aqui estan los logs

ComboFix 08-01-09.2 - djj 2008-01-09 13:43:17.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.3082.18.183 [GMT -6:00]
Se ejecuta desde: C:\Downloads\Software\ComboFix.exe
* Creado un nuevo punto de restauración
.

(((((((((((((((((((((((((((((((((((( Otras eliminaciones )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Users\djj\AppData\Roaming\inst.exe

.
(((((((((((((((((( Archivos creados desde 2007-12-09 - 2008-01-09 )))))))))))))))))))))))))))))))))
.

2008-01-09 03:53 . 2008-01-09 03:53 <DIR> d-------- C:\Users\djj\AppData\Roaming\Grisoft
2008-01-09 03:53 . 2008-01-09 03:53 <DIR> d-------- C:\Users\All Users\Grisoft
2008-01-09 03:53 . 2008-01-09 03:53 <DIR> d-------- C:\ProgramData\Grisoft
2008-01-09 03:53 . 2007-05-30 06:10 10,872 --a------ C:\Windows\System32\drivers\AvgAsCln.sys
2008-01-08 23:29 . 2008-01-08 23:29 <DIR> d-------- C:\Users\All Users\Avira
2008-01-08 23:29 . 2008-01-08 23:29 <DIR> d-------- C:\ProgramData\Avira
2008-01-08 23:29 . 2008-01-08 23:29 <DIR> d-------- C:\Program Files\Avira
2008-01-08 22:38 . 2008-01-08 22:38 <DIR> d-------- C:\Users\djj\AppData\Roaming\Consultia
2008-01-08 22:36 . 2008-01-08 22:46 <DIR> d-------- C:\Program Files\CubeDesktop
2008-01-08 06:53 . 2008-01-08 06:53 <DIR> d-------- C:\Users\djj\AppData\Roaming\Palo Alto Software Inc
2008-01-08 06:51 . 2008-01-08 06:51 <DIR> d-------- C:\Program Files\PAS
2008-01-07 16:58 . 2008-01-07 16:58 <DIR> d-------- C:\Program Files\Microsoft Works
2008-01-07 16:56 . 2008-01-07 16:56 <DIR> d-------- C:\Program Files\Microsoft.NET
2008-01-07 16:56 . 2008-01-07 16:56 <DIR> d-------- C:\Program Files\Microsoft Visual Studio 8
2008-01-07 16:44 . 2008-01-07 16:44 <DIR> dr-h----- C:\MSOCache
2008-01-07 14:50 . 2008-01-07 14:50 <DIR> d-------- C:\Users\djj\AppData\Roaming\SUPERAntiSpyware.com
2007-12-26 18:39 . 2007-12-26 18:39 54,156 --ah----- C:\Windows\QTFont.qfn
2007-12-26 18:39 . 2007-12-26 18:39 1,409 --a------ C:\Windows\QTFont.for
2007-12-26 15:39 . 2006-12-29 09:57 117,760 --a------ C:\Windows\System32\hpz3l4v2.dll
2007-12-18 17:53 . 2007-12-18 17:53 <DIR> d-------- C:\Users\djj\AppData\Roaming\OtakuSoftware
2007-12-13 11:52 . 2005-05-26 15:34 2,297,552 --a------ C:\Windows\System32\d3dx9_26.dll
2007-12-13 02:20 . 2000-08-31 08:00 51,200 --a------ C:\Windows\nircmd.exe
2007-12-12 11:12 . 2007-12-12 11:12 1,327,104 --a------ C:\Windows\System32\quartz.dll
2007-12-12 11:12 . 2007-12-12 11:12 223,232 --a------ C:\Windows\System32\WMASF.DLL
2007-12-12 11:12 . 2007-12-12 11:12 9,728 --a------ C:\Windows\System32\LAPRXY.DLL
2007-12-12 11:12 . 2007-12-12 11:12 2,048 --a------ C:\Windows\System32\asferror.dll
2007-12-12 10:32 . 2007-12-12 10:32 1,383,424 --a------ C:\Windows\System32\mshtml.tlb
2007-12-12 10:31 . 2007-12-12 10:31 1,830,912 --a------ C:\Windows\System32\inetcpl.cpl
2007-12-12 10:31 . 2007-12-12 10:31 56,320 --a------ C:\Windows\System32\iesetup.dll
2007-12-12 10:31 . 2007-12-12 10:31 26,624 --a------ C:\Windows\System32\ieUnatt.exe
2007-12-12 10:30 . 2007-12-12 10:30 130,048 --a------ C:\Windows\System32\drivers\srv2.sys
2007-12-12 10:30 . 2007-12-12 10:30 101,888 --a------ C:\Windows\System32\drivers\mrxsmb.sys
2007-12-12 10:30 . 2007-12-12 10:30 84,992 --a------ C:\Windows\System32\drivers\srvnet.sys
2007-12-12 10:30 . 2007-12-12 10:30 58,368 --a------ C:\Windows\System32\drivers\mrxsmb20.sys
2007-12-12 10:26 . 2007-12-12 10:26 3,504,824 --a------ C:\Windows\System32\ntkrnlpa.exe
2007-12-12 10:26 . 2007-12-12 10:26 3,470,520 --a------ C:\Windows\System32\ntoskrnl.exe
2007-12-12 10:25 . 2007-12-12 10:25 2,048 --a------ C:\Windows\System32\tzres.dll
2007-12-11 19:04 . 2007-12-11 19:04 <DIR> d-------- C:\Users\All Users\Lavasoft
2007-12-11 19:04 . 2007-12-11 19:04 <DIR> d-------- C:\ProgramData\Lavasoft
2007-12-11 19:04 . 2007-12-11 19:04 <DIR> d-------- C:\Program Files\Lavasoft
2007-12-11 19:00 . 2008-01-07 13:59 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-12-11 18:48 . 2007-12-11 18:48 <DIR> d-------- C:\Program Files\Trend Micro
2007-12-09 20:48 . 2008-01-08 20:16 <DIR> d-------- C:\Program Files\SpywareBlaster

