Tango's Computer Nº 1

[Tango01]

yep I've got 2 (well not at all mine ¬¬) computers... well, its this the log of one of this.

Logfile of HijackThis v1.99.1
Scan saved at 04:10:18 p.m., on 04/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Archivos de programa\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Archivos de programa\WinPoET\winpppoverethernet.exe
C:\Archivos de programa\ZyXEL\ADSL USB Modem\CnxDslTb.exe
C:\Archivos de programa\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\STacSV.exe
C:\Archivos de programa\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\Archivos de programa\WinPoET\WrOS.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Archivos de programa\MSN Messenger\usnsvc.exe
C:\Archivos de programa\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\WISPTIS.EXE
C:\XlX\Logs\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = VÃ*nculos
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARCHIV~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [a-winpoet-service] "C:\Archivos de programa\WinPoET\winpppoverethernet.exe"
O4 - HKLM\..\Run: [CnxDslTaskBar] "C:\Archivos de programa\ZyXEL\ADSL USB Modem\CnxDslTb.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Archivos de programa\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: EstadÃ*sticas del componente Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Archivos de programa\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARCHIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\archivos de programa\bonjour\mdnsnsp.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{B8B3CAFD-6C7C-4474-B289-5DB5EA81FC0A}: NameServer = 200.51.212.7 200.51.211.7
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARCHIV~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARCHIV~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Archivos de programa\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Unknown owner - C:\Archivos de programa\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" -r (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\WINDOWS\system32\STacSV.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Archivos de programa\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: WinPPPoverEthernet - iVasion, a Routerware Company - C:\Archivos de programa\WinPoET\WrOS.EXE

-------------------------------------------------------------

ComboFix 08-01-04.1 - XP 2008-01-04 15:01:34.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.34.3082.18.652 [GMT -2:00]
Se ejecuta desde: C:\XlX\Logs\ComboFix.exe
.

(((((((((((((((((( Archivos creados desde 2007-12-04 - 2008-01-04 )))))))))))))))))))))))))))))))))
.

