Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

My Computer has been infected

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

My Computer has been infected

Unread postby mlondon » November 7th, 2008, 5:45 pm

Hi!

My computer was infected two days ago. My desktop used to display one of my pictures and now is full of squares of different colours.

Also, I can hear the radio or voices coming from the computer´s speakers.

All the time I get messages saying that my computer has been infected and one of them says that I have been infected with the Win32.Banker.FS.Trojan.Spy Agent.DA, but all these messages are obviously created by the virus itself.

My computer´s log is as follows,

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:36:46, on 07/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Archivos de programa\Intel\Wireless\Bin\EvtEng.exe
C:\Archivos de programa\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Archivos de programa\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Archivos de programa\McAfee\SiteAdvisor\McSACore.exe
C:\ARCHIV~1\McAfee\MSC\mcmscsvc.exe
c:\archivos de programa\archivos comunes\mcafee\mna\mcnasvc.exe
c:\ARCHIV~1\ARCHIV~1\mcafee\mcproxy\mcproxy.exe
C:\ARCHIV~1\McAfee\VIRUSS~1\mcshield.exe
C:\Archivos de programa\McAfee\MPF\MPFSrv.exe
C:\Archivos de programa\McAfee\MSK\MskSrver.exe
C:\Archivos de programa\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
c:\ARCHIV~1\mcafee.com\agent\mcagent.exe
C:\Archivos de programa\Apoint\Apoint.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Archivos de programa\Sony\VAIO Power Management\SPMgr.exe
C:\Archivos de programa\Sony\ISB Utility\ISBMgr.exe
C:\Archivos de programa\Sony\VAIO Update 2\VAIOUpdt.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Archivos de programa\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
C:\Archivos de programa\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\svchost.exe
C:\Archivos de programa\Sony\VAIO Event Service\VESMgr.exe
C:\Archivos de programa\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\qttask.exe
C:\Archivos de programa\Apoint\Apntex.exe
C:\ARCHIV~1\Sony\SONICS~1\SsAAD.exe
C:\Archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Archivos de programa\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\runsql.exe
C:\WINDOWS\sv.exe
C:\WINDOWS\svzip.exe
C:\WINDOWS\svhoster.exe
C:\Archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\WINDOWS\vlc.exe
C:\WINDOWS\wdmon.exe
C:\WINDOWS\svx.exe
C:\WINDOWS\svw.exe
C:\WINDOWS\svc.exe
C:\WINDOWS\system32\brastk.exe
C:\Archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Archivos de programa\Archivos comunes\Ahead\lib\NMBgMonitor.exe
C:\Archivos de programa\Logitech\Video\FxSvr2.exe
C:\Archivos de programa\MSN Messenger\MsnMsgr.Exe
C:\Archivos de programa\Microsoft Office\Office\3082\OLFSNT40.EXE
C:\Archivos de programa\Archivos comunes\Sony Shared\AVLib\SSScsiSV.exe
C:\Archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\WINDOWS\system32\MDM.EXE
C:\ARCHIV~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Archivos de programa\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Archivos de programa\Internet Explorer\iexplore.exe
C:\Archivos de programa\Java\jre1.6.0_07\bin\jucheck.exe
C:\WINDOWS\explorer.exe
C:\Archivos de programa\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com/en/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\archivos de programa\google\googletoolbar2.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\ARCHIV~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [Apoint] C:\Archivos de programa\Apoint\Apoint.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Archivos de programa\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Archivos de programa\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Archivos de programa\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Archivos de programa\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [PDService.exe] C:\Archivos de programa\Utimaco\SafeGuard PrivateDisk\pdservice.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Archivos de programa\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Archivos de programa\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [QuickTime Task] C:\WINDOWS\system32\qttask.exe
O4 - HKLM\..\Run: [SsAAD.exe] C:\ARCHIV~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [NapsterShell] C:\Archivos de programa\Napster\napster.exe /systray
O4 - HKLM\..\Run: [mcagent_exe] "C:\Archivos de programa\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Archivos de programa\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [McENUI] C:\ARCHIV~1\McAfee\MHN\McENUI.exe /hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Archivos de programa\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [UpdateWin] C:\WINDOWS\system32\adsntj.exe
O4 - HKLM\..\Run: [runsql] C:\WINDOWS\runsql.exe
O4 - HKLM\..\Run: [netsv32] C:\WINDOWS\sv.exe
O4 - HKLM\..\Run: [netzip] C:\WINDOWS\svzip.exe
O4 - HKLM\..\Run: [net64] C:\WINDOWS\svhoster.exe
O4 - HKLM\..\Run: [vlc] C:\WINDOWS\vlc.exe
O4 - HKLM\..\Run: [wdmon] C:\WINDOWS\wdmon.exe
O4 - HKLM\..\Run: [netx] C:\WINDOWS\svx.exe
O4 - HKLM\..\Run: [netw] C:\WINDOWS\svw.exe
O4 - HKLM\..\Run: [netc] C:\WINDOWS\svc.exe
O4 - HKLM\..\Run: [brastk] C:\WINDOWS\system32\brastk.exe
O4 - HKLM\..\RunServices: [UpdateWin] C:\WINDOWS\system32\adsntj.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Archivos de programa\Archivos comunes\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Archivos de programa\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [MsnMsgr] "C:\Archivos de programa\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [UpdateWin] C:\WINDOWS\system32\adsntj.exe
O4 - HKCU\..\Run: [brastk] C:\WINDOWS\system32\brastk.exe
O4 - HKCU\..\RunServices: [UpdateWin] C:\WINDOWS\system32\adsntj.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Servicio de red')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - .DEFAULT User Startup: VAIO Launcher.lnk = C:\Archivos de programa\Sony\VAIO Launcher\Launcher.exe (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Archivos de programa\Archivos comunes\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Archivos de programa\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Puerto Symantec Fax Starter Edition.lnk = C:\Archivos de programa\Microsoft Office\Office\3082\OLFSNT40.EXE
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &Google Search - res://C:\Archivos de programa\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Instantánea de caché de la página - res://C:\Archivos de programa\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Páginas similares - res://C:\Archivos de programa\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Páginas vinculadas - res://C:\Archivos de programa\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Transferencia mediante Image Converter 2 - C:\Archivos de programa\Sony\Image Converter 2\menu.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/en/
O15 - Trusted Zone: http://*.mcafee.com
O15 - Trusted Zone: *.sony-europe.com
O15 - Trusted Zone: *.sonystyle-europe.com
O15 - Trusted Zone: *.vaio-link.com
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/share ... insctl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by102w.bay102.mail.live.com/mail ... nPUpld.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://mrmanuchan.spaces.live.com/Photo ... nPUpld.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/S ... anager.ocx
O16 - DPF: {AF2E62B6-F9E1-4D4F-A10A-9DC8E6DCBCC0} (VideoEgg ActiveX Loader) - http://update.videoegg.com/Install/Wind ... lisher.exe
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game06.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C1BAC744-8F0B-11D0-89E7-00C0A8295197} (Cameractl Class) - http://www.crtvg.es/camweb/camera.cab
O16 - DPF: {FE8FE5F0-E1EE-4ACD-81E0-2A6CFECB8431} (ePenClientSpec.ucEPenClientspec) - http://downloads.e-marking.eu.com/ePenClientSpec.ocx
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\ARCHIV~1\mcafee\SITEAD~1\mcieplg.dll
O22 - SharedTaskScheduler: IPC Configuration Utility - IPC Configuration Utility - (no file)
O22 - SharedTaskScheduler: Windows Installer Class - {020487CC-FC04-4B1E-863F-D9801796230B} - C:\DOCUME~1\x\CONFIG~1\Temp\wndutl32.dll
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Archivos de programa\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: EvtEng - Intel Corporation - C:\Archivos de programa\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Archivos de programa\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Archivos de programa\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\ARCHIV~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\archivos de programa\archivos comunes\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\ARCHIV~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\ARCHIV~1\ARCHIV~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\ARCHIV~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\ARCHIV~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Archivos de programa\McAfee\MPF\MPFSrv.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Archivos de programa\Archivos comunes\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Archivos de programa\McAfee\MSK\MskSrver.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Archivos de programa\Archivos comunes\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Archivos de programa\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Archivos de programa\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Archivos de programa\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Archivos de programa\Archivos comunes\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Archivos de programa\Archivos comunes\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Archivos de programa\Sony\VAIO Entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Archivos de programa\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Archivos de programa\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Archivos de programa\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Archivos de programa\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Archivos de programa\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Archivos de programa\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

--
End of file - 15287 bytes


Any help would be really appreciated.

Thanks.
mlondon
Active Member
 
Posts: 6
Joined: November 7th, 2008, 5:19 pm
Advertisement
Register to Remove

Re: My Computer has been infected

Unread postby peku006 » November 8th, 2008, 6:49 am

Hello and Welcome to the forums!

My name is peku006 and I will be helping you to remove any infection(s) that you may have.

Please observe these rules while we work:

  • If you don't know, stop and ask! Don't keep going on.
  • Please reply to this thread. Do not start a new topic.
  • Please continue to respond until I give you the "All Clear"
If you follow these instructions, everything should go smoothly.

Before we start fixing anything you should print out these instructions or copy them to a NotePad file so they will be accessible.
Some steps will require you to disconnect from the Internet or use Safe Mode and you will not have access to this page.

1 - SDFix

    Download SDFix and save it to your Desktop.

    Double click SDFix.exe and it will extract the files to %systemdrive%
    (Drive that contains the Windows Directory, typically C:\SDFix)

2 - Boot into Safe Mode

Reboot your computer in Safe Mode.
  • If the computer is running, shut down Windows, and then turn off the power.
  • Wait 30 seconds, and then turn the computer on.
  • Start tapping the F8 key. The Windows Advanced Options Menu appears. If you begin tapping the F8 key too soon, some computers display a "keyboard error" message. To resolve this, restart the computer and try again.
  • Ensure that the Safe Mode option is selected.
  • Press Enter. The computer then begins to start in Safe mode.
  • Login on your usual account.

3 - Run SDFix

  • Open the extracted SDFix folder and double click RunThis.bat to start the script.
  • Type Y to begin the cleanup process.
  • It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
  • Press any Key and it will restart the PC.
  • When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
  • Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
    (Report.txt will also be copied to Clipboard ready for posting back on the forum).
  • Finally paste the contents of the Report.txt back on the forum with a new HijackThis log

4 - Download and Run Malwarebytes' Anti-Malware
Please download Malwarebytes Anti-Malware and save it to your desktop.
alternate download link 1
alternate download link 2

  • Double-click on Download_mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
  • Update Malwarebytes' Anti-Malware
  • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself.
  • Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform full scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad and you may be prompted to restart your computer. (see Note below)
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • The log can also be found here:

    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
  • Copy and paste the contents of that report in your next reply and exit MBAM.

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.


