Foro de InfoSpyware - Foro de Hijackthis - Foro de Virus

Hola de antemano le doy la gracias por la ayuda
el internet y el ordenador va muy lento ultimamente
pero hace una semana no tenia ese tipo de problemas :S AYUDA Y_Y


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:47:35, on 2009/07/21
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Winamp Remote\bin\orbtray.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\sony\VAIO Camera Utility\VCUServe.exe
C:\Program Files\sony\ISB Utility\ISBMgr.exe
C:\Program Files\Winamp Remote\bin\Orb.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Common Files\aol\1218996978\ee\aolsoftware.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

O1 - Hosts: ::1 localhost
O1 - Hosts: 89.163.145.210 l2authd.lineage2.com
O1 - Hosts: 216.107.250.194 nprotect.lineage2.com
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Aplicacion auxiliar de inicio de sesion - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - (no file)
O2 - BHO: Megaupload Toolbar - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\s wg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Mega Manager IE Click Monitor - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - (no file)
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: Megaupload Toolbar - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [VAIOCameraUtility] "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe"
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [AppMon Utility] "C:\Program Files\Sony\AppMonUtil\AppMonUtility.exe" @@@Start
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [SystemXP1] "C:\WINDOWS\regedit.exe" -s "C:\WINDOWS\system\System\NO\settings.reg"
O4 - HKLM\..\Run: [SystemNT1] "C:\WINDOWS\system\System\FZS\FlashPlayer.exe" /install
O4 - HKLM\..\Run: [SystemNT2] "C:\WINDOWS\system\System\FZS\FlashPlayer.exe" /start
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1218996978\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SystemXP2] C:\WINDOWS\system\System\NO\System.exe
O4 - HKLM\..\Run: [CTFMon] C:\WINDOWS\system\System\ctf\ctfmon.exe /b
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RMTray.exe /H
O4 - HKCU\..\Run: [RunSpySweeperScheduleAtStartup] "C:\Windows\system32\msfeedssync.exe" /ScheduleSweep=User_Feed_Synchronization-{991009DE-73F2-472B-8F4B-10D6DF833633}
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Policies\Explorer\Run: [RegSVR] C:\WINDOWS\regedit.exe -s C:\WINDOWS\system\System\NO\sys.reg
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Startup: Recorte de pantalla e Inicio rapido de OneNote 2007.lnk
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Descargar con IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Descargar con IDM el contenido de video FLV - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Descargar con IDM todos los enlaces - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Enlace de descarga usando Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O9 - Extra button: Agregar entrada - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Agregar entrada en Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Seleccion inteligente de HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O13 - Gopher Prefix:
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/spanish/kavwebscan_unicode.cab
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/es-es/wlscctrl2.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{5E1F75D3-7843-4CFC-BBAD-016D0F207797}: NameServer = 80.58.61.250,80.58.61.254
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~4\GoogleDesktopNetwork3. dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - C:\WINDOWS\system\System\FZS\FlashPlayer.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\MSCSPTISRV.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AvLib\PACSPTISVR.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\SSScsiSV.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Windows\system32\stacsv.exe
O23 - Service: SupportSoft RemoteAssist - Unknown owner - C:\Program Files\Common Files\supportsoft\bin\ssrc.exe (file missing)
O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
O23 - Service: TOSHIBA Bluetooth Service - Unknown owner - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (file missing)
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardware ResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\UCLS.exe
O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 17951 bytes

Hola, sigue estos pasos:

Cierra todos los programas, ejecuta HijackThis y dale "FIX Cheked" a estas entradas:

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - (no file)

O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - (no file)

O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - (no file)

O4 - HKLM\..\Run: [SystemXP2] C:\WINDOWS\system\System\NO\System.exe

O4 - HKCU\..\Policies\Explorer\Run: [RegSVR] C:\WINDOWS\regedit.exe -s C:\WINDOWS\system\System\NO\sys.reg


Descarga, actualiza y ejecuta el programa:

• Malwarebyte’s AntiMalwares

Descarga CCleaner y ejecútalo usando primero su opción de "Limpiador" para borrar cookies, temporales de Internet y todos los archivos que este te muestre como obsoletos, y luego usa su opción de "Registro" para limpiar todo el registro de Windows (haciendo copia de seguridad).

- Descarga la herramienta ComboFix.exe y guárdala en el escritorio.

• Desactiva temporalmente el Antivirus y/o Antispyware.
• Cierra todas las ventanas abiertas.
• Haz doble clic al archivo ComboFix.exe y sigue las instrucciones.
• Cuando termine, generará un registro en C:\ComboFix.txt.
  • *Nota* Mientras CF este trabajando no mover el mouse ya que pararía su proceso.
  • *Nota* ComboFix puede reiniciar automáticamente el PC para completar el proceso de eliminación.

• Reinicia y pega el reporte de C:\ComboFix.txt en este mismo mensaje.

Saludos

Perdona no aver respondido antes
aka esta el log de combofix
el internet me va bien ahora :)))))
pero ahora tengo otro problema despues de pasar combofix
se reinicio todo bien pero al ejecutar cualquier programa
me sale un mensaje

C:\Program Files\Winamp\winamp.exe
Itento de operacion ilegal de una clave del registro que estaba marcada para su eliminacion

la unica forma de ejecutar es ejecutando como administrador T_T

ComboFix 09-08-24.06 - Usuario 25/08/2009 12:10.3.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.34.3082.18.2046.1035 [GMT 2:00]
Running from: c:\users\Usuario\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\Usuario\ntuser.dat{e8e9e011-0119-11de-bd9f-0013a9e2f3cb}.TMContainer00000000000000000001.regt rans-ms . . . . failed to delete
c:\windows\ServiceProfiles\LocalService\NTUSER.DAT {3a539869-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regt rans-ms . . . . failed to delete
.
---- Previous Run -------
.
c:\users\Default\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regt rans-ms
c:\users\Usuario\Documents\cc_20090724_142103.reg
c:\users\Usuario\ntuser.dat{0ca464af-e7ba-11dc-838f-0013a9e2f3cb}.TMContainer00000000000000000001.regt rans-ms
c:\users\Usuario\ntuser.dat{38fa59c9-ec52-11dc-8ffb-001b77495a10}.TMContainer00000000000000000001.regt rans-ms
c:\users\Usuario\ntuser.dat{3a539870-6a70-11db-887c-d362bd253390}.TxR.0.regtrans-ms
c:\users\Usuario\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regt rans-ms
c:\users\Usuario\ntuser.dat{4226c247-00c8-11de-bf37-0013a9e2f3cb}.TMContainer00000000000000000001.regt rans-ms
c:\users\Usuario\ntuser.dat{7aba6ad2-3de0-11dd-b333-0013a9e2f3cb}.TMContainer00000000000000000001.regt rans-ms
c:\users\Usuario\ntuser.dat{c169ab73-9d0a-11dd-9896-0013a9e2f3cb}.TMContainer00000000000000000001.regt rans-ms
c:\windows\ServiceProfiles\NetworkService\NTUSER.D AT{3a539865-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regt rans-ms
c:\windows\system32\config\systemprofile\ntuser.da t{f83b2f66-0f50-11dc-80ef-806e6f6e6963}.TMContainer00000000000000000001.regt rans-ms
c:\users\Usuario\ntuser.dat{e8e9e011-0119-11de-bd9f-0013a9e2f3cb}.TMContainer00000000000000000001.regt rans-ms . . . . failed to delete
c:\windows\ServiceProfiles\LocalService\NTUSER.DAT {3a539869-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regt rans-ms . . . . failed to delete

.
((((((((((((((((((((((((( Files Created from 2009-07-25 to 2009-08-25 )))))))))))))))))))))))))))))))
.

