Foro de InfoSpyware - Foro de Hijackthis - Foro de Virus

Pues eso, web de turismo, de adelgazar de videos noseque, free video diccionary, etc... es un fastidio! alguien me dice qe hacer? gracias de antemano, aqui mi log...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:59:28 p.m., on 30/10/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
C:\Windows\System32\hkcmd .exe
C:\Windows\system32\igfxsrvc.exe
C:\Garmin\gstart .exe
C:\Program Files\Apoint\apoint .exe
C:\Program Files\Sony Corporation\SmartWi Connection Utility\CCP.exe
C:\Program Files\Apoint\Apvfb.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Sony Corporation\SmartWi Connection Utility\PowerManager.exe
C:\Program Files\Sony Corporation\SmartWi Connection Utility\ThirdPartyAppMgr.exe
C:\Program Files\Sony Corporation\SmartWi Connection Utility\UIManager.exe
C:\Program Files\Sony Corporation\SmartWi Connection Utility\SmartWi.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Sony\VAIO Care\VCsystray.exe
C:\Program Files\Sony\VAIO Care\listener.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\JOSERA~1\AppData\Local\Temp\ctv103.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.ve/webhp?sourceid=navclient&hl=es&ie=UTF-8
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: BrowserHelper Class - {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - C:\Program Files\SGPSA\SearchAssistant.dll (file missing)
O2 - BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\s wg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [SmartWiHelper] "C:\Program Files\Sony Corporation\SmartWi Connection Utility\SmartWiHelper.exe" /WindowsStartup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [VAIOSurvey] "C:\Program Files\Sony\VAIO Survey\VAIO Sat Survey.exe"
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [FBSSA] C:\Program Files\SGPSA\ie3sh.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [gStart] C:\Garmin\gStart.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Servicio de red')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Agregar entrada - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Agregar entrada en Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O16 - DPF: {DAF7E6E6-D53A-439A-B28D-12271406B8A9} (RIM AxLoader) - http://mobileapps.blackberry.com/devicesoftware/AxLoader.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Servicio de actualización de Google (gupdate1c9d523d793673f) (gupdate1c9d523d793673f) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe
O23 - Service: Intel(R) Sample Collector (SampleCollector) - Intel Corporation - C:\Program Files\Sony\VAIO Care\collsvc.exe
O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\SOHLib\SOHCImp.exe
O23 - Service: VAIO Media plus Database Manager (SOHDBSvr) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe
O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDms.exe
O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDs.exe
O23 - Service: VAIO Media plus Playlist Manager (SOHPlMgr) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe
O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResou rceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 12957 bytes

Hola jrucha


Descarga lo siguiente:

º CCLEANER. Lo instalas según Su Manual

º MALWAREBYTE´S. Lo instalas y actualizas según su manual, PERO NO LO EJECUTES AUN

º ComboFix.exe y guárdalo en el escritorio.


Cierra todos los programas, ejecutas HijackThis , tildas las casillas de estas entradas y presionas "FIX Cheked"


R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.ve/webhp?sourceid=navclient&hl=es&ie=UTF-8

O4 - HKLM\..\Run: [FBSSA] C:\Program Files\SGPSA\ie3sh.exe




Ejecuta ComboFix.exe

• Desactiva temporalmente el Antivirus y/o Antispyware.
• Cierra todas las ventanas abiertas.
• Hacele doble clic al archivo ComboFix.exe y seguí las instrucciones.
• Cuando termine, generara un registro en C:\ComboFix.txt.
  • *Nota* Mientras CF este trabajando no mover el mouse ya que pararía su proceso.
  • *Nota* ComboFix puede reiniciar automáticamente el PC para completar el proceso de eliminación.

• Reinicia y pega el reporte de C:\ComboFix.txt en este mismo mensaje.