5 - download and run RSIT

  • Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt<- (will be maximized) and info.txt<- (will be minimized)

6 - Status Check
Please reply with

1. the SDFix.Report.txt (C:\SDFix\report.txt)
1.the logs from RSIT (log.txt ,info.txt)
2. the Malwarebytes' Anti-Malware Log

Thanks peku006
User avatar
peku006
MRU Emeritus
MRU Emeritus
 
Posts: 3357
Joined: May 14th, 2007, 2:18 pm
Location: Norway

Re: My Computer has been infected

Unread postby mlondon » November 8th, 2008, 8:57 am

Hi Peku006,

Here is the Report from running SDFix,

SDFix: Version 1.240
Run by x on 08/11/2008 at 12:37

Microsoft Windows XP [Versi¢n 5.1.2600]
Running From: C:\SDFix

Checking Services :


Restoring Default Security Values
Restoring Default Hosts File

Rebooting


Checking Files :

Trojan Files Found:

C:\WINDOWS\system32\adsntj.exe - Deleted
C:\U.exe - Deleted
C:\WINDOWS\system32\wini101975.exe - Deleted
C:\WINDOWS\runsql.exe - Deleted
C:\WINDOWS\sv.exe - Deleted
C:\WINDOWS\svc.exe - Deleted
C:\WINDOWS\svhoster.exe - Deleted
C:\WINDOWS\svw.exe - Deleted
C:\WINDOWS\svx.exe - Deleted
C:\WINDOWS\svzip.exe - Deleted
C:\WINDOWS\system32\brastk.exe - Deleted
C:\WINDOWS\vlc.exe - Deleted
C:\WINDOWS\wdmon.exe - Deleted





Removing Temp Files

ADS Check :



Final Check :

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-08 12:46:23
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher]
"TracesProcessed"=dword:00000148

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


Remaining Services :




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Archivos de programa\\Yahoo!\\Messenger\\YPager.exe"="C:\\Archivos de programa\\Yahoo!\\Messenger\\YPager.exe:*:Enabled:Yahoo! Messenger"
"C:\\Archivos de programa\\Yahoo!\\Messenger\\YServer.exe"="C:\\Archivos de programa\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\\Archivos de programa\\Messenger\\msmsgs.exe"="C:\\Archivos de programa\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Archivos de programa\\5 Spots\\5_spots.exe"="C:\\Archivos de programa\\5 Spots\\5_spots.exe:*:Disabled:5_spots"
"C:\\Archivos de programa\\Absurd Atlantis\\Absurd Atlantis.exe"="C:\\Archivos de programa\\Absurd Atlantis\\Absurd Atlantis.exe:*:Disabled:Macromedia Projector"
"C:\\Archivos de programa\\Global Star Software\\BrainStorm The Game Show\\ChRes.exe"="C:\\Archivos de programa\\Global Star Software\\BrainStorm The Game Show\\ChRes.exe:*:Disabled:ChRes"
"C:\\Archivos de programa\\Skype\\Phone\\Skype.exe"="C:\\Archivos de programa\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Archivos de programa\\Sony\\VAIO Media 4.0\\Vc.exe"="C:\\Archivos de programa\\Sony\\VAIO Media 4.0\\Vc.exe:*:Disabled:[VAIO Media] VAIO Media"
"C:\\Archivos de programa\\MSN Messenger\\msncall.exe"="C:\\Archivos de programa\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\\Archivos de programa\\Veoh Networks\\Veoh\\VeohClient.exe"="C:\\Archivos de programa\\Veoh Networks\\Veoh\\VeohClient.exe:*:Disabled:Veoh Client"
"C:\\Archivos de programa\\MSN Messenger\\msnmsgr.exe"="C:\\Archivos de programa\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Archivos de programa\\MSN Messenger\\livecall.exe"="C:\\Archivos de programa\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Archivos de programa\\Archivos comunes\\McAfee\\MNA\\McNASvc.exe"="C:\\Archivos de programa\\Archivos comunes\\McAfee\\MNA\\McNASvc.exe:*:Enabled:McAfee Network Agent"
"C:\\DOCUME~1\\x\\CONFIG~1\\Temp\\60325cahp25cas.exe"="C:\\DOCUME~1\\x\\CONFIG~1\\Temp\\60325cahp25cas.exe:*:Enabled:Enabled"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Archivos de programa\\MSN Messenger\\msncall.exe"="C:\\Archivos de programa\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\\Archivos de programa\\MSN Messenger\\msnmsgr.exe"="C:\\Archivos de programa\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Archivos de programa\\MSN Messenger\\livecall.exe"="C:\\Archivos de programa\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

Remaining Files :


File Backups: - C:\SDFix\backups\backups.zip

Files with Hidden Attributes :

Wed 8 Oct 2008 20,487 A.SHR --- "C:\Archivos de programa\McAfee\MQC\MRU.bak"
Wed 8 Oct 2008 265 A.SHR --- "C:\Archivos de programa\McAfee\MQC\qcconf.bak"
Tue 25 Jul 2006 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Mon 11 Dec 2006 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp"
Fri 2 May 2008 3,493,888 A..H. --- "C:\Documents and Settings\x\Datos de programa\U3\temp\Launchpad Removal.exe"
Tue 25 Jul 2006 4,348 A..H. --- "C:\Documents and Settings\x\Mis documentos\Mi m£sica\Copia de seguridad de la licencia\drmv1key.bak"
Sun 22 Oct 2006 20 A..H. --- "C:\Documents and Settings\x\Mis documentos\Mi m£sica\Copia de seguridad de la licencia\drmv1lic.bak"
Sun 22 Oct 2006 400 A.SH. --- "C:\Documents and Settings\x\Mis documentos\Mi m£sica\Copia de seguridad de la licencia\drmv2key.bak"

Finished!

And this is the new HijackThis log,

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:53:49, on 08/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Archivos de programa\Intel\Wireless\Bin\EvtEng.exe
C:\Archivos de programa\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Archivos de programa\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Archivos de programa\McAfee\SiteAdvisor\McSACore.exe
C:\ARCHIV~1\McAfee\MSC\mcmscsvc.exe
c:\archivos de programa\archivos comunes\mcafee\mna\mcnasvc.exe
c:\ARCHIV~1\ARCHIV~1\mcafee\mcproxy\mcproxy.exe
C:\ARCHIV~1\McAfee\VIRUSS~1\mcshield.exe
C:\Archivos de programa\McAfee\MPF\MPFSrv.exe
C:\Archivos de programa\McAfee\MSK\MskSrver.exe
C:\Archivos de programa\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Archivos de programa\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
c:\ARCHIV~1\mcafee.com\agent\mcagent.exe
C:\Archivos de programa\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Archivos de programa\Sony\VAIO Event Service\VESMgr.exe
C:\Archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\WINDOWS\System32\svchost.exe
C:\ARCHIV~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Archivos de programa\Apoint\Apoint.exe
C:\Archivos de programa\Apoint\Apntex.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Archivos de programa\Sony\VAIO Power Management\SPMgr.exe
C:\Archivos de programa\Sony\ISB Utility\ISBMgr.exe
C:\Archivos de programa\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Archivos de programa\Utimaco\SafeGuard PrivateDisk\pdservice.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Archivos de programa\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\qttask.exe
C:\ARCHIV~1\Sony\SONICS~1\SsAAD.exe
C:\Archivos de programa\Archivos comunes\Sony Shared\AVLib\SSScsiSV.exe
C:\Archivos de programa\Java\jre1.6.0_07\bin\jusched.exe
C:\Archivos de programa\Archivos comunes\Ahead\lib\NMBgMonitor.exe
C:\Archivos de programa\MSN Messenger\MsnMsgr.Exe
C:\Archivos de programa\Microsoft Office\Office\3082\OLFSNT40.EXE
C:\Archivos de programa\Logitech\Video\FxSvr2.exe
C:\Archivos de programa\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\MDM.EXE
C:\Archivos de programa\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com/en/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\archivos de programa\google\googletoolbar2.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\ARCHIV~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [Apoint] C:\Archivos de programa\Apoint\Apoint.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Archivos de programa\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Archivos de programa\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Archivos de programa\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Archivos de programa\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [PDService.exe] C:\Archivos de programa\Utimaco\SafeGuard PrivateDisk\pdservice.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Archivos de programa\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Archivos de programa\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [QuickTime Task] C:\WINDOWS\system32\qttask.exe
O4 - HKLM\..\Run: [SsAAD.exe] C:\ARCHIV~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [NapsterShell] C:\Archivos de programa\Napster\napster.exe /systray
O4 - HKLM\..\Run: [mcagent_exe] "C:\Archivos de programa\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Archivos de programa\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [McENUI] C:\ARCHIV~1\McAfee\MHN\McENUI.exe /hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Archivos de programa\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Archivos de programa\Archivos comunes\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Archivos de programa\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [MsnMsgr] "C:\Archivos de programa\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Servicio de red')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - .DEFAULT User Startup: VAIO Launcher.lnk = C:\Archivos de programa\Sony\VAIO Launcher\Launcher.exe (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Archivos de programa\Archivos comunes\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Archivos de programa\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Puerto Symantec Fax Starter Edition.lnk = C:\Archivos de programa\Microsoft Office\Office\3082\OLFSNT40.EXE
O8 - Extra context menu item: &Google Search - res://C:\Archivos de programa\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Instantánea de caché de la página - res://C:\Archivos de programa\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Páginas similares - res://C:\Archivos de programa\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Páginas vinculadas - res://C:\Archivos de programa\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Transferencia mediante Image Converter 2 - C:\Archivos de programa\Sony\Image Converter 2\menu.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/en/
O15 - Trusted Zone: http://*.mcafee.com
O15 - Trusted Zone: *.sony-europe.com
O15 - Trusted Zone: *.sonystyle-europe.com
O15 - Trusted Zone: *.vaio-link.com
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/share ... insctl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by102w.bay102.mail.live.com/mail ... nPUpld.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://mrmanuchan.spaces.live.com/Photo ... nPUpld.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/S ... anager.ocx
O16 - DPF: {AF2E62B6-F9E1-4D4F-A10A-9DC8E6DCBCC0} (VideoEgg ActiveX Loader) - http://update.videoegg.com/Install/Wind ... lisher.exe
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game06.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C1BAC744-8F0B-11D0-89E7-00C0A8295197} (Cameractl Class) - http://www.crtvg.es/camweb/camera.cab
O16 - DPF: {FE8FE5F0-E1EE-4ACD-81E0-2A6CFECB8431} (ePenClientSpec.ucEPenClientspec) - http://downloads.e-marking.eu.com/ePenClientSpec.ocx
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\ARCHIV~1\mcafee\SITEAD~1\mcieplg.dll
O22 - SharedTaskScheduler: IPC Configuration Utility - IPC Configuration Utility - (no file)
O22 - SharedTaskScheduler: Windows Installer Class - {020487CC-FC04-4B1E-863F-D9801796230B} - C:\DOCUME~1\x\CONFIG~1\Temp\wndutl32.dll (file missing)
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Archivos de programa\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: EvtEng - Intel Corporation - C:\Archivos de programa\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Archivos de programa\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Archivos de programa\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\ARCHIV~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\archivos de programa\archivos comunes\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\ARCHIV~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\ARCHIV~1\ARCHIV~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\ARCHIV~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\ARCHIV~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Archivos de programa\McAfee\MPF\MPFSrv.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Archivos de programa\Archivos comunes\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Archivos de programa\McAfee\MSK\MskSrver.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Archivos de programa\Archivos comunes\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Archivos de programa\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Archivos de programa\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Archivos de programa\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Archivos de programa\Archivos comunes\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Archivos de programa\Archivos comunes\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Archivos de programa\Sony\VAIO Entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Archivos de programa\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Archivos de programa\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Archivos de programa\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Archivos de programa\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Archivos de programa\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Archivos de programa\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

--
End of file - 14093 bytes

I will post the Malwarebytes log on my next message.

Many thanks for your help.
mlondon
Active Member
 
Posts: 6
Joined: November 7th, 2008, 5:19 pm

Re: My Computer has been infected

Unread postby mlondon » November 8th, 2008, 10:04 am

Hi!

