Buenos dias, tengo el jkkjj.exe y me daño el equipo. Podrian por favor ayudarme. Gracias.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:09:24 a.m., on 18/01/2008
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\csrss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\System32\Ati2evxx.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\FileZilla Server\FileZilla Server.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\WINNT\system32\regsvc.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINNT\system32\MSTask.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\Explorer.EXE
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINNT\system32\pctspk.exe
C:\WINNT\system32\PV92Tray.exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Program Files\Xerver\XerverMinimumResources.exe
C:\WINNT\system32\javaw.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

F3 - REG:win.ini: load=C:\WINNT\system32\jkkjj.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdmcks.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: Systran40premi.IEPlugIn - {CFB25594-4D5F-11D6-AB7B-00B0D094B576} - C:\Program Files\Systran\4_0\Premium\IEPlugIn.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [PV92TRAY] PV92Tray.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [EPSON Stylus CX3900 Series] C:\WINNT\system32\spool\DRIVERS\W32X86\3\E_FATIBEL .EXE /FU "C:\WINNT\TEMP\E_S26A.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [Ink Monitor] C:\Program Files\EPSON\Ink Monitor\InkMonitor.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [FileZilla Server Interface] "C:\Program Files\FileZilla Server\FileZilla Server Interface.exe"
O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Babylon Translator] C:\Program Files\Babylon\Babylon.exe
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\G oogleToolbarNotifier.exe
O4 - HKCU\..\Run: [eyeBeam SIP Client] "C:\Program Files\LIBRE\libre.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')
O4 - Startup: Shortcut to XerverMinimumResources.lnk = C:\Program Files\Xerver\XerverMinimumResources.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/RACtrl.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: urqpqom - urqpqom.dll (file missing)
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINNT\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINNT\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - C:\Program Files\FileZilla Server\FileZilla Server.exe
O23 - Service: Administrador de Google Desktop 5.7.712.18632 (GoogleDesktopManager-121807-210419) - Unknown owner - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe

--
End of file - 9363 bytes

Hola mrianoabril, te doy la bienvenida al Foro de InfoSpyware.

- Descarga la herramienta ComboFix.exe y guárdala en el escritorio.

• Desactiva temporalmente el Antivirus y/o Antispyware.
• Cierra todas las ventanas abiertas.
• Hacele doble clic al archivo combofix.exe y seguí las instrucciones.
• Cuando termine, generara un registro en C:\ComboFix.txt.
  • *Nota* Mientras CF este trabajando no mover el mouse ya que pararía su proceso.
  • *Nota* ComboFix puede reiniciar automáticamente el PC para completar el proceso de eliminación.
• Pega el reporte de ComboFix.txt en este mismo mensaje.

Reinicia y nos dejas los reportes.

Salu2

gracias por tu tiempo.

ComboFix 08-01-20.1 - Administrator 21/01/2008 4:16:42.1 - NTFSx86
Microsoft Windows 2000 Professional 5.0.2195.4.1252.1.1033.18.241 [GMT -5:00]
Running from: C:\Documents and Settings\Administrator\Desktop\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINNT\system32\jjkkj.ini2

.
((((((((((((((((((((((((( Files Created from 2007-12-21 to 2008-01-21 )))))))))))))))))))))))))))))))
.

2008-01-21 04:20 . 08-01-21 04:20 16,384 --a----t- C:\WINNT\system32\Perflib_Perfdata_1fc.dat
2008-01-21 04:16 . 00-08-31 08:00 51,200 --a------ C:\WINNT\NirCmd.exe
2008-01-19 11:39 . 08-01-19 11:39 <DIR> d-------- C:\Program Files\Ares
2008-01-19 10:13 . 08-01-19 11:13 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Ulead Systems
2008-01-19 10:11 . 08-01-19 10:11 <DIR> d-------- C:\SmartSound Software
2008-01-19 10:11 . 08-01-19 10:11 <DIR> d-------- C:\Program Files\SmartSound Software
2008-01-19 10:11 . 08-01-19 10:11 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
2008-01-19 10:10 . 08-01-19 10:10 <DIR> d-------- C:\Program Files\Windows Media Components
2008-01-19 10:10 . 08-01-19 10:10 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\InstallShield
2008-01-19 10:08 . 08-01-19 10:08 <DIR> d-------- C:\Program Files\Ulead Systems
2008-01-19 10:08 . 08-01-19 10:08 <DIR> d-------- C:\Program Files\Common Files\Ulead Systems
2008-01-19 10:08 . 08-01-19 10:12 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Ulead Systems
2008-01-19 07:17 . 08-01-19 07:19 <DIR> d-------- C:\Program Files\MSN Messenger
2008-01-19 07:02 . 08-01-21 04:12 <DIR> d-------- C:\Program Files\Symantec AntiVirus
2008-01-19 07:02 . 06-05-05 16:19 107,696 --a------ C:\WINNT\system32\drivers\SYMEVENT.SYS
2008-01-19 07:02 . 06-05-05 16:19 87,808 --a------ C:\WINNT\system32\S32EVNT1.DLL
2008-01-19 06:47 . 08-01-19 06:47 <DIR> d-------- C:\Program Files\PrevxCSI
2008-01-18 10:01 . 08-01-18 10:01 948,975 --a------ C:\VPN.zip
2008-01-18 06:47 . 08-01-18 06:47 <DIR> d-------- C:\Program Files\Trend Micro
2008-01-18 06:34 . 08-01-18 06:34 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-01-18 06:33 . 08-01-18 06:40 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2008-01-18 06:33 . 08-01-18 06:33 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\SUPERAntiSpyware.com
2008-01-18 06:30 . 08-01-18 06:32 <DIR> d-------- C:\Program Files\SpywareBlaster
2008-01-18 06:30 . 05-08-25 18:19 115,920 --a------ C:\WINNT\system32\MSINET.OCX
2008-01-18 06:14 . 08-01-18 07:09 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-01-18 06:14 . 07-12-10 14:53 81,288 --a------ C:\WINNT\system32\drivers\iksyssec.sys
2008-01-18 06:14 . 07-12-10 14:53 66,952 --a------ C:\WINNT\system32\drivers\iksysflt.sys
2008-01-18 06:14 . 07-12-10 14:53 41,864 --a------ C:\WINNT\system32\drivers\ikfilesec.sys
2008-01-18 06:14 . 07-12-10 14:53 29,576 --a------ C:\WINNT\system32\drivers\kcom.sys
2008-01-18 06:13 . 08-01-18 06:15 <DIR> d-------- C:\Program Files\Spyware Doctor
2008-01-18 06:13 . 08-01-18 06:13 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\PC Tools
2008-01-18 06:13 . 02-05-15 16:16 462,848 --a------ C:\WINNT\system32\msaatext.dll
2008-01-18 06:13 . 02-05-15 16:16 360,448 --a------ C:\WINNT\system32\oleacc.dll
2008-01-18 06:13 . 02-05-15 16:16 360,448 --a--c--- C:\WINNT\system32\dllcache\oleacc.dll
2008-01-18 06:13 . 02-05-15 16:16 356,352 --a------ C:\WINNT\system32\oleaccrc.dll
2008-01-18 06:13 . 02-05-15 16:16 356,352 --a--c--- C:\WINNT\system32\dllcache\oleaccrc.dll
2008-01-18 06:00 . 08-01-18 06:00 <DIR> d-------- C:\Program Files\Lavasoft
2008-01-18 06:00 . 08-01-18 06:00 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Lavasoft
2008-01-18 05:39 . 08-01-18 06:33 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-01-18 05:36 . 08-01-18 05:36 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Prevx
2008-01-18 05:36 . 08-01-18 05:36 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\PrevxCSI
2008-01-18 04:43 . 08-01-18 04:43 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\CyberLink
2008-01-18 04:43 . 08-01-18 04:43 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\CyberLink
2008-01-18 04:39 . 08-01-18 04:40 <DIR> d-------- C:\Program Files\CyberLink
2008-01-18 04:17 . 08-01-18 04:17 <DIR> d-------- C:\Program Files\DVD Decrypter
2008-01-13 16:36 . 08-01-13 16:36 <DIR> d-------- C:\Program Files\EA GAMES
2008-01-13 16:36 . 04-08-17 22:14 442,368 -ra------ C:\WINNT\system32\vp6vfw.dll
2008-01-13 11:23 . 08-01-13 11:23 <DIR> d-------- C:\Program Files\TeamViewer3
2008-01-13 11:21 . 08-01-13 11:21 <DIR> d-------- C:\Documents and Settings\Administrator\temp
2008-01-13 11:21 . 08-01-13 13:43 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\TeamViewer
2008-01-10 17:35 . 08-01-10 17:39 <DIR> d-------- C:\Program Files\Picasa2
2008-01-10 17:32 . 04-11-30 01:05 163,840 --a------ C:\WINNT\system32\CNDUK189.dll
2008-01-10 17:32 . 04-11-30 01:05 127,059 --a------ C:\WINNT\system32\DSLLK189.dll
2008-01-10 17:32 . 04-11-30 01:05 94,208 --a------ C:\WINNT\system32\CNDCK189.dll
2008-01-10 17:32 . 04-11-30 01:05 40,960 --a------ C:\WINNT\system32\CNDNDlg.exe
2008-01-10 17:31 . 08-01-13 08:59 <DIR> d-------- C:\Program Files\Canon
2008-01-09 20:39 . 08-01-09 20:39 <DIR> d-------- C:\Program Files\Common Files\Adaptec Shared
2008-01-09 20:38 . 02-12-12 01:34 679,424 --a------ C:\WINNT\system32\drmv2clt.dll
2008-01-09 20:38 . 02-12-12 19:45 301,712 --a------ C:\WINNT\system32\drmclien.dll
2008-01-09 20:38 . 02-12-12 19:45 301,712 --a--c--- C:\WINNT\system32\dllcache\drmclien.dll
2008-01-09 20:38 . 02-12-12 19:54 260,744 --a------ C:\WINNT\system32\msnetobj.dll
2008-01-09 20:38 . 02-12-12 01:34 232,960 --a------ C:\WINNT\system32\blackbox.dll
2008-01-09 20:38 . 02-12-12 01:34 82,432 --a------ C:\WINNT\system32\drmstor.dll
2008-01-09 20:38 . 02-12-12 01:34 82,432 --a--c--- C:\WINNT\system32\dllcache\drmstor.dll
2008-01-09 20:38 . 02-12-12 01:34 9,728 --a--c--- C:\WINNT\system32\dllcache\npwmsdrm.dll
2008-01-08 11:00 . 08-01-08 11:00 <DIR> d-------- C:\Program Files\Apple Software Update
2008-01-08 11:00 . 08-01-08 11:00 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple
2008-01-08 05:51 . 08-01-08 05:53 <DIR> d-------- C:\Program Files\FTPShell
2008-01-08 05:45 . 08-01-08 05:45 <DIR> d--hs---- C:\WINNT\ftpcache
2008-01-08 05:45 . 08-01-08 05:45 <DIR> d-------- C:\Program Files\LuckaSoft
2007-12-22 09:57 . 07-12-22 09:57 24 --a------ C:\WINNT\system32\Drv32_16.ini

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2008-01-21 09:18 --------- d-----w C:\Documents and Settings\Administrator\Application Data\Free Download Manager
2008-01-21 08:59 --------- d-----w C:\Program Files\LogMeIn
2008-01-19 15:11 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-19 15:08 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-01-19 12:09 --------- d-----w C:\Program Files\Free Download Manager
2008-01-19 12:05 --------- d-----w C:\Program Files\iTunes
2008-01-19 12:03 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-01-19 12:02 --------- d-----w C:\Program Files\Symantec
2008-01-19 11:41 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-01-18 15:07 --------- d-----w C:\Documents and Settings\Administrator\Application Data\FileZilla
2008-01-18 10:27 --------- d---a-w C:\Program Files\Babylon
2008-01-18 10:27 --------- d-----w C:\Program Files\QuickTime
2008-01-18 10:27 --------- d-----w C:\Program Files\FileZilla Server
2008-01-12 15:19 --------- d-----w C:\Program Files\Google
2008-01-10 01:39 57,344 ----a-w C:\WINNT\uneng.exe
2008-01-10 01:39 49,152 ----a-w C:\WINNT\system32\cdrtc.dll
2008-01-10 01:39 45,056 ----a-w C:\WINNT\system32\cdral.dll
2007-12-19 19:11 --------- d-----w C:\Program Files\Common Files\Ahead
2007-12-19 18:49 --------- d-----w C:\Documents and Settings\Administrator\Application Data\Ahead
2007-12-19 18:48 --------- d-----w C:\Program Files\Nero
2007-12-19 15:18 --------- d-----w C:\Program Files\GoldEsel
2007-12-19 15:18 --------- d-----w C:\Program Files\Ahead
2007-12-15 15:48 --------- d--h--w C:\Program Files\Uninstall Information
2007-12-15 15:46 155,995 ----a-w C:\WINNT\java\Packages\6FB9B57V.ZIP
2007-12-15 15:42 --------- d-----w C:\Program Files\MSXML 4.0
2007-12-14 15:42 --------- d---a-w C:\Documents and Settings\All Users\Application Data\Apple Computer
2007-12-06 10:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\LIBRE
2007-12-06 10:27 --------- d-----w C:\Program Files\LIBRE
2007-11-23 23:36 --------- d-----w C:\Documents and Settings\Administrator\Application Data\Apple Computer
2007-11-22 16:59 --------- d-----w C:\Program Files\Java
2007-11-22 15:41 --------- d-----w C:\Program Files\Xerver
2007-11-22 14:56 --------- d-----w C:\Program Files\Common Files\Java
2007-11-22 14:34 --------- d-----w C:\Program Files\FileZilla-3.0.3
2007-11-22 14:10 --------- d-----w C:\Program Files\InstantServers
2007-11-22 04:04 --------- d-----w C:\Program Files\epson
2007-11-22 04:03 --------- d-----w C:\Program Files\ABBYY FineReader 6.0 Sprint
2007-11-22 03:49 --------- d-----w C:\Program Files\Venta
2007-11-22 02:32 --------- d-----w C:\Program Files\Systran
2007-11-22 01:43 --------- d-----w C:\Program Files\VIAudioi
2007-11-22 01:41 --------- d-----w C:\Program Files\Common Files\Adobe
2007-11-22 01:41 --------- d-----w C:\Documents and Settings\Administrator\Application Data\InterTrust
2007-11-22 01:26 --------- d-----w C:\Program Files\S3
2007-11-22 01:08 --------- d-----w C:\Program Files\microsoft frontpage
2007-11-22 01:07 558,142 ----a-w C:\WINNT\java\Packages\4VXBNF7P.ZIP
2007-11-22 01:06 271 ---h--w C:\Program Files\desktop.ini
2007-11-22 01:06 21,952 ---h--w C:\Program Files\folder.htt
2007-11-21 20:04 --------- d-----w C:\Program Files\Accessories
2007-11-15 23:46 83,288 ----a-w C:\WINNT\system32\LMIRfsClientNP.dll
2007-11-15 23:46 23,736 ----a-w C:\WINNT\system32\lmimirr.dll
2007-11-15 23:46 21,496 ----a-w C:\WINNT\system32\LMIport.dll
2007-11-15 23:46 10,040 ----a-w C:\WINNT\system32\lmimirr2.dll
2007-10-31 07:17 230,912 ----a-w C:\WINNT\system32\wmasf.dll
2007-10-28 01:20 1,222,656 ----a-w C:\WINNT\system32\quartz.dll
1999-12-07 12:00 32,528 ----a-w C:\WINNT\inf\wbfirdma.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"ares"="C:\Program Files\Ares\Ares.exe" [07-05-14 17:37 964608]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [07-09-04 23:40 6856704]
"Babylon Translator"="C:\Program Files\Babylon\Babylon.exe" [ ]
"Free Download Manager"="C:\Program Files\Free Download Manager\fdm.exe" [06-08-21 00:24 2068527]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\G oogleToolbarNotifier.exe" [ ]
"eyeBeam SIP Client"="C:\Program Files\LIBRE\libre.exe" [ ]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" [ ]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [07-06-21 14:06 1318912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"Synchronization Manager"="mobsync.exe" [03-06-19 12:05 111376 C:\WINNT\system32\mobsync.exe]
"PCTVOICE"="pctspk.exe" [03-07-18 03:01 180224 C:\WINNT\system32\pctspk.exe]
"PV92TRAY"="PV92Tray.exe" [03-06-25 06:47 311296 C:\WINNT\system32\PV92Tray.exe]
"LogMeIn GUI"="C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" [ ]
"Ink Monitor"="C:\Program Files\EPSON\Ink Monitor\InkMonitor.exe" [ ]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [ ]
"FileZilla Server Interface"="C:\Program Files\FileZilla Server\FileZilla Server Interface.exe" [ ]
"AudioDeck"="C:\Program Files\VIAudioi\SBADeck\ADeck.exe" [ ]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [ ]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [07-07-27 20:14 271672]
"NeroFilterCheck"="C:\WINNT\system32\NeroCheck.exe " [ ]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [ ]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [ ]
"LanguageShortcut"="C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" [ ]
"PrevxCSI"="C:\Program Files\PrevxCSI\prevxcsi.exe" [08-01-19 06:45 92160]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [06-03-24 17:14 53408]
"UVS10 Preload"="C:\Program Files\Ulead Systems\Ulead VideoStudio 10\uvPL.exe" [06-03-07 00:52 36864]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [07-10-23 16:18 443968]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\RunOnce]
"^SetupICWDesktop"="C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe" [03-06-19 12:05 186640]

C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\
Shortcut to XerverMinimumResources.lnk - C:\Program Files\Xerver\XerverMinimumResources.exe [2007-11-22 10:41:46 40960]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Acrobat Assistant.lnk - C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe [2007-11-21 20:42:01 82026]
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [2008-01-10 05:22:52 122880]

[hkey_local_machine\software\microsoft\windows\curr entversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [06-12-20 13:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 07-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\urqpqom]
urqpqom.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~2\GOEC62~ 1.DLL

R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files\LogMeIn\x86\RaInfo.sys [07-08-03 15:09 ]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\WINNT\system32\drivers\LMIRfsDriver.sys [07-08-03 15:09 ]
R3 usbhub20;USB 2.0 Root Hub Support;C:\WINNT\system32\DRIVERS\usbhub20.sys [03-06-19 12:05 ]
S3 GoogleDesktopManager-121807-210419;Administrador de Google Desktop 5.7.712.18632;"C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" []
S3 viafilter;VIA USB Filter;C:\WINNT\system32\Drivers\viausb.sys [03-02-16 16:46 ]

*Newly Created Service* - IPNAT
*Newly Created Service* - RASAUTO
*Newly Created Service* - SHAREDACCESS
.
Contents of the 'Scheduled Tasks' folder
"2008-01-14 22:30:12 C:\WINNT\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
************************************************** ************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-21 04:20:55
Windows 5.0.2195 Service Pack 4 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

************************************************** ************************
.
Completion time: 2008-01-21 4:24:11 - machine was rebooted
ComboFix-quarantined-files.txt 2008-01-21 09:23:38
.
2008-01-11 08:37:17 --- E O F ---

Hola, ComboFix ya se encargo de eliminar los archivos de malwares encontrados en tu PC, por lo que tendrías que comentarnos como esta funcionado todo luego de reiniciar ?

Salu2