05/08/2008 03:03:07 p.m. File H:\@b@ddon.exe: detected: Trojan program 'Trojan.Win32.KillWin.gf'. 05/08/2008 03:03:13 p.m. File H:\@b@ddon.exe: deleted. 05/08/2008 03:03:13 p.m. File h:\@b@ddon.exe cannot be deleted. 05/08/2008 03:04:02 p.m. File h:\recycler\s-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe//PE_Patch.PNH//PE-Crypt.PNH: detected: Trojan program 'Trojan-DDoS.Win32.Agent.bv'. 05/08/2008 03:04:04 p.m. File h:\recycler\s-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe: deleted. 05/08/2008 03:04:04 p.m. File h:\recycler\s-1-5-21-1482476501-1644491937-682003330-1013\keygen.exe: detected: virus 'Worm.Win32.AutoRun.dha'. 05/08/2008 03:04:06 p.m. File h:\recycler\s-1-5-21-1482476501-1644491937-682003330-1013\keygen.exe: deleted. 05/08/2008 04:08:27 p.m. File D:\System Volume Information\_restore{E553A3D0-0A1B-4D9E-857F-32962D41C013}\RP2\A0000121.com: detected: Trojan program 'Trojan.Win32.Vaklik.cnl'. User: GRUPO_TRABAJO\MACHINE2$, computer: localhost. 05/08/2008 04:08:27 p.m. Security threats have been detected. You are advised to neutralize them immediately. 05/08/2008 04:08:41 p.m. File D:\System Volume Information\_restore{E553A3D0-0A1B-4D9E-857F-32962D41C013}\RP2\A0000121.com: deleted. 05/08/2008 04:18:28 p.m. Process (PID 2892) tried to access Kaspersky Internet Security process (PID 1084), but the action has been blocked by the Self-Defense component. No action on your part is required. 05/08/2008 04:18:29 p.m. Process (PID 2892) tried to access Kaspersky Internet Security process (PID 2028), but the action has been blocked by the Self-Defense component. No action on your part is required. 05/08/2008 04:29:37 p.m. File C:\System Volume Information\_restore{E553A3D0-0A1B-4D9E-857F-32962D41C013}\RP2\A0000094.com: detected: Trojan program 'Trojan.Win32.Vaklik.cnl'. User: MACHINE2\Eduardo, computer: localhost. 05/08/2008 04:29:37 p.m. Security threats have been detected. You are advised to neutralize them immediately. 05/08/2008 04:29:45 p.m. File C:\System Volume Information\_restore{E553A3D0-0A1B-4D9E-857F-32962D41C013}\RP2\A0000094.com: deleted. 05/08/2008 04:29:45 p.m. File C:\System Volume Information\_restore{E553A3D0-0A1B-4D9E-857F-32962D41C013}\RP2\A0000095.cmd: detected: Trojan program 'Trojan.Win32.Vaklik.cms'. User: MACHINE2\Eduardo, computer: localhost. 05/08/2008 04:29:45 p.m. Security threats have been detected. You are advised to neutralize them immediately. 05/08/2008 04:29:47 p.m. File C:\System Volume Information\_restore{E553A3D0-0A1B-4D9E-857F-32962D41C013}\RP2\A0000095.cmd: deleted. 05/08/2008 04:37:04 p.m. File D:\System Volume Information\_restore{E553A3D0-0A1B-4D9E-857F-32962D41C013}\RP2\A0000122.cmd: detected: Trojan program 'Trojan.Win32.Vaklik.cms'. User: MACHINE2\Eduardo, computer: localhost. 05/08/2008 04:37:04 p.m. Security threats have been detected. You are advised to neutralize them immediately. 05/08/2008 04:37:11 p.m. File D:\System Volume Information\_restore{E553A3D0-0A1B-4D9E-857F-32962D41C013}\RP2\A0000122.cmd: deleted. 05/08/2008 04:37:11 p.m. File D:\System Volume Information\_restore{E553A3D0-0A1B-4D9E-857F-32962D41C013}\RP2\A0000130.dll: detected: Trojan program 'Trojan-GameThief.Win32.OnLineGames.smxj'. User: MACHINE2\Eduardo, computer: localhost. 05/08/2008 04:37:11 p.m. Security threats have been detected. You are advised to neutralize them immediately. 05/08/2008 04:37:12 p.m. File D:\System Volume Information\_restore{E553A3D0-0A1B-4D9E-857F-32962D41C013}\RP2\A0000130.dll: deleted. 05/08/2008 04:37:12 p.m. File D:\System Volume Information\_restore{E553A3D0-0A1B-4D9E-857F-32962D41C013}\RP2\A0000131.dll: detected: virus 'Worm.Win32.AutoRun.llz'. User: MACHINE2\Eduardo, computer: localhost. 05/08/2008 04:37:12 p.m. Security threats have been detected. You are advised to neutralize them immediately. 05/08/2008 04:37:13 p.m. File D:\System Volume Information\_restore{E553A3D0-0A1B-4D9E-857F-32962D41C013}\RP2\A0000131.dll: deleted. 05/08/2008 04:41:50 p.m. File E:\System Volume Information\_restore{E553A3D0-0A1B-4D9E-857F-32962D41C013}\RP2\A0000132.com: detected: Trojan program 'Trojan.Win32.Vaklik.cnl'. User: MACHINE2\Eduardo, computer: localhost. 05/08/2008 04:41:50 p.m. Security threats have been detected. You are advised to neutralize them immediately. 05/08/2008 04:41:59 p.m. File E:\System Volume Information\_restore{E553A3D0-0A1B-4D9E-857F-32962D41C013}\RP2\A0000132.com: deleted. 05/08/2008 04:41:59 p.m. File E:\System Volume Information\_restore{E553A3D0-0A1B-4D9E-857F-32962D41C013}\RP2\A0000133.cmd: detected: Trojan program 'Trojan.Win32.Vaklik.cms'. User: MACHINE2\Eduardo, computer: localhost. 05/08/2008 04:41:59 p.m. Security threats have been detected. You are advised to neutralize them immediately. 05/08/2008 04:42:01 p.m. File E:\System Volume Information\_restore{E553A3D0-0A1B-4D9E-857F-32962D41C013}\RP2\A0000133.cmd: deleted. 05/08/2008 04:52:35 p.m. You are advised to perform a full computer scan as soon as possible. 05/08/2008 04:52:36 p.m. Protection of your computer is enabled. 05/08/2008 04:52:45 p.m. Process D:\Archivos de programa\SUPERAntiSpyware\SUPERAntiSpyware.exe (PID: 1328): attempt to perform suspicious actions is allowed. 05/08/2008 04:52:45 p.m. Process D:\Archivos de programa\SUPERAntiSpyware\SUPERAntiSpyware.exe (PID: 1328): attempt to perform suspicious actions is allowed. 05/08/2008 05:14:16 p.m. Update completed successfully 05/08/2008 06:57:11 p.m. Protection of your computer is not running. You are advised to resume protection. 06/08/2008 10:23:50 a.m. You are advised to perform a full computer scan as soon as possible. 06/08/2008 10:23:50 a.m. Protection of your computer is enabled. 06/08/2008 10:23:59 a.m. Process D:\Archivos de programa\SUPERAntiSpyware\SUPERAntiSpyware.exe (PID: 1060): attempt to perform suspicious actions is allowed. 06/08/2008 10:23:59 a.m. Process D:\Archivos de programa\SUPERAntiSpyware\SUPERAntiSpyware.exe (PID: 1060): attempt to perform suspicious actions is allowed. 06/08/2008 10:29:21 a.m. Update completed successfully 06/08/2008 12:45:28 p.m. Please restart your computer to complete the installation of new or updated protection components. 06/08/2008 12:45:36 p.m. Update completed successfully 06/08/2008 02:34:46 p.m. Update completed successfully 06/08/2008 03:15:09 p.m. You are advised to perform a full computer scan as soon as possible. 06/08/2008 03:15:10 p.m. Protection of your computer is enabled. 06/08/2008 03:15:19 p.m. Process D:\Archivos de programa\SUPERAntiSpyware\SUPERAntiSpyware.exe (PID: 1412): attempt to perform suspicious actions is allowed. 06/08/2008 03:15:19 p.m. Process D:\Archivos de programa\SUPERAntiSpyware\SUPERAntiSpyware.exe (PID: 1412): attempt to perform suspicious actions is allowed. 06/08/2008 06:40:10 p.m. Update completed successfully 06/08/2008 07:45:49 p.m. Protection of your computer is not running. You are advised to resume protection. 07/08/2008 02:44:36 p.m. You are advised to perform a full computer scan as soon as possible. 07/08/2008 02:44:36 p.m. Protection of your computer is enabled. 07/08/2008 02:45:29 p.m. Process D:\Archivos de programa\SUPERAntiSpyware\SUPERAntiSpyware.exe (PID: 1336): attempt to perform suspicious actions is allowed. 07/08/2008 02:45:29 p.m. Process D:\Archivos de programa\SUPERAntiSpyware\SUPERAntiSpyware.exe (PID: 1336): attempt to perform suspicious actions is allowed. 07/08/2008 02:46:46 p.m. Update completed successfully 07/08/2008 05:06:04 p.m. Update completed successfully 08/08/2008 07:53:16 a.m. You are advised to perform a full computer scan as soon as possible. 08/08/2008 07:53:16 a.m. Protection of your computer is enabled. 08/08/2008 07:53:29 a.m. Process D:\Archivos de programa\SUPERAntiSpyware\SUPERAntiSpyware.exe (PID: 1488): attempt to perform suspicious actions is allowed. 08/08/2008 07:53:29 a.m. Process D:\Archivos de programa\SUPERAntiSpyware\SUPERAntiSpyware.exe (PID: 1488): attempt to perform suspicious actions is allowed. 08/08/2008 07:54:40 a.m. Update completed successfully 08/08/2008 08:31:45 a.m. File G:\1rfw8hjr.com: detected: Trojan program 'Trojan.Win32.Vaklik.ckn'. 08/08/2008 08:31:45 a.m. Security threats have been detected. You are advised to neutralize them immediately. 08/08/2008 08:31:45 a.m. File G:\1rfw8hjr.com: is still infected, postponed. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file007: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file008: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file009: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file010: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file011: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file012: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file013: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file014: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file015: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file016: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file017: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file018: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file019: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file020: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file021: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file022: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file023: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file024: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file025: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file026: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file028: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file029: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file030: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file031: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file032: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file033: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file034: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file035: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file036: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file037: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file038: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file039: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file040: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file041: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file042: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file043: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file044: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file045: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file046: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file047: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file048: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file049: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file050: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file051: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file052: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file053: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file054: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file055: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file056: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file057: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file058: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file059: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file060: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file061: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file062: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file063: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file064: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file065: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file066: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file067: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file068: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file069: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file070: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file071: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file072: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file073: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file074: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file075: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file076: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file077: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file078: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file079: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file080: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file081: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file082: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file083: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file084: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file085: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file086: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file087: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file088: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file089: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file090: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file091: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file092: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file093: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file094: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file095: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file096: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file097: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file098: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file099: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file100: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file101: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file102: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file103: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file104: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file105: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file106: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file107: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file108: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file109: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file110: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file111: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file112: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file113: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file114: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file115: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file116: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file117: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file118: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file119: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file120: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file121: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file122: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file123: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file124: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file125: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file126: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file127: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file128: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file129: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file130: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file131: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file132: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file133: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file134: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file135: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file136: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file137: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file138: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file139: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file140: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file141: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file142: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file143: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file144: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file145: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file146: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file147: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file148: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file149: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file150: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file151: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file152: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file153: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file154: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file155: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file156: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file157: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file158: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file159: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file160: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file161: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file162: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file163: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file164: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file165: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file166: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file167: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file168: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file169: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file170: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file171: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file172: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file173: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file174: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file175: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file176: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file177: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file178: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file179: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file180: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file181: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file182: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file183: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file184: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file185: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file186: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file187: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file188: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file189: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file190: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file191: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file192: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file193: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file194: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file195: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file196: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file197: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file198: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file199: is password protected. 