Blog Registrarse Manuales Programas Glosario

Regresar   Foro de Spyware » Spyware - Adware - Hijackers - Malwares » Temas Solucionados
Actualizar no puedo actualizar ni instalar antivirus ni anti spyware (Solucionado)
 

Para evitar Virus, Spyware y otros Malwares, te recomendamos mantenerte informado en: InfoSpyware Blog


Temas Solucionados Casos de HijackThis y Malwares resueltos.
(Solo lectura)

Respuesta
 
Enviar a: Herramientas
  post #1  
Antiguo 17/01/09, 01:44:13
Usuario
  
Registrado: dic 2007
Ubicación: chile
Mensajes: 11
no puedo actualizar ni instalar antivirus ni anti spyware (Solucionado)
bueno esta es la tercera vez que pego un log espero que esta vez me respondan pls.
resulta que descargando un programilla para afinar la guitarra el "ap tuner" se me metio un hijo de p...uta que no me permite actualizar ningun antivirus de los que tengo y la navegacion con los exploradores esta digamos reducida a la mitad de la velocidad comun.
lo que he podido hacer hasta el momento fue pasar el spyware doctor que me elimino tres troyanos pero no se soluciono nada lugo probe con el spybot search & destroy y no detecto nada luego se me ocurrio la genial idea de desintalar y volver a instalar los antivirus y ouch!! ahora no puedo instalar ningun antivirus y si logro instalar alguno este no se puede actualizar.
tb intente pasar el kaspersky online pero tampoco puedo ocurre un error de actualizacion pfff... ah igual pase el elistara me detecto 10 archivos infectados pero estos estaban instalados desde hace muxo asi que no tome encuenta este reporte ya que la mayoria eran dll del adobe audition y otro del driver de la tarjeta inalambrica.
al momento de la infeccion mi pc funcionaba con kaspersky 7 y spybot search & destroy
esto me dio el hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:27:06, on 17-01-2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Safe mode with network support

Running processes:
C:\Windows\Explorer.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Aplicación auxiliar de vínculos de Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\sw g.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [snp325] C:\Windows\vsnp325.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [SRS Audio Sandbox] "C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe" /hideme
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Servicio de red')
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Estadísticas del componente Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1220979919836
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1214972433678
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\r3hook.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 8000 bytes



espero su ayuda por favor!!!! que se me perdio mi estuche con los cd de respaldo y no tengo como formatear por lomenos no inmediatamente y es justamente como necesito tener funcionando ok mi pc inmediatamente!!!! estoy estudiando para mi examen de grado
Responder Con Cita
InfoSpyware

  post #2  
Antiguo 18/01/09, 05:15:11
Avatar de Angel Doze
Warrior
  
Registrado: feb 2007
Ubicación: Mexico
Mensajes: 5.708
Re: no puedo actualizar ni instalar antivirus ni anti spyware
Hola mudjh, te doy la bienvenida al Foro de InfoSpyware.

  • - Descarga ComboFix.exe
    • Dada tu infecciones, debes de cambiar el nombre antes de guardarlo en tu escritorio por Combo-Fix



--------------------------------------------------------------------
  • Desactiva temporalmente el Antivirus y/o Antispyware.
  • Cierra todas las ventanas abiertas.
  • Hacele doble clic al archivo ComboFix.exe y seguí las instrucciones.
  • Cuando termine, generara un registro en C:\ComboFix.txt.
    • *Nota* Mientras CF este trabajando no mover el mouse ya que pararía su proceso.
    • *Nota* ComboFix puede reiniciar automáticamente el PC para completar el proceso de eliminación.
Cita:
Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.
  • Reinicia y pega el reporte de C:\ComboFix.txt en este mismo mensaje.

Salu2!

Novedades del Foro | Antivirus Online | Eliminar Malwares | Políticas del Foro | Blog

* Ayúdanos haciendo una DONACIÓN para poder seguir Ayudando.
* Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
* No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.
Responder Con Cita
  post #3  
Antiguo 18/01/09, 12:09:29
Usuario
  
Registrado: dic 2007
Ubicación: chile
Mensajes: 11
Bien Re: no puedo actualizar ni instalar antivirus ni anti spyware
[QUOTE=Angel Doze;939929]Hola mudjh, te doy la bienvenida al Foro de InfoSpyware.

hola angel!!! pucha no se como agradecerte yo ya no confiaba mucho en el foro por que nunca me respondian pero con esto se sacaron un 7. te cuento ahora no tengo ningun problema en actualizar y puede instalar el spybot con esto supongo que el problema esta solucionado o no ?
la herramienta que me recomendaste funciono 100% me pidio reiniciar una vez en medio de la operacion pero al final quedo pegado la pantalla en negro y tube que reiniciarlo ..es normal esto??
ahora te quiero preguntar algo .. es necesario desintalar el programa que ocasiono todo esto??? y que antivirus me recomiendas y como lo puedo complementar??? yo utilizo el kav 7 y el spybot.
ahh!! aki esta el .txt del combofix ..... y denuevo muchas pero muchas gracias por responder no sabes cuan agradecido estoy ok


ComboFix 09-01-17.04 - José 2009-01-18 12:12:24.1 - NTFSx86
Microsoft® Windows Vista™ Ultimate 6.0.6001.1.1252.1.3082.18.1406.504 [GMT -3:00]
Running from: c:\users\José\Desktop\nuevo virus\Combo-Fix.exe
AV: Kaspersky Anti-Virus *On-access scanning disabled* (Outdated)
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\drivers\gaopdxurxctpxb.sys
c:\windows\system32\gaopdxyxecerbe.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_gaopdxserv.sys


((((((((((((((((((((((((( Files Created from 2008-12-18 to 2009-01-18 )))))))))))))))))))))))))))))))
.

2009-01-17 23:51 . 2009-01-17 23:51 <DIR> d-------- c:\windows\System32\Kaspersky Lab
2009-01-17 20:21 . 2009-01-18 12:22 20,621,024 --ahs---- c:\windows\System32\drivers\fidbox.dat
2009-01-17 20:21 . 2009-01-18 12:09 274,580 --ahs---- c:\windows\System32\drivers\fidbox.idx
2009-01-17 12:38 . 2009-01-17 15:27 26 --a------ C:\23990098.$$$
2009-01-17 12:10 . 2009-01-17 12:10 626,688 --a------ c:\windows\System32\msvcr80.dll
2009-01-17 12:10 . 2009-01-17 12:10 548,864 --a------ c:\windows\System32\msvcp80.dll
2009-01-17 12:10 . 2009-01-17 12:10 28,672 --a------ c:\windows\System32\eEmpty.exe
2009-01-17 12:10 . 2005-09-22 23:22 522 --a------ c:\windows\System32\Microsoft.VC80.CRT.manifest
2009-01-17 12:10 . 2009-01-17 12:23 54 --a------ c:\windows\Lic.xxx
2009-01-17 12:09 . 2009-01-17 12:09 <DIR> d-------- c:\users\All Users\MicroWorld
2009-01-17 12:09 . 2009-01-17 12:09 <DIR> d-------- c:\programdata\MicroWorld
2009-01-17 02:48 . 2009-01-17 13:44 <DIR> d-------- c:\users\José\DoctorWeb
2009-01-17 02:48 . 2009-01-17 13:44 <DIR> d-------- c:\users\José\DoctorWeb
2009-01-16 21:56 . 2009-01-16 21:56 82,432 --a------ C:\bedffly.exe
2009-01-16 21:56 . 2009-01-16 21:56 289 --a------ C:\xifmrn.exe
2009-01-16 21:56 . 2009-01-16 21:56 289 --a------ C:\rvlksh.exe
2009-01-16 21:56 . 2009-01-16 21:56 289 --a------ C:\gdceival.exe
2009-01-16 21:56 . 2009-01-16 21:56 289 --a------ C:\begaxy.exe
2009-01-16 21:56 . 2009-01-16 21:56 2 --a------ C:\-968007624
2009-01-16 21:21 . 2009-01-16 21:57 <DIR> d-------- c:\program files\AP Tuner
2009-01-16 14:37 . 2009-01-16 14:37 98,304 --a------ c:\windows\System32\CmdLineExt.dll
2009-01-14 23:52 . 2008-03-05 15:56 1,420,824 --a------ c:\windows\System32\D3DCompiler_37.dll
2009-01-14 23:52 . 2008-02-05 23:07 462,864 --a------ c:\windows\System32\d3dx10_37.dll
2009-01-14 23:51 . 2009-01-14 23:51 <DIR> d-------- c:\windows\System32\xlive
2009-01-14 23:51 . 2009-01-14 23:51 <DIR> d-------- c:\program files\Microsoft Games for Windows - LIVE
2009-01-14 23:51 . 2008-03-05 15:56 3,786,760 --a------ c:\windows\System32\D3DX9_37.dll
2009-01-14 19:56 . 2008-12-15 23:42 288,768 --a------ c:\windows\System32\drivers\srv.sys
2009-01-14 09:44 . 2009-01-14 09:44 0 --a------ C:\DFR6D5D.tmp
2009-01-13 11:54 . 2009-01-18 12:11 103,368 --a------ c:\users\All Users\nvModes.dat
2009-01-13 11:54 . 2009-01-18 12:11 103,368 --a------ c:\programdata\nvModes.dat
2009-01-13 11:48 . 2009-01-13 11:48 <DIR> d-------- c:\program files\THQ
2009-01-13 11:39 . 2009-01-13 11:39 <DIR> d-------- C:\NVIDIA
2009-01-12 01:56 . 2009-01-14 22:55 <DIR> d-------- c:\program files\Trials 2 Second Edition
2009-01-12 01:56 . 2009-01-12 01:56 <DIR> d-------- c:\program files\OpenAL
2009-01-12 01:56 . 2007-10-12 15:14 3,734,536 --a------ c:\windows\System32\d3dx9_36.dll
2009-01-12 01:56 . 2009-01-12 01:56 413,696 --a------ c:\windows\System32\wrap_oal.dll
2009-01-12 01:56 . 2009-01-12 01:56 110,592 --a------ c:\windows\System32\OpenAL32.dll
2009-01-08 18:12 . 2009-01-08 18:12 278,728 --a------ c:\windows\System32\drivers\atksgt.sys
2009-01-08 18:12 . 2009-01-08 18:12 25,416 --a------ c:\windows\System32\drivers\lirsgt.sys
2009-01-07 00:11 . 2009-01-07 00:24 <DIR> d-------- c:\users\All Users\NexonUS
2009-01-07 00:11 . 2009-01-07 00:24 <DIR> d-------- c:\programdata\NexonUS
2009-01-07 00:11 . 2009-01-14 20:05 <DIR> d-------- C:\Nexon
2009-01-04 23:38 . 2009-01-04 23:38 244 --ah----- C:\sqmnoopt02.sqm
2009-01-04 23:38 . 2009-01-04 23:38 232 --ah----- C:\sqmdata02.sqm
2008-12-28 10:32 . 2009-01-06 00:50 <DIR> d-------- c:\users\All Users\EmailNotifier
2008-12-28 10:32 . 2009-01-06 00:50 <DIR> d-------- c:\programdata\EmailNotifier
2008-12-25 23:00 . 2006-01-09 14:00 2,067,184 --------- c:\windows\CarTuner.CAB
2008-12-25 23:00 . 2008-12-25 23:00 253,952 --------- c:\windows\Setup1.exe
2008-12-25 23:00 . 2008-12-25 23:00 74,752 --a------ c:\windows\ST6UNST.EXE

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2009-01-18 15:22 8,126,464 ----a-w c:\users\José\ntuser.dat
2009-01-18 15:22 8,126,464 ----a-w c:\users\José\ntuser.dat
2009-01-18 00:18 --------- d-----w c:\programdata\Google Updater
2009-01-17 23:23 --------- d-----w c:\programdata\Kaspersky Lab
2009-01-17 04:59 --------- d-----w c:\program files\WinSMS
2009-01-17 03:06 --------- d-----w c:\users\José\AppData\Roaming\SUPERAntiSpyware.com
2009-01-17 03:06 --------- d-----w c:\program files\SUPERAntiSpyware
2009-01-17 03:05 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2009-01-17 03:03 --------- d-----w c:\programdata\Spybot - Search & Destroy
2009-01-17 01:37 --------- d---a-w c:\programdata\TEMP
2009-01-17 00:43 --------- d-----w c:\program files\All2WAV Recorder
2009-01-16 01:36 --------- d--h--w c:\program files\InstallShield Installation Information
2009-01-15 19:05 --------- d-----w c:\program files\Windows Mail
2009-01-15 15:50 --------- d-----w c:\programdata\NVIDIA
2009-01-15 01:54 --------- d-----w c:\program files\The KMPlayer
2009-01-14 22:58 --------- d-----w c:\program files\UltraStar
2009-01-13 20:35 --------- d-----w c:\program files\z. JUEGOS RIP
2009-01-13 14:44 --------- d-s---w c:\users\José\AppData\Roaming\Microsoft
2009-01-13 13:11 103,368 ----a-w c:\users\José\AppData\Roaming\nvModes.dat
2009-01-11 00:31 --------- d-----w c:\program files\Call of Duty
2008-12-24 00:58 453,152 ----a-w c:\windows\System32\nvuninst.exe
2008-12-11 03:34 --------- d-----w c:\programdata\Microsoft Help
2008-12-07 17:33 --------- d-----w c:\program files\Ares
2008-12-06 14:30 --------- d-----w c:\program files\Valve
2008-12-06 14:20 --------- d-----w c:\program files\Bonjour
2008-12-06 14:19 --------- d-----w c:\program files\Spyware Doctor
2008-12-06 00:19 410,984 ----a-w c:\windows\System32\deploytk.dll
2008-12-06 00:00 306,432 ----a-w c:\windows\System32\TuneUpDefragService.exe
2008-12-06 00:00 --------- d-----w c:\program files\TuneUp Utilities 2008
2008-12-01 10:31 --------- d-----w c:\program files\Java
2008-11-27 22:29 --------- d-----w c:\program files\Colin McRae Rally 2
2008-11-24 22:49 --------- d-----w c:\users\José\AppData\Roaming\Artweaver
2008-11-01 03:44 541,696 ----a-w c:\windows\AppPatch\AcLayers.dll
2008-11-01 03:44 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll
2008-11-01 03:44 460,288 ----a-w c:\windows\AppPatch\AcSpecfc.dll
2008-11-01 03:44 28,672 ----a-w c:\windows\System32\Apphlpdm.dll
2008-11-01 03:44 2,154,496 ----a-w c:\windows\AppPatch\AcGenral.dll
2008-11-01 03:44 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll
2008-11-01 01:21 4,240,384 ----a-w c:\windows\System32\GameUXLegacyGDFs.dll
2008-10-29 06:29 2,927,104 ----a-w c:\windows\explorer.exe
2008-10-22 08:29 14,303,392 ----a-w c:\windows\System32\xlive.dll
2008-10-22 08:29 13,643,936 ----a-w c:\windows\System32\xlivefnt.dll
2008-10-22 03:57 241,152 ----a-w c:\windows\System32\PortableDeviceApi.dll
2008-10-22 01:22 2,048 ----a-w c:\windows\System32\tzres.dll
2008-10-21 05:25 296,960 ----a-w c:\windows\System32\gdi32.dll
2008-10-21 05:25 1,645,568 ----a-w c:\windows\System32\connect.dll
2008-02-16 19:52 174 --sha-w c:\program files\desktop.ini
2008-09-30 04:58 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\Microsoft\Windows\History\History.IE5\index.da t
2008-09-30 04:58 32,768 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2008-09-30 04:58 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Ro aming\Microsoft\Windows\Cookies\index.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"SRS Audio Sandbox"="c:\program files\SRS Labs\Audio Sandbox\SRSSSC.exe" [2007-07-30 3158016]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe" [2008-07-02 68856]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-05-28 1506544]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-28 1045800]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-12-06 202032]
"snp325"="c:\windows\vsnp325.exe" [2007-05-10 835584]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-04 13556256]
"NvMediaCenter"="c:\windows\system32\NvMcTray. dll" [2008-12-04 92704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\RunOnce]
"*WerKernelReporting"="c:\windows\SYSTEM32\WerFaul t.exe" [2008-01-19 217088]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 0 (0x0)
"EnableInstallerDetection"= 0 (0x0)
"EnableLUA"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\curr entversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2007-04-19 13:41 294912 c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=G

