Pega aca el reporte de KAS.

Salu2!

como te comenté en la respuesta anterior, no me ha dejado de grabar el reporter.

por favor, vuelve a ejecutar combofix y peganos un nuevo reporte.

Salu2!

Nuevo reporter de Combofix

ComboFix 08-07-02.5 - Administrador 2008-07-07 0:39:12.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.3082.18.751 [GMT 2:00]

ADVERTENCIA - ESTE EQUIPO NO TIENE INSTALADA LA CONSOLA DE RECUPERACION!
.
The following files were disabled during the run:
C:\Archivos de programa\rnamfler\radhslib.dll


(((((((((((((((((((((((((((((((((((( Otras eliminaciones )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Administrador\Datos de programa\m
C:\Documents and Settings\Administrador\Datos de programa\m\data.oct
C:\Documents and Settings\Administrador\Datos de programa\m\flec006.exe
C:\Documents and Settings\Administrador\Datos de programa\m\list.oct
C:\Documents and Settings\Administrador\Datos de programa\m\shared
C:\Documents and Settings\Administrador\Datos de programa\m\shared\@stake.(Symantec).LC.5.(L0phtCra ck).5.04.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\000-778_-_IBM_Tivoli_License_Manager_V2.1_Implementation_Pr actice_Test_Questions_1.0_[Key].zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\10-Strike_Network_File_Search_1.3.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\3D_Manta_Ray_Aqua_Screensaver_2. zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\3DM_Import_for_SolidWorks_1.0_[Serial].zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\4U_Video_Converter_2.1.47.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\91X_(XTRA-FM)_Widget_1.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Aberrater_3.0_beta.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Above_The_Bar_2.0.588.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Absolute_MP3_Splitter_Converter_ 2.5.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Address4U_2.0_Patch.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Advanced_Administrative_Tools_5. 92_(With_Crack).zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Advanced_Subtitler_1.4.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\AEDTools_Pro_1.14.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Aglowsoft_Personal_Security_2.0. 3.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Aiekon_Voice_Automated_Media_Pla yer_1.0.1.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\ALZip_7.0_Beta_1_[KeyGen].zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Anarchy_Online_The_Notum_Wars_Tr ailer_1.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\AppDefend_1.0_With_Crack.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Athlant_Personal_Edition_2.04_(C racked).zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Audio_Studio_Gold_7.0.8.1_Cracke d.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Avery_ProWrite_2005_SE_for_Micro soft_Outlook_4.5.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Avg.Anti.Virus.Plus.Firewall.7.5 .Keygen.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Avg.Anti.Virus.v7.0.143.Keymaker-Core.(works).zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Avi2Wav_Extractor_1.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Basic_Business_Solutions_1.0.0.1 .zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Bhagavad-gita_As_It_Is_(Audio)_108.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\BioniX_Wallpaper_5.4.2.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Boox_1.0.3.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Btp_blitsmemor_2.8.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\CamPermanent_2.0_[Patch].zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Canadian_Loan_Spread_Calculator_ Pro_1.8.01.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Card_Export_1.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\CarTunes_1.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\CLC_Free_Workbench_4.0_Build_400 3.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Clipboard_Extender_2.02_Patch.zi p
C:\Documents and Settings\Administrador\Datos de programa\m\shared\ClipManager_1.0_(Patch).zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\CoffeeCup_Image_Mapper_4.0_(Crac k).zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Command_&_Conquer_Generals_Zero_ Hour_Axis_of_the_Matrix_Mod_0.98_beta.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\ContactGrabber_Personal_Edition_ 2.3.3.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\ChameleonLog_1.5_build_160.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Cheat_Guru_1.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Church_Secretary_7.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Demonstration_Screen_1.5_(KeyGen ).zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\DisctopPro_2.5.2.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Dive_Time_2.6.14.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\DownloaderXL_6.1.2.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Drweb.4.Xx.Crack.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Ducks_Screensaver_1.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Due_1.1.1.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Earthquake_in_Zipland_1.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Easy_Rip_PRO_4.1_[Crack].zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\EMDB_0.45.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\EOL_1.1_build_100.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Evening_at_Maya_Valley_1.0_[Key+Serial].zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Excel_HTML_Save_&_Export_Softwar e_1.1.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\EZ-ACH_4.0.4.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\EZY_Unit_Converter_1.3_(Crack).z ip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\FAQ_Organizer_Deluxe_2.4.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\FastSubmit_4.51_[Patch].zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Feng_Shui_2.1.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\FileMaker_Pro_8.5.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\First_Name_Origins_5.0.0.2.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\FlagHint_component_1.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\FlashClips_U3_1.00_With_Crack.zi p
C:\Documents and Settings\Administrador\Datos de programa\m\shared\FlexiDoc_Designer_1.0_Build2.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Fretboard_Addict_1.3.1.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Gold_Lace_Screensaver_2.2.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Grand_Theft_Auto_Vice_City_Kips_ Mod_1.3.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\GSDisplay_1.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\HardwareInfos_1.5.2.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\HKHelp_1.1.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\InJoy_Dialer_3.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\InvoicePal_for_GoldMine_Corporat e_Edition_1.3.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Jana_Server_2.4.8.51.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Java_DeObfuscator_1.6b.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\JPEG_Lossless_Rotator_5.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Lectern_II_Professional_1.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Lord_of_the_Rings_3D_Screen_Save r_1.5.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Lyrux_song_collection_2.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Mactracker_4.0.2.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\mce_Portal_2.01.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\mConvert_1.1.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\NCAA_Football_liveSchedule_2.0.z ip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\NOD32.2.51.26.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\NPR_Player_1.01.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Okoker_Disk_Cleaner_2.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Parent_folder_3.3.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Password_2000_2.8.0_(Cracked).zi p
C:\Documents and Settings\Administrador\Datos de programa\m\shared\PC_Auto_Shutdown_2.8.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Personal_Diary_1.4.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Plasmaplugs_Table_Renderer_1.1.z ip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\PocketC_Runtime_(Palm_OS)_5.0.zi p
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Rapid_Evolution_2.7.12.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\ReadWrite_Katakana_1.1.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\rebuilt.Kaspersky.Anti-Virus.v6.0.1.411.FR.Incl-Key.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Rocket_Lawyer_Living_Will_Editio n_1.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Site_Promote_Pro_1.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Softany_Txt2Htm2Chm_1.2_(Cracked ).zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Spy_Remover_8.7_(Crack).zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\sTabLauncher_1.2.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\SureLock_v1.0_(KeyGen).zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Synthetic_Wallpaper_1.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Ten_Clipboards_1.12.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\The_Elder_Scrolls_III_Morrowind_ G._I._A._N._T._S._Dragons_mod.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\The_Punisher_demo.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\ThreatMon_1.1_Crack.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\TurboCAD_Designer_11.1.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\uCertify_Study_Guide_for_test_70-306_6.08.04.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Ultim@te_Race_Pro_demo.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Unicorn_Reflections_Screensaver_ 1.0_[With_Crack].zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Unreal_Tournament_2004_ONS_Kakmo _map.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\USB-ToolBox_2_1.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Utility_Library_1.0_[KeyGen].zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Video_to_Flash_Converter_PRO_5.6 .0_Build_8_Serial.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Visual_Job_Manager_1.0.0.1.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Visual_Terrain_Maker_1.4.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Vmount_for_VMware_1.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\VNC_Navigator_2.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\WallpaperXe_1.2.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Wave_MP3_Editor_10.5.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\WebtoWall_1.0.0.52.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\WinASO_Registry_Optimizer_2.8.zi p
C:\Documents and Settings\Administrador\Datos de programa\m\shared\winButler_1.1.7.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Windows_Media_Player_ASF_Uncheck ed_Buffer_Vulnerability_MS01-056.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\WineBanq_8.1.3.434.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\WinSQL_5.0.54.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Wondershare_Video_to_Flash_Encod er_1.8.1.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Xingtone_Ringtone_Maker_4.2.17.z ip
C:\Documents and Settings\Administrador\Datos de programa\m\srvlist.oct
C:\WINDOWS\system32\ban_list.txt
C:\WINDOWS\system32\drivers\downld
C:\WINDOWS\system32\drivers\downld\101187.exe
C:\WINDOWS\system32\drivers\downld\101703.exe
C:\WINDOWS\system32\drivers\downld\1040687.exe
C:\WINDOWS\system32\drivers\downld\1103296.exe
C:\WINDOWS\system32\drivers\downld\114765.exe
C:\WINDOWS\system32\drivers\downld\120140.exe
C:\WINDOWS\system32\drivers\downld\129859.exe
C:\WINDOWS\system32\drivers\downld\130984.exe
C:\WINDOWS\system32\drivers\downld\137906.exe
C:\WINDOWS\system32\drivers\downld\15547687.exe
C:\WINDOWS\system32\drivers\downld\15561468.exe
C:\WINDOWS\system32\drivers\downld\15572609.exe
C:\WINDOWS\system32\drivers\downld\15604125.exe
C:\WINDOWS\system32\drivers\downld\156406.exe
C:\WINDOWS\system32\drivers\downld\15654875.exe
C:\WINDOWS\system32\drivers\downld\16053734.exe
C:\WINDOWS\system32\drivers\downld\162250.exe
C:\WINDOWS\system32\drivers\downld\16305515.exe
C:\WINDOWS\system32\drivers\downld\16369531.exe
C:\WINDOWS\system32\drivers\downld\209296.exe
C:\WINDOWS\system32\drivers\downld\279906.exe
C:\WINDOWS\system32\drivers\downld\345500.exe
C:\WINDOWS\system32\drivers\downld\383000.exe
C:\WINDOWS\system32\drivers\downld\398875.exe
C:\WINDOWS\system32\drivers\downld\407750.exe
C:\WINDOWS\system32\drivers\downld\492421.exe
C:\WINDOWS\system32\drivers\downld\509546.exe
C:\WINDOWS\system32\drivers\downld\772500.exe
C:\WINDOWS\system32\drivers\downld\80609.exe
C:\WINDOWS\system32\drivers\downld\96937.exe
C:\WINDOWS\system32\drivers\hldrrr.exe
C:\WINDOWS\system32\drivers\mdelk.exe
C:\WINDOWS\system32\drivers\srosa.sys
C:\WINDOWS\system32\mdelk.exe
C:\WINDOWS\system32\wintems.exe