Here is the Malwarebytes' Anti-Malware Log,

Malwarebytes' Anti-Malware 1.30
Database version: 1373
Windows 5.1.2600 Service Pack 2

08/11/2008 13:56:10
mbam-log-2008-11-08 (13-56-10).txt

Scan type: Full Scan (C:\|D:\|E:\|F:\|)
Objects scanned: 118529
Time elapsed: 52 minute(s), 16 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 28
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 10
Files Infected: 168

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\videoegg.activexloader (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\videoegg.activexloader.1 (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e282c728-189d-419e-8ee2-1601f4b39ba5} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e1a63484-a022-4d42-830a-fbd411514440} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{dc3a04ee-cdd7-4407-915c-a5502f97eecd} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{db8cce99-59c6-4552-8bfc-058feb38d6ce} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d17726cc-d4dd-4c4a-9671-471d56e413b5} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c5041fd9-4819-4dc4-b20e-c950b5b03d2a} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{bb187c0d-6f53-4f3e-9590-98fd3a7364a2} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ad5915ea-b61a-4dba-b5c8-ef4b2df0a3c7} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ad0a3058-fd49-4f98-a514-fd055201835e} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a58c497b-3ee2-45e7-9594-daca6be2a0d0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a3d06987-c35e-49e4-8fe2-ac67b9fbfb4c} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9856e2d8-ffb2-4fe5-8cad-d5ad6a35a804} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8f6a82a2-d7b1-443e-bb9f-f7dc887dd618} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{88d6cf0e-cf70-4c24-bf6e-e4e414bc649c} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{83dfb6ee-ab18-41b5-86d4-b544a141d67e} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5c29c7e4-5321-4cad-be2e-877666bed5df} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3f91eb90-ef62-44ee-a685-fac29af111cd} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1a8642f1-dc80-4edc-a39d-0fb62a58b455} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{168dc258-1455-4e61-8590-9dac2f27b675} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{020487cc-fc04-4b1e-863f-d9801796230b} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videoegg.com/publisher,version=0.2.0 (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videoegg.com/updater,version=0.2.0 (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Trymedia Systems (Adware.Trymedia) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{020487cc-fc04-4b1e-863f-d9801796230b} (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Documents and Settings\All Users\Datos de programa\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461 (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\messages (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Updater (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Updater\2663 (Adware.VideoEgg) -> Quarantined and deleted successfully.

Files Infected:
C:\System Volume Information\_restore{460A5024-A35A-4EA7-9DAB-4C2A06269071}\RP339\A0059790.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{460A5024-A35A-4EA7-9DAB-4C2A06269071}\RP339\A0059791.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{460A5024-A35A-4EA7-9DAB-4C2A06269071}\RP339\A0059792.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{460A5024-A35A-4EA7-9DAB-4C2A06269071}\RP339\A0059794.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{460A5024-A35A-4EA7-9DAB-4C2A06269071}\RP339\A0059795.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{460A5024-A35A-4EA7-9DAB-4C2A06269071}\RP339\A0059796.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{460A5024-A35A-4EA7-9DAB-4C2A06269071}\RP339\A0059798.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{460A5024-A35A-4EA7-9DAB-4C2A06269071}\RP339\A0059799.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{460A5024-A35A-4EA7-9DAB-4C2A06269071}\RP339\A0059805.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{460A5024-A35A-4EA7-9DAB-4C2A06269071}\RP339\A0059806.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{460A5024-A35A-4EA7-9DAB-4C2A06269071}\RP339\A0059807.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{460A5024-A35A-4EA7-9DAB-4C2A06269071}\RP339\A0059809.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{460A5024-A35A-4EA7-9DAB-4C2A06269071}\RP339\A0059810.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{460A5024-A35A-4EA7-9DAB-4C2A06269071}\RP339\A0059811.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{460A5024-A35A-4EA7-9DAB-4C2A06269071}\RP339\A0059813.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{460A5024-A35A-4EA7-9DAB-4C2A06269071}\RP339\A0059814.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Datos de programa\VideoEgg\user.dat (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\publisher.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\avcodec.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\crashRpt.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\dataCollection.tmp (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\dump.dmp (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\FLVEncoder.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\lame_enc.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\LevelMeter.ax (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\libcurlve.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\libpng.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\npvideoegg-publisher.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\report.log (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\VideoEgg_FLVWriter.ax (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\zlib.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\aol_watermark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\audio_combo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\audio_source.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\big_gray_logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\big_logo_cropped.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\blank_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\button_browse_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\button_browse_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\button_browse_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\camcorders_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\camcorder_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\camcorder_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\corners_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\corners_bottom_left_curve.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\corners_bottom_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\corners_top_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\done.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\done_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\done_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\done_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\done_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\done_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\dropshadow_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\dropshadow_horiz.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\dropshadow_vertical.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\dropzone.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\dv_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\dv_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\dv_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\dv_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\dv_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\email_instructions.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\email_sent.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\email_sent_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\email_sent_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\eraser.CUR (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\eraser_cursor.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\file_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\file_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\help.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\icon_camcorder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\icon_camcorders.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\icon_camcorder_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\icon_camcorder_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\icon_ff.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\icon_file_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\icon_file_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\icon_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\icon_phone_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\icon_phone_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\icon_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\icon_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\icon_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\icon_webcam.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\icon_webcams.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\icon_webcam_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\icon_webcam_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\loading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\loading_movie.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\locating.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\logo_bottom.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\logo_middle.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\logo_top.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\mobile_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\mobile_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\mobile_slide_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\movie_placeholder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\ok.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\ok_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\ok_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\player_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\player_fast_forward_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\player_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\player_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\player_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\player_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\player_rewind_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\player_rewind_to_start.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\playhead.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\powered_by.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\progress.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\refresh_list_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\refresh_list_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\refresh_list_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\restart.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\restart_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\start_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\start_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\start_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\start_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\start_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\start_over_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\start_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\stop_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\stop_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\stop_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\stop_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\stop_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\tab_slide_deselected.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\tape_control.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\text_camcorder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\text_camcorder_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\text_file.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\text_file_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\text_phone.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\text_phone_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\text_webcam.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\text_webcam_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\upload.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\uploading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\uploading_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\uploading_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\uploading_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\uploading_medium.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\uploading_thumbnail.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\upload_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\upload_from.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\upload_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\volume_gray.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\volume_green.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\volume_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\volume_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\volume_orange.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\volume_red.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\volume_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\waiting_for_email.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\webcams_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\webcam_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\images\webcam_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Publisher\3461\resources\VideoEgg\messages\messages.en-US.bundle (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Updater\updater.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Updater\2663\libcurlve.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\VideoEgg\Updater\2663\updater.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\config.cfg (Malware.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\x\Datos de programa\~tmp.html (Malware.Trace) -> Quarantined and deleted successfully.


Thanks.
mlondon
Active Member
 
Posts: 6
Joined: November 7th, 2008, 5:19 pm

Re: My Computer has been infected

Unread postby mlondon » November 8th, 2008, 10:09 am

Hi peku006,

Finally, both logs from the running of the RSIT,

Logfile of random's system information tool 1.04 (written by random/random)
Run by x at 2008-11-08 14:06:20
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 10 GB (30%) free of 33 GB
Total RAM: 1022 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:06:28, on 08/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Archivos de programa\Intel\Wireless\Bin\EvtEng.exe
C:\Archivos de programa\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Archivos de programa\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Archivos de programa\McAfee\SiteAdvisor\McSACore.exe
C:\ARCHIV~1\McAfee\MSC\mcmscsvc.exe
c:\archivos de programa\archivos comunes\mcafee\mna\mcnasvc.exe
c:\ARCHIV~1\ARCHIV~1\mcafee\mcproxy\mcproxy.exe
C:\ARCHIV~1\McAfee\VIRUSS~1\mcshield.exe
C:\WINDOWS\Explorer.EXE
C:\Archivos de programa\McAfee\MPF\MPFSrv.exe
C:\Archivos de programa\McAfee\MSK\MskSrver.exe
C:\Archivos de programa\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
c:\ARCHIV~1\mcafee.com\agent\mcagent.exe
C:\Archivos de programa\Apoint\Apoint.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Archivos de programa\Sony\VAIO Power Management\SPMgr.exe
C:\Archivos de programa\Sony\ISB Utility\ISBMgr.exe
C:\Archivos de programa\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
C:\Archivos de programa\Intel\Wireless\Bin\RegSrvc.exe
C:\Archivos de programa\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Archivos de programa\Utimaco\SafeGuard PrivateDisk\pdservice.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Archivos de programa\Sony\VAIO Event Service\VESMgr.exe
C:\Archivos de programa\Apoint\Apntex.exe
C:\Archivos de programa\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\qttask.exe
C:\ARCHIV~1\Sony\SONICS~1\SsAAD.exe
C:\Archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Archivos de programa\Java\jre1.6.0_07\bin\jusched.exe
C:\Archivos de programa\Archivos comunes\Ahead\lib\NMBgMonitor.exe
C:\Archivos de programa\MSN Messenger\MsnMsgr.Exe
C:\Archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Archivos de programa\Microsoft Office\Office\3082\OLFSNT40.EXE
C:\Archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Archivos de programa\Logitech\Video\FxSvr2.exe
C:\Archivos de programa\Archivos comunes\Sony Shared\AVLib\SSScsiSV.exe
C:\Archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\Archivos de programa\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\MDM.EXE
C:\ARCHIV~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Archivos de programa\Java\jre1.6.0_07\bin\jucheck.exe
C:\Documents and Settings\x\Escritorio\RSIT.exe
C:\Archivos de programa\Trend Micro\HijackThis\x.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com/en/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\archivos de programa\google\googletoolbar2.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\ARCHIV~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [Apoint] C:\Archivos de programa\Apoint\Apoint.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Archivos de programa\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Archivos de programa\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Archivos de programa\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Archivos de programa\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [PDService.exe] C:\Archivos de programa\Utimaco\SafeGuard PrivateDisk\pdservice.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Archivos de programa\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Archivos de programa\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [QuickTime Task] C:\WINDOWS\system32\qttask.exe
O4 - HKLM\..\Run: [SsAAD.exe] C:\ARCHIV~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [NapsterShell] C:\Archivos de programa\Napster\napster.exe /systray
O4 - HKLM\..\Run: [mcagent_exe] "C:\Archivos de programa\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Archivos de programa\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [McENUI] C:\ARCHIV~1\McAfee\MHN\McENUI.exe /hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Archivos de programa\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Archivos de programa\Archivos comunes\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Archivos de programa\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [MsnMsgr] "C:\Archivos de programa\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Servicio de red')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - .DEFAULT User Startup: VAIO Launcher.lnk = C:\Archivos de programa\Sony\VAIO Launcher\Launcher.exe (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Archivos de programa\Archivos comunes\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Archivos de programa\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Puerto Symantec Fax Starter Edition.lnk = C:\Archivos de programa\Microsoft Office\Office\3082\OLFSNT40.EXE
O8 - Extra context menu item: &Google Search - res://C:\Archivos de programa\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Instantánea de caché de la página - res://C:\Archivos de programa\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Páginas similares - res://C:\Archivos de programa\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Páginas vinculadas - res://C:\Archivos de programa\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Transferencia mediante Image Converter 2 - C:\Archivos de programa\Sony\Image Converter 2\menu.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/en/
O15 - Trusted Zone: http://*.mcafee.com
O15 - Trusted Zone: *.sony-europe.com
O15 - Trusted Zone: *.sonystyle-europe.com
O15 - Trusted Zone: *.vaio-link.com
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/share ... insctl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by102w.bay102.mail.live.com/mail ... nPUpld.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://mrmanuchan.spaces.live.com/Photo ... nPUpld.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/S ... anager.ocx
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game06.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C1BAC744-8F0B-11D0-89E7-00C0A8295197} (Cameractl Class) - http://www.crtvg.es/camweb/camera.cab
O16 - DPF: {FE8FE5F0-E1EE-4ACD-81E0-2A6CFECB8431} (ePenClientSpec.ucEPenClientspec) - http://downloads.e-marking.eu.com/ePenClientSpec.ocx
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\ARCHIV~1\mcafee\SITEAD~1\mcieplg.dll
O22 - SharedTaskScheduler: IPC Configuration Utility - IPC Configuration Utility - (no file)
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Archivos de programa\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: EvtEng - Intel Corporation - C:\Archivos de programa\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Archivos de programa\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Archivos de programa\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\ARCHIV~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\archivos de programa\archivos comunes\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\ARCHIV~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\ARCHIV~1\ARCHIV~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\ARCHIV~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\ARCHIV~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Archivos de programa\McAfee\MPF\MPFSrv.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Archivos de programa\Archivos comunes\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Archivos de programa\McAfee\MSK\MskSrver.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Archivos de programa\Archivos comunes\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Archivos de programa\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Archivos de programa\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Archivos de programa\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Archivos de programa\Archivos comunes\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Archivos de programa\Archivos comunes\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Archivos de programa\Sony\VAIO Entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Archivos de programa\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Archivos de programa\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Archivos de programa\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Archivos de programa\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Archivos de programa\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Archivos de programa\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