08/08/2008 08:31:46 a.m. File G:\klcodec400f.exe//file200: is password protected. 08/08/2008 08:31:50 a.m. File G:\1rfw8hjr.com: detected: Trojan program 'Trojan.Win32.Vaklik.ckn'. 08/08/2008 08:31:56 a.m. File G:\1rfw8hjr.com: deleted. Reports ------- Component Status Start Finish Size --------- ------ ----- ------ ---- Firewall running 08/08/2008 07:53:16 a.m. 14,9 KB Anti-Spam running 08/08/2008 07:53:16 a.m. 0 bytes Privacy Control running 08/08/2008 07:53:16 a.m. 10,5 KB Proactive Defense running 08/08/2008 07:53:16 a.m. 0 bytes File Anti-Virus running 08/08/2008 07:53:16 a.m. 1,3 MB Mail Anti-Virus running 08/08/2008 07:53:16 a.m. 0 bytes Web Anti-Virus running 08/08/2008 07:53:16 a.m. 547,4 KB Update completed 08/08/2008 07:53:37 a.m. 08/08/2008 07:54:40 a.m. 29 KB Scan startup objects completed 08/08/2008 07:55:19 a.m. 08/08/2008 07:56:03 a.m. 440 KB Scan completed 08/08/2008 08:31:44 a.m. 08/08/2008 08:32:48 a.m. 483 KB Quarantine ---------- Status Object Size Added ------ ------ ---- ----- Backup ------ Status Object Size ------ ------ ---- Infected: Trojan program Trojan.Win32.Vaklik.cms e:\kn6jhgc.cmd 86,8 KB Infected: Trojan program Trojan.Win32.Vaklik.cnl c:\e.com 87,0 KB Infected: Trojan program Trojan.Win32.Vaklik.cnl D:\System Volume Information\_restore{E553A3D0-0A1B-4D9E-857F-32962D41C013}\RP2\A0000121.com 87,0 KB Infected: Trojan program Trojan-DDoS.Win32.Agent.bv h:\recycler\s-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe 14,9 KB Infected: Trojan program Trojan.Win32.KillWin.gf h:\@b@ddon.exe 58 KB Infected: Trojan program Backdoor.Win32.Hupigon.dckd c:\eduardo\programas\anti-virus-spywares\sdfix.exe 1,2 MB Infected: Trojan program Trojan-GameThief.Win32.OnLineGames.smxj d:\windows\system32\ckvo0.dll 81,5 KB Infected: Trojan program Trojan.Win32.Vaklik.cms d:\kn6jhgc.cmd 86,8 KB Infected: Trojan program Trojan.Win32.Vaklik.cms E:\System Volume Information\_restore{E553A3D0-0A1B-4D9E-857F-32962D41C013}\RP2\A0000133.cmd 86,8 KB Infected: Trojan program Trojan.Win32.Vaklik.cms c:\kn6jhgc.cmd 86,8 KB Infected: Trojan program Trojan-Downloader.Win32.Agent.yvr c:\eduardo\programas\hiper-snap\hsnap-dx_6[1].11.02_by_soft-best.net.rar 5,3 MB Infected: Trojan program Trojan.Win32.Vaklik.cms D:\System Volume Information\_restore{E553A3D0-0A1B-4D9E-857F-32962D41C013}\RP2\A0000122.cmd 86,8 KB Infected: virus Worm.Win32.AutoRun.llz D:\System Volume Information\_restore{E553A3D0-0A1B-4D9E-857F-32962D41C013}\RP2\A0000131.dll 83 KB Infected: Trojan program Trojan.Win32.Vaklik.cms C:\System Volume Information\_restore{E553A3D0-0A1B-4D9E-857F-32962D41C013}\RP2\A0000095.cmd 86,8 KB Infected: Trojan program Trojan-GameThief.Win32.OnLineGames.smxj D:\System Volume Information\_restore{E553A3D0-0A1B-4D9E-857F-32962D41C013}\RP2\A0000130.dll 81,5 KB Infected: Trojan program Trojan.Win32.Vaklik.ckn G:\1rfw8hjr.com 85,3 KB Infected: Trojan program Trojan.Win32.Vaklik.cnl d:\e.com 87,0 KB Infected: virus Worm.Win32.AutoRun.dha h:\recycler\s-1-5-21-1482476501-1644491937-682003330-1013\keygen.exe 12 KB Infected: Trojan program Trojan.Win32.Vaklik.cnl E:\System Volume Information\_restore{E553A3D0-0A1B-4D9E-857F-32962D41C013}\RP2\A0000132.com 87,0 KB Infected: Trojan program Trojan.Win32.Vaklik.cnl e:\e.com 87,0 KB Infected: Trojan program Trojan.Win32.Vaklik.cnl C:\System Volume Information\_restore{E553A3D0-0A1B-4D9E-857F-32962D41C013}\RP2\A0000094.com 87,0 KB Infected: virus Worm.Win32.AutoRun.llz d:\windows\system32\ckvo1.dll 83 KB ---------------------------REPORTE Deckard's System Scanner-------------------------------- Deckard's System Scanner v20071014.68 Run by Eduardo on 2008-08-08 08:33:50 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- HijackThis (run as Eduardo.exe) --------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 08:34:00 a.m., on 08/08/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: D:\WINDOWS\System32\smss.exe D:\WINDOWS\system32\winlogon.exe D:\WINDOWS\system32\services.exe D:\WINDOWS\system32\lsass.exe D:\WINDOWS\system32\Ati2evxx.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\System32\svchost.exe D:\WINDOWS\system32\spoolsv.exe D:\WINDOWS\system32\Ati2evxx.exe D:\WINDOWS\Explorer.EXE D:\Archivos de programa\Intel Audio Studio\IntelAudioStudio.exe D:\Archivos de programa\Java\jre1.6.0_07\bin\jusched.exe D:\NERO-PREMIUM\Nero 7\InCD\NBHGui.exe D:\Archivos de programa\ATI Technologies\ATI.ACE\Core-Static\MOM.exe D:\NERO-PREMIUM\Nero 7\InCD\InCD.exe D:\Archivos de programa\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe D:\Archivos de programa\ATI Multimedia\main\launchpd.exe D:\Archivos de programa\ATI Multimedia\main\ATIDtct.EXE D:\Archivos de programa\RocketDock\RocketDock.exe D:\WINDOWS\system32\ctfmon.exe D:\Archivos de programa\SUPERAntiSpyware\SUPERAntiSpyware.exe D:\Archivos de programa\Windows Live\Messenger\MsnMsgr.Exe D:\Archivos de programa\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe D:\NERO-PREMIUM\Nero 7\InCD\InCDsrv.exe D:\Archivos de programa\ATI Technologies\ATI.ACE\Core-Static\ccc.exe D:\Archivos de programa\Last.fm\LastFM.exe D:\Archivos de programa\Mozilla Firefox\firefox.exe D:\Documents and Settings\Eduardo\Escritorio\OTMoveIt2.exe D:\WINDOWS\system32\NOTEPAD.EXE D:\Documents and Settings\Eduardo\Escritorio\dss.exe D:\ARCHIV~1\TRENDM~1\HIJACK~1\Eduardo.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Archivos de programa\Java\jre1.6.0_07\bin\ssv.dll O4 - HKLM\..\Run: [ISUSPM Startup] "D:\Archivos de programa\Archivos comunes\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKLM\..\Run: [ISUSScheduler] "D:\Archivos de programa\Archivos comunes\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon O4 - HKLM\..\Run: [IntelAudioStudio] "D:\Archivos de programa\Intel Audio Studio\IntelAudioStudio.exe" TRAY O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Archivos de programa\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [StartCCC] "D:\Archivos de programa\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [NeroFilterCheck] D:\Archivos de programa\Archivos comunes\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [SecurDisc] D:\NERO-PREMIUM\Nero 7\InCD\NBHGui.exe O4 - HKLM\..\Run: [InCD] D:\NERO-PREMIUM\Nero 7\InCD\InCD.exe O4 - HKLM\..\Run: [AVP] "D:\Archivos de programa\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" O4 - HKCU\..\Run: [ATI Launchpad] "D:\Archivos de programa\ATI Multimedia\main\launchpd.exe" O4 - HKCU\..\Run: [ATI DeviceDetect] D:\Archivos de programa\ATI Multimedia\main\ATIDtct.EXE O4 - HKCU\..\Run: [RocketDock] "D:\Archivos de programa\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [SUPERAntiSpyware] D:\Archivos de programa\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [MsnMsgr] "D:\Archivos de programa\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICIO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Servicio de red') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Adobe Gamma.lnk = D:\Archivos de programa\Archivos comunes\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: Add to Anti-Banner - D:\Archivos de programa\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm O8 - Extra context menu item: E&xportar a Microsoft Excel - res://D:\ARCHIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Archivos de programa\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Archivos de programa\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - D:\Archivos de programa\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - D:\Archivos de programa\ATI Multimedia\dtv\EXPLBAR.DLL O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\ARCHIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Archivos de programa\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Archivos de programa\Messenger\msmsgs.exe O20 - AppInit_DLLs: D:\ARCHIV~1\Kaspersky Lab\Kaspersky Internet Security 7.0\adialhk.dll O20 - Winlogon Notify: !SASWinLogon - D:\Archivos de programa\SUPERAntiSpyware\SASWINLO.dll O23 - Service: Adobe LM Service - Adobe Systems - D:\Archivos de programa\Archivos comunes\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - D:\Archivos de programa\Ares\chatServer.