2008-01-04 14:45 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-02 22:51 . 2003-08-01 11:01 159,744 --a------ C:\WINDOWS\system32\CnxHwIo.dll
2008-01-02 22:51 . 2001-10-03 14:08 118,784 --a------ C:\WINDOWS\system32\CnxClsCo.dll
2008-01-02 22:51 . 2003-08-01 10:54 103,366 --a------ C:\WINDOWS\system32\drivers\CnxTgN.sys
2008-01-02 22:51 . 2003-07-31 18:05 60,288 --a------ C:\WINDOWS\system32\drivers\CnxEtP.sys
2008-01-02 22:33 . 2003-07-31 18:05 642,944 --a------ C:\WINDOWS\system32\drivers\CnxEtU.sys
2008-01-02 22:33 . 2002-08-06 14:59 118,784 --a------ C:\WINDOWS\system32\CnxMfdCo.dll
2008-01-01 21:48 . 2008-01-01 21:48 <DIR> d-------- C:\Documents and Settings\XP\Datos de programa\dvdcss
2007-12-26 15:57 . 2006-09-05 21:06 90,800 -ra------ C:\WINDOWS\system32\drivers\se59unic.sys
2007-12-26 15:57 . 2006-09-05 21:08 88,624 -ra------ C:\WINDOWS\system32\drivers\se59mgmt.sys
2007-12-26 15:57 . 2006-09-05 21:09 86,432 -ra------ C:\WINDOWS\system32\drivers\se59obex.sys
2007-12-26 15:57 . 2006-09-05 21:06 18,704 -ra------ C:\WINDOWS\system32\drivers\se59nd5.sys
2007-12-26 15:57 . 2006-09-05 21:06 4,128 -ra------ C:\WINDOWS\system32\drivers\se59cr.sys
2007-12-26 15:56 . 2006-09-05 21:07 97,088 -ra------ C:\WINDOWS\system32\drivers\se59mdm.sys
2007-12-26 15:56 . 2006-09-05 21:07 61,536 -ra------ C:\WINDOWS\system32\drivers\se59bus.sys
2007-12-26 15:56 . 2006-09-05 21:07 9,360 -ra------ C:\WINDOWS\system32\drivers\se59mdfl.sys
2007-12-26 15:56 . 2006-09-05 21:09 6,240 -ra------ C:\WINDOWS\system32\drivers\se59cmnt.sys
2007-12-26 15:56 . 2006-09-05 21:09 6,240 -ra------ C:\WINDOWS\system32\drivers\se59cm.sys
2007-12-26 15:56 . 2006-09-05 21:06 5,872 -ra------ C:\WINDOWS\system32\drivers\se59whnt.sys
2007-12-26 15:56 . 2006-09-05 21:06 5,872 -ra------ C:\WINDOWS\system32\drivers\se59wh.sys
2007-12-26 15:56 . 2007-12-26 15:56 0 --a------ C:\WINDOWS\mngui.INI
2007-12-26 15:34 . 2006-03-10 15:03 96,352 -ra------ C:\WINDOWS\system32\drivers\k310mdm.sys
2007-12-26 15:34 . 2006-03-10 15:03 87,824 -ra------ C:\WINDOWS\system32\drivers\k310mgmt.sys
2007-12-26 15:34 . 2006-03-10 15:03 85,696 -ra------ C:\WINDOWS\system32\drivers\k310obex.sys
2007-12-26 15:34 . 2006-03-10 15:03 9,264 -ra------ C:\WINDOWS\system32\drivers\k310mdfl.sys
2007-12-26 15:34 . 2006-03-10 15:03 6,208 -ra------ C:\WINDOWS\system32\drivers\k310cmnt.sys
2007-12-26 15:34 . 2006-03-10 15:03 6,208 -ra------ C:\WINDOWS\system32\drivers\k310cm.sys
2007-12-26 15:29 . 2006-03-10 15:03 60,800 -ra------ C:\WINDOWS\system32\drivers\k310bus.sys
2007-12-26 15:29 . 2006-03-10 15:03 5,840 -ra------ C:\WINDOWS\system32\drivers\k310whnt.sys
2007-12-26 15:29 . 2006-03-10 15:03 5,840 -ra------ C:\WINDOWS\system32\drivers\k310wh.sys
2007-12-26 15:12 . 2007-12-26 15:12 <DIR> d-------- C:\Archivos de programa\Disc2Phone
2007-12-26 15:06 . 2007-12-26 15:36 <DIR> d-------- C:\Documents and Settings\XP\Datos de programa\Teleca
2007-12-26 15:01 . 2007-12-26 15:01 <DIR> d-------- C:\WINDOWS\system32\URTTemp
2007-12-26 14:53 . 2007-12-26 14:53 <DIR> d-------- C:\Documents and Settings\XP\Datos de programa\Apple Computer
2007-12-26 14:50 . 2007-12-26 14:50 <DIR> d-------- C:\Documents and Settings\All Users\Datos de programa\Apple Computer
2007-12-26 14:50 . 2007-12-26 15:00 <DIR> d-------- C:\Archivos de programa\QuickTime
2007-12-26 14:41 . 2007-12-26 14:41 <DIR> d-------- C:\Documents and Settings\XP\Datos de programa\Sony Ericsson
2007-12-26 14:37 . 2007-12-26 14:37 <DIR> d-------- C:\Documents and Settings\All Users\Datos de programa\Sony Ericsson
2007-12-26 14:37 . 2007-12-26 14:37 <DIR> d-------- C:\Archivos de programa\Archivos comunes\Teleca Shared
2007-12-26 14:37 . 2007-12-26 14:37 <DIR> d-------- C:\Archivos de programa\Archivos comunes\Sony Ericsson Shared
2007-12-26 14:36 . 2007-12-26 14:36 <DIR> d-------- C:\WINDOWS\Downloaded Installations
2007-12-26 14:36 . 2007-12-26 14:37 <DIR> d-------- C:\Documents and Settings\All Users\Datos de programa\Teleca
2007-12-26 14:36 . 2007-12-26 14:36 <DIR> d-------- C:\Archivos de programa\Sony Ericsson
2007-12-26 14:32 . 2008-01-02 01:53 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2007-12-26 14:32 . 2007-12-26 14:32 1,409 --a------ C:\WINDOWS\QTFont.for
2007-12-20 13:17 . 2007-12-20 13:17 <DIR> d-------- C:\Documents and Settings\XP\Datos de programa\vlc
2007-12-20 12:50 . 2007-12-20 12:50 <DIR> d-------- C:\Archivos de programa\VideoLAN
2007-12-18 12:48 . 2008-01-04 13:45 <DIR> d-------- C:\Archivos de programa\WinPoET
2007-12-12 21:54 . 2008-01-01 02:34 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2007-12-12 21:53 . 2008-01-01 02:57 <DIR> d-------- C:\WINDOWS\Internet Logs
2007-12-12 20:19 . 2007-12-12 20:19 <DIR> d-------- C:\Documents and Settings\XP\Datos de programa\Jetico Personal Firewall
2007-12-12 19:40 . 2007-12-25 23:39 <DIR> d-------- C:\Archivos de programa\Windows Live Safety Center