2009-08-25 10:18 . 2009-08-25 10:18 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-08-24 17:19 . 2009-08-03 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-08-24 17:19 . 2009-08-24 17:19 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-08-24 17:19 . 2009-08-03 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-08-17 19:52 . 2009-06-15 15:21 499712 ----a-w- c:\windows\system32\kerberos.dll
2009-08-17 19:52 . 2009-06-15 15:24 175104 ----a-w- c:\windows\system32\wdigest.dll
2009-08-17 19:52 . 2009-06-15 15:22 213504 ----a-w- c:\windows\system32\msv1_0.dll
2009-08-17 19:52 . 2009-06-15 15:24 270848 ----a-w- c:\windows\system32\schannel.dll
2009-08-17 19:52 . 2009-06-15 15:23 1256448 ----a-w- c:\windows\system32\lsasrv.dll
2009-08-17 19:52 . 2009-06-15 18:20 439896 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-08-17 19:52 . 2009-06-15 15:24 72704 ----a-w- c:\windows\system32\secur32.dll
2009-08-17 19:52 . 2009-06-15 12:57 9728 ----a-w- c:\windows\system32\lsass.exe
2009-08-12 16:26 . 2009-07-17 14:35 71680 ----a-w- c:\windows\system32\atl.dll
2009-08-12 16:26 . 2009-06-10 12:12 160256 ----a-w- c:\windows\system32\wkssvc.dll
2009-08-12 16:26 . 2009-06-04 12:34 2066432 ----a-w- c:\windows\system32\mstscax.dll
2009-08-12 16:26 . 2009-06-10 12:07 91136 ----a-w- c:\windows\system32\avifil32.dll
2009-08-12 16:26 . 2009-06-10 11:45 206336 ----a-w- c:\windows\system32\telnet.exe
2009-08-12 16:26 . 2009-07-14 13:00 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2009-08-12 16:26 . 2009-07-14 12:58 7680 ----a-w- c:\windows\system32\spwmp.dll
2009-08-12 16:26 . 2009-07-14 12:59 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-08-12 16:26 . 2009-07-14 10:59 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-08-08 19:07 . 2009-08-08 19:07 -------- d-----w- c:\program files\XP Codec Pack
2009-08-08 15:05 . 2009-08-08 15:06 -------- d-----w- c:\windows\system32\Adobe
2009-08-07 23:09 . 2009-08-07 23:10 -------- d-----w- c:\program files\Ares
2009-08-07 11:07 . 2007-12-26 15:30 679936 ----a-w- c:\windows\system32\D3DX81ab.dll
2009-08-07 11:07 . 2007-12-26 15:30 1970176 ----a-w- c:\windows\system32\d3dx9.dll
2009-08-07 11:07 . 2009-08-24 15:24 -------- d-----w- c:\program files\Cheat Engine
2009-08-02 14:04 . 2009-08-02 14:04 -------- d-----w- c:\program files\Servers-Extreme
2009-08-02 09:27 . 2009-08-02 09:27 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-07-30 18:58 . 2009-08-02 09:36 -------- d-----w- c:\users\Usuario\AppData\Roaming\Easy Macro Recorder
2009-07-30 18:58 . 2009-07-30 21:32 -------- d-----w- c:\program files\Easy Macro Recorder

