Foro de Spyware - Ver Mensaje Individual - Vista lento, explorer no funciona Trojano en mi pc

Tema: Vista lento, explorer no funciona Trojano en mi pc

Ver Mensaje Individual

post #3 (permalink)

24/04/08, 15:37:48

ZooRon

Usuario

Registrado: abr 2008

Ubicación: Chile

Mensajes: 2

Re: Vista lento, explorer no funciona Trojano en mi pc

Hola, muchas gracias...
AL perecer todo volvio a la normalidad

Se pasaron...

Bueno aca están los reportes que arrojo en Combofix y Anti-Malware

ComboFix 08-04-22.5 - Diego 2008-04-23 22:55:24.1 - NTFSx86 MINIMAL
Microsoft® Windows Vista™ Home Basic 6.0.6000.0.1252.1.3082.18.1406 [GMT -4:00]
Se ejecuta desde: C:\Users\Diego\Desktop\ComboFix.exe
.

(((((((((((((((((( Archivos creados desde 2008-03-24 - 2008-04-24 )))))))))))))))))))))))))))))))))
.

Ningún archivo ha sido creado durante este intervalo de tiempo

.
(((((((((((((((((((((((((((((((((((((( Reporte Find3M )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
2008-04-24 02:00 2,550,080 --sha-w C:\Windows\system32\drivers\fidbox.idx
2008-04-24 02:00 190,247,712 --sha-w C:\Windows\system32\drivers\fidbox.dat
2008-04-24 01:56 --------- d-----w C:\PROGRA~2\Kaspersky Lab
2008-04-24 01:52 --------- d-----w C:\Users\Diego\AppData\Roaming\Malwarebytes
2008-04-24 01:52 --------- d-----w C:\Program Files\Malwarebytes' Anti-Malware
2008-04-24 01:52 --------- d-----w C:\PROGRA~2\Malwarebytes
2008-04-24 01:46 --------- d-----w C:\Program Files\DelPSGuard
2008-04-22 18:45 --------- d-----w C:\Program Files\PokerStars
2008-04-21 07:00 --------- d-----w C:\Users\Diego\AppData\Roaming\Skype
2008-04-21 06:59 --------- d-----w C:\Users\Diego\AppData\Roaming\skypePM
2008-04-20 21:19 --------- d-----w C:\PROGRA~2\Microsoft Help
2008-04-19 17:11 --------- d-----w C:\Program Files\Trend Micro
2008-04-19 06:46 --------- d-----w C:\PROGRA~2\SUPERAntiSpyware.com
2008-04-19 06:43 --------- d-----w C:\Program Files\SUPERAntiSpyware
2008-04-19 06:40 --------- d-----w C:\Users\Diego\AppData\Roaming\SUPERAntiSpyware.co m
2008-04-19 06:37 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-04-18 01:20 --------- d-----w C:\Program Files\Bodog Poker
2008-04-17 15:17 96,645 ----a-w C:\Windows\system32\drivers\klin.dat
2008-04-17 15:17 87,941 ----a-w C:\Windows\system32\drivers\klick.dat
2008-04-17 04:12 --------- d-----w C:\Program Files\Skype
2008-04-17 04:11 --------- d-----w C:\Program Files\Common Files\Skype
2008-04-17 04:11 --------- d-----w C:\PROGRA~2\Skype
2008-04-16 21:18 --------- d-----w C:\Program Files\Kaspersky Lab
2008-04-16 21:15 --------- d-----w C:\PROGRA~2\Kaspersky Lab Setup Files
2008-04-16 19:48 --------- d-----w C:\PROGRA~2\Spybot - Search & Destroy
2008-04-16 18:44 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-04-15 19:06 --------- d-----w C:\Program Files\CyberLink
2008-04-15 07:01 --------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-04-15 06:27 --------- d-----w C:\PROGRA~2\Apple Computer
2008-04-15 05:58 --------- d-----w C:\PROGRA~2\Symantec
2008-04-15 00:36 --------- d-----w C:\PROGRA~2\McAfee
2008-04-14 15:02 --------- d-----w C:\Program Files\Enigma Software Group
2008-04-14 04:51 --------- d-----w C:\Program Files\Common Files\Roxio Shared
2008-04-14 04:50 --------- d-----w C:\PROGRA~2\Roxio
2008-04-14 03:24 --------- d-----w C:\Program Files\Microsoft Works
2008-04-14 03:23 --------- d-----w C:\Program Files\MSBuild
2008-04-14 03:21 --------- d-----w C:\Program Files\Microsoft.NET
2008-04-14 03:14 --------- d-----w C:\Program Files\Microsoft Visual Studio 8
2008-04-13 22:46 --------- d-----w C:\Program Files\Common Files\Nero
2008-04-11 06:03 --------- d-----w C:\Program Files\Real
2008-04-11 06:03 --------- d-----w C:\Program Files\Common Files\xing shared
2008-04-11 06:03 --------- d-----w C:\Program Files\Common Files\Real
2008-04-02 03:52 --------- d-----w C:\Program Files\Full Tilt Poker
2008-03-28 02:14 --------- d-----w C:\Users\Diego\AppData\Roaming\Nero
2008-03-28 02:04 --------- d-----w C:\Program Files\Nero
2008-03-28 02:04 --------- d-----w C:\PROGRA~2\Nero
2008-03-27 15:12 --------- d-----w C:\Program Files\MSECache
2008-03-26 03:21 --------- d-----w C:\Program Files\CCleaner
2008-03-25 00:02 --------- d-----w C:\Program Files\TryMedia
2008-03-21 20:12 --------- d-----w C:\Users\Diego\AppData\Roaming\Apple Computer
2008-03-21 20:10 --------- d-----w C:\Program Files\Bonjour
2008-03-21 20:09 --------- d-----w C:\Program Files\QuickTime
2008-03-21 20:08 --------- d-----w C:\Program Files\Apple Software Update
2008-03-21 20:06 --------- d-----w C:\Program Files\Common Files\Apple
2008-03-21 20:06 --------- d-----w C:\PROGRA~2\Apple
2008-03-18 06:11 --------- d-----w C:\Users\Diego\AppData\Roaming\Winamp
2008-03-18 04:24 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-18 04:23 --------- d-----w C:\Program Files\Common Files\Ahead
2008-03-15 03:55 --------- d-----w C:\Users\Diego\AppData\Roaming\Betfair
2008-03-15 03:55 --------- d-----w C:\Program Files\Betfair
2008-03-05 20:03 479,752 ----a-w C:\Windows\System32\XAudio2_0.dll
2008-03-05 20:03 238,088 ----a-w C:\Windows\System32\xactengine3_0.dll
2008-03-05 20:00 25,608 ----a-w C:\Windows\System32\X3DAudio1_3.dll
2008-03-05 19:56 3,786,760 ----a-w C:\Windows\System32\D3DX9_37.dll
2008-03-05 19:56 1,420,824 ----a-w C:\Windows\System32\D3DCompiler_37.dll
2008-03-02 22:14 --------- d-----w C:\Users\Diego\AppData\Roaming\BSplayer Pro
2008-03-02 21:43 --------- d-----w C:\Program Files\K-Lite Codec Pack
2008-03-02 05:01 --------- d-----w C:\Program Files\Webteh
2008-03-02 04:59 --------- d-----w C:\Users\Diego\AppData\Roaming\BSplayer
2008-02-29 06:51 19,000 ----a-w C:\Windows\System32\kd1394.dll
2008-02-29 06:39 40,960 ----a-w C:\Windows\System32\srclient.dll
2008-02-29 06:39 371,712 ----a-w C:\Windows\System32\srcore.dll
2008-02-29 06:38 313,856 ----a-w C:\Windows\System32\rstrui.exe
2008-02-29 06:38 16,384 ----a-w C:\Windows\System32\srdelayed.exe
2008-02-29 06:35 6,656 ----a-w C:\Windows\System32\kbd106n.dll
2008-02-29 06:34 7,168 ----a-w C:\Windows\System32\f3ahvoas.dll
2008-02-29 04:16 2,027,008 ----a-w C:\Windows\System32\win32k.sys
2008-02-28 21:38 972,072 ----a-w C:\Windows\UNNeroMediaHome.exe
2008-02-28 17:26 1,414,440 ----a-w C:\Windows\System32\ShellManager310E2D762.dll
2008-02-27 04:11 --------- d-----w C:\Program Files\BitComet
2008-02-26 20:14 972,072 ----a-w C:\Windows\UNRecode.exe
2008-02-26 04:06 --------- d-----w C:\Program Files\PokerStrategy
2008-02-21 04:43 826,368 ----a-w C:\Windows\System32\wininet.dll
2008-02-21 04:43 56,320 ----a-w C:\Windows\System32\iesetup.dll
2008-02-21 04:43 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-02-21 04:43 296,448 ----a-w C:\Windows\System32\gdi32.dll
2008-02-21 04:43 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
2008-02-19 05:10 620,088 ----a-w C:\Windows\System32\ci.dll
2008-02-18 20:04 95,600 ----a-w C:\Windows\System32\NeroCo.dll
2008-02-14 23:19 944,184 ----a-w C:\Windows\System32\winload.exe
2008-02-14 05:04 194,560 ----a-w C:\Windows\System32\WebClnt.dll
2008-02-14 05:00 24,064 ----a-w C:\Windows\System32\netcfg.exe
2008-02-14 05:00 22,016 ----a-w C:\Windows\System32\netiougc.exe
2008-02-14 05:00 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll
2008-02-08 22:37 219,664 ----a-w C:\Windows\System32\klogon.dll
2008-02-06 03:07 462,864 ----a-w C:\Windows\System32\d3dx10_37.dll
2007-12-07 03:50 32 ----a-w C:\Users\All Users\ezsid.dat
2007-12-07 03:50 32 ----a-w C:\PROGRA~2\ezsid.dat
2006-11-02 12:48 174 --sha-w C:\Program Files\desktop.ini
2007-11-12 23:10 80 --sh--r C:\Windows\CT4CET.bin
.

((((((((((((((((((((((((((((((((( Cargando Puntos Reg ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* entradas vacías & entradas legítimas predeterminadas no son mostradas

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-16 00:40 1232896]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 10:34 5724184]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-02-29 16:03 1481968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-11-13 02:30 1006264]
"Apoint"="C:\Program Files\DellTPad\Apoint.exe" [2007-04-17 23:31 159744]
"OEM02Mon.exe"="C:\Windows\OEM02Mon.exe" [2007-08-29 01:54 36864]
"SigmatelSysTrayApp"="C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2007-09-28 00:54 405504]
"SunJavaUpdateSched"="c:\Program Files\Java\jre1.6.0\bin\jusched.exe" [2007-11-12 18:55 77824]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 14:35 90112]
"Broadcom Wireless Manager UI"="C:\Windows\system32\WLTRAY.exe" [2007-03-21 15:33 1548288]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2006-10-03 13:37 81920]
"PCMService"="C:\Program Files\Dell\MediaDirect\PCMService.exe" [2007-04-16 18:10 184320]
"dscactivate"="c:\dell\dsca.exe" [2007-07-30 15:40 16384]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\I SUSPM.exe" [2006-10-03 13:35 221184]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2007-10-10 01:28 36352]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-02-18 16:29 2221352]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-04-11 02:03 185896]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 00:47 31016]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" [2008-02-08 18:36 227856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\RunOnce]
"GrpConv"="grpconv -o" []

C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Sta rtup\
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2007-11-12 18:57:28 50688]

[hkey_local_machine\software\microsoft\windows\curr entversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.ac3filter"= ac3filter.acm

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\FirewallRules]
"{ACE3264B-1818-4A1B-B934-CDB25CD5D0DF}"= C:\Program Files\Dell\MediaDirect\PowerCinema.exe:CyberLink PowerCinema
"{F8E8F277-8384-473C-9DF2-958038A4D598}"= C:\Program Files\Dell\MediaDirect\PCMService.exe:CyberLink PowerCinema Resident Program
"{A904342A-E2F4-45CE-9D61-2751BC0FAD58}"= C:\Program Files\Dell\MediaDirect\Kernel\DMP\CLBrowserEngine. exe:Cyberlink Media Server Browser Engine
"{0C521886-D671-42B7-A956-F4EA9EAB82AF}"= C:\Program Files\Dell\MediaDirect\Kernel\DMS\CLMSService.exe: CyberLink Media Server
"{196A0609-FE2D-4AE0-8334-A1AA836E2A4C}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{8B5209A7-3ECB-465A-A204-72A90F15C72B}C:\\program files\\skype\\phone\\skype.exe"= UDP:C:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"UDP Query User{736743C0-8710-400A-8EBE-FBDBAE1E0E65}C:\\program files\\skype\\phone\\skype.exe"= TCP:C:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"TCP Query User{7F94FB1E-0EB7-4263-9270-5B68675AAD02}C:\\program files\\skype\\phone\\skype.exe"= UDP:C:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"UDP Query User{F7C0CCE1-16F1-41EF-9F21-4AD4DA55AE7A}C:\\program files\\skype\\phone\\skype.exe"= TCP:C:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"TCP Query User{5536F097-EFE3-44A5-9448-F64D02957FCE}C:\\program files\\ares\\ares.exe"= UDP:C:\program files\ares\ares.exe:Ares p2p for windows
"UDP Query User{833E7B9C-D9FA-49CF-96DF-ED790042014F}C:\\program files\\ares\\ares.exe"= TCP:C:\program files\ares\ares.exe:Ares p2p for windows
"TCP Query User{56561DE6-DA2C-4523-AB80-82454EDEA02B}C:\\program files\\ares\\ares.exe"= UDP:C:\program files\ares\ares.exe:Ares p2p for windows
"UDP Query User{BBA71896-B7A0-4D63-96B4-9A87C9965740}C:\\program files\\ares\\ares.exe"= TCP:C:\program files\ares\ares.exe:Ares p2p for windows
"TCP Query User{BD37B394-1180-4F74-AB80-5D36313A8F17}C:\\program files\\bitcomet\\bitcomet.exe"= UDP:C:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"UDP Query User{9E42BE62-B035-4A23-85CD-AB2FBCF3236C}C:\\program files\\bitcomet\\bitcomet.exe"= TCP:C:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"TCP Query User{053DEEB2-2B59-4D19-8F6E-2B11EFACBE7B}C:\\program files\\bitcomet\\bitcomet.exe"= UDP:C:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"UDP Query User{1ABB5CE2-190F-4F6E-B7B1-D98A918DCEEE}C:\\program files\\bitcomet\\bitcomet.exe"= TCP:C:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"{36BE9C26-6727-4A50-9C6C-0591856DB6E5}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{0A537E49-8008-453C-BFC4-10CD4586D91A}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"TCP Query User{26AFBD73-B8F9-4FFD-869A-02E6AADDADCA}C:\\users\\diego\\appdata\\local\\tem p\\onlineupdate8\\setupxu.exe"= UDP:C:\users\diego\appdata\local\temp\onlineupdate 8\setupxu.exe:setupxu.exe
"UDP Query User{DC2EA06A-CC2F-4A09-8992-7E6932D7F9B0}C:\\users\\diego\\appdata\\local\\tem p\\onlineupdate8\\setupxu.exe"= TCP:C:\users\diego\appdata\local\temp\onlineupdate 8\setupxu.exe:setupxu.exe
"TCP Query User{AD46ACFB-8FF0-4D8F-9C98-FA7F834481A7}C:\\program files\\sopcast\\adv\\sopadver.exe"= UDP:C:\program files\sopcast\adv\sopadver.exe:SopCast Adver
"UDP Query User{F975A210-6671-41E3-ADB6-336D56E42B8E}C:\\program files\\sopcast\\adv\\sopadver.exe"= TCP:C:\program files\sopcast\adv\sopadver.exe:SopCast Adver
"TCP Query User{644A9D54-76FB-40B2-BA9B-FBAEF9292444}C:\\program files\\sopcast\\sopcast.exe"= UDP:C:\program files\sopcast\sopcast.exe:SopCast Main Application
"UDP Query User{A4999C18-749F-4171-B310-EFD77AF39E3D}C:\\program files\\sopcast\\sopcast.exe"= TCP:C:\program files\sopcast\sopcast.exe:SopCast Main Application
"TCP Query User{BDFCB0DA-21C2-4AE1-94C1-8A3D754D9F7F}C:\\program files\\sopcast\\sopvod.exe"= UDP:C:\program files\sopcast\sopvod.exe:sopvod
"UDP Query User{AF4CE9D1-69B9-47D6-9EA1-4883F4848A6F}C:\\program files\\sopcast\\sopvod.exe"= TCP:C:\program files\sopcast\sopvod.exe:sopvod
"TCP Query User{B9565F32-81CB-42C1-A65A-6CD7DFAAA5DD}C:\\program files\\real\\realplayer\\realplay.exe"= UDP:C:\program files\real\realplayer\realplay.exe:RealPlayer
"UDP Query User{E5A8739D-141F-469B-A4F6-9287E5EA8EE1}C:\\program files\\real\\realplayer\\realplay.exe"= TCP:C:\program files\real\realplayer\realplay.exe:RealPlayer
"TCP Query User{FF348FE3-1EAD-446A-82E3-6DB62B0199BE}C:\\program files\\common files\\nero\\nero web\\setupx.exe"= UDP:C:\program files\common files\nero\nero web\setupx.exe:Nero Installer
"UDP Query User{CE3CB0C8-0ADE-411B-A695-298B7D8FCF0A}C:\\program files\\common files\\nero\\nero web\\setupx.exe"= TCP:C:\program files\common files\nero\nero web\setupx.exe:Nero Installer
"TCP Query User{1EEBDA1E-8F13-4C17-B2AB-247E5B2EF9F0}C:\\program files\\nero\\nero8\\nero home\\nerohome.exe"= UDP:C:\program files\nero\nero8\nero home\nerohome.exe:Nero Home
"UDP Query User{383E3FD8-60BC-4DA9-B336-A54A342DFA44}C:\\program files\\nero\\nero8\\nero home\\nerohome.exe"= TCP:C:\program files\nero\nero8\nero home\nerohome.exe:Nero Home
"{CA8293AF-FEC7-49C6-AA39-1EEB79CF3908}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{6B371D45-11B2-4474-9FB7-4AFBB73C0A15}"= UDP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{22F5CCDA-054D-4EDF-974F-50074EC42D06}"= TCP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{193FFE38-BD9D-4283-B3CE-6A3F459E90C0}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{92EFCE2D-6E82-4736-81B8-FAAABE9BC820}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"TCP Query User{7645C705-94CF-4139-9B51-3C0F2E0BFE14}C:\\programdata\\kaspersky lab setup files\\kaspersky internet security 7.0.1.325\\english\\setup.exe"= UDP:C:\programdata\kaspersky lab setup files\kaspersky internet security 7.0.1.325\english\setup.exe:Kaspersky Internet Security 7.0 Setup
"UDP Query User{ECA935EB-7B44-4C03-B78E-EA2298BD1A7F}C:\\programdata\\kaspersky lab setup files\\kaspersky internet security 7.0.1.325\\english\\setup.exe"= TCP:C:\programdata\kaspersky lab setup files\kaspersky internet security 7.0.1.325\english\setup.exe:Kaspersky Internet Security 7.0 Setup

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|S vc=DFSR:Allow inbound TCP traffic|

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R0 ahcix86s;ahcix86s;C:\Windows\system32\drivers\ahci x86s.sys [2007-09-26 01:34]
R0 AtiPcie;ATI PCI Express (3GIO) Filter;C:\Windows\system32\DRIVERS\AtiPcie.sys [2006-10-30 12:23]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\system32\DRIVERS\klim6.sys [2007-10-16 11:05]
S2 AESTFilters;Andrea ST Filters Service;C:\Windows\system32\aestsrv.exe [2007-09-28 00:54]
S2 ATIWebPAM;ATI WebPAM;"C:\Program Files\ATI\WebPAM\jetty\extra\win32\Wrapper.exe" -s wrapper.conf []
S2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2008-01-28 11:43]
S2 XAudio;XAudio;C:\Windows\system32\DRIVERS\xaudio.s ys [2006-08-04 20:39]
S3 atikmdag;atikmdag;C:\Windows\system32\DRIVERS\atik mdag.sys [2007-08-14 04:40]
S3 btwaudio;Dispositivo de audio Bluetooth;C:\Windows\system32\drivers\btwaudio.sys [2006-11-06 21:37]
S3 btwavdt;Bluetooth AVDT Service;C:\Windows\system32\drivers\btwavdt.sys [2006-11-06 19:13]
S3 btwrchid;btwrchid;C:\Windows\system32\DRIVERS\btwr chid.sys [2006-11-06 19:13]
S3 MBAMCatchMe;MBAMCatchMe;C:\Program Files\Malwarebytes' Anti-Malware\catchme.sys [2008-04-07 20:17]
S3 OEM02Dev;Creative Camera OEM002 Driver;C:\Windows\system32\DRIVERS\OEM02Dev.sys [2007-08-29 01:54]
S3 OEM02Vfx;Creative Camera OEM002 Video VFX Driver;C:\Windows\system32\DRIVERS\OEM02Vfx.sys [2007-08-29 01:55]
S3 R300;R300;C:\Windows\system32\DRIVERS\atikmdag.sys [2007-08-14 04:40]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{17ffaf0f-10da-11dd-a9d9-001dd9e50c0a}]
\shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\win32.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{6511b1d7-04bf-11dd-9473-001dd9e50c0a}]
\shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL win32.exe\open=´ò¿ª(&O)
\shell\explore\Command - driver.exe
\shell\open\Command - driver.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{733c3150-a6be-11dc-b763-001dd9e50c0a}]
\shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL win32.exe

*Newly Created Service* - CATCHME
*Newly Created Service* - ECACHE
*Newly Created Service* - PXHELP20
.
************************************************** ************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-23 22:56:49
Windows 6.0.6000 NTFS

escaneando procesos ocultos ...

escaneando entradas ocultas de autostart ...

escaneando archivos ocultos ...

el escaneo se completo con exito
archivos ocultos: 0

************************************************** ************************
.
Tiempo completado: 2008-04-23 22:57:17
ComboFix-quarantined-files.txt 2008-04-24 02:57:13
ComboFix2.txt 2008-04-24 02:54:08

El sistema no puede encontrar el texto del mensaje para el mensaje número 0x2379 en el archivo de mensajes para Application.
El sistema no puede encontrar el texto del mensaje para el mensaje número 0x2379 en el archivo de mensajes para Application.

247 --- E O F --- 2008-04-23 23:19:16

De todas maneras me tiraba un error el Combofix, pero todo quuedo normal....aka va el otro reporte

Malwarebytes' Anti-Malware 1.11
Versión de la Base de Datos: 676

Tipo de examen : Examen Completo (C:\|D:\|)
Objetos examinados: 139931
Tiempo transcurrido: 40 minute(s), 5 second(s)

Procesos en Memoria Infectados: 0
Módulos en Memoria Infectados: 0
Claves del Registro Infectadas: 2
Valores del Registro Infectados: 0
Elementos de Datos del Registro Infectados: 0
Carpetas Infectadas: 0
Ficheros Infectados: 0

Procesos en Memoria Infectados:
(No se han detectado elementos maliciosos)

Módulos en Memoria Infectados:
(No se han detectado elementos maliciosos)

Claves del Registro Infectadas:
HKEY_CURRENT_USER\Software\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.

Valores del Registro Infectados:
(No se han detectado elementos maliciosos)

Elementos de Datos del Registro Infectados:
(No se han detectado elementos maliciosos)

Carpetas Infectadas:
(No se han detectado elementos maliciosos)

Ficheros Infectados:
(No se han detectado elementos maliciosos)

Adios