.
(((((((((((((((((((((((((((((((((((((( Reporte Find3M )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
2008-01-04 17:02 260,128 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat
2008-01-04 17:02 10,332,704 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-01-04 15:53 141,612 ----a-w C:\WINDOWS\system32\drivers\dump_wmimmc.sys
2008-01-04 15:44 25,076 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx
2008-01-04 15:44 138,860 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2008-01-04 15:44 --------- d-----w C:\Documents and Settings\XP\Datos de programa\uTorrent
2008-01-04 15:44 --------- d-----w C:\Documents and Settings\All Users\Datos de programa\Spybot - Search & Destroy
2008-01-03 03:50 --------- d-----w C:\Documents and Settings\All Users\Datos de programa\Kaspersky Lab
2007-12-26 17:00 --------- d--h--w C:\Archivos de programa\InstallShield Installation Information
2007-12-26 01:07 91,492 ----a-w C:\WINDOWS\system32\drivers\klin.dat
2007-12-23 16:01 --------- d-----w C:\Documents and Settings\XP\Datos de programa\Winamp
2007-12-16 21:54 85,860 ----a-w C:\WINDOWS\system32\drivers\klick.dat
2007-12-10 22:13 --------- d-----w C:\Documents and Settings\XP\Datos de programa\AdobeUM
2007-11-25 02:50 --------- d-----w C:\Archivos de programa\Kaspersky Lab
2007-11-25 02:45 --------- d-----w C:\Documents and Settings\All Users\Datos de programa\Avg7
2007-11-25 02:33 --------- d-----w C:\Documents and Settings\All Users\Datos de programa\Kaspersky Lab Setup Files
2007-11-21 21:03 --------- d-----w C:\Archivos de programa\PeerGuardian2
2007-11-19 23:39 --------- d-----w C:\Archivos de programa\Archivos comunes\Adobe
2007-11-14 19:05 1,086,952 ----a-w C:\WINDOWS\system32\zpeng24.dll
.

((((((((((((((((((((((((((((((((( Cargando Puntos Reg ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* entradas vacÃ*as & entradas legÃ*timas predeterminadas no son mostradas