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2009-08-25 10:25 . 2009-03-13 12:35 -------- d-----w- c:\programdata\Kaspersky Lab
2009-08-25 10:25 . 2008-07-15 02:39 -------- d-----w- c:\users\Usuario\AppData\Roaming\DMCache
2009-08-25 09:36 . 2007-08-13 16:13 57333 ----a-w- c:\users\Usuario\AppData\Roaming\nvModes.dat
2009-08-24 17:47 . 2009-07-15 02:48 -------- d-----w- c:\users\Usuario\AppData\Roaming\Winamp
2009-08-19 10:53 . 2009-03-13 04:34 -------- d-----w- c:\users\Usuario\AppData\Roaming\IDM
2009-08-19 09:28 . 2007-08-13 16:14 1356 ----a-w- c:\users\Usuario\AppData\Local\d3d9caps.dat
2009-08-18 20:22 . 2008-10-12 12:04 -------- d-----w- c:\program files\Warcraft III
2009-08-18 20:18 . 2008-10-12 12:06 104398 ----a-w- c:\windows\War3Unin.dat
2009-08-18 19:59 . 2008-10-12 00:06 -------- d-----w- c:\program files\Garena
2009-08-13 01:07 . 2008-08-06 21:11 -------- d-----w- c:\programdata\Microsoft Help
2009-08-13 01:06 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-08-03 02:23 . 2008-05-16 16:39 -------- d-----w- c:\program files\Microsoft Silverlight
2009-08-02 14:04 . 2007-05-31 09:27 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-08-02 09:36 . 2008-10-09 08:10 -------- d-----w- c:\users\Usuario\AppData\Roaming\DAEMON Tools
2009-08-02 09:28 . 2008-09-08 16:47 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2009-07-24 13:32 . 2009-07-01 17:07 -------- d-----w- c:\program files\TeamViewer
2009-07-24 13:12 . 2009-07-24 13:12 117760 ----a-w- c:\users\Usuario\AppData\Roaming\SUPERAntiSpyware. com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-07-24 13:11 . 2009-07-16 01:13 -------- d-----w- c:\users\Usuario\AppData\Roaming\SUPERAntiSpyware. com
2009-07-24 12:42 . 2009-07-24 12:42 932368 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\profiles-1-6.dll
2009-07-24 12:42 . 2009-07-24 12:42 678416 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\content_interpreter-1-1.dll
2009-07-24 12:42 . 2009-07-24 12:42 604688 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\gsg-3-9.dll
2009-07-24 12:42 . 2009-07-24 12:42 522768 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\database-1-5.dll
2009-07-24 12:42 . 2009-07-24 12:42 1096208 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\filtration-4-6.dll
2009-07-24 12:40 . 2009-05-24 13:30 128016 ----a-w- c:\windows\system32\drivers\kl1.sys
2009-07-24 12:40 . 2009-07-24 12:40 280592 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav9exec\9.0.0.45 9\sys\i386\6.0\klif.sys
2009-07-24 12:40 . 2009-07-24 12:40 128016 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav9exec\9.0.0.45 9\sys\i386\kl1.sys
2009-07-24 12:39 . 2009-07-24 12:39 280592 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.4 59\sys\i386\6.0\klif.sys
2009-07-24 12:39 . 2009-07-24 12:39 128016 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.4 59\sys\i386\kl1.sys
2009-07-24 12:35 . 2009-07-24 12:35 604140 --sha-w- c:\windows\system32\drivers\ISwift3(35).dat
2009-07-24 12:35 . 2009-07-24 12:35 604140 ------w- c:\windows\system32\drivers\ISwift3.dat
2009-07-24 12:32 . 2009-07-24 12:32 94643 ----a-w- c:\windows\system32\drivers\klick.dat
2009-07-24 12:32 . 2009-07-24 12:32 105395 ----a-w- c:\windows\system32\drivers\klin.dat
2009-07-24 12:30 . 2009-07-24 12:30 -------- d-----w- c:\program files\Kaspersky Lab
2009-07-24 12:26 . 2008-08-24 22:03 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files
2009-07-24 04:36 . 2007-08-13 16:14 87760 ----a-w- c:\users\Usuario\AppData\Local\GDIPFONTCACHEV1.DAT
2009-07-23 19:06 . 2006-11-02 15:46 768974 ----a-w- c:\windows\system32\perfh00A.dat
2009-07-23 19:06 . 2006-11-02 15:46 172492 ----a-w- c:\windows\system32\perfc00A.dat
2009-07-23 18:37 . 2009-07-23 18:37 1048576 ----a-w- c:\users\Usuario\AppData\Roaming\Mozilla\Firefox\P rofiles\a539qhw3.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll
2009-07-23 18:37 . 2008-12-05 15:36 -------- d-----w- c:\program files\BitComet
2009-07-21 21:52 . 2009-07-28 19:40 915456 ----a-w- c:\windows\system32\wininet.dll
2009-07-21 21:47 . 2009-07-28 19:40 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-07-21 21:47 . 2009-07-28 19:40 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-07-21 20:13 . 2009-07-28 19:40 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-07-20 17:46 . 2009-07-20 17:23 -------- d-----w- c:\program files\Internet Download Manager
2009-07-20 17:30 . 2009-07-20 17:29 198064 ----a-w- c:\users\Usuario\AppData\Roaming\IDM\idmmzcc3\comp onents\idmmzcc.dll
2009-07-20 08:28 . 2009-07-20 00:40 -------- d-----w- c:\program files\Navilog1
2009-07-20 00:32 . 2009-07-20 00:32 3262 ----a-r- c:\users\Usuario\AppData\Roaming\Microsoft\Install er\{844BA2BE-8CCD-4E69-8C8A-2CEA5AD85825}\NewShortcut11_776E981CC61C40E9A1D5FD A2623B812D.exe
2009-07-20 00:32 . 2009-07-20 00:32 3262 ----a-r- c:\users\Usuario\AppData\Roaming\Microsoft\Install er\{844BA2BE-8CCD-4E69-8C8A-2CEA5AD85825}\NewShortcut1_776E981CC61C40E9A1D5FDA 2623B812D.exe
2009-07-19 14:57 . 2008-10-12 01:56 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-07-19 14:49 . 2009-07-16 21:31 -------- d-----w- c:\program files\Lavasoft
2009-07-19 14:49 . 2008-10-12 01:57 -------- d-----w- c:\programdata\Lavasoft
2009-07-19 11:16 . 2009-07-19 11:16 -------- d-----w- c:\program files\Common Files\xing shared
2009-07-19 11:16 . 2008-01-27 20:26 -------- d-----w- c:\program files\Common Files\Real
2009-07-19 11:15 . 2009-07-19 11:15 -------- d-----w- c:\program files\Real
2009-07-18 00:51 . 2009-07-16 10:57 -------- d-----w- c:\programdata\EmailNotifier
2009-07-16 21:47 . 2009-07-16 21:45 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-07-16 21:45 . 2008-04-03 20:37 -------- d-----w- c:\program files\DivX
2009-07-16 21:44 . 2008-04-03 20:39 -------- d-----w- c:\users\Usuario\AppData\Roaming\DivX
2009-07-16 14:45 . 2009-07-16 14:45 -------- d-----w- c:\program files\Trend Micro
2009-07-15 03:18 . 2009-02-13 18:48 -------- d-----w- c:\program files\7-Zip
2009-07-15 03:16 . 2009-07-14 04:31 -------- d-----w- c:\program files\Common Files\DivX Shared
2009-07-15 03:08 . 2007-09-24 16:57 -------- d-----w- c:\program files\CCleaner
2009-07-15 02:51 . 2008-07-03 03:08 -------- d-----w- c:\program files\Winamp
2009-07-15 02:26 . 2008-06-14 10:52 -------- d-----w- c:\program files\Data
2009-07-15 01:58 . 2008-08-17 18:18 -------- d-----w- c:\programdata\Viewpoint
2009-07-15 01:58 . 2008-08-17 18:18 -------- d-----w- c:\program files\Viewpoint
2009-07-14 04:32 . 2008-04-03 20:37 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2009-07-14 04:04 . 2009-07-14 04:05 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-07-14 04:04 . 2007-05-31 14:08 -------- d-----w- c:\program files\Java
2009-07-01 17:07 . 2009-07-01 17:07 -------- d-----w- c:\users\Usuario\AppData\Roaming\TeamViewer
2009-06-15 15:24 . 2009-07-15 13:24 156672 ----a-w- c:\windows\system32\t2embed.dll
2009-06-15 15:20 . 2009-07-15 13:24 72704 ----a-w- c:\windows\system32\fontsub.dll
2009-06-15 15:20 . 2009-07-15 13:24 10240 ----a-w- c:\windows\system32\dciman32.dll
2009-06-15 12:52 . 2009-07-15 13:24 289792 ----a-w- c:\windows\system32\atmfd.dll
2009-06-12 14:39 . 2009-06-12 14:39 456304 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtb3681.tmp.exe
2009-06-08 08:56 . 2009-06-08 08:56 64088 ----a-w- c:\programdata\Kaspersky Lab Setup Files\Kaspersky Internet Security 2010 9.0.0.459\Spanish\setup.exe
2009-05-29 21:37 . 2009-07-16 21:46 205824 ----a-w- c:\windows\system32\xvidvfw.dll
2009-05-29 21:31 . 2009-07-16 21:46 881664 ----a-w- c:\windows\system32\xvidcore.dll
2008-04-30 23:23 . 2008-06-14 10:52 19195 ---ha-w- c:\program files\MuError.log
2008-04-08 23:03 . 2008-06-14 10:52 273 ---ha-w- c:\program files\wansoft.ini
2008-04-08 14:57 . 2008-06-14 10:52 115 ---ha-w- c:\program files\readme.txt
2008-03-08 20:50 . 2008-06-14 10:52 921 ---ha-w- c:\program files\list.inf
2008-03-08 20:50 . 2008-06-14 10:52 10 ---ha-w- c:\program files\patch.log
2008-03-07 08:45 . 2008-06-14 10:52 82 ---ha-w- c:\program files\MainInfo.txt
2008-01-28 15:48 . 2008-06-14 10:52 349 ---ha-w- c:\program files\Mu.ini
2008-01-09 09:54 . 2008-06-14 10:52 364 ---ha-w- c:\program files\MuTest.ini
2007-11-21 15:09 . 2008-06-14 10:56 274625 ---ha-w- c:\program files\GameGuard.des
2007-10-01 08:07 . 2008-06-14 10:52 174 ---ha-w- c:\program files\server.db
2006-02-14 15:10 . 2008-06-14 10:52 329 ---ha-w- c:\program files\MuEng.ini
2005-12-20 13:55 . 2008-06-14 10:52 19423 ---ha-w- c:\program files\wsctlc.log
2003-09-01 13:47 . 2008-06-14 10:52 61531 ---ha-w- c:\program files\npgmup.dll
2003-08-18 08:57 . 2008-06-14 10:52 122940 ---ha-w- c:\program files\MFSvc2.dll
2003-01-03 18:55 . 2008-06-14 10:56 884 ---ha-w- c:\program files\FORMAT.CFG
2002-12-17 08:13 . 2008-06-14 10:52 125952 ---ha-w- c:\program files\NPX.DLL
2002-12-16 16:38 . 2008-06-14 10:52 55296 ---ha-w- c:\program files\npcipher.dll
2002-12-16 16:38 . 2008-06-14 10:52 837 ---ha-w- c:\program files\KOR_LANG.CFG
2002-12-03 18:40 . 2008-06-14 10:52 32768 ---ha-w- c:\program files\npchk.dll
2002-11-28 17:21 . 2008-06-14 10:52 164864 ---ha-w- c:\program files\npupdate0.dll
2002-09-11 08:10 . 2008-06-14 10:52 31744 ---ha-w- c:\program files\NPPSK.DLL
2001-10-23 19:50 . 2008-06-14 10:52 36864 ---ha-w- c:\program files\muplayer.exe
2009-05-13 21:55 . 2009-05-13 21:55 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-13 21:55 . 2009-05-13 21:55 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.

