Thread: Brower Hijacked !! Auto closes browser and/or opens unsolicited pages. Virtumondo??
View Single Post
Old 11-04-2008, 01:57 PM   #1 (permalink)
maikelekiam
Registered User
 
Join Date: Sep 2006
Posts: 14
OS: xp


Brower Hijacked !! Auto closes browser and/or opens unsolicited pages. Virtumondo??
Any help will be much appreciated. I thing the problem is the virtumondo malware ... There is no way I can get rid of it... it keeps coming back.



Logfile of random's system information tool 1.04 (written by random/random)
Run by Administrador at 2008-11-04 21:47:33
Microsoft Windows XP Professional Service Pack 3
System drive C: has 15 GB (61%) free of 25 GB
Total RAM: 503 MB (43% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:47:48 PM, on 11/4/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Archivos de programa\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Archivos de programa\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Archivos de programa\Eset\nod32krn.exe
C:\Archivos de programa\CyberLink\Shared files\RichVideo.exe
C:\Archivos de programa\Analog Devices\SoundMAX\SMAgent.exe
C:\Archivos de programa\toshiba\TOSHIBA Applet\TAPPSRV.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Archivos de programa\Analog Devices\SoundMAX\SMax4PNP.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Archivos de programa\Toshiba\Toshiba Applet\thotkey.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Documents and Settings\Administrador\Escritorio\RSIT.exe
C:\Archivos de programa\trend micro\Administrador.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.windowsue.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: {4819de1c-bfd9-5f98-0654-0feda0ceab03} - {30baec0a-def0-4560-89f5-9dfbc1ed9184} - C:\WINDOWS\system32\fmxvfa.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARCHIV~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {54D37F27-3C8E-482E-99FC-D1B2AD555943} - C:\WINDOWS\system32\jkkLDuTm.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre1.5.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Archivos de programa\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O4 - HKLM\..\Run: [nod32kui] "C:\Archivos de programa\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Archivos de programa\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [THotkey] C:\Archivos de programa\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [64769aed] rundll32.exe "C:\WINDOWS\system32\dsbiryfw.dll",b
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_01] rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS\Cursors" (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_03] rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS\Srchasst" (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_04] rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS\msagent" (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_05] rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS\system32\Oobe" (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_06] rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS\Help\Tours" (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_07] rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS\Connection Wizard" (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_08] rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS\system32\NtmsData" (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_09] cmd.exe /c md "%SystemDrive%\WINDOWS\Temp" (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_10] rundll32 advpack.dll,DelNodeRunDLL32 "%SystemRoot%\System32\dllcache" (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_11] cmd.exe /c md "%SystemRoot%\System32\dllcache" (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_12] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_13] rundll32 advpack.dll,LaunchINFSection nlite.inf,nLiteReg (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_14] rundll32 advpack.dll,LaunchINFSection nlite.inf,S (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Servicio de red')
