Foro de InfoSpyware - Foro de Hijackthis - Foro de Virus

Hola, es que hace una semana mi computador esta demaciado extraño, no puedo hacer tildes, al iniciar y abrir programas esta muy lento el computador y tengo el firewall de nod32 activado y el windows me dice que no tengo ningun firewall activado, lei en un foro que hay que quitar
F2 - REG:system.ini: UserInit=C:\WINDOWS\SYSTEM32\Userinit.exe,C:\WINDO WS\system32\sdra64.exe,

y pasar ccleaner, ya lo hice y sirvio lo de la tilde, pero en el informe de hijack sigue saliendo, y el computador sigue lento y con el problema del firewall. aca les pongo mi hijack a ver que tengo que borrar de mi computador

Este es mi hijack

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:26:45 p.m., on 08/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\WINDOWS\system32\hkcmd.exe
C:\xampp\mysql\bin\mysqld.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\ehome\RMSvc.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\vmnat.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\WINDOWS\ehome\RMSysTry.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\TimeLeft3\TimeLeft.exe
C:\WINDOWS\system32\vmnetdhcp.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sony-latin.com/vaio/info
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.sony-latin.com/vaio/info
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
F2 - REG:system.ini: UserInit=C:\WINDOWS\SYSTEM32\Userinit.exe,C:\WINDO WS\system32\sdra64.exe,
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SonyPowerCfg] "C:\Program Files\Sony\VAIO Power Management\SPMgr.exe"
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
O4 - HKLM\..\Run: [VAIOCameraUtility] "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - .DEFAULT User Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (User 'Default user')
O4 - Startup: TimeLeft.lnk = C:\Program Files\TimeLeft3\TimeLeft.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Monitor de recursos de Extender.lnk = C:\WINDOWS\ehome\RMSysTry.exe
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: Add to TimeLeft Auction Watch - {21196042-830F-419f-A594-F9D456A6C29A} - C:\Program Files\TimeLeft3\TLIntergIE.html
O9 - Extra 'Tools' menuitem: Add to TimeLeft Auction Watch - {21196042-830F-419f-A594-F9D456A6C29A} - C:\Program Files\TimeLeft3\TLIntergIE.html
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\vmware\vmware workstation\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\vmware\vmware workstation\vsocklib.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.sony-latin.com/vaio/info
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {15075194-6A1F-4F5A-8182-0FA84851E571} (GCCenterLauncherControl Control) - http://juegos.etb.net.co/GCCenter/GCCenterLauncher.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1245880525687
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1246020752062
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: mysql - Unknown owner - C:\xampp\mysql\bin\mysqld.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardware ResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

--
End of file - 13772 bytes



Muchas gracias.
Suripantho

Hola suripantho


Descarga lo siguiente:

º CCLEANER. Lo instalas según Su Manual

º MALWAREBYTE´S. Lo instalas y actualizas según su manual, PERO NO LO EJECUTES AUN

º ComboFix.exe y guárdalo en el escritorio.


Cierra todos los programas, ejecutas HijackThis , tildas las casillas de estas entradas y presionas "FIX Cheked"


F2 - REG:system.ini: UserInit=C:\WINDOWS\SYSTEM32\Userinit.exe,C:\WINDO WS\system32\sdra64.exe,




Ejecuta ComboFix.exe

• Desactiva temporalmente el Antivirus y/o Antispyware.
• Cierra todas las ventanas abiertas.
• Hacele doble clic al archivo ComboFix.exe y seguí las instrucciones.
• Cuando termine, generara un registro en C:\ComboFix.txt.
  • *Nota* Mientras CF este trabajando no mover el mouse ya que pararía su proceso.
  • *Nota* ComboFix puede reiniciar automáticamente el PC para completar el proceso de eliminación.

• Reinicia y pega el reporte de C:\ComboFix.txt en este mismo mensaje.