((((((((((((((((((((((((((((( SnapShot_2009-08-25_09.58.50 )))))))))))))))))))))))))))))))))))))))))
.
- 2007-08-13 15:53 . 2009-08-25 09:55 32768 c:\windows\System32\config\systemprofile\AppData\R oaming\Microsoft\Windows\Cookies\index.dat
+ 2007-08-13 15:53 . 2009-08-25 10:20 32768 c:\windows\System32\config\systemprofile\AppData\R oaming\Microsoft\Windows\Cookies\index.dat
+ 2007-08-13 15:53 . 2009-08-25 10:20 49152 c:\windows\System32\config\systemprofile\AppData\L ocal\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2007-08-13 15:53 . 2009-08-25 09:55 49152 c:\windows\System32\config\systemprofile\AppData\L ocal\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2007-08-13 15:53 . 2009-08-25 10:20 16384 c:\windows\System32\config\systemprofile\AppData\L ocal\Microsoft\Windows\History\History.IE5\index.d at
- 2007-08-13 15:53 . 2009-08-25 09:55 16384 c:\windows\System32\config\systemprofile\AppData\L ocal\Microsoft\Windows\History\History.IE5\index.d at
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-03-14 486856]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"RegistryMechanic"="c:\program files\Registry Mechanic\RMTray.exe" [2008-07-03 812952]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2009-05-27 2815408]
"BitComet"="c:\program files\BitComet\BitComet.exe" [2009-06-22 2624824]
"ares"="c:\program files\Ares\Ares.exe" [2009-02-03 1004544]
"WindowsWelcomeCenter"="oobefldr.dll" - c:\windows\System32\oobefldr.dll [2008-01-19 2153472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-03-09 835584]
"VAIOCameraUtility"="c:\program files\Sony\VAIO Camera Utility\VCUServe.exe" [2007-02-07 411768]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2007-04-02 321656]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-02-12 174872]
"AppMon Utility"="c:\program files\Sony\AppMonUtil\AppMonUtility.exe" [2007-04-12 415864]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-09-23 223232]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-07-01 37888]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-01-10 385024]
"HostManager"="c:\program files\Common Files\AOL\1218996978\ee\AOLSoftware.exe" [2006-09-26 50736]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-05-08 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-05-08 8429568]
"NvMediaCenter"="c:\windows\system32\NvMcTray. dll" [2007-05-08 81920]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2007-08-22 80896]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-14 148888]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-07-19 198160]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" [2009-05-25 303376]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2009-08-03 419088]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2007-03-28 4390912]
"Skytel"="Skytel.exe" - c:\windows\SkyTel.exe [2007-03-28 1822720]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]

c:\users\Usuario\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Startup\
Recorte de pantalla e Inicio r*pido de OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696]