O4 - HKUS\S-1-5-20\..\RunOnce: [nlpo_01] rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS\Cursors" (User 'Servicio de red')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARCHIV~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARCHIV~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARCHIV~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3E963EE0-F698-40FA-8DE4-BBBC3D2D2899}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARCHIV~1\ARCHIV~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: jgqaho.dll ltmikd.dll fmxvfa.dll
O23 - Service: Indexing Service (CiSvc) - Unknown owner - C:\WINDOWS\system32\cisvc.exe (file missing)
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: Google Update Service (gupdate1c8e071a1913dc0) (gupdate1c8e071a1913dc0) - Google Inc. - C:\Archivos de programa\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Archivos de programa\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Archivos de programa\Archivos comunes\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Archivos de programa\Archivos comunes\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Archivos de programa\Eset\nod32krn.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Archivos de programa\Archivos comunes\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Archivos de programa\CyberLink\Shared files\RichVideo.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Archivos de programa\Archivos comunes\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Archivos de programa\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Archivos de programa\Archivos comunes\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Archivos de programa\Archivos comunes\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Archivos de programa\toshiba\TOSHIBA Applet\TAPPSRV.exe

--
End of file - 8746 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachine.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Archivos de programa\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-01-13 63128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30baec0a-def0-4560-89f5-9dfbc1ed9184}]
C:\WINDOWS\system32\fmxvfa.dll [2008-11-03 113152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\ARCHIV~1\SPYBOT~1\SDHelper.dll [2008-07-07 1562448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{54D37F27-3C8E-482E-99FC-D1B2AD555943}]
C:\WINDOWS\system32\jkkLDuTm.dll [2008-10-27 267776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Archivos de programa\Java\jre1.5.0_07\bin\ssv.dll [2006-05-03 434279]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Archivos de programa\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll [2008-10-31 652784]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"nod32kui"=C:\Archivos de programa\Eset\nod32kui.exe [2008-06-04 921600]
"SoundMAXPnP"=C:\Archivos de programa\Analog Devices\SoundMAX\SMax4PNP.exe [2004-10-14 1388544]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2004-10-08 155648]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2004-10-08 126976]
"THotkey"=C:\Archivos de programa\Toshiba\Toshiba Applet\thotkey.exe [2004-12-14 368640]
"64769aed"=C:\WINDOWS\system32\dsbiryfw.dll [2008-11-03 75776]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio
RAMASST.lnk - C:\WINDOWS\system32\RAMASST.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="jgqaho.dll ltmikd.dll fmxvfa.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2004-10-08 344064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2006-06-27 702768]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
C:\WINDOWS\system32\jkkLDuTm

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableStatusMessages"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoSMHelp"=1
"NoSMConfigurePrograms"=1
"NoSMMyPictures"=1
"NoResolveTrack"=1
"NoResolveSearch"=1
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceClassicControlPanel"=
"NoDriveTypeAutoRun"=
"NoDrives"=
"NoDriveAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Archivos de programa\Skype\Phone\Skype.exe"="C:\Archivos de programa\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Archivos de programa\Pando Networks\Pando\pando.exe"="C:\Archivos de programa\Pando Networks\Pando\pando.exe:*:Enabled:Pando Application"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Archivos de programa\Malwarebytes' Anti-Malware\mbam.exe"="C:\Archivos de programa\Malwarebytes' Anti-Malware\mbam.exe:*:Enabled:Malwarebytes' Anti-Malware"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9e6caec0-3340-11dd-ab62-963b1372dd69}]
shell\AutoRun\command - F:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9e6caec2-3340-11dd-ab62-963b1372dd69}]
shell\AutoRun\command - F:\AutoRun.exe


======List of files/folders created in the last 1 months======

2008-11-04 21:47:33 ----D---- C:\rsit
2008-11-04 21:36:58 ----A---- C:\WINDOWS\gmer.ini
2008-11-04 21:36:56 ----A---- C:\WINDOWS\gmer_uninstall.cmd
2008-11-04 21:36:55 ----A---- C:\WINDOWS\gmer.exe
2008-11-04 21:36:55 ----A---- C:\WINDOWS\gmer.dll
2008-11-04 21:22:51 ----D---- C:\WINDOWS\system32\appmgmt
2008-11-03 22:34:48 ----SH---- C:\WINDOWS\system32\wfyribsd.ini
2008-11-03 22:34:43 ----A---- C:\WINDOWS\system32\dsbiryfw.dll
2008-11-03 22:32:28 ----A---- C:\WINDOWS\system32\fmxvfa.dll
2008-11-03 22:32:28 ----A---- C:\WINDOWS\system32\egbxonrr.dll
2008-11-02 14:29:24 ----A---- C:\WINDOWS\system32\wdffpv.dll
2008-11-02 14:29:24 ----A---- C:\WINDOWS\system32\nkosawwn.dll
2008-11-02 14:27:15 ----SH---- C:\WINDOWS\system32\sootwuuc.ini
2008-11-01 11:31:53 ----SH---- C:\WINDOWS\system32\inmcvccj.ini
2008-11-01 11:29:34 ----A---- C:\WINDOWS\system32\pzxonv.dll
2008-11-01 11:29:34 ----A---- C:\WINDOWS\system32\fwgvxswc.dll
2008-10-31 08:20:48 ----SH---- C:\WINDOWS\system32\rsbhqlhl.ini
2008-10-31 08:18:30 ----A---- C:\WINDOWS\system32\qhxvti.dll
2008-10-31 08:18:29 ----A---- C:\WINDOWS\system32\islhurjm.dll
2008-10-30 23:17:56 ----SHD---- C:\RECYCLER
2008-10-30 21:28:18 ----SH---- C:\WINDOWS\system32\gulpmvsl.ini
2008-10-30 21:25:16 ----A---- C:\WINDOWS\system32\oqlyxf.dll
2008-10-30 21:25:16 ----A---- C:\WINDOWS\system32\exgswwwn.dll
2008-10-29 21:26:27 ----SH---- C:\WINDOWS\system32\ikjbpkhh.ini
2008-10-29 21:24:35 ----A---- C:\WINDOWS\system32\ltmikd.dll
2008-10-29 21:24:31 ----A---- C:\WINDOWS\system32\qwpyunwq.dll
2008-10-28 21:02:29 ----A---- C:\WINDOWS\system32\zzkntq.dll
2008-10-28 21:02:29 ----A---- C:\WINDOWS\system32\ohranuer.dll
2008-10-28 21:02:19 ----A---- C:\ComboFix.txt
2008-10-28 21:02:16 ----ASH---- C:\WINDOWS\system32\mTuDLkkj.ini2
2008-10-28 21:01:03 ----SH---- C:\WINDOWS\system32\rlxgaikj.ini
2008-10-28 20:59:14 ----ASH---- C:\WINDOWS\system32\mTuDLkkj.ini
2008-10-28 20:57:58 ----A---- C:\WINDOWS\PSEXESVC.EXE
2008-10-28 20:57:48 ----D---- C:\WINDOWS\temp
2008-10-28 20:42:03 ----A---- C:\WINDOWS\system32\djntzp.dll
2008-10-28 20:42:02 ----A---- C:\WINDOWS\system32\vscvswrh.dll