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - D:\Archivos de programa\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - D:\NERO-PREMIUM\Nero 7\InCD\InCDsrv.exe O23 - Service: NBService - Nero AG - D:\NERO-PREMIUM\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - D:\Archivos de programa\Archivos comunes\Ahead\Lib\NMIndexingService.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - D:\WINDOWS\System32\TuneUpDefragService.exe -- End of file - 7050 bytes -- Files created between 2008-07-08 and 2008-08-08 ----------------------------- 2008-08-07 16:00:51 0 d-------- D:\WINDOWS\mic1602 2008-08-07 16:00:49 0 d-------- D:\WINDOWS\asr3232 2008-08-07 16:00:49 81920 --a------ D:\WINDOWS\asr3232.dll 2008-08-07 16:00:47 0 d-------- D:\WINDOWS\LHSP 2008-08-07 16:00:45 167936 -----n--- D:\WINDOWS\system32\MTWTools.dll <Not Verified; ; MTWTools Module> 2008-08-07 14:48:10 0 d-------- D:\Archivos de programa\Total Video Converter 2008-08-07 14:46:35 0 d-------- D:\Archivos de programa\Archivos comunes\DVDVideoSoft 2008-08-07 14:46:31 0 d-------- D:\Archivos de programa\DVDVideoSoft 2008-08-05 16:16:00 0 d-------- D:\Archivos de programa\Malwarebytes' Anti-Malware 2008-08-05 10:37:22 0 d-------- D:\Documents and Settings\Eduardo\Configuracin local 2008-08-04 17:11:18 96976 --a------ D:\WINDOWS\system32\drivers\klin.dat 2008-08-04 17:11:18 87855 --a------ D:\WINDOWS\system32\drivers\klick.dat 2008-08-04 17 51 53536 --ahs---- D:\WINDOWS\system32\drivers\fidbox2.dat2008-08-04 17 51 3777568 --ahs---- D:\WINDOWS\system32\drivers\fidbox.dat2008-08-04 17 51 0 d-------- D:\Archivos de programa\Kaspersky Lab2008-08-04 15:24:09 0 d-------- D:\Updates 2008-08-01 18:39:45 0 d-------- D:\Archivos de programa\MSECache 2008-08-01 15:57:45 0 d-------- D:\Archivos de programa\IObit 2008-08-01 15:33:48 0 dr-h----- D:\Documents and Settings\Eduardo\Recent 2008-08-01 14:22:44 0 d-------- D:\Archivos de programa\Trend Micro 2008-07-31 10:11:02 0 d-------- D:\Documents and Settings\Eduardo\Contacts 2008-07-31 10:02:39 0 d-------- D:\Archivos de programa\Ares 2008-07-31 10:00:34 0 d------c- D:\WINDOWS\system32\DRVSTORE 2008-07-31 09:44:23 0 d--hs--c- D:\Archivos de programa\Archivos comunes\WindowsLiveInstaller 2008-07-31 09:43:59 0 d-------- D:\Archivos de programa\Windows Live 2008-07-31 09:40:22 0 d-------- D:\Archivos de programa\SUPERAntiSpyware 2008-07-30 12:21:08 0 d-------- D:\WINDOWS\Sun 2008-07-29 13:40:48 0 d-------- D:\Archivos de programa\TuneUp Utilities 2008 2008-07-29 13:40:19 0 d-------- D:\Archivos de programa\Archivos comunes\Wise Installation Wizard 2008-07-29 08:42:14 0 d--h----- D:\WINDOWS\PIF 2008-07-29 06:05:35 0 d-------- D:\Program Files 2008-07-28 11:51:53 0 d-------- D:\Archivos de programa\Last.fm 2008-07-28 11:45:51 0 d-------- D:\Archivos de programa\RocketDock 2008-07-25 18:52:33 0 d-------- D:\Archivos de programa\ATI Multimedia 2008-07-25 18:45:30 0 d-------- D:\Archivos de programa\Archivos comunes\ATI Technologies 2008-07-25 18:44:16 0 d-------- D:\Archivos de programa\Archivos comunes\ATI 2008-07-25 18:44:15 0 d-------- D:\Archivos de programa\Archivos comunes\CyberLink 2008-07-25 18:38:44 0 d-------- D:\MULTIMEDIA 2008-07-25 18:28:26 0 d-------- D:\Archivos de programa\Archivos comunes\Ahead 2008-07-25 18:27:09 0 d-------- D:\NERO-PREMIUM 2008-07-25 18:03:06 0 d-------- D:\WINDOWS\system32\appmgmt 2008-07-25 17:51:53 0 d-------- D:\WINDOWS\Downloaded Installations 2008-07-25 17:05:02 0 d-------- D:\Archivos de programa\muvee Technologies 2008-07-25 16:58:45 0 d-------- D:\Archivos de programa\TitanTV 2008-07-25 16:58:32 0 d-------- D:\Archivos de programa\msaccrt 2008-07-25 16:58:05 0 d-------- D:\WINDOWS\system32\windows media 2008-07-25 16:58:01 0 d-------- D:\WINDOWS\RegisteredPackages 2008-07-25 16:57:57 0 d-------- D:\Archivos de programa\Windows Media Components 2008-07-25 16:56:46 0 d-------- D:\ATI-TV 2008-07-25 16:13:47 593920 -----n--- D:\WINDOWS\system32\ati2sgag.exe <Not Verified; ; ATI Smart> 2008-07-25 16:08:35 0 d-------- D:\Archivos de programa\MSBuild 2008-07-25 16:08:32 0 d-------- D:\WINDOWS\system32\XPSViewer 2008-07-25 16:08:29 0 d-------- D:\Archivos de programa\Reference Assemblies 2008-07-25 16:05:56 0 d-------- D:\Archivos de programa\MSXML 6.0 2008-07-25 15:19:46 0 --a------ D:\WINDOWS\ativpsrm.bin 2008-07-25 15:15:14 0 d-------- D:\Archivos de programa\ATI Technologies 2008-07-25 15:14:40 0 d-------- D:\ATI 2008-07-25 12:19:27 18690 --a------ D:\WINDOWS\system32\drivers\usbhsb.sys 2008-07-25 12:19:26 0 d-------- D:\Archivos de programa\Genesys Logic 2008-07-25 12:19:15 306688 --a------ D:\WINDOWS\IsUninst.exe <Not Verified; InstallShield Software Corporation; InstallShield® unInstaller> 2008-07-25 12:18:43 0 d-------- D:\WINDOWS\system32\drivers\USB 2008-07-25 12:18:43 5406 --a------ D:\WINDOWS\system32\drivers\M5633.BIN 2008-07-25 11:42:59 0 d-------- D:\Archivos de programa\Microsoft.NET 2008-07-25 11:42:28 0 d-------- D:\WINDOWS\SHELLNEW 2008-07-25 11:26:57 0 d-------- D:\Archivos de programa\Archivos comunes\Adobe Systems Shared 2008-07-25 11:25:48 0 d-------- D:\Archivos de programa\Archivos comunes\Adobe 2008-07-25 09:31:46 0 d-------- D:\Archivos de programa\Java 2008-07-25 09:28:13 0 d-------- D:\Archivos de programa\Archivos comunes\Java 2008-07-24 19:02:16 0 d-------- D:\Archivos de programa\MSXML 4.0 2008-07-24 19:00:23 0 d-------- D:\Documents and Settings\Eduardo\Application Data 2008-07-24 19:00:23 0 d-------- D:\Documents and Settings\Eduardo\Application Data\Adobe 2008-07-24 18:50:53 0 d-------- D:\Archivos de programa\GRETECH 2008-07-24 18:49:47 164352 --a------ D:\WINDOWS\system32\unrar.dll 2008-07-24 18:49:43 217088 --a------ D:\WINDOWS\system32\yv12vfw.dll <Not Verified; www.helixcommunity.org; Helix YV12 YUV Codec> 2008-07-24 18:49:43 159839 --a------ D:\WINDOWS\system32\xvidvfw.dll 2008-07-24 18:49:43 755027 --a------ D:\WINDOWS\system32\xvidcore.dll 2008-07-24 18:49:42 3596288 --a------ D:\WINDOWS\system32\qt-dx331.dll 2008-07-24 18:49:42 81920 --a------ D:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100> 2008-07-24 18:49:42 683520 --a------ D:\WINDOWS\system32\divx.dll <Not Verified; DivX, Inc.; DivX®> 2008-07-24 18:49:41 7680 --a------ D:\WINDOWS\system32\ff_vfw.dll 2008-07-24 18:49:39 0 d-------- D:\Documents and Settings\Eduardo\dwhelper 2008-07-24 18:49:39 0 d-------- D:\Archivos de programa\K-Lite Codec Pack 2008-07-24 18:45:32 0 d-------- D:\Archivos de programa\CCleaner 2008-07-24 18:45:06 0 --a------ D:\WINDOWS\nsreg.dat 2008-07-24 18:16:22 0 d-------- D:\WINDOWS\system32\es-es 2008-07-24 18:13:14 0 d-------- D:\WINDOWS\network diagnostic 2008-07-24 18:09:19 0 d-------- D:\Archivos de programa\Windows Media Connect 2 2008-07-24 18:07:43 0 d-------- D:\WINDOWS\system32\LogFiles 2008-07-24 18:07:43 0 d-------- D:\WINDOWS\system32\drivers\UMDF 2008-07-24 17:35:20 40960 --a------ D:\WINDOWS\system32\SFIMLARK.dll <Not Verified; Sonic Focus, Inc; Sonic Focus SFIMLARK> 2008-07-24 17:35:20 61440 --a------ D:\WINDOWS\system32\SFIDLOCK.dll <Not Verified; Sonic Focus, Inc; Silicon Pixels SFIDLOCK> 2008-07-24 17:35:20 266240 --a------ D:\WINDOWS\system32\IASMXDLL.dll <Not Verified; Sonic Focus, Inc; Sonic Focus IASMXDLL> 2008-07-24 17:35:20 274432 --a------ D:\WINDOWS\system32\IASDLL.dll <Not Verified; Sonic Focus, Inc; Sonic Focus IASDLL> 2008-07-24 17:35:20 53248 --a------ D:\WINDOWS\system32\IASBB.dll <Not Verified; Sonic Focus, Inc; IASBB> 2008-07-24 17:35:13 0 d-------- D:\Archivos de programa\Intel Audio Studio 2008-07-24 17:33:40 0 d--h----- D:\Archivos de programa\InstallShield Installation Information 2008-07-24 17:33:40 0 d-------- D:\Archivos de programa\IDT 2008-07-24 17:31:18 0 d-------- D:\DRIVER-INTEL-SIGMA 2008-07-24 17:14:05 0 d-------- D:\Archivos de programa\Foxit Software 2008-07-24 17 45 0 d-------- D:\Intel2008-07-24 17 20 0 d-------- D:\Archivos de programa\7-Zip2008-07-24 12:39:56 0 d-------- D:\WINDOWS\system32\PreInstall 2008-07-24 12:39:47 0 d--h----- D:\WINDOWS\$hf_mig$ 2008-07-24 09:11:53 0 d-------- D:\Archivos de programa\Lavalys 2008-07-24 06:01:21 0 d-------- D:\WINDOWS\CSC 2008-07-24 05:56:46 0 d-------- D:\WINDOWS\system32\SoftwareDistribution 2008-07-24 05:44:59 0 d-------- D:\WINDOWS\system32\ReinstallBackups 2008-07-24 05:44:56 0 d-------- D:\Archivos de programa\Intel 2008-07-24 05:43:11 0 d-------- D:\TempEI4 2008-07-24 05:40:59 0 d-------- D:\Archivos de programa\Archivos comunes\InstallShield 2008-07-24 05:40:00 0 d-------- D:\Archivos de programa\Corel 2008-07-24 05:40:00 0 d-------- D:\Archivos de programa\Archivos comunes\Corel 2008-07-23 21:48:23 0 dr-h----- D:\Documents and Settings\Eduardo\SendTo 2008-07-23 21:48:23 0 d--h----- D:\Documents and Settings\Eduardo\Plantillas 2008-07-23 21:48:23 6029312 --ah----- D:\Documents and Settings\Eduardo\NTUSER.DAT 2008-07-23 21:48:23 0 dr------- D:\Documents and Settings\Eduardo\Mis documentos 2008-07-23 21:48:23 0 dr------- D:\Documents and Settings\Eduardo\Menú Inicio 2008-07-23 21:48:23 0 d--h----- D:\Documents and Settings\Eduardo\Impresoras 2008-07-23 21:48:23 0 