.
(((((((((((((((((( Archivos creados desde 2008-06-06 - 2008-07-06 )))))))))))))))))))))))))))))))))
.

2008-07-06 20:03 . 2008-07-06 20:18 <DIR> d-------- C:\Archivos de programa\Trojan Remover
2008-07-05 11:12 . 2008-07-05 11:12 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-07-03 18:24 . 2008-07-03 18:24 <DIR> d-------- C:\WINDOWS\system32\xircom
2008-07-03 18:24 . 2008-07-03 18:24 <DIR> d-------- C:\WINDOWS\system32\restore
2008-07-03 18:24 . 2008-07-03 18:24 <DIR> d-------- C:\WINDOWS\system32\oobe
2008-07-03 18:24 . 2008-07-03 18:24 <DIR> d-------- C:\WINDOWS\srchasst
2008-07-03 18:24 . 2008-07-03 18:24 <DIR> d-------- C:\WINDOWS\msagent
2008-07-03 18:24 . 2008-07-03 18:24 <DIR> d-------- C:\Archivos de programa\microsoft frontpage
2008-07-01 22:57 . 2008-07-01 22:57 <DIR> d-------- C:\Documents and Settings\All Users\Datos de programa\SUPERAntiSpyware.com
2008-07-01 22:48 . 2008-07-01 22:48 <DIR> d-------- C:\Documents and Settings\Administrador\Datos de programa\SUPERAntiSpyware.com
2008-07-01 22:48 . 2008-07-01 22:48 <DIR> d-------- C:\Archivos de programa\SUPERAntiSpyware
2008-07-01 18:11 . 2008-07-01 19:30 14,852 --------- C:\WINDOWS\system32\zzzzzzzzz.exe
2008-07-01 06:36 . 2008-07-01 06:36 <DIR> d-------- C:\Documents and Settings\Administrador\Datos de programa\Malwarebytes
2008-06-30 22:47 . 2008-06-30 22:47 <DIR> d-------- C:\Documents and Settings\Administrador\DoctorWeb
2008-06-30 19:50 . 2008-06-30 19:50 <DIR> d-------- C:\Documents and Settings\All Users\Datos de programa\Malwarebytes
2008-06-30 19:50 . 2008-06-30 20:00 <DIR> d-------- C:\Archivos de programa\Malwarebytes' Anti-Malware
2008-06-30 19:50 . 2008-06-28 14:16 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-06-30 19:50 . 2008-06-28 14:16 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-06-30 19:45 . 2008-07-01 06:34 <DIR> d-------- C:\LIMPIEZA PC
2008-06-30 19:38 . 2008-06-30 19:38 <DIR> d-------- C:\Archivos de programa\CCleaner
2008-06-29 19:17 . 2008-06-30 20:03 <DIR> d-------- C:\Muestras
2008-06-29 17:10 . 2008-07-01 23:51 <DIR> d-------- C:\DESCARGAS RAPIDAS
2008-06-29 16:20 . 2008-06-29 16:20 554 --a------ C:\WINDOWS\DelUS.bat
2008-06-28 12:10 . 2008-06-28 12:10 <DIR> d-------- C:\Archivos de programa\ADSLNet
2008-06-28 11:01 . 2008-06-28 11:01 <DIR> d-------- C:\Documents and Settings\Administrador\Datos de programa\RM Royal Media Ltd
2008-06-14 09:47 . 2008-06-27 22:37 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-06-14 09:47 . 2008-06-14 09:47 1,409 --a------ C:\WINDOWS\QTFont.for
2008-06-13 19:31 . 2008-06-13 19:31 268 --ah----- C:\sqmdata16.sqm
2008-06-13 19:31 . 2008-06-13 19:31 244 --ah----- C:\sqmnoopt16.sqm
2008-06-11 14:54 . 2008-06-14 19:59 272,512 --------- C:\WINDOWS\system32\drivers\bthport.sys
2008-06-11 14:54 . 2008-06-14 19:59 272,512 --------- C:\WINDOWS\system32\DllCache\bthport.sys
2008-06-08 19:08 . 2008-06-08 19:08 <DIR> d-------- C:\Archivos de programa\SAGEM