2008-10-28 20:34:48 ----A---- C:\WINDOWS\zip.exe
2008-10-28 20:34:48 ----A---- C:\WINDOWS\VFIND.exe
2008-10-28 20:34:48 ----A---- C:\WINDOWS\SWREG.exe
2008-10-28 20:34:48 ----A---- C:\WINDOWS\sed.exe
2008-10-28 20:34:48 ----A---- C:\WINDOWS\NIRCMD.exe
2008-10-28 20:34:48 ----A---- C:\WINDOWS\grep.exe
2008-10-28 20:34:48 ----A---- C:\WINDOWS\fdsv.exe
2008-10-28 20:34:47 ----A---- C:\WINDOWS\SWXCACLS.exe
2008-10-28 20:34:47 ----A---- C:\WINDOWS\SWSC.exe
2008-10-28 20:34:40 ----D---- C:\WINDOWS\ERDNT
2008-10-28 20:34:40 ----D---- C:\Qoobox
2008-10-28 20:14:12 ----A---- C:\WINDOWS\system32\jgqaho.dll
2008-10-28 20:14:11 ----A---- C:\WINDOWS\system32\sgnxfoif.dll
2008-10-27 20:05:02 ----A---- C:\WINDOWS\system32\jkkLDuTm.dll
2008-10-27 20:04:07 ----D---- C:\Archivos de programa\Trend Micro
2008-10-27 20:03:45 ----A---- C:\HJTInstall.exe
2008-10-12 12:25:45 ----D---- C:\Program Files
2008-10-12 10:29:17 ----D---- C:\Archivos de programa\EsetOnlineScanner
2008-10-12 09:44:51 ----D---- C:\Archivos de programa\Malwarebytes' Anti-Malware
2008-10-12 09:28:10 ----D---- C:\Documents and Settings\Administrador\Datos de programa\Malwarebytes
2008-10-12 09:27:56 ----D---- C:\Documents and Settings\All Users\Datos de programa\Malwarebytes
2008-10-11 20:22:33 ----A---- C:\WINDOWS\wininit.ini
2008-10-11 19:48:08 ----D---- C:\Documents and Settings\All Users\Datos de programa\Spybot - Search & Destroy
2008-10-11 19:48:08 ----D---- C:\Archivos de programa\Spybot - Search & Destroy
2008-10-10 23:36:56 ----A---- C:\WINDOWS\ntbtlog.txt
2008-10-10 13:36:16 ----A---- C:\WINDOWS\system32\6f555e93-.txt
2008-10-09 18:30:20 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-10-09 18:30:12 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-10-09 17:05:07 ----D---- C:\Archivos de programa\ScanSoft
2008-10-09 17:00:22 ----D---- C:\Archivos de programa\Microsoft AutoRoute
2008-10-07 20:44:04 ----D---- C:\WINDOWS\Prefetch
2008-10-07 20:43:54 ----D---- C:\WINDOWS\system32\xircom
2008-10-07 20:43:54 ----D---- C:\WINDOWS\system32\restore
2008-10-07 20:43:54 ----D---- C:\WINDOWS\srchasst
2008-10-07 20:43:54 ----D---- C:\Archivos de programa\xerox
2008-10-07 20:43:54 ----D---- C:\Archivos de programa\Archivos comunes\speechengines
2008-10-07 20:43:53 ----D---- C:\WINDOWS\msagent
2008-10-07 20:43:53 ----D---- C:\Archivos de programa\msn gaming zone
2008-10-07 20:43:53 ----D---- C:\Archivos de programa\microsoft frontpage
2008-10-07 20:32:30 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-10-07 20:32:23 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-10-07 20:32:16 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-10-07 20:32:10 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-10-07 20:32:04 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-10-07 20:31:59 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$
2008-10-07 20:31:51 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-10-07 20:31:44 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-10-07 20:31:39 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-10-07 20:31:27 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-10-07 20:27:16 ----D---- C:\Archivos de programa\Messenger
2008-10-07 20:26:55 ----D---- C:\WINDOWS\system32\oobe
2008-10-07 20:26:55 ----D---- C:\WINDOWS\l2schemas
2008-10-07 20:26:55 ----D---- C:\Archivos de programa\msn
2008-10-07 20:26:54 ----D---- C:\WINDOWS\system32\es
2008-10-07 20:26:54 ----D---- C:\WINDOWS\system32\bits
2008-10-07 20:26:53 ----D---- C:\Archivos de programa\movie maker
2008-10-07 20:23:20 ----D---- C:\WINDOWS\ServicePackFiles