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.divxa32"= msaud32_divx.acm

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
--a------ 2007-08-24 08:00 33648 c:\program files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
--a------ 2007-05-08 17:24 54840 c:\program files\Hp\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
--a------ 2008-02-28 18:07 1828136 c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
--a------ 2008-02-18 17:29 2221352 c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD8LanguageShortcut]
--------- 2007-12-14 12:36 50472 c:\program files\CyberLink\PowerDVD8\Language\Language.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-09-06 15:09 413696 c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl8]
--------- 2008-03-20 21:23 83240 c:\program files\CyberLink\PowerDVD8\PDVD8Serv.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SRS Audio Sandbox]
--a------ 2007-07-30 10:23 3158016 c:\program files\SRS Labs\Audio Sandbox\SRSSSC.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2008-07-02 01:35 68856 c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2008-07-05 16:38 185896 c:\program files\Common Files\Real\Update_OB\realsched.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\run-]
"LightScribe Control Panel"=c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" -autorun
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog
"Sidebar"=c:\program files\Windows Sidebar\sidebar.exe /autoRun
"WMPNSCFG"=c:\program files\Windows Media Player\WMPNSCFG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"Easy-PrintToolBox"=c:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
"tsnp325"=c:\windows\tsnp325.exe
"FixCamera"=c:\windows\FixCamera.exe
"snp325"=c:\windows\vsnp325.exe
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"HP Software Update"=c:\program files\Hp\HP Software Update\HPWuSchd2.exe
"ISTray"="c:\program files\Spyware Doctor\pctsTray.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\FirewallRules]
"TCP Query User{ABBE470F-57F2-4263-B444-45C261DDDCDB}c:\\programdata\\kaspersky lab setup files\\kaspersky anti-virus 7.0.1.325\\spanish\\setup.exe"= UDP:c:\programdata\kaspersky lab setup files\kaspersky anti-virus 7.0.1.325\spanish\setup.exe:Kaspersky Anti-Virus 7.0 Instalación
"UDP Query User{48F2BBC9-AEF5-4F78-853E-BF5A8D10EC87}c:\\programdata\\kaspersky lab setup files\\kaspersky anti-virus 7.0.1.325\\spanish\\setup.exe"= TCP:c:\programdata\kaspersky lab setup files\kaspersky anti-virus 7.0.1.325\spanish\setup.exe:Kaspersky Anti-Virus 7.0 Instalación
"{5EEB9693-0C10-438C-8F27-9A40AECE0374}"= UDP:c:\program files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:Pro Evolution Soccer 2008
"{9022068F-90FB-4B2E-86AF-729EC41B5A5B}"= TCP:c:\program files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:Pro Evolution Soccer 2008
"{5CAB95AD-6A6B-42AB-962D-05F1C293FEDD}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent
"{6DE66BB1-942F-4691-81F5-050815D2B360}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent
"{995387E0-B432-4D28-9EEB-27EC4E0E4E37}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{CFCE9BE5-B07D-48E3-92D4-1ADDAF5835F1}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{2720C313-9FFE-44F8-BCDC-6085919BBCA9}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{7B13EDAF-23D9-439F-BA16-C652429B673B}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{A09DF78A-56C7-4ECA-AA9A-FD17EC76D89D}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{3BDF574A-E892-4FD8-80F9-CE72E6EB3C94}"= c:\program files\CyberLink\PowerDVD8\PowerDVD8.EXE:CyberLink PowerDVD 8.0
"TCP Query User{73B9FDEE-C81A-45E9-8970-31E1DDCD3D69}c:\\users\\josé\\appdata\\local\\temp \\onlineupdate8\\setupxu.exe"= UDP:c:\users\josé\appdata\local\temp\onlineupdate8 \setupxu.exe:setupxu.exe
"UDP Query User{4FF6C308-C99B-4693-8821-8CB2F609DF88}c:\\users\\josé\\appdata\\local\\temp \\onlineupdate8\\setupxu.exe"= TCP:c:\users\josé\appdata\local\temp\onlineupdate8 \setupxu.exe:setupxu.exe
"{5A60CBE4-3306-4CF5-A94F-50F443A8FEAE}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{7CB542A0-F54C-4868-8EB9-CC82CD387BF9}"= UDP:c:\program files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:Pro Evolution Soccer 2008
"{650BB3F4-841A-4748-83AE-8E791AA218A2}"= TCP:c:\program files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:Pro Evolution Soccer 2008
"TCP Query User{250834BA-47D8-460E-8524-02F610DD8B4A}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{1FC67AA0-74E7-4E80-A494-852EF536FA83}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{68023E35-2D5F-43CF-96A3-B77B090C410B}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:µTorrent
"UDP Query User{6365D01C-C955-47FE-9DF4-8187D7E55CDC}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:µTorrent
"TCP Query User{BE653A37-D144-4C3E-8B83-C05F403EEAC4}c:\\program files\\ea games\\need for speed most wanted\\speed.exe"= UDP:c:\program files\ea games\need for speed most wanted\speed.exe:speed
"UDP Query User{11F10274-2AA7-4FBA-8650-1971F514E5AB}c:\\program files\\ea games\\need for speed most wanted\\speed.exe"= TCP:c:\program files\ea games\need for speed most wanted\speed.exe:speed
"TCP Query User{D7A55431-F503-45A0-876A-544A824150E8}c:\\program files\\counter-strike 1.6\\hl.exe"= UDP:c:\program files\counter-strike 1.6\hl.exe:Half-Life Launcher
"UDP Query User{4A441CEE-BF24-4EE3-BE99-C97A2070A88B}c:\\program files\\counter-strike 1.6\\hl.exe"= TCP:c:\program files\counter-strike 1.6\hl.exe:Half-Life Launcher
"{02DA14EE-3735-4C5F-A7C0-58BA4232C7AD}"= UDP:c:\users\José\Downloads\utorrent.exe:µTorrent (TCP-In)
"{DFEE543D-49BB-477A-B250-CCEBF57FF058}"= TCP:c:\users\José\Downloads\utorrent.exe:µTorrent (UDP-In)
"TCP Query User{1D7E702F-9BF3-4057-9793-8D3F5F940FA7}c:\\ut2004\\system\\ut2004.exe"= UDP:c:\ut2004\system\ut2004.exe:UT2004
"UDP Query User{7C3F365A-D680-4A7A-85DA-AD3F71E5BF69}c:\\ut2004\\system\\ut2004.exe"= TCP:c:\ut2004\system\ut2004.exe:UT2004
"TCP Query User{53041D3F-C729-4AC8-A2C7-C145C197DA7D}c:\\ut2004\\system\\ut2004.exe"= UDP:c:\ut2004\system\ut2004.exe:UT2004
"UDP Query User{6A1533F0-CB87-4864-9CA9-842653F2A45E}c:\\ut2004\\system\\ut2004.exe"= TCP:c:\ut2004\system\ut2004.exe:UT2004
"TCP Query User{B48E9B47-0FEC-4FA6-8A04-15D53014CA69}c:\\program files\\call of duty\\codmp.exe"= UDP:c:\program files\call of duty\codmp.exe:CoDMP
"UDP Query User{9FAE6C27-A00C-4510-BEE5-1102FFD1F65F}c:\\program files\\call of duty\\codmp.exe"= TCP:c:\program files\call of duty\codmp.exe:CoDMP
"{85D06428-93C1-4E99-92C7-BBD8B5FD104E}"= UDP:c:\users\José\Downloads\sin respaldo\utorrent.exe:µTorrent (TCP-In)
"{F8CD798D-2738-405D-97DA-4B323F36442F}"= TCP:c:\users\José\Downloads\sin respaldo\utorrent.exe:µTorrent (UDP-In)
"TCP Query User{C14A536C-8075-4B9F-8C70-D0AA5A124E10}c:\\program files\\fear\\fearmp.exe"= UDP:c:\program files\fear\fearmp.exe:F.E.A.R.
"UDP Query User{D04907F8-1CAB-4ECD-B375-51317689EB72}c:\\program files\\fear\\fearmp.exe"= TCP:c:\program files\fear\fearmp.exe:F.E.A.R.
"TCP Query User{94DD41BD-94C4-4A68-A63F-ECD40873BD8F}c:\\program files\\ares\\ares.exe"= UDP:c:\program files\ares\ares.exe:Ares p2p for windows
"UDP Query User{27DA4F44-B9F3-43E4-9238-D420F21647C6}c:\\program files\\ares\\ares.exe"= TCP:c:\program files\ares\ares.exe:Ares p2p for windows
"TCP Query User{DCD98573-FC5B-4F50-9574-13F75A5F3A47}c:\\program files\\bearshare applications\\bearshare\\bearshare.exe"= UDP:c:\program files\bearshare applications\bearshare\bearshare.exe:BearShare
"UDP Query User{1B4822A4-B0A5-4B56-B62B-53A6368C889F}c:\\program files\\bearshare applications\\bearshare\\bearshare.exe"= TCP:c:\program files\bearshare applications\bearshare\bearshare.exe:BearShare
"TCP Query User{D058AF16-3442-4EB7-B798-C3A76E640AE4}c:\\program files\\webeye\\webeye.exe"= UDP:c:\program files\webeye\webeye.exe:SocketAPI
"UDP Query User{1AE1F94D-76A7-4A4B-87D6-375645BE87E5}c:\\program files\\webeye\\webeye.exe"= TCP:c:\program files\webeye\webeye.exe:SocketAPI
"TCP Query User{99A9F52E-F057-4645-BC6E-79404FC44F22}c:\\vp-eye\\avi\\avi.exe"= UDP:c:\vp-eye\avi\avi.exe:Video Monitor
"UDP Query User{BE880DA7-DAF9-4BBA-ADCE-9B23520B0B67}c:\\vp-eye\\avi\\avi.exe"= TCP:c:\vp-eye\avi\avi.exe:Video Monitor
"TCP Query User{320C1F3B-2E68-4E94-851D-DA1BAC54F52F}c:\\program files\\counter-strike 1.6\\hl.exe"= UDP:c:\program files\counter-strike 1.6\hl.exe:Half-Life Launcher
"UDP Query User{E8CFA522-C3FB-4389-B60E-0AB74109ACC4}c:\\program files\\counter-strike 1.6\\hl.exe"= TCP:c:\program files\counter-strike 1.6\hl.exe:Half-Life Launcher
"TCP Query User{94DBC1C5-951A-4F1C-9AF2-3E69F45EDBED}c:\\users\\josé\\downloads\\sin respaldo\\utorrent.exe"= UDP:c:\users\josé\downloads\sin respaldo\utorrent.exe:utorrent.exe
"UDP Query User{7243A7C7-0AAC-4E1F-B0AC-5E4842AA5A6E}c:\\users\\josé\\downloads\\sin respaldo\\utorrent.exe"= TCP:c:\users\josé\downloads\sin respaldo\utorrent.exe:utorrent.exe
"TCP Query User{B73C1BCE-1A16-4DE2-959D-42CA4C706B3F}c:\\program files\\valve\\hl.exe"= UDP:c:\program files\valve\hl.exe:Half-Life Launcher
"UDP Query User{E11D79F4-C236-4182-8ED1-C0C1F79FFC3B}c:\\program files\\valve\\hl.exe"= TCP:c:\program files\valve\hl.exe:Half-Life Launcher
"TCP Query User{967337EE-E4D8-4D95-986F-A2832DA1BAF8}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{1E7A05A2-2090-4818-9B87-037FD8B71F65}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
"{4A5F3DD6-8E95-47DD-A6D5-0BBA8CC23213}"= UDP:c:\program files\City Interactive\Code of Honor 2\game.exe:Code of Honor 2
"{A5BF2DD5-B718-45BF-9033-F58E4AFF3709}"= TCP:c:\program files\City Interactive\Code of Honor 2\game.exe:Code of Honor 2
"TCP Query User{78A99AF5-C999-42AA-A210-D76A2765B594}c:\\program files\\colin mcrae rally 2\\cmr2.exe"= UDP:c:\program files\colin mcrae rally 2\cmr2.exe:Colin McRae Rally 2
"UDP Query User{88BE71B1-B915-4F7B-9FF7-292276D8917E}c:\\program files\\colin mcrae rally 2\\cmr2.exe"= TCP:c:\program files\colin mcrae rally 2\cmr2.exe:Colin McRae Rally 2
"TCP Query User{4884DDCF-08EF-4E2E-A6B7-2858EBFAB84E}c:\\windows\\system32\\dplaysvr.exe"= UDP:c:\windows\system32\dplaysvr.exe:Archivo auxiliar de DirectPlay de Microsoft
"UDP Query User{283D91DE-7440-4954-B640-DF73A4FEF622}c:\\windows\\system32\\dplaysvr.exe"= TCP:c:\windows\system32\dplaysvr.exe:Archivo auxiliar de DirectPlay de Microsoft
"TCP Query User{E1BD8C5D-69CA-4315-BF63-C3FAD4F3D99A}c:\\program files\\ea games\\need for speed most wanted\\speed.exe"= UDP:c:\program files\ea games\need for speed most wanted\speed.exe:speed
"UDP Query User{6DF90F75-F9A1-4595-B5E5-F4F7E0119A13}c:\\program files\\ea games\\need for speed most wanted\\speed.exe"= TCP:c:\program files\ea games\need for speed most wanted\speed.exe:speed
"TCP Query User{3136EF07-DA4C-45C1-9B6B-F1290DF2A16A}c:\\windows\\system32\\dplaysvr.exe"= UDP:c:\windows\system32\dplaysvr.exe:Archivo auxiliar de DirectPlay de Microsoft
"UDP Query User{43EE8B4F-2A93-4078-8444-E80F3DF4C2F9}c:\\windows\\system32\\dplaysvr.exe"= TCP:c:\windows\system32\dplaysvr.exe:Archivo auxiliar de DirectPlay de Microsoft
"TCP Query User{6A75497C-2B1B-4E67-9E25-76FA212D88C0}c:\\program files\\colin mcrae rally 2\\cmr2.exe"= UDP:c:\program files\colin mcrae rally 2\cmr2.exe:Colin McRae Rally 2
"UDP Query User{E7571FCC-534D-45F6-92D1-6DE40A3C9E7C}c:\\program files\\colin mcrae rally 2\\cmr2.exe"= TCP:c:\program files\colin mcrae rally 2\cmr2.exe:Colin McRae Rally 2
"TCP Query User{A552B74B-B2C1-4865-9392-810FC8D318C1}c:\\program files\\colin mcrae rally 2\\cmr2network.exe"= UDP:c:\program files\colin mcrae rally 2\cmr2network.exe:Colin McRae Rally 2
"UDP Query User{2A390715-8D95-435E-B44F-1296E1B85971}c:\\program files\\colin mcrae rally 2\\cmr2network.exe"= TCP:c:\program files\colin mcrae rally 2\cmr2network.exe:Colin McRae Rally 2
"TCP Query User{D9D3E60F-2E80-4229-9A37-066E2443508B}c:\\program files\\call of duty\\coduomp.exe"= UDP:c:\program files\call of duty\coduomp.exe:CoDUOMP
"UDP Query User{9E2E96F7-CA37-408F-A05A-8DBEA1D469B2}c:\\program files\\call of duty\\coduomp.exe"= TCP:c:\program files\call of duty\coduomp.exe:CoDUOMP
"TCP Query User{020E57D0-88F6-42FF-B17B-C7200BBC4F3D}c:\\program files\\call of duty\\coduomp.exe"= UDP:c:\program files\call of duty\coduomp.exe:CoDUOMP
"UDP Query User{3BEFE36A-F0D5-41AD-94CD-E5D57CFF98FF}c:\\program files\\call of duty\\coduomp.exe"= TCP:c:\program files\call of duty\coduomp.exe:CoDUOMP
"TCP Query User{D57D9F88-4460-4D9D-BBBF-ECF2F1CF106E}c:\\program files\\java\\jre1.6.0_07\\bin\\javaw.exe"= UDP:c:\program files\java\jre1.6.0_07\bin\javaw.exe:Java(TM) Platform SE binary
"UDP Query User{84BAE6C7-47A6-4543-A477-A693D2145B67}c:\\program files\\java\\jre1.6.0_07\\bin\\javaw.exe"= TCP:c:\program files\java\jre1.6.0_07\bin\javaw.exe:Java(TM) Platform SE binary
"TCP Query User{E22D3B00-757C-4C0A-933D-69C5C9EFC728}c:\\program files\\java\\jre1.6.0_07\\bin\\java.exe"= UDP:c:\program files\java\jre1.6.0_07\bin\java.exe:Java(TM) Platform SE binary
"UDP Query User{E62B0C27-247A-4130-8304-53EE0D513F36}c:\\program files\\java\\jre1.6.0_07\\bin\\java.exe"= TCP:c:\program files\java\jre1.6.0_07\bin\java.exe:Java(TM) Platform SE binary
"TCP Query User{6E1C0219-2644-40E0-8688-DB09985459A1}c:\\program files\\msn backup\\msnbackup.exe"= UDP:c:\program files\msn backup\msnbackup.exe:MSN BackUp
"UDP Query User{93AAC2A2-78F3-4F31-A5FD-71B1E3593109}c:\\program files\\msn backup\\msnbackup.exe"= TCP:c:\program files\msn backup\msnbackup.exe:MSN BackUp
"TCP Query User{0766D21E-E612-4ACD-A225-1590E966A12D}c:\\program files\\filecroc\\filecroc.exe"= UDP:c:\program files\filecroc\filecroc.exe:FileCroc
"UDP Query User{22BD09A6-9B86-4933-9EB6-7FA34EB893D9}c:\\program files\\filecroc\\filecroc.exe"= TCP:c:\program files\filecroc\filecroc.exe:FileCroc
"TCP Query User{5D435DD4-4A10-4C83-8E8C-9B22E1B4640B}c:\\program files\\secondlife\\slvoice.exe"= UDP:c:\program files\secondlife\slvoice.exe:SLVoice
"UDP Query User{D5F21236-6747-44F6-8453-709A2F7E5466}c:\\program files\\secondlife\\slvoice.exe"= TCP:c:\program files\secondlife\slvoice.exe:SLVoice
"TCP Query User{E82F953F-0FF4-4DDE-89E2-E99FC83EE592}c:\\users\\josé\\downloads\\peke23c_i maskate_pf\\th4_www.programasfull.net\\peke23c\\ga me\\skate4.exe"= UDP:c:\users\josé\downloads\peke23c_imaskate_pf\th 4_www.programasfull.net\peke23c\game\skate4.exe:sk ate4.exe
"UDP Query User{687DA2C4-6896-4337-ABE0-82C351E52840}c:\\users\\josé\\downloads\\peke23c_i maskate_pf\\th4_www.programasfull.net\\peke23c\\ga me\\skate4.exe"= TCP:c:\users\josé\downloads\peke23c_imaskate_pf\th 4_www.programasfull.net\peke23c\game\skate4.exe:sk ate4.exe
"TCP Query User{8605D970-D220-4F5F-B0B9-836F9241BBBA}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{9A3EB428-7664-40B5-A1DF-4464D4BE2D41}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
"{5E7D35EB-2CA7-4E0B-8C21-4881A6211058}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{413C5C2B-A99D-46CE-8AEA-50A8E99574CA}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"TCP Query User{89981DA9-09F9-4388-A3EF-83CEB1BA131A}c:\\program files\\ares\\ares.exe"= UDP:c:\program files\ares\ares.exe:Ares p2p for windows
"UDP Query User{D078E9A4-9480-4361-995A-848402C1E93A}c:\\program files\\ares\\ares.exe"= TCP:c:\program files\ares\ares.exe:Ares p2p for windows
"{76732351-8277-4DC3-A9D1-DCAB5FFE1BC2}"= UDP:c:\programdata\NexonUS\NGM\NGM.exe:Nexon Game Manager
"{08C9934C-D12E-4E91-B546-033E35F6A60E}"= TCP:c:\programdata\NexonUS\NGM\NGM.exe:Nexon Game Manager
"{5A4C5543-87AD-45A5-8E05-F0EC072B6BAD}"= UDP:c:\nexon\Combat Arms\NMService.exe:Nexon Messenger Core
"{907A4F9F-0C25-4263-B331-64E3E652E943}"= TCP:c:\nexon\Combat Arms\NMService.exe:Nexon Messenger Core
"TCP Query User{8320F511-57E1-4F98-B2EA-2A997D8423B9}c:\\program files\\thq\\mx vs atv unleashed\\mxvsatv.exe"= UDP:c:\program files\thq\mx vs atv unleashed\mxvsatv.exe:MXvsATV
"UDP Query User{400787E1-963D-42FF-872A-6DF73AEF83D0}c:\\program files\\thq\\mx vs atv unleashed\\mxvsatv.exe"= TCP:c:\program files\thq\mx vs atv unleashed\mxvsatv.exe:MXvsATV