En tu próxima respuesta, debes poner lo siguiente:

º El reporte de malwarebyte´s, que se encuentra en su pestaña REGISTROS
º El reporte de ComboFix
º Un nuevo log de Hijackthis
º Como funciona tu pc ahora


Saludos

Gracias por responder... aqui comenzare a colocar los log en la medida que se valla generando... listos...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:02:11 a.m., on 31/10/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Sony Corporation\SmartWi Connection Utility\CCP.exe
C:\Program Files\Sony Corporation\SmartWi Connection Utility\PowerManager.exe
C:\Program Files\Sony Corporation\SmartWi Connection Utility\ThirdPartyAppMgr.exe
C:\Program Files\Sony Corporation\SmartWi Connection Utility\UIManager.exe
C:\Program Files\Sony\VAIO Care\VCsystray.exe
C:\Program Files\Sony\VAIO Care\listener.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: BrowserHelper Class - {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - C:\Program Files\SGPSA\SearchAssistant.dll (file missing)
O2 - BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\s wg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SmartWiHelper] "C:\Program Files\Sony Corporation\SmartWi Connection Utility\SmartWiHelper.exe" /WindowsStartup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [VAIOSurvey] "C:\Program Files\Sony\VAIO Survey\VAIO Sat Survey.exe"
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Servicio de red')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Agregar entrada - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Agregar entrada en Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O16 - DPF: {DAF7E6E6-D53A-439A-B28D-12271406B8A9} (RIM AxLoader) - http://mobileapps.blackberry.com/devicesoftware/AxLoader.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Servicio de actualización de Google (gupdate1c9d523d793673f) (gupdate1c9d523d793673f) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe
O23 - Service: Intel(R) Sample Collector (SampleCollector) - Intel Corporation - C:\Program Files\Sony\VAIO Care\collsvc.exe
O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\SOHLib\SOHCImp.exe
O23 - Service: VAIO Media plus Database Manager (SOHDBSvr) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe
O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDms.exe
O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDs.exe
O23 - Service: VAIO Media plus Playlist Manager (SOHPlMgr) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe
O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResou rceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 12221 bytes


__________________________________________________ _

Malwarebytes' Anti-Malware 1.41
Versión de la Base de Datos: 3051
Windows 6.0.6001 Service Pack 1

31/10/2009 11:15:14 a.m.
mbam-log-2009-10-31 (11-15-14).txt

Tipo de examen : Examen Completo (C:\|)
Objetos examinados: 208068
Tiempo transcurrido: 57 minute(s), 14 second(s)

Procesos en Memoria Infectados: 0
Módulos en Memoria Infectados: 0
Claves del Registro Infectadas: 0
Valores del Registro Infectados: 0
Elementos de Datos del Registro Infectados: 0
Carpetas Infectadas: 0
Ficheros Infectados: 0

Procesos en Memoria Infectados:
(No se han detectado elementos maliciosos)

Módulos en Memoria Infectados:
(No se han detectado elementos maliciosos)

Claves del Registro Infectadas:
(No se han detectado elementos maliciosos)

Valores del Registro Infectados:
(No se han detectado elementos maliciosos)

Elementos de Datos del Registro Infectados:
(No se han detectado elementos maliciosos)

Carpetas Infectadas:
(No se han detectado elementos maliciosos)

Ficheros Infectados:
(No se han detectado elementos maliciosos)


__________________________________________________-


ComboFix 09-10-30.01 - Jose Ramon 31/10/2009 11:51.1.2 - NTFSx86 MINIMAL
Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1252.58.3082.18.2938.2564 [GMT -4,5:30]
Running from: c:\users\Jose Ramon\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-1042980324-3428500467-2180262805-500
c:\$recycle.bin\S-1-5-21-1671607238-175201848-3631838259-500
c:\$recycle.bin\S-1-5-21-2591778238-3779290442-1336074494-500
c:\$recycle.bin\S-1-5-21-74565160-236023120-106992861-500
c:\windows\system32\hkcmd .exe
c:\windows\system32\igfxpers .exe
c:\windows\system32\igfxtray .exe

.
((((((((((((((((((((((((( Files Created from 2009-09-28 to 2009-10-31 )))))))))))))))))))))))))))))))
.