2008-10-07 20:19:42 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-10-07 20:16:28 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-10-07 20:16:24 ----D---- C:\WINDOWS\EHome
2008-10-05 22:10:46 ----D---- C:\Archivos de programa\ElcomSoft
2008-10-05 21:58:43 ----A---- C:\WINDOWS\system32\BASSMOD.dll
2008-10-05 21:44:27 ----A---- C:\WINDOWS\winDecrypt.INI
2008-10-05 21:44:13 ----A---- C:\pdfinfo.ini
2008-10-05 21:42:24 ----A---- C:\WINDOWS\verypdf.ini
2008-10-05 21:41:39 ----D---- C:\Archivos de programa\PDF Password Remover v2.5
2008-10-05 20:04:34 ----N---- C:\WINDOWS\system32\wscsvc.dll
2008-10-05 20:04:34 ----N---- C:\WINDOWS\system32\wscntfy.exe
2008-10-05 20:04:33 ----N---- C:\WINDOWS\system32\wmphoto.dll
2008-10-05 20:04:30 ----N---- C:\WINDOWS\system32\wlanapi.dll
2008-10-05 20:04:28 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2008-10-05 20:04:28 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2008-10-05 20:04:14 ----N---- C:\WINDOWS\system32\tspkg.dll
2008-10-05 20:04:14 ----N---- C:\WINDOWS\system32\tsgqec.dll
2008-10-05 20:04:03 ----N---- C:\WINDOWS\system32\spupdwxp.exe
2008-10-05 20:04:01 ----A---- C:\WINDOWS\system32\spdwnwxp.exe
2008-10-05 20:04:00 ----N---- C:\WINDOWS\system32\slserv.exe
2008-10-05 20:04:00 ----N---- C:\WINDOWS\system32\slrundll.exe
2008-10-05 20:04:00 ----N---- C:\WINDOWS\slrundll.exe
2008-10-05 20:03:59 ----N---- C:\WINDOWS\system32\slgen.dll
2008-10-05 20:03:59 ----N---- C:\WINDOWS\system32\slextspk.dll
2008-10-05 20:03:59 ----N---- C:\WINDOWS\system32\slcoinst.dll
2008-10-05 20:03:56 ----N---- C:\WINDOWS\system32\setupn.exe
2008-10-05 20:03:53 ----N---- C:\WINDOWS\system32\s3gnb.dll
2008-10-05 20:03:51 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2008-10-05 20:03:49 ----N---- C:\WINDOWS\system32\rasqec.dll
2008-10-05 20:03:48 ----N---- C:\WINDOWS\system32\qutil.dll
2008-10-05 20:03:47 ----N---- C:\WINDOWS\system32\qcliprov.dll
2008-10-05 20:03:47 ----N---- C:\WINDOWS\system32\qagentrt.dll
2008-10-05 20:03:47 ----N---- C:\WINDOWS\system32\qagent.dll
2008-10-05 20:03:45 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2008-10-05 20:03:42 ----N---- C:\WINDOWS\system32\onex.dll
2008-10-05 20:03:39 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2008-10-05 20:03:32 ----N---- C:\WINDOWS\system32\napstat.exe
2008-10-05 20:03:32 ----N---- C:\WINDOWS\system32\napmontr.dll
2008-10-05 20:03:32 ----N---- C:\WINDOWS\system32\napipsec.dll
2008-10-05 20:03:31 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2008-10-05 20:03:30 ----N---- C:\WINDOWS\system32\msxml6r.dll
2008-10-05 20:03:30 ----N---- C:\WINDOWS\system32\msxml6.dll
2008-10-05 20:03:28 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2008-10-05 20:03:28 ----N---- C:\WINDOWS\system32\mssha.dll
2008-10-05 20:03:13 ----N---- C:\WINDOWS\system32\mmcperf.exe
2008-10-05 20:03:13 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2008-10-05 20:03:13 ----N---- C:\WINDOWS\system32\mmcex.dll
2008-10-05 20:03:13 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2008-10-05 20:03:10 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2008-10-05 20:02:59 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2008-10-05 20:02:58 ----N---- C:\WINDOWS\system32\kmsvc.dll
2008-10-05 20:02:58 ----N---- C:\WINDOWS\system32\kbdukx.dll
2008-10-05 20:02:58 ----N---- C:\WINDOWS\system32\kbdsmsno.dll
2008-10-05 20:02:58 ----N---- C:\WINDOWS\system32\kbdsmsfi.dll
2008-10-05 20:02:58 ----N---- C:\WINDOWS\system32\kbdpash.dll
2008-10-05 20:02:58 ----N---- C:\WINDOWS\system32\kbdno1.dll
2008-10-05 20:02:58 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2008-10-05 20:02:58 ----N---- C:\WINDOWS\system32\kbdmlt48.dll