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\PublicProfile]
"EnableFirewall"= 0 (0x0)

R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\System32\drivers\klim6.sys [2007-10-16 20496]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2008-05-28 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2008-05-28 55024]
S3 BthAvrcp;Perfil AVRCP Bluetooth;c:\windows\System32\drivers\BthAvrcp.sys [2007-08-24 15872]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2008-05-28 7408]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2008-10-14 356920]
S3 SNP325;USB PC Camera (SNPSTD325);c:\windows\System32\drivers\snp325.sys [2008-09-11 10343168]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{6c92f3a5-4a6c-11dd-8eb5-001b245f4b2c}]
\shell\AutoRun\command - E:\Autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{91518fdf-a128-11dd-878d-001b241c24cc}]
\shell\AutoRun\command - F:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{91518fe2-a128-11dd-878d-001b241c24cc}]
\shell\AutoRun\command - F:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{a2e968cf-6a45-11dd-83cb-001b245f4b2c}]
\shell\AutoRun\command - jjcx.com
\shell\explore\Command - jjcx.com
\shell\open\Command - jjcx.com

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{b758481d-5ba8-11dd-9f67-001b245f4b2c}]
\shell\AutoRun\command - F:\xn1i9x.com
\shell\explore\Command - F:\xn1i9x.com
\shell\open\Command - F:\xn1i9x.com

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{c66d97cb-47e6-11dd-8c9f-001b245f4b2c}]
\shell\Auto\Command - winglogon.exe
\shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL winglogon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Common Files\LightScribe\LSRunOnce.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7070D8E0-650A-46b3-B03C-9497582E6A74}]
%SystemRoot%\system32\soundschemes.exe /AddRegistration

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B3688A53-AB2A-4b1d-8CEF-8F93D8C51C24}]
%SystemRoot%\system32\soundschemes2.exe /AddRegistration
.
Contents of the 'Scheduled Tasks' folder

2009-01-18 c:\windows\Tasks\Mantenimiento con 1 clic.job
- c:\program files\TuneUp Utilities 2008\OneClick.exe [2008-02-04 16:05]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&xportar a Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Save Image To humyo.com
IE: Save Target To humyo.com
FF - ProfilePath - c:\users\José\AppData\Roaming\Mozilla\Firefox\Prof iles\glrpuwyf.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.startup.homepage - hxxp://cl.msn.com/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=utf-8&fr=megaup&p=
FF - component: c:\users\José\AppData\Roaming\Mozilla\Firefox\Prof iles\glrpuwyf.default\extensions\bkmrksync@nokia.c om\components\BkMrkExt.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1368.5602\npCIDetect13.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\programdata\NexonUS\NGM\npNxGameUS.dll

---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.notify.interval - 600000
FF - user.js: content.switch.threshold - 1000000
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: network.http.max-connections-per-server - 8
.
.
------- File Associations -------
.
inffile=Notepad.exe "%1"
inifile=Notepad.exe "%1"
txtfile=Notepad.exe "%1"
.

************************************************** ************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-18 12:22:21
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files:

************************************************** ************************
.
Completion time: 2009-01-18 12:25:51
ComboFix-quarantined-files.txt 2009-01-18 15:25:48

Pre-Run: 21,996,036,096 bytes libres
Post-Run: 22,088,491,008 bytes libres

373 --- E O F --- 2009-01-15 19:05:28
Responder Con Cita
  post #4  
Antiguo 19/01/09, 00:51:16
Avatar de Angel Doze
Warrior
  
Registrado: feb 2007
Ubicación: Mexico
Mensajes: 5.708
Re: no puedo actualizar ni instalar antivirus ni anti spyware
Hola mudjh,

Las otras ocasiones, no respondiamos, por que la verdad tenemos muchas consultas y poco el personal calificado, para responder en este sector. Por lo que te pido que seas paciente.

1.-Abrir el Notepad (Bloc de Notas)
  • Ir a INICIO > EJECUTAR >
  • Y ahí pones notepad.exe y ACEPTAR
2.-Ahora copia y pega estos archivos dentro del Notepad

Código:
Killall::

File::
c:\windows\System32\eEmpty.exe
c:\windows\Lic.xxx
C:\bedffly.exe
C:\xifmrn.exe
C:\rvlksh.exe
C:\gdceival.exe
C:\begaxy.exe
C:\DFR6D5D.tmp

Folder:: 

Dirlook::
C:\-968007624

NetSvc::

Driver::

Registry::
[-HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{6c92f3a5-4a6c-11dd-8eb5-001b245f4b2c}]
3.- Graba este archivo con el nombre CFScript.txt y déjalo en tu escritorio.

4.- Arrastrar y soltar el archivo CFScript.txt dentro del archivo ComboFix.exe como lo muestra la animación de abajo. Esto activara ComboFix nuevamente.

  • Reinicia tu PC y nos dejas un el nuevo reporte de ComboFix, comentándonos como esta funcionado todo actualmente?

Salu2!

Novedades del Foro | Antivirus Online | Eliminar Malwares | Políticas del Foro | Blog

* Ayúdanos haciendo una DONACIÓN para poder seguir Ayudando.
* Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
* No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.
Responder Con Cita
  post #5  
Antiguo 19/01/09, 17:46:01
Usuario
  
Registrado: dic 2007
Ubicación: chile
Mensajes: 11
Re: no puedo actualizar ni instalar antivirus ni anti spyware
hola de nuevo y sii si entiendo que no les debe dar el tiempo aparte que es un servicio voluntario,ok esto fue lo que me arrojo ahora:



ComboFix 09-01-17.04 - José 2009-01-19 18:18:13.1 - NTFSx86
Microsoft® Windows Vista™ Ultimate 6.0.6001.1.1252.1.3082.18.1406.544 [GMT -3:00]
Running from: c:\users\José\Desktop\nuevo virus\Combo-Fix.exe
Command switches used :: c:\users\José\Desktop\nuevo virus\CFScript.txt
AV: Kaspersky Anti-Virus *On-access scanning disabled* (Outdated)

FILE ::
C:\bedffly.exe
C:\begaxy.exe
C:\DFR6D5D.tmp
C:\gdceival.exe
C:\rvlksh.exe
c:\windows\Lic.xxx
c:\windows\System32\eEmpty.exe
C:\xifmrn.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\bedffly.exe
C:\begaxy.exe
C:\DFR6D5D.tmp
C:\gdceival.exe
C:\rvlksh.exe
c:\windows\Lic.xxx
c:\windows\System32\eEmpty.exe
C:\xifmrn.exe

.
((((((((((((((((((((((((( Files Created from 2008-12-19 to 2009-01-19 )))))))))))))))))))))))))))))))
.

2009-01-19 18:11 . 2006-07-24 01:38 26,112 --a------ c:\windows\System32\nircmd.exe
2009-01-19 00:15 . 2008-08-17 07:33 678,408 --a------ c:\windows\System32\gpprefcl.dll
2009-01-18 22:39 . 2009-01-18 22:39 0 --ah----- c:\windows\System32\drivers\Msft_Kernel_ccdcmb_010 07.Wdf
2009-01-18 20:56 . 2009-01-18 20:56 <DIR> d-------- c:\program files\Common Files\PCSuite
2009-01-18 20:56 . 2009-01-18 20:56 <DIR> d-------- c:\program files\Common Files\Nokia
2009-01-18 20:55 . 2008-08-26 09:26 18,816 --a------ c:\windows\System32\drivers\pccsmcfd.sys
2009-01-18 12:54 . 2009-01-18 12:56 <DIR> d-------- c:\program files\Spybot - Search & Destroy
2009-01-17 23:51 . 2009-01-17 23:51 <DIR> d-------- c:\windows\System32\Kaspersky Lab
2009-01-17 20:21 . 2009-01-19 18:25 40,837,920 --ahs---- c:\windows\System32\drivers\fidbox.dat
2009-01-17 20:21 . 2009-01-19 18:23 548,012 --ahs---- c:\windows\System32\drivers\fidbox.idx
2009-01-17 12:38 . 2009-01-17 15:27 26 --a------ C:\23990098.$$$
2009-01-17 12:10 . 2009-01-17 12:10 626,688 --a------ c:\windows\System32\msvcr80.dll
2009-01-17 12:10 . 2009-01-17 12:10 548,864 --a------ c:\windows\System32\msvcp80.dll
2009-01-17 12:10 . 2005-09-22 23:22 522 --a------ c:\windows\System32\Microsoft.VC80.CRT.manifest
2009-01-17 12:09 . 2009-01-17 12:09 <DIR> d-------- c:\users\All Users\MicroWorld
2009-01-17 12:09 . 2009-01-17 12:09 <DIR> d-------- c:\programdata\MicroWorld
2009-01-17 02:48 . 2009-01-17 13:44 <DIR> d-------- c:\users\José\DoctorWeb
2009-01-17 02:48 . 2009-01-17 13:44 <DIR> d-------- c:\users\José\DoctorWeb
2009-01-16 21:56 . 2009-01-16 21:56 2 --a------ C:\-968007624
2009-01-16 21:23 . 2009-01-16 21:23 71,168 --a------ c:\windows\System32\drivers\gaopdxurxctpxb.sys
2009-01-16 21:21 . 2009-01-16 21:57 <DIR> d-------- c:\program files\AP Tuner
2009-01-16 14:37 . 2009-01-16 14:37 98,304 --a------ c:\windows\System32\CmdLineExt.dll
2009-01-14 23:52 . 2008-03-05 15:56 1,420,824 --a------ c:\windows\System32\D3DCompiler_37.dll
2009-01-14 23:52 . 2008-02-05 23:07 462,864 --a------ c:\windows\System32\d3dx10_37.dll
2009-01-14 23:51 . 2009-01-14 23:51 <DIR> d-------- c:\windows\System32\xlive
2009-01-14 23:51 . 2009-01-14 23:51 <DIR> d-------- c:\program files\Microsoft Games for Windows - LIVE
2009-01-14 23:51 . 2008-03-05 15:56 3,786,760 --a------ c:\windows\System32\D3DX9_37.dll
2009-01-14 19:56 . 2008-12-15 23:42 288,768 --a------ c:\windows\System32\drivers\srv.sys
2009-01-13 11:54 . 2009-01-19 18:25 103,368 --a------ c:\users\All Users\nvModes.dat
2009-01-13 11:54 . 2009-01-19 18:25 103,368 --a------ c:\programdata\nvModes.dat
2009-01-13 11:48 . 2009-01-13 11:48 <DIR> d-------- c:\program files\THQ
2009-01-13 11:39 . 2009-01-13 11:39 <DIR> d-------- C:\NVIDIA
2009-01-12 01:56 . 2009-01-14 22:55 <DIR> d-------- c:\program files\Trials 2 Second Edition
2009-01-12 01:56 . 2009-01-12 01:56 <DIR> d-------- c:\program files\OpenAL
2009-01-12 01:56 . 2007-10-12 15:14 3,734,536 --a------ c:\windows\System32\d3dx9_36.dll
2009-01-12 01:56 . 2009-01-12 01:56 413,696 --a------ c:\windows\System32\wrap_oal.dll
2009-01-12 01:56 . 2009-01-12 01:56 110,592 --a------ c:\windows\System32\OpenAL32.dll
2009-01-08 18:12 . 2009-01-08 18:12 278,728 --a------ c:\windows\System32\drivers\atksgt.sys
2009-01-08 18:12 . 2009-01-08 18:12 25,416 --a------ c:\windows\System32\drivers\lirsgt.sys
2009-01-07 00:11 . 2009-01-07 00:24 <DIR> d-------- c:\users\All Users\NexonUS
2009-01-07 00:11 . 2009-01-07 00:24 <DIR> d-------- c:\programdata\NexonUS
2009-01-07 00:11 . 2009-01-14 20:05 <DIR> d-------- C:\Nexon
2009-01-04 23:38 . 2009-01-04 23:38 244 --ah----- C:\sqmnoopt02.sqm
2009-01-04 23:38 . 2009-01-04 23:38 232 --ah----- C:\sqmdata02.sqm
2008-12-28 10:32 . 2009-01-06 00:50 <DIR> d-------- c:\users\All Users\EmailNotifier
2008-12-28 10:32 . 2009-01-06 00:50 <DIR> d-------- c:\programdata\EmailNotifier
2008-12-25 23:00 . 2006-01-09 14:00 2,067,184 --------- c:\windows\CarTuner.CAB
2008-12-25 23:00 . 2008-12-25 23:00 253,952 --------- c:\windows\Setup1.exe
2008-12-25 23:00 . 2008-12-25 23:00 74,752 --a------ c:\windows\ST6UNST.EXE