.
(((((((((((((((((((((((((((((((((((((( Reporte Find3M )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
2008-01-09 19:48 --------- d-----w C:\Users\djj\AppData\Roaming\Free Download Manager
2008-01-09 16:40 --------- d-----w C:\Program Files\Windows Sidebar
2008-01-09 06:29 --------- d-----w C:\Users\djj\AppData\Roaming\Vso
2008-01-09 06:29 --------- d-----w C:\Users\djj\AppData\Roaming\CopyToDvd
2008-01-09 06:02 --------- d-----w C:\Program Files\CCleaner
2008-01-09 04:47 --------- d-----w C:\Program Files\WMR11
2008-01-09 01:22 --------- d-----w C:\Program Files\Winamp
2008-01-08 12:47 --------- d-----w C:\ProgramData\Spybot - Search & Destroy
2008-01-08 05:20 --------- d-----w C:\ProgramData\Microsoft Help
2008-01-07 22:57 --------- d-----w C:\Program Files\MSBuild
2008-01-07 22:29 --------- d-----w C:\Users\djj\AppData\Roaming\BSplayer PRO
2008-01-07 22:29 --------- d-----w C:\Program Files\Webteh
2008-01-07 20:59 --------- d-----w C:\Program Files\SUPERAntiSpyware
2008-01-02 00:52 --------- d-----w C:\Users\djj\AppData\Roaming\uTorrent
2007-12-21 08:26 --------- d-----w C:\Program Files\Norton AntiVirus
2007-12-21 06:36 --------- d-----w C:\ProgramData\CyberLink
2007-12-21 06:34 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-21 06:26 505,392 ----a-w C:\Windows\System32\msvcp71.dll
2007-12-12 16:31 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2007-12-11 05:54 --------- d-----w C:\ProgramData\Symantec
2007-12-09 21:06 --------- d-----w C:\Users\djj\AppData\Roaming\DVD Shrink 3.0
2007-12-07 08:33 --------- d-----w C:\Program Files\Common Files\Adobe
2007-12-07 06:58 --------- d-----w C:\ProgramData\FLEXnet
2007-12-07 06:14 --------- d-----w C:\Program Files\FileZilla Client
2007-12-07 06:10 --------- d-----w C:\Program Files\Ipswitch
2007-12-06 19:21 805 ----a-w C:\Windows\system32\drivers\SYMEVENT.INF
2007-12-06 19:21 123,952 ----a-w C:\Windows\system32\drivers\SYMEVENT.SYS
2007-12-06 19:21 10,740 ----a-w C:\Windows\system32\drivers\SYMEVENT.CAT
2007-12-06 19:21 --------- d-----w C:\Program Files\Symantec
2007-12-06 18:29 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2007-12-05 23:57 --------- d-----w C:\Program Files\Real Desktop
2007-12-04 23:14 --------- d-----w C:\ProgramData\Webroot
2007-12-04 23:14 --------- d-----w C:\Program Files\Common Files\Webroot Shared
2007-12-04 22:42 --------- d-----w C:\Program Files\PowerISO
2007-12-04 20:59 --------- d-----w C:\Program Files\Advanced System Optimizer
2007-12-04 07:34 704,000 ----a-w C:\Windows\System32\PhotoScreensaver.scr
2007-12-04 07:34 67,584 ----a-w C:\Windows\System32\wlanhlp.dll
2007-12-04 07:34 542,720 ----a-w C:\Windows\System32\sysmain.dll
2007-12-04 07:34 502,784 ----a-w C:\Windows\System32\wlansvc.dll
2007-12-04 07:34 47,104 ----a-w C:\Windows\System32\wlanapi.dll
2007-12-04 07:34 297,984 ----a-w C:\Windows\System32\wlansec.dll
2007-12-04 07:34 290,816 ----a-w C:\Windows\System32\wlanmsm.dll
2007-12-04 07:34 28,344 ----a-w C:\Windows\system32\drivers\battc.sys
2007-12-04 07:34 258,232 ----a-w C:\Windows\system32\drivers\acpi.sys
2007-12-04 07:34 24,064 ----a-w C:\Windows\System32\wtsapi32.dll
2007-12-04 07:34 20,920 ----a-w C:\Windows\system32\drivers\compbatt.sys
2007-12-04 07:34 2,923,520 ----a-w C:\Windows\explorer.exe
2007-12-04 07:34 2,027,008 ----a-w C:\Windows\System32\win32k.sys
2007-12-04 07:34 14,208 ----a-w C:\Windows\system32\drivers\CmBatt.sys