.
(((((((((((((((((((((((((((((((((((((( Reporte Find3M )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
2008-07-06 22:38 --------- d--h--r C:\Archivos de programa\rnamfler
2008-07-06 17:39 73,728 ----a-w C:\WINDOWS\DUMP832a.tmp
2008-07-05 08:52 98,304 ----a-w C:\WINDOWS\DUMP5e8b.tmp
2008-07-03 16:51 73,728 ----a-w C:\WINDOWS\DUMP857b.tmp
2008-07-02 18:15 --------- d-----w C:\Archivos de programa\Eset
2008-07-02 17:16 73,728 ----a-w C:\WINDOWS\DUMP8647.tmp
2008-07-01 20:48 --------- d-----w C:\Archivos de programa\Archivos comunes\Wise Installation Wizard
2008-06-30 21:56 --------- d-----w C:\Archivos de programa\TuneUp Utilities 2006
2008-06-30 18:02 98,304 ----a-w C:\WINDOWS\DUMP88f6.tmp
2008-06-29 22:29 98,304 ----a-w C:\WINDOWS\DUMP8491.tmp
2008-06-29 17:30 98,304 ----a-w C:\WINDOWS\DUMP7946.tmp
2008-06-29 17:25 98,304 ----a-w C:\WINDOWS\DUMP88e6.tmp
2008-06-29 15:22 --------- d-----w C:\Archivos de programa\Spybot - Search & Destroy
2008-06-29 14:55 --------- d-----w C:\Documents and Settings\All Users\Datos de programa\Spybot - Search & Destroy
2008-06-29 14:40 --------- d-----w C:\Documents and Settings\Administrador\Datos de programa\ppstream
2008-06-29 14:37 --------- d-----w C:\Archivos de programa\TVAnts
2008-06-29 14:07 --------- d-----w C:\Documents and Settings\Administrador\Datos de programa\Lavasoft
2008-06-29 14:06 --------- d-----w C:\Archivos de programa\HJT
2008-06-29 14:05 --------- d-----w C:\Archivos de programa\gds30
2008-06-29 13:52 --------- d-----w C:\Archivos de programa\BitComet
2008-06-28 18:58 --------- d-----w C:\Archivos de programa\eMule
2008-06-21 21:44 20 ---h--w C:\Documents and Settings\All Users\Datos de programa\PKP_DLec.DAT
2008-06-21 21:44 20 ---h--w C:\Documents and Settings\All Users\Datos de programa\PKP_DLds.DAT
2008-06-08 17:08 --------- d--h--w C:\Archivos de programa\InstallShield Installation Information
2008-05-20 18:28 --------- d-----w C:\Archivos de programa\ReflexiveArcade
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-05-08 12:28 202,752 ------w C:\WINDOWS\system32\DllCache\rmcast.sys
2008-05-07 05:15 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2008-05-07 05:15 1,293,824 ------w C:\WINDOWS\system32\DllCache\quartz.dll
2008-04-23 20:16 3,591,680 ----a-w C:\WINDOWS\system32\DllCache\mshtml.dll
2008-04-22 07:40 625,664 ------w C:\WINDOWS\system32\DllCache\iexplore.exe
2008-04-22 07:39 70,656 ------w C:\WINDOWS\system32\DllCache\ie4uinit.exe
2008-04-22 07:39 13,824 ------w C:\WINDOWS\system32\DllCache\ieudinit.exe
2008-04-20 05:07 161,792 ------w C:\WINDOWS\system32\DllCache\ieakui.dll
2008-04-07 18:28 98,304 ----a-w C:\WINDOWS\DUMP8750.tmp
2008-01-31 14:51 25,600 ----a-w C:\Documents and Settings\Administrador\usbsermptxp.sys
2008-01-31 14:51 22,768 ----a-w C:\Documents and Settings\Administrador\usbsermpt.sys
2008-01-03 11:43 92,064 ----a-w C:\Documents and Settings\Administrador\mqdmmdm.sys
2008-01-03 11:43 9,232 ----a-w C:\Documents and Settings\Administrador\mqdmmdfl.sys
2008-01-03 11:43 79,328 ----a-w C:\Documents and Settings\Administrador\mqdmserd.sys
2008-01-03 11:43 66,656 ----a-w C:\Documents and Settings\Administrador\mqdmbus.sys
2008-01-03 11:43 6,208 ----a-w C:\Documents and Settings\Administrador\mqdmcmnt.sys
2008-01-03 11:43 5,936 ----a-w C:\Documents and Settings\Administrador\mqdmwhnt.sys
2008-01-03 11:43 4,048 ----a-w C:\Documents and Settings\Administrador\mqdmcr.sys
.

------- Sigcheck -------

2004-08-19 15:42 30208 84ad8e1b758c1abea80cfcc087be0ed3 C:\WINDOWS\system32\ctfmon.exe
2004-08-19 15:42 15360 25ecfa69af1563fde8dfd31f9954497a C:\WINDOWS\XPize\Backup\ctfmon.exe
.
((((((((((((((((((((((((((((( snapshot@2008-07-03_18.22.03.60 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-07-03 16:19:06 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-07-06 22:38:50 2,048 --s-a-w C:\WINDOWS\bootstat.dat
- 2008-03-15 17:16:38 155,099 ----a-w C:\WINDOWS\HPHins15.dat
+ 2008-07-03 19:15:32 155,227 ----a-w C:\WINDOWS\HPHins15.dat
+ 2005-05-16 17:34:48 213,048 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavss.dll
+ 2007-09-10 08:47:44 65,536 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
+ 2007-09-10 08:47:44 798,720 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll
- 2008-07-02 16:17:39 57,524 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2008-07-06 09:30:04 57,524 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2008-07-02 16:17:39 75,176 ----a-w C:\WINDOWS\system32\perfc00A.dat
+ 2008-07-06 09:30:04 75,176 ----a-w C:\WINDOWS\system32\perfc00A.dat
- 2008-07-02 16:17:39 388,132 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2008-07-06 09:30:04 388,132 ----a-w C:\WINDOWS\system32\perfh009.dat
- 2008-07-02 16:17:39 449,386 ----a-w C:\WINDOWS\system32\perfh00A.dat
+ 2008-07-06 09:30:04 449,386 ----a-w C:\WINDOWS\system32\perfh00A.dat
+ 2002-03-06 00:00:00 75,264 ----a-w C:\WINDOWS\system32\unacev2.dll
+ 2003-02-02 19:06:02 153,088 ----a-w C:\WINDOWS\system32\UNRAR3.dll
- 2008-07-03 16:21:28 53,248 ----a-w C:\WINDOWS\Temp\catchme.dll
+ 2008-07-06 22:41:27 53,248 ----a-w C:\WINDOWS\Temp\catchme.dll
.
((((((((((((((((((((((((((((((((( Cargando Puntos Reg ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* entradas vacías & entradas legítimas predeterminadas no son mostradas

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"TaskSwitchXP"="C:\Archivos de programa\TaskSwitchXP\TaskSwitchXP.exe" [2006-02-04 19:16 62464]
"RemoteCenter"="C:\Archivos de programa\Creative\MediaSource\RemoteControl\RCMan. EXE" [2003-10-08 16:35 139264]
"msnmsgr"="C:\Archivos de programa\MSN Messenger\MsnMsgr.Exe" [2007-01-19 12:55 5674352]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 15:42 30208]
"swg"="C:\Archivos de programa\Google\GoogleToolbarNotifier\GoogleToolba rNotifier.exe" [2006-10-01 04:08 692224]
"SUPERAntiSpyware"="C:\Archivos de programa\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-05-28 10:33 1506544]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2005-09-20 04:35 94208]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2005-09-20 04:32 77824]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2005-09-20 04:36 114688]
"DeviceDiscovery"="C:\Archivos de programa\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe" [2002-12-02 20:56 40960]
"CTSysVol"="C:\Archivos de programa\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe" [2003-09-17 10:43 57344]
"CTDVDDET"="C:\Archivos de programa\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EX E" [2003-06-18 01:00 45056]
"SBDrvDet"="C:\Archivos de programa\Creative\SB Drive Det\SBDrvDet.exe" [2002-12-03 18:06 45056]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 01:00 90112]
"wrna3ls"="C:\Archivos de programa\rnamfler\naomf.exe" [2005-11-20 18:13 1121352]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86 \3\hpztsb08.exe" [2003-03-11 12:08 172032]
"PowerS"="C:\WINDOWS\PowerS.exe" [2001-08-03 17:56 159800]
"mouseElf"="C:\ARCHIV~1\GENIUS~1\mouseElf.exe" [2003-12-05 10:03 208896]
"WinampAgent"="C:\Archivos de programa\Winamp\winampa.exe" [2007-12-20 17:16 37376]
"TkBellExe"="C:\Archivos de programa\Archivos comunes\Real\Update_OB\realsched.exe" [2008-02-09 17:38 185896]
"HP Software Update"="C:\Archivos de programa\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2007-03-11 22:34 49152]
"Acrobat Assistant 8.0"="C:\Archivos de programa\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2007-05-10 22:46 624248]
"ADSLNetTools"="C:\Archivos de programa\ADSLNet\Navigation Tools\ADSLNetTools.exe" [2008-06-28 12:11 9594880]
"TrojanScanner"="C:\Archivos de programa\Trojan Remover\Trjscan.exe" [2008-07-06 20:03 274944]
"CTHelper"="CTHELPER.EXE" [2003-10-06 08:57 24576 C:\WINDOWS\system32\CTHELPER.EXE]
"WService"="WService.EXE" [2002-09-07 12:23 28672 C:\WINDOWS\system32\WService.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-19 15:42 30208]