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2009-01-19 21:25 8,126,464 ----a-w c:\users\José\ntuser.dat
2009-01-19 21:25 8,126,464 ----a-w c:\users\José\ntuser.dat
2009-01-19 20:59 --------- d-----w c:\programdata\Kaspersky Lab
2009-01-19 02:25 --------- d-----w c:\program files\Microsoft Games
2009-01-19 01:53 --------- d-----w c:\users\José\AppData\Roaming\Nokia
2009-01-19 01:25 --------- d---a-w c:\programdata\TEMP
2009-01-19 01:18 --------- d-----w c:\programdata\Google Updater
2009-01-18 23:54 --------- d-----w c:\program files\PC Connectivity Solution
2009-01-18 23:53 --------- d-----w c:\program files\Nokia
2009-01-18 23:50 --------- d-----w c:\programdata\Installations
2009-01-18 21:37 --------- d-----w c:\program files\z. JUEGOS RIP
2009-01-18 17:11 --------- d-----w c:\program files\Spyware Doctor
2009-01-18 16:04 --------- d-----w c:\programdata\Spybot - Search & Destroy
2009-01-18 15:51 --------- d-----w c:\program files\SUPERAntiSpyware
2009-01-17 04:59 --------- d-----w c:\program files\WinSMS
2009-01-17 03:06 --------- d-----w c:\users\José\AppData\Roaming\SUPERAntiSpyware.com
2009-01-17 03:05 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2009-01-17 00:43 --------- d-----w c:\program files\All2WAV Recorder
2009-01-16 01:36 --------- d--h--w c:\program files\InstallShield Installation Information
2009-01-15 19:05 --------- d-----w c:\program files\Windows Mail
2009-01-15 15:50 --------- d-----w c:\programdata\NVIDIA
2009-01-15 01:54 --------- d-----w c:\program files\The KMPlayer
2009-01-14 22:58 --------- d-----w c:\program files\UltraStar
2009-01-13 14:44 --------- d-s---w c:\users\José\AppData\Roaming\Microsoft
2009-01-13 13:11 103,368 ----a-w c:\users\José\AppData\Roaming\nvModes.dat
2009-01-11 00:31 --------- d-----w c:\program files\Call of Duty
2008-12-24 00:58 453,152 ----a-w c:\windows\System32\nvuninst.exe
2008-12-11 03:34 --------- d-----w c:\programdata\Microsoft Help
2008-12-07 17:33 --------- d-----w c:\program files\Ares
2008-12-06 14:30 --------- d-----w c:\program files\Valve
2008-12-06 14:20 --------- d-----w c:\program files\Bonjour
2008-12-06 00:19 410,984 ----a-w c:\windows\System32\deploytk.dll
2008-12-06 00:00 306,432 ----a-w c:\windows\System32\TuneUpDefragService.exe
2008-12-06 00:00 --------- d-----w c:\program files\TuneUp Utilities 2008
2008-12-01 10:31 --------- d-----w c:\program files\Java
2008-11-27 22:29 --------- d-----w c:\program files\Colin McRae Rally 2
2008-11-24 22:49 --------- d-----w c:\users\José\AppData\Roaming\Artweaver
2008-11-01 03:44 541,696 ----a-w c:\windows\AppPatch\AcLayers.dll
2008-11-01 03:44 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll
2008-11-01 03:44 460,288 ----a-w c:\windows\AppPatch\AcSpecfc.dll
2008-11-01 03:44 28,672 ----a-w c:\windows\System32\Apphlpdm.dll
2008-11-01 03:44 2,154,496 ----a-w c:\windows\AppPatch\AcGenral.dll
2008-11-01 03:44 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll
2008-11-01 01:21 4,240,384 ----a-w c:\windows\System32\GameUXLegacyGDFs.dll
2008-10-29 14:24 831,048 ----a-w c:\windows\System32\WudfUpdate_01005.dll
2008-10-29 06:29 2,927,104 ----a-w c:\windows\explorer.exe
2008-10-22 08:29 14,303,392 ----a-w c:\windows\System32\xlive.dll
2008-10-22 08:29 13,643,936 ----a-w c:\windows\System32\xlivefnt.dll
2008-10-22 03:57 241,152 ----a-w c:\windows\System32\PortableDeviceApi.dll
2008-10-22 01:22 2,048 ----a-w c:\windows\System32\tzres.dll
2008-10-21 05:25 296,960 ----a-w c:\windows\System32\gdi32.dll
2008-10-21 05:25 1,645,568 ----a-w c:\windows\System32\connect.dll
2008-02-16 19:52 174 --sha-w c:\program files\desktop.ini
2008-09-30 04:58 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\Microsoft\Windows\History\History.IE5\index.da t
2008-09-30 04:58 32,768 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2008-09-30 04:58 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Ro aming\Microsoft\Windows\Cookies\index.dat
.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))) )))))))
.

---- Directory of C:\-968007624 ----

c:\-968007624\


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"SRS Audio Sandbox"="c:\program files\SRS Labs\Audio Sandbox\SRSSSC.exe" [2007-07-30 3158016]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe" [2008-07-02 68856]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-09-16 1833296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-28 1045800]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-12-06 202032]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-04 13556256]
"NvMediaCenter"="c:\windows\system32\NvMcTray. dll" [2008-12-04 92704]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" [2008-02-08 227856]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 0 (0x0)
"EnableInstallerDetection"= 0 (0x0)
"EnableLUA"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\curr entversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-01-18 12:51 356352 c:\program files\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=G