--
End of file - 13855 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\McDefragTask.job
C:\WINDOWS\tasks\McQcTask.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\archivos de programa\google\googletoolbar2.dll [2006-02-14 1198592]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\ARCHIV~1\mcafee\SITEAD~1\mcieplg.dll [2008-09-30 145424]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Apoint"=C:\Archivos de programa\Apoint\Apoint.exe [2003-11-07 114688]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2005-06-09 6746112]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-06-29 14720000]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"AzMixerSel"=C:\Archivos de programa\Realtek\InstallShield\AzMixerSel.exe [2005-04-29 45056]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2005-06-29 114688]
"SonyPowerCfg"=C:\Archivos de programa\Sony\VAIO Power Management\SPMgr.exe [2005-05-15 184320]
"ISBMgr.exe"=C:\Archivos de programa\Sony\ISB Utility\ISBMgr.exe [2004-02-20 32768]
"VAIO Update 2"=C:\Archivos de programa\Sony\VAIO Update 2\VAIOUpdt.exe [2005-01-14 151552]
"PDService.exe"=C:\Archivos de programa\Utimaco\SafeGuard PrivateDisk\pdservice.exe [2004-07-06 40960]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2005-06-29 94208]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2005-06-29 77824]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2004-10-08 221184]
"LogitechVideoRepair"=C:\Archivos de programa\Logitech\Video\ISStart.exe [2005-01-18 458752]
"LogitechVideoTray"=C:\Archivos de programa\Logitech\Video\LogiTray.exe [2005-01-18 217088]
"QuickTime Task"=C:\WINDOWS\system32\qttask.exe [2006-04-11 28672]
"SsAAD.exe"=C:\ARCHIV~1\Sony\SONICS~1\SsAAD.exe [2005-06-03 81920]
"NapsterShell"=C:\Archivos de programa\Napster\napster.exe /systray []
"mcagent_exe"=C:\Archivos de programa\McAfee.com\Agent\mcagent.exe [2008-07-11 641208]
"Adobe Reader Speed Launcher"=C:\Archivos de programa\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-10-10 39792]
"McENUI"=C:\ARCHIV~1\McAfee\MHN\McENUI.exe [2008-06-13 1176808]
"SunJavaUpdateSched"=C:\Archivos de programa\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Archivos de programa\Archivos comunes\Ahead\lib\NMBgMonitor.exe [2005-10-28 94208]
"LogitechSoftwareUpdate"=C:\Archivos de programa\Logitech\Video\ManifestEngine.exe [2005-01-18 196608]
"MsnMsgr"=C:\Archivos de programa\MSN Messenger\MsnMsgr.Exe [2007-01-19 5674352]

C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio
Adobe Gamma Loader.lnk - C:\Archivos de programa\Archivos comunes\Adobe\Calibration\Adobe Gamma Loader.exe
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
Microsoft Office.lnk - C:\Archivos de programa\Microsoft Office\Office\OSA9.EXE
Puerto Symantec Fax Starter Edition.lnk - C:\Archivos de programa\Microsoft Office\Office\3082\OLFSNT40.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-06-29 131072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\VESWinlogon]
C:\WINDOWS\system32\VESWinlogon.dll [2005-05-20 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
IPC Configuration Utility - IPC Configuration Utility

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{93994DE8-8239-4655-B1D1-5F4E91300429}"=C:\ARCHIV~1\DVDREG~1\DVDShell.dll [2004-10-09 49152]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Archivos de programa\Yahoo!\Messenger\YPager.exe"="C:\Archivos de programa\Yahoo!\Messenger\YPager.exe:*:Enabled:Yahoo! Messenger"
"C:\Archivos de programa\Yahoo!\Messenger\YServer.exe"="C:\Archivos de programa\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\Archivos de programa\Messenger\msmsgs.exe"="C:\Archivos de programa\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Archivos de programa\5 Spots\5_spots.exe"="C:\Archivos de programa\5 Spots\5_spots.exe:*:Disabled:5_spots"
"C:\Archivos de programa\Absurd Atlantis\Absurd Atlantis.exe"="C:\Archivos de programa\Absurd Atlantis\Absurd Atlantis.exe:*:Disabled:Macromedia Projector"
"C:\Archivos de programa\Global Star Software\BrainStorm The Game Show\ChRes.exe"="C:\Archivos de programa\Global Star Software\BrainStorm The Game Show\ChRes.exe:*:Disabled:ChRes"
"C:\Archivos de programa\Skype\Phone\Skype.exe"="C:\Archivos de programa\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Archivos de programa\Sony\VAIO Media 4.0\Vc.exe"="C:\Archivos de programa\Sony\VAIO Media 4.0\Vc.exe:*:Disabled:[VAIO Media] VAIO Media"
"C:\Archivos de programa\MSN Messenger\msncall.exe"="C:\Archivos de programa\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\Archivos de programa\Veoh Networks\Veoh\VeohClient.exe"="C:\Archivos de programa\Veoh Networks\Veoh\VeohClient.exe:*:Disabled:Veoh Client"
"C:\Archivos de programa\MSN Messenger\msnmsgr.exe"="C:\Archivos de programa\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Archivos de programa\MSN Messenger\livecall.exe"="C:\Archivos de programa\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Archivos de programa\Archivos comunes\McAfee\MNA\McNASvc.exe"="C:\Archivos de programa\Archivos comunes\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent"
"C:\DOCUME~1\x\CONFIG~1\Temp\60325cahp25cas.exe"="C:\DOCUME~1\x\CONFIG~1\Temp\60325cahp25cas.exe:*:Enabled:Enabled"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Archivos de programa\MSN Messenger\msncall.exe"="C:\Archivos de programa\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\Archivos de programa\MSN Messenger\msnmsgr.exe"="C:\Archivos de programa\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Archivos de programa\MSN Messenger\livecall.exe"="C:\Archivos de programa\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1e9401f0-47b2-11dd-bc09-0013cec164b9}]
shell\AutoRun\command - WD_Windows_Tools\Setup.exe


======List of files/folders created in the last 3 months======

2008-11-08 14:06:20 ----D---- C:\rsit
2008-11-08 13:01:01 ----D---- C:\Archivos de programa\Malwarebytes' Anti-Malware
2008-11-08 12:29:27 ----A---- C:\WINDOWS\ntbtlog.txt
2008-10-31 01:41:32 ----A---- C:\LOG1FB.tmp
2008-10-30 23:15:30 ----D---- C:\Documents and Settings\x\Datos de programa\U3
2008-10-24 00:16:00 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-10-17 00:28:06 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-10-17 00:27:48 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-10-17 00:27:41 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-10-17 00:27:31 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-10-17 00:27:16 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-10-17 00:26:44 ----HDC---- C:\WINDOWS\$NtUninstallKB956390$
2008-10-16 19:11:52 ----A---- C:\WINDOWS\PhotoSnapViewer.INI
2008-09-15 16:19:40 ----D---- C:\Archivos de programa\CCleaner
2008-09-15 16:19:13 ----A---- C:\ccsetup211.exe
2008-09-11 20:15:43 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-09-11 20:14:52 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2008-09-09 15:12:47 ----D---- C:\WINDOWS\system32\CatRoot_bak
2008-09-08 17:31:57 ----A---- C:\WINDOWS\system32\javaws.exe
2008-09-08 17:31:57 ----A---- C:\WINDOWS\system32\javaw.exe
2008-09-08 17:31:57 ----A---- C:\WINDOWS\system32\java.exe
2008-09-08 17:04:33 ----D---- C:\_OTMoveIt
2008-08-31 16:32:06 ----D---- C:\WINDOWS\ERUNT
2008-08-31 16:24:21 ----D---- C:\SDFix
2008-08-29 17:19:15 ----D---- C:\Archivos de programa\Trend Micro
2008-08-26 22:05:24 ----AD---- C:\Documents and Settings\All Users\Datos de programa\TEMP
2008-08-26 21:44:41 ----D---- C:\Documents and Settings\x\Datos de programa\McAfee
2008-08-26 20:03:07 ----D---- C:\Documents and Settings\x\Datos de programa\Malwarebytes
2008-08-26 20:02:48 ----D---- C:\Documents and Settings\All Users\Datos de programa\Malwarebytes
2008-08-13 18:50:31 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-08-13 18:50:23 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-08-13 18:50:16 ----HDC---- C:\WINDOWS\$NtUninstallKB953839$
2008-08-13 18:50:10 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-08-13 18:50:04 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-08-13 18:49:52 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-08-13 18:49:46 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-08-13 18:49:24 ----HDC---- C:\WINDOWS\$NtUninstallKB953838$