c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2007-03-09 07:55 98304 ----a-w- c:\windows\System32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~4\GoogleD esktopNetwork3.dll c:\progra~1\KASPER~1\KASPER~1\mzvkbd.dll c:\progra~1\KASPER~1\KASPER~1\mzvkbd3.dll c:\progra~1\KASPER~1\KASPER~1\kloehk.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\FirewallRules]
"{CA01F986-575B-4C4B-8F91-94CE86F7AA82}"= UDP:c:\program files\Google\Google Talk\googletalk.exe:Google Talk
"{16BCED7C-3690-4375-B58E-E1F6DABDAEAE}"= TCP:c:\program files\Google\Google Talk\googletalk.exe:Google Talk
"{9305DF8A-B85C-47B0-9781-67DAD8C171BB}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{3D6F8A8D-03CA-4DAD-A286-5C2EEF0D72BB}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{A7D885F7-982B-4F21-9BCB-EDCAE2E27884}"= Disabled:UDP:c:\program files\sony\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media
"{5642F5D3-1752-4B09-BB16-B0DA4BD618B4}"= Disabled:TCP:c:\program files\sony\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media
"TCP Query User{8E12636C-A7B5-4BD8-BB52-B62550511C6C}c:\\program files\\softnyx\\gunboundwc\\gunbound.gme"= UDP:c:\program files\softnyx\gunboundwc\gunbound.gme:GunBound
"UDP Query User{822050A4-17CD-4D65-B1CE-8602A3745467}c:\\program files\\softnyx\\gunboundwc\\gunbound.gme"= TCP:c:\program files\softnyx\gunboundwc\gunbound.gme:GunBound
"TCP Query User{49A060DD-095B-4209-925E-C57913B93D61}c:\\program files\\softnyx\\gunboundwc\\gunbound.gme"= UDP:c:\program files\softnyx\gunboundwc\gunbound.gme:GunBound
"UDP Query User{C25B892E-8995-4D9F-9DFC-7697B518DCFD}c:\\program files\\softnyx\\gunboundwc\\gunbound.gme"= TCP:c:\program files\softnyx\gunboundwc\gunbound.gme:GunBound
"TCP Query User{57C44890-4047-4C56-92F4-57F2D48D9194}c:\\program files\\softnyx\\rakion\\bin\\rakion.bin"= UDP:c:\program files\softnyx\rakion\bin\rakion.bin:rakion.bin
"UDP Query User{394A3D9E-C81D-46E4-A930-A5FB0789410F}c:\\program files\\softnyx\\rakion\\bin\\rakion.bin"= TCP:c:\program files\softnyx\rakion\bin\rakion.bin:rakion.bin
"TCP Query User{07C4D74A-47EF-4EF1-B6C7-BFED23CD8E9A}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule
"UDP Query User{439D90FF-B8FC-4C76-85E9-CD7319A889A0}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule
"TCP Query User{6E6B533D-C0F8-4793-BA2F-376CEBA0CB58}c:\\users\\usuario\\desktop\\aimboyd_ cracked_by_thejhorse\\aimboyd.exe"= UDP:c:\users\usuario\desktop\aimboyd_cracked_by_th ejhorse\aimboyd.exe:aimboyd.exe
"UDP Query User{6CF17104-34D2-4025-9C67-EEDBE3DE1E9D}c:\\users\\usuario\\desktop\\aimboyd_ cracked_by_thejhorse\\aimboyd.exe"= TCP:c:\users\usuario\desktop\aimboyd_cracked_by_th ejhorse\aimboyd.exe:aimboyd.exe
"TCP Query User{8ABAA79C-EAD0-4A1A-AA7B-34A01415216F}c:\\users\\usuario\\desktop\\carpeta de descarga\\ggclient.exe"= UDP:c:\users\usuario\desktop\carpeta de descarga\ggclient.exe:ggclient.exe
"UDP Query User{B4A44716-7CB6-4851-8C1A-86783E43BE86}c:\\users\\usuario\\desktop\\carpeta de descarga\\ggclient.exe"= TCP:c:\users\usuario\desktop\carpeta de descarga\ggclient.exe:ggclient.exe
"TCP Query User{D153BD34-36ED-4635-86EE-F50AA4EB72C7}c:\\program files\\softnyx\\gunboundwc\\softnyx\\gunboundwc\\g unbound.gme"= UDP:c:\program files\softnyx\gunboundwc\softnyx\gunboundwc\gunbou nd.gme:GunBound
"UDP Query User{953A3D83-56CB-44DE-98CA-CAF7385F12AF}c:\\program files\\softnyx\\gunboundwc\\softnyx\\gunboundwc\\g unbound.gme"= TCP:c:\program files\softnyx\gunboundwc\softnyx\gunboundwc\gunbou nd.gme:GunBound
"{B415818C-3EDB-4352-BCB8-96A187FEF8C3}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{3BD55D94-6788-4C90-B77A-9614D6A00B77}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{B664705B-FCFD-481F-8188-A878F5E467B8}"= Disabled:UDP:c:\program files\Adobe\Photoshop Elements 5.0\AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server
"{83675418-D07C-49F5-ABB1-3A4B9E2CD98F}"= Disabled:TCP:c:\program files\Adobe\Photoshop Elements 5.0\AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server
"TCP Query User{51F771B1-E03F-46C3-B5D7-22A8940D174F}c:\\program files\\free download manager\\fdm.exe"= UDP:c:\program files\free download manager\fdm.exe:Free Download Manager
"UDP Query User{C5F117E2-D10E-4289-8B01-F8094797DB3E}c:\\program files\\free download manager\\fdm.exe"= TCP:c:\program files\free download manager\fdm.exe:Free Download Manager
"TCP Query User{ABF0B564-FF46-40E9-BB63-74D2006C9EAE}c:\\program files\\live-player\\live-player.exe"= UDP:c:\program files\live-player\live-player.exe:Live-Player
"UDP Query User{46E3013E-0EFB-44B4-A3A5-111A4ADE1BC8}c:\\program files\\live-player\\live-player.exe"= TCP:c:\program files\live-player\live-player.exe:Live-Player
"TCP Query User{7A04E23A-742F-4BE4-8AEA-11DB4C87FD49}c:\\program files\\softnyx\\wolfteam\\wolfteam.bin"= UDP:c:\program files\softnyx\wolfteam\wolfteam.bin:WolfTeam
"UDP Query User{10701D9B-C3B4-4EFC-8865-1E6C4A313F8C}c:\\program files\\softnyx\\wolfteam\\wolfteam.bin"= TCP:c:\program files\softnyx\wolfteam\wolfteam.bin:WolfTeam
"TCP Query User{9CA54CF7-10A8-4D8D-B172-A9DC16033C0D}c:\\program files\\ares\\ares.exe"= UDP:c:\program files\ares\ares.exe:Ares p2p for windows
"UDP Query User{D4820A57-2A1A-49FA-9360-DA842881B19B}c:\\program files\\ares\\ares.exe"= TCP:c:\program files\ares\ares.exe:Ares p2p for windows
"TCP Query User{FF2F9EB1-1F4E-4397-80B0-B2C051448E3B}c:\\users\\usuario\\desktop\\wow-eses-installer-downlor.exe"= UDP:c:\users\usuario\desktop\wow-eses-installer-downlor.exe:wow-eses-installer-downlor.exe
"UDP Query User{BD832145-DDFD-44E6-B180-50DA9E6FD67C}c:\\users\\usuario\\desktop\\wow-eses-installer-downlor.exe"= TCP:c:\users\usuario\desktop\wow-eses-installer-downlor.exe:wow-eses-installer-downlor.exe
"TCP Query User{9298C314-0403-42C2-AB96-52F09B9C27D0}c:\\users\\usuario\\desktop\\carpeta de descarga\\wow-eses-installer-downlor.exe"= UDP:c:\users\usuario\desktop\carpeta de descarga\wow-eses-installer-downlor.exe:wow-eses-installer-downlor.exe
"UDP Query User{B4009032-3747-4EDC-AED1-5A1EE71BE32C}c:\\users\\usuario\\desktop\\carpeta de descarga\\wow-eses-installer-downlor.exe"= TCP:c:\users\usuario\desktop\carpeta de descarga\wow-eses-installer-downlor.exe:wow-eses-installer-downlor.exe
"TCP Query User{6F09D194-5F84-401F-95A1-4D5D901FC339}c:\\users\\usuario\\documents\\downlo ads\\programs\\wow-burningcrusade-eses-ir.exe"= UDP:c:\users\usuario\documents\downloads\programs\ wow-burningcrusade-eses-ir.exe:wow-burningcrusade-eses-ir.exe
"UDP Query User{017E4378-6C43-4D01-9D63-78F54837E784}c:\\users\\usuario\\documents\\downlo ads\\programs\\wow-burningcrusade-eses-ir.exe"= TCP:c:\users\usuario\documents\downloads\programs\ wow-burningcrusade-eses-ir.exe:wow-burningcrusade-eses-ir.exe
"TCP Query User{72335E39-AFE8-4A63-ADC3-DFE971FEA822}c:\\program files\\flashget\\flashget.exe"= UDP:c:\program files\flashget\flashget.exe:FlashGet
"UDP Query User{AD0B0032-47FE-4B76-8A02-7DF4BE418E19}c:\\program files\\flashget\\flashget.exe"= TCP:c:\program files\flashget\flashget.exe:FlashGet
"TCP Query User{4F53050B-3935-4854-AFC2-4D28EFB4FEF9}c:\\program files\\world of warcraft\\repair.exe"= UDP:c:\program files\world of warcraft\repair.exe:Blizzard Repair Utility
"UDP Query User{B50407A9-2AF0-4E12-958E-793F2AB6E46E}c:\\program files\\world of warcraft\\repair.exe"= TCP:c:\program files\world of warcraft\repair.exe:Blizzard Repair Utility
"TCP Query User{DCD7DEF7-9CE7-42D4-B96C-FC5315A09B80}c:\\program files\\live-player\\live-player.exe"= UDP:c:\program files\live-player\live-player.exe:Live-Player
"UDP Query User{E4E2E74D-DA5D-4715-A9D3-4BA97CE98AF9}c:\\program files\\live-player\\live-player.exe"= TCP:c:\program files\live-player\live-player.exe:Live-Player
"TCP Query User{7FABBB89-EAA3-483A-A08A-91FF5440D123}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{680CC6CB-FDE8-4A69-A1A5-92D4C25585BA}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{2AA1CC2B-A831-4A81-963E-D51C4C4EC5CC}c:\\program files\\orbitdownloader\\orbitnet.exe"= UDP:c:\program files\orbitdownloader\orbitnet.exe:P2P service of Orbit Downloader
"UDP Query User{D2C3E97D-9C16-4FA5-8FCC-283065A2B19F}c:\\program files\\orbitdownloader\\orbitnet.exe"= TCP:c:\program files\orbitdownloader\orbitnet.exe:P2P service of Orbit Downloader
"TCP Query User{0AF3656A-973C-480B-9C5C-6CF05EFCC40F}c:\\users\\usuario\\desktop\\carpeta de descarga\\wow-burningcrusade-eses-ir.exe"= UDP:c:\users\usuario\desktop\carpeta de descarga\wow-burningcrusade-eses-ir.exe:wow-burningcrusade-eses-ir.exe
"UDP Query User{1F832053-98D6-40E7-BF4E-4D53A5C096E1}c:\\users\\usuario\\desktop\\carpeta de descarga\\wow-burningcrusade-eses-ir.exe"= TCP:c:\users\usuario\desktop\carpeta de descarga\wow-burningcrusade-eses-ir.exe:wow-burningcrusade-eses-ir.exe
"{D6877CC5-C376-4D71-B9D4-3B62CD090C4F}"= UDP:c:\program files\Common Files\aol\acs\AOLDial.exe:AOL Connectivity Service Dialer
"{2C46FC66-8D4A-43FB-98D3-EA7452B739B5}"= TCP:c:\program files\Common Files\aol\acs\AOLDial.exe:AOL Connectivity Service Dialer
"{C7F27724-D59C-471C-ACA0-D00C2C9C15B4}"= UDP:c:\program files\AOL Latino 9.0 VR\waol.exe:AOL
"{DDC47F74-B9B8-45CE-823E-F163189E6AE9}"= TCP:c:\program files\AOL Latino 9.0 VR\waol.exe:AOL
"{25BF67A6-42C8-4796-BD7E-AC91431DF32C}"= UDP:c:\program files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe:AOL TopSpeed
"{4CE9A119-2F03-48F5-B26F-968DA5A5C8E8}"= TCP:c:\program files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe:AOL TopSpeed
"{BBCDD598-C775-479E-98B3-ACDE887CD473}"= UDP:c:\program files\Common Files\aol\Loader\aolload.exe:AOL Loader
"{4AECA2CD-EC84-4654-9179-C08679B8CCFD}"= TCP:c:\program files\Common Files\aol\Loader\aolload.exe:AOL Loader
"{92BF2312-D8BD-4631-85D4-1202EB99D09C}"= UDP:c:\program files\Common Files\aol\System Information\sinf.exe:AOL System Information