C:\Documents and Settings\All Users\Men£ Inicio\Programas\Inicio\
HP Digital Imaging Monitor.lnk - C:\Archivos de programa\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe [2007-03-11 22:26:24 210520]
NkbMonitor.exe.lnk - C:\Archivos de programa\Nikon\PictureProject\NkbMonitor.exe [2007-07-30 20:05:07 118784]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"DisableStatusMessages"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\explorer]
"NoDesktopCleanupWizard"= 1 (0x1)
"ForceClassicControlPanel"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
"NoSMMyPictures"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
"NoResolveSearch"= 1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\cur rentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
"NoSMMyPictures"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
"NoResolveSearch"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
Source= file://C:\Documents and Settings\Administrador\Configuración local\Archivos temporales de Internet\t630194a.bmp
FriendlyName=

[hkey_local_machine\software\microsoft\windows\curr entversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Archivos de programa\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 10:13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"=hex(2):58,50,69,7a,65,5f,4c,6f,67,6f,6e,2 e,65,78,65,00

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2007-04-19 13:41 294912 C:\Archivos de programa\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.iv41"= ir41_32.dll
"VIDC.X264"= x264vfw.dll
"VIDC.3iv2"= 3ivxVfWCodec.dll
"VIDC.MJPG"= Pvmjpg21.dll
"VIDC.PIM1"= pclepim1.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menú Inicio^Programas^Inicio^Adobe Gamma.lnk]

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile]
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Archivos de programa\\MSN Messenger\\msnmsgr.exe"=
"C:\\Archivos de programa\\MSN Messenger\\livecall.exe"=
"C:\\Archivos de programa\\eMule\\emule.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\GloballyOpenPorts\List]
"17961:TCP"= 17961:TCP:BitComet 17961 TCP
"17961:UDP"= 17961:UDP:BitComet 17961 UDP
"13162:TCP"= 13162:TCP:BitComet 13162 TCP
"13162:UDP"= 13162:UDP:BitComet 13162 UDP

R2 BT848;BtCap, WDM Video Capture;C:\WINDOWS\system32\drivers\BT848.SYS [2001-02-03 18:41]
R2 BTTUNER;BtTuner, WDM TV Tuner;C:\WINDOWS\system32\drivers\BTTUNER.SYS [2001-02-03 18:11]
R2 BTXBAR;BtXBar, WDM Crossbar;C:\WINDOWS\system32\drivers\BTXBAR.SYS [2001-02-03 18:11]
R2 DriverX;DriverX;C:\WINDOWS\system32\drivers\Driver X.sys [1997-03-12 14:57]
R2 PfDetNT;PfDetNT;C:\WINDOWS\system32\drivers\PfModN T.sys [2003-03-05 12:19]
R2 UxTuneUp;Ampliación del diseño de TuneUp;C:\WINDOWS\System32\svchost.exe [2004-08-19 15:43]
R3 genmcmnUSB;USB Scroll Mouse Driver;C:\WINDOWS\system32\DRIVERS\gflmouhid.sys [2003-08-07 16:42]
S3 dTVdrvNT;dTVdrvNT;C:\WINDOWS\SYSTEM32\dTVdrvNT.sys []
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Archivos de programa\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 15:18]
S3 MBAMCatchMe;MBAMCatchMe;C:\WINDOWS\system32\driver s\mbamcatchme.sys [2008-06-28 14:16]
S3 usbscan;Controlador de escáner USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 22:58]
S3 USBSTOR;Dispositivo de almacenamiento masivo de datos USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 23:08]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{ebb4740e-7a39-11dc-a7bb-000e509c151d}]
\Shell\AutoRun\command - D:\ShelExec.exe portada_07.pdf

.
Contenido de carpeta 'Tareas Programadas'
"2008-07-06 22:13:01 C:\WINDOWS\Tasks\Comprobar actualizaciones de Windows Live Toolbar.job"
- C:\Archivos de programa\Windows Live Toolbar\MSNTBUP.EXE
"2007-01-21 19:55:09 C:\WINDOWS\Tasks\WebReg 20070121205509.job"
- C:\Archivos de programa\Hewlett-Packard\webreg\bin\hpqwrg.exe
"2008-07-03 19:15:29 C:\WINDOWS\Tasks\WebReg Deskjet D2400 series.job"
- C:\Archivos de programa\Hewlett-Packard\Digital Imaging\bin\hpqwrg.exe
.
************************************************** ************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-07 00:41:28
Windows 5.1.2600 Service Pack 2 NTFS

escaneando procesos ocultos ...

escaneando entradas ocultas de autostart ...

escaneando archivos ocultos ...

el escaneo se completo con exito
archivos ocultos: 0

************************************************** ************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\CTSVCCDA.EXE
C:\Archivos de programa\rnamfler\naofsvc.exe
C:\Archivos de programa\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\drivers\WtSrv.exe
C:\WINDOWS\system32\MsPMSPSv.exe
.
************************************************** ************************
.
Tiempo completado: 2008-07-07 0:42:32 - machine was rebooted
ComboFix-quarantined-files.txt 2008-07-06 22:42:21
ComboFix2.txt 2008-07-04 23:34:57
ComboFix3.txt 2008-07-03 16:22:36

26 dirs 7,705,858,048 bytes libres
26 dirs 7,718,494,208 bytes libres

428 --- E O F --- 2008-06-20 18:14:27

Por favor, realiza los pasos tal y como se describen, de lo contrario, no podremos desinfectar tu pc. Mire tu anterior respuesta y no ejecutaste el Combofix, con CFScript, por eso este sigue detectando los mimos archivos.,

• Desactiva el "TEA TIMER", de Spybot Search & Destroy.

1.- abre un bloc de notas.

2.- Ahora copia y pega estos archivos dentro del bloc de notas

Código:

KillAll::

File::
C:\WINDOWS\system32\zzzzzzzzz.exe
C:\WINDOWS\DelUS.bat

Folder::
C:\Archivos de programa\rnamfler

Registry::
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6d3e6f5e-4d7a-11db-a588-000e509c151d}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ebb4740e-7a39-11dc-a7bb-000e509c151d}]

3.- Graba este archivo con el nombre CFScript.txt

4.- Arrastra y soltar el archivo CFScript.txt dentro del archivo ComboFix.exe como lo muestra la animación de abajo. Esto activara ComboFix nuevamente.



Reinicia y nos contas los resultados. junto con un nuevo reporte de ComboFix.

1. Descargue Malwarebytes' Anti-Malware y guárdelo en un lugar conveniente.
2. Haga doble clic en setup.exe-mbam para instalarlo.
3. Elija idioma español
4. Antes de hacer clic en el botón Finalizar, asegúrese de que estas 2 casillas esten marcadas:
   • Actualización Malwarebytes' Anti-Malware
   • Ejecutar Malwarebytes' Anti-Malware
5. Seleccione la pestaña "Escáner".
6. Marque la Casilla de "Realizar un Examen Completo" . Haga clic en "Examinar", a continuación, haga clic en "Empezar a Examinar"
7. Una vez que haya finalizado el Analisis
8. Marque todos los elementos y haga clic en "Eliminar"
9. se abrirá el Bloc de Notas. Por favor, este registro Peguelo en su próxima respuesta. También puede encontrar el Reporte en la "Pestaña" "Registros".

En tu Siguiente Post :

• Reporte de COMBOFIX
• Reporte de MBAM

Ante todo y antes de continuar quiero darte las gracias por la atención que me prestas día a día.

Te comento en primer lugar que no tengo instalado spybot search & Destroy, ni en pogramas ni en la lista del panel de control. Tan solo han quedado algunos archivos dentro de Archivos de programa. Por tanto no he tenido que desactivar nada. Te comento esto por si sirve de algo.

Bueno como me dijiste te envio los dos reporter

REPORTER DE COMBOFIX

ComboFix 08-07-02.5 - Administrador 2008-07-07 22:50:02.4 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.3082.18.754 [GMT 2:00]

ADVERTENCIA - ESTE EQUIPO NO TIENE INSTALADA LA CONSOLA DE RECUPERACION!
.
The following files were disabled during the run:
C:\Archivos de programa\rnamfler\radhslib.dll


(((((((((((((((((((((((((((((((((((( Otras eliminaciones )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Administrador\Datos de programa\m
C:\Documents and Settings\Administrador\Datos de programa\m\data.oct
C:\Documents and Settings\Administrador\Datos de programa\m\flec006.exe
C:\Documents and Settings\Administrador\Datos de programa\m\list.oct
C:\Documents and Settings\Administrador\Datos de programa\m\shared
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Sun Set Screensaver 1.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Sun Sight Gadget 1.0.0.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Sun Spotter 2.2.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Sun Times 7.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Sunbowsoft Secure Storage 1.08.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\SunClock 2.5.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Suncycle 1.0.9.7.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Sundi 1.060.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\SundryTools XV 4.0.0 Build 516.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Sunflow 0.07.2.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Sunflower Clock ScreenSaver 2.3.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Sunflower Excel .Net 1.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Sunflowers - Animated Screensaver 5.07.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Sunflowers - Animated Wallpaper 5.07.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Sunflowers Screensaver 1.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Sunflowers Screensaver1 1.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Sunflowers Screensaver2 1.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\SunGlance 1.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Sunken Pirate Ship 1.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\SunlitGreen Photo Editor 1.2.0.20.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\SunMetronome 3.8.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Sunny Morning - Animated Screensaver 5.07.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Sunny Morning - Animated Wallpaper 5.07.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\SunoSoft Overwrite Protect Free 2.0.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\SunoSoft S-Crypto II 2.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\SunRav BookOffice 3.2.1.467.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\SunRav Fonter 1.2.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\SunRav PDF Creator 1.1.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\SunRav TestOfficePro 5.1.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\SunRav TestOfficePro.WEB 2.3.2.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Sunrise Calculator 1.5.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Sunrise Wallpaper Changer 3.4.0513.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Suns NBA Schedule 1.1.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\SUNSET 1.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Sunset And Sky Screen Saver 1.3.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Sunset And Sunrise Screen Saver 1.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Sunset Glory Screensaver.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Sunset on Jetty Screensaver 1.0.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Sunset Screen Saver 2.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Sunset Screensaver 1.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Sunset Screensaver EV.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Sunset Slideshow 3.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Sunset Splendor Screensaver 1.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Sunset Thoughts Demo Screensaver 1.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Sunsets and Sunscapes Screensaver 1.0.6.2634.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Sunsets Around The World 1.0.6.2634.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\SunSys Screensaver 1.1.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Suntereo 1.2.3.1254.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Suntime 1.0.2.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\SunXi Viewer Install 1.0b.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\SupaMario 1.2.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\SupaNova MP3 Explorer 2.1.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\SupaWeegi 1.3.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\SUPER 2008 Build 30.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super Ad Blocker 4.6.1000.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super AJAX Programming Seed 1.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super Amazing 1.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super Audio Assistant 1.3.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super Audio Converter 5.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super Audio Factory 5.4.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super Audio Grabber 3.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super Audio Recorder 3.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super Browser Washer 1.10.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super calculator 1.00.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super Capture 6.11.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super CD Cover Maker 4.2.5.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super CD Ripper 2.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super CD to WMA Maker 1.00.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super Cipher P2P Messenger 4.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super Clock Screensaver City.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super Clock Screensaver Rain.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super Clone DVD 5.2.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super Color Picker 1.2.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super Copy 2.1.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super Crossword Creator 2.3.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super Deluxe Daily Premieres 1.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super DIY 1.8.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super DragAndGo 0.2.6.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super Duper Music Looper XPress 2 build 63.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super DVD CD Backup Studio 3.1.0.0612.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super DVD Copier 5.6.1.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super DVD Copy 2.28i.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super DVD Creator 9.8.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super DVD Factory 5.8.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super DVD ripper 2.11.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super DVD Ripper 2.39i.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super DVD to iPod Converter + Video to iPod PowerPack build 2006 5.0.1.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super DVD to iPod Converter 3.1.1.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super DVD to PSP Converter 5.5.5.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super DVD to Zune Converter 2.37.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super Echo SE-i 1.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super Editor 7.6.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super Email Extractor 2.81.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super Email Harvester 5.54.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super Email Sender 2.97.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super Email Spider 2.80.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super Email Verifier 1.75.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super Explorer 1.5.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super Fast File Splitter 1.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super Fax Search 1.82.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super Fdisk 1.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super File Encryption 4.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super Finder 1.5.2.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super Flash Player Manager 2.18.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super Flexible File Synchronizer 4.12d Build 71.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\SUPER GIR 2.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super Heros Vista Icons.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super History 1.0.0.5 Beta.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super Icon Helper 1.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super Image Picture Finder Grabber 4.15.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super Internet TV 7.2.0.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super Invoice 1.01.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super iPod Video Converter 3.5.1.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super Lister 1.3.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super Magnifier 1.0.4.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\SUPER MAGNIFY 1.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super Maildisk 1.03.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super Mario Bros Z Screensaver 1.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super Mario Bros. Screensaver 1.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super Mp3 Converter 5.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super Mp3 Editor 5.2.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super MP3 Recorder 2.50.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super Mp3 Recorder 3.0.zip
C:\Documents and Settings\Administrador\Datos de programa\m\shared\Super Mp3 Recorder Pro 6.5.5.zip
C:\Documents and Settings\Administrador\Datos de programa\m\srvlist.oct
C:\WINDOWS\system32\ban_list.txt
C:\WINDOWS\system32\drivers\downld
C:\WINDOWS\system32\drivers\downld\100734.exe
C:\WINDOWS\system32\drivers\downld\101109.exe
C:\WINDOWS\system32\drivers\downld\106718.exe
C:\WINDOWS\system32\drivers\downld\110906.exe
C:\WINDOWS\system32\drivers\downld\114656.exe
C:\WINDOWS\system32\drivers\downld\121031.exe
C:\WINDOWS\system32\drivers\downld\127671.exe
C:\WINDOWS\system32\drivers\downld\134187.exe
C:\WINDOWS\system32\drivers\downld\135625.exe
C:\WINDOWS\system32\drivers\downld\144796.exe
C:\WINDOWS\system32\drivers\downld\166109.exe
C:\WINDOWS\system32\drivers\downld\172921.exe
C:\WINDOWS\system32\drivers\downld\226125.exe
C:\WINDOWS\system32\drivers\downld\243281.exe
C:\WINDOWS\system32\drivers\downld\248218.exe
C:\WINDOWS\system32\drivers\downld\277703.exe
C:\WINDOWS\system32\drivers\downld\278109.exe
C:\WINDOWS\system32\drivers\downld\301875.exe
C:\WINDOWS\system32\drivers\downld\76875.exe
C:\WINDOWS\system32\drivers\downld\83000.exe
C:\WINDOWS\system32\drivers\downld\83109.exe
C:\WINDOWS\system32\drivers\downld\99015.exe
C:\WINDOWS\system32\drivers\hldrrr.exe
C:\WINDOWS\system32\drivers\mdelk.exe
C:\WINDOWS\system32\drivers\srosa.sys
C:\WINDOWS\system32\mdelk.exe
C:\WINDOWS\system32\wintems.exe

.
(((((((((((((((((( Archivos creados desde 2008-06-07 - 2008-07-07 )))))))))))))))))))))))))))))))))
.

2008-07-06 20:03 . 2008-07-06 20:18 <DIR> d-------- C:\Archivos de programa\Trojan Remover
2008-07-05 11:12 . 2008-07-05 11:12 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-07-03 18:24 . 2008-07-03 18:24 <DIR> d-------- C:\WINDOWS\system32\xircom
2008-07-03 18:24 . 2008-07-03 18:24 <DIR> d-------- C:\WINDOWS\system32\restore
2008-07-03 18:24 . 2008-07-03 18:24 <DIR> d-------- C:\WINDOWS\system32\oobe
2008-07-03 18:24 . 2008-07-03 18:24 <DIR> d-------- C:\WINDOWS\srchasst
2008-07-03 18:24 . 2008-07-03 18:24 <DIR> d-------- C:\WINDOWS\msagent
2008-07-03 18:24 . 2008-07-03 18:24 <DIR> d-------- C:\Archivos de programa\microsoft frontpage
2008-07-01 22:57 . 2008-07-01 22:57 <DIR> d-------- C:\Documents and Settings\All Users\Datos de programa\SUPERAntiSpyware.com
2008-07-01 22:48 . 2008-07-01 22:48 <DIR> d-------- C:\Documents and Settings\Administrador\Datos de programa\SUPERAntiSpyware.com
2008-07-01 22:48 . 2008-07-01 22:48 <DIR> d-------- C:\Archivos de programa\SUPERAntiSpyware
2008-07-01 18:11 . 2008-07-01 19:30 14,852 --------- C:\WINDOWS\system32\zzzzzzzzz.exe
2008-07-01 06:36 . 2008-07-01 06:36 <DIR> d-------- C:\Documents and Settings\Administrador\Datos de programa\Malwarebytes
2008-06-30 22:47 . 2008-06-30 22:47 <DIR> d-------- C:\Documents and Settings\Administrador\DoctorWeb
2008-06-30 19:50 . 2008-06-30 19:50 <DIR> d-------- C:\Documents and Settings\All Users\Datos de programa\Malwarebytes
2008-06-30 19:50 . 2008-06-30 20:00 <DIR> d-------- C:\Archivos de programa\Malwarebytes' Anti-Malware
2008-06-30 19:50 . 2008-06-28 14:16 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-06-30 19:50 . 2008-06-28 14:16 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-06-30 19:45 . 2008-07-01 06:34 <DIR> d-------- C:\LIMPIEZA PC
2008-06-30 19:38 . 2008-06-30 19:38 <DIR> d-------- C:\Archivos de programa\CCleaner
2008-06-29 19:17 . 2008-07-07 18:43 <DIR> d-------- C:\Muestras
2008-06-29 17:10 . 2008-07-01 23:51 <DIR> d-------- C:\DESCARGAS RAPIDAS
2008-06-29 16:20 . 2008-06-29 16:20 554 --a------ C:\WINDOWS\DelUS.bat
2008-06-28 12:10 . 2008-06-28 12:10 <DIR> d-------- C:\Archivos de programa\ADSLNet
2008-06-28 11:01 . 2008-06-28 11:01 <DIR> d-------- C:\Documents and Settings\Administrador\Datos de programa\RM Royal Media Ltd
2008-06-14 09:47 . 2008-06-27 22:37 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-06-14 09:47 . 2008-06-14 09:47 1,409 --a------ C:\WINDOWS\QTFont.for
2008-06-13 19:31 . 2008-06-13 19:31 268 --ah----- C:\sqmdata16.sqm
2008-06-13 19:31 . 2008-06-13 19:31 244 --ah----- C:\sqmnoopt16.sqm
2008-06-11 14:54 . 2008-06-14 19:59 272,512 --------- C:\WINDOWS\system32\drivers\bthport.sys
2008-06-11 14:54 . 2008-06-14 19:59 272,512 --------- C:\WINDOWS\system32\DllCache\bthport.sys
2008-06-08 19:08 . 2008-06-08 19:08 <DIR> d-------- C:\Archivos de programa\SAGEM

.
(((((((((((((((((((((((((((((((((((((( Reporte Find3M )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
2008-07-07 20:49 --------- d--h--r C:\Archivos de programa\rnamfler
2008-07-07 04:48 98,304 ----a-w C:\WINDOWS\DUMP7b0c.tmp
2008-07-06 17:39 73,728 ----a-w C:\WINDOWS\DUMP832a.tmp
2008-07-05 08:52 98,304 ----a-w C:\WINDOWS\DUMP5e8b.tmp
2008-07-03 16:51 73,728 ----a-w C:\WINDOWS\DUMP857b.tmp
2008-07-02 18:15 --------- d-----w C:\Archivos de programa\Eset
2008-07-02 17:16 73,728 ----a-w C:\WINDOWS\DUMP8647.tmp
2008-07-01 20:48 --------- d-----w C:\Archivos de programa\Archivos comunes\Wise Installation Wizard
2008-06-30 21:56 --------- d-----w C:\Archivos de programa\TuneUp Utilities 2006
2008-06-30 18:02 98,304 ----a-w C:\WINDOWS\DUMP88f6.tmp
2008-06-29 22:29 98,304 ----a-w C:\WINDOWS\DUMP8491.tmp
2008-06-29 17:30 98,304 ----a-w C:\WINDOWS\DUMP7946.tmp
2008-06-29 17:25 98,304 ----a-w C:\WINDOWS\DUMP88e6.tmp
2008-06-29 15:22 --------- d-----w C:\Archivos de programa\Spybot - Search & Destroy
2008-06-29 14:55 --------- d-----w C:\Documents and Settings\All Users\Datos de programa\Spybot - Search & Destroy
2008-06-29 14:40 --------- d-----w C:\Documents and Settings\Administrador\Datos de programa\ppstream
2008-06-29 14:37 --------- d-----w C:\Archivos de programa\TVAnts
2008-06-29 14:07 --------- d-----w C:\Documents and Settings\Administrador\Datos de programa\Lavasoft
2008-06-29 14:06 --------- d-----w C:\Archivos de programa\HJT
2008-06-29 14:05 --------- d-----w C:\Archivos de programa\gds30
2008-06-29 13:52 --------- d-----w C:\Archivos de programa\BitComet
2008-06-28 18:58 --------- d-----w C:\Archivos de programa\eMule
2008-06-21 21:44 20 ---h--w C:\Documents and Settings\All Users\Datos de programa\PKP_DLec.DAT
2008-06-21 21:44 20 ---h--w C:\Documents and Settings\All Users\Datos de programa\PKP_DLds.DAT
2008-06-08 17:08 --------- d--h--w C:\Archivos de programa\InstallShield Installation Information
2008-05-20 18:28 --------- d-----w C:\Archivos de programa\ReflexiveArcade
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-05-08 12:28 202,752 ------w C:\WINDOWS\system32\DllCache\rmcast.sys
2008-05-07 05:15 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2008-05-07 05:15 1,293,824 ------w C:\WINDOWS\system32\DllCache\quartz.dll
2008-04-23 20:16 3,591,680 ----a-w C:\WINDOWS\system32\DllCache\mshtml.dll
2008-04-22 07:40 625,664 ------w C:\WINDOWS\system32\DllCache\iexplore.exe
2008-04-22 07:39 70,656 ------w C:\WINDOWS\system32\DllCache\ie4uinit.exe
2008-04-22 07:39 13,824 ------w C:\WINDOWS\system32\DllCache\ieudinit.exe
2008-04-20 05:07 161,792 ------w C:\WINDOWS\system32\DllCache\ieakui.dll
2008-04-07 18:28 98,304 ----a-w C:\WINDOWS\DUMP8750.tmp
2008-01-31 14:51 25,600 ----a-w C:\Documents and Settings\Administrador\usbsermptxp.sys
2008-01-31 14:51 22,768 ----a-w C:\Documents and Settings\Administrador\usbsermpt.sys
2008-01-03 11:43 92,064 ----a-w C:\Documents and Settings\Administrador\mqdmmdm.sys
2008-01-03 11:43 9,232 ----a-w C:\Documents and Settings\Administrador\mqdmmdfl.sys
2008-01-03 11:43 79,328 ----a-w C:\Documents and Settings\Administrador\mqdmserd.sys
2008-01-03 11:43 66,656 ----a-w C:\Documents and Settings\Administrador\mqdmbus.sys
2008-01-03 11:43 6,208 ----a-w C:\Documents and Settings\Administrador\mqdmcmnt.sys
2008-01-03 11:43 5,936 ----a-w C:\Documents and Settings\Administrador\mqdmwhnt.sys
2008-01-03 11:43 4,048 ----a-w C:\Documents and Settings\Administrador\mqdmcr.sys
.

------- Sigcheck -------

2004-08-19 15:42 30208 84ad8e1b758c1abea80cfcc087be0ed3 C:\WINDOWS\system32\ctfmon.exe
2004-08-19 15:42 15360 25ecfa69af1563fde8dfd31f9954497a C:\WINDOWS\XPize\Backup\ctfmon.exe
.
((((((((((((((((((((((((((((( snapshot@2008-07-03_18.22.03.60 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-07-03 16:19:06 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-07-07 20:49:11 2,048 --s-a-w C:\WINDOWS\bootstat.dat
- 2008-03-15 17:16:38 155,099 ----a-w C:\WINDOWS\HPHins15.dat
+ 2008-07-03 19:15:32 155,227 ----a-w C:\WINDOWS\HPHins15.dat
+ 2005-05-16 17:34:48 213,048 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavss.dll
+ 2007-09-10 08:47:44 65,536 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
+ 2007-09-10 08:47:44 798,720 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll
- 2008-07-02 16:17:39 57,524 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2008-07-07 1613 57,524 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2008-07-02 16:17:39 75,176 ----a-w C:\WINDOWS\system32\perfc00A.dat
+ 2008-07-07 1613 75,176 ----a-w C:\WINDOWS\system32\perfc00A.dat
- 2008-07-02 16:17:39 388,132 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2008-07-07 1613 388,132 ----a-w C:\WINDOWS\system32\perfh009.dat
- 2008-07-02 16:17:39 449,386 ----a-w C:\WINDOWS\system32\perfh00A.dat
+ 2008-07-07 1613 449,386 ----a-w C:\WINDOWS\system32\perfh00A.dat
+ 2002-03-06 00:00:00 75,264 ----a-w C:\WINDOWS\system32\unacev2.dll
+ 2003-02-02 19:06:02 153,088 ----a-w C:\WINDOWS\system32\UNRAR3.dll
- 2008-07-03 16:21:28 53,248 ----a-w C:\WINDOWS\Temp\catchme.dll
+ 2008-07-07 20:52:06 53,248 ----a-w C:\WINDOWS\Temp\catchme.dll
.
((((((((((((((((((((((((((((((((( Cargando Puntos Reg ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* entradas vacías & entradas legítimas predeterminadas no son mostradas

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"TaskSwitchXP"="C:\Archivos de programa\TaskSwitchXP\TaskSwitchXP.exe" [2006-02-04 19:16 62464]
"RemoteCenter"="C:\Archivos de programa\Creative\MediaSource\RemoteControl\RCMan. EXE" [2003-10-08 16:35 139264]
"msnmsgr"="C:\Archivos de programa\MSN Messenger\MsnMsgr.Exe" [2007-01-19 12:55 5674352]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 15:42 30208]
"swg"="C:\Archivos de programa\Google\GoogleToolbarNotifier\GoogleToolba rNotifier.exe" [2006-10-01 04:08 692224]
"SUPERAntiSpyware"="C:\Archivos de programa\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-05-28 10:33 1506544]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2005-09-20 04:35 94208]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2005-09-20 04:32 77824]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2005-09-20 04:36 114688]
"DeviceDiscovery"="C:\Archivos de programa\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe" [2002-12-02 20:56 40960]
"CTSysVol"="C:\Archivos de programa\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe" [2003-09-17 10:43 57344]
"CTDVDDET"="C:\Archivos de programa\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EX E" [2003-06-18 01:00 45056]
"SBDrvDet"="C:\Archivos de programa\Creative\SB Drive Det\SBDrvDet.exe" [2002-12-03 18:06 45056]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 01:00 90112]
"wrna3ls"="C:\Archivos de programa\rnamfler\naomf.exe" [2005-11-20 18:13 1121352]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86 \3\hpztsb08.exe" [2003-03-11 12:08 172032]
"PowerS"="C:\WINDOWS\PowerS.exe" [2001-08-03 17:56 159800]
"mouseElf"="C:\ARCHIV~1\GENIUS~1\mouseElf.exe" [2003-12-05 10:03 208896]
"WinampAgent"="C:\Archivos de programa\Winamp\winampa.exe" [2007-12-20 17:16 37376]
"TkBellExe"="C:\Archivos de programa\Archivos comunes\Real\Update_OB\realsched.exe" [2008-02-09 17:38 185896]
"HP Software Update"="C:\Archivos de programa\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2007-03-11 22:34 49152]
"Acrobat Assistant 8.0"="C:\Archivos de programa\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2007-05-10 22:46 624248]
"ADSLNetTools"="C:\Archivos de programa\ADSLNet\Navigation Tools\ADSLNetTools.exe" [2008-06-28 12:11 9594880]
"TrojanScanner"="C:\Archivos de programa\Trojan Remover\Trjscan.exe" [2008-07-07 22:37 274944]
"CTHelper"="CTHELPER.EXE" [2003-10-06 08:57 24576 C:\WINDOWS\system32\CTHELPER.EXE]
"WService"="WService.EXE" [2002-09-07 12:23 28672 C:\WINDOWS\system32\WService.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-19 15:42 30208]

C:\Documents and Settings\All Users\Men£ Inicio\Programas\Inicio\
HP Digital Imaging Monitor.lnk - C:\Archivos de programa\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe [2007-03-11 22:26:24 210520]
NkbMonitor.exe.lnk - C:\Archivos de programa\Nikon\PictureProject\NkbMonitor.exe [2007-07-30 20:05:07 118784]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"DisableStatusMessages"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\explorer]
"NoDesktopCleanupWizard"= 1 (0x1)
"ForceClassicControlPanel"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
"NoSMMyPictures"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
"NoResolveSearch"= 1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\cur rentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
"NoSMMyPictures"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
"NoResolveSearch"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
Source= file://C:\Documents and Settings\Administrador\Configuración local\Archivos temporales de Internet\t630194a.bmp
FriendlyName=

[hkey_local_machine\software\microsoft\windows\curr entversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Archivos de programa\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 10:13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"=hex(2):58,50,69,7a,65,5f,4c,6f,67,6f,6e,2 e,65,78,65,00

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2007-04-19 13:41 294912 C:\Archivos de programa\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.iv41"= ir41_32.dll
"VIDC.X264"= x264vfw.dll
"VIDC.3iv2"= 3ivxVfWCodec.dll
"VIDC.MJPG"= Pvmjpg21.dll
"VIDC.PIM1"= pclepim1.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menú Inicio^Programas^Inicio^Adobe Gamma.lnk]

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile]
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Archivos de programa\\MSN Messenger\\msnmsgr.exe"=
"C:\\Archivos de programa\\MSN Messenger\\livecall.exe"=
"C:\\Archivos de programa\\eMule\\emule.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\GloballyOpenPorts\List]
"17961:TCP"= 17961:TCP:BitComet 17961 TCP
"17961:UDP"= 17961:UDP:BitComet 17961 UDP
"13162:TCP"= 13162:TCP:BitComet 13162 TCP
"13162:UDP"= 13162:UDP:BitComet 13162 UDP

R2 BT848;BtCap, WDM Video Capture;C:\WINDOWS\system32\drivers\BT848.SYS [2001-02-03 18:41]
R2 BTTUNER;BtTuner, WDM TV Tuner;C:\WINDOWS\system32\drivers\BTTUNER.SYS [2001-02-03 18:11]
R2 BTXBAR;BtXBar, WDM Crossbar;C:\WINDOWS\system32\drivers\BTXBAR.SYS [2001-02-03 18:11]
R2 DriverX;DriverX;C:\WINDOWS\system32\drivers\Driver X.sys [1997-03-12 14:57]
R2 PfDetNT;PfDetNT;C:\WINDOWS\system32\drivers\PfModN T.sys [2003-03-05 12:19]
R2 UxTuneUp;Ampliación del diseño de TuneUp;C:\WINDOWS\System32\svchost.exe [2004-08-19 15:43]
R3 genmcmnUSB;USB Scroll Mouse Driver;C:\WINDOWS\system32\DRIVERS\gflmouhid.sys [2003-08-07 16:42]
S3 dTVdrvNT;dTVdrvNT;C:\WINDOWS\SYSTEM32\dTVdrvNT.sys []
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Archivos de programa\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 15:18]
S3 MBAMCatchMe;MBAMCatchMe;C:\WINDOWS\system32\driver s\mbamcatchme.sys [2008-06-28 14:16]
S3 usbscan;Controlador de escáner USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 22:58]
S3 USBSTOR;Dispositivo de almacenamiento masivo de datos USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 23:08]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{ebb4740e-7a39-11dc-a7bb-000e509c151d}]
\Shell\AutoRun\command - D:\ShelExec.exe portada_07.pdf

.
Contenido de carpeta 'Tareas Programadas'
"2008-07-07 16:13:00 C:\WINDOWS\Tasks\Comprobar actualizaciones de Windows Live Toolbar.job"
- C:\Archivos de programa\Windows Live Toolbar\MSNTBUP.EXE
"2007-01-21 19:55:09 C:\WINDOWS\Tasks\WebReg 20070121205509.job"
- C:\Archivos de programa\Hewlett-Packard\webreg\bin\hpqwrg.exe
"2008-07-03 19:15:29 C:\WINDOWS\Tasks\WebReg Deskjet D2400 series.job"
- C:\Archivos de programa\Hewlett-Packard\Digital Imaging\bin\hpqwrg.exe
.
************************************************** ************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-07 22:52:07
Windows 5.1.2600 Service Pack 2 NTFS

escaneando procesos ocultos ...

escaneando entradas ocultas de autostart ...

escaneando archivos ocultos ...

el escaneo se completo con exito
archivos ocultos: 0

************************************************** ************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\CTSVCCDA.EXE
C:\Archivos de programa\rnamfler\naofsvc.exe
C:\Archivos de programa\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\drivers\WtSrv.exe
C:\WINDOWS\system32\MsPMSPSv.exe
.
************************************************** ************************
.
Tiempo completado: 2008-07-07 22:53:11 - machine was rebooted
ComboFix-quarantined-files.txt 2008-07-07 20:53:01
ComboFix2.txt 2008-07-06 22:42:33
ComboFix3.txt 2008-07-04 23:34:57
ComboFix4.txt 2008-07-03 16:22:36

26 dirs 7,504,109,568 bytes libres
26 dirs 7,497,457,664 bytes libres

417 --- E O F --- 2008-06-20 18:14:27


REPORTER DE MBAN

Malwarebytes' Anti-Malware 1.19
Versión de la Base de Datos: 930
Windows 5.1.2600 Service Pack 2

23:46:22 07/07/2008
mbam-log-7-7-2008 (23-46-22).txt

Tipo de examen : Examen Completo (C:\|J:\|)
Objetos examinados: 135304
Tiempo transcurrido: 39 minute(s), 12 second(s)

Procesos en Memoria Infectados: 1
Módulos en Memoria Infectados: 0
Claves del Registro Infectadas: 1
Valores del Registro Infectados: 1
Elementos de Datos del Registro Infectados: 0
Carpetas Infectadas: 2
Ficheros Infectados: 19

Procesos en Memoria Infectados:
C:\WINDOWS\system32\drivers\downld\81640.exe (Trojan.Agent) -> Unloaded process successfully.

Módulos en Memoria Infectados:
(No se han detectado elementos maliciosos)

Claves del Registro Infectadas:
\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninsta ll\revo uninstaller (Rogue.Installer) -> Quarantined and deleted successfully.

Valores del Registro Infectados:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run\mule_st_key (Trojan.Agent) -> Delete on reboot.

Elementos de Datos del Registro Infectados:
(No se han detectado elementos maliciosos)

Carpetas Infectadas:
C:\WINDOWS\system32\drivers\downld (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrador\Datos de programa\m (Trojan.Agent) -> Delete on reboot.

Ficheros Infectados:
C:\Archivos de programa\VS Revo Group\Revo Uninstaller\uninst.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\103500.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\114296.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\121812.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\193437.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\222187.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\240406.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\81640.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\83343.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\95484.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\98625.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrador\Datos de programa\m\data.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrador\Datos de programa\m\list.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrador\Datos de programa\m\srvlist.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\srosa.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mdelk.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wintems.exe (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\drivers\hldrrr.exe (Rootkit.Agent) -> Delete on reboot.
C:\Documents and Settings\Administrador\Datos de programa\m\flec006.exe (Trojan.Agent) -> Delete on reboot.

Hola,

Sigues sin realiza bien los pasos, por favor realice las indicaciones tal y como aqui se describen, de lo contrario, solo es perder el tiempo de ambos.

Por favor ejecute bien el Paso de CFScript

En el encabezado, combofix, no muestra que haya iniciado desde CFScript

Mira en este encabezado, combofix, muestra que esta siendo ejecutado desde CFScript.txt

y en tu reporte eso no sale, por favor realice bien los pasos.

Ahora copia y pega estos archivos dentro del bloc de notas

3.- Graba este archivo con el nombre CFScript.txt

4.- Arrastra y soltar el archivo CFScript.txt dentro del archivo ComboFix.exe como lo muestra la animación de abajo. Esto activara ComboFix nuevamente.

<<< Mire la imagen, para que pueda ver la fusion de Combofix y CFScript.txt

Reinicia y nos contas los resultados. junto con un nuevo reporte de ComboFix.[/indent]