En tu próxima respuesta, debes poner lo siguiente:

º El reporte de malwarebyte´s, que se encuentra en su pestaña REGISTROS
º El reporte de ComboFix
º Un nuevo log de Hijackthis
º Como funciona tu pc ahora


Saludos

Reporte malwarebyte:

Malwarebytes' Anti-Malware 1.41
Versión de la Base de Datos: 2925
Windows 5.1.2600 Service Pack 3

08/10/2009 02:41:26 p.m.
mbam-log-2009-10-08 (14-41-26).txt

Tipo de examen : Examen Completo (C:\|)
Objetos examinados: 301188
Tiempo transcurrido: 1 hour(s), 9 minute(s), 33 second(s)

Procesos en Memoria Infectados: 0
Módulos en Memoria Infectados: 0
Claves del Registro Infectadas: 6
Valores del Registro Infectados: 1
Elementos de Datos del Registro Infectados: 0
Carpetas Infectadas: 0
Ficheros Infectados: 0

Procesos en Memoria Infectados:
(No se han detectado elementos maliciosos)

Módulos en Memoria Infectados:
(No se han detectado elementos maliciosos)

Claves del Registro Infectadas:
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\Cur rentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\Cur rentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\Cur rentVersion\Explorer\{494e6cec-7483-a4ee-0938-895519a84bc7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explo rer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explo rer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explo rer\{494e6cec-7483-a4ee-0938-895519a84bc7} (Backdoor.Bot) -> Quarantined and deleted successfully.

Valores del Registro Infectados:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\UID (Malware.Trace) -> Quarantined and deleted successfully.

Elementos de Datos del Registro Infectados:
(No se han detectado elementos maliciosos)

Carpetas Infectadas:
(No se han detectado elementos maliciosos)

Ficheros Infectados:
(No se han detectado elementos maliciosos)




Reporte ComboFix:


ComboFix 09-10-07.05 - David Ricardo 08/10/2009 14:46.1.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.52.1033.18.2038.1396 [GMT -5:00]
Running from: c:\documents and settings\David Ricardo\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Mx One
c:\program files\Mx One\info.ini
c:\program files\Mx One\mog.exe
c:\program files\Mx One\mxone.ini
c:\program files\Mx One\Uninstall.exe
c:\program files\Mx One\Uninstall.ini
c:\program files\Mx One\update.exe
c:\recycler\S-1-5-21-1454471165-308236825-839522115-500
c:\recycler\S-1-5-21-2437918187-1887112999-1826023952-500
c:\recycler\S-1-5-21-3079259098-3256628864-759339615-500
c:\recycler\S-1-5-21-3464858234-1278005424-2371458544-500
c:\recycler\S-1-5-21-539000377-4251804342-4226135037-500
c:\windows\Installer\WinRMSrv.msi
c:\windows\setup.exe
c:\windows\wpd99.drv

.
((((((((((((((((((((((((( Files Created from 2009-09-08 to 2009-10-08 )))))))))))))))))))))))))))))))
.