2008-10-05 20:02:58 ----N---- C:\WINDOWS\system32\kbdmlt47.dll
2008-10-05 20:02:58 ----N---- C:\WINDOWS\system32\kbdmaori.dll
2008-10-05 20:02:57 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2008-10-05 20:02:57 ----N---- C:\WINDOWS\system32\kbdinmal.dll
2008-10-05 20:02:57 ----N---- C:\WINDOWS\system32\kbdinben.dll
2008-10-05 20:02:57 ----N---- C:\WINDOWS\system32\kbdinbe1.dll
2008-10-05 20:02:57 ----N---- C:\WINDOWS\system32\kbdfi1.dll
2008-10-05 20:02:57 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2008-10-05 20:02:52 ----N---- C:\WINDOWS\system32\smtpapi.dll
2008-10-05 20:02:51 ----N---- C:\WINDOWS\system32\rwnh.dll
2008-10-05 20:02:45 ----N---- C:\WINDOWS\system32\comsdupd.exe
2008-10-05 20:02:36 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2008-10-05 20:02:29 ----N---- C:\WINDOWS\system32\faxpatch.exe
2008-10-05 20:02:29 ----A---- C:\WINDOWS\002316_.tmp
2008-10-05 20:02:26 ----N---- C:\WINDOWS\system32\eapsvc.dll
2008-10-05 20:02:26 ----N---- C:\WINDOWS\system32\eapqec.dll
2008-10-05 20:02:26 ----N---- C:\WINDOWS\system32\eappprxy.dll
2008-10-05 20:02:26 ----N---- C:\WINDOWS\system32\eapphost.dll
2008-10-05 20:02:26 ----N---- C:\WINDOWS\system32\eappgnui.dll
2008-10-05 20:02:26 ----N---- C:\WINDOWS\system32\eappcfg.dll
2008-10-05 20:02:26 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2008-10-05 20:02:26 ----N---- C:\WINDOWS\system32\eapolqec.dll
2008-10-05 20:02:23 ----N---- C:\WINDOWS\system32\dot3ui.dll
2008-10-05 20:02:23 ----N---- C:\WINDOWS\system32\dot3svc.dll
2008-10-05 20:02:23 ----N---- C:\WINDOWS\system32\dot3msm.dll
2008-10-05 20:02:23 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2008-10-05 20:02:23 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2008-10-05 20:02:23 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2008-10-05 20:02:23 ----N---- C:\WINDOWS\system32\dot3api.dll
2008-10-05 20:02:21 ----N---- C:\WINDOWS\system32\dimsroam.dll
2008-10-05 20:02:21 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2008-10-05 20:02:20 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2008-10-05 20:02:17 ----N---- C:\WINDOWS\system32\credssp.dll
2008-10-05 20:02:08 ----N---- C:\WINDOWS\system32\blastcln.exe
2008-10-05 20:02:08 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2008-10-05 20:02:07 ----N---- C:\WINDOWS\system32\azroles.dll
2008-10-05 20:02:06 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2008-10-05 20:02:06 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2008-10-05 20:02:05 ----N---- C:\WINDOWS\system32\ati3duag.dll
2008-10-05 20:02:05 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2008-10-05 20:02:04 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2008-10-05 20:02:04 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2008-10-05 20:02:04 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2008-10-05 20:01:57 ----N---- C:\WINDOWS\system32\aaclient.dll

======List of files/folders modified in the last 1 months======

2008-11-04 21:36:58 ----D---- C:\WINDOWS
2008-11-04 21:36:56 ----D---- C:\WINDOWS\system32\drivers
2008-11-04 21:22:51 ----D---- C:\WINDOWS\system32
2008-11-04 21:22:50 ----SHD---- C:\WINDOWS\Installer
2008-11-04 21:22:43 ----D---- C:\Archivos de programa
2008-11-04 20:04:15 ----D---- C:\Archivos de programa\Mozilla Firefox
2008-11-04 12:13:16 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-11-03 22:38:46 ----D---- C:\Documents and Settings\All Users\Datos de programa\Google Updater
2008-10-28 21:01:31 ----D---- C:\WINDOWS\system32\CatRoot2
2008-10-28 20:59:43 ----A---- C:\WINDOWS\system.ini
2008-10-28 20:58:12 ----D---- C:\WINDOWS\system32\config
2008-10-28 20:57:14 ----D---- C:\WINDOWS\AppPatch