2007-12-04 07:34 11,264 ----a-w C:\Windows\system32\drivers\wmiacpi.sys
2007-12-04 07:32 8,147,968 ----a-w C:\Windows\System32\wmploc.DLL
2007-12-04 07:32 7,680 ----a-w C:\Windows\System32\spwmp.dll
2007-12-04 07:32 4,096 ----a-w C:\Windows\System32\dxmasf.dll
2007-12-04 07:32 356,864 ----a-w C:\Windows\System32\MediaMetadataHandler.dll
2007-12-04 07:31 8,704 ----a-w C:\Windows\System32\hcrstco.dll
2007-12-04 07:31 8,704 ----a-w C:\Windows\System32\hccoin.dll
2007-12-04 07:31 73,216 ----a-w C:\Windows\system32\drivers\usbccgp.sys
2007-12-04 07:31 5,888 ----a-w C:\Windows\system32\drivers\usbd.sys
2007-12-04 07:31 38,400 ----a-w C:\Windows\system32\drivers\usbehci.sys
2007-12-04 07:31 224,768 ----a-w C:\Windows\system32\drivers\usbport.sys
2007-12-04 07:31 192,000 ----a-w C:\Windows\system32\drivers\usbhub.sys
2007-12-04 07:31 19,456 ----a-w C:\Windows\system32\drivers\usbohci.sys
2007-12-04 07:30 57,856 ----a-w C:\Windows\System32\SLUINotify.dll
2007-12-04 07:30 566,784 ----a-w C:\Windows\System32\SLCommDlg.dll
2007-12-04 07:30 39,936 ----a-w C:\Windows\System32\slcinst.dll
2007-12-04 07:30 351,232 ----a-w C:\Windows\System32\SLUI.exe
2007-12-04 07:30 33,280 ----a-w C:\Windows\System32\slwmi.dll
2007-12-04 07:30 268,288 ----a-w C:\Windows\System32\mcbuilder.exe
2007-12-04 07:30 223,232 ----a-w C:\Windows\System32\SLC.dll
2007-12-04 07:30 2,605,568 ----a-w C:\Windows\System32\SLsvc.exe
2007-12-04 07:30 186,368 ----a-w C:\Windows\System32\SLLUA.exe
2007-12-04 06:55 --------- d-----w C:\Program Files\WinZip Self-Extractor
2007-12-04 05:48 --------- d-----w C:\Users\djj\AppData\Roaming\BitTorrent
2007-12-04 04:36 --------- d-----w C:\Program Files\Eidos
2007-12-04 04:17 --------- d-----w C:\Program Files\Alcohol Soft
2007-12-04 04:10 685,816 ----a-w C:\Windows\system32\drivers\sptd.sys
2007-12-04 02:07 --------- d-----w C:\Program Files\UltraISO
2007-12-03 23:46 --------- d-----w C:\Users\djj\AppData\Roaming\Webroot
2007-12-03 23:46 --------- d-----w C:\Program Files\Webroot
2007-12-03 23:26 --------- d-----w C:\Program Files\eMule
2007-12-03 23:16 --------- d-----w C:\Users\djj\AppData\Roaming\Systweak
2007-12-01 05:57 43,696 ----a-w C:\Windows\system32\drivers\srtspx.sys
2007-12-01 05:57 317,616 ----a-w C:\Windows\system32\drivers\srtspl.sys
2007-12-01 05:57 279,088 ----a-w C:\Windows\system32\drivers\srtsp.sys
2007-12-01 05:57 10,549 ----a-w C:\Windows\system32\drivers\srtspx.cat
2007-12-01 05:57 10,549 ----a-w C:\Windows\system32\drivers\srtspl.cat
2007-12-01 05:57 10,545 ----a-w C:\Windows\system32\drivers\srtsp.cat
2007-12-01 05:57 1,430 ----a-w C:\Windows\system32\drivers\srtspl.inf
2007-12-01 05:57 1,421 ----a-w C:\Windows\system32\drivers\srtspx.inf
2007-12-01 05:57 1,415 ----a-w C:\Windows\system32\drivers\srtsp.inf
2007-11-30 18:01 --------- d-----w C:\Users\djj\AppData\Roaming\UseNeXT
2007-11-27 03:02 --------- d-----w C:\Program Files\DVDFab Platinum 4
2007-11-26 04:06 47,360 ----a-w C:\Windows\system32\drivers\pcouffin.sys
2007-11-26 04:06 47,360 ----a-w C:\Users\djj\AppData\Roaming\pcouffin.sys
2007-11-26 03:42 --------- d-----w C:\Users\djj\AppData\Roaming\DVD Shrink
2007-11-21 22:39 --------- d-----w C:\Program Files\QuickTime
2007-11-21 06:17 --------- d-----w C:\ProgramData\Apple Computer
2007-11-21 06:05 --------- d-----w C:\ProgramData\Apple
2007-11-21 06:05 --------- d-----w C:\Program Files\Apple Software Update
2007-11-20 05:54 --------- d-----w C:\Users\djj\AppData\Roaming\LEGO Company
.

((((((((((((((((((((((((((((((((( Cargando Puntos Reg ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* entradas vacías & entradas legítimas predeterminadas no son mostradas

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
2007-12-06 12:27 116088 --a------ C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2006-11-02 06:35 1196032]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 04:35 90112]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 06:35 125440]
"Free Uploader Oe Integration"="C:\Program Files\Free Download Manager\FUM\fumoei.exe" [2007-06-10 18:02 40960]
"ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [2006-03-20 16:34 213936]
"AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" [2007-11-17 09:51 221056]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-06-21 14:06 1318912]
"CubeDesktop"="" []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-11-02 06:34 1004136]
"RtHDVCpl"="RtHDVCpl.exe" [2006-11-30 23:37 4186112 C:\Windows\RtHDVCpl.exe]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-26 23:50 815104]
"eRecoveryService"="" []
"eDSMSNfix"="C:\Acer\Empowering Technology\eDSMSNfix.exe" [2007-02-08 11:40 13312]
"Acer Product Registration"="C:\Program Files\Acer Registration\ACE1.exe" [2007-02-02 13:24 3383296]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2006-11-21 11:38 35328]
"LManager"="C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE" [2007-01-09 06:02 483328]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-02-16 22:11 49152]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-08-09 21:58 180269]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 14:40 155648]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2006-03-20 16:34 86960]
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-03-20 16:34 213936]
"ACU"="C:\Program Files\Atheros\ACU.exe" [2006-11-17 10:00 348249]
"IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2007-02-05 14:52 849280]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-10-19 20:16 286720]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-08-24 23:07 51048]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2007-03-14 21:01 71216]
"LanguageShortcut"="C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" [2007-03-14 21:01 54832]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 07:00 33648]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-01-08 23:37 249896]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 19:16:50]
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-13 20:44:06]
Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe [2007-03-29 08:00:18]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2007-01-02 20:40:10]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"EnableLUA"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\curr entversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
C:\WINDOWS\system32\drivers\AppleINC.exe

R1 IDSvix86;Symantec Intrusion Prevention Driver;C:\PROGRA~2\Symantec\DEFINI~1\SymcData\ipsd efs\20071218.003\IDSvix86.sys [2007-11-06 10:07]
R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B};{95808DC4-FA4A-4C74-92FE-5B863F82066B};C:\Program Files\CyberLink\PowerDVD\000.fcl [2007-09-19 21:37]
R2 ALaunchService;ALaunch Service;C:\Acer\ALaunch\ALaunchSvc.exe [2007-01-26 06:24]
R2 int15;int15;C:\Acer\Empowering Technology\eRecovery\int15.sys [2006-12-07 10:12]
R2 LiveUpdate Notice;LiveUpdate Notice;"C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" [2007-08-24 23:07]
R2 MobilityService;MobilityService;C:\Acer\Mobility Center\MobilityService.exe [2006-11-24 04:57]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot []
R2 wwEngineSvc;Window Washer Engine;C:\Program Files\Webroot\Washer\WasherSvc.exe [2007-10-03 09:33]
R2 XAudio;XAudio;C:\Windows\system32\DRIVERS\xaudio.s ys [2006-11-28 18:44]
R3 athr;Atheros Extensible Wireless LAN device driver;C:\Windows\system32\DRIVERS\athr.sys [2007-02-18 21:58]
R3 Cam5607;Acer OrbiCam;C:\Windows\system32\Drivers\BisonC07.sys [2006-12-14 21:45]
R3 R300;R300;C:\Windows\system32\DRIVERS\atikmdag.sys [2007-01-08 14:16]
R3 SymIMMP;SymIMMP;C:\Windows\system32\DRIVERS\SymIM. sys [2007-08-09 18:27]
R3 SYMNDISV;SYMNDISV;C:\Windows\system32\Drivers\SYMN DISV.SYS [2007-08-13 14:50]
S3 COH_Mon;COH_Mon;C:\Windows\system32\Drivers\COH_Mo n.sys [2007-05-29 13:55]
S3 SymIM;Symantec Network Security Intermediate Filter Service;C:\Windows\system32\DRIVERS\SymIM.sys [2007-08-09 18:27]
S3 wrssweep;Webroots Volume Access Driver;C:\Program Files\Webroot\Washer\wrssweep.sys [2007-10-03 09:33]
S3 WSIMD;wsimd Service;C:\Windows\system32\DRIVERS\wsimd.sys [2006-07-20 06:00]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalSystemNetworkRestricted REG_MULTI_SZ hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

*Newly Created Service* - AVGASCLN
*Newly Created Service* - PROCEXP90
*Newly Created Service* - SSMDRV

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\ccc-core-static]
msiexec /fums {12BC816B-8F68-CAB4-867E-FA0FEF15FB36} /qb
.
Contenido de carpeta 'Tareas Programadas'
"2007-12-14 01:52:00 C:\Windows\Tasks\At1.job"
- C:\DOWNLO~1\Software\Look2Me-Destroyer.exe
"2008-01-08 13:35:20 C:\Windows\Tasks\At10.job"
- C:\Users\djj\Desktop\Look2Me-Destroyer.exe
"2008-01-08 13:35:24 C:\Windows\Tasks\At11.job"
- C:\Users\djj\Desktop\Look2Me-Destroyer.exe
"2008-01-08 19:29:12 C:\Windows\Tasks\At12.job"
- C:\Users\djj\Desktop\Look2Me-Destroyer.exe
"2008-01-09 16:28:22 C:\Windows\Tasks\At13.job"
- C:\Users\djj\Desktop\Look2Me-Destroyer.exe
"2008-01-09 19:34:00 C:\Windows\Tasks\At14.job"
- C:\Users\djj\Desktop\Look2Me-Destroyer.exe
"2008-01-09 16:28:22 C:\Windows\Tasks\At15.job"
- C:\Users\djj\Desktop\Look2Me-Destroyer.exe
"2007-12-14 15:44:56 C:\Windows\Tasks\At2.job"
- C:\DOWNLO~1\Software\Look2Me-Destroyer.exe
"2008-01-08 11:56:00 C:\Windows\Tasks\At3.job"
- C:\DOWNLO~1\Software\Look2Me-Destroyer.exe
"2008-01-09 16:28:22 C:\Windows\Tasks\At4.job"
- C:\DOWNLO~1\Software\Look2Me-Destroyer.exe
"2008-01-08 12:04:00 C:\Windows\Tasks\At5.job"
- C:\Users\djj\Desktop\Look2Me-Destroyer.exe
"2008-01-08 12:44:00 C:\Windows\Tasks\At6.job"
- C:\Users\djj\Desktop\Look2Me-Destroyer.exe
"2008-01-08 12:46:00 C:\Windows\Tasks\At7.job"
- C:\Users\djj\Desktop\Look2Me-Destroyer.exe
"2008-01-08 13:35:16 C:\Windows\Tasks\At8.job"
- C:\Users\djj\Desktop\Look2Me-Destroyer.exe
"2008-01-08 13:35:13 C:\Windows\Tasks\At9.job"
- C:\Users\djj\Desktop\Look2Me-Destroyer.exe
"2008-01-08 02:03:56 C:\Windows\Tasks\Norton AntiVirus - Run Full System Scan - djj.job"
- C:\Program Files\Norton AntiVirus\Navw32.exeB/TASK:
.
************************************************** ************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-09 13:48:46
Windows 6.0.6000 NTFS

escaneando procesos ocultos ...

escaneando entradas ocultas de autostart ...

escaneando archivos ocultos ...

el escaneo se completo con exito
archivos ocultos: 0

************************************************** ************************
.
Tiempo completado: 2008-01-09 13:50:44
ComboFix-quarantined-files.txt 2008-01-09 19:50:40
.
2008-01-09 16:42:40 --- E O F ---



y el del hijack this

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:09:24 p.m., on 09/01/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16575)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Acer\Empowering Technology\eDSMSNfix.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Atheros\ACU.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Free Download Manager\FUM\fumoei.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Windows\system32\wuauclt.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\djj\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://es.mx.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://es.mx.acer.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://mx.rd.yahoo.com/customize/ycomp/defaults/su/*http://mx.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - (no file)
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: (no name) - {CF7C3CF0-4B15-11D1-ABED-709549C10000} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [eDSMSNfix] C:\Acer\Empowering Technology\eDSMSNfix.exe
O4 - HKLM\..\Run: [Acer Product Registration] "C:\Program Files\Acer Registration\ACE1.exe" /startup
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Free Uploader Oe Integration] C:\Program Files\Free Download Manager\FUM\fumoei.exe
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Servicio de red')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_15\bin\npjpi142_15.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_15\bin\npjpi142_15.dll
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Upload - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - C:\Program Files\Free Download Manager\FUM\fumiebtn.dll
O13 - Gopher Prefix:
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20070711/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1005.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/VistaMSNPUpldes-mx.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.4.2_15) - http://javadl-esd.sun.com/update/1.4.2/jinstall-1_4-windows-i586.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Servicio de configuración de Atheros (ACS) - Atheros - C:\Windows\system32\acs.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: Programador de LiveUpdate automático - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: Window Washer Engine (wwEngineSvc) - Webroot Software, Inc. - C:\Program Files\Webroot\Washer\WasherSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 12723 bytes



sigo con el problemita :S al querer guardar un archivo si quieor cambiar de carpeta se me cierra, pero ya no tan rapido como antes jaja creo que eso es una ventaja