dr------- D:\Documents and Settings\Eduardo\Favoritos 2008-07-23 21:48:23 0 d-------- D:\Documents and Settings\Eduardo\Escritorio 2008-07-23 21:48:23 0 d--h----- D:\Documents and Settings\Eduardo\Entorno de red 2008-07-23 21:48:23 0 dr-h----- D:\Documents and Settings\Eduardo\Datos de programa 2008-07-23 21:48:23 0 d--hs---- D:\Documents and Settings\Eduardo\Cookies 2008-07-23 21:48:23 0 d--h----- D:\Documents and Settings\Eduardo\Configuración local 2008-07-23 21:46:51 0 d-------- D:\WINDOWS\SoftwareDistribution 2008-07-23 21:46:50 0 d---s---- D:\WINDOWS\system32\Microsoft 2008-07-23 21:46:50 0 d-------- D:\WINDOWS\Prefetch 2008-07-23 21:41:38 0 d-------- D:\WINDOWS\system32\xircom 2008-07-23 21:41:38 0 d-------- D:\Archivos de programa\microsoft frontpage 2008-07-23 21:39:59 0 dr------- D:\WINDOWS\Offline Web Pages 2008-07-23 21:39:59 0 d---s---- D:\WINDOWS\Downloaded Program Files 2008-07-23 21:39:47 0 d--h----- D:\Archivos de programa\WindowsUpdate 2008-07-23 21:39:45 0 d-------- D:\Archivos de programa\Servicios en línea 2008-07-23 21:39:14 0 d-------- D:\WINDOWS\system32\DirectX 2008-07-23 21:38:11 0 d---s---- D:\WINDOWS\Tasks 2008-07-23 21:38:09 0 d-------- D:\Archivos de programa\Archivos comunes\MSSoap 2008-07-23 21:38:03 0 d-------- D:\WINDOWS\srchasst 2008-07-23 21:38:02 0 d-------- D:\WINDOWS\system32\Macromed 2008-07-23 21:37:50 0 d-------- D:\Archivos de programa\Movie Maker 2008-07-23 21:37:35 0 d-------- D:\WINDOWS\system32\Restore 2008-07-23 21:36:41 21900 --a------ D:\WINDOWS\system32\emptyregdb.dat 2008-07-23 21:36:23 0 d-------- D:\WINDOWS\Registration 2008-07-23 21:36:19 0 d-------- D:\Archivos de programa\Online Services 2008-07-23 21:36:09 0 d-------- D:\Archivos de programa\Messenger 2008-07-23 21:36:04 0 d-------- D:\Archivos de programa\MSN Gaming Zone 2008-07-23 21:35:33 0 d-------- D:\WINDOWS\Cursores 2008-07-23 21:34:56 0 d-------- D:\Archivos de programa\Windows NT 2008-07-23 21:34:51 0 d-------- D:\WINDOWS\system32\MsDtc 2008-07-23 21:34:48 0 d-------- D:\WINDOWS\system32\Com 2008-07-23 16:33:53 0 d--hs---- D:\System Volume Information 2008-07-23 16:08:23 0 d-------- D:\WINDOWS 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\WinSxS 2008-07-23 16:08:23 0 dr------- D:\WINDOWS\Web 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\twain_32 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\wins 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\wbem 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\usmt 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\spool 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\ShellExt 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\Setup 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\ras 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\oobe 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\npp 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\mui 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\inetsrv 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\IME 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\icsxml 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\ias 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\export 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\drivers 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\drivers\etc 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\drivers\disdn 2008-07-23 16:08:23 0 dr-hs--c- D:\WINDOWS\system32\dllcache 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\dhcp 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\config 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\3com_dmi 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\3082 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\3076 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\2052 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\1054 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\1042 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\1041 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\1037 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\1033 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\1031 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\1028 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\1025 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\security 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\Resources 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\repair 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\Provisioning 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\PeerNet 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\pchealth 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\mui 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\msapps 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\msagent 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\Media 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\java 2008-07-23 16:08:23 0 d--h----- D:\WINDOWS\inf 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\ime 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\Help 2008-07-23 16:08:23 0 dr--s---- D:\WINDOWS\Fonts 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\ehome 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\Driver Cache 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\Debug 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\Cursors 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\Connection Wizard 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\Config 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\AppPatch 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\addins 2008-07-23 15:17:54 0 d--hs---- D:\WINDOWS\Installer 2008-07-23 15:17:54 0 d-------- D:\Archivos de programa\Archivos comunes\ODBC 2008-07-23 15:17:50 0 d-------- D:\Archivos de programa\Archivos comunes\SpeechEngines 2008-07-23 15:17:49 0 dr------- D:\Archivos de programa 2008-07-23 15:17:49 0 d-------- D:\Archivos de programa\Archivos comunes 2008-07-23 15:16:57 0 d-------- D:\WINDOWS\system32\CatRoot2 2008-07-23 15:16:57 0 d-------- D:\WINDOWS\system32\CatRoot 2008-07-23 15:16:26 0 d-------- D:\Documents and Settings -- Find3M Report --------------------------------------------------------------- 2008-08-05 16:16:04 0 d-------- D:\Documents and Settings\Eduardo\Datos de programa\Malwarebytes 2008-08-05 10:37:22 0 d-------- D:\Documents and Settings\Eduardo\Datos de programa\Adobe 2008-07-31 09:40:22 0 d-------- D:\Documents and Settings\Eduardo\Datos de programa\SUPERAntiSpyware.com 2008-07-30 12:21:07 0 d-------- D:\Documents and Settings\Eduardo\Datos de programa\Sun 2008-07-29 15:18:46 0 d-------- D:\Documents and Settings\Eduardo\Datos de programa\ATI MMC 2008-07-29 13:41:14 0 d-------- D:\Documents and Settings\Eduardo\Datos de programa\TuneUp Software 2008-07-29 08:30:07 0 d-------- D:\Documents and Settings\Eduardo\Datos de programa\Ahead 2008-07-25 16:17:48 0 d-------- D:\Documents and Settings\Eduardo\Datos de programa\ATI 2008-07-25 16:09:01 495780 --a------ D:\WINDOWS\system32\perfh00A.dat 2008-07-25 16:09:01 85886 --a------ D:\WINDOWS\system32\perfc00A.dat 2008-07-25 09:34:33 0 d-------- D:\Documents and Settings\Eduardo\Datos de programa\Mozilla 2008-07-24 18:54:52 0 d-------- D:\Documents and Settings\Eduardo\Datos de programa\Macromedia 2008-07-24 18:51:02 0 d-------- D:\Documents and Settings\Eduardo\Datos de programa\GRETECH 2008-07-24 06:14:44 0 d-------- D:\Documents and Settings\Eduardo\Datos de programa\Corel 2008-07-23 21:48:35 0 d-------- D:\Documents and Settings\Eduardo\Datos de programa\Identities 2008-07-23 15:17:14 62 --ahs---- D:\Documents and Settings\Eduardo\Datos de programa\desktop.ini -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run] "ISUSPM Startup"="D:\Archivos de programa\Archivos comunes\InstallShield\UpdateService\isuspm.exe" [11/08/2005 04:30 p.m.] "ISUSScheduler"="D:\Archivos de programa\Archivos comunes\InstallShield\UpdateService\issch.exe" [11/08/2005 04:30 p.m.] "Synchronization Manager"="D:\WINDOWS\system32\mobsync.exe" [20/08/2004 07:00 a.m.] "IntelAudioStudio"="D:\Archivos de programa\Intel Audio Studio\IntelAudioStudio.exe" [23/10/2007 10:37 a.m.] "SunJavaUpdateSched"="D:\Archivos de programa\Java\jre1.6.0_07\bin\jusched.exe" [10/06/2008 04:27 a.m.] "StartCCC"="D:\Archivos de programa\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [21/01/2008 12:17 p.m.] "NeroFilterCheck"="D:\Archivos de programa\Archivos comunes\Ahead\Lib\NeroCheck.exe" [01/03/2007 03:57 p.m.] "SecurDisc"="D:\NERO-PREMIUM\Nero 7\InCD\NBHGui.exe" [15/05/2007 03:55 p.m.] "InCD"="D:\NERO-PREMIUM\Nero 7\InCD\InCD.exe" [15/05/2007 03:55 p.m.] "AVP"="D:\Archivos de programa\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" [08/02/2008 06:36 p.m.] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run] "@"="" [] "ATI Launchpad"="D:\Archivos de programa\ATI Multimedia\main\launchpd.exe" [31/10/2006 09:27 p.m.] "ATI DeviceDetect"="D:\Archivos de programa\ATI Multimedia\main\ATIDtct.EXE" [31/10/2006 09:24 p.m.] "RocketDock"="D:\Archivos de programa\RocketDock\RocketDock.exe" [28/01/2007 03:55 a.m.] "ctfmon.exe"="D:\WINDOWS\system32\ctfmon.exe" [20/08/2004 07:00 a.m.] "SUPERAntiSpyware"="D:\Archivos de programa\SUPERAntiSpyware\SUPERAntiSpyware.exe" [21/06/2007 02:06 p.m.] "MsnMsgr"="D:\Archivos de programa\Windows Live\Messenger\MsnMsgr.exe" [18/10/2007 11:34 a.m.] D:\Documents and Settings\Eduardo\Men£ Inicio\Programas\Inicio\ Adobe Gamma.lnk - D:\Archivos de programa\Archivos comunes\Adobe\Calibration\Adobe Gamma Loader.exe [16/03/2005 07:16:50 p.m.] [HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\explorer] "LinkResolveIgnoreLinkInfo"=0 (0x0) "NoResolveSearch"=1 (0x1) [HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\explorer] "LinkResolveIgnoreLinkInfo"=0 (0x0) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= D:\Archivos de programa\SUPERAntiSpyware\SASSEH.DLL [20/12/2006 01:55 p.m. 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] D:\Archivos de programa\SUPERAntiSpyware\SASWINLO.dll 19/04/2007 01:41 p.m. 294912 D:\Archivos de programa\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "appinit_dlls"=D:\ARCHIV~1\Kaspersky Lab\Kaspersky Internet Security 7.0\adialhk.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\securityproviders] SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp [HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{60a375c9-58fb-11dd-af79-806d6172696f}] AutoRun\command- e.com explore\Command- e.com open\Command- e.com [HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{898fcbb2-59b1-11dd-bc57-eb1451178a06}] AutoRun\command- G:\1rfw8hjr.com explore\Command- G:\1rfw8hjr.com open\Command- G:\1rfw8hjr.com -- End of Deckard's System Scanner: finished at 2008-08-08 08:36:15 ------------ |
| InfoSpyware | ||
| |
|
08/08/08, 11:51:49
| |
| ||||
| Re: Mi pc infecta cualquier pendrive que conecto y mis discos duros Que tal maxelsmart, Bienvenid@ al foro
B.-Descarga y actualiza Malwarebytes' Anti-Malware<Leer_manual> 1.-Desactiva restaurar sistemaC.-Descarga Flash desinfector+Manual 2.-Entra en modo seguro
D.-Pasa el Ewido online <Leer_manual>y recuerda marcar Remove Infections si no elimina todo, guarda el reporte y peagalo aqui E.-pasa el Kaspersky online <Leer_manual> si usas firefox instala IE Tab., pega el log que te genere el kaspersky aqui Nota: el scan lo haces con todas tus unidades extraibles conectadas Regresa con los reportes e indicame como esta el paciente para recomendarte las acciones a tomar Novedades del Foro | Antivirus Online | Eliminar Malwares | Políticas del Foro | Blog * Ayúdanos haciendo una DONACIÓN para poder seguir Ayudando. * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro. |
|
08/08/08, 18:12:22
| |
| ||||
 Re: Mi pc infecta cualquier pendrive que conecto y mis discos duros Parece que funciono!!! el informe del Deckard's System Scanner parece  limpio!!!No se si hay algo raro en el reporte  ... gracias por contestar Deckard's System Scanner v20071014.68 Run by Eduardo on 2008-08-08 16:03:44 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- HijackThis (run as Eduardo.exe) --------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 04:03:52 p.m., on 08/08/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: D:\WINDOWS\System32\smss.exe D:\WINDOWS\system32\winlogon.exe D:\WINDOWS\system32\services.exe D:\WINDOWS\system32\lsass.exe D:\WINDOWS\system32\Ati2evxx.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\System32\svchost.exe D:\WINDOWS\system32\Ati2evxx.exe D:\WINDOWS\system32\spoolsv.exe D:\WINDOWS\Explorer.EXE D:\Archivos de programa\Intel Audio Studio\IntelAudioStudio.exe D:\Archivos de programa\Java\jre1.6.0_07\bin\jusched.exe D:\NERO-PREMIUM\Nero 7\InCD\NBHGui.exe D:\NERO-PREMIUM\Nero 7\InCD\InCD.exe D:\Archivos de programa\ATI Technologies\ATI.ACE\Core-Static\MOM.exe D:\Archivos de programa\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe D:\Archivos de programa\ATI Multimedia\main\launchpd.exe D:\Archivos de programa\ATI Multimedia\main\ATIDtct.EXE D:\Archivos de programa\RocketDock\RocketDock.exe D:\WINDOWS\system32\ctfmon.exe D:\Archivos de programa\SUPERAntiSpyware\SUPERAntiSpyware.exe D:\Archivos de programa\Windows Live\Messenger\MsnMsgr.Exe D:\Archivos de programa\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe D:\NERO-PREMIUM\Nero 7\InCD\InCDsrv.exe D:\Archivos de programa\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\EDUARDO\PROGRAMAS\ANTI-MALWARE-VIRUS-DECKAR\dss.exe D:\ARCHIV~1\TRENDM~1\HIJACK~1\Eduardo.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Archivos de programa\Java\jre1.6.0_07\bin\ssv.dll O4 - HKLM\..\Run: [ISUSPM Startup] "D:\Archivos de programa\Archivos comunes\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKLM\..\Run: [ISUSScheduler] "D:\Archivos de programa\Archivos comunes\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon O4 - HKLM\..\Run: [IntelAudioStudio] "D:\Archivos de programa\Intel Audio Studio\IntelAudioStudio.exe" TRAY O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Archivos de programa\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [StartCCC] "D:\Archivos de programa\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [NeroFilterCheck] D:\Archivos de programa\Archivos comunes\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [SecurDisc] D:\NERO-PREMIUM\Nero 7\InCD\NBHGui.exe O4 - HKLM\..\Run: [InCD] D:\NERO-PREMIUM\Nero 7\InCD\InCD.exe O4 - HKLM\..\Run: [AVP] "D:\Archivos de programa\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" O4 - HKCU\..\Run: [ATI Launchpad] "D:\Archivos de programa\ATI Multimedia\main\launchpd.exe" O4 - HKCU\..\Run: [ATI DeviceDetect] D:\Archivos de programa\ATI Multimedia\main\ATIDtct.EXE O4 - HKCU\..\Run: [RocketDock] "D:\Archivos de programa\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [SUPERAntiSpyware] D:\Archivos de programa\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [MsnMsgr] "D:\Archivos de programa\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICIO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Servicio de red') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Adobe Gamma.lnk = D:\Archivos de programa\Archivos comunes\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: Add to Anti-Banner - D:\Archivos de programa\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm O8 - Extra context menu item: E&xportar a Microsoft Excel - res://D:\ARCHIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Archivos de programa\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Archivos de programa\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - D:\Archivos de programa\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - D:\Archivos de programa\ATI Multimedia\dtv\EXPLBAR.DLL O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\ARCHIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Archivos de programa\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Archivos de programa\Messenger\msmsgs.exe O20 - AppInit_DLLs: D:\ARCHIV~1\Kaspersky Lab\Kaspersky Internet Security 7.0\adialhk.dll O20 - Winlogon Notify: !SASWinLogon - D:\Archivos de programa\SUPERAntiSpyware\SASWINLO.dll O23 - Service: Adobe LM Service - Adobe Systems - D:\Archivos de programa\Archivos comunes\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - D:\Archivos de programa\Ares\chatServer.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - D:\Archivos de programa\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - D:\NERO-PREMIUM\Nero 7\InCD\InCDsrv.exe O23 - Service: NBService - Nero AG - D:\NERO-PREMIUM\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - D:\Archivos de programa\Archivos comunes\Ahead\Lib\NMIndexingService.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - D:\WINDOWS\System32\TuneUpDefragService.exe -- End of file - 6862 bytes -- Files created between 2008-07-08 and 2008-08-08 ----------------------------- 2008-08-08 15:51:48 0 dr-h----- D:\Documents and Settings\Eduardo\Recent 2008-08-08 15:23:23 0 d-------- D:\Archivos de programa\VS Revo Group 2008-08-07 16:00:51 0 d-------- D:\WINDOWS\mic1602 2008-08-07 16:00:49 0 d-------- D:\WINDOWS\asr3232 2008-08-07 16:00:49 81920 --a------ D:\WINDOWS\asr3232.dll 2008-08-07 16:00:47 0 d-------- D:\WINDOWS\LHSP 2008-08-07 16:00:45 167936 -----n--- D:\WINDOWS\system32\MTWTools.dll <Not Verified; ; MTWTools Module> 2008-08-07 14:48:10 0 d-------- D:\Archivos de programa\Total Video Converter 2008-08-07 14:46:35 0 d-------- D:\Archivos de programa\Archivos comunes\DVDVideoSoft 2008-08-07 14:46:31 0 d-------- D:\Archivos de programa\DVDVideoSoft 2008-08-05 16:16:00 0 d-------- D:\Archivos de programa\Malwarebytes' Anti-Malware 2008-08-05 10:37:22 0 d-------- D:\Documents and Settings\Eduardo\Configuracin local 2008-08-04 17:11:18 96976 --a------ D:\WINDOWS\system32\drivers\klin.dat 2008-08-04 17:11:18 87855 --a------ D:\WINDOWS\system32\drivers\klick.dat 2008-08-04 17 51 58144 --ahs---- D:\WINDOWS\system32\drivers\fidbox2.dat2008-08-04 17 51 3931680 --ahs---- D:\WINDOWS\system32\drivers\fidbox.dat2008-08-04 17 51 0 d-------- D:\Archivos de programa\Kaspersky Lab2008-08-04 15:24:09 0 d-------- D:\Updates 2008-08-01 18:39:45 0 d-------- D:\Archivos de programa\MSECache 2008-08-01 15:57:45 0 d-------- D:\Archivos de programa\IObit 2008-08-01 14:22:44 0 d-------- D:\Archivos de programa\Trend Micro 2008-07-31 10:11:02 0 d-------- D:\Documents and Settings\Eduardo\Contacts 2008-07-31 10:02:39 0 d-------- D:\Archivos de programa\Ares 2008-07-31 10:00:34 0 d------c- D:\WINDOWS\system32\DRVSTORE 2008-07-31 09:44:23 