Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

AGPROTECT MALWARE TRACE urgent help!

Started by ektor , May 31 2009 10:55 AM

  • Please log in to reply

#1
ektor
Posted 31 May 2009 - 10:55 AM

ektor

    Member

  • Member
  • PipPip
  • 35 posts
HELLO

WHEN I PUT MBAM TO DO A QUICK SCAN AN AGPROTECT(MALWARE TRACE)APPEAR'S WHAT IS IT?? CAN U HELP ME?? PLEASE I NEED FAST HELP!!!!

THIS IS MY MBAM LOG

Malwarebytes' Anti-Malware 1.37
Database version: 2201
Windows 5.1.2600 Service Pack 3

5/31/2009 1:23:51 PM
mbam-log-2009-05-31 (13-23-51).txt

Scan type: Quick Scan
Objects scanned: 107052
Time elapsed: 3 minute(s), 37 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\AGprotect (Malware.Trace) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)



THIS IS MY ROOTER LOG

Microsoft Windows XP Home Edition (5.1.2600) Service Pack 3

A:\ [Removable] (Total:0 Mo/Free:0 Mo)
C:\ [Fixed] - NTFS - (Total:70904 Mo/Free:551 Mo)
D:\ [Fixed] - NTFS - (Total:238472 Mo/Free:1343 Mo)
F:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
H:\ [Removable] (Total:1952 Mo/Free:1111 Mo)

Sun 05/31/2009|12:50

----------------------\\ Processes..

--Locked-- [System Process]
---------- System
---------- \SystemRoot\System32\smss.exe
---------- \??\C:\WINDOWS\system32\csrss.exe
---------- \??\C:\WINDOWS\system32\winlogon.exe
---------- C:\WINDOWS\system32\services.exe
---------- C:\WINDOWS\system32\lsass.exe
---------- C:\WINDOWS\system32\Ati2evxx.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\system32\spoolsv.exe
---------- C:\Program Files\a-squared Anti-Malware\a2service.exe
---------- C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
---------- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
---------- C:\Program Files\Bonjour\mDNSResponder.exe
---------- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\Program Files\Google\Update\GoogleUpdate.exe
---------- C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
---------- C:\Program Files\Java\jre6\bin\jqs.exe
---------- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
---------- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
---------- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\System32\TUProgSt.exe
---------- C:\WINDOWS\system32\Ati2evxx.exe
---------- C:\WINDOWS\Explorer.EXE
---------- C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
---------- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
---------- C:\Program Files\Winamp\winampa.exe
---------- C:\Program Files\Java\jre6\bin\jusched.exe
---------- C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe
---------- C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
---------- C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
---------- C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe
---------- C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
---------- C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
---------- C:\Program Files\Logitech\iTouch\iTouch.exe
---------- C:\WINDOWS\SOUNDMAN.EXE
---------- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
---------- C:\Program Files\Windows Media Player\WMPNSCFG.exe
---------- C:\WINDOWS\system32\ctfmon.exe
---------- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
---------- C:\Program Files\Messenger\msmsgs.exe
---------- C:\Program Files\Logitech\MouseWare\system\em_exec.exe
---------- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
---------- C:\WINDOWS\System32\alg.exe
---------- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
---------- C:\Program Files\Mozilla Firefox\firefox.exe
---------- C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
---------- C:\Program Files\Windows Live\Contacts\wlcomm.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\Program Files\Internet Explorer\IEXPLORE.EXE
---------- C:\Program Files\Internet Explorer\IEXPLORE.EXE
---------- C:\Program Files\MSN\Toolbar\3.0.1203.0\msntask.exe
---------- C:\Program Files\Windows Live\Toolbar\wltuser.exe
---------- C:\WINDOWS\system32\DllHost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\system32\cmd.exe
---------- C:\Rooter$\RK.exe

----------------------\\ Search..

Trojan ! .. C:\windows\system32\rundll32.exe C:\windows\system32\qfmyzwx.dll,DllMain -

----------------------\\ Tasks

C:\WINDOWS\tasks\At1.job

----------------------\\ ROOTKIT !!


----------------------\\ Cracks & Keygens..

C:\DOCUME~1\LONUEV~1\Local Settings\Temp\aircrack-ng-1.0-rc1-win.zip


1 - "C:\Rooter$\Rooter_1.txt" - Sat 05/30/2009|16:38
2 - "C:\Rooter$\Rooter_2.txt" - Sun 05/31/2009|12:50

----------------------\\ Scan completed at 12:50


THIS IS MY OTLISTIT2 LOG:

OTListIt logfile created on: 5/31/2009 12:51:38 PM - Run 2
OTListIt2 by OldTimer - Version 2.0.15.8 Folder = C:\Documents and Settings\lo nuevo\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.50 Gb Total Physical Memory | 0.70 Gb Available Physical Memory | 46.92% Memory free
3.35 Gb Paging File | 2.60 Gb Available in Paging File | 77.56% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 69.24 Gb Total Space | 36.54 Gb Free Space | 52.77% Space Free | Partition Type: NTFS
Drive D: | 232.88 Gb Total Space | 5.31 Gb Free Space | 2.28% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 1.91 Gb Total Space | 1.09 Gb Free Space | 56.92% Space Free | Partition Type: FAT32
I: Drive not present or media not loaded