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"MsnMsgr"="C:\Archivos de programa\MSN Messenger\msnmsgr.exe" [2007-01-19 13:55 5674352]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 11:42 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\M SConfig.exe" [2004-08-19 11:42 159744]
"nwiz"="nwiz.exe" [2006-10-22 13:22 1622016 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray. dll" [2006-10-22 13:22 86016]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-10-22 13:22 7700480]
"a-winpoet-service"="C:\Archivos de programa\WinPoET\winpppoverethernet.exe" [2003-05-29 13:55 299008]
"CnxDslTaskBar"="C:\Archivos de programa\ZyXEL\ADSL USB Modem\CnxDslTb.exe" [2003-08-01 11:06 458752]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-19 11:42 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menú Inicio^Programas^Inicio^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menú Inicio^Programas^Inicio^BlackICE PC Protection.lnk]
backup=C:\WINDOWS\pss\BlackICE PC Protection.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menú Inicio^Programas^Inicio^EPSON Status Monitor 3 Environment Check.lnk]
backup=C:\WINDOWS\pss\EPSON Status Monitor 3 Environment Check.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^XP^Menú Inicio^Programas^Inicio^Herramienta de búsqueda de soportes de Picture Motion Browser.lnk]
backup=C:\WINDOWS\pss\Herramienta de búsqueda de soportes de Picture Motion Browser.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
2005-06-07 00:46 57344 --a------ C:\Archivos de programa\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Archivos de programa\Messenger\msmsgs.exe /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 11:50 155648 --a------ C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nod32kui]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Orb]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Archivos de programa\QuickTime\qttask.exe -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmatelSysTrayApp]
sttray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
C:\Archivos de programa\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe /startoptions

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2007-07-12 05:00 132496 --a------ C:\Archivos de programa\Java\jre1.6.0_02\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2007-10-10 03:28 36352 --a------ C:\Archivos de programa\Winamp\winampa.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"NOD32krn"=2 (0x2)
"FLEXnet Licensing Service"=3 (0x3)
"Bonjour Service"=2 (0x2)
"IDriverT"=3 (0x3)

R2 TopWinPoETDriver;WinPoET PPPoE Optimized Driver;C:\WINDOWS\system32\DRIVERS\WrKPoET2000.sys [2003-05-22 18:00]
R3 CnxEtP;Conexant AccessRunner USB ADSL LAN Adapter Filter Driver;C:\WINDOWS\system32\DRIVERS\CnxEtP.sys [2003-07-31 18:05]
R3 CnxEtU;Conexant AccessRunner USB ADSL Interface Device Driver;C:\WINDOWS\system32\DRIVERS\CnxEtU.sys [2003-07-31 18:05]
R3 CnxTgN;Conexant AccessRunner USB ADSL LAN Adapter Driver;C:\WINDOWS\system32\DRIVERS\CnxTgN.sys [2003-08-01 10:54]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [2007-04-04 15:58]
R3 WrKPoET2000;WrKPoET2000;C:\Archivos de programa\WinPoET\WrKPoET2000.sys [2003-05-22 18:00]
R3 WRSWanDD;iVasion PoET Adapter;C:\WINDOWS\system32\DRIVERS\WrKPoETNic2000 .sys [2002-10-28 19:42]
S3 DADriv1;DADriv1;C:\Documents and Settings\XP\Escritorio\iCheat\DA Engine\DAK32.sys []
S3 Dua1;Dua1;C:\Documents and Settings\XP\Escritorio\iCheat\Dual Engine\DualEngi.sys []
S3 geebers12;geebers12;C:\Documents and Settings\XP\Escritorio\iCheat\Sago Hack Pack .40\UCE + CEM + CT\Buffy Engine\nvid888.sys []
S3 GR;GR;C:\Documents and Settings\XP\Escritorio\iCheat\Dual Engine\GR.sys []
S3 iCheat1;iCheat1;C:\Documents and Settings\XP\Escritorio\iCheat\nvid999.sys []
S3 k310bus;Sony Ericsson K310 Driver driver (WDM);C:\WINDOWS\system32\DRIVERS\k310bus.sys [2006-03-10 15:03]
S3 k310mdfl;Sony Ericsson K310 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\k310mdfl.sys [2006-03-10 15:03]
S3 k310mdm;Sony Ericsson K310 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\k310mdm.sys [2006-03-10 15:03]
S3 k310mgmt;Sony Ericsson K310 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\k310mgmt.sys [2006-03-10 15:03]
S3 k310obex;Sony Ericsson K310 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\k310obex.sys [2006-03-10 15:03]
S3 KIKIDRIVER;KIKIDRIVER;C:\XlX\Mapl\Kiki Engine 1.41 [Unpacked]\kiki.sys []
S3 KS-959;Kingsun KS-959 USB Infrared Adapter;C:\WINDOWS\system32\DRIVERS\KS-959.sys [2005-07-05 00:42]
S3 MzBot;MzBot;C:\MzBot.sys []
S3 npkycryp;npkycryp;C:\Archivos de programa\Gravity\RO\npkycryp.sys []
S3 ¥Õ¥Ø°ê¤¤¥�1;¥Õ¥Ø°ê¤¤¥�1;C:\Doc uments and Settings\XP\Escritorio\iCheat\VE5 1032\nvid999.sys []
S3 PageFau1t;PageFau1t;C:\Documents and Settings\XP\Escritorio\iCheat\Sago Hack Pack .40\Bots And Bypass\PageFau1t.sys []
S3 puma1;puma1;C:\Documents and Settings\XP\Escritorio\iCheat\Sago Hack Pack .40\UCE + CEM + CT\Puma Engine\puma.sys []
S3 RapFile;RapFile;C:\WINDOWS\system32\drivers\RapFil e.sys [2003-02-25 19:26]
S3 RapNet;RapNet;C:\WINDOWS\system32\drivers\RapNet.s ys [2003-02-25 19:26]
S3 se59bus;Sony Ericsson Device 089 driver (WDM);C:\WINDOWS\system32\DRIVERS\se59bus.sys [2006-09-05 21:07]
S3 se59mdfl;Sony Ericsson Device 089 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\se59mdfl.sys [2006-09-05 21:07]
S3 se59mdm;Sony Ericsson Device 089 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\se59mdm.sys [2006-09-05 21:07]
S3 se59mgmt;Sony Ericsson Device 089 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\se59mgmt.sys [2006-09-05 21:08]
S3 se59nd5;Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (NDIS);C:\WINDOWS\system32\DRIVERS\se59nd5.sys [2006-09-05 21:06]
S3 se59obex;Sony Ericsson Device 089 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\se59obex.sys [2006-09-05 21:09]
S3 se59unic;Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (WDM);C:\WINDOWS\system32\DRIVERS\se59unic.sys [2006-09-05 21:06]