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.divxa32"= msaud32_divx.acm

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
--a------ 2007-08-24 08:00 33648 c:\program files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
--a------ 2007-05-08 17:24 54840 c:\program files\Hp\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
--a------ 2008-02-28 18:07 1828136 c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
--a------ 2008-02-18 17:29 2221352 c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD8LanguageShortcut]
--------- 2007-12-14 12:36 50472 c:\program files\CyberLink\PowerDVD8\Language\Language.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-09-06 15:09 413696 c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl8]
--------- 2008-03-20 21:23 83240 c:\program files\CyberLink\PowerDVD8\PDVD8Serv.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SRS Audio Sandbox]
--a------ 2007-07-30 10:23 3158016 c:\program files\SRS Labs\Audio Sandbox\SRSSSC.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2008-07-02 01:35 68856 c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2008-07-05 16:38 185896 c:\program files\Common Files\Real\Update_OB\realsched.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\run-]
"LightScribe Control Panel"=c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" -autorun
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog
"Sidebar"=c:\program files\Windows Sidebar\sidebar.exe /autoRun
"WMPNSCFG"=c:\program files\Windows Media Player\WMPNSCFG.exe
"SUPERAntiSpyware"=c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"Easy-PrintToolBox"=c:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
"tsnp325"=c:\windows\tsnp325.exe
"FixCamera"=c:\windows\FixCamera.exe
"snp325"=c:\windows\vsnp325.exe
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"HP Software Update"=c:\program files\Hp\HP Software Update\HPWuSchd2.exe
"ISTray"="c:\program files\Spyware Doctor\pctsTray.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\FirewallRules]
"TCP Query User{ABBE470F-57F2-4263-B444-45C261DDDCDB}c:\\programdata\\kaspersky lab setup files\\kaspersky anti-virus 7.0.1.325\\spanish\\setup.exe"= UDP:c:\programdata\kaspersky lab setup files\kaspersky anti-virus 7.0.1.325\spanish\setup.exe:Kaspersky Anti-Virus 7.0 Instalación
"UDP Query User{48F2BBC9-AEF5-4F78-853E-BF5A8D10EC87}c:\\programdata\\kaspersky lab setup files\\kaspersky anti-virus 7.0.1.325\\spanish\\setup.exe"= TCP:c:\programdata\kaspersky lab setup files\kaspersky anti-virus 7.0.1.325\spanish\setup.exe:Kaspersky Anti-Virus 7.0 Instalación
"{5EEB9693-0C10-438C-8F27-9A40AECE0374}"= UDP:c:\program files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:Pro Evolution Soccer 2008
"{9022068F-90FB-4B2E-86AF-729EC41B5A5B}"= TCP:c:\program files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:Pro Evolution Soccer 2008
"{5CAB95AD-6A6B-42AB-962D-05F1C293FEDD}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent
"{6DE66BB1-942F-4691-81F5-050815D2B360}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent
"{995387E0-B432-4D28-9EEB-27EC4E0E4E37}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{CFCE9BE5-B07D-48E3-92D4-1ADDAF5835F1}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{2720C313-9FFE-44F8-BCDC-6085919BBCA9}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{7B13EDAF-23D9-439F-BA16-C652429B673B}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{A09DF78A-56C7-4ECA-AA9A-FD17EC76D89D}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{3BDF574A-E892-4FD8-80F9-CE72E6EB3C94}"= c:\program files\CyberLink\PowerDVD8\PowerDVD8.EXE:CyberLink PowerDVD 8.0
"TCP Query User{73B9FDEE-C81A-45E9-8970-31E1DDCD3D69}c:\\users\\josé\\appdata\\local\\temp \\onlineupdate8\\setupxu.exe"= UDP:c:\users\josé\appdata\local\temp\onlineupdate8 \setupxu.exe:setupxu.exe
"UDP Query User{4FF6C308-C99B-4693-8821-8CB2F609DF88}c:\\users\\josé\\appdata\\local\\temp \\onlineupdate8\\setupxu.exe"= TCP:c:\users\josé\appdata\local\temp\onlineupdate8 \setupxu.exe:setupxu.exe
"{5A60CBE4-3306-4CF5-A94F-50F443A8FEAE}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{7CB542A0-F54C-4868-8EB9-CC82CD387BF9}"= UDP:c:\program files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:Pro Evolution Soccer 2008
"{650BB3F4-841A-4748-83AE-8E791AA218A2}"= TCP:c:\program files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:Pro Evolution Soccer 2008
"TCP Query User{250834BA-47D8-460E-8524-02F610DD8B4A}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{1FC67AA0-74E7-4E80-A494-852EF536FA83}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{68023E35-2D5F-43CF-96A3-B77B090C410B}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:µTorrent
"UDP Query User{6365D01C-C955-47FE-9DF4-8187D7E55CDC}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:µTorrent
"TCP Query User{BE653A37-D144-4C3E-8B83-C05F403EEAC4}c:\\program files\\ea games\\need for speed most wanted\\speed.exe"= UDP:c:\program files\ea games\need for speed most wanted\speed.exe:speed
"UDP Query User{11F10274-2AA7-4FBA-8650-1971F514E5AB}c:\\program files\\ea games\\need for speed most wanted\\speed.exe"= TCP:c:\program files\ea games\need for speed most wanted\speed.exe:speed
"TCP Query User{D7A55431-F503-45A0-876A-544A824150E8}c:\\program files\\counter-strike 1.6\\hl.exe"= UDP:c:\program files\counter-strike 1.6\hl.exe:Half-Life Launcher
"UDP Query User{4A441CEE-BF24-4EE3-BE99-C97A2070A88B}c:\\program files\\counter-strike 1.6\\hl.exe"= TCP:c:\program files\counter-strike 1.6\hl.exe:Half-Life Launcher
"{02DA14EE-3735-4C5F-A7C0-58BA4232C7AD}"= UDP:c:\users\José\Downloads\utorrent.exe:µTorrent (TCP-In)
"{DFEE543D-49BB-477A-B250-CCEBF57FF058}"= TCP:c:\users\José\Downloads\utorrent.exe:µTorrent (UDP-In)
"TCP Query User{1D7E702F-9BF3-4057-9793-8D3F5F940FA7}c:\\ut2004\\system\\ut2004.exe"= UDP:c:\ut2004\system\ut2004.exe:UT2004
"UDP Query User{7C3F365A-D680-4A7A-85DA-AD3F71E5BF69}c:\\ut2004\\system\\ut2004.exe"= TCP:c:\ut2004\system\ut2004.exe:UT2004
"TCP Query User{53041D3F-C729-4AC8-A2C7-C145C197DA7D}c:\\ut2004\\system\\ut2004.exe"= UDP:c:\ut2004\system\ut2004.exe:UT2004
"UDP Query User{6A1533F0-CB87-4864-9CA9-842653F2A45E}c:\\ut2004\\system\\ut2004.exe"= TCP:c:\ut2004\system\ut2004.exe:UT2004
"TCP Query User{B48E9B47-0FEC-4FA6-8A04-15D53014CA69}c:\\program files\\call of duty\\codmp.exe"= UDP:c:\program files\call of duty\codmp.exe:CoDMP
"UDP Query User{9FAE6C27-A00C-4510-BEE5-1102FFD1F65F}c:\\program files\\call of duty\\codmp.exe"= TCP:c:\program files\call of duty\codmp.exe:CoDMP
"{85D06428-93C1-4E99-92C7-BBD8B5FD104E}"= UDP:c:\users\José\Downloads\sin respaldo\utorrent.exe:µTorrent (TCP-In)
"{F8CD798D-2738-405D-97DA-4B323F36442F}"= TCP:c:\users\José\Downloads\sin respaldo\utorrent.exe:µTorrent (UDP-In)
"TCP Query User{C14A536C-8075-4B9F-8C70-D0AA5A124E10}c:\\program files\\fear\\fearmp.exe"= UDP:c:\program files\fear\fearmp.exe:F.E.A.R.
"UDP Query User{D04907F8-1CAB-4ECD-B375-51317689EB72}c:\\program files\\fear\\fearmp.exe"= TCP:c:\program files\fear\fearmp.exe:F.E.A.R.
"TCP Query User{94DD41BD-94C4-4A68-A63F-ECD40873BD8F}c:\\program files\\ares\\ares.exe"= UDP:c:\program files\ares\ares.exe:Ares p2p for windows
"UDP Query User{27DA4F44-B9F3-43E4-9238-D420F21647C6}c:\\program files\\ares\\ares.exe"= TCP:c:\program files\ares\ares.exe:Ares p2p for windows
"TCP Query User{DCD98573-FC5B-4F50-9574-13F75A5F3A47}c:\\program files\\bearshare applications\\bearshare\\bearshare.exe"= UDP:c:\program files\bearshare applications\bearshare\bearshare.exe:BearShare
"UDP Query User{1B4822A4-B0A5-4B56-B62B-53A6368C889F}c:\\program files\\bearshare applications\\bearshare\\bearshare.exe"= TCP:c:\program files\bearshare applications\bearshare\bearshare.exe:BearShare
"TCP Query User{D058AF16-3442-4EB7-B798-C3A76E640AE4}c:\\program files\\webeye\\webeye.exe"= UDP:c:\program files\webeye\webeye.exe:SocketAPI
"UDP Query User{1AE1F94D-76A7-4A4B-87D6-375645BE87E5}c:\\program files\\webeye\\webeye.exe"= TCP:c:\program files\webeye\webeye.exe:SocketAPI
"TCP Query User{99A9F52E-F057-4645-BC6E-79404FC44F22}c:\\vp-eye\\avi\\avi.exe"= UDP:c:\vp-eye\avi\avi.exe:Video Monitor
"UDP Query User{BE880DA7-DAF9-4BBA-ADCE-9B23520B0B67}c:\\vp-eye\\avi\\avi.exe"= TCP:c:\vp-eye\avi\avi.exe:Video Monitor
"TCP Query User{320C1F3B-2E68-4E94-851D-DA1BAC54F52F}c:\\program files\\counter-strike 1.6\\hl.exe"= UDP:c:\program files\counter-strike 1.6\hl.exe:Half-Life Launcher
"UDP Query User{E8CFA522-C3FB-4389-B60E-0AB74109ACC4}c:\\program files\\counter-strike 1.6\\hl.exe"= TCP:c:\program files\counter-strike 1.6\hl.exe:Half-Life Launcher
"TCP Query User{94DBC1C5-951A-4F1C-9AF2-3E69F45EDBED}c:\\users\\josé\\downloads\\sin respaldo\\utorrent.exe"= UDP:c:\users\josé\downloads\sin respaldo\utorrent.exe:utorrent.exe
"UDP Query User{7243A7C7-0AAC-4E1F-B0AC-5E4842AA5A6E}c:\\users\\josé\\downloads\\sin respaldo\\utorrent.exe"= TCP:c:\users\josé\downloads\sin respaldo\utorrent.exe:utorrent.exe
"TCP Query User{B73C1BCE-1A16-4DE2-959D-42CA4C706B3F}c:\\program files\\valve\\hl.exe"= UDP:c:\program files\valve\hl.exe:Half-Life Launcher
"UDP Query User{E11D79F4-C236-4182-8ED1-C0C1F79FFC3B}c:\\program files\\valve\\hl.exe"= TCP:c:\program files\valve\hl.exe:Half-Life Launcher
"TCP Query User{967337EE-E4D8-4D95-986F-A2832DA1BAF8}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{1E7A05A2-2090-4818-9B87-037FD8B71F65}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
"{4A5F3DD6-8E95-47DD-A6D5-0BBA8CC23213}"= UDP:c:\program files\City Interactive\Code of Honor 2\game.exe:Code of Honor 2
"{A5BF2DD5-B718-45BF-9033-F58E4AFF3709}"= TCP:c:\program files\City Interactive\Code of Honor 2\game.exe:Code of Honor 2
"TCP Query User{78A99AF5-C999-42AA-A210-D76A2765B594}c:\\program files\\colin mcrae rally 2\\cmr2.exe"= UDP:c:\program files\colin mcrae rally 2\cmr2.exe:Colin McRae Rally 2
"UDP Query User{88BE71B1-B915-4F7B-9FF7-292276D8917E}c:\\program files\\colin mcrae rally 2\\cmr2.exe"= TCP:c:\program files\colin mcrae rally 2\cmr2.exe:Colin McRae Rally 2
"TCP Query User{4884DDCF-08EF-4E2E-A6B7-2858EBFAB84E}c:\\windows\\system32\\dplaysvr.exe"= UDP:c:\windows\system32\dplaysvr.exe:Archivo auxiliar de DirectPlay de Microsoft
"UDP Query User{283D91DE-7440-4954-B640-DF73A4FEF622}c:\\windows\\system32\\dplaysvr.exe"= TCP:c:\windows\system32\dplaysvr.exe:Archivo auxiliar de DirectPlay de Microsoft
"TCP Query User{E1BD8C5D-69CA-4315-BF63-C3FAD4F3D99A}c:\\program files\\ea games\\need for speed most wanted\\speed.exe"= UDP:c:\program files\ea games\need for speed most wanted\speed.exe:speed
"UDP Query User{6DF90F75-F9A1-4595-B5E5-F4F7E0119A13}c:\\program files\\ea games\\need for speed most wanted\\speed.exe"= TCP:c:\program files\ea games\need for speed most wanted\speed.exe:speed
"TCP Query User{3136EF07-DA4C-45C1-9B6B-F1290DF2A16A}c:\\windows\\system32\\dplaysvr.exe"= UDP:c:\windows\system32\dplaysvr.exe:Archivo auxiliar de DirectPlay de Microsoft
"UDP Query User{43EE8B4F-2A93-4078-8444-E80F3DF4C2F9}c:\\windows\\system32\\dplaysvr.exe"= TCP:c:\windows\system32\dplaysvr.exe:Archivo auxiliar de DirectPlay de Microsoft
"TCP Query User{6A75497C-2B1B-4E67-9E25-76FA212D88C0}c:\\program files\\colin mcrae rally 2\\cmr2.exe"= UDP:c:\program files\colin mcrae rally 2\cmr2.exe:Colin McRae Rally 2
"UDP Query User{E7571FCC-534D-45F6-92D1-6DE40A3C9E7C}c:\\program files\\colin mcrae rally 2\\cmr2.exe"= TCP:c:\program files\colin mcrae rally 2\cmr2.exe:Colin McRae Rally 2
"TCP Query User{A552B74B-B2C1-4865-9392-810FC8D318C1}c:\\program files\\colin mcrae rally 2\\cmr2network.exe"= UDP:c:\program files\colin mcrae rally 2\cmr2network.exe:Colin McRae Rally 2
"UDP Query User{2A390715-8D95-435E-B44F-1296E1B85971}c:\\program files\\colin mcrae rally 2\\cmr2network.exe"= TCP:c:\program files\colin mcrae rally 2\cmr2network.exe:Colin McRae Rally 2
"TCP Query User{D9D3E60F-2E80-4229-9A37-066E2443508B}c:\\program files\\call of duty\\coduomp.exe"= UDP:c:\program files\call of duty\coduomp.exe:CoDUOMP
"UDP Query User{9E2E96F7-CA37-408F-A05A-8DBEA1D469B2}c:\\program files\\call of duty\\coduomp.exe"= TCP:c:\program files\call of duty\coduomp.exe:CoDUOMP
"TCP Query User{020E57D0-88F6-42FF-B17B-C7200BBC4F3D}c:\\program files\\call of duty\\coduomp.exe"= UDP:c:\program files\call of duty\coduomp.exe:CoDUOMP
"UDP Query User{3BEFE36A-F0D5-41AD-94CD-E5D57CFF98FF}c:\\program files\\call of duty\\coduomp.exe"= TCP:c:\program files\call of duty\coduomp.exe:CoDUOMP
"TCP Query User{D57D9F88-4460-4D9D-BBBF-ECF2F1CF106E}c:\\program files\\java\\jre1.6.0_07\\bin\\javaw.exe"= UDP:c:\program files\java\jre1.6.0_07\bin\javaw.exe:Java(TM) Platform SE binary
"UDP Query User{84BAE6C7-47A6-4543-A477-A693D2145B67}c:\\program files\\java\\jre1.6.0_07\\bin\\javaw.exe"= TCP:c:\program files\java\jre1.6.0_07\bin\javaw.exe:Java(TM) Platform SE binary
"TCP Query User{E22D3B00-757C-4C0A-933D-69C5C9EFC728}c:\\program files\\java\\jre1.6.0_07\\bin\\java.exe"= UDP:c:\program files\java\jre1.6.0_07\bin\java.exe:Java(TM) Platform SE binary
"UDP Query User{E62B0C27-247A-4130-8304-53EE0D513F36}c:\\program files\\java\\jre1.6.0_07\\bin\\java.exe"= TCP:c:\program files\java\jre1.6.0_07\bin\java.exe:Java(TM) Platform SE binary
"TCP Query User{6E1C0219-2644-40E0-8688-DB09985459A1}c:\\program files\\msn backup\\msnbackup.exe"= UDP:c:\program files\msn backup\msnbackup.exe:MSN BackUp
"UDP Query User{93AAC2A2-78F3-4F31-A5FD-71B1E3593109}c:\\program files\\msn backup\\msnbackup.exe"= TCP:c:\program files\msn backup\msnbackup.exe:MSN BackUp
"TCP Query User{0766D21E-E612-4ACD-A225-1590E966A12D}c:\\program files\\filecroc\\filecroc.exe"= UDP:c:\program files\filecroc\filecroc.exe:FileCroc
"UDP Query User{22BD09A6-9B86-4933-9EB6-7FA34EB893D9}c:\\program files\\filecroc\\filecroc.exe"= TCP:c:\program files\filecroc\filecroc.exe:FileCroc
"TCP Query User{5D435DD4-4A10-4C83-8E8C-9B22E1B4640B}c:\\program files\\secondlife\\slvoice.exe"= UDP:c:\program files\secondlife\slvoice.exe:SLVoice
"UDP Query User{D5F21236-6747-44F6-8453-709A2F7E5466}c:\\program files\\secondlife\\slvoice.exe"= TCP:c:\program files\secondlife\slvoice.exe:SLVoice
"TCP Query User{E82F953F-0FF4-4DDE-89E2-E99FC83EE592}c:\\users\\josé\\downloads\\peke23c_i maskate_pf\\th4_www.programasfull.net\\peke23c\\ga me\\skate4.exe"= UDP:c:\users\josé\downloads\peke23c_imaskate_pf\th 4_www.programasfull.net\peke23c\game\skate4.exe:sk ate4.exe
"UDP Query User{687DA2C4-6896-4337-ABE0-82C351E52840}c:\\users\\josé\\downloads\\peke23c_i maskate_pf\\th4_www.programasfull.net\\peke23c\\ga me\\skate4.exe"= TCP:c:\users\josé\downloads\peke23c_imaskate_pf\th 4_www.programasfull.net\peke23c\game\skate4.exe:sk ate4.exe
"TCP Query User{8605D970-D220-4F5F-B0B9-836F9241BBBA}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{9A3EB428-7664-40B5-A1DF-4464D4BE2D41}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
"{5E7D35EB-2CA7-4E0B-8C21-4881A6211058}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{413C5C2B-A99D-46CE-8AEA-50A8E99574CA}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"TCP Query User{89981DA9-09F9-4388-A3EF-83CEB1BA131A}c:\\program files\\ares\\ares.exe"= UDP:c:\program files\ares\ares.exe:Ares p2p for windows
"UDP Query User{D078E9A4-9480-4361-995A-848402C1E93A}c:\\program files\\ares\\ares.exe"= TCP:c:\program files\ares\ares.exe:Ares p2p for windows
"{76732351-8277-4DC3-A9D1-DCAB5FFE1BC2}"= UDP:c:\programdata\NexonUS\NGM\NGM.exe:Nexon Game Manager
"{08C9934C-D12E-4E91-B546-033E35F6A60E}"= TCP:c:\programdata\NexonUS\NGM\NGM.exe:Nexon Game Manager
"{5A4C5543-87AD-45A5-8E05-F0EC072B6BAD}"= UDP:c:\nexon\Combat Arms\NMService.exe:Nexon Messenger Core
"{907A4F9F-0C25-4263-B331-64E3E652E943}"= TCP:c:\nexon\Combat Arms\NMService.exe:Nexon Messenger Core
"TCP Query User{8320F511-57E1-4F98-B2EA-2A997D8423B9}c:\\program files\\thq\\mx vs atv unleashed\\mxvsatv.exe"= UDP:c:\program files\thq\mx vs atv unleashed\mxvsatv.exe:MXvsATV
"UDP Query User{400787E1-963D-42FF-872A-6DF73AEF83D0}c:\\program files\\thq\\mx vs atv unleashed\\mxvsatv.exe"= TCP:c:\program files\thq\mx vs atv unleashed\mxvsatv.exe:MXvsATV
"{0C72B8D9-A97E-4BCF-BF03-E39A67231555}"= UDP:c:\program files\Microsoft Games\Halo\halo.exe:Halo
"{7EFD8610-C9CB-411A-A35F-8A118F149880}"= TCP:c:\program files\Microsoft Games\Halo\halo.exe:Halo

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\PublicProfile]
"EnableFirewall"= 0 (0x0)

R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\System32\drivers\klim6.sys [2007-10-16 20496]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2008-05-28 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2008-05-28 55024]
S3 BthAvrcp;Perfil AVRCP Bluetooth;c:\windows\System32\drivers\BthAvrcp.sys [2007-08-24 15872]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2008-05-28 7408]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2008-10-14 356920]
S3 SNP325;USB PC Camera (SNPSTD325);c:\windows\System32\drivers\snp325.sys [2008-09-11 10343168]
S4 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-18 809296]

--- Other Services/Drivers In Memory ---

*Deregistered* - sptd

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{6c92f3a5-4a6c-11dd-8eb5-001b245f4b2c}]
\shell\AutoRun\command - E:\setup.exe /autorun
\shell\directx\command - e:\directx\dxsetup.exe
\shell\setup\command - E:\setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{91518fdf-a128-11dd-878d-001b241c24cc}]
\shell\AutoRun\command - F:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{91518fe2-a128-11dd-878d-001b241c24cc}]
\shell\AutoRun\command - F:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{a2e968cf-6a45-11dd-83cb-001b245f4b2c}]
\shell\AutoRun\command - jjcx.com
\shell\explore\Command - jjcx.com
\shell\open\Command - jjcx.com

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{b758481d-5ba8-11dd-9f67-001b245f4b2c}]
\shell\AutoRun\command - F:\xn1i9x.com
\shell\explore\Command - F:\xn1i9x.com
\shell\open\Command - F:\xn1i9x.com

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{c66d97cb-47e6-11dd-8c9f-001b245f4b2c}]
\shell\Auto\Command - winglogon.exe
\shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL winglogon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Common Files\LightScribe\LSRunOnce.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7070D8E0-650A-46b3-B03C-9497582E6A74}]
%SystemRoot%\system32\soundschemes.exe /AddRegistration

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B3688A53-AB2A-4b1d-8CEF-8F93D8C51C24}]
%SystemRoot%\system32\soundschemes2.exe /AddRegistration
.
Contents of the 'Scheduled Tasks' folder

2009-01-19 c:\windows\Tasks\Mantenimiento con 1 clic.job
- c:\program files\TuneUp Utilities 2008\OneClick.exe [2008-02-04 16:05]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&xportar a Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Save Image To humyo.com
IE: Save Target To humyo.com
FF - ProfilePath - c:\users\José\AppData\Roaming\Mozilla\Firefox\Prof iles\glrpuwyf.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.startup.homepage - hxxp://cl.msn.com/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=utf-8&fr=megaup&p=
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1368.5602\npCIDetect13.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\programdata\NexonUS\NGM\npNxGameUS.dll

---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.notify.interval - 600000
FF - user.js: content.switch.threshold - 1000000
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: network.http.max-connections-per-server - 8
.

************************************************** ************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-19 18:25:41
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

************************************************** ************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(1236)
c:\program files\Common Files\CyberLink\deskband32.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\System32\nvvsvc.exe
c:\windows\System32\audiodg.exe
c:\windows\System32\rundll32.exe
c:\windows\System32\wlanext.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows\System32\IoctlSvc.exe
c:\windows\System32\drivers\XAudio.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\System32\dllhost.exe
.
************************************************** ************************
.
Completion time: 2009-01-19 18:34:46 - machine was rebooted
ComboFix-quarantined-files.txt 2009-01-19 21:34:25
ComboFix2.txt 2009-01-18 15:25:53

Pre-Run: 33.587.384.320 bytes libres
Post-Run: 33,630,187,520 bytes libres

417 --- E O F --- 2009-01-19 03:16:13
Responder Con Cita
  post #6  
Antiguo 19/01/09, 20:16:38
Avatar de Angel Doze
Warrior
  
Registrado: feb 2007
Ubicación: Mexico
Mensajes: 5.708
Re: no puedo actualizar ni instalar antivirus ni anti spyware
Hola mudjh,

Conecte todas sus unidades como USB, Micro SD, Pendrive, etc...

1.-Abrir el Notepad (Bloc de Notas)
  • Ir a INICIO > EJECUTAR >
  • Y ahí pones notepad.exe y ACEPTAR
2.-Ahora copia y pega estos archivos dentro del Notepad

Código:
File::
C:\23990098.$$$

Folder:: 
C:\-968007624

Registry::
[-HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{6c92f3a5-4a6c-11dd-8eb5-001b245f4b2c}]
3.- Graba este archivo con el nombre CFScript.txt y déjalo en tu escritorio.

4.- Arrastrar y soltar el archivo CFScript.txt dentro del archivo ComboFix.exe como lo muestra la animación de abajo. Esto activara ComboFix nuevamente.

  • Reinicia tu PC y nos dejas un el nuevo reporte de ComboFix, comentándonos como esta funcionado todo actualmente?

Salu2!

Novedades del Foro | Antivirus Online | Eliminar Malwares | Políticas del Foro | Blog

* Ayúdanos haciendo una DONACIÓN para poder seguir Ayudando.
* Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
* No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.
Responder Con Cita
  post #7  
Antiguo 20/01/09, 00:27:00
Usuario
  
Registrado: dic 2007
Ubicación: chile
Mensajes: 11
Re: no puedo actualizar ni instalar antivirus ni anti spyware
hola nuevamente...que esta pasando??? por que lo pasamos una y otra vez??? no es por desconfianza es solo para aprender ok. bueno esta vez me arrojo este log

ComboFix 09-01-17.04 - José 2009-01-20 1:15:19.2 - NTFSx86
Microsoft® Windows Vista™ Ultimate 6.0.6001.1.1252.1.3082.18.1406.617 [GMT -3:00]
Running from: c:\users\José\Desktop\nuevo virus\Combo-Fix.exe
Command switches used :: c:\users\José\Desktop\nuevo virus\CFScript.txt
AV: Kaspersky Anti-Virus *On-access scanning disabled* (Outdated)

FILE ::
C:\23990098.$$$
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\-968007624\
C:\23990098.$$$

.
((((((((((((((((((((((((( Files Created from 2008-12-20 to 2009-01-20 )))))))))))))))))))))))))))))))
.

2009-01-20 01:08 . 2006-07-24 01:38 26,112 --a------ c:\windows\System32\nircmd.exe
2009-01-20 00:25 . 2007-04-03 01:54 626,688 --a------ c:\windows\System32\CBMSchpr.dll
2009-01-20 00:24 . 2009-01-20 00:24 <DIR> d-------- c:\users\All Users\Winamp Toolbar
2009-01-20 00:24 . 2009-01-20 00:24 <DIR> d-------- c:\programdata\Winamp Toolbar
2009-01-20 00:24 . 2009-01-20 00:24 <DIR> d-------- c:\program files\Winamp Toolbar
2009-01-20 00:23 . 2009-01-20 00:24 <DIR> d-------- c:\users\All Users\OrbNetworks
2009-01-20 00:23 . 2009-01-20 00:24 <DIR> d-------- c:\programdata\OrbNetworks
2009-01-20 00:23 . 2009-01-20 00:23 <DIR> d-------- c:\program files\Winamp Remote
2009-01-20 00:21 . 2007-03-07 20:51 129,784 --------- c:\windows\System32\pxafs.dll
2009-01-20 00:20 . 2009-01-20 00:38 <DIR> d-------- c:\users\José\AppData\Roaming\Winamp
2009-01-20 00:20 . 2009-01-20 00:24 <DIR> d-------- c:\program files\Winamp
2009-01-19 00:15 . 2008-08-17 07:33 678,408 --a------ c:\windows\System32\gpprefcl.dll
2009-01-18 22:39 . 2009-01-18 22:39 0 --ah----- c:\windows\System32\drivers\Msft_Kernel_ccdcmb_010 07.Wdf
2009-01-18 20:56 . 2009-01-18 20:56 <DIR> d-------- c:\program files\Common Files\PCSuite
2009-01-18 20:56 . 2009-01-18 20:56 <DIR> d-------- c:\program files\Common Files\Nokia
2009-01-18 20:55 . 2008-08-26 09:26 18,816 --a------ c:\windows\System32\drivers\pccsmcfd.sys
2009-01-18 12:54 . 2009-01-18 12:56 <DIR> d-------- c:\program files\Spybot - Search & Destroy
2009-01-17 23:51 . 2009-01-17 23:51 <DIR> d-------- c:\windows\System32\Kaspersky Lab
2009-01-17 20:21 . 2009-01-20 01:18 46,936,096 --ahs---- c:\windows\System32\drivers\fidbox.dat
2009-01-17 20:21 . 2009-01-19 18:23 548,012 --ahs---- c:\windows\System32\drivers\fidbox.idx
2009-01-17 12:10 . 2009-01-17 12:10 626,688 --a------ c:\windows\System32\msvcr80.dll
2009-01-17 12:10 . 2009-01-17 12:10 548,864 --a------ c:\windows\System32\msvcp80.dll
2009-01-17 12:10 . 2005-09-22 23:22 522 --a------ c:\windows\System32\Microsoft.VC80.CRT.manifest
2009-01-17 12:09 . 2009-01-17 12:09 <DIR> d-------- c:\users\All Users\MicroWorld
2009-01-17 12:09 . 2009-01-17 12:09 <DIR> d-------- c:\programdata\MicroWorld
2009-01-17 02:48 . 2009-01-17 13:44 <DIR> d-------- c:\users\José\DoctorWeb
2009-01-17 02:48 . 2009-01-17 13:44 <DIR> d-------- c:\users\José\DoctorWeb
2009-01-16 21:56 . 2009-01-16 21:56 2 --a------ C:\-968007624
2009-01-16 21:23 . 2009-01-16 21:23 71,168 --a------ c:\windows\System32\drivers\gaopdxurxctpxb.sys
2009-01-16 21:21 . 2009-01-20 00:17 <DIR> d-------- c:\program files\AP Tuner
2009-01-16 14:37 . 2009-01-16 14:37 98,304 --a------ c:\windows\System32\CmdLineExt.dll
2009-01-14 23:52 . 2008-03-05 15:56 1,420,824 --a------ c:\windows\System32\D3DCompiler_37.dll
2009-01-14 23:52 . 2008-02-05 23:07 462,864 --a------ c:\windows\System32\d3dx10_37.dll
2009-01-14 23:51 . 2009-01-14 23:51 <DIR> d-------- c:\windows\System32\xlive
2009-01-14 23:51 . 2009-01-14 23:51 <DIR> d-------- c:\program files\Microsoft Games for Windows - LIVE
2009-01-14 23:51 . 2008-03-05 15:56 3,786,760 --a------ c:\windows\System32\D3DX9_37.dll
2009-01-14 19:56 . 2008-12-15 23:42 288,768 --a------ c:\windows\System32\drivers\srv.sys
2009-01-13 11:54 . 2009-01-19 18:25 103,368 --a------ c:\users\All Users\nvModes.dat
2009-01-13 11:54 . 2009-01-19 18:25 103,368 --a------ c:\programdata\nvModes.dat
2009-01-13 11:48 . 2009-01-13 11:48 <DIR> d-------- c:\program files\THQ
2009-01-13 11:39 . 2009-01-13 11:39 <DIR> d-------- C:\NVIDIA
2009-01-12 01:56 . 2009-01-14 22:55 <DIR> d-------- c:\program files\Trials 2 Second Edition
2009-01-12 01:56 . 2009-01-12 01:56 <DIR> d-------- c:\program files\OpenAL
2009-01-12 01:56 . 2007-10-12 15:14 3,734,536 --a------ c:\windows\System32\d3dx9_36.dll
2009-01-12 01:56 . 2009-01-12 01:56 413,696 --a------ c:\windows\System32\wrap_oal.dll
2009-01-12 01:56 . 2009-01-12 01:56 110,592 --a------ c:\windows\System32\OpenAL32.dll
2009-01-08 18:12 . 2009-01-08 18:12 278,728 --a------ c:\windows\System32\drivers\atksgt.sys
2009-01-08 18:12 . 2009-01-08 18:12 25,416 --a------ c:\windows\System32\drivers\lirsgt.sys
2009-01-07 00:11 . 2009-01-07 00:24 <DIR> d-------- c:\users\All Users\NexonUS
2009-01-07 00:11 . 2009-01-07 00:24 <DIR> d-------- c:\programdata\NexonUS
2009-01-07 00:11 . 2009-01-14 20:05 <DIR> d-------- C:\Nexon
2009-01-04 23:38 . 2009-01-04 23:38 244 --ah----- C:\sqmnoopt02.sqm
2009-01-04 23:38 . 2009-01-04 23:38 232 --ah----- C:\sqmdata02.sqm
2008-12-28 10:32 . 2009-01-06 00:50 <DIR> d-------- c:\users\All Users\EmailNotifier
2008-12-28 10:32 . 2009-01-06 00:50 <DIR> d-------- c:\programdata\EmailNotifier
2008-12-25 23:00 . 2006-01-09 14:00 2,067,184 --------- c:\windows\CarTuner.CAB
2008-12-25 23:00 . 2008-12-25 23:00 253,952 --------- c:\windows\Setup1.exe
2008-12-25 23:00 . 2008-12-25 23:00 74,752 --a------ c:\windows\ST6UNST.EXE

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2009-01-20 04:19 8,126,464 ----a-w c:\users\José\ntuser.dat
2009-01-20 04:19 8,126,464 ----a-w c:\users\José\ntuser.dat
2009-01-20 04:09 --------- d---a-w c:\programdata\TEMP
2009-01-20 03:38 --------- d-----w c:\users\José\AppData\Roaming\Winamp
2009-01-20 02:18 --------- d-----w c:\programdata\Google Updater
2009-01-19 23:05 --------- d-----w c:\programdata\Kaspersky Lab
2009-01-19 02:25 --------- d-----w c:\program files\Microsoft Games
2009-01-19 01:53 --------- d-----w c:\users\José\AppData\Roaming\Nokia
2009-01-18 23:54 --------- d-----w c:\program files\PC Connectivity Solution
2009-01-18 23:53 --------- d-----w c:\program files\Nokia
2009-01-18 23:50 --------- d-----w c:\programdata\Installations
2009-01-18 21:37 --------- d-----w c:\program files\z. JUEGOS RIP
2009-01-18 17:11 --------- d-----w c:\program files\Spyware Doctor
2009-01-18 16:04 --------- d-----w c:\programdata\Spybot - Search & Destroy
2009-01-18 15:51 --------- d-----w c:\program files\SUPERAntiSpyware
2009-01-17 04:59 --------- d-----w c:\program files\WinSMS
2009-01-17 03:06 --------- d-----w c:\users\José\AppData\Roaming\SUPERAntiSpyware.com
2009-01-17 03:05 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2009-01-17 00:43 --------- d-----w c:\program files\All2WAV Recorder
2009-01-16 01:36 --------- d--h--w c:\program files\InstallShield Installation Information
2009-01-15 19:05 --------- d-----w c:\program files\Windows Mail
2009-01-15 15:50 --------- d-----w c:\programdata\NVIDIA
2009-01-15 01:54 --------- d-----w c:\program files\The KMPlayer
2009-01-14 22:58 --------- d-----w c:\program files\UltraStar
2009-01-13 14:44 --------- d-s---w c:\users\José\AppData\Roaming\Microsoft
2009-01-13 13:11 103,368 ----a-w c:\users\José\AppData\Roaming\nvModes.dat
2009-01-11 00:31 --------- d-----w c:\program files\Call of Duty
2008-12-24 00:58 453,152 ----a-w c:\windows\System32\nvuninst.exe
2008-12-11 03:34 --------- d-----w c:\programdata\Microsoft Help
2008-12-07 17:33 --------- d-----w c:\program files\Ares
2008-12-06 14:30 --------- d-----w c:\program files\Valve
2008-12-06 14:20 --------- d-----w c:\program files\Bonjour
2008-12-06 00:19 410,984 ----a-w c:\windows\System32\deploytk.dll
2008-12-06 00:00 306,432 ----a-w c:\windows\System32\TuneUpDefragService.exe
2008-12-06 00:00 --------- d-----w c:\program files\TuneUp Utilities 2008
2008-12-01 10:31 --------- d-----w c:\program files\Java
2008-11-27 22:29 --------- d-----w c:\program files\Colin McRae Rally 2
2008-11-24 22:49 --------- d-----w c:\users\José\AppData\Roaming\Artweaver
2008-11-01 03:44 541,696 ----a-w c:\windows\AppPatch\AcLayers.dll
2008-11-01 03:44 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll
2008-11-01 03:44 460,288 ----a-w c:\windows\AppPatch\AcSpecfc.dll
2008-11-01 03:44 28,672 ----a-w c:\windows\System32\Apphlpdm.dll
2008-11-01 03:44 2,154,496 ----a-w c:\windows\AppPatch\AcGenral.dll
2008-11-01 03:44 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll
2008-11-01 01:21 4,240,384 ----a-w c:\windows\System32\GameUXLegacyGDFs.dll
2008-10-29 14:24 831,048 ----a-w c:\windows\System32\WudfUpdate_01005.dll
2008-10-29 06:29 2,927,104 ----a-w c:\windows\explorer.exe
2008-10-22 08:29 14,303,392 ----a-w c:\windows\System32\xlive.dll
2008-10-22 08:29 13,643,936 ----a-w c:\windows\System32\xlivefnt.dll
2008-10-22 03:57 241,152 ----a-w c:\windows\System32\PortableDeviceApi.dll
2008-10-22 01:22 2,048 ----a-w c:\windows\System32\tzres.dll
2008-10-21 05:25 296,960 ----a-w c:\windows\System32\gdi32.dll
2008-10-21 05:25 1,645,568 ----a-w c:\windows\System32\connect.dll
2008-02-16 19:52 174 --sha-w c:\program files\desktop.ini
2008-09-30 04:58 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\Microsoft\Windows\History\History.IE5\index.da t
2008-09-30 04:58 32,768 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2008-09-30 04:58 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Ro aming\Microsoft\Windows\Cookies\index.dat
.