2009-10-31 16:26 . 2009-10-31 16:27 -------- d-----w- c:\users\Jose Ramon\AppData\Local\temp
2009-10-31 16:26 . 2009-10-31 16:26 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-10-31 03:48 . 2009-10-31 03:48 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2009-10-31 03:48 . 2009-10-31 15:55 -------- d-----w- c:\users\Jose Ramon\AppData\Roaming\SUPERAntiSpyware.com
2009-10-31 03:48 . 2009-10-31 15:55 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-10-30 11:26 . 2009-10-30 11:26 680 ----a-w- c:\users\Jose Ramon\AppData\Local\d3d9caps.dat
2009-10-30 05:25 . 2009-10-30 05:25 -------- d-----w- c:\users\Jose Ramon\AppData\Roaming\Sony Corporation
2009-10-30 04:39 . 2009-10-30 04:39 34854 ----a-w- c:\windows\system32\uses32.dat
2009-10-29 04:33 . 2009-10-29 04:36 -------- d-----w- c:\program files\JDownloader
2009-10-29 02:39 . 2009-10-29 02:39 -------- d-----w- c:\users\Jose Ramon\AppData\Roaming\Canneverbe_Limited
2009-10-29 02:39 . 2009-10-29 02:39 -------- d-----w- c:\programdata\Canneverbe Limited
2009-10-29 02:38 . 2009-09-29 02:27 7168 ----a-w- c:\windows\system32\drivers\StarOpen.sys
2009-10-29 02:38 . 2009-10-29 02:38 -------- d-----w- c:\program files\CDBurnerXP
2009-10-29 02:08 . 2009-10-29 02:08 -------- d-----w- c:\program files\Trend Micro
2009-10-29 02:03 . 2009-10-29 02:03 -------- d-----w- c:\users\Jose Ramon\AppData\Roaming\Malwarebytes
2009-10-29 02:03 . 2009-09-10 19:24 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-29 02:03 . 2009-10-29 02:03 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-29 02:03 . 2009-10-29 02:03 -------- d-----w- c:\programdata\Malwarebytes
2009-10-29 02:03 . 2009-09-10 19:23 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-29 01:16 . 2009-10-29 01:16 -------- d-----w- c:\program files\Ask.com
2009-10-29 01:15 . 2009-10-29 01:15 -------- d-----w- c:\program files\uTorrent
2009-10-29 01:14 . 2009-10-31 16:16 -------- d-----w- c:\users\Jose Ramon\AppData\Roaming\uTorrent
2009-10-29 00:09 . 2009-10-30 04:46 8192 ----a-w- c:\users\Public\mtwb.dat
2009-10-28 18:07 . 2009-10-28 18:08 -------- d-----w- C:\Venezuela TopograficoV3
2009-10-28 02:37 . 2009-10-28 02:37 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2009-10-28 02:36 . 2009-10-28 02:36 -------- d-----w- c:\users\Jose Ramon\AppData\Local\Microsoft Help
2009-10-28 02:28 . 2009-10-28 02:29 -------- d-----w- c:\program files\Jasc Software Inc
2009-10-26 03:52 . 2009-10-26 03:53 -------- d-----w- c:\program files\Mp Trim editor de mp3
2009-10-25 15:13 . 2009-10-25 15:13 -------- d-----w- c:\program files\Hewlett Packard
2009-10-24 05:09 . 2009-10-24 05:09 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-21 20:08 . 1997-11-19 20:19 303616 ----a-w- c:\windows\IsUninst.exe
2009-10-21 05:46 . 2009-10-21 05:47 -------- d-----w- c:\programdata\WinZip
2009-10-21 05:32 . 2009-10-21 20:07 -------- d-----w- c:\users\Jose Ramon\Para la HP48
2009-10-19 03:15 . 2009-10-30 04:12 256 ----a-w- c:\windows\system32\pool.bin