"{51EF952E-54B1-438B-AA44-33A07747653D}"= TCP:c:\program files\Common Files\aol\System Information\sinf.exe:AOL System Information
"{64E8C368-2D07-4FB7-A78C-1B52223B9BE0}"= c:\program files\AVG\AVG8\avgupd.exe:avgupd.exe
"{3CE02F00-0443-4269-8361-33FCD47087A6}"= c:\program files\AVG\AVG8\avgemc.exe:avgemc.exe
"TCP Query User{36DC7A7A-801F-4962-AC04-60731CAA62A1}c:\\programdata\\kaspersky lab setup files\\kaspersky internet security 2009\\english\\setup.exe"= UDP:c:\programdata\kaspersky lab setup files\kaspersky internet security 2009\english\setup.exe:Kaspersky Internet Security 2009 Setup
"UDP Query User{1A1334BF-C308-4AAE-85A7-CE2A9761E665}c:\\programdata\\kaspersky lab setup files\\kaspersky internet security 2009\\english\\setup.exe"= TCP:c:\programdata\kaspersky lab setup files\kaspersky internet security 2009\english\setup.exe:Kaspersky Internet Security 2009 Setup
"TCP Query User{1CC9C465-57B6-4F8C-B421-01AE4B6020A6}c:\\programdata\\kaspersky lab setup files\\kaspersky anti-virus 2009\\english\\setup.exe"= UDP:c:\programdata\kaspersky lab setup files\kaspersky anti-virus 2009\english\setup.exe:Kaspersky Anti-Virus 2009 Setup
"UDP Query User{7ABFBA78-C541-4BC7-A096-90121C70FFC4}c:\\programdata\\kaspersky lab setup files\\kaspersky anti-virus 2009\\english\\setup.exe"= TCP:c:\programdata\kaspersky lab setup files\kaspersky anti-virus 2009\english\setup.exe:Kaspersky Anti-Virus 2009 Setup
"TCP Query User{2DF7C9CB-CF9E-4D41-8779-1899928BBC68}c:\\program files\\common files\\nero\\nero web\\setupx.exe"= Disabled:UDP:c:\program files\common files\nero\nero web\setupx.exe:Nero Installer
"UDP Query User{9F488A83-E796-4A42-8DE7-D7BF6498BAF9}c:\\program files\\common files\\nero\\nero web\\setupx.exe"= Disabled:TCP:c:\program files\common files\nero\nero web\setupx.exe:Nero Installer
"{4FB2DF92-C486-48CB-B9CE-F523AC3BB0E8}"= UDP:58194:Pando P2P TCP Listening Port
"{B5387556-4DC8-4D19-B8A6-C19B938CCD1B}"= TCP:58194:Pando P2P UDP Listening Port
"TCP Query User{7EC0A09B-CAF0-4824-84A3-594ED7DF7D0B}c:\\program files\\veoh networks\\veoh\\veohclient.exe"= UDP:c:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"UDP Query User{B91AFE06-9D31-4723-8686-319BE90C8D18}c:\\program files\\veoh networks\\veoh\\veohclient.exe"= TCP:c:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"TCP Query User{7C07DEFB-478F-4BC7-BACC-863BFED44469}c:\\kav\\kaspersky anti-virus 7.0.1.325\\spanish\\setup.exe"= UDP:c:\kav\kaspersky anti-virus 7.0.1.325\spanish\setup.exe:Kaspersky Anti-Virus 7.0 Instalación
"UDP Query User{4FEF7CE3-6D61-40C5-94EA-8E285CC49019}c:\\kav\\kaspersky anti-virus 7.0.1.325\\spanish\\setup.exe"= TCP:c:\kav\kaspersky anti-virus 7.0.1.325\spanish\setup.exe:Kaspersky Anti-Virus 7.0 Instalación
"{6FE4F622-C778-4854-93A2-834A68A30F2B}"= UDP:c:\program files\DNA\btdna.exe:DNA
"{D4861687-CFE0-4FE7-8D33-D04670E64851}"= TCP:c:\program files\DNA\btdna.exe:DNA
"TCP Query User{0C70FF4B-54DC-449A-A849-5E7AF368DEED}c:\\program files\\dna\\btdna.exe"= UDP:c:\program files\dna\btdna.exe:DNA
"UDP Query User{4CDED434-E9C8-4343-B5F7-54996BC92123}c:\\program files\\dna\\btdna.exe"= TCP:c:\program files\dna\btdna.exe:DNA
"TCP Query User{45156E37-FBF0-43B5-A776-45AAF16D53BE}c:\\users\\usuario\\program files\\dna\\btdna.exe"= UDP:c:\users\usuario\program files\dna\btdna.exe:btdna.exe
"UDP Query User{F0C23D51-273C-4341-91DB-CC431CD6AFDB}c:\\users\\usuario\\program files\\dna\\btdna.exe"= TCP:c:\users\usuario\program files\dna\btdna.exe:btdna.exe
"TCP Query User{506B00A7-84DA-430E-87BE-D014D1863BE3}c:\\users\\usuario\\program files\\dna\\btdna.exe"= UDP:c:\users\usuario\program files\dna\btdna.exe:btdna.exe
"UDP Query User{19177A1B-010F-442B-8F96-A1066E1FD9BE}c:\\users\\usuario\\program files\\dna\\btdna.exe"= TCP:c:\users\usuario\program files\dna\btdna.exe:btdna.exe
"TCP Query User{9A1246FD-E44C-4460-9474-798C45EB4ECC}c:\\program files\\warcraft iii\\war3.exe"= UDP:c:\program files\warcraft iii\war3.exe:war3
"UDP Query User{E71EAC88-0C3D-46F9-95EB-3E0F89479ACE}c:\\program files\\warcraft iii\\war3.exe"= TCP:c:\program files\warcraft iii\war3.exe:war3
"TCP Query User{4E43DBB0-C197-48A9-8B07-0BD9B7D40501}c:\\program files\\hamachi\\hamachi.exe"= UDP:c:\program files\hamachi\hamachi.exe:Hamachi Client
"UDP Query User{064C0E7E-A1B1-450A-9A1C-81F0A6507884}c:\\program files\\hamachi\\hamachi.exe"= TCP:c:\program files\hamachi\hamachi.exe:Hamachi Client
"TCP Query User{511A1502-2990-4B0E-8CD0-18CBA931F77F}c:\\program files\\garena\\garena.exe"= UDP:c:\program files\garena\garena.exe:Garena
"UDP Query User{C6E6DF5F-F76C-421D-99A3-6BB53243D921}c:\\program files\\garena\\garena.exe"= TCP:c:\program files\garena\garena.exe:Garena
"TCP Query User{ECE98D2B-7BBA-4163-BC31-06A62084ACE7}c:\\program files\\warcraft iii\\war3.exe"= UDP:c:\program files\warcraft iii\war3.exe:Warcraft III
"UDP Query User{564C8619-38D5-40C4-BAA9-EA798B393C57}c:\\program files\\warcraft iii\\war3.exe"= TCP:c:\program files\warcraft iii\war3.exe:Warcraft III
"TCP Query User{B0D9014E-F3BB-4CDA-BC09-E5DECAF903BA}c:\\program files\\garena\\garena.exe"= UDP:c:\program files\garena\garena.exe:Garena
"UDP Query User{F8CF5070-E3CE-4FFE-BF79-F896CA8FB7A3}c:\\program files\\garena\\garena.exe"= TCP:c:\program files\garena\garena.exe:Garena
"{8BA2BA3D-2987-40EC-B6D8-1371C7DE38FF}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpqtra08.exe:hpqtra08.exe
"{7FDC230B-2F46-4C99-BFFA-0DBF7F9F4CAD}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpqtra08.exe:hpqtra08.exe
"{534BFA55-156E-4843-B8DB-AEC73029D812}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpqste08.exe:hpqste08.exe
"{177B351A-932B-432A-AE70-6755831C21B1}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpqste08.exe:hpqste08.exe
"{B612517E-54DE-4BEE-B30C-3C54608C16DA}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpofxm08.exe:hpofxm08.exe
"{82AAF001-CFD3-4F6B-8FED-BAD8007919EE}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpofxm08.exe:hpofxm08.exe
"{A6FEE3FC-88EA-423B-9B5E-711D81B7905F}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hposfx08.exe:hposfx08.exe
"{6A01DFEE-1C36-4CB7-850F-01BEE5881E63}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hposfx08.exe:hposfx08.exe
"{4A9E3401-0D67-42E9-B95F-0CD7DF9F500A}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hposid01.exe:hposid01.exe
"{9C8A39F3-CB04-4A1D-BB6C-5B6A93ABD583}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hposid01.exe:hposid01.exe
"{802C43DD-2BCE-4B13-A4B4-0CB56E0B2512}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpzwiz01.exe:hpzwiz01.exe
"{0CF90C57-9518-4D1F-A87F-FF25604ED7D5}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpzwiz01.exe:hpzwiz01.exe
"{D013BA82-B2FB-4883-9E84-C3535EF2B982}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpoews01.exe:hpoews01.exe
"{10FE8534-51ED-4B5B-BCCD-F6226F55CDC9}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpoews01.exe:hpoews01.exe
"{AAF2A9E4-659A-464C-ACA8-0C58521FC65A}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpiscnapp.exe:hpiscnapp.exe
"{3BE04FDF-1B87-4F7B-9463-981C2B887054}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpiscnapp.exe:hpiscnapp.exe
"{16DDC27D-33EB-485E-A1B1-FBC7646036E6}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpqkygrp.exe:hpqkygrp.exe
"{4A8650FF-9C64-48DC-825D-8E99C6E3F4A4}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpqkygrp.exe:hpqkygrp.exe
"TCP Query User{74EFDD05-D25F-48D1-B63C-8C1A4F7B2CD8}c:\\program files\\bitcomet\\bitcomet.exe"= UDP:c:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"UDP Query User{84153714-8F9D-40FB-B938-6A8CB09932E8}c:\\program files\\bitcomet\\bitcomet.exe"= TCP:c:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"{ABF38EC6-97F7-469F-9F14-9E8C0D83CC35}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{FCD7E43A-E4DD-45A4-A9FD-227AA201E025}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{51A750EF-76CD-4D28-9436-9CD9D931EF36}"= UDP:c:\program files\Common Files\aol\acs\AOLacsd.exe:AOL Connectivity Service
"{1307A6B8-E588-49DA-9736-9F05936C2BD0}"= TCP:c:\program files\Common Files\aol\acs\AOLacsd.exe:AOL Connectivity Service
"TCP Query User{E77F89B8-E7E6-4831-8D23-A3ED95332C90}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule
"UDP Query User{27325FB0-7671-467B-92BF-C26A8B34BAD0}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule
"{7377346C-7C8D-43C2-B16A-1B639C487628}"= UDP:c:\archivos de programa\Mu Dojo Season 4\LauncherMuSeason4.exe:LauncherMuSeason4
"{D3DE6E04-56E7-450E-B10C-F3E9B5646E8F}"= TCP:c:\archivos de programa\Mu Dojo Season 4\LauncherMuSeason4.exe:LauncherMuSeason4
"{2E1725E2-6996-4D5B-B944-24E99EAAB1F5}"= UDP:c:\program files\Winamp Remote\bin\Orb.exe:Orb
"{E4710C18-2CBB-4844-AB60-B82606B3C01A}"= TCP:c:\program files\Winamp Remote\bin\Orb.exe:Orb
"{E15AD713-E71A-47A6-BF5B-D23AE6BD1196}"= UDP:c:\program files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{CCBC7A2E-5A19-4831-9BD8-38253A576099}"= TCP:c:\program files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{4D74FE51-5F4A-4872-9914-A4A7594A91CE}"= UDP:c:\program files\Winamp Remote\bin\OrbIR.exe:OrbIR
"{45585F23-8827-42EE-8D3A-1BE7D70FFA9C}"= TCP:c:\program files\Winamp Remote\bin\OrbIR.exe:OrbIR
"{1F991911-4663-43D8-8DC8-7CF25932AD7E}"= UDP:c:\program files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"{080FF5F5-8808-4575-96AF-883204D3EB93}"= TCP:c:\program files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"{E1127840-BC71-46EC-98AB-B5CC4EC75A0A}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\PublicProfile]
"DoNotAllowExceptions"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\StandardProfile]
"EnableFirewall"= 0 (0x0)
"DoNotAllowExceptions"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\StandardProfile\GloballyOpenPorts\List]
"6112:UDP"= 6112:UDP:*:Enabled:war udp
"6112:TCP"= 6112:TCP:*:Enabled:war tcp