2009-10-08 16:50 . 2009-10-08 16:50 -------- d-----w- c:\documents and settings\David Ricardo\Application Data\Malwarebytes
2009-10-08 16:50 . 2009-09-10 19:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-08 16:50 . 2009-10-08 16:50 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-10-08 16:50 . 2009-10-08 16:50 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-08 16:50 . 2009-09-10 19:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-08 16:24 . 2009-10-08 16:24 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-10-08 16:24 . 2009-10-08 16:24 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-10-08 16:24 . 2009-10-08 16:24 -------- d-----w- c:\documents and settings\David Ricardo\Application Data\SUPERAntiSpyware.com
2009-10-04 02:47 . 2009-10-04 02:47 -------- d--h--w- c:\windows\system32\GroupPolicy
2009-10-04 02:36 . 2008-04-15 15:17 295424 -c----w- c:\windows\system32\dllcache\termsrv.dll
2009-10-04 02:01 . 2008-04-13 18:45 60032 -c--a-w- c:\windows\system32\dllcache\usbaudio.sys
2009-10-04 02:01 . 2008-04-13 18:45 60032 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys
2009-10-04 02:00 . 2008-04-13 18:45 32128 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2009-10-04 02:00 . 2008-04-13 18:45 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2009-10-04 01:20 . 2009-10-04 01:20 -------- d-----w- c:\program files\KaraokeDX
2009-10-03 14:25 . 2009-10-03 14:25 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCach e
2009-10-01 20:54 . 2009-10-01 20:54 -------- d-----w- c:\program files\TimeLeft3
2009-10-01 20:54 . 2009-10-01 20:54 -------- d-----w- c:\documents and settings\David Ricardo\Application Data\NesterSoft
2009-10-01 16:20 . 2009-10-01 16:20 -------- d-----w- c:\program files\SystemRequirementsLab
2009-10-01 16:19 . 2009-10-01 16:19 -------- d-----w- c:\documents and settings\David Ricardo\Application Data\SystemRequirementsLab
2009-09-28 21:36 . 2009-09-28 21:42 -------- d-----w- c:\documents and settings\All Users\Application Data\PowerDesigner 12
2009-09-28 21:36 . 2009-09-28 21:36 -------- d-----w- c:\program files\Sybase
2009-09-28 14:58 . 2009-09-28 14:58 -------- d-----w- c:\program files\iPod
2009-09-28 14:57 . 2009-09-28 14:59 -------- d-----w- c:\program files\iTunes
2009-09-28 14:57 . 2009-09-28 14:59 -------- d-----w- c:\documents and settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-09-28 14:54 . 2009-09-28 14:55 -------- d-----w- c:\program files\QuickTime
2009-09-28 14:41 . 2009-09-28 14:41 -------- d-----w- c:\program files\Utilidad Configuración iPhone
2009-09-28 14:40 . 2009-09-28 14:41 -------- d-----w- c:\program files\Safari
2009-09-23 13:52 . 2009-09-23 13:52 -------- d-----w- c:\program files\Trend Micro
2009-09-22 18:13 . 2009-09-22 18:13 -------- d-----w- c:\documents and settings\David Ricardo\Application Data\Nokia Multimedia Player
2009-09-18 17:10 . 2009-09-18 17:10 -------- d-----w- c:\program files\Common Files\xing shared
2009-09-18 17:09 . 2009-09-18 17:09 -------- d-----w- c:\program files\Real
2009-09-18 17:09 . 2009-09-18 17:10 -------- d-----w- c:\program files\Common Files\Real
2009-09-08 22:20 . 2009-09-08 22:20 -------- d-----w- c:\documents and settings\David Ricardo\Local Settings\Application Data\ESET
2009-09-08 22:12 . 2009-06-21 21:44 153088 -c----w- c:\windows\system32\dllcache\triedit.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2009-10-08 17:20 . 2009-09-04 03:57 -------- d-----w- c:\documents and settings\All Users\Application Data\VMware
2009-10-08 17:20 . 2009-09-04 04:03 -------- d-----w- c:\documents and settings\LocalService\Application Data\VMware
2009-10-08 16:24 . 2009-07-26 22:35 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-10-05 13:59 . 2009-08-12 13:41 -------- d-----w- c:\documents and settings\David Ricardo\Application Data\PC Suite
2009-10-04 05:02 . 2009-10-04 05:02 127 ----a-w- c:\documents and settings\MCX1\Local Settings\Application Data\fusioncache.dat
2009-10-04 04:56 . 2009-06-27 17:58 73744 ----a-w- c:\documents and settings\David Ricardo\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-09-29 19:52 . 2009-06-27 21:07 -------- d-----w- c:\program files\Microsoft
2009-09-28 21:38 . 2006-08-25 02:22 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-09-28 16:51 . 2009-06-26 22:25 41324 ---ha-w- c:\windows\system32\mlfcache.dat
2009-09-28 16:51 . 2009-09-03 11:40 -------- d-----w- c:\documents and settings\David Ricardo\Application Data\Apple Computer
2009-09-28 14:58 . 2009-09-03 11:37 -------- d-----w- c:\program files\Common Files\Apple
2009-09-25 01:15 . 2009-06-30 20:24 -------- d-----w- c:\program files\UlisesSoft
2009-09-15 12:56 . 2009-09-07 21:06 -------- d-----w- c:\program files\FreeCap
2009-09-10 17:52 . 2009-09-02 16:37 -------- d-----w- c:\program files\JUDE-Community
2009-09-09 04:19 . 2009-06-27 17:58 -------- d-----w- c:\program files\Microsoft Silverlight
2009-09-09 04:15 . 2009-06-24 20:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-09-07 21:06 . 2009-09-07 21:06 -------- d-----w- c:\program files\Your Freedom
2009-09-04 15:15 . 2009-09-04 13:27 -------- d-----w- c:\documents and settings\David Ricardo\Application Data\VMware