((((((((((((((((((((((((((((( snapshot@2009-01-19_18.29.51.93 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-01-19 21:24:45 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\lastalive1.dat
- 2009-01-19 21:25:02 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\L ocal\Microsoft\Windows\History\History.IE5\index.d at
+ 2009-01-20 03:24:27 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\L ocal\Microsoft\Windows\History\History.IE5\index.d at
- 2009-01-19 21:25:02 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\L ocal\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-01-20 03:24:27 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\L ocal\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-01-19 21:25:02 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\R oaming\Microsoft\Windows\Cookies\index.dat
+ 2009-01-20 03:24:27 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\R oaming\Microsoft\Windows\Cookies\index.dat
- 2009-01-17 01:03:28 102,094 ----a-w c:\windows\System32\perfc009.dat
+ 2009-01-20 04:08:19 102,094 ----a-w c:\windows\System32\perfc009.dat
- 2009-01-17 01:03:28 129,720 ----a-w c:\windows\System32\perfc00A.dat
+ 2009-01-20 04:08:19 129,720 ----a-w c:\windows\System32\perfc00A.dat
- 2009-01-17 01:03:28 590,082 ----a-w c:\windows\System32\perfh009.dat
+ 2009-01-20 04:08:19 590,082 ----a-w c:\windows\System32\perfh009.dat
- 2009-01-17 01:03:28 667,966 ----a-w c:\windows\System32\perfh00A.dat
+ 2009-01-20 04:08:19 667,966 ----a-w c:\windows\System32\perfh00A.dat
+ 2007-03-07 23:51:00 547,576 ------w c:\windows\System32\px.dll
+ 2007-03-07 23:51:00 64,760 ------w c:\windows\System32\pxcpya64.exe
+ 2007-03-07 23:51:00 510,712 ------w c:\windows\System32\pxdrv.dll
+ 2007-03-07 23:51:00 72,440 ------w c:\windows\System32\pxhpinst.exe
+ 2007-03-07 23:51:00 64,760 ------w c:\windows\System32\pxinsa64.exe
+ 2007-03-07 23:51:00 187,128 ------w c:\windows\System32\pxmas.dll
+ 2007-03-07 23:51:00 1,628,920 ------w c:\windows\System32\pxsfs.dll
+ 2007-03-07 23:51:00 379,640 ------w c:\windows\System32\pxwave.dll
+ 2007-03-07 23:51:00 39,672 ------w c:\windows\System32\vxblock.dll
- 2009-01-19 21:00:57 11,048 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-995357640-1471950182-4160779866-1000_UserData.bin
+ 2009-01-19 21:27:46 11,372 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-995357640-1471950182-4160779866-1000_UserData.bin
- 2009-01-19 21:00:57 84,780 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics _SystemData.bin
+ 2009-01-19 21:27:46 84,858 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics _SystemData.bin
- 2009-01-19 21:00:55 47,766 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnos tics_SystemData.bin
+ 2009-01-19 21:27:26 47,924 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnos tics_SystemData.bin
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"SRS Audio Sandbox"="c:\program files\SRS Labs\Audio Sandbox\SRSSSC.exe" [2007-07-30 3158016]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe" [2008-07-02 68856]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-09-16 1833296]
"Orb"="c:\program files\Winamp Remote\bin\OrbTray.exe" [2008-03-31 507904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-28 1045800]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-12-06 202032]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-04 13556256]
"NvMediaCenter"="c:\windows\system32\NvMcTray. dll" [2008-12-04 92704]
"WinampAgent"="c:\progra~1\Winamp\winampa.exe" [2008-08-03 36352]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 0 (0x0)
"EnableInstallerDetection"= 0 (0x0)
"EnableLUA"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\curr entversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-01-18 12:51 356352 c:\program files\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=G

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.divxa32"= msaud32_divx.acm

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
--a------ 2007-08-24 08:00 33648 c:\program files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
--a------ 2007-05-08 17:24 54840 c:\program files\Hp\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
--a------ 2008-02-28 18:07 1828136 c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
--a------ 2008-02-18 17:29 2221352 c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD8LanguageShortcut]
--------- 2007-12-14 12:36 50472 c:\program files\CyberLink\PowerDVD8\Language\Language.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-09-06 15:09 413696 c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl8]
--------- 2008-03-20 21:23 83240 c:\program files\CyberLink\PowerDVD8\PDVD8Serv.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SRS Audio Sandbox]
--a------ 2007-07-30 10:23 3158016 c:\program files\SRS Labs\Audio Sandbox\SRSSSC.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2008-07-02 01:35 68856 c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2008-07-05 16:38 185896 c:\program files\Common Files\Real\Update_OB\realsched.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\run-]
"LightScribe Control Panel"=c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" -autorun
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog
"Sidebar"=c:\program files\Windows Sidebar\sidebar.exe /autoRun
"WMPNSCFG"=c:\program files\Windows Media Player\WMPNSCFG.exe
"SUPERAntiSpyware"=c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"Easy-PrintToolBox"=c:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
"tsnp325"=c:\windows\tsnp325.exe
"FixCamera"=c:\windows\FixCamera.exe
"snp325"=c:\windows\vsnp325.exe
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"HP Software Update"=c:\program files\Hp\HP Software Update\HPWuSchd2.exe
"ISTray"="c:\program files\Spyware Doctor\pctsTray.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\FirewallRules]
"TCP Query User{ABBE470F-57F2-4263-B444-45C261DDDCDB}c:\\programdata\\kaspersky lab setup files\\kaspersky anti-virus 7.0.1.325\\spanish\\setup.exe"= UDP:c:\programdata\kaspersky lab setup files\kaspersky anti-virus 7.0.1.325\spanish\setup.exe:Kaspersky Anti-Virus 7.0 Instalación
"UDP Query User{48F2BBC9-AEF5-4F78-853E-BF5A8D10EC87}c:\\programdata\\kaspersky lab setup files\\kaspersky anti-virus 7.0.1.325\\spanish\\setup.exe"= TCP:c:\programdata\kaspersky lab setup files\kaspersky anti-virus 7.0.1.325\spanish\setup.exe:Kaspersky Anti-Virus 7.0 Instalación
"{5EEB9693-0C10-438C-8F27-9A40AECE0374}"= UDP:c:\program files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:Pro Evolution Soccer 2008
"{9022068F-90FB-4B2E-86AF-729EC41B5A5B}"= TCP:c:\program files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:Pro Evolution Soccer 2008
"{5CAB95AD-6A6B-42AB-962D-05F1C293FEDD}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent
"{6DE66BB1-942F-4691-81F5-050815D2B360}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent
"{995387E0-B432-4D28-9EEB-27EC4E0E4E37}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{CFCE9BE5-B07D-48E3-92D4-1ADDAF5835F1}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{2720C313-9FFE-44F8-BCDC-6085919BBCA9}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{7B13EDAF-23D9-439F-BA16-C652429B673B}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{A09DF78A-56C7-4ECA-AA9A-FD17EC76D89D}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{3BDF574A-E892-4FD8-80F9-CE72E6EB3C94}"= c:\program files\CyberLink\PowerDVD8\PowerDVD8.EXE:CyberLink PowerDVD 8.0
"TCP Query User{73B9FDEE-C81A-45E9-8970-31E1DDCD3D69}c:\\users\\josé\\appdata\\local\\temp \\onlineupdate8\\setupxu.exe"= UDP:c:\users\josé\appdata\local\temp\onlineupdate8 \setupxu.exe:setupxu.exe
"UDP Query User{4FF6C308-C99B-4693-8821-8CB2F609DF88}c:\\users\\josé\\appdata\\local\\temp \\onlineupdate8\\setupxu.exe"= TCP:c:\users\josé\appdata\local\temp\onlineupdate8 \setupxu.exe:setupxu.exe
"{5A60CBE4-3306-4CF5-A94F-50F443A8FEAE}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{7CB542A0-F54C-4868-8EB9-CC82CD387BF9}"= UDP:c:\program files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:Pro Evolution Soccer 2008
"{650BB3F4-841A-4748-83AE-8E791AA218A2}"= TCP:c:\program files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:Pro Evolution Soccer 2008
"TCP Query User{250834BA-47D8-460E-8524-02F610DD8B4A}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{1FC67AA0-74E7-4E80-A494-852EF536FA83}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{68023E35-2D5F-43CF-96A3-B77B090C410B}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:µTorrent
"UDP Query User{6365D01C-C955-47FE-9DF4-8187D7E55CDC}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:µTorrent
"TCP Query User{BE653A37-D144-4C3E-8B83-C05F403EEAC4}c:\\program files\\ea games\\need for speed most wanted\\speed.exe"= UDP:c:\program files\ea games\need for speed most wanted\speed.exe:speed
"UDP Query User{11F10274-2AA7-4FBA-8650-1971F514E5AB}c:\\program files\\ea games\\need for speed most wanted\\speed.exe"= TCP:c:\program files\ea games\need for speed most wanted\speed.exe:speed
"TCP Query User{D7A55431-F503-45A0-876A-544A824150E8}c:\\program files\\counter-strike 1.6\\hl.exe"= UDP:c:\program files\counter-strike 1.6\hl.exe:Half-Life Launcher
"UDP Query User{4A441CEE-BF24-4EE3-BE99-C97A2070A88B}c:\\program files\\counter-strike 1.6\\hl.exe"= TCP:c:\program files\counter-strike 1.6\hl.exe:Half-Life Launcher
"{02DA14EE-3735-4C5F-A7C0-58BA4232C7AD}"= UDP:c:\users\José\Downloads\utorrent.exe:µTorrent (TCP-In)
"{DFEE543D-49BB-477A-B250-CCEBF57FF058}"= TCP:c:\users\José\Downloads\utorrent.exe:µTorrent (UDP-In)
"TCP Query User{1D7E702F-9BF3-4057-9793-8D3F5F940FA7}c:\\ut2004\\system\\ut2004.exe"= UDP:c:\ut2004\system\ut2004.exe:UT2004
"UDP Query User{7C3F365A-D680-4A7A-85DA-AD3F71E5BF69}c:\\ut2004\\system\\ut2004.exe"= TCP:c:\ut2004\system\ut2004.exe:UT2004
"TCP Query User{53041D3F-C729-4AC8-A2C7-C145C197DA7D}c:\\ut2004\\system\\ut2004.exe"= UDP:c:\ut2004\system\ut2004.exe:UT2004
"UDP Query User{6A1533F0-CB87-4864-9CA9-842653F2A45E}c:\\ut2004\\system\\ut2004.exe"= TCP:c:\ut2004\system\ut2004.exe:UT2004
"TCP Query User{B48E9B47-0FEC-4FA6-8A04-15D53014CA69}c:\\program files\\call of duty\\codmp.exe"= UDP:c:\program files\call of duty\codmp.exe:CoDMP
"UDP Query User{9FAE6C27-A00C-4510-BEE5-1102FFD1F65F}c:\\program files\\call of duty\\codmp.exe"= TCP:c:\program files\call of duty\codmp.exe:CoDMP
"{85D06428-93C1-4E99-92C7-BBD8B5FD104E}"= UDP:c:\users\José\Downloads\sin respaldo\utorrent.exe:µTorrent (TCP-In)
"{F8CD798D-2738-405D-97DA-4B323F36442F}"= TCP:c:\users\José\Downloads\sin respaldo\utorrent.exe:µTorrent (UDP-In)
"TCP Query User{C14A536C-8075-4B9F-8C70-D0AA5A124E10}c:\\program files\\fear\\fearmp.exe"= UDP:c:\program files\fear\fearmp.exe:F.E.A.R.
"UDP Query User{D04907F8-1CAB-4ECD-B375-51317689EB72}c:\\program files\\fear\\fearmp.exe"= TCP:c:\program files\fear\fearmp.exe:F.E.A.R.
"TCP Query User{94DD41BD-94C4-4A68-A63F-ECD40873BD8F}c:\\program files\\ares\\ares.exe"= UDP:c:\program files\ares\ares.exe:Ares p2p for windows
"UDP Query User{27DA4F44-B9F3-43E4-9238-D420F21647C6}c:\\program files\\ares\\ares.exe"= TCP:c:\program files\ares\ares.exe:Ares p2p for windows
"TCP Query User{DCD98573-FC5B-4F50-9574-13F75A5F3A47}c:\\program files\\bearshare applications\\bearshare\\bearshare.exe"= UDP:c:\program files\bearshare applications\bearshare\bearshare.exe:BearShare
"UDP Query User{1B4822A4-B0A5-4B56-B62B-53A6368C889F}c:\\program files\\bearshare applications\\bearshare\\bearshare.exe"= TCP:c:\program files\bearshare applications\bearshare\bearshare.exe:BearShare
"TCP Query User{D058AF16-3442-4EB7-B798-C3A76E640AE4}c:\\program files\\webeye\\webeye.exe"= UDP:c:\program files\webeye\webeye.exe:SocketAPI
"UDP Query User{1AE1F94D-76A7-4A4B-87D6-375645BE87E5}c:\\program files\\webeye\\webeye.exe"= TCP:c:\program files\webeye\webeye.exe:SocketAPI
"TCP Query User{99A9F52E-F057-4645-BC6E-79404FC44F22}c:\\vp-eye\\avi\\avi.exe"= UDP:c:\vp-eye\avi\avi.exe:Video Monitor
"UDP Query User{BE880DA7-DAF9-4BBA-ADCE-9B23520B0B67}c:\\vp-eye\\avi\\avi.exe"= TCP:c:\vp-eye\avi\avi.exe:Video Monitor
"TCP Query User{320C1F3B-2E68-4E94-851D-DA1BAC54F52F}c:\\program files\\counter-strike 1.6\\hl.exe"= UDP:c:\program files\counter-strike 1.6\hl.exe:Half-Life Launcher
"UDP Query User{E8CFA522-C3FB-4389-B60E-0AB74109ACC4}c:\\program files\\counter-strike 1.6\\hl.exe"= TCP:c:\program files\counter-strike 1.6\hl.exe:Half-Life Launcher
"TCP Query User{94DBC1C5-951A-4F1C-9AF2-3E69F45EDBED}c:\\users\\josé\\downloads\\sin respaldo\\utorrent.exe"= UDP:c:\users\josé\downloads\sin respaldo\utorrent.exe:utorrent.exe
"UDP Query User{7243A7C7-0AAC-4E1F-B0AC-5E4842AA5A6E}c:\\users\\josé\\downloads\\sin respaldo\\utorrent.exe"= TCP:c:\users\josé\downloads\sin respaldo\utorrent.exe:utorrent.exe
"TCP Query User{B73C1BCE-1A16-4DE2-959D-42CA4C706B3F}c:\\program files\\valve\\hl.exe"= UDP:c:\program files\valve\hl.exe:Half-Life Launcher
"UDP Query User{E11D79F4-C236-4182-8ED1-C0C1F79FFC3B}c:\\program files\\valve\\hl.exe"= TCP:c:\program files\valve\hl.exe:Half-Life Launcher
"TCP Query User{967337EE-E4D8-4D95-986F-A2832DA1BAF8}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{1E7A05A2-2090-4818-9B87-037FD8B71F65}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
"{4A5F3DD6-8E95-47DD-A6D5-0BBA8CC23213}"= UDP:c:\program files\City Interactive\Code of Honor 2\game.exe:Code of Honor 2
"{A5BF2DD5-B718-45BF-9033-F58E4AFF3709}"= TCP:c:\program files\City Interactive\Code of Honor 2\game.exe:Code of Honor 2
"TCP Query User{78A99AF5-C999-42AA-A210-D76A2765B594}c:\\program files\\colin mcrae rally 2\\cmr2.exe"= UDP:c:\program files\colin mcrae rally 2\cmr2.exe:Colin McRae Rally 2
"UDP Query User{88BE71B1-B915-4F7B-9FF7-292276D8917E}c:\\program files\\colin mcrae rally 2\\cmr2.exe"= TCP:c:\program files\colin mcrae rally 2\cmr2.exe:Colin McRae Rally 2
"TCP Query User{4884DDCF-08EF-4E2E-A6B7-2858EBFAB84E}c:\\windows\\system32\\dplaysvr.exe"= UDP:c:\windows\system32\dplaysvr.exe:Archivo auxiliar de DirectPlay de Microsoft
"UDP Query User{283D91DE-7440-4954-B640-DF73A4FEF622}c:\\windows\\system32\\dplaysvr.exe"= TCP:c:\windows\system32\dplaysvr.exe:Archivo auxiliar de DirectPlay de Microsoft
"TCP Query User{E1BD8C5D-69CA-4315-BF63-C3FAD4F3D99A}c:\\program files\\ea games\\need for speed most wanted\\speed.exe"= UDP:c:\program files\ea games\need for speed most wanted\speed.exe:speed
"UDP Query User{6DF90F75-F9A1-4595-B5E5-F4F7E0119A13}c:\\program files\\ea games\\need for speed most wanted\\speed.exe"= TCP:c:\program files\ea games\need for speed most wanted\speed.exe:speed
"TCP Query User{3136EF07-DA4C-45C1-9B6B-F1290DF2A16A}c:\\windows\\system32\\dplaysvr.exe"= UDP:c:\windows\system32\dplaysvr.exe:Archivo auxiliar de DirectPlay de Microsoft
"UDP Query User{43EE8B4F-2A93-4078-8444-E80F3DF4C2F9}c:\\windows\\system32\\dplaysvr.exe"= TCP:c:\windows\system32\dplaysvr.exe:Archivo auxiliar de DirectPlay de Microsoft
"TCP Query User{6A75497C-2B1B-4E67-9E25-76FA212D88C0}c:\\program files\\colin mcrae rally 2\\cmr2.exe"= UDP:c:\program files\colin mcrae rally 2\cmr2.exe:Colin McRae Rally 2
"UDP Query User{E7571FCC-534D-45F6-92D1-6DE40A3C9E7C}c:\\program files\\colin mcrae rally 2\\cmr2.exe"= TCP:c:\program files\colin mcrae rally 2\cmr2.exe:Colin McRae Rally 2
"TCP Query User{A552B74B-B2C1-4865-9392-810FC8D318C1}c:\\program files\\colin mcrae rally 2\\cmr2network.exe"= UDP:c:\program files\colin mcrae rally 2\cmr2network.exe:Colin McRae Rally 2
"UDP Query User{2A390715-8D95-435E-B44F-1296E1B85971}c:\\program files\\colin mcrae rally 2\\cmr2network.exe"= TCP:c:\program files\colin mcrae rally 2\cmr2network.exe:Colin McRae Rally 2
"TCP Query User{D9D3E60F-2E80-4229-9A37-066E2443508B}c:\\program files\\call of duty\\coduomp.exe"= UDP:c:\program files\call of duty\coduomp.exe:CoDUOMP
"UDP Query User{9E2E96F7-CA37-408F-A05A-8DBEA1D469B2}c:\\program files\\call of duty\\coduomp.exe"= TCP:c:\program files\call of duty\coduomp.exe:CoDUOMP
"TCP Query User{020E57D0-88F6-42FF-B17B-C7200BBC4F3D}c:\\program files\\call of duty\\coduomp.exe"= UDP:c:\program files\call of duty\coduomp.exe:CoDUOMP
"UDP Query User{3BEFE36A-F0D5-41AD-94CD-E5D57CFF98FF}c:\\program files\\call of duty\\coduomp.exe"= TCP:c:\program files\call of duty\coduomp.exe:CoDUOMP
"TCP Query User{D57D9F88-4460-4D9D-BBBF-ECF2F1CF106E}c:\\program files\\java\\jre1.6.0_07\\bin\\javaw.exe"= UDP:c:\program files\java\jre1.6.0_07\bin\javaw.exe:Java(TM) Platform SE binary
"UDP Query User{84BAE6C7-47A6-4543-A477-A693D2145B67}c:\\program files\\java\\jre1.6.0_07\\bin\\javaw.exe"= TCP:c:\program files\java\jre1.6.0_07\bin\javaw.exe:Java(TM) Platform SE binary
"TCP Query User{E22D3B00-757C-4C0A-933D-69C5C9EFC728}c:\\program files\\java\\jre1.6.0_07\\bin\\java.exe"= UDP:c:\program files\java\jre1.6.0_07\bin\java.exe:Java(TM) Platform SE binary
"UDP Query User{E62B0C27-247A-4130-8304-53EE0D513F36}c:\\program files\\java\\jre1.6.0_07\\bin\\java.exe"= TCP:c:\program files\java\jre1.6.0_07\bin\java.exe:Java(TM) Platform SE binary
"TCP Query User{6E1C0219-2644-40E0-8688-DB09985459A1}c:\\program files\\msn backup\\msnbackup.exe"= UDP:c:\program files\msn backup\msnbackup.exe:MSN BackUp
"UDP Query User{93AAC2A2-78F3-4F31-A5FD-71B1E3593109}c:\\program files\\msn backup\\msnbackup.exe"= TCP:c:\program files\msn backup\msnbackup.exe:MSN BackUp
"TCP Query User{0766D21E-E612-4ACD-A225-1590E966A12D}c:\\program files\\filecroc\\filecroc.exe"= UDP:c:\program files\filecroc\filecroc.exe:FileCroc
"UDP Query User{22BD09A6-9B86-4933-9EB6-7FA34EB893D9}c:\\program files\\filecroc\\filecroc.exe"= TCP:c:\program files\filecroc\filecroc.exe:FileCroc
"TCP Query User{5D435DD4-4A10-4C83-8E8C-9B22E1B4640B}c:\\program files\\secondlife\\slvoice.exe"= UDP:c:\program files\secondlife\slvoice.exe:SLVoice
"UDP Query User{D5F21236-6747-44F6-8453-709A2F7E5466}c:\\program files\\secondlife\\slvoice.exe"= TCP:c:\program files\secondlife\slvoice.exe:SLVoice
"TCP Query User{E82F953F-0FF4-4DDE-89E2-E99FC83EE592}c:\\users\\josé\\downloads\\peke23c_i maskate_pf\\th4_www.programasfull.net\\peke23c\\ga me\\skate4.exe"= UDP:c:\users\josé\downloads\peke23c_imaskate_pf\th 4_www.programasfull.net\peke23c\game\skate4.exe:sk ate4.exe
"UDP Query User{687DA2C4-6896-4337-ABE0-82C351E52840}c:\\users\\josé\\downloads\\peke23c_i maskate_pf\\th4_www.programasfull.net\\peke23c\\ga me\\skate4.exe"= TCP:c:\users\josé\downloads\peke23c_imaskate_pf\th 4_www.programasfull.net\peke23c\game\skate4.exe:sk ate4.exe
"TCP Query User{8605D970-D220-4F5F-B0B9-836F9241BBBA}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{9A3EB428-7664-40B5-A1DF-4464D4BE2D41}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
"{5E7D35EB-2CA7-4E0B-8C21-4881A6211058}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{413C5C2B-A99D-46CE-8AEA-50A8E99574CA}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"TCP Query User{89981DA9-09F9-4388-A3EF-83CEB1BA131A}c:\\program files\\ares\\ares.exe"= UDP:c:\program files\ares\ares.exe:Ares p2p for windows
"UDP Query User{D078E9A4-9480-4361-995A-848402C1E93A}c:\\program files\\ares\\ares.exe"= TCP:c:\program files\ares\ares.exe:Ares p2p for windows
"{76732351-8277-4DC3-A9D1-DCAB5FFE1BC2}"= UDP:c:\programdata\NexonUS\NGM\NGM.exe:Nexon Game Manager
"{08C9934C-D12E-4E91-B546-033E35F6A60E}"= TCP:c:\programdata\NexonUS\NGM\NGM.exe:Nexon Game Manager
"{5A4C5543-87AD-45A5-8E05-F0EC072B6BAD}"= UDP:c:\nexon\Combat Arms\NMService.exe:Nexon Messenger Core
"{907A4F9F-0C25-4263-B331-64E3E652E943}"= TCP:c:\nexon\Combat Arms\NMService.exe:Nexon Messenger Core
"TCP Query User{8320F511-57E1-4F98-B2EA-2A997D8423B9}c:\\program files\\thq\\mx vs atv unleashed\\mxvsatv.exe"= UDP:c:\program files\thq\mx vs atv unleashed\mxvsatv.exe:MXvsATV
"UDP Query User{400787E1-963D-42FF-872A-6DF73AEF83D0}c:\\program files\\thq\\mx vs atv unleashed\\mxvsatv.exe"= TCP:c:\program files\thq\mx vs atv unleashed\mxvsatv.exe:MXvsATV
"{0C72B8D9-A97E-4BCF-BF03-E39A67231555}"= UDP:c:\program files\Microsoft Games\Halo\halo.exe:Halo
"{7EFD8610-C9CB-411A-A35F-8A118F149880}"= TCP:c:\program files\Microsoft Games\Halo\halo.exe:Halo
"{E3876B6A-BFF7-4DCB-8A6B-5D2164EAC4B2}"= UDP:c:\program files\Winamp Remote\bin\Orb.exe:Orb
"{C5BCE223-543C-419D-8692-A95F61FED3DD}"= TCP:c:\program files\Winamp Remote\bin\Orb.exe:Orb
"{6B5FF7E0-BEA0-4EAE-840B-CE71A07DED96}"= UDP:c:\program files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{EBB79A3D-800C-401E-AC8E-5FC73DA75EC0}"= TCP:c:\program files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{09028FB6-65A9-4E50-82DD-BC4D323F6AB9}"= UDP:c:\program files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"{96E7CA08-D111-4573-8E31-8969A14CCDE1}"= TCP:c:\program files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\PublicProfile]
"EnableFirewall"= 0 (0x0)