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\System32\drivers\klbg.sys [15/12/2008 20:41 33808]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\System32\drivers\klim6.sys [15/05/2009 18:50 21008]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [24/08/2009 19:19 232720]
R2 MSSQL$VAIO_VEDB;SQL Server (VAIO_VEDB);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [24/11/2008 23:31 29263712]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\System32\drivers\klmouflt.sys [16/05/2009 20:59 19472]
R3 MBAMProtector;MBAMProtector;c:\windows\System32\dr ivers\mbam.sys [24/08/2009 19:19 19096]
R3 R5U870FLx86;R5U870 UVC Lower Filter ;c:\windows\System32\drivers\R5U870FLx86.sys [31/05/2007 20:27 73472]
R3 R5U870FUx86;R5U870 UVC Upper Filter ;c:\windows\System32\drivers\R5U870FUx86.sys [31/05/2007 20:27 43904]
R3 SonyImgF;Sony Image Conversion Filter Driver;c:\windows\System32\drivers\SonyImgF.sys [31/05/2007 20:27 31104]
R3 ti21sony;ti21sony;c:\windows\System32\drivers\ti21 sony.sys [31/05/2007 20:27 807424]
S3 AVerM115S;AVerM115S service;c:\windows\System32\drivers\AVerM115S.sys [31/05/2007 11:35 785280]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;c:\program files\sony\VAIO Media Integrated Server\UCLS.exe [12/06/2007 21:06 745472]
S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);c:\program files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [12/06/2007 21:06 397312]
S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);c:\program files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [12/06/2007 21:06 1089536]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSe tup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-08-25 c:\windows\Tasks\Comprobar actualizaciones de Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 10:20]