*Newly Created Service* - PROCEXP90

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{021E9986-E7AF-AEDE-0608-070208060007}]
C:\WINDOWS\system32\winsock32u.exe
.
************************************************** ************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-04 15:02:22
Windows 5.1.2600 Service Pack 2 NTFS

escaneando procesos ocultos ...

escaneando entradas ocultas de autostart ...

escaneando archivos ocultos ...

el escaneo se completo con exito
archivos ocultos: 0

************************************************** ************************
"ImagePath"="\??\C:\XlX\Mapl\Kiki Engine 1.41
[Unpacked]\kiki.sys"

.
Tiempo completado: 2008-01-04 15:02:46
ComboFix2.txt 2008-01-04 16:50:19

-------------------------------------------------------------

Thanks for all attention.

[ZyklonB]

One question..... what is iCheat? Sago hack patch AND bypass.40 Also what is Puma Engine.............. UCE huh? I'm guessing you hack....? Wait... why did you post this topic?

[Tango01]

my brother was a mapler hacker ¬¬, and yes... i deletes all this files when he left maple and this computer for ``study´´ bbbt:
remember this computer not at all is mine -____- and if i am a hacker i never post this topic ¬¬

[ZyklonB]

Wait, but why did you post this topic? Is there something wrong with your computer? Or did you find some malware on your computer?

[Tango01]

well you can see than this computer is an disaster of sowftwares, first of all, i think that have a keylogger or a BIG virus that destroy randomly files and cause lag in the sistem -___-
an svchost.exe error [Unexpected exeption of the program (0xc0000409) in 0x597fa3c0] than when i close it the internet shut down

i sopouse only this o_o

[Miyuri]

Log received, will be analyzed later.