R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\System32\drivers\klim6.sys [2007-10-16 20496]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2008-05-28 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2008-05-28 55024]
S3 BthAvrcp;Perfil AVRCP Bluetooth;c:\windows\System32\drivers\BthAvrcp.sys [2007-08-24 15872]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2008-05-28 7408]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2008-10-14 356920]
S3 SNP325;USB PC Camera (SNPSTD325);c:\windows\System32\drivers\snp325.sys [2008-09-11 10343168]
S4 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-18 809296]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{6c92f3a5-4a6c-11dd-8eb5-001b245f4b2c}]
\shell\AutoRun\command - E:\setup.exe /autorun
\shell\directx\command - e:\directx\dxsetup.exe
\shell\setup\command - E:\setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{91518fdf-a128-11dd-878d-001b241c24cc}]
\shell\AutoRun\command - F:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{91518fe2-a128-11dd-878d-001b241c24cc}]
\shell\AutoRun\command - F:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{a2e968cf-6a45-11dd-83cb-001b245f4b2c}]
\shell\AutoRun\command - jjcx.com
\shell\explore\Command - jjcx.com
\shell\open\Command - jjcx.com

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{b758481d-5ba8-11dd-9f67-001b245f4b2c}]
\shell\AutoRun\command - F:\xn1i9x.com
\shell\explore\Command - F:\xn1i9x.com
\shell\open\Command - F:\xn1i9x.com

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{c66d97cb-47e6-11dd-8c9f-001b245f4b2c}]
\shell\Auto\Command - winglogon.exe
\shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL winglogon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Common Files\LightScribe\LSRunOnce.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7070D8E0-650A-46b3-B03C-9497582E6A74}]
%SystemRoot%\system32\soundschemes.exe /AddRegistration

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B3688A53-AB2A-4b1d-8CEF-8F93D8C51C24}]
%SystemRoot%\system32\soundschemes2.exe /AddRegistration
.
Contents of the 'Scheduled Tasks' folder

2009-01-20 c:\windows\Tasks\Mantenimiento con 1 clic.job
- c:\program files\TuneUp Utilities 2008\OneClick.exe [2008-02-04 16:05]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = *.local
IE: &Winamp Search - c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: E&xportar a Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Save Image To humyo.com
IE: Save Target To humyo.com
FF - ProfilePath - c:\users\José\AppData\Roaming\Mozilla\Firefox\Prof iles\glrpuwyf.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.startup.homepage - hxxp://cl.msn.com/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=utf-8&fr=megaup&p=
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1368.5602\npCIDetect13.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\programdata\NexonUS\NGM\npNxGameUS.dll

---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.notify.interval - 600000
FF - user.js: content.switch.threshold - 1000000
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: network.http.max-connections-per-server - 8
.

************************************************** ************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-20 01:19:26
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

************************************************** ************************
.
Completion time: 2009-01-20 1:22:33
ComboFix-quarantined-files.txt 2009-01-20 04:22:30
ComboFix2.txt 2009-01-19 21:34:49
ComboFix3.txt 2009-01-18 15:25:53

Pre-Run: 31.431.303.168 bytes libres
Post-Run: 31,402,319,872 bytes libres

430 --- E O F --- 2009-01-19 03:16:13
Responder Con Cita
  post #8  
Antiguo 20/01/09, 00:36:00
Avatar de Angel Doze
Warrior
  
Registrado: feb 2007
Ubicación: Mexico
Mensajes: 5.708
Re: no puedo actualizar ni instalar antivirus ni anti spyware
Para terminar solo quedaría desinstalar CF de la siguiente manera:
  • Ir a Inicio > Ejecutar
  • Escribir lo siguiente: ComboFix /u como muestra la imagen debajo:
  • Esto activara el desinstalador de ComboFix abriendo su pantalla principal y luego de unos segundos veras ("ComboFix is uninstalled")

Cita:
Para evitar este tipo de infecciones te recomiendo usar un navegador mas seguro como Firefox
  • Copia y pega lo siguiente en Un block de notas:

  • Guardelo con el Nombre de Fix.Reg y ejecutelo.

Comentándonos como esta funcionado todo actualmente?


Salu2!
Me cuentas

Novedades del Foro | Antivirus Online | Eliminar Malwares | Políticas del Foro | Blog

* Ayúdanos haciendo una DONACIÓN para poder seguir Ayudando.
* Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
* No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.
Última edición por Angel Doze fecha: 21/01/09 a las 22:14:09.
Responder Con Cita
  post #9  
Antiguo 21/01/09, 21:26:09
Usuario
  
Registrado: dic 2007
Ubicación: chile
Mensajes: 11
Re: no puedo actualizar ni instalar antivirus ni anti spyware
ok. todo a quedado muy bien ahora hasta me aparece la ventana "hoy" del msn que se me habia perdido
muchas gracias y todo muy bien explicado paso a paso para los que no entendemos mucho se agradece un monton
Responder Con Cita
Respuesta

« Tema Anterior | Próximo Tema »
Herramientas

Reglas del foro
No puedes crear nuevos temas
No puedes responder temas
No puedes subir adjuntos
No puedes editar tus mensajes
BB code is activado
Las caritas están activado
Código [IMG] está activado
Código HTML está desactivado
Trackbacks are desactivado
Pingbacks are activado
Refbacks are activado

Temas Similares
Tema Autor Foro Respuestas Último mensaje
mi pc está lentísima. fíjense este log heindke Foro de Virus y Spywares 6 05/08/08 03:15:57
Eliminar virus de mi pc y.. (Solucionado) kreisy Temas Solucionados 12 16/03/08 13:23:32
Infostealer! (Solucionado) jacis84 Temas Solucionados 36 16/07/07 23:55:50
Problemas con spywares y demas (formateado) RoblesN70 Temas Solucionados 5 26/10/06 09:00:34
Listado de Falsos Antivirus / Falsos Antispywares / "Rogue" (Actualizado al 01/9/09) ElPiedra Herramientas Anti-Malwares 0 12/01/05 20:09:19




Todas las horas son GMT -4. La hora es 15:59:14.

Sobre Infospyware - Contáctanos - Políticas del Foro - Staff - Archivo - Blog  

Powered by: InfoSpyware, Versión 3.8.4
Copyright © 2004 - 2009, ForoSpyware.com
© Copyright 2005 - 2009 InfoSpyware ® Todos los derechos reservados.
InfoSpyware es miembro de ASAP - Alliance of Security Analysis Professionals

 

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31