0 d--hs--c- D:\Archivos de programa\Archivos comunes\WindowsLiveInstaller 2008-07-31 09:43:59 0 d-------- D:\Archivos de programa\Windows Live 2008-07-31 09:40:22 0 d-------- D:\Archivos de programa\SUPERAntiSpyware 2008-07-30 12:21:08 0 d-------- D:\WINDOWS\Sun 2008-07-29 13:40:48 0 d-------- D:\Archivos de programa\TuneUp Utilities 2008 2008-07-29 13:40:19 0 d-------- D:\Archivos de programa\Archivos comunes\Wise Installation Wizard 2008-07-29 08:42:14 0 d--h----- D:\WINDOWS\PIF 2008-07-29 06:05:35 0 d-------- D:\Program Files 2008-07-28 11:51:53 0 d-------- D:\Archivos de programa\Last.fm 2008-07-28 11:45:51 0 d-------- D:\Archivos de programa\RocketDock 2008-07-25 18:52:33 0 d-------- D:\Archivos de programa\ATI Multimedia 2008-07-25 18:45:30 0 d-------- D:\Archivos de programa\Archivos comunes\ATI Technologies 2008-07-25 18:44:16 0 d-------- D:\Archivos de programa\Archivos comunes\ATI 2008-07-25 18:44:15 0 d-------- D:\Archivos de programa\Archivos comunes\CyberLink 2008-07-25 18:38:44 0 d-------- D:\MULTIMEDIA 2008-07-25 18:28:26 0 d-------- D:\Archivos de programa\Archivos comunes\Ahead 2008-07-25 18:27:09 0 d-------- D:\NERO-PREMIUM 2008-07-25 18:03:06 0 d-------- D:\WINDOWS\system32\appmgmt 2008-07-25 17:51:53 0 d-------- D:\WINDOWS\Downloaded Installations 2008-07-25 17:05:02 0 d-------- D:\Archivos de programa\muvee Technologies 2008-07-25 16:58:45 0 d-------- D:\Archivos de programa\TitanTV 2008-07-25 16:58:32 0 d-------- D:\Archivos de programa\msaccrt 2008-07-25 16:58:05 0 d-------- D:\WINDOWS\system32\windows media 2008-07-25 16:58:01 0 d-------- D:\WINDOWS\RegisteredPackages 2008-07-25 16:57:57 0 d-------- D:\Archivos de programa\Windows Media Components 2008-07-25 16:56:46 0 d-------- D:\ATI-TV 2008-07-25 16:13:47 593920 -----n--- D:\WINDOWS\system32\ati2sgag.exe <Not Verified; ; ATI Smart> 2008-07-25 16:08:35 0 d-------- D:\Archivos de programa\MSBuild 2008-07-25 16:08:32 0 d-------- D:\WINDOWS\system32\XPSViewer 2008-07-25 16:08:29 0 d-------- D:\Archivos de programa\Reference Assemblies 2008-07-25 16:05:56 0 d-------- D:\Archivos de programa\MSXML 6.0 2008-07-25 15:19:46 0 --a------ D:\WINDOWS\ativpsrm.bin 2008-07-25 15:15:14 0 d-------- D:\Archivos de programa\ATI Technologies 2008-07-25 15:14:40 0 d-------- D:\ATI 2008-07-25 12:19:27 18690 --a------ D:\WINDOWS\system32\drivers\usbhsb.sys 2008-07-25 12:19:26 0 d-------- D:\Archivos de programa\Genesys Logic 2008-07-25 12:19:15 306688 --a------ D:\WINDOWS\IsUninst.exe <Not Verified; InstallShield Software Corporation; InstallShield® unInstaller> 2008-07-25 12:18:43 0 d-------- D:\WINDOWS\system32\drivers\USB 2008-07-25 12:18:43 5406 --a------ D:\WINDOWS\system32\drivers\M5633.BIN 2008-07-25 11:42:59 0 d-------- D:\Archivos de programa\Microsoft.NET 2008-07-25 11:42:28 0 d-------- D:\WINDOWS\SHELLNEW 2008-07-25 11:26:57 0 d-------- D:\Archivos de programa\Archivos comunes\Adobe Systems Shared 2008-07-25 11:25:48 0 d-------- D:\Archivos de programa\Archivos comunes\Adobe 2008-07-25 09:31:46 0 d-------- D:\Archivos de programa\Java 2008-07-25 09:28:13 0 d-------- D:\Archivos de programa\Archivos comunes\Java 2008-07-24 19:02:16 0 d-------- D:\Archivos de programa\MSXML 4.0 2008-07-24 19:00:23 0 d-------- D:\Documents and Settings\Eduardo\Application Data 2008-07-24 19:00:23 0 d-------- D:\Documents and Settings\Eduardo\Application Data\Adobe 2008-07-24 18:50:53 0 d-------- D:\Archivos de programa\GRETECH 2008-07-24 18:49:47 164352 --a------ D:\WINDOWS\system32\unrar.dll 2008-07-24 18:49:43 217088 --a------ D:\WINDOWS\system32\yv12vfw.dll <Not Verified; www.helixcommunity.org; Helix YV12 YUV Codec> 2008-07-24 18:49:43 159839 --a------ D:\WINDOWS\system32\xvidvfw.dll 2008-07-24 18:49:43 755027 --a------ D:\WINDOWS\system32\xvidcore.dll 2008-07-24 18:49:42 3596288 --a------ D:\WINDOWS\system32\qt-dx331.dll 2008-07-24 18:49:42 81920 --a------ D:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100> 2008-07-24 18:49:42 683520 --a------ D:\WINDOWS\system32\divx.dll <Not Verified; DivX, Inc.; DivX®> 2008-07-24 18:49:41 7680 --a------ D:\WINDOWS\system32\ff_vfw.dll 2008-07-24 18:49:39 0 d-------- D:\Documents and Settings\Eduardo\dwhelper 2008-07-24 18:49:39 0 d-------- D:\Archivos de programa\K-Lite Codec Pack 2008-07-24 18:45:32 0 d-------- D:\Archivos de programa\CCleaner 2008-07-24 18:45:06 0 --a------ D:\WINDOWS\nsreg.dat 2008-07-24 18:16:22 0 d-------- D:\WINDOWS\system32\es-es 2008-07-24 18:13:14 0 d-------- D:\WINDOWS\network diagnostic 2008-07-24 18:09:19 0 d-------- D:\Archivos de programa\Windows Media Connect 2 2008-07-24 18:07:43 0 d-------- D:\WINDOWS\system32\LogFiles 2008-07-24 18:07:43 0 d-------- D:\WINDOWS\system32\drivers\UMDF 2008-07-24 17:35:20 40960 --a------ D:\WINDOWS\system32\SFIMLARK.dll <Not Verified; Sonic Focus, Inc; Sonic Focus SFIMLARK> 2008-07-24 17:35:20 61440 --a------ D:\WINDOWS\system32\SFIDLOCK.dll <Not Verified; Sonic Focus, Inc; Silicon Pixels SFIDLOCK> 2008-07-24 17:35:20 266240 --a------ D:\WINDOWS\system32\IASMXDLL.dll <Not Verified; Sonic Focus, Inc; Sonic Focus IASMXDLL> 2008-07-24 17:35:20 274432 --a------ D:\WINDOWS\system32\IASDLL.dll <Not Verified; Sonic Focus, Inc; Sonic Focus IASDLL> 2008-07-24 17:35:20 53248 --a------ D:\WINDOWS\system32\IASBB.dll <Not Verified; Sonic Focus, Inc; IASBB> 2008-07-24 17:35:13 0 d-------- D:\Archivos de programa\Intel Audio Studio 2008-07-24 17:33:40 0 d--h----- D:\Archivos de programa\InstallShield Installation Information 2008-07-24 17:33:40 0 d-------- D:\Archivos de programa\IDT 2008-07-24 17:31:18 0 d-------- D:\DRIVER-INTEL-SIGMA 2008-07-24 17:14:05 0 d-------- D:\Archivos de programa\Foxit Software 2008-07-24 17 45 0 d-------- D:\Intel2008-07-24 17 20 0 d-------- D:\Archivos de programa\7-Zip2008-07-24 12:39:56 0 d-------- D:\WINDOWS\system32\PreInstall 2008-07-24 12:39:47 0 d--h----- D:\WINDOWS\$hf_mig$ 2008-07-24 09:11:53 0 d-------- D:\Archivos de programa\Lavalys 2008-07-24 06:01:21 0 d-------- D:\WINDOWS\CSC 2008-07-24 05:56:46 0 d-------- D:\WINDOWS\system32\SoftwareDistribution 2008-07-24 05:44:59 0 d-------- D:\WINDOWS\system32\ReinstallBackups 2008-07-24 05:44:56 0 d-------- D:\Archivos de programa\Intel 2008-07-24 05:43:11 0 d-------- D:\TempEI4 2008-07-24 05:40:59 0 d-------- D:\Archivos de programa\Archivos comunes\InstallShield 2008-07-24 05:40:00 0 d-------- D:\Archivos de programa\Corel 2008-07-24 05:40:00 0 d-------- D:\Archivos de programa\Archivos comunes\Corel 2008-07-23 21:48:23 0 dr-h----- D:\Documents and Settings\Eduardo\SendTo 2008-07-23 21:48:23 0 d--h----- D:\Documents and Settings\Eduardo\Plantillas 2008-07-23 21:48:23 5767168 --ah----- D:\Documents and Settings\Eduardo\NTUSER.DAT 2008-07-23 21:48:23 0 dr------- D:\Documents and Settings\Eduardo\Mis documentos 2008-07-23 21:48:23 0 dr------- D:\Documents and Settings\Eduardo\Menú Inicio 2008-07-23 21:48:23 0 d--h----- D:\Documents and Settings\Eduardo\Impresoras 2008-07-23 21:48:23 0 dr------- D:\Documents and Settings\Eduardo\Favoritos 2008-07-23 21:48:23 0 d-------- D:\Documents and Settings\Eduardo\Escritorio 2008-07-23 21:48:23 0 d--h----- D:\Documents and Settings\Eduardo\Entorno de red 2008-07-23 21:48:23 0 dr-h----- D:\Documents and Settings\Eduardo\Datos de programa 2008-07-23 21:48:23 0 d--hs---- D:\Documents and Settings\Eduardo\Cookies 2008-07-23 21:48:23 0 d--h----- D:\Documents and Settings\Eduardo\Configuración local 2008-07-23 21:46:51 0 d-------- D:\WINDOWS\SoftwareDistribution 2008-07-23 21:46:50 0 d---s---- D:\WINDOWS\system32\Microsoft 2008-07-23 21:46:50 0 d-------- D:\WINDOWS\Prefetch 2008-07-23 21:41:38 0 d-------- D:\WINDOWS\system32\xircom 2008-07-23 21:41:38 0 d-------- D:\Archivos de programa\microsoft frontpage 2008-07-23 21:39:59 0 dr------- D:\WINDOWS\Offline Web Pages 2008-07-23 21:39:59 0 d---s---- D:\WINDOWS\Downloaded Program Files 2008-07-23 21:39:47 0 d--h----- D:\Archivos de programa\WindowsUpdate 2008-07-23 21:39:45 0 d-------- D:\Archivos de programa\Servicios en línea 2008-07-23 21:39:14 0 d-------- D:\WINDOWS\system32\DirectX 2008-07-23 21:38:11 0 d---s---- D:\WINDOWS\Tasks 2008-07-23 21:38:09 0 d-------- D:\Archivos de programa\Archivos comunes\MSSoap 2008-07-23 21:38:03 0 d-------- D:\WINDOWS\srchasst 2008-07-23 21:38:02 0 d-------- D:\WINDOWS\system32\Macromed 2008-07-23 21:37:50 0 d-------- D:\Archivos de programa\Movie Maker 2008-07-23 21:37:35 0 d-------- D:\WINDOWS\system32\Restore 2008-07-23 21:36:41 21900 --a------ D:\WINDOWS\system32\emptyregdb.dat 2008-07-23 21:36:23 0 d-------- D:\WINDOWS\Registration 2008-07-23 21:36:19 0 d-------- D:\Archivos de programa\Online Services 2008-07-23 21:36:09 0 d-------- D:\Archivos de programa\Messenger 2008-07-23 21:36:04 0 d-------- D:\Archivos de programa\MSN Gaming Zone 2008-07-23 21:35:33 0 d-------- D:\WINDOWS\Cursores 2008-07-23 21:34:56 0 d-------- D:\Archivos de programa\Windows NT 2008-07-23 21:34:51 0 d-------- D:\WINDOWS\system32\MsDtc 2008-07-23 21:34:48 0 d-------- D:\WINDOWS\system32\Com 2008-07-23 16:33:53 0 d--hs---- D:\System Volume Information 2008-07-23 16:08:23 0 d-------- D:\WINDOWS 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\WinSxS 2008-07-23 16:08:23 0 dr------- D:\WINDOWS\Web 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\twain_32 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\wins 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\wbem 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\usmt 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\spool 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\ShellExt 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\Setup 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\ras 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\oobe 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\npp 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\mui 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\inetsrv 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\IME 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\icsxml 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\ias 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\export 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\drivers 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\drivers\etc 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\drivers\disdn 2008-07-23 16:08:23 0 dr-hs--c- D:\WINDOWS\system32\dllcache 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\dhcp 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\config 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\3com_dmi 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\3082 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\3076 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\2052 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\1054 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\1042 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\1041 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\1037 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\1033 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\1031 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\1028 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system32\1025 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\system 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\security 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\Resources 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\repair 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\Provisioning 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\PeerNet 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\pchealth 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\mui 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\msapps 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\msagent 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\Media 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\java 2008-07-23 16:08:23 0 d--h----- D:\WINDOWS\inf 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\ime 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\Help 2008-07-23 16:08:23 0 dr--s---- D:\WINDOWS\Fonts 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\ehome 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\Driver Cache 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\Debug 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\Cursors 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\Connection Wizard 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\Config 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\AppPatch 2008-07-23 16:08:23 0 d-------- D:\WINDOWS\addins 2008-07-23 15:17:54 0 d--hs---- D:\WINDOWS\Installer 2008-07-23 15:17:54 0 d-------- D:\Archivos de programa\Archivos comunes\ODBC 2008-07-23 15:17:50 0 d-------- D:\Archivos de programa\Archivos comunes\SpeechEngines 2008-07-23 15:17:49 0 dr------- D:\Archivos de programa 2008-07-23 15:17:49 0 d-------- D:\Archivos de programa\Archivos comunes 2008-07-23 15:16:57 0 d-------- D:\WINDOWS\system32\CatRoot2 2008-07-23 15:16:57 0 d-------- D:\WINDOWS\system32\CatRoot 2008-07-23 15:16:26 0 d-------- D:\Documents and Settings -- Find3M Report --------------------------------------------------------------- 2008-08-05 16:16:04 0 d-------- D:\Documents and Settings\Eduardo\Datos de programa\Malwarebytes 2008-08-05 10:37:22 0 d-------- D:\Documents and Settings\Eduardo\Datos de programa\Adobe 2008-07-31 09:40:22 0 d-------- D:\Documents and Settings\Eduardo\Datos de programa\SUPERAntiSpyware.com 2008-07-30 12:21:07 0 d-------- D:\Documents and Settings\Eduardo\Datos de programa\Sun 2008-07-29 15:18:46 0 d-------- D:\Documents and Settings\Eduardo\Datos de programa\ATI MMC 2008-07-29 13:41:14 0 d-------- D:\Documents and Settings\Eduardo\Datos de programa\TuneUp Software 2008-07-29 08:30:07 0 d-------- D:\Documents and Settings\Eduardo\Datos de programa\Ahead 2008-07-25 16:17:48 0 d-------- D:\Documents and Settings\Eduardo\Datos de programa\ATI 2008-07-25 16:09:01 495780 --a------ D:\WINDOWS\system32\perfh00A.dat 2008-07-25 16:09:01 85886 --a------ D:\WINDOWS\system32\perfc00A.dat 2008-07-25 09:34:33 0 d-------- D:\Documents and Settings\Eduardo\Datos de programa\Mozilla 2008-07-24 18:54:52 0 d-------- D:\Documents and Settings\Eduardo\Datos de programa\Macromedia 2008-07-24 18:51:02 0 d-------- D:\Documents and Settings\Eduardo\Datos de programa\GRETECH 2008-07-24 06:14:44 0 d-------- D:\Documents and Settings\Eduardo\Datos de programa\Corel 2008-07-23 21:48:35 0 d-------- D:\Documents and Settings\Eduardo\Datos de programa\Identities 2008-07-23 15:17:14 62 --ahs---- D:\Documents and Settings\Eduardo\Datos de programa\desktop.ini -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run] "ISUSPM Startup"="D:\Archivos de programa\Archivos comunes\InstallShield\UpdateService\isuspm.exe" [11/08/2005 04:30 p.m.] "ISUSScheduler"="D:\Archivos de programa\Archivos comunes\InstallShield\UpdateService\issch.exe" [11/08/2005 04:30 p.m.] "Synchronization Manager"="D:\WINDOWS\system32\mobsync.exe" [20/08/2004 07:00 a.m.] "IntelAudioStudio"="D:\Archivos de programa\Intel Audio Studio\IntelAudioStudio.exe" [23/10/2007 10:37 a.m.] "SunJavaUpdateSched"="D:\Archivos de programa\Java\jre1.6.0_07\bin\jusched.exe" [10/06/2008 04:27 a.m.] "StartCCC"="D:\Archivos de programa\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [21/01/2008 12:17 p.m.] "NeroFilterCheck"="D:\Archivos de programa\Archivos comunes\Ahead\Lib\NeroCheck.exe" [01/03/2007 03:57 p.m.] "SecurDisc"="D:\NERO-PREMIUM\Nero 7\InCD\NBHGui.exe" [15/05/2007 03:55 p.m.] "InCD"="D:\NERO-PREMIUM\Nero 7\InCD\InCD.exe" [15/05/2007 03:55 p.m.] "AVP"="D:\Archivos de programa\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" [08/02/2008 06:36 p.m.] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run] "ATI Launchpad"="D:\Archivos de programa\ATI Multimedia\main\launchpd.exe" [31/10/2006 09:27 p.m.] "ATI DeviceDetect"="D:\Archivos de programa\ATI Multimedia\main\ATIDtct.EXE" [31/10/2006 09:24 p.m.] "RocketDock"="D:\Archivos de programa\RocketDock\RocketDock.exe" [28/01/2007 03:55 a.m.] "ctfmon.exe"="D:\WINDOWS\system32\ctfmon.exe" [20/08/2004 07:00 a.m.] "SUPERAntiSpyware"="D:\Archivos de programa\SUPERAntiSpyware\SUPERAntiSpyware.exe" [21/06/2007 02:06 p.m.] "MsnMsgr"="D:\Archivos de programa\Windows Live\Messenger\MsnMsgr.exe" [18/10/2007 11:34 a.m.] D:\Documents and Settings\Eduardo\Men£ Inicio\Programas\Inicio\ Adobe Gamma.lnk - D:\Archivos de programa\Archivos comunes\Adobe\Calibration\Adobe Gamma Loader.exe [16/03/2005 07:16:50 p.m.] [HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\explorer] "LinkResolveIgnoreLinkInfo"=0 (0x0) "NoResolveSearch"=1 (0x1) [HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\explorer] "LinkResolveIgnoreLinkInfo"=0 (0x0) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= D:\Archivos de programa\SUPERAntiSpyware\SASSEH.DLL [20/12/2006 01:55 p.m. 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] D:\Archivos de programa\SUPERAntiSpyware\SASWINLO.dll 19/04/2007 01:41 p.m. 294912 D:\Archivos de programa\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "appinit_dlls"=D:\ARCHIV~1\Kaspersky Lab\Kaspersky Internet Security 7.0\adialhk.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\securityproviders] SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp -- End of Deckard's System Scanner: finished at 2008-08-08 16:06:08 ------------ |
|
09/08/08, 16:26:02
| |
| ||||
| Re: Mi pc infecta cualquier pendrive que conecto y mis discos duros Hola maxelsmart, Si la PC funciona bién, entoces no hay de que preocuparse, solo dime si no tienes otra duda o si podemos dar por solucionado el tema ¿? ................. Novedades del Foro | Antivirus Online | Eliminar Malwares | Políticas del Foro | Blog * Ayúdanos haciendo una DONACIÓN para poder seguir Ayudando. * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro. |
|
« Tema Anterior
|
Próximo Tema »
| Herramientas | |
| |
| 
Temas Similares | |
| Tema | Autor | Foro | Respuestas | Último mensaje |
| Los discos duros aparecen y desaparecen (terminado) | xss77 | Foro de Hardware | 2 | 17/07/08 08:40:54 |
| Problema Troyano :S | MR. SANDERS | Foro de Virus y Spywares | 3 | 06/03/08 09:53:25 |
| Si formateo mis discos duros... | Chronos_GN'R | Ayuda General | 1 | 13/11/07 15:00:55 |
| No me sale el menu contextual de mis discos duros | Shadow pc | Foro de Windows | 1 | 17/06/07 16:40:30 |
| Ayuda con los discos duros.Duda con dos discos duros | CLFNZ | Foro de Hardware | 2 | 04/04/07 02:38:12 |
Todas las horas son GMT -4. La hora es 09:00:22.