======List of files/folders modified in the last 3 months======

2008-11-08 14:06:21 ----D---- C:\WINDOWS\Temp
2008-11-08 13:59:51 ----D---- C:\WINDOWS\system32
2008-11-08 13:58:12 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-11-08 13:01:13 ----D---- C:\WINDOWS\system32\drivers
2008-11-08 13:01:01 ----RD---- C:\Archivos de programa
2008-11-08 12:51:14 ----D---- C:\WINDOWS\system32\Lang
2008-11-08 12:41:05 ----D---- C:\WINDOWS
2008-11-08 12:24:56 ----A---- C:\WINDOWS\mdm.ini
2008-11-06 20:14:08 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-11-06 16:44:06 ----A---- C:\WINDOWS\win.ini
2008-11-06 16:01:22 ----D---- C:\WINDOWS\system32\CatRoot2
2008-11-04 22:41:27 ----HD---- C:\WINDOWS\inf
2008-11-04 22:41:27 ----D---- C:\WINDOWS\Help
2008-11-03 16:52:59 ----D---- C:\Archivos de programa\McAfee
2008-10-30 23:29:59 ----D---- C:\WINDOWS\Prefetch
2008-10-27 23:13:41 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-10-24 00:15:15 ----HD---- C:\WINDOWS\$hf_mig$
2008-10-23 20:41:23 ----A---- C:\WINDOWS\NeroDigital.ini
2008-10-17 00:26:53 ----D---- C:\Archivos de programa\Internet Explorer
2008-10-16 14:13:40 ----A---- C:\WINDOWS\system32\wuweb.dll
2008-10-16 14:13:40 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-10-16 14:12:22 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-10-16 14:12:20 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\wups2.dll
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\cdm.dll
2008-10-16 14:08:58 ----A---- C:\WINDOWS\system32\wups.dll
2008-10-16 14:08:42 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2008-10-16 14:07:14 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2008-10-15 16:59:29 ----A---- C:\WINDOWS\system32\netapi32.dll
2008-10-14 16:50:40 ----D---- C:\Documents and Settings\All Users\Datos de programa\SiteAdvisor
2008-10-14 16:50:30 ----D---- C:\Documents and Settings\All Users\Datos de programa\McAfee
2008-09-12 20:24:43 ----D---- C:\Program Files
2008-09-11 20:15:44 ----D---- C:\WINDOWS\WinSxS
2008-09-09 15:45:38 ----D---- C:\WINDOWS\system32\CatRoot
2008-09-09 15:12:47 ----D---- C:\WINDOWS\Debug
2008-09-08 17:32:03 ----SHD---- C:\WINDOWS\Installer
2008-09-08 17:31:56 ----D---- C:\Archivos de programa\Java
2008-08-26 21:51:02 ----RAHC---- C:\WINDOWS\system32\cdplayer.exe.manifest
2008-08-26 21:45:10 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-08-20 05:33:55 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-08-20 05:33:52 ----A---- C:\WINDOWS\system32\urlmon.dll
2008-08-20 05:33:52 ----A---- C:\WINDOWS\system32\browseui.dll
2008-08-20 05:33:51 ----A---- C:\WINDOWS\system32\wininet.dll
2008-08-20 05:33:51 ----A---- C:\WINDOWS\system32\shlwapi.dll
2008-08-20 05:33:51 ----A---- C:\WINDOWS\system32\mshtmled.dll
2008-08-20 05:33:51 ----A---- C:\WINDOWS\system32\jsproxy.dll
2008-08-20 05:33:50 ----A---- C:\WINDOWS\system32\shdocvw.dll
2008-08-20 05:33:50 ----A---- C:\WINDOWS\system32\pngfilt.dll
2008-08-20 05:33:50 ----A---- C:\WINDOWS\system32\mstime.dll
2008-08-20 05:33:49 ----A---- C:\WINDOWS\system32\msrating.dll
2008-08-20 05:33:49 ----A---- C:\WINDOWS\system32\inseng.dll
2008-08-20 05:33:49 ----A---- C:\WINDOWS\system32\iepeers.dll
2008-08-20 05:33:49 ----A---- C:\WINDOWS\system32\extmgr.dll
2008-08-20 05:33:49 ----A---- C:\WINDOWS\system32\dxtrans.dll
2008-08-20 05:33:49 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2008-08-20 05:33:49 ----A---- C:\WINDOWS\system32\danim.dll
2008-08-20 05:33:49 ----A---- C:\WINDOWS\system32\cdfview.dll
2008-08-19 09:51:34 ----A---- C:\WINDOWS\system32\xpsp3res.dll
2008-08-14 13:44:43 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
2008-08-14 13:44:40 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2008-08-13 18:50:25 ----D---- C:\Archivos de programa\Messenger

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 DMICall;Sony DMI Call service; C:\WINDOWS\system32\DRIVERS\DMICall.sys [2000-12-05 3952]
R1 intelppm;Controlador de procesador Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-27 40320]
R1 mfehidk;McAfee Inc. mfehidk; C:\WINDOWS\system32\drivers\mfehidk.sys [2008-06-27 207656]
R1 MPFP;MPFP; C:\WINDOWS\System32\Drivers\Mpfp.sys [2008-06-02 120136]
R1 PrivateDisk;PrivateDisk; C:\WINDOWS\System32\Drivers\PrivateDiskM.sys [2004-07-06 45627]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2008-05-13 5632]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.2.0.3; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2005-07-15 17801]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R2 s24trans;Transporte WLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2005-05-03 11354]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2003-09-29 94601]
R3 Arp1394;Protocolo de cliente ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-20 60800]
R3 CmBatt;Controlador de batería de método de control ACPI de Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-03 14080]
R3 E100B;Intel(R) PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2004-10-13 155648]
R3 HDAudBus;Controlador de bus de Microsoft UAA para High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2004-08-12 137728]
R3 HidUsb;Controlador de clases HID de Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-05-23 1034752]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2005-05-23 178048]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-06-29 3173888]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\WINDOWS\system32\drivers\mfeavfk.sys [2008-06-27 79240]
R3 mfebopk;McAfee Inc. mfebopk; C:\WINDOWS\system32\drivers\mfebopk.sys [2008-06-27 35240]
R3 mfesmfk;McAfee Inc. mfesmfk; C:\WINDOWS\system32\drivers\mfesmfk.sys [2008-06-27 40488]
R3 mouhid;Controlador HID de mouse; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-22 12416]
R3 NIC1394;Controlador de red 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-20 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2005-06-09 3192192]
R3 SNC;Sony Notebook Control Device; C:\WINDOWS\System32\Drivers\SonyNC.sys [2000-11-09 48896]
R3 tifmsony;tifmsony; C:\WINDOWS\system32\drivers\tifmsony.sys [2005-06-10 76800]
R3 usbehci;Controlador minipuerto de la controladora mejorada USB 2.0 de Microsoft; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Controlador de concentrador estándar USB de Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Controlador minipuerto de la controladora de host universal USB de Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 w29n51;Controlador de la Conexión de red Intel(R) PRO/Wireless 2200BG para Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2005-04-30 3281408]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-05-23 716288]
S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys []
S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys []
S2 PIEUsb;FilmScan35; C:\WINDOWS\System32\Drivers\usbscan.sys [2004-08-03 15104]
S3 catchme;catchme; \??\C:\DOCUME~1\x\CONFIG~1\Temp\catchme.sys []
S3 CCDECODE;Descodificador de título cerrado; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-06-29 1050140]
S3 LEX_AS_NIC_SERVICE_YNOS;LAN-Express AS IEEE 802.11g Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ExpasAG.sys [2005-02-10 456448]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-01-31 22016]
S3 mferkdk;McAfee Inc. mferkdk; C:\WINDOWS\system32\drivers\mferkdk.sys [2008-06-20 34152]
S3 MSTEE;Convertidor Tee/Sink-to-Sink de transferencia de Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;Códec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Conexión de TV/Vídeo de Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2005-01-31 7104]
S3 PID_08A0;QuickCam IM(PID_08A0); C:\WINDOWS\system32\DRIVERS\LV302AV.SYS [2005-01-31 912768]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 SONYPVU1;Controlador de filtro USB de Sony (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 SONYTVC;Sony MPEG RR-Engine; C:\WINDOWS\system32\DRIVERS\SONYTVC.sys [2005-03-18 237568]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 58320]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 8304]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 94000]
S3 streamip;Receptor BDA IP; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 usbaudio;Controlador de audio USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
S3 usbccgp;Controlador primario genérico USB de Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbscan;Controlador de escáner USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Dispositivo de almacenamiento masivo de datos USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 WSTCODEC;Códec de teletexto estándar mundial; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeActiveFileMonitor;Adobe Active File Monitor; C:\Archivos de programa\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe [2004-10-20 98304]
R2 EvtEng;EvtEng; C:\Archivos de programa\Intel\Wireless\Bin\EvtEng.exe [2005-06-02 86016]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Archivos de programa\McAfee\SiteAdvisor\McSACore.exe [2008-10-08 203280]
R2 mcmscsvc;McAfee Services; C:\ARCHIV~1\McAfee\MSC\mcmscsvc.exe [2008-06-21 792184]
R2 McNASvc;McAfee Network Agent; c:\archivos de programa\archivos comunes\mcafee\mna\mcnasvc.exe [2008-07-18 2482848]
R2 McProxy;McAfee Proxy Service; c:\ARCHIV~1\ARCHIV~1\mcafee\mcproxy\mcproxy.exe [2008-07-09 358736]
R2 McShield;McAfee Real-time Scanner; C:\ARCHIV~1\McAfee\VIRUSS~1\mcshield.exe [2008-06-20 144704]
R2 MpfService;McAfee Personal Firewall Service; C:\Archivos de programa\McAfee\MPF\MPFSrv.exe [2008-07-09 884360]
R2 MSK80Service;McAfee SpamKiller Service; C:\Archivos de programa\McAfee\MSK\MskSrver.exe [2008-07-09 25416]
R2 MSSQL$VAIO_VEDB;MSSQL$VAIO_VEDB; C:\Archivos de programa\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe [2002-12-17 7520337]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2005-06-09 127044]
R2 PhotoshopElementsDeviceConnect;Photoshop Elements Device Connect; C:\Archivos de programa\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe [2004-10-20 118784]
R2 RegSrvc;RegSrvc; C:\Archivos de programa\Intel\Wireless\Bin\RegSrvc.exe [2005-06-02 139264]
R2 S24EventMonitor;Spectrum24 Event Monitor; C:\Archivos de programa\Intel\Wireless\Bin\S24EvMon.exe [2005-06-02 372809]
R2 VAIO Event Service;VAIO Event Service; C:\Archivos de programa\Sony\VAIO Event Service\VESMgr.exe [2005-05-20 153600]
R2 VzCdbSvc;VAIO Entertainment Database Service; C:\Archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [2005-06-15 167936]
R2 VzFw;VAIO Entertainment File Import Service; C:\Archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe [2005-06-15 135168]
R3 McSysmon;McAfee SystemGuards; C:\ARCHIV~1\McAfee\VIRUSS~1\mcsysmon.exe [2008-06-20 605512]
R3 SSScsiSV;SonicStage SCSI Service; C:\Archivos de programa\Archivos comunes\Sony Shared\AVLib\SSScsiSV.exe [2005-06-03 69632]
R3 VAIO Entertainment Aggregation and Control Service;VAIO Entertainment Aggregation and Control Service; C:\Archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe [2005-06-17 143360]
R3 Vcsw;VAIO Entertainment UPnP Client Adapter; C:\Archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [2005-06-15 270336]
S2 VCI;VAIO Cooporated Initialisation; C:\Archivos de programa\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe [2005-01-04 398336]
S3 Image Converter video recording monitor for VAIO Entertainment;Image Converter video recording monitor for VAIO Entertainment; C:\Archivos de programa\Sony\Image Converter 2\IcVzMon.exe [2005-04-05 32768]
S3 McODS;McAfee Scanner; C:\ARCHIV~1\McAfee\VIRUSS~1\mcods.exe [2008-06-20 361800]
S3 MSCSPTISRV;MSCSPTISRV; C:\Archivos de programa\Archivos comunes\Sony Shared\AVLib\MSCSPTISRV.exe [2005-06-07 53337]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Archivos de programa\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 PACSPTISVR;PACSPTISVR; C:\Archivos de programa\Archivos comunes\Sony Shared\AVLib\PACSPTISVR.exe [2005-06-07 53337]
S3 SPTISRV;Sony SPTI Service; C:\Archivos de programa\Archivos comunes\Sony Shared\AVLib\SPTISRV.exe [2005-06-07 69718]
S3 SQLAgent$VAIO_VEDB;SQLAgent$VAIO_VEDB; C:\Archivos de programa\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlagent.EXE [2002-12-17 311872]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Archivos de programa\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 VAIO Entertainment Task Scheduler;VAIO Entertainment Task Scheduler; C:\Archivos de programa\Sony\VAIO Entertainment\VzTaskScheduler.exe [2005-06-17 397312]
S3 VAIO Entertainment TV Device Arbitration Service;VAIO Entertainment TV Device Arbitration Service; C:\Archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe [2005-06-15 73728]
S3 VAIOMediaPlatform-IntegratedServer-AppServer;VAIO Media Integrated Server; C:\Archivos de programa\Sony\VAIO Media Integrated Server\VMISrv.exe [2005-06-07 1851392]
S3 VAIOMediaPlatform-IntegratedServer-HTTP;VAIO Media Integrated Server (HTTP); C:\Archivos de programa\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [2005-06-07 57344]
S3 VAIOMediaPlatform-IntegratedServer-UPnP;VAIO Media Integrated Server (UPnP); C:\Archivos de programa\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [2005-06-07 770048]
S3 VAIOMediaPlatform-Mobile-Gateway;VAIO Media Gateway Server; C:\Archivos de programa\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe [2005-06-07 188416]
S3 WMPNetworkSvc;Servicio de uso compartido de red del Reproductor de Windows Media; C:\Archivos de programa\Windows Media Player\WMPNetwk.exe [2006-11-03 916480]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-20 14336]

-----------------EOF-----------------


And,

info.txt logfile of random's system information tool 1.04 2008-11-08 14:06:32

======Uninstall list======

-->C:\Archivos de programa\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\IsUn040a.exe -fC:\WINDOWS\orun32.isu
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->Dummy
-->MsiExec.exe /I{5B782FFA-6A95-480D-8E0A-0954A14693D6}
-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{FD836E74-7923-4174-A055-F97CD0F3BB46}\Setup.exe" -l0xa
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Actualización de seguridad para el Reproductor de Windows Media (KB911564)-->"C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
Actualización de seguridad para el Reproductor de Windows Media 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Actualización de seguridad para el Reproductor de Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Actualización de seguridad para el Reproductor de Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Actualización de seguridad para el Reproductor de Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Actualización de seguridad para el Reproductor de Windows Media 6.4 (KB925398)-->"C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe"
Actualización de seguridad para Step by Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Actualización de seguridad para Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB883939)-->"C:\WINDOWS\$NtUninstallKB883939$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB890046)-->"C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB893066)-->"C:\WINDOWS\$NtUninstallKB893066$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB896422)-->"C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB896424)-->"C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB896428)-->"C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB899591)-->"C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB904706)-->"C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB905915)-->"C:\WINDOWS\$NtUninstallKB905915$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB908519)-->"C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB908531)-->"C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB911280)-->"C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB911562)-->"C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB911567)-->"C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB912812)-->"C:\WINDOWS\$NtUninstallKB912812$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB912919)-->"C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB913446)-->"C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB913580)-->"C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB914388)-->"C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB914389)-->"C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB916281)-->"C:\WINDOWS\$NtUninstallKB916281$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB917159)-->"C:\WINDOWS\$NtUninstallKB917159$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB917344)-->"C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB917422)-->"C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB917953)-->"C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB918118)-->"C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB918439)-->"C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB918899)-->"C:\WINDOWS\$NtUninstallKB918899$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB919007)-->"C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB920213)-->"C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB920214)-->"C:\WINDOWS\$NtUninstallKB920214$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB920670)-->"C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB920683)-->"C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB920685)-->"C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB921398)-->"C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB921503)-->"C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB921883)-->"C:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB922616)-->"C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB922760)-->"C:\WINDOWS\$NtUninstallKB922760$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB922819)-->"C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB923191)-->"C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB923414)-->"C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB923694)-->"C:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB923980)-->"C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB924191)-->"C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB924270)-->"C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB924496)-->"C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB924667)-->"C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB925454)-->"C:\WINDOWS\$NtUninstallKB925454$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB925486)-->"C:\WINDOWS\$NtUninstallKB925486$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB925902)-->"C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB926255)-->"C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB926436)-->"C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB927779)-->"C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB927802)-->"C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB928090)-->"C:\WINDOWS\$NtUninstallKB928090$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB928255)-->"C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB928843)-->"C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB929123)-->"C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB929969)-->"C:\WINDOWS\$NtUninstallKB929969$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB930178)-->"C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB931261)-->"C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB931768)-->"C:\WINDOWS\$NtUninstallKB931768$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB931784)-->"C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB932168)-->"C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB933566)-->"C:\WINDOWS\$NtUninstallKB933566$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB933729)-->"C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB935839)-->"C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB935840)-->"C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB936021)-->"C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB937143)-->"C:\WINDOWS\$NtUninstallKB937143$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB938127)-->"C:\WINDOWS\$NtUninstallKB938127$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB938829)-->"C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB939653)-->"C:\WINDOWS\$NtUninstallKB939653$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB941202)-->"C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB941568)-->"C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB941644)-->"C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB941693)-->"C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB942615)-->"C:\WINDOWS\$NtUninstallKB942615$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB943055)-->"C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB943460)-->"C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB943485)-->"C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB944338)-->"C:\WINDOWS\$NtUninstallKB944338$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB944533)-->"C:\WINDOWS\$NtUninstallKB944533$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB944653)-->"C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB945553)-->"C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB946026)-->"C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB947864)-->"C:\WINDOWS\$NtUninstallKB947864$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB948590)-->"C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB948881)-->"C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB950749)-->"C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Actualización de seguridad para Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Actualización para Windows XP (KB894391)-->"C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
Actualización para Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Actualización para Windows XP (KB900485)-->"C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
Actualización para Windows XP (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
Actualización para Windows XP (KB916595)-->"C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
Actualización para Windows XP (KB920872)-->"C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
Actualización para Windows XP (KB922582)-->"C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
Actualización para Windows XP (KB927891)-->"C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
Actualización para Windows XP (KB929338)-->"C:\WINDOWS\$NtUninstallKB929338$\spuninst\spuninst.exe"
Actualización para Windows XP (KB930916)-->"C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
Actualización para Windows XP (KB931836)-->"C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe"
Actualización para Windows XP (KB933360)-->"C:\WINDOWS\$NtUninstallKB933360$\spuninst\spuninst.exe"
Actualización para Windows XP (KB936357)-->"C:\WINDOWS\$NtUninstallKB936357$\spuninst\spuninst.exe"
Actualización para Windows XP (KB938828)-->"C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
Actualización para Windows XP (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
Actualización para Windows XP (KB942840)-->"C:\WINDOWS\$NtUninstallKB942840$\spuninst\spuninst.exe"
Actualización para Windows XP (KB946627)-->"C:\WINDOWS\$NtUninstallKB946627$\spuninst\spuninst.exe"
Actualización para Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Adobe Flash Player 9-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Photoshop CS-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}\setup.exe" -l0xa
Adobe Photoshop Elements 3.0-->MsiExec.exe /I{851C67EF-068A-4060-9EF5-2E3DDCD68382}
Adobe Premiere Standard-->RunDll32 "C:\Archivos de programa\Archivos comunes\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll",LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{7998F67D-655B-42E3-B651-18D96DD17268}\setup.exe"
Adobe Reader 7.0.5 Language Support-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-7050000000A7}
Adobe Reader 8.1.1 - Español-->MsiExec.exe /I{AC76BA86-7AD7-1034-7B44-A81000000003}
AirZip Plug-in for Internet Explorer-->C:\ARCHIV~1\ARCHIV~1\INSTAL~1\Driver\8\INTEL3~1\IDriver.exe /M{A821BC77-32FD-4CF3-A006-75CB3B525633}
CCleaner (remove only)-->"C:\Archivos de programa\CCleaner\uninst.exe"
Click to DVD 2.0.03 Menu Data-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{9E407618-D9CD-4F39-9490-9ED45294073D}\setup.exe" -l0x9 -removeonly
Click to DVD 2.4.10-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{E809063C-51A3-4269-8984-D1EB742F2151}\setup.exe" -l0x9 -removeonly
Compresor WinRAR-->C:\Archivos de programa\WinRAR\uninstall.exe
Controlador de Logitech® Camera-->"C:\Archivos de programa\Archivos comunes\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
DVD Region+CSS Free 5.9.5.2-->"C:\Archivos de programa\DVD Region+CSS Free\unins000.exe"
DVD Shrink 3.2-->"C:\Archivos de programa\DVD Shrink\unins000.exe"
DVgate Plus-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{685BCC47-B8EC-45EC-BBCE-77DF2451502C}\setup.exe" -l0x9
Express Rip Uninstall-->C:\Archivos de programa\NCH Swift Sound\ExpressRip\uninst.exe
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\archivos de programa\google\googletoolbar2.dll"
HDAUDIO SoftV92 Data Fax Modem with SmartCP-->C:\Archivos de programa\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_20030003\HXFSETUP.EXE -U -ISnyHDANk.inf
High Definition Audio Driver Package - KB835221-->C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
HijackThis 2.0.2-->"C:\Archivos de programa\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB926239)-->"C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe"
Image Converter 2-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{29999594-B540-4C88-A8D3-C99CA43809FC}\setup.exe" /UNINSTALL
Intel(R) Graphics Media Accelerator Driver for Mobile-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_2792 PCI\VEN_8086&DEV_2592
Intel(R) PRO Network Connections Drivers-->Prounstl.exe
Intel(R) PROSet/Wireless Software-->C:\WINDOWS\Installer\iProInst.exe
InterActual Player-->C:\Program Files\InterActual\InterActual Player\inuninst.exe
InterVideo WinDVD for VAIO-->"C:\Archivos de programa\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
InterVideo WinDVDX-->"C:\Archivos de programa\InstallShield Installation Information\{1A91D1FA-B9B3-4556-9878-5C61059A19B2}\setup.exe" REMOVEALL
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
LAN-Express AS IEEE 802.11 Wireless LAN-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{FCCB0B43-7A6D-49A4-A5B3-B10F592F4EB6}\Setup.exe" -l0x9
Logitech Desktop Messenger-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\Setup.exe" -l0xa UNINSTALL
Malwarebytes' Anti-Malware-->"C:\Archivos de programa\Malwarebytes' Anti-Malware\unins000.exe"
McAfee SecurityCenter-->C:\Archivos de programa\McAfee\MSC\mcuninst.exe
mCore-->MsiExec.exe /I{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}
mDriver-->MsiExec.exe /I{28DA872A-0848-48CF-B749-19A198157A2A}
Memory Stick Formatter-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{27337663-2619-11D4-99DC-0000F49094C7}\Setup.exe" -l0xa /UNINSTALL
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Interactive Training-->C:\Archivos de programa\MSPress\Training\lunins32_s.exe
Microsoft Office 2000 Professional-->MsiExec.exe /I{00010C0A-78E1-11D2-B60F-006097C998E7}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server Desktop Engine (VAIO_VEDB)-->MsiExec.exe /X{E09B48B5-E141-427A-AB0C-D3605127224A}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Works-->MsiExec.exe /I{42D1FEA1-F4A6-4376-BF3A-F5175AAD5726}
mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
MoodLogic-->C:\WINDOWS\ml-uninstall-v10.exe
mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
Musikapa (remove only)-->"C:\Archivos de programa\Musikapa\Uninstall.exe"
mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
mXML-->MsiExec.exe /I{9CC89556-3578-48DD-8408-04E66EBEF401}
Nero 7 Demo-->MsiExec.exe /I{A66B369B-2927-8B02-ADF7-5BC0FE941034}
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
OpenMG Secure Module 4.2.00-->C:\ARCHIV~1\ARCHIV~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{849ABF1A-6AE3-45E1-B260-D5447B2F29F5} UNINSTALL
QuickTime-->C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
Realtek High Definition Audio Driver-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0xa -removeonly
Registro en línea VAIO (Español)-->C:\Archivos de programa\Archivos comunes\InstallShield\Driver\8\Intel 32\IDriver.exe /M{668B1BD6-4593-4959-970E-249AFFE6F35C} /l1034
Reproductor de Windows Media 11-->"C:\Archivos de programa\Windows Media Player\Setup_wm.exe" /Uninstall
Revisión de Windows XP - KB307154-->C:\WINDOWS\$NtUninstallKB307154$\spuninst\spuninst.exe
Revisión de Windows XP - KB873333-->C:\WINDOWS\$NtUninstallKB873333$\spuninst\spuninst.exe
Revisión de Windows XP - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
Revisión de Windows XP - KB884018-->C:\WINDOWS\$NtUninstallKB884018$\spuninst\spuninst.exe
Revisión de Windows XP - KB884575-->C:\WINDOWS\$NtUninstallKB884575$\spuninst\spuninst.exe
Revisión de Windows XP - KB885250-->C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
Revisión de Windows XP - KB885835-->C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
Revisión de Windows XP - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
Revisión de Windows XP - KB886185-->C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
Revisión de Windows XP - KB887472-->C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
Revisión de Windows XP - KB887742-->C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe
Revisión de Windows XP - KB888113-->C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
Revisión de Windows XP - KB888239-->C:\WINDOWS\$NtUninstallKB888239$\spuninst\spuninst.exe
Revisión de Windows XP - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
Revisión de Windows XP - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
Revisión de Windows XP - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
Revisión de Windows XP - KB893056-->C:\WINDOWS\$NtUninstallKB893056$\spuninst\spuninst.exe
Revisión de Windows XP - KB893086-->"C:\WINDOWS\$NtUninstallKB893086$\spuninst\spuninst.exe"
Revisión para el Reproductor de Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Revisión para Windows XP (KB935448)-->"C:\WINDOWS\$NtUninstallKB935448$\spuninst\spuninst.exe"
Revisión para Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Roxio DigitalMedia Audio-->MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Roxio DigitalMedia Copy-->MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
Roxio DigitalMedia Data-->MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
SafeGuard® PrivateDisk 1.00.6 - Try and Buy Version-->MsiExec.exe /X{48E9DE14-39D1-4974-91A6-D4E1836F648D}
SAMSUNG CDMA Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
SAMSUNG Mobile USB Modem ^^-->C:\WINDOWS\system32\Samsung_USB_Drivers\4\SSVDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Samsung PC Studio 3 USB Driver Installer-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}\setup.exe" -l0x9 -removeonly
Samsung PC Studio-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -l0x9 -removeonly
Samsung Samples Installer-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{7AC15160-A49B-4A89-B181-D4619C025FFF}\setup.exe" -l0x9 -removeonly
Sandlot Games Client Services-->"C:\Archivos de programa\Archivos comunes\Sandlot Shared\unins000.exe"
Setting Utility Series-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{59452470-A902-477F-9338-9B88101681BD}\setup.exe" -l0xa UNINSTALL
Skype 1.3-->"C:\Archivos de programa\Skype\Phone\unins000.exe"
Software Logitech QuickCam-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{C43048A9-742C-4DAD-90D2-E3B53C9DB825}\setup.exe" -l0xa
SonicStage 3.2-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{A0EB195B-5876-48E6-879D-33D4B2102610}\setup.exe" -l0xa UNINSTALL -removeonly
SonicStage Mastering Studio 1.4-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{BF3B304B-8A18-452D-A19F-6012CA8418D7}\setup.exe" -l0x9
SonicStage Mastering Studio Audio Filter Custom Preset-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{013E1BA8-C815-4E27-BCB9-D6B1B2E24094}\Setup.exe" -l0x9
SonicStage Mastering Studio Audio Filter-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{AB467B85-4F52-48C2-AEED-0673D00417B0}\Setup.exe" -l0x9
SonicStage Mastering Studio Plugins-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{EE7EB179-5AA2-4B28-AC92-5CBAAF82BA7F}\Setup.exe" -l0x9
Sony MP4 Shared Library-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}\setup.exe" -l0x9 -removeonly
Sony Utilities DLL-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{EF3D45BB-2260-4008-88EA-492E7744A9DF}\setup.exe" -l0x9 -removeonly
Sony Video Shared Library-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{BE56FEF0-1A0F-4719-B3AD-34B5087AFA6D}\setup.exe" -l0x9 -removeonly
Tesco Download Manager-->"C:\Archivos de programa\Tesco\Downloader\Uninstall.exe"
VAIO Control Center-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{FC37C108-821D-4EDE-8F40-D5B497586805}\Setup.exe" -l0xa
VAIO Edit Components-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{01AE599F-7B72-4135-8C56-9191F4ACBA88}\setup.exe" -l0x9 -removeonly
VAIO Entertainment Platform-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{D917FD82-6CE5-489A-AAF8-C701AAC85C4D}\setup.exe" -l0x9
VAIO Event Service-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}\setup.exe" -l0xa
VAIO Launcher-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{A43F939E-A863-433D-AC78-0897E44CFEB2}\setup.exe" -l0x9
VAIO Light Flo Wallpaper-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{639BB4D3-AA30-4A7B-8CB5-6DE681AD6659}\setup.exe" -l0xa
VAIO Long Battery Life Wallpaper-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{BBFFB027-7D53-4E1B-95BC-35A2216D1D60}\Setup.exe" -l0xa
VAIO Media 4.0-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{1EB317D8-8945-4FD6-B37F-DF470317C6AB}\Setup.exe" -l0x9 UNINSTALL
VAIO Media AC3 Decoder 1.0-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{2063C2E8-3812-4BBD-9998-6610F80C1DD4}\Setup.exe" -l0x9 UNINSTALL
VAIO Media Integrated Server 4.2-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{7A79D11B-FD82-4A5E-834F-20173515DD14}\setup.exe" -l0x9 UNINSTALL -removeonly
VAIO Media Redistribution 4.0-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{7128C69B-8F7E-4336-8698-3FD3CDD955EC}\Setup.exe" -l0x9 UNINSTALL
VAIO Media Registration Tool 4.0-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}\setup.exe" -l0x9 UNINSTALL
VAIO Original Screen Saver VAIO Motion HD Normal Contents-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{531C0C3A-7112-4986-8222-5778FB547D81}\Setup.exe" -l0xa
VAIO Original Screen Saver VAIO Motion HD Wide Contents-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{BBD4DAC9-DF99-48CA-8F62-AE6F2BD47063}\Setup.exe" -l0xa
VAIO Original Screen Saver VAIO Motion SD Normal Contents-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{805BC1AB-46C5-438C-BCB7-537A1A32290C}\Setup.exe" -l0xa
VAIO Original Screen Saver VAIO Motion SD Wide Contents-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{51735133-A296-4EB0-BF16-AD93B55BD000}\Setup.exe" -l0xa
VAIO Original Screen Saver VAIO Scene HD Normal Contents-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{25CF0627-2EF6-4FCE-A0DE-7D6350C774B2}\Setup.exe" -l0xa
VAIO Original Screen Saver VAIO Scene HD Wide Contents-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{169C78C0-8C32-4CA1-9602-D8E998ECE96A}\Setup.exe" -l0xa
VAIO Original Screen Saver VAIO Scene SD Normal Contents-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{71249EFF-EFAB-48A0-B967-630F4E70BBC3}\Setup.exe" -l0xa
VAIO Original Screen Saver VAIO Scene SD Wide Contents-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{E365AAB7-F160-4E2F-ACAC-28D487ACF47D}\Setup.exe" -l0xa
VAIO Original Screen Saver-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{1BEF9285-5530-426B-A5F1-5836B95C7EB1}\setup.exe" -l0xa
VAIO Power Management-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{9E319E96-ED8E-4B01-9775-C521A1869A25}\setup.exe" -l0xa UNINSTALL
VAIO Product Survey-->C:\Archivos de programa\Archivos comunes\InstallShield\Driver\8\Intel 32\IDriver.exe /M{9080C5D2-82FA-452A-87FA-CBB4B05D67A5} /l1034
VAIO Update 2-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{48820099-ED7D-424B-890C-9A82EF00656D}\Setup.exe" -l0xa
VAIO Zone-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{ED8D39F2-7FFA-45EC-B148-EF2472955BB4}\Setup.exe" -l0x9
VideoEgg Publisher-->C:\Archivos de programa\VideoEgg\Uninstall.exe
Windows Genuine Advantage v1.3.0254.0-->MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Live Messenger-->MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F}
Windows Live Sign-in Assistant-->MsiExec.exe /I{F652D238-5F29-42D5-BAF3-0115EF977EC2}
Windows Media Format 11 runtime-->"C:\Archivos de programa\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Wireless LAN Starter-->RunDll32 C:\ARCHIV~1\ARCHIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Archivos de programa\InstallShield Installation Information\{61D6E4FB-1A62-4EB1-BE56-929B00C155CF}\setup.exe" -l0xa

=====HijackThis Backups=====

O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)
O22 - SharedTaskScheduler: Windows Installer Class - {020487CC-FC04-4B1E-863F-D9801796230B} - C:\DOCUME~1\x\CONFIG~1\Temp\wndutl32.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

======Hosts File======

127.0.0.1 localhost

======Security center information======

AV: McAfee VirusScan
FW: McAfee Personal Firewall

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Archivos de programa\Intel\Wireless\Bin\;C:\Archivos de programa\Microsoft SQL Server\80\Tools\Binn\;C:\Archivos de programa\Samsung\Samsung PC Studio 3\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 13 Stepping 8, GenuineIntel
"PROCESSOR_REVISION"=0d08
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"SonicCentral"=C:\Archivos de programa\Archivos comunes\Sonic Shared\Sonic Central\
"CLASSPATH"="C:\Archivos de programa\Java\jre1.5.0_03\QTJava.zip"
"QTJAVA"="C:\Archivos de programa\Java\jre1.5.0_03\QTJava.zip"

-----------------EOF-----------------

Thank you.
mlondon
Active Member
 
Posts: 6
Joined: November 7th, 2008, 5:19 pm

Re: My Computer has been infected

Unread postby peku006 » November 8th, 2008, 11:06 am

Hi mlondon

Looks much better..........

1 - Clean temp files

    Download and Run ATF Cleaner
    Download ATF (Atribune Temp File) Cleaner© by Atribune to your desktop.Double-click ATF Cleaner.exe to open it.

    Under Main choose:
      Windows Temp
      Current User Temp
      All Users Temp
      Temporary Internet Files
      Prefetch
      Java Cache

      *The other boxes are optional*
      Then click the Empty Selected button.
    if you use Firefox:
      Click Firefox at the top and choose: Select All
      Click the Empty Selected button.
      NOTE: If you would like to keep your saved passwords, please click NO at the prompt.
    if you use Opera:
      Click Opera at the top and choose: Select All
      Click the Empty Selected button.
      NOTE: If you would like to keep your saved passwords, please click NO at the prompt.

    Click Exit on the Main menu to close the program

2 - Kaspersky Online Scan

Please go to Kaspersky website and perform an online antivirus scan.

  1. Read through the requirements and privacy statement and click on Accept button.
  2. It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
  3. When the downloads have finished, click on Settings.
  4. Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
      Spyware, Adware, Dialers, and other potentially dangerous programs
      Archives
      Mail databases
  5. Click on My Computer under Scan.
  6. Once the scan is complete, it will display the results. Click on View Scan Report.
  7. You will see a list of infected items there. Click on Save Report As....
  8. Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
  9. Please post this log in your next reply.

3 - Run Hijackthis
Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad

4 - Status Check
Please reply with

1. the Kaspersky online scanner report
2. a fresh HijackThis log
How is the computer running now?

Thanks peku006
User avatar
peku006
MRU Emeritus
MRU Emeritus
 
Posts: 3357
Joined: May 14th, 2007, 2:18 pm
Location: Norway

Re: My Computer has been infected

Unread postby mlondon » November 8th, 2008, 1:29 pm

Hi peku006,

Thanks for your help.

The Kaspersky scann shows as follows,

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Saturday, November 8, 2008
Operating System: Microsoft Windows XP Home Edition Service Pack 2 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Saturday, November 08, 2008 13:45:39
Records in database: 1374518
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\
F:\

Scan statistics:
Files scanned: 66344
Threat name: 7
Infected objects: 7
Suspicious objects: 0
Duration of the scan: 01:13:40


File name / Threat name / Threats count
C:\SDFix\backups\backups.zip Infected: Hoax.Win32.Renos.fey 1
C:\SDFix\backups\backups.zip Infected: Backdoor.Win32.UltimateDefender.gmf 1
C:\SDFix\backups\backups.zip Infected: Backdoor.Win32.UltimateDefender.gmd 1
C:\SDFix\backups\backups.zip Infected: Backdoor.Win32.UltimateDefender.gmh 1
C:\SDFix\backups\backups.zip Infected: Backdoor.Win32.UltimateDefender.gmi 1
C:\_OTMoveIt\MovedFiles\09122008_212443\Program Files\Altnet\Download Manager\asm.exe Infected: not-a-virus:AdWare.Win32.Altnet.l 1
C:\_OTMoveIt\MovedFiles\09122008_212443\Program Files\Altnet\Download Manager\asmps.dll Infected: not-a-virus:AdWare.Win32.Altnet.b 1

The selected area was scanned.


And the new HijackThis log is,

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:23:34, on 08/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Archivos de programa\Intel\Wireless\Bin\EvtEng.exe
C:\Archivos de programa\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Archivos de programa\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Archivos de programa\McAfee\SiteAdvisor\McSACore.exe
C:\ARCHIV~1\McAfee\MSC\mcmscsvc.exe
c:\archivos de programa\archivos comunes\mcafee\mna\mcnasvc.exe
c:\ARCHIV~1\ARCHIV~1\mcafee\mcproxy\mcproxy.exe
C:\ARCHIV~1\McAfee\VIRUSS~1\mcshield.exe
C:\Archivos de programa\McAfee\MPF\MPFSrv.exe
C:\Archivos de programa\McAfee\MSK\MskSrver.exe
C:\Archivos de programa\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Archivos de programa\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
C:\Archivos de programa\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Archivos de programa\Sony\VAIO Event Service\VESMgr.exe
C:\Archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Archivos de programa\Apoint\Apoint.exe
C:\WINDOWS\RTHDCPL.EXE
c:\ARCHIV~1\mcafee.com\agent\mcagent.exe
C:\Archivos de programa\Sony\VAIO Power Management\SPMgr.exe
C:\Archivos de programa\Sony\ISB Utility\ISBMgr.exe
C:\Archivos de programa\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Archivos de programa\Utimaco\SafeGuard PrivateDisk\pdservice.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Archivos de programa\Apoint\Apntex.exe
C:\Archivos de programa\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\qttask.exe
C:\ARCHIV~1\Sony\SONICS~1\SsAAD.exe
C:\Archivos de programa\Logitech\Video\FxSvr2.exe
C:\Archivos de programa\Java\jre1.6.0_07\bin\jusched.exe
C:\Archivos de programa\Archivos comunes\Ahead\lib\NMBgMonitor.exe
C:\Archivos de programa\MSN Messenger\MsnMsgr.Exe
C:\Archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\Archivos de programa\Microsoft Office\Office\3082\OLFSNT40.EXE
C:\Archivos de programa\Archivos comunes\Sony Shared\AVLib\SSScsiSV.exe
C:\WINDOWS\system32\wuauclt.exe
C:\ARCHIV~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\MDM.EXE
C:\Archivos de programa\Java\jre1.6.0_07\bin\jucheck.exe
C:\Archivos de programa\Internet Explorer\iexplore.exe
C:\Archivos de programa\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com/en/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\archivos de programa\google\googletoolbar2.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\ARCHIV~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [Apoint] C:\Archivos de programa\Apoint\Apoint.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Archivos de programa\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Archivos de programa\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Archivos de programa\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Archivos de programa\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [PDService.exe] C:\Archivos de programa\Utimaco\SafeGuard PrivateDisk\pdservice.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Archivos de programa\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Archivos de programa\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [QuickTime Task] C:\WINDOWS\system32\qttask.exe
O4 - HKLM\..\Run: [SsAAD.exe] C:\ARCHIV~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [NapsterShell] C:\Archivos de programa\Napster\napster.exe /systray
O4 - HKLM\..\Run: [mcagent_exe] "C:\Archivos de programa\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Archivos de programa\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [McENUI] C:\ARCHIV~1\McAfee\MHN\McENUI.exe /hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Archivos de programa\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Archivos de programa\Archivos comunes\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Archivos de programa\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [MsnMsgr] "C:\Archivos de programa\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Servicio de red')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - .DEFAULT User Startup: VAIO Launcher.lnk = C:\Archivos de programa\Sony\VAIO Launcher\Launcher.exe (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Archivos de programa\Archivos comunes\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Archivos de programa\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Puerto Symantec Fax Starter Edition.lnk = C:\Archivos de programa\Microsoft Office\Office\3082\OLFSNT40.EXE
O8 - Extra context menu item: &Google Search - res://C:\Archivos de programa\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Instantánea de caché de la página - res://C:\Archivos de programa\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Páginas similares - res://C:\Archivos de programa\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Páginas vinculadas - res://C:\Archivos de programa\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Transferencia mediante Image Converter 2 - C:\Archivos de programa\Sony\Image Converter 2\menu.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/en/
O15 - Trusted Zone: http://*.mcafee.com
O15 - Trusted Zone: *.sony-europe.com
O15 - Trusted Zone: *.sonystyle-europe.com
O15 - Trusted Zone: *.vaio-link.com
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/share ... insctl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by102w.bay102.mail.live.com/mail ... nPUpld.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://mrmanuchan.spaces.live.com/Photo ... nPUpld.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/S ... anager.ocx
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game06.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C1BAC744-8F0B-11D0-89E7-00C0A8295197} (Cameractl Class) - http://www.crtvg.es/camweb/camera.cab
O16 - DPF: {FE8FE5F0-E1EE-4ACD-81E0-2A6CFECB8431} (ePenClientSpec.ucEPenClientspec) - http://downloads.e-marking.eu.com/ePenClientSpec.ocx
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\ARCHIV~1\mcafee\SITEAD~1\mcieplg.dll
O22 - SharedTaskScheduler: IPC Configuration Utility - IPC Configuration Utility - (no file)
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Archivos de programa\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: EvtEng - Intel Corporation - C:\Archivos de programa\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Archivos de programa\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Archivos de programa\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\ARCHIV~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\archivos de programa\archivos comunes\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\ARCHIV~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\ARCHIV~1\ARCHIV~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\ARCHIV~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\ARCHIV~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Archivos de programa\McAfee\MPF\MPFSrv.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Archivos de programa\Archivos comunes\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Archivos de programa\McAfee\MSK\MskSrver.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Archivos de programa\Archivos comunes\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Archivos de programa\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Archivos de programa\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Archivos de programa\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Archivos de programa\Archivos comunes\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Archivos de programa\Archivos comunes\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Archivos de programa\Sony\VAIO Entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Archivos de programa\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Archivos de programa\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Archivos de programa\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Archivos de programa\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Archivos de programa\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Archivos de programa\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Archivos de programa\Archivos comunes\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

--
End of file - 13815 bytes



By the way, I won´t be at home until Monday night, I don´t want you to think that I am not replying because I think I don´t need your help anymore.

Many thanks.
mlondon
Active Member
 
Posts: 6
Joined: November 7th, 2008, 5:19 pm

Re: My Computer has been infected

Unread postby mlondon » November 8th, 2008, 1:34 pm

Hi peku006,

After running the programs, the computer looks much better. I have been able to change my desktop to the original picture I used to have and the radio doesn´t come up anymore. Also, all the messages advising me to run an anti spyware program have stopped too.

Hopefully my computer will be clean rather soon.

Cheers.
mlondon
Active Member
 
Posts: 6
Joined: November 7th, 2008, 5:19 pm

Re: My Computer has been infected

Unread postby peku006 » November 8th, 2008, 1:42 pm

Hi mlondon

Congratulations, your log looks clean! :)

Next we remove all used tools.

Delete RSIT from your desktop, also delete this folder C:\rsit.

Please download OTCleanIt and save it to desktop.
  • Double-click OTCleanIt.exe.
  • Click the CleanUp! button.
  • Select Yes when the "Begin cleanup Process?" prompt appears.
  • If you are prompted to Reboot during the cleanup, select Yes.
  • The tool will delete itself once it finishes, if not delete it by yourself.

Note: If you receive a warning from your firewall or other security programs regarding OTCleanIt attempting to contact the internet, please allow it to do so.

Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:

  • Disable and Enable System Restore. - If you are using Windows XP or Vista then you should disable and re-enable system restore to make sure there are no infected files found in a restore point.

    You can find instructions on how to enable and re-enable system restore here:

    Windows XP System Restore Guide

    Re-enable system restore with instructions from tutorial above

    • Make your Internet Explorer more secure - This can be done by following these simple instructions:
    • From within Internet Explorer click on the Tools menu and then click on Options.
    • Click once on the Security tab
    • Click once on the Internet icon so it becomes highlighted.
    • Click once on the Custom Level button.
    • Change the Download signed ActiveX controls to Prompt
    • Change the Download unsigned ActiveX controls to Disable
    • Change the Initialize and script ActiveX controls not marked as safe to Disable
    • Change the Installation of desktop items to Prompt
    • Change the Launching programs and files in an IFRAME to Prompt
    • Change the Navigate sub-frames across different domains to Prompt
    • When all these settings have been made, click on the OK button.
    • If it prompts you as to whether or not you want to save the settings, press the Yes button.
    • Next press the Apply button and then the OK to exit the Internet Properties page.

    • Update your AntiVirus Software and keep your other programs up-to-date
      Update your Antivirus programs and other security products regularly to avoid new threats that could infect your system.
      You can use one of these sites to check if any updates are needed for your pc.
      Secunia Software Inspector
      F-secure Health Check
    • Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.
    • Install Malwarebytes' Anti-Malware - Malwarebytes' Anti-Malware is a new and powerful anti-malware tool. It is
      totally free but for real-time protection you will have to pay a small one-time fee. Tutorial on installing & using this product can be found below:

      Malwarebytes' Anti-Malware Setup Guide

      Malwarebytes' Anti-Malware Scanning Guide
    • Install SpywareBlaster - SpywareBlaster will added a large list of programs and sites into your Internet Explorer settings that will protect you from running and downloading known malicious programs.

      A tutorial on installing & using this product can be found here:

      Using SpywareBlaster to protect your computer from Spyware and Malware
    • Update all these programs regularly - Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.
    Follow this list and your potential for being infected again will reduce dramatically.

    Here are some additional utilities that will enhance your safety


Stand Up and Be Counted ---> Malware Complaints <--- where you can make difference!

The site offers people who have been (or are) victims of malware the opportunity to document their story and, in that way, launch a complaint against the malware and the makers of the malware.

Also, please read this great article by Tony Klein So How Did I Get Infected In First Place

Happy surfing and stay clean! :thumbup:
User avatar
peku006
MRU Emeritus
MRU Emeritus
 
Posts: 3357
Joined: May 14th, 2007, 2:18 pm
Location: Norway

Re: My Computer has been infected

Unread postby Gary R » November 12th, 2008, 2:20 pm

As your problems appear to have been resolved, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21868
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 60 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware