Pues gracias parece haberse solucionado, u y ha tenido como un millon de archivos malos, pero tengo un problema no puedo colocar ninguna imagen de Fondo, de ningun lado le he intentado desde el panel de control, desde las propiedades de pantalla pero siempre se mantiene el fondo del escritorio negro, a qué puede deberse??

LOGS

Malwarebytes' Anti-Malware 1.11
Versión de la Base de Datos: 599

Tipo de examen : Examen Rápido
Objetos examinados: 29140
Tiempo transcurrido: 4 minute(s), 46 second(s)

Procesos en Memoria Infectados: 0
Módulos en Memoria Infectados: 0
Claves del Registro Infectadas: 0
Valores del Registro Infectados: 0
Elementos de Datos del Registro Infectados: 0
Carpetas Infectadas: 0
Ficheros Infectados: 0

Procesos en Memoria Infectados:
(No se han detectado elementos maliciosos)

Módulos en Memoria Infectados:
(No se han detectado elementos maliciosos)

Claves del Registro Infectadas:
(No se han detectado elementos maliciosos)

Valores del Registro Infectados:
(No se han detectado elementos maliciosos)

Elementos de Datos del Registro Infectados:
(No se han detectado elementos maliciosos)

Carpetas Infectadas:
(No se han detectado elementos maliciosos)

Ficheros Infectados:
(No se han detectado elementos maliciosos)


==========================================

ComboFix 08-04-28.2 - setecompu 2008-04-30 16:41:26.1 - NTFSx86
Microsoft® Windows Vista™ Home Basic 6.0.6000.0.1252.1.3082.18.421 [GMT -5:00]
Se ejecuta desde: C:\Users\setecompu\Downloads\ComboFix.exe
* Creado un nuevo punto de restauración
.

(((((((((((((((((((((((((((((((((((( Otras eliminaciones )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Windows\a.bat
C:\Windows\base64.tmp
C:\Windows\FVProtect.exe
C:\Windows\System32\ahgogmce.ini
C:\Windows\System32\BISrrrCf.ini
C:\Windows\System32\BISrrrCf.ini2
C:\Windows\system32\hgcinblm.ini
C:\Windows\System32\iihNUtwa.ini
C:\Windows\System32\iihNUtwa.ini2
C:\Windows\system32\iwtutqro.ini
C:\Windows\system32\jgjvqddq.ini
C:\Windows\system32\mepxlfkh.ini
C:\Windows\System32\qfivodci.ini
C:\Windows\system32\smp
C:\Windows\system32\smp\msrc.exe
C:\Windows\system32\ssqPhGww.dll
C:\Windows\system32\wphjslqx.ini
C:\Windows\system32\xrkesqew.ini
C:\Windows\userconfig9x.dll
C:\Windows\winsystem.exe
C:\Windows\zip1.tmp
C:\Windows\zip2.tmp
C:\Windows\zip3.tmp
C:\Windows\zipped.tmp

.
(((((((((((((((((( Archivos creados desde 2008-03-28 - 2008-04-30 )))))))))))))))))))))))))))))))))
.

Ning£n archivo ha sido creado durante este intervalo de tiempo

.
(((((((((((((((((((((((((((((((((((((( Reporte Find3M )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
2008-04-30 21:58 2,383,904 --sha-w C:\Windows\system32\drivers\fidbox.dat
2008-04-30 21:51 28,388 --sha-w C:\Windows\system32\drivers\fidbox.idx
2008-04-30 21:39 --------- d-----w C:\Program Files\CCleaner
2008-04-30 21:38 --------- d-----w C:\Program Files\Yahoo!
2008-04-30 21:36 49,791 ----a-w C:\Users\setecompu\AppData\Roaming\nvModes.dat
2008-04-30 21:02 --------- d-----w C:\Users\setecompu\AppData\Roaming\Malwarebytes
2008-04-30 16:57 --------- d-----w C:\ProgramData\Kaspersky Lab
2008-04-30 15:21 --------- d-----w C:\Program Files\Kaspersky Lab
2008-04-30 02:58 --------- d-----w C:\Users\setecompu\AppData\Roaming\Skype
2008-04-29 22:15 --------- d-----w C:\Users\setecompu\AppData\Roaming\skypePM
2008-04-29 15:29 --------- d-----w C:\ProgramData\Malwarebytes
2008-04-29 15:29 --------- d-----w C:\Program Files\Malwarebytes' Anti-Malware
2008-04-24 22:54 --------- d-----w C:\Program Files\Trafficware
2008-04-24 18:04 --------- d-----w C:\ProgramData\Roxio
2008-04-23 22:59 --------- d-----w C:\Program Files\Panda Security
2008-04-23 22:22 20,281 ----a-w C:\Users\Administrador\AppData\Roaming\nvModes.dat
2008-04-23 18:47 --------- d-----w C:\Users\setecompu\AppData\Roaming\Winamp
2008-04-23 15:18 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-23 15:02 --------- d-----w C:\Program Files\Microsoft Games
2008-04-23 13:58 177 ----a-w C:\DelUS.bat
2008-04-23 13:58 --------- d-----w C:\Program Files\Goldshell
2008-04-23 13:55 --------- d-----w C:\ProgramData\filobyhk
2008-04-21 19:53 --------- d-----w C:\Users\setecompu\AppData\Roaming\Notepad++
2008-04-21 19:13 --------- d-----w C:\Program Files\Notepad++
2008-04-16 14:21 --------- d-----w C:\Program Files\ExcelMySQlConverterDemo
2008-04-16 14:21 --------- d-----w C:\Program Files\Excel MySQL Import, Export & Convert Software
2008-04-16 08:07 98,304 ----a-w C:\Windows\npqtsrak.exe
2008-04-16 08:07 290,816 ----a-w C:\Windows\pmsoarbf.dll
2008-04-14 16:12 --------- d-----w C:\Program Files\Common Files\xing shared
2008-04-14 16:12 --------- d-----w C:\Program Files\Common Files\Real
2008-04-14 16:11 --------- d-----w C:\Program Files\Real
2008-04-12 18:21 --------- d-----w C:\Program Files\coolpro2
2008-04-11 19:39 --------- d-----w C:\Program Files\Winamp
2008-04-07 04:41 --------- d-----w C:\Program Files\Wondershare
2008-04-06 20:02 --------- d-----w C:\Program Files\SecondLife
2008-04-06 20:01 --------- d-----w C:\Users\setecompu\AppData\Roaming\SecondLife
2008-03-31 17:29 --------- d-----w C:\Program Files\Kayako
2008-03-29 16:26 --------- d-----w C:\Program Files\TOSHIBA Games
2008-03-29 16:26 --------- d-----w C:\Program Files\HP Games
2008-03-19 20:28 --------- d-----w C:\ProgramData\WildTangent
2008-03-19 17:30 --------- d-----w C:\Users\setecompu\AppData\Roaming\PlayFirst
2008-03-19 16:00 --------- d-----w C:\Program Files\Common Files\Sandlot Shared
2008-03-17 21:08 --------- d-----w C:\Program Files\Research In Motion
2008-03-10 14:40 --------- d-----w C:\ProgramData\Microsoft Help
2008-03-07 19:57 --------- d-----w C:\Users\setecompu\AppData\Roaming\WildTangent
2008-03-06 16:59 --------- d-----w C:\Users\setecompu\AppData\Roaming\JOSM
2008-03-05 19:34 --------- d-----w C:\Program Files\Common Files\Macromedia
2008-02-08 23:37 219,664 ----a-w C:\Windows\System32\klogon.dll
2008-01-21 23:43 32 ----a-w C:\Users\All Users\ezsid.dat
2008-01-21 23:43 32 ----a-w C:\ProgramData\ezsid.dat
2007-12-01 19:02 3,430 ----a-w C:\Windows\inf\.NET Data Provider for MySQL\000A\tmp1F83.tmp
2007-12-01 19:02 3,430 ----a-w C:\Windows\inf\.NET Data Provider for MySQL\0009\tmp1F83.tmp
2007-12-01 19:02 3,430 ----a-w C:\Windows\inf\.NET Data Provider for MySQL\0000\tmp1F83.tmp
2006-11-02 12:48 174 --sha-w C:\Program Files\desktop.ini
.

((((((((((((((((((((((((((((((((( Cargando Puntos Reg ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* entradas vac¡as & entradas leg¡timas predeterminadas no son mostradas

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"L08EXLRD_29521005"="C:\Program Files\Microsoft Student\Microsoft Student con Encarta Premium 2008 DVD\EDICT.exe" [2007-05-23 13:00 351000]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 07:34 201728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-11-22 08:48 1006264]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-02-26 14:26 90191]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-02-26 14:26 7770112]
"NvMediaCenter"="C:\Windows\system32\NvMcTray. dll" [2007-02-26 14:26 81920]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-01-12 22:36 827392]
"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 16:11 49152]
"QPService"="C:\Program Files\HP\QuickPlay\QPService.exe" [2007-03-28 10:45 176128]
"QlbCtrl"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-03-06 04:28 180224]
"HP Health Check Scheduler"="C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2007-03-12 04:54 50696]
"hpWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-03-01 06:18 472776]
"WAWifiMessage"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-10 09:12 317128]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0\bin\jusched.exe" [2007-04-30 18:47 77824]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2008-04-01 13:49 36352]
"UVS11 Preload"="C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe" [2007-03-03 14:12 341488]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-12-11 10:56 286720]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-01-11 09:08 29744]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="C:\Program Files\Google\Gmail Notifier\gnotify.exe" [2005-07-15 16:48 479232]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2006-10-30 09:36 256576]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\RunOnce]
"Launcher"="%WINDIR%\SMINST\launcher.exe" [ ]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2007-11-23 09:17:50 113664]
PDFCreator.lnk - C:\Program Files\PDFCreator\PDFCreator.exe [2008-02-20 10:39:40 2641920]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"EnableLUA"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.dvacm"= C:\PROGRA~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm
"msacm.MPEGacm"= C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG\MPEGacm.acm
"msacm.ulmp3acm"= C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG\ulmp3acm.acm

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\FirewallRules]
"{20A31806-0987-4FE1-9F63-54FB0DC2707B}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"{1826F11A-C351-469A-A53D-784959CD14BA}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{C20CE4A2-AAC0-4E4D-88DC-24A7D3EEAB26}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{4475FA8B-EE83-4D7E-83A6-D9D207B7EB9F}"= C:\Program Files\HP\QuickPlay\QP.exe:Quick Play
"{3AA39E47-8EB8-42BB-B237-E711621917CB}"= C:\Program Files\HP\QuickPlay\QPService.exe:Quick Play Resident Program
"{4329D511-1721-44FE-919C-4D7D37C8C611}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"TCP Query User{74176B2A-CF71-4C40-B7D2-9731B6A97F42}C:\\program files\\ares\\ares.exe"= UDP:C:\program files\ares\ares.exe:Ares p2p for windows
"UDP Query User{40A8B83C-6EB1-4509-8CF3-31D45AF38AE7}C:\\program files\\ares\\ares.exe"= TCP:C:\program files\ares\ares.exe:Ares p2p for windows
"TCP Query User{CDE05261-07F2-408C-A5FC-AE2C378741BE}C:\\users\\setecompu\\desktop\\nico_f tp.exe"= UDP:C:\users\setecompu\desktop\nico_ftp.exe:nico_f tp.exe
"UDP Query User{A284D121-8C1E-4927-B53E-EB227E007A35}C:\\users\\setecompu\\desktop\\nico_f tp.exe"= TCP:C:\users\setecompu\desktop\nico_ftp.exe:nico_f tp.exe
"TCP Query User{2C3F4992-967A-4FDC-982C-EF162DD0575D}C:\\xampp\\apache\\bin\\apache.exe"= UDP:C:\xampp\apache\bin\apache.exe:Apache HTTP Server
"UDP Query User{2BA0CDC6-B89C-4833-A4B5-C4E40A366F4C}C:\\xampp\\apache\\bin\\apache.exe"= TCP:C:\xampp\apache\bin\apache.exe:Apache HTTP Server
"TCP Query User{E0E0053A-24E9-4B5B-9F26-ABEBDCA0A261}C:\\program files\\globalscape\\cuteftp professional\\ftpte.exe"= UDP:C:\program files\globalscape\cuteftp professional\ftpte.exe:FTP Transfer Engine
"UDP Query User{E80FD45B-810C-4F31-9B28-A5CEF532F36F}C:\\program files\\globalscape\\cuteftp professional\\ftpte.exe"= TCP:C:\program files\globalscape\cuteftp professional\ftpte.exe:FTP Transfer Engine
"TCP Query User{E548D37A-EF74-430C-AD50-8AD7EE5EECB0}C:\\users\\setecompu\\desktop\\nueva carpeta\\nico_ftp.exe"= UDP:C:\users\setecompu\desktop\nueva carpeta\nico_ftp.exe:nico_ftp.exe
"UDP Query User{0F30D0EB-2B50-4AC2-9799-CF20EB363021}C:\\users\\setecompu\\desktop\\nueva carpeta\\nico_ftp.exe"= TCP:C:\users\setecompu\desktop\nueva carpeta\nico_ftp.exe:nico_ftp.exe
"TCP Query User{374A04AF-A800-4945-BE52-9E2D463299C1}C:\\program files\\kayako\\liveresponse\\liveresponse.exe"= UDP:C:\program files\kayako\liveresponse\liveresponse.exe:LiveRes ponse
"UDP Query User{07C7AEA9-EB3D-4E72-AC15-03BDB93DD76C}C:\\program files\\kayako\\liveresponse\\liveresponse.exe"= TCP:C:\program files\kayako\liveresponse\liveresponse.exe:LiveRes ponse
"TCP Query User{659458FF-91C8-4B3A-8B3B-89D3DF42814E}C:\\program files\\kayako\\liveresponse\\liveresponse.exe"= UDP:C:\program files\kayako\liveresponse\liveresponse.exe:LiveRes ponse
"UDP Query User{3761A79B-FEA4-4078-BFCB-ED771EC60DEC}C:\\program files\\kayako\\liveresponse\\liveresponse.exe"= TCP:C:\program files\kayako\liveresponse\liveresponse.exe:LiveRes ponse
"{D71B83E1-8B35-4990-A079-E84A26D4C6A4}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{2AA0EA69-7E01-44AD-BCA3-2CC5B6AB07A9}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{62C5DCC2-92B1-47D2-8D33-AD579796BFF9}"= Disabled:UDP:C:\Program Files\Skype\Phone\Skype.exe:Skype
"{70599CBA-9223-48CF-BA09-58BE43D8473B}"= Disabled:TCP:C:\Program Files\Skype\Phone\Skype.exe:Skype

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|S vc=DFSR:Allow inbound TCP traffic|

R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\system32\DRIVERS\klim6.sys [2007-10-16 11:05]
R2 XAudio;XAudio;C:\Windows\system32\DRIVERS\xaudio.s ys [2006-08-04 12:39]
R3 nvsmu;nvsmu;C:\Windows\system32\DRIVERS\nvsmu.sys [2007-02-15 11:50]
S2 XAMPP;XAMPP Service;c:\xampp\service.exe []
S3 BCM43XV;Controlador de adaptador de red 802.11 extensible Broadcom;C:\Windows\system32\DRIVERS\bcmwl6.sys [2007-01-03 10:43]
S3 GoogleDesktopManager-010108-205858;Administrador de Google Desktop 5.7.801.1629;"C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-01-11 09:08]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{1f3af61c-a4e2-11dc-a227-001b248c6ceb}]
\shell\AutoRun\command - H:\nideiect.com
\shell\explore\Command - H:\nideiect.com
\shell\open\Command - H:\nideiect.com

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{2a3bfb68-bcb5-11dc-88dc-001b248c6ceb}]
\shell\AutoRun\command - G:\xn1i9x.com
\shell\explore\Command - G:\xn1i9x.com
\shell\open\Command - G:\xn1i9x.com

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{4902f371-9d41-11dc-9996-001b248c6ceb}]
\shell\AutoRun\command - G:\nideiect.com
\shell\explore\Command - G:\nideiect.com
\shell\open\Command - G:\nideiect.com

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{528d4b75-beab-11dc-84dd-001b248c6ceb}]
\shell\AutoRun\command - F:\nideiect.com
\shell\explore\Command - F:\nideiect.com
\shell\open\Command - F:\nideiect.com

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{5fa2ff99-b5ac-11dc-83a5-001b248c6ceb}]
\shell\AutoRun\command - G:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{729c8a4c-eeae-11dc-ad4d-001b248c6ceb}]
\shell\AutoRun\command - G:\vt6e.cmd
\shell\explore\Command - G:\vt6e.cmd
\shell\open\Command - G:\vt6e.cmd

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{7388f2b2-9718-11dc-a3e0-806e6f6e6963}]
\shell\AutoRun\command - E:\autorun.exe
\shell\directx\command - E:\DirectX9\dxsetup.exe
\shell\setup\command - E:\setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{7388f38f-9718-11dc-a3e0-001b248c6ceb}]
\shell\Auto\command - F:\adp.exe
\shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\adp.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{7388f393-9718-11dc-a3e0-001b248c6ceb}]
\shell\AutoRun\command - G:\setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{a6a8ca52-a35d-11dc-a66e-001b248c6ceb}]
\shell\AutoRun\command - G:\dp.cmd
\shell\explore\Command - G:\dp.cmd
\shell\open\Command - G:\dp.cmd

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{b623ed34-9763-11dc-b3d0-001b248c6ceb}]
\shell\AutoRun\command - G:\Index_Guzman.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{c5960f02-e0a2-11dc-9b25-001b248c6ceb}]
\shell\AutoRun\command - G:\xn1i9x.com
\shell\explore\Command - G:\xn1i9x.com
\shell\open\Command - G:\xn1i9x.com

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{ce5830a5-a1ab-11dc-a0bb-001b248c6ceb}]
\shell\AutoRun\command - G:\t.exe
\shell\explore\Command - G:\t.exe
\shell\open\Command - G:\t.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{db8e37f0-adcf-11dc-a1d9-001b248c6ceb}]
\shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Toy.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{e0d63b42-f5cc-11dc-9abc-001b248c6ceb}]
\shell\Auto\command - G:\auto.exe
\shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\auto.exe
\shell\explore\Command - G:\p3r1ud.exe
\shell\open\Command - G:\p3r1ud.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{ef5246cc-b5c4-11dc-bf7e-001b248c6ceb}]
\shell\AutoRun\command - F:\copetttt.com
\shell\explore\Command - F:\copetttt.com
\shell\open\Command - F:\copetttt.com

.
Contenido de carpeta 'Tareas Programadas'
"2008-04-30 15:08:46 C:\Windows\Tasks\User_Feed_Synchronization-{E7294C69-0F70-4233-A0DF-10A92ABD4BBF}.job"
- C:\Windows\system32\msfeedssync.exe
.
************************************************** ************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-30 16:59:17
Windows 6.0.6000 NTFS

escaneando procesos ocultos ...

escaneando entradas ocultas de autostart ...

escaneando archivos ocultos ...

el escaneo se completo con exito
archivos ocultos: 35

************************************************** ************************
.
------------------------ Other Running Processes ------------------------
.
C:\Windows\System32\audiodg.exe
C:\PROGRA~1\EASYPH~1.0B1\apache\bin\Apache.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\EASYPH~1.0B1\apache\bin\Apache.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\System32\drivers\XAudio.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
C:\Windows\System32\conime.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\servicing\TrustedInstaller.exe
.
************************************************** ************************
.
Tiempo completado: 2008-04-30 17:08:34 - machine was rebooted
ComboFix-quarantined-files.txt 2008-04-30 22:08:17
ComboFix2.txt 2008-04-30 21:39:27

El sistema no puede encontrar el texto del mensaje para el mensaje número 0x2379 en el archivo de mensajes para Application.
El sistema no puede encontrar el texto del mensaje para el mensaje n£mero 0x2379 en el archivo de mensajes para Application.

273 --- E O F --- 2007-11-24 14:22:47