2009-08-24 c:\windows\Tasks\Malwarebytes' Scheduled Scan for Usuario.job
- c:\program files\Malwarebytes' Anti-Malware\mbam.exe [2009-08-24 11:36]

2009-08-24 c:\windows\Tasks\Malwarebytes' Scheduled Update for Usuario.job
- c:\program files\Malwarebytes' Anti-Malware\mbam.exe [2009-08-24 11:36]

2009-08-25 c:\windows\Tasks\User_Feed_Synchronization-{991009DE-73F2-472B-8F4B-10D6DF833633}.job
- c:\windows\system32\msfeedssync.exe [2009-07-28 20:13]
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{A057A204-BACC-4D26-C39E-35F1D2A32EC8} - (no file)
ShellExecuteHooks-{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - (no file)


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.es/webhp?sourceid=navclient&hl=es&ie=UTF-8
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &D&escargue &con BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: &D&escargue todo con BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: &D&escargue todos los v?eos con BitComet
IE: &D&escargue todos los videos con BitComet
IE: &D&escargue todos los vu?eos con BitComet
IE: &D&escargue todos los vídeos con BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: &D&escargue todos los vú�eos con BitComet
IE: &D&escargue todos los v?eos con BitComet
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: ????? BitComet ?????????
IE: ??????? BitComet ???????
IE: ???????? BitComet ?????????
IE: ?????A?I???d BitComet ?A?_?E?·??[?h
IE: ?????A?I???·N?d BitComet ?A?_?E?·??[?h???e
IE: ???·N?a?d BitComet ?A?_?E?·??[?h???e
IE: ???“?N?a?d BitComet ?A?_?E?“???[?h?·?e
IE: ???“?N?a?d BitComet ?A?_?E?“???[?h?·?e
IE: ???·N?a?d BitComet ?A?_?E?·??[?h???e
IE: ?·?×?A?I???“?N?d BitComet ?A?_?E?“???[?h?·?e
IE: ?·?×?A?I“R‰a?d BitComet ?A?_?E?“???[?h
IE: ?·?×?A?I???“?N?d BitComet ?A?_?E?“???[?h?·?e
IE: ?·?×?A?I“R‰a?d BitComet ?A?_?E?“???[?h
IE: ?????A?I???·N?d BitComet ?A?_?E?·??[?h???e
IE: ?????A?I???d BitComet ?A?_?E?·??[?h
IE: Agregar al componente Anti-Banners - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
IE: Append to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Descargar con IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: Descargar con IDM el contenido de video FLV - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Descargar con IDM todos los enlaces - c:\program files\Internet Download Manager\IEGetAll.htm
IE: E&xportar a Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Enlace de descarga usando Mega Manager... - c:\program files\Megaupload\Mega Manager\mm_file.htm
IE: ƒŠƒ“ƒN�æ‚ð BitComet ‚Ń_ƒEƒ“ƒ��[ƒh‚·‚é
IE: ‚·‚ׂẴŠƒ“ƒN‚ð BitComet ‚Ń_ƒEƒ“ƒ��[ƒh‚·‚é
IE: ‚·‚ׂĂ̓®‰æ‚ð BitComet ‚Ń_ƒEƒ“ƒ��[ƒh
IE: ???????? BitComet ?????????
IE: ??????? BitComet ???????
IE: ????? BitComet ?????????
TCP: {5E1F75D3-7843-4CFC-BBAD-016D0F207797} = 80.58.61.250,80.58.61.254
DPF: {6696704F-23E1-461B-8168-33CA1B298E76} - hxxps://www.telefonicaonline.com/on/io/es/servicios/seguridad_total/pack/asps/aspsv2.cab
FF - ProfilePath - c:\users\Usuario\AppData\Roaming\Mozilla\Firefox\P rofiles\a539qhw3.default\
FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7& query=
FF - prefs.js: browser.search.selectedEngine - Winamp Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.es
FF - prefs.js: keyword.URL - hxxp://es.search.yahoo.com/search?ei=utf-8&fr=megaup&p=
FF - prefs.js: network.proxy.type - 1
FF - component: c:\program files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\compone nts\KavLinkFilter.dll
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\npr pbrowserrecordplugin.dll
FF - component: c:\users\Usuario\AppData\Roaming\IDM\idmmzcc3\comp onents\idmmzcc.dll
FF - component: c:\users\Usuario\AppData\Roaming\Mozilla\Firefox\P rofiles\a539qhw3.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll
FF - component: c:\users\Usuario\AppData\Roaming\Mozilla\Firefox\P rofiles\a539qhw3.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Media Player\npViewpoint.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.

************************************************** ************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-25 12:23
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


c:\users\Usuario\AppData\Local\Temp\catchme.dll 53248 bytes executable

scan completed successfully
hidden files: 1

************************************************** ************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\G arenaPEngine]
"ImagePath"="\??\c:\users\Usuario\AppData\Local\Te mp\GGH8602.tmp"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\n pggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1429089320-3222302646-668535661-1003_Classes\CLSID\{4892aea6-e45e-4149-b5f7-2d907879cf9d}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:00000045
"Therad"=dword:0000001f
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5 ,9f,6a,96,3e,ab,de,c5,81,26,
38,95,44,85,b1,12,f9,90,dd,23,a1,b0,b3,87,fd,a1,d9 ,48,02,31,be,31,2f,c6,b5,\

[HKEY_USERS\S-1-5-21-1429089320-3222302646-668535661-1003_Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):47,7e,22,49,16,52,4c,04,6c,94,5a,7 e,87,9f,d2,fb,b2,ab,6e,6d,65,
79,8a,52,38,60,74,97,d6,2f,f3,29,a8,a1,71,6e,f8,ed ,68,c3,00,00,00,00,00,00,\

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Cl ass\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000a0
.
------------------------ Other Running Processes ------------------------
.
c:\windows\System32\audiodg.exe
c:\program files\sony\VAIO Update 3\VAIOUpdt.exe
c:\program files\sony\Wireless Switch Setting Utility\Switcher.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\windows\System32\stacsv.exe
c:\program files\sony\VAIO Event Service\VESMgr.exe
c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
c:\windows\System32\drivers\XAudio.exe
c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
c:\program files\sony\VAIO Event Service\VESMgrSub.exe
c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
c:\program files\sony\VAIO Power Management\SPMgr.exe
c:\windows\System32\wbem\unsecapp.exe
c:\windows\System32\rundll32.exe
c:\windows\System32\rundll32.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\Internet Download Manager\IEMonitor.exe
c:\windows\servicing\TrustedInstaller.exe
.
************************************************** ************************
.
Completion time: 2009-08-25 12:33 - machine was rebooted
ComboFix-quarantined-files.txt 2009-08-25 10:33

Pre-Run: 32.203.563.008 bytes libres
Post-Run: 32.097.198.080 bytes libres

549 --- E O F --- 2009-08-18 01:03

ComboFix ya se encargó de eliminar los archivos de malwares encontrados en tu PC, por lo que si todo esta funcionado bien, damos por terminado el tema.

Para terminar sólo te quedaría quitar CF de la siguiente manera:

• Ir a Inicio > Ejecutar
• Escribir lo siguiente: ComboFix /u como muestra la imagen debajo:
  
  
  • 

Esto realizara las siguientes tareas:

• Se borraran:
  • ComboFix: sus archivos y carpetas.
  • VundoFix: copias de seguridad (si está presente)
  • La carpeta C:\Deckard (si está presente)
  • La carpeta C: _OtMoveIt (si está presente)
• Restablece la configuración del reloj.
• Ocultar extensiones de archivo (si es necesario.)
• Oculta los archivos que estaban ocultos
• Reactiva el "Restaurar Sistema"

Por lo demás descarga y ejecuta la herramienta Dr. Web CureiT luego pegas su reporte para analizarlo

perdon no encuentro el reporte de Dr. Web CureiT T_T_T_T busce pero nada porfa
me dices donde tiene esta

Si sigues los pasos del enlace, verás como guardar el reporte.

lo ise paso por paso pero nada al terminar el escaner no detecta nada voy archivo pero la opcion de guardar archivos no esta activa :SSSS pero por lo de el internet lento ahora funciona bien toda esta bien
perdon :_( o talves estoy haciendo algo mal

Algo raro lo del Dr Web, en todo caso coméntanos si hay algún otro problema en tu sistema.

pues lo de el internet se soluciono gracias :D:DD:
T_T si tengo otro problema el internet ya me va bien pero ahora es la pc
svchost.exe y iexplore me consume mucho ram lo de iexplore es raro ya k no uso para nada solo firefox y ya ise los pasos de eliminacion spyware malwae adware
tambien ise un scan con panda internet security me detecto 2 virus que fueron desinfecto pero sigue lento la pc

2 gb ram
160gb disco duro

procesador :intel core 2 duo

hace una 3 dias fue lo que enpeso a ponerse lento
porfa ayuda :)

Descarga nuevamente el ComboFix y pega un nuevo reporte.

Lo del excesivo consumo de recursos del svchost normalmente es por las actualizaciones automáticas de Windows.