2009-10-19 03:15 . 2009-10-19 03:15 -------- d-----w- c:\users\Jose Ramon\AppData\Roaming\Research In Motion
2009-10-19 03:08 . 2009-10-19 03:08 -------- d-----w- c:\programdata\InstallShield
2009-10-19 03:05 . 2009-10-19 03:07 -------- d-----w- c:\programdata\Roxio
2009-10-19 02:59 . 2007-01-18 14:54 26496 ----a-w- c:\windows\system32\drivers\RimSerial.sys
2009-10-19 02:58 . 2009-10-19 02:59 -------- d-----w- c:\program files\Common Files\Research In Motion
2009-10-19 02:58 . 2009-10-19 02:58 -------- d-----w- c:\program files\Research In Motion
2009-10-19 02:54 . 2009-10-19 02:54 -------- d-sh--w- c:\windows\ftpcache
2009-10-17 05:09 . 2009-10-17 05:09 -------- d-----w- c:\programdata\eMule
2009-10-17 05:08 . 2009-10-17 05:09 -------- d-----w- c:\users\Jose Ramon\AppData\Local\eMule
2009-10-17 05:08 . 2009-10-17 05:08 -------- d-----w- c:\program files\eMule
2009-10-16 21:09 . 2009-10-16 21:09 -------- d-----w- c:\program files\CCleaner
2009-10-15 22:54 . 2009-10-15 22:54 -------- d-----w- c:\programdata\Symantec
2009-10-15 06:19 . 2009-10-28 15:31 -------- d-----w- c:\users\Jose Ramon\AppData\Roaming\GARMIN
2009-10-15 06:19 . 2009-10-15 06:19 -------- d-----w- c:\programdata\GARMIN
2009-10-15 06:14 . 2009-10-27 04:19 -------- d-----w- C:\Venezuela Ruteable
2009-10-15 06:08 . 2009-10-31 14:42 -------- d-----w- C:\Garmin
2009-10-15 06:08 . 2009-10-15 06:08 -------- d-----w- c:\program files\DIFX
2009-10-15 06:07 . 2009-10-15 06:13 -------- d-----w- c:\program files\Garmin
2009-10-14 01:09 . 2009-10-31 16:09 -------- d-----w- c:\users\Jose Ramon\Tracing
2009-10-14 00:43 . 2009-10-14 00:43 -------- d-----w- c:\windows\Sun
2009-10-13 03:14 . 2009-10-13 03:18 -------- d-----w- c:\users\Jose Ramon\AppData\Local\Adobe
2009-10-05 00:28 . 2009-10-15 06:24 -------- d-----w- c:\users\Jose Ramon\AppData\Local\Google
2009-10-05 00:20 . 2009-08-26 00:08 25648 ----a-r- c:\windows\system32\drivers\SymIMV.sys
2009-10-05 00:20 . 2009-10-15 03:16 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2009-10-05 00:20 . 2009-10-15 03:16 -------- d-----w- c:\program files\Symantec
2009-10-05 00:20 . 2009-10-13 01:53 -------- d-----w- c:\program files\Common Files\Symantec Shared
2009-10-05 00:18 . 2009-10-05 00:18 -------- d-sh--we c:\users\Default\Reciente

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2009-10-31 16:23 . 2008-01-21 08:32 666396 ----a-w- c:\windows\system32\perfh00A.dat
2009-10-31 16:23 . 2008-01-21 08:32 129328 ----a-w- c:\windows\system32\perfc00A.dat
2009-10-31 16:08 . 2009-04-23 16:13 12 ----a-w- c:\windows\bthservsdp.dat
2009-10-31 15:02 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Defender
2009-10-31 14:19 . 2009-04-23 15:48 -------- d-----w- c:\program files\Apoint
2009-10-28 12:25 . 2009-10-05 00:19 126776 ----a-w- c:\users\Jose Ramon\AppData\Local\GDIPFONTCACHEV1.DAT
2009-10-28 02:44 . 2009-05-15 06:24 -------- d-----w- c:\programdata\Microsoft Help