2009-09-04 15:11 . 2009-07-15 19:51 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2009-09-04 03:56 . 2009-09-04 03:56 -------- d-----w- c:\program files\VMware
2009-09-03 16:44 . 2009-09-03 16:44 195264 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2009-09-03 11:40 . 2009-09-03 11:39 -------- d-----w- c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-09-03 11:39 . 2009-09-03 11:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-09-03 11:39 . 2009-09-03 11:39 -------- d-----w- c:\program files\Bonjour
2009-09-03 11:38 . 2009-09-03 11:38 -------- d-----w- c:\program files\Apple Software Update
2009-09-03 11:37 . 2009-09-03 11:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2009-09-01 21:55 . 2009-09-01 21:55 -------- d-----w- c:\program files\PowerISO
2009-08-29 00:42 . 2009-09-03 11:37 40448 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2009-08-29 00:42 . 2009-09-03 11:37 2065696 ----a-w- c:\windows\system32\usbaaplrc.dll
2009-08-26 18:29 . 2009-07-11 22:20 -------- d-----w- c:\program files\Microsoft Games
2009-08-22 00:14 . 2009-08-22 00:14 -------- d-----w- c:\program files\CCP
2009-08-22 00:14 . 2009-08-22 00:14 -------- d-----w- c:\documents and settings\All Users\Application Data\CCP
2009-08-19 14:53 . 2009-08-19 14:53 -------- d-----w- c:\documents and settings\David Ricardo\Application Data\Sonic
2009-08-19 14:53 . 2009-08-19 14:53 -------- d-----w- c:\documents and settings\David Ricardo\Application Data\Leadertech
2009-08-14 19:06 . 2009-08-14 19:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Nokia
2009-08-14 19:05 . 2009-08-12 13:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Installations
2009-08-14 19:03 . 2009-08-13 14:31 -------- d-----w- c:\program files\Common Files\Nokia
2009-08-14 19:03 . 2009-08-13 14:29 -------- d-----w- c:\program files\Nokia
2009-08-14 17:58 . 2009-08-14 17:58 -------- d-----w- c:\program files\Common Files\PCSuite
2009-08-13 19:36 . 2009-08-13 19:36 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDrive r_01_07_00.Wdf
2009-08-13 19:36 . 2009-08-13 19:36 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_user_01_07_00. Wdf
2009-08-13 19:35 . 2009-08-12 13:44 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Suite
2009-08-13 19:34 . 2009-08-12 13:42 -------- d-----w- c:\documents and settings\David Ricardo\Application Data\Nokia
2009-08-13 19:29 . 2009-08-13 19:29 -------- d-----w- c:\documents and settings\All Users\Application Data\NokiaMusic
2009-08-13 14:44 . 2009-08-13 14:44 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_010 07.Wdf
2009-08-13 14:44 . 2009-08-13 14:44 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_C oinstaller_Critical.Wdf
2009-08-13 14:31 . 2009-08-12 13:41 -------- d-----w- c:\program files\DIFX
2009-08-13 14:30 . 2009-08-13 14:30 -------- d-----w- c:\program files\PC Connectivity Solution
2009-08-13 02:09 . 2009-08-13 02:09 -------- d-----w- c:\program files\OpenTTD
2009-08-05 09:01 . 2006-08-25 01:43 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-07-27 02:43 . 2009-07-27 02:43 58908 ----a-w- c:\windows\system32\drivers\scdemu.sys
2009-07-26 21:44 . 2009-07-26 21:44 48448 ----a-w- c:\windows\system32\sirenacm.dll
2009-07-23 01:30 . 2009-07-23 01:30 4096 ----a-w- c:\windows\d3dx.dat
2009-07-22 16:38 . 2009-07-22 16:31 51716 ----a-w- c:\windows\system32\pdf995mon.dll
2009-07-22 16:38 . 2009-07-22 16:31 249856 ----a-w- c:\windows\system32\pdfmona.dll
2009-07-17 19:01 . 2006-08-25 01:43 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-13 15:08 . 2006-08-25 01:44 286720 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-12 22:50 . 2009-06-24 21:32 136 ----a-w- c:\documents and settings\David Ricardo\Local Settings\Application Data\fusioncache.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"SsAAD.exe"="c:\progra~1\Sony\SONICS~1\SsAAD.e xe" [2006-05-08 81920]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-09-15 1998576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2006-04-05 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-04-05 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2006-04-05 118784]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2004-11-18 118784]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"VAIO Recovery"="c:\windows\Sonysys\VAIO Recovery\PartSeal.exe" [2003-04-20 28672]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-06-24 136600]
"SonyPowerCfg"="c:\program files\Sony\VAIO Power Management\SPMgr.exe" [2006-06-28 217088]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2004-02-20 32768]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-05-08 7561216]
"Switcher.exe"="c:\program files\Sony\Wireless Switch Setting Utility\Switcher.exe" [2006-02-14 176128]
"VAIOCameraUtility"="c:\program files\Sony\VAIO Camera Utility\VCUServe.exe" [2005-12-01 69632]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-02-06 2021400]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-05 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-09-21 305440]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 1241088]

c:\documents and settings\Administrator\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-9-9 113664]

c:\documents and settings\MCX1\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-9-9 113664]

c:\documents and settings\David Ricardo\Start Menu\Programs\Startup\
TimeLeft.lnk - c:\program files\TimeLeft3\TimeLeft.exe [2009-10-1 2013880]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2006-2-3 1753088]
Monitor de recursos de Extender.lnk - c:\windows\ehome\RMSysTry.exe [2005-10-20 18432]

[hkey_local_machine\software\microsoft\windows\curr entversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 20:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2006-03-09 21:51 73728 ----a-w- c:\windows\system32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Inicio rápido de Adobe Reader.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Inicio rápido de Adobe Reader.lnk
backup=c:\windows\pss\Inicio rápido de Adobe Reader.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^David Ricardo^Start Menu^Programs^Startup^Adobe Gamma.lnk]
path=c:\documents and settings\David Ricardo\Start Menu\Programs\Startup\Adobe Gamma.lnk
backup=c:\windows\pss\Adobe Gamma.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WinVNC4"=2 (0x2)
"Tomcat5"=2 (0x2)
"Bonjour Service"=2 (0x2)
"Apple Mobile Device"=2 (0x2)
"AdobeActiveFileMonitor4.0"=2 (0x2)
"RegSrvc"=2 (0x2)
"iPod Service"=3 (0x3)

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Adobe\\Photoshop Elements 4.0\\AdobePhotoshopElementsMediaServer.exe"=
"c:\\Programas Sistemas\\eclipse\\eclipse.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\xampp\\apache\\bin\\apache.exe"=
"c:\\xampp\\MercuryMail\\mercury.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\CCP\\EVE\\bin\\ExeFile.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\VMware\\VMware Workstation\\vmware-authd.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\GloballyOpenPorts\List]
"6112:TCP"= 6112:TCP:blizzard
"3776:UDP"= 3776:UDP:Servicio de Media Center Extender
"3390:TCP"= 3390:TCP:Experiencia de Media Center remoto

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [06/02/2009 02:23 p.m. 106208]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfw tdir.sys [06/02/2009 02:24 p.m. 93336]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [15/09/2009 11:42 a.m. 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [15/09/2009 11:42 a.m. 74480]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [06/02/2009 02:23 p.m. 727720]
R2 MSSQL$VAIO_VEDB;MSSQL$VAIO_VEDB;c:\program files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe -sVAIO_VEDB --> c:\program files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe -sVAIO_VEDB [?]
R2 vmci;VMware vmci;c:\windows\system32\drivers\vmci.sys [26/03/2009 11:05 p.m. 54960]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [15/09/2009 11:42 a.m. 7408]
R3 SonyImgF;Sony Image Conversion Filter Driver;c:\windows\system32\drivers\SonyImgF.sys [24/08/2006 08:45 p.m. 30080]
R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21 sony.sys [24/08/2006 08:45 p.m. 226304]
S2 wlidsvc;Windows Live ID Sign-in Assistant;c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [30/03/2009 04:28 p.m. 1533808]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 SQLAgent$VAIO_VEDB;SQLAgent$VAIO_VEDB;c:\program files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlagent.EXE -i VAIO_VEDB --> c:\program files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlagent.EXE -i VAIO_VEDB [?]
S4 Tomcat5;Apache Tomcat;c:\program files\Apache Software Foundation\Tomcat 5.5\bin\tomcat5.exe [12/09/2006 10:11 a.m. 53248]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
QWAVE REG_MULTI_SZ QWAVE

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSe tup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-10-01 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 17:34]

2009-10-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2079616297-314472718-3498100029-1005Core.job
- c:\documents and settings\David Ricardo\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-08-20 16:22]

2009-10-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2079616297-314472718-3498100029-1005UA.job
- c:\documents and settings\David Ricardo\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-08-20 16:22]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.sony-latin.com/vaio/info
uInternet Connection Wizard,ShellNext = hxxp://www.sony-latin.com/vaio/info
uInternet Settings,ProxyOverride = *.local
IE: E&xportar a Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
IE: {{21196042-830F-419f-A594-F9D456A6C29A} - {21196042-830F-419f-A594-F9D456A6C29A} c:\program files\TimeLeft3\TLIntergIE.html - c:\program files\timeleft3\tlintergie.html\inprocserver32 does not exist!
LSP: c:\program files\VMware\VMware Workstation\vsocklib.dll
DPF: {15075194-6A1F-4F5A-8182-0FA84851E571} - hxxp://juegos.etb.net.co/GCCenter/GCCenterLauncher.cab
FF - ProfilePath - c:\documents and settings\David Ricardo\Application Data\Mozilla\Firefox\Profiles\qmi2xw1i.default\
FF - component: c:\program files\Real\RealPlayer\browserrecord\firefox\ext\co mponents\nprpffbrowserrecordext.dll
FF - plugin: c:\documents and settings\David Ricardo\Local Settings\Application Data\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHANS REMOVED - - - -