Computer Name: BORIKE
Current User Name: lo nuevo
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - C:\WINDOWS\system32\Ati2evxx.exe (ATI Technologies Inc.)
PRC - C:\Program Files\a-squared Anti-Malware\a2service.exe (Emsi Software GmbH)
PRC - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe (American Power Conversion Corporation)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
PRC - C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.)
PRC - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE ()
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe (Seagate)
PRC - C:\WINDOWS\System32\TUProgSt.exe (TuneUp Software)
PRC - C:\WINDOWS\system32\Ati2evxx.exe (ATI Technologies Inc.)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.)
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
PRC - C:\Program Files\Winamp\winampa.exe ()
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe (Seagate)
PRC - C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe (Nuance Communications, Inc.)
PRC - C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe (Seagate)
PRC - C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe (Sony Corporation)
PRC - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
PRC - C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe (Acronis)
PRC - C:\Program Files\Logitech\iTouch\iTouch.exe (Logitech Inc.)
PRC - C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
PRC - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
PRC - C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
PRC - C:\Program Files\Logitech\MouseWare\system\em_exec.exe (Logitech Inc.)
PRC - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (Nero AG)
PRC - C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe (Nero AG)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe (Yahoo! Inc.)
PRC - C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
PRC - C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
PRC - C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
PRC - C:\Program Files\MSN\Toolbar\3.0.1203.0\msntask.exe (Microsoft Corp.)
PRC - C:\Program Files\Windows Live\Toolbar\wltuser.exe (Microsoft Corporation)
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Documents and Settings\lo nuevo\Desktop\OTListIt2.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (a2antimalware [Auto | Running]) -- C:\Program Files\a-squared Anti-Malware\a2service.exe (Emsi Software GmbH)
SRV - (AOL TopSpeedMonitor [Auto | Stopped]) -- File not found
SRV - (APC UPS Service [Auto | Running]) -- C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe (American Power Conversion Corporation)
SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (Ati HotKey Poller [Auto | Running]) -- C:\WINDOWS\system32\Ati2evxx.exe (ATI Technologies Inc.)
SRV - (ATI Smart [Auto | Stopped]) -- C:\WINDOWS\system32\ati2sgag.exe ()
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ehttpsrv [On_Demand | Stopped]) -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (ESET)
SRV - (ekrn [Auto | Running]) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (fsssvc [On_Demand | Stopped]) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (gupdate1c9cfdb191bd854 [Auto | Stopped]) -- C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.)
SRV - (gusvc [Auto | Stopped]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (idsvc [Unknown | Stopped]) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (IJPLMSVC [Auto | Running]) -- C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE ()
SRV - (iPod Service [On_Demand | Stopped]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (mbamservice [Auto | Running]) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (NBService [On_Demand | Stopped]) -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe (Nero AG)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (NMIndexingService [On_Demand | Running]) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (Nero AG)
SRV - (odserv [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (rpcapd [On_Demand | Stopped]) -- File not found
SRV - (SeaPort [Auto | Running]) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (SgtSch2Svc [Auto | Running]) -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe (Seagate)
SRV - (StyleXPService [Auto | Stopped]) -- C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe ()
SRV - (TuneUp.Defrag [On_Demand | Stopped]) -- C:\WINDOWS\System32\TuneUpDefragService.exe (TuneUp Software)
SRV - (TuneUp.ProgramStatisticsSvc [Auto | Running]) -- C:\WINDOWS\System32\TUProgSt.exe (TuneUp Software)
SRV - (UxTuneUp [Auto | Running]) -- C:\WINDOWS\System32\uxtuneup.dll (TuneUp Software)
SRV - (WMPNetworkSvc [Auto | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (026134c [Boot | Stopped]) -- C:\WINDOWS\System32\drivers\026134C.DAT ()
DRV - (6ab134d [System | Stopped]) -- C:\WINDOWS\System32\drivers\6ab134D.DAT ()
DRV - (ALCXSENS [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS (Sensaura Ltd)
DRV - (ALCXWDM [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (AmdPPM [System | Running]) -- C:\WINDOWS\system32\DRIVERS\AmdPPM.sys (Advanced Micro Devices)
DRV - (ASPI32 [System | Running]) -- C:\WINDOWS\System32\drivers\aspi32.sys (Adaptec)
DRV - (ati2mtag [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ati2mtag.sys (ATI Technologies Inc.)
DRV - (BCM43XX [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\bcmwl5.sys (Broadcom Corporation)
DRV - (cba958ea [Disabled | Stopped]) -- C:\WINDOWS\System32\drivers\cba958ea.sys ()
DRV - (cdrbsdrv [System | Running]) -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS (B.H.A Corporation)
DRV - (d92134e [Auto | Stopped]) -- C:\WINDOWS\System32\drivers\d92134E.DAT ()
DRV - (eamon [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\eamon.sys (ESET)
DRV - (ehdrv [System | Running]) -- C:\WINDOWS\system32\DRIVERS\ehdrv.sys (ESET)
DRV - (epfwtdir [System | Running]) -- C:\WINDOWS\system32\DRIVERS\epfwtdir.sys (ESET)
DRV - (fssfltr [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys (Microsoft Corporation)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (HidBatt [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\HidBatt.sys (Microsoft Corporation)
DRV - (itchfltr [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\itchfltr.sys (Logitech, Inc.)
DRV - (LCcfltr [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\lccfltr.sys (Logitech, Inc.)
DRV - (LHidFlt2 [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\LHidFlt2.sys (Logitech, Inc.)
DRV - (LHidUsb [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\lhidusb.sys (Logitech, Inc.)
DRV - (LMouFlt2 [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\LMouFlt2.sys (Logitech, Inc.)
DRV - (mbamprotector [On_Demand | Running]) -- C:\windows\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (MODEMCSA [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys (Microsoft Corporation)
DRV - (motmodem [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\motmodem.sys (Motorola)
DRV - (MR97310_USB_DUAL_CAMERA [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\mr97310c.sys (Mars Semiconductor Corp.)
DRV - (nm [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\NMnt.sys (Microsoft Corporation)
DRV - (Pcouffin [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\Pcouffin.sys (VSO Software)
DRV - (pfc [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (RTL8023 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\Rtlnic51.sys (Realtek Semiconductor Corporation )
DRV - (RTL8023xp [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys (Realtek Semiconductor Corporation )
DRV - (rtl8139 [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\RTL8139.SYS (Realtek Semiconductor Corporation)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (SMC1211 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\SMC1211.SYS (SMC Networks Inc.)
DRV - (snapman [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\snapman.sys (Acronis)
DRV - (SONYPVU1 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS (Sony Corporation)
DRV - (StyleXPHelper [System | Running]) -- C:\Program Files\TGTSoft\StyleXP\StyleXPHelper.exe (Windows ® 2000 DDK provider)
DRV - (tdrpman [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\tdrpman.sys (Acronis)
DRV - (tifsfilter [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\tifsfilt.sys (Acronis)
DRV - (timounter [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\timntr.sys (Acronis)
DRV - (TVICHW32 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS (EnTech Taiwan)
DRV - (UlSata [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\ulsata.sys (Promise Technology, Inc.)
DRV - (USBAAPL [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\usbaapl.sys (Apple, Inc.)
DRV - (usbsermptxp [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\usbsermptxp.sys (Microsoft Corporation)
DRV - (VC4CB104 [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\VC4CB104.SYS (FUJI PHOTO FILM CO.,LTD.)
DRV - (viaagp1 [Boot | Running]) -- C:\WINDOWS\System32\DRIVERS\viaagp1.sys (VIA Technologies, Inc.)
DRV - (viasraid [Boot | Running]) -- C:\WINDOWS\system32\drivers\viasraid.sys (VIA Technologies inc,.ltd)
DRV - (wanatw [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\wanatw4.sys (America Online, Inc.)
DRV - (WMP300Nv1 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\WMP300Nv1.sys (Broadcom Corporation)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.microsoft...amp;ar=iesearch
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default = 63 1A F5 00 D5 C6 78 4C 9F 30 6D 1C 17 38 E2 62 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = www.live.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = www.live.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com.pr/firefox"
FF - prefs.js..extensions.enabledItems: {4DC70064-89E2-4a55-8FC6-E8CDEAE3612C}:0.6.5
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.0.2
FF - prefs.js..extensions.enabledItems: {77b819fa-95ad-4f2c-ac7c-486b356188a9}:1.5.20090207
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}:6.0.12
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: [email protected]:2.3.1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.10
FF - prefs.js..extensions.enabledItems: {c1dffba0-628e-11d9-9669-0800200c9a66}:3.0.4