2008-10-28 20:57:14 ----D---- C:\Archivos de programa\Archivos comunes
2008-10-28 20:36:31 ----D---- C:\Archivos de programa\Eset
2008-10-27 20:14:35 ----SD---- C:\WINDOWS\Tasks
2008-10-27 20:01:55 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-10-12 10:29:09 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-10-12 09:14:30 ----D---- C:\WINDOWS\Debug
2008-10-12 09:10:22 ----D---- C:\Archivos de programa\Google
2008-10-10 23:38:17 ----A---- C:\WINDOWS\DUMP6d24.tmp
2008-10-10 23:37:29 ----A---- C:\WINDOWS\DUMP2334.tmp
2008-10-10 23:36:54 ----A---- C:\WINDOWS\DUMP3407.tmp
2008-10-10 22:49:27 ----SD---- C:\Documents and Settings\Administrador\Datos de programa\Microsoft
2008-10-10 22:11:19 ----D---- C:\Documents and Settings\Administrador\Datos de programa\uTorrent
2008-10-09 18:30:21 ----HD---- C:\WINDOWS\inf
2008-10-09 18:30:19 ----HD---- C:\WINDOWS\$hf_mig$
2008-10-09 18:30:14 ----D---- C:\WINDOWS\system32\DllCache
2008-10-09 17:01:45 ----RSD---- C:\WINDOWS\Fonts
2008-10-07 20:43:54 ----D---- C:\WINDOWS\system32\wbem
2008-10-07 20:43:54 ----D---- C:\WINDOWS\ime
2008-10-07 20:43:54 ----D---- C:\WINDOWS\Help
2008-10-07 20:43:54 ----D---- C:\Archivos de programa\Windows NT
2008-10-07 20:43:54 ----D---- C:\Archivos de programa\Internet Explorer
2008-10-07 20:43:54 ----D---- C:\Archivos de programa\Archivos comunes\Microsoft Shared
2008-10-07 20:43:42 ----D---- C:\WINDOWS\system32\Setup
2008-10-07 20:43:17 ----D---- C:\WINDOWS\security
2008-10-07 20:32:31 ----D---- C:\WINDOWS\system32\CatRoot
2008-10-07 20:27:26 ----D---- C:\WINDOWS\WinSxS
2008-10-07 20:27:14 ----D---- C:\WINDOWS\system32\inetsrv
2008-10-07 20:27:14 ----D---- C:\WINDOWS\network diagnostic
2008-10-07 20:26:59 ----D---- C:\WINDOWS\system32\usmt
2008-10-07 20:26:59 ----D---- C:\WINDOWS\system32\es-es
2008-10-07 20:26:54 ----D---- C:\WINDOWS\PeerNet
2008-10-07 20:23:04 ----D---- C:\WINDOWS\system32\npp
2008-10-07 20:23:03 ----D---- C:\Archivos de programa\NetMeeting
2008-10-07 20:23:02 ----D---- C:\WINDOWS\system32\Com
2008-10-07 20:23:00 ----D---- C:\Archivos de programa\Windows Media Player
2008-10-07 20:22:59 ----D---- C:\Archivos de programa\Outlook Express
2008-10-07 20:22:56 ----D---- C:\Archivos de programa\Archivos comunes\System
2008-10-07 20:22:40 ----D---- C:\WINDOWS\system

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Controlador de procesador Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 meiudf;meiudf; C:\WINDOWS\System32\Drivers\meiudf.sys [2005-02-24 102320]
R1 WS2IFSL;Entorno de compatibilidad con proveedores de servicios no IFS de Windows Socket 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-24 12032]
R2 AMON;AMON; \??\C:\WINDOWS\system32\drivers\amon.sys []
R2 TBiosDrv;TBiosDrv; \??\C:\WINDOWS\system32\drivers\TBiosDrv.sys []
R2 windrvNT;windrvNT; \??\C:\WINDOWS\system32\windrvNT.sys []
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2004-10-06 129280]
R3 CmBatt;Controlador de batería de método de control ACPI de Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 HidUsb;Controlador de clases HID de Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2004-10-08 752093]
R3 mouhid;Controlador HID de mouse; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-22 12416]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2004-09-01 259648]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2004-09-13 146304]
R3 TVALD;Toshiba Mobile PC Service; C:\WINDOWS\system32\DRIVERS\NBSMI.sys [2004-07-26 4352]
R3 Tvs;Toshiba Virtual Sound with SRS technologies; C:\WINDOWS\system32\DRIVERS\Tvs.sys [2004-11-12 29056]
R3 usbehci;Controlador minipuerto de la controladora mejorada USB 2.0 de Microsoft; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrador habilitado USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Controlador minipuerto de la controladora de host universal USB de Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2005-03-30 230400]
S3 Arp1394;Protocolo de cliente ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 gmer;gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys [2008-11-04 85969]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys []
S3 iscFlash;iscFlash; \??\C:\WINDOWS\Temp\isc10tmp\iscflash.sys []
S3 mpr_freader;MPR FileReader Driver; \??\C:\Archivos de programa\Multi Password Recovery\mpr_freader.sys []
S3 NIC1394;Controlador de red 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 sffdisk;Controlador de clase de almacenamiento SFF; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-13 11904]
S3 sffp_sd;Controlador de protocolo de almacenamiento SFF para SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-13 11008]
S3 usbccgp;Controlador primario genérico USB de Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 USBSTOR;Dispositivo de almacenamiento masivo de datos USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 vaxscsi;vaxscsi; C:\WINDOWS\System32\Drivers\vaxscsi.sys [2008-06-04 223128]
S3 w29n51;Controlador de la Conexión de red Intel(R) PRO/Wireless 2200BG para Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2006-01-17 3325312]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 DVD-RAM_Service;DVD-RAM_Service; C:\WINDOWS\system32\DVDRAMSV.exe [2004-08-27 110592]
R2 gusvc;Google Updater Service; C:\Archivos de programa\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-31 168432]
R2 NOD32krn;NOD32 Kernel Service; C:\Archivos de programa\Eset\nod32krn.exe [2008-06-04 507904]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Archivos de programa\CyberLink\Shared files\RichVideo.exe [2005-08-08 167936]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Archivos de programa\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 TAPPSRV;TOSHIBA Application Service; C:\Archivos de programa\toshiba\TOSHIBA Applet\TAPPSRV.exe [2004-12-14 34816]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S2 gupdate1c8e071a1913dc0;Google Update Service (gupdate1c8e071a1913dc0); C:\Archivos de programa\Google\Update\GoogleUpdate.exe [2008-08-29 133104]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 IDriverT;InstallDriver Table Manager; C:\Archivos de programa\Archivos comunes\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 MSCSPTISRV;MSCSPTISRV; C:\Archivos de programa\Archivos comunes\Sony Shared\AVLib\MSCSPTISRV.exe [2006-12-14 45056]
S3 ose;Office Source Engine; C:\Archivos de programa\Archivos comunes\Microsoft Shared\Source Engine\OSE.EXE [2006-06-19 89136]
S3 PACSPTISVR;PACSPTISVR; C:\Archivos de programa\Archivos comunes\Sony Shared\AVLib\PACSPTISVR.exe [2006-12-14 57344]
S3 SonicStage Back-End Service;SonicStage Back-End Service; C:\Archivos de programa\Archivos comunes\Sony Shared\AVLib\SsBeSvc.exe [2007-02-05 112184]
S3 SPTISRV;Sony SPTI Service; C:\Archivos de programa\Archivos comunes\Sony Shared\AVLib\SPTISRV.exe [2006-12-14 69632]
S3 SSScsiSV;SonicStage SCSI Service; C:\Archivos de programa\Archivos comunes\Sony Shared\AVLib\SSScsiSV.exe [2007-02-05 75320]

-----------------EOF-----------------
Attached Files
File Type: txt Gmer.txt (8.9 KB, 2 views)
File Type: txt info.txt (10.3 KB, 2 views)
maikelekiam is offline  
Important Information
Join the #1 Tech Support Forum Today - It's Totally Free!

TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free.

Join TechSupportforum.com Today - Click Here