AddRemove-Mx One Guardian 3.8.0.2 - c:\program files\Mx One\Uninstall.exe
AddRemove-Nokia PC Suite - c:\documents and settings\All Users\Application Data\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Nokia_PC_Suite_6_84_10_3_US.exe



************************************************** ************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-08 14:52
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

************************************************** ************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\n pggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1268)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\WININET.dll
c:\windows\system32\VESWinlogon.dll
.
Completion time: 2009-10-08 14:54
ComboFix-quarantined-files.txt 2009-10-08 19:54

Pre-Run: 23.102.640.128 bytes free
Post-Run: 27.885.228.032 bytes libres

280 --- E O F --- 2009-09-09 04:18




Reporte Hijackthis:



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 03:17:28 p.m., on 08/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\xampp\mysql\bin\mysqld.exe
C:\WINDOWS\ehome\RMSvc.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\WINDOWS\system32\vmnat.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
C:\WINDOWS\ehome\RMSysTry.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\WINDOWS\system32\vmnetdhcp.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\PROGRA~1\COMMON~1\Nokia\MPLATF~1\NOKIAM~1.EXE
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclToBTSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Programas Sistemas\eclipse\eclipse.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sony-latin.com/vaio/info
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.sony-latin.com/vaio/info
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SonyPowerCfg] "C:\Program Files\Sony\VAIO Power Management\SPMgr.exe"
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
O4 - HKLM\..\Run: [VAIOCameraUtility] "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - .DEFAULT User Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (User 'Default user')
O4 - Startup: TimeLeft.lnk = C:\Program Files\TimeLeft3\TimeLeft.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Monitor de recursos de Extender.lnk = C:\WINDOWS\ehome\RMSysTry.exe
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: Add to TimeLeft Auction Watch - {21196042-830F-419f-A594-F9D456A6C29A} - C:\Program Files\TimeLeft3\TLIntergIE.html
O9 - Extra 'Tools' menuitem: Add to TimeLeft Auction Watch - {21196042-830F-419f-A594-F9D456A6C29A} - C:\Program Files\TimeLeft3\TLIntergIE.html
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\vmware\vmware workstation\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\vmware\vmware workstation\vsocklib.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.sony-latin.com/vaio/info
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {15075194-6A1F-4F5A-8182-0FA84851E571} (GCCenterLauncherControl Control) - http://juegos.etb.net.co/GCCenter/GCCenterLauncher.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1245880525687
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1246020752062
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: mysql - Unknown owner - C:\xampp\mysql\bin\mysqld.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardware ResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

--
End of file - 14219 bytes


El computador ya esta mas rapido aunque no lo siento todavia con la misma velocidad que tenia antes pero si mejoro mucho, el firewall del nod32 nada que me lo reconoce me sigue diciendo que no tengo ningun firewall activado, ya la tilde y el idioma del teclado esta funcionando perfecto.

Hola de nuevo

Desinstala CF de esta manera:

• Ve a Inicio > Ejecutar
• Escribe lo siguiente: ComboFix /u como muestra la imagen debajo:
  
  o
• Esto activara el desinstalador de ComboFix abriendo su pantalla principal y luego de unos segundos veras ("ComboFix is uninstalled")

Esto realizara las siguientes tareas:

• Se borraran:
  • ComboFix: sus archivos y carpetas.
  • VundoFix: copias de seguridad (si está presente)
  • La carpeta C:\Deckard (si está presente)
  • La carpeta C: _OtMoveIt (si está presente)
• Restablece la configuración del reloj.
• Ocultar extensiones de archivo (si es necesario.)
• Oculta los archivos que estaban ocultos
• Reactiva el "Restaurar Sistema"

Tendras que desinstalar por completo el ESET y volver a instalarlo. Para ello, puedes utilizar REVOUNINSTALLER. Lo instalas y ejecutas siguiendo Su Manual,
Buscas dentro de el al programa y lo desinstalas con todos sus componentes.



Nos comentas.

saludos