FF - HKLM\software\mozilla\Flock\Extensions\\Plugins: C:\PROGRAM FILES\FLOCK\FLOCK\PLUGINS [2009/05/03 15:57:22 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Flock\Extensions\\Components: C:\PROGRAM FILES\FLOCK\FLOCK\COMPONENTS [2009/05/28 23:37:13 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/05/25 05:56:36 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/05/03 15:57:22 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\thunderbird\extensions\\[email protected]: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD [2009/05/28 22:02:00 | 00,000,000 | ---D | M]

[2009/05/27 21:48:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\lo nuevo\Application Data\mozilla\Extensions
[2009/05/27 21:48:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\lo nuevo\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/05/31 12:03:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\lo nuevo\Application Data\mozilla\Firefox\Profiles\gpukcfe5.default\extensions
[2009/05/28 22:15:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\lo nuevo\Application Data\mozilla\Firefox\Profiles\gpukcfe5.default\extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3612C}
[2009/05/29 12:50:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\lo nuevo\Application Data\mozilla\Firefox\Profiles\gpukcfe5.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2009/05/28 01:21:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\lo nuevo\Application Data\mozilla\Firefox\Profiles\gpukcfe5.default\extensions\{c1dffba0-628e-11d9-9669-0800200c9a66}
[2009/05/28 22:16:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\lo nuevo\Application Data\mozilla\Firefox\Profiles\gpukcfe5.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/05/28 01:19:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\lo nuevo\Application Data\mozilla\Firefox\Profiles\gpukcfe5.default\extensions\[email protected]
[2009/05/30 22:42:57 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/04/28 18:41:48 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2008/08/30 20:38:49 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2009/03/13 19:00:57 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
[2009/03/31 11:51:13 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/04/28 18:41:33 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/04/28 18:41:34 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/04/23 16:36:33 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/04/23 16:36:33 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/04/23 16:36:33 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/04/23 16:36:34 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/04/23 16:36:34 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/04/23 16:36:34 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml

O1 HOSTS File: (600399 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 downloads.aaa1screensavers.com #[Bargin Buddy]
O1 - Hosts: 127.0.0.1 dl.aaascreensavers.com
O1 - Hosts: 127.0.0.1 abcsearch.com
O1 - Hosts: 127.0.0.1 admin.abcsearch.com
O1 - Hosts: 127.0.0.1 www3.abcsearch.com #[Browseraid]
O1 - Hosts: 127.0.0.1 www.abcsearch.com
O1 - Hosts: 127.0.0.1 abc517.net #[Trojan.Mitglieder.H]
O1 - Hosts: 127.0.0.1 absoluagency.com #[Trojan.StartPage.H]
O1 - Hosts: 127.0.0.1 acestats.com
O1 - Hosts: 127.0.0.1 www.acestats.com
O1 - Hosts: 127.0.0.1 actualnames.com #[Parasite.ActualNames][Spyware.ActualNames]
O1 - Hosts: 127.0.0.1 www.actualnames.com
O1 - Hosts: 127.0.0.1 ad-up.com
O1 - Hosts: 127.0.0.1 www.ad-up.com
O1 - Hosts: 127.0.0.1 adatom.com
O1 - Hosts: 127.0.0.1 aesp.adatom.com
O1 - Hosts: 127.0.0.1 adbest.com
O1 - Hosts: 127.0.0.1 adserv.adbonus.com
O1 - Hosts: 127.0.0.1 www.adbonus.com
O1 - Hosts: 127.0.0.1 ad2.adcept.net
O1 - Hosts: 127.0.0.1 ad3.adcept.net
O1 - Hosts: 127.0.0.1 www.adcept.net
O1 - Hosts: 127.0.0.1 adcomplete.com
O1 - Hosts: 127.0.0.1 www.adcomplete.com
O1 - Hosts: 127.0.0.1 www.adcopy.info
O1 - Hosts: 19216 more lines...
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (CoTGT_BHO Class) - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll ()
O2 - BHO: (Google Dictionary Compression sdch) - {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Client for Internet Explorer\YontooIEClient.dll (Yontoo Technology, Inc.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\webbrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\webbrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKCU\..\Toolbar\webbrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [a-squared] "C:\PROGRAM FILES\A-SQUARED ANTI-MALWARE\a2guard.exe" /d=60 (Emsi Software GmbH)
O4 - HKLM..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" (ATI Technologies, Inc.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon (CANON INC.)
O4 - HKLM..\Run: [ContentTransferWMDetector.exe] C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe (Sony Corporation)
O4 - HKLM..\Run: [DiscWizardMonitor.exe] C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe (Seagate)
O4 - HKLM..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice (ESET)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [Logitech Utility] Logi_MwX.Exe (Logitech Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe" (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PtiuPbmd] Rundll32.exe ptipbm.dll,SetWriteBack File not found
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [Seagate Scheduler2 Service] "C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe" (Seagate)
O4 - HKLM..\Run: [SoundMan] SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" ()
O4 - HKLM..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe (Logitech Inc.)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" (Nero AG)
O4 - HKCU..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet (Yahoo! Inc.)
O4 - HKCU..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (Microsoft Corporation)
O4 - HKCU..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (Microsoft Corporation)
O4 - HKCU..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide ()
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\toolbars present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Advanced\Folder\Hidden\SHOWALL: CheckedValue = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O8 - Extra context menu item: e&xport to microsoft excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 (Microsoft Corporation)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {00000055-9980-0010-8000-00AA00389B71} (Reg Error: Key error.)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop...p/PCPitStop.CAB (Reg Error: Key error.)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ent/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Reg Error: Key error.)
O16 - DPF: CabBuilder http://kiw.imgag.com...llerControl.cab (Reg Error: Key error.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - x-sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\jbqbfz: DllName - jbqbfz.dll - File not found
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/05/24 13:30:32 | 00,000,000 | ---D | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009/05/12 14:30:56 | 00,000,000 | ---D | M] - H:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{a3158912-cdd2-11dd-9673-000c7691543a}\Shell\autorun\command - "" = E:\rcaeasyrip_setup.exe -- File not found
O33 - MountPoints2\{a3158912-cdd2-11dd-9673-000c7691543a}\Shell\install\command - "" = E:\rcaeasyrip_setup.exe -- File not found
O33 - MountPoints2\{a3158912-cdd2-11dd-9673-000c7691543a}\Shell\usermanualenglish\command - "" = E:\rcaeasyrip_setup.exe -- File not found
O33 - MountPoints2\{a3158912-cdd2-11dd-9673-000c7691543a}\Shell\usermanualfrench\command - "" = E:\rcaeasyrip_setup.exe -- File not found
O33 - MountPoints2\{a3158912-cdd2-11dd-9673-000c7691543a}\Shell\usermanualspanish\command - "" = E:\rcaeasyrip_setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - * [2009/05/31 12:51:32 | 00,000,000 | ---D | M]

========== Files/Folders - Created Within 30 Days ==========

[2009/05/31 12:47:46 | 00,501,248 | ---- | C] (OldTimer Tools) -- C:\DOCUME~1\LONUEV~1\Desktop\OTListIt2.exe
[2009/05/31 12:47:05 | 00,264,704 | ---- | C] (OldTimer Tools) -- C:\DOCUME~1\LONUEV~1\Desktop\TFC.exe
[2009/05/31 12:37:06 | 85,737,983 | ---- | C] () -- C:\DOCUME~1\LONUEV~1\Desktop\Anger Management Tour Live.rar
[2009/05/31 11:48:33 | 00,143,381 | ---- | C] () -- C:\DOCUME~1\LONUEV~1\Desktop\photo.png
[2009/05/30 23:14:51 | 00,000,195 | ---- | C] () -- C:\BOOT.BKK
[2009/05/30 21:46:25 | 00,000,194 | ---- | C] () -- C:\boot.ini
[2009/05/30 16:38:29 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/05/30 16:23:38 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/05/30 16:23:09 | 00,000,598 | ---- | C] () -- C:\DOCUME~1\LONUEV~1\Desktop\ERUNT.lnk
[2009/05/30 16:23:09 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/05/30 13:33:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\avg8
[2009/05/30 13:30:24 | 00,000,000 | ---D | C] -- C:\DOCUME~1\LONUEV~1\Desktop\Wisin & Yandel - La Revolucion (2009)
[2009/05/30 12:42:23 | 00,000,000 | R--D | C] -- C:\DOCUME~1\LONUEV~1\My Documents\My Videos
[2009/05/30 12:29:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\lo nuevo\Application Data\GRETECH
[2009/05/30 11:47:04 | 00,000,000 | ---D | C] -- C:\DOCUME~1\LONUEV~1\Desktop\Las_Guanabanas 2009
[2009/05/29 16:55:44 | 02,703,240 | ---- | C] () -- C:\DOCUME~1\LONUEV~1\Desktop\hip hop new.mp3
[2009/05/29 16:55:30 | 03,237,974 | ---- | C] () -- C:\DOCUME~1\LONUEV~1\Desktop\hip hop con bajo.mp3
[2009/05/29 16:16:35 | 00,000,454 | ---- | C] () -- C:\WINDOWS\tasks\XoftSpySE 2.job
[2009/05/29 16:16:35 | 00,000,368 | ---- | C] () -- C:\WINDOWS\tasks\XoftSpySE.job
[2009/05/29 16:16:34 | 00,000,688 | ---- | C] () -- C:\DOCUME~1\LONUEV~1\Desktop\XoftSpySE.lnk
[2009/05/29 16:16:33 | 00,000,000 | ---D | C] -- C:\Program Files\XoftSpySE
[2009/05/29 16:12:51 | 00,000,234 | -HS- | C] () -- C:\WINDOWS\System32\drivers\d92134E.DAT
[2009/05/29 16:12:51 | 00,000,234 | -HS- | C] () -- C:\WINDOWS\System32\drivers\6ab134D.DAT
[2009/05/29 16:12:51 | 00,000,234 | -HS- | C] () -- C:\WINDOWS\System32\drivers\026134C.DAT
[2009/05/29 16:10:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2009/05/29 15:55:26 | 00,000,000 | ---D | C] -- C:\Program Files\Exterminate It!
[2009/05/29 14:43:03 | 00,000,448 | ---- | C] () -- C:\WINDOWS\tasks\ParetoLogic Registration.job
[2009/05/29 14:42:57 | 00,028,704 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2009/05/29 14:42:57 | 00,001,460 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.idx
[2009/05/29 14:42:57 | 00,000,032 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox2.idx
[2009/05/29 14:42:57 | 00,000,032 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox2.dat
[2009/05/29 14:42:35 | 00,000,000 | ---- | C] () -- C:\rollback.ini
[2009/05/29 13:53:20 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\ParetoLogic
[2009/05/29 13:53:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2009/05/29 11:47:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\lo nuevo\Application Data\Apple Computer
[2009/05/28 23:36:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\lo nuevo\Application Data\Flock
[2009/05/28 23:01:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\lo nuevo\Application Data\Google
[2009/05/28 22:11:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\lo nuevo\Application Data\TuneUp Software
[2009/05/28 22:02:01 | 00,001,771 | ---- | C] () -- C:\DOCUME~1\LONUEV~1\Desktop\ESET NOD32 Antivirus.lnk
[2009/05/28 22:01:59 | 00,000,000 | ---D | C] -- C:\Program Files\ESET
[2009/05/28 22:01:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ESET
[2009/05/28 20:47:59 | 00,000,490 | ---- | C] () -- C:\WINDOWS\tasks\Malwarebytes' Scheduled Update for lo nuevo.job
[2009/05/28 15:11:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\lo nuevo\Application Data\Sun
[2009/05/28 03:07:42 | 00,001,554 | ---- | C] () -- C:\DOCUME~1\LONUEV~1\Desktop\CCleaner.lnk
[2009/05/28 03:07:41 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009/05/28 02:54:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\lo nuevo\Local Settings\Apps
[2009/05/28 02:24:57 | 00,000,699 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\a-squared Anti-Malware.lnk
[2009/05/28 02:24:46 | 00,000,000 | ---D | C] -- C:\Program Files\a-squared Anti-Malware
[2009/05/28 02:24:46 | 00,000,000 | ---D | C] -- C:\DOCUME~1\LONUEV~1\My Documents\a-squared
[2009/05/28 01:46:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2009/05/28 01:33:07 | 00,000,000 | -H-- | C] () -- C:\DOCUME~1\LONUEV~1\My Documents\Default.rdp
[2009/05/28 00:46:52 | 00,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2009/05/27 23:24:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
[2009/05/27 22:53:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\lo nuevo\Application Data\WinRAR
[2009/05/27 22:40:06 | 00,000,000 | ---D | C] -- C:\DOCUME~1\LONUEV~1\My Documents\My Received Files
[2009/05/27 22:32:10 | 00,000,000 | ---D | C] -- C:\DOCUME~1\LONUEV~1\My Documents\My Chat Logs
[2009/05/27 22:03:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\lo nuevo\Application Data\Malwarebytes
[2009/05/27 22:03:17 | 00,000,702 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/05/27 22:03:14 | 00,040,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/05/27 22:03:13 | 00,019,096 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/05/27 22:03:13 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/05/27 21:59:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\lo nuevo\Application Data\Macromedia
[2009/05/27 21:59:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\lo nuevo\Application Data\Adobe
[2009/05/27 21:48:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\lo nuevo\Application Data\Mozilla
[2009/05/27 21:41:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\lo nuevo\Application Data\Identities
[2009/05/27 21:40:57 | 00,000,079 | -HS- | C] () -- C:\DOCUME~1\LONUEV~1\My Documents\desktop.ini
[2009/05/27 21:40:57 | 00,000,000 | R--D | C] -- C:\DOCUME~1\LONUEV~1\My Documents\My Pictures
[2009/05/27 21:40:57 | 00,000,000 | R--D | C] -- C:\DOCUME~1\LONUEV~1\My Documents\My Music
[2009/05/27 21:40:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\lo nuevo\Local Settings\Temp
[2009/05/27 21:40:31 | 00,000,084 | -HS- | C] () -- C:\Documents and Settings\lo nuevo\Start Menu\Programs\Startup\desktop.ini
[2009/05/27 21:40:31 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\lo nuevo\Local Settings\desktop.ini
[2009/05/27 21:40:31 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\lo nuevo\Application Data\desktop.ini
[2009/05/27 21:40:31 | 00,000,000 | --SD | C] -- C:\Documents and Settings\lo nuevo\Application Data\Microsoft
[2009/05/27 21:40:31 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\lo nuevo\Local Settings\Temporary Internet Files
[2009/05/27 21:40:31 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\lo nuevo\Local Settings\History
[2009/05/27 21:40:31 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\lo nuevo\Local Settings\Application Data
[2009/05/27 21:33:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\2DBoy
[2009/05/27 20:21:30 | 00,000,434 | ---- | C] () -- C:\WINDOWS\tasks\At1.job
[2009/05/27 20:08:32 | 00,000,000 | ---D | C] -- C:\WINDOWS\dhcp
[2009/05/27 20:08:09 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\sysloc
[2009/05/27 20:07:48 | 00,019,968 | ---- | C] () -- C:\WINDOWS\System32\kungsftyreamyp.dll.rmv.rmv.rmv
[2009/05/27 20:07:18 | 00,107,212 | ---- | C] () -- C:\WINDOWS\System32\drivers\cba958ea.sys
[2009/05/27 20:06:13 | 00,065,311 | ---- | C] () -- C:\WINDOWS\System32\kungsftwinqyrn.dat.rmv.rmv.rmv
[2009/05/27 20:06:13 | 00,020,992 | ---- | C] () -- C:\WINDOWS\System32\kungsfhvtkstvc.dll.rmv.rmv.rmv
[2009/05/27 20:06:13 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\kungsfwwbtytte.sys.rmv.rmv.rmv
[2009/05/27 20:06:13 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\kungsfwwbtytte.sys.rmv
[2009/05/23 23:01:30 | 00,000,000 | ---D | C] -- C:\Program Files\Image-Line
[2009/05/23 21:19:07 | 00,000,000 | ---D | C] -- C:\Program Files\VstPlugins
[2009/05/23 18:51:02 | 00,000,000 | ---D | C] -- C:\Program Files\Outsim
[2009/05/21 23:17:31 | 00,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2009/05/19 18:38:02 | 00,000,026 | ---- | C] () -- C:\WINDOWS\marscam.ini
[2009/05/19 18:37:32 | 00,000,000 | ---- | C] () -- C:\WINDOWS\PTWebCam.INI
[2009/05/19 18:36:10 | 00,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache
[2009/05/19 18:28:10 | 00,000,000 | ---D | C] -- C:\Program Files\Mars
[2009/05/19 18:27:18 | 00,000,000 | ---D | C] -- C:\Program Files\PhoTags Express
[2009/05/19 14:46:12 | 00,202,752 | ---- | C] (Lexmark) -- C:\WINDOWS\System32\LXAISUI.DLL
[2009/05/19 12:55:21 | 00,000,000 | ---D | C] -- C:\LXKZ33
[2009/05/18 17:03:44 | 00,002,137 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\iTunes.lnk
[2009/05/18 17:03:11 | 00,000,000 | ---D | C] -- C:\Program Files\iPod
[2009/05/18 17:03:07 | 00,000,000 | ---D | C] -- C:\Program Files\iTunes
[2009/05/18 17:00:05 | 00,001,610 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\QuickTime Player.lnk
[2009/05/18 16:59:33 | 00,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2009/05/18 15:08:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Nero
[2009/05/18 15:07:33 | 00,000,000 | ---D | C] -- C:\Config.Msi
[2009/05/18 14:28:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ahead
[2009/05/18 12:43:57 | 00,000,000 | ---D | C] -- C:\Program Files\iPod(2)
[2009/05/18 11:02:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2009/05/12 17:04:27 | 00,000,488 | ---- | C] () -- C:\WINDOWS\tasks\Malwarebytes' Scheduled Scan for Sony.job
[2009/05/12 17:04:20 | 00,000,474 | ---- | C] () -- C:\WINDOWS\tasks\Malwarebytes' Scheduled Update for Sony.job
[2009/05/12 15:46:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/05/11 18:22:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\FarmFrenzy-PizzaParty
[2009/05/11 18:07:32 | 00,000,000 | ---D | C] -- C:\WINDOWS\Farm Frenzy Pizza Party
[2009/05/11 18:07:32 | 00,000,000 | ---D | C] -- C:\Program Files\Farm Frenzy Pizza Party
[2009/05/08 22:36:05 | 00,368,640 | ---- | C] (Propellerhead Software AB) -- C:\WINDOWS\System32\ReWire.dll
[2009/05/08 22:36:05 | 00,233,472 | ---- | C] (Propellerhead Software AB) -- C:\WINDOWS\System32\REX Shared Library.dll
[2009/05/08 22:36:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Propellerhead Software
[2009/05/08 10:57:47 | 00,000,015 | ---- | C] () -- C:\WINDOWS\WinPatchService
[2009/05/08 10:54:34 | 00,000,000 | ---D | C] -- C:\Program Files\Codemonster
[2009/05/08 10:28:28 | 00,000,000 | ---D | C] -- C:\autorun.inf
[2009/05/08 08:48:28 | 00,001,842 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Google Earth.lnk
[2009/05/08 08:47:09 | 00,000,882 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachine.job
[2009/05/06 20:42:15 | 00,001,685 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Motorola Phone Tools.lnk
[2009/05/05 17:47:41 | 00,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2009/05/05 17:46:53 | 00,000,000 | ---D | C] -- C:\Program Files\Realtek AC97
[2009/05/05 15:38:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DriverScanner
[2009/05/04 20:36:18 | 00,118,784 | ---- | C] () -- C:\WINDOWS\dsdxirmv.exe
[2009/05/04 18:24:58 | 02,328,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\TUKernel.exe
[2009/05/04 16:31:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2009/05/04 15:43:43 | 00,000,484 | ---- | C] () -- C:\WINDOWS\tasks\1-Click Maintenance.job
[2009/05/04 15:43:42 | 00,604,416 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\TUProgSt.exe
[2009/05/04 15:43:42 | 00,361,216 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\TuneUpDefragService.exe
[2009/05/04 15:43:42 | 00,028,928 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\uxtuneup.dll
[2009/05/04 15:43:36 | 00,001,617 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\TuneUp 1-Click Maintenance.lnk
[2009/05/04 15:43:35 | 00,001,545 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\TuneUp Utilities 2009.lnk
[2009/05/04 15:43:20 | 00,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2009
[2009/04/15 19:29:28 | 00,001,053 | ---- | C] () -- C:\WINDOWS\_ISENV31.INI
[2009/04/15 19:29:28 | 00,000,545 | ---- | C] () -- C:\WINDOWS\_iserr31.ini
[2009/04/15 19:29:28 | 00,000,378 | ---- | C] () -- C:\WINDOWS\_delis43.ini
[2009/04/02 14:15:17 | 00,001,233 | ---- | C] () -- C:\WINDOWS\ARPR.INI
[2009/03/30 20:23:31 | 00,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2009/03/30 20:23:06 | 00,005,937 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2009/03/03 12:18:04 | 00,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2008/12/18 11:44:03 | 00,000,412 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2008/12/17 21:04:08 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\GTW32N50.dll
[2008/08/30 21:16:30 | 00,000,927 | ---- | C] () -- C:\WINDOWS\posteriza.INI
[2008/08/30 19:03:00 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/08/30 13:27:53 | 00,000,000 | ---- | C] () -- C:\WINDOWS\ATIMMC.INI
[2006/12/23 00:07:28 | 00,000,034 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2006/12/13 20:19:03 | 00,000,140 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/11/10 14:59:25 | 00,000,187 | ---- | C] () -- C:\WINDOWS\DVDXRestrictionFree.ini
[2006/11/10 14:52:56 | 00,000,014 | ---- | C] () -- C:\WINDOWS\System32\SysEngine2.SYS
[2006/05/02 18:38:24 | 00,000,748 | ---- | C] () -- C:\WINDOWS\SetBrowser.ini
[2006/01/21 16:10:56 | 00,000,030 | ---- | C] () -- C:\WINDOWS\atid.ini
[2006/01/21 01:53:21 | 00,000,225 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/12/02 13:44:54 | 00,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2005/12/02 13:44:24 | 00,000,025 | ---- | C] () -- C:\WINDOWS\ESPRX700.ini
[2005/08/20 03:30:07 | 00,000,001 | ---- | C] () -- C:\WINDOWS\System32\au3305adc.dll
[2005/08/20 03:29:16 | 00,000,067 | ---- | C] () -- C:\WINDOWS\Apollo DVD Copy.INI
[2005/08/10 07:08:19 | 00,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2005/07/06 11:23:46 | 00,008,183 | ---- | C] () -- C:\WINDOWS\lviewp.ini
[2005/06/29 15:52:20 | 00,000,051 | ---- | C] () -- C:\WINDOWS\iTouch.ini
[2005/06/29 15:41:27 | 00,001,125 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2005/06/29 03:40:21 | 00,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/06/29 03:39:09 | 00,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2005/06/29 03:36:23 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\Gif89.dll
[2005/06/29 03:24:46 | 00,155,648 | R--- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2005/06/29 03:17:11 | 00,000,488 | ---- | C] () -- C:\WINDOWS\Cmousecc.ini
[2003/03/31 08:00:00 | 00,102,400 | ---- | C] () -- C:\WINDOWS\System32\mfipzgt.dll
[2003/03/31 08:00:00 | 00,000,816 | ---- | C] () -- C:\WINDOWS\win.ini
[2003/03/31 08:00:00 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2002/03/26 15:18:28 | 00,091,136 | ---- | C] () -- C:\WINDOWS\System32\mp4fil32.dll
[2002/01/20 08:26:36 | 00,073,728 | ---- | C] () -- C:\WINDOWS\System32\SimpleResize.dll
[2001/10/12 10:58:20 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\mr310exd.dll
[2001/10/12 10:57:18 | 00,036,864 | ---- | C] () -- C:\WINDOWS\System32\mr310exv.dll
[2000/12/07 10:13:58 | 00,015,164 | ---- | C] () -- C:\WINDOWS\mr310twc.ini
[2000/07/27 05:13:02 | 00,053,760 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[1999/08/12 00:00:00 | 01,708,032 | ---- | C] () -- C:\WINDOWS\System32\MSO97V.DLL
[1999/08/12 00:00:00 | 00,036,864 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1998/08/16 05:00:00 | 00,004,096 | ---- | C] () -- C:\WINDOWS\System32\sysres.dll
[1997/06/18 03:00:00 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL

========== Files - Modified Within 30 Days ==========

[2009/05/31 12:50:02 | 85,737,983 | ---- | M] () -- C:\DOCUME~1\LONUEV~1\Desktop\Anger Management Tour Live.rar
[2009/05/31 12:50:00 | 00,000,420 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{B6398F36-5CBD-4A2A-B4F7-EA8DEEE2296D}.job
[2009/05/31 12:48:19 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\DOCUME~1\LONUEV~1\Desktop\OTListIt2.exe
[2009/05/31 12:47:22 | 00,264,704 | ---- | M] (OldTimer Tools) -- C:\DOCUME~1\LONUEV~1\Desktop\TFC.exe
[2009/05/31 12:13:42 | 00,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2009/05/31 12:02:31 | 00,000,051 | ---- | M] () -- C:\WINDOWS\iTouch.ini
[2009/05/31 12:00:41 | 00,013,742 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/05/31 12:00:40 | 00,000,434 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2009/05/31 12:00:16 | 00,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachine.job
[2009/05/31 12:00:16 | 00,000,454 | ---- | M] () -- C:\WINDOWS\tasks\XoftSpySE 2.job
[2009/05/31 12:00:15 | 00,000,484 | ---- | M] () -- C:\WINDOWS\tasks\1-Click Maintenance.job
[2009/05/31 12:00:14 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\lo nuevo\Local Settings\desktop.ini
[2009/05/31 12:00:09 | 00,000,368 | ---- | M] () -- C:\WINDOWS\tasks\XoftSpySE.job
[2009/05/31 12:00:09 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/05/31 11:58:50 | 00,000,816 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/05/31 11:58:50 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/05/31 11:58:50 | 00,000,194 | ---- | M] () -- C:\boot.ini
[2009/05/31 11:48:33 | 00,143,381 | ---- | M] () -- C:\DOCUME~1\LONUEV~1\Desktop\photo.png
[2009/05/30 23:07:03 | 00,000,195 | ---- | M] () -- C:\BOOT.BKK
[2009/05/30 22:53:20 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/05/30 19:55:05 | 00,107,212 | ---- | M] () -- C:\WINDOWS\System32\drivers\cba958ea.sys
[2009/05/30 18:00:04 | 00,000,448 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Registration.job
[2009/05/30 17:00:00 | 00,000,488 | ---- | M] () -- C:\WINDOWS\tasks\Malwarebytes' Scheduled Scan for Sony.job
[2009/05/30 16:23:09 | 00,000,598 | ---- | M] () -- C:\DOCUME~1\LONUEV~1\Desktop\ERUNT.lnk
[2009/05/30 16:14:19 | 00,000,434 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2009/05/30 14:13:57 | 00,020,480 | ---- | M] () -- C:\WINDOWS\System32\drivers\kungsfwwbtytte.sys.rmv
[2009/05/30 14:04:49 | 00,020,480 | ---- | M] () -- C:\WINDOWS\System32\drivers\kungsfwwbtytte.sys.rmv.rmv.rmv
[2009/05/30 14:02:17 | 03,237,974 | ---- | M] () -- C:\DOCUME~1\LONUEV~1\Desktop\hip hop con bajo.mp3
[2009/05/30 13:39:44 | 00,065,311 | ---- | M] () -- C:\WINDOWS\System32\kungsftwinqyrn.dat.rmv.rmv.rmv
[2009/05/29 16:16:34 | 00,000,688 | ---- | M] () -- C:\DOCUME~1\LONUEV~1\Desktop\XoftSpySE.lnk
[2009/05/29 16:13:34 | 00,001,460 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx
[2009/05/29 16:13:34 | 00,000,032 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.idx
[2009/05/29 16:13:34 | 00,000,032 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.dat
[2009/05/29 16:13:33 | 00,028,704 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2009/05/29 16:12:51 | 00,000,234 | -HS- | M] () -- C:\WINDOWS\System32\drivers\d92134E.DAT
[2009/05/29 16:12:51 | 00,000,234 | -HS- | M] () -- C:\WINDOWS\System32\drivers\6ab134D.DAT
[2009/05/29 16:12:51 | 00,000,234 | -HS- | M] () -- C:\WINDOWS\System32\drivers\026134C.DAT
[2009/05/29 15:23:00 | 00,002,137 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\iTunes.lnk
[2009/05/29 14:42:35 | 00,000,000 | ---- | M] () -- C:\rollback.ini
[2009/05/29 12:00:00 | 00,000,474 | ---- | M] () -- C:\WINDOWS\tasks\Malwarebytes' Scheduled Update for Sony.job
[2009/05/28 22:02:01 | 00,001,771 | ---- | M] () -- C:\DOCUME~1\LONUEV~1\Desktop\ESET NOD32 Antivirus.lnk
[2009/05/28 20:47:59 | 00,000,490 | ---- | M] () -- C:\WINDOWS\tasks\Malwarebytes' Scheduled Update for lo nuevo.job
[2009/05/28 03:07:42 | 00,001,554 | ---- | M] () -- C:\DOCUME~1\LONUEV~1\Desktop\CCleaner.lnk
[2009/05/28 02:24:57 | 00,000,699 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\a-squared Anti-Malware.lnk
[2009/05/28 01:33:07 | 00,000,000 | -H-- | M] () -- C:\DOCUME~1\LONUEV~1\My Documents\Default.rdp
[2009/05/27 22:03:17 | 00,000,702 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/05/27 21:41:44 | 00,000,079 | -HS- | M] () -- C:\DOCUME~1\LONUEV~1\My Documents\desktop.ini
[2009/05/27 21:33:21 | 00,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/05/27 20:08:20 | 00,182,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ndis.sys
[2009/05/27 20:08:20 | 00,182,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndis.sys
[2009/05/27 20:07:48 | 00,019,968 | ---- | M] () -- C:\WINDOWS\System32\kungsftyreamyp.dll.rmv.rmv.rmv
[2009/05/27 20:07:47 | 00,020,992 | ---- | M] () -- C:\WINDOWS\System32\kungsfhvtkstvc.dll.rmv.rmv.rmv
[2009/05/26 13:20:08 | 00,040,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/05/26 13:19:56 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/05/25 21:14:19 | 00,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-746137067-362288127-839522115-1005.job
[2009/05/25 12:57:21 | 00,600,399 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/05/24 14:21:13 | 02,703,240 | ---- | M] () -- C:\DOCUME~1\LONUEV~1\Desktop\hip hop new.mp3
[2009/05/22 01:50:48 | 00,525,692 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/05/22 01:50:48 | 00,444,360 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/05/22 01:50:48 | 00,072,252 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/05/19 18:38:02 | 00,000,026 | ---- | M] () -- C:\WINDOWS\marscam.ini
[2009/05/19 18:38:00 | 00,012,106 | ---- | M] () -- C:\WINDOWS\mr310twc.src
[2009/05/19 18:37:32 | 00,000,000 | ---- | M] () -- C:\WINDOWS\PTWebCam.INI
[2009/05/18 17:00:05 | 00,001,610 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\QuickTime Player.lnk
[2009/05/08 22:36:05 | 00,368,640 | ---- | M] (Propellerhead Software AB) -- C:\WINDOWS\System32\ReWire.dll
[2009/05/08 22:36:05 | 00,233,472 | ---- | M] (Propellerhead Software AB) -- C:\WINDOWS\System32\REX Shared Library.dll
[2009/05/08 12:34:01 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/05/08 10:57:50 | 00,000,015 | ---- | M] () -- C:\WINDOWS\WinPatchService
[2009/05/08 08:48:28 | 00,001,842 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Google Earth.lnk
[2009/05/07 03:16:29 | 24,699,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/05/06 20:42:15 | 00,001,685 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Motorola Phone Tools.lnk
[2009/05/05 19:29:10 | 02,328,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\TUKernel.exe
[2009/05/04 20:36:18 | 00,118,784 | ---- | M] () -- C:\WINDOWS\dsdxirmv.exe
[2009/05/04 15:43:43 | 00,604,416 | ---- | M] (TuneUp Software) -- C:\WINDOWS\System32\TUProgSt.exe
[2009/05/04 15:43:42 | 00,361,216 | ---- | M] (TuneUp Software) -- C:\WINDOWS\System32\TuneUpDefragService.exe
[2009/05/04 15:43:36 | 00,001,617 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\TuneUp 1-Click Maintenance.lnk
[2009/05/04 15:43:35 | 00,001,545 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\TuneUp Utilities 2009.lnk
[2009/05/01 15:21:56 | 00,276,560 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/05/01 14:54:11 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2009/05/01 14:54:11 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2009/05/01 14:54:11 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2009/05/01 14:54:11 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2009/05/01 14:54:11 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2009/05/01 14:54:11 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
< End of report >

Edited by ektor, 31 May 2009 - 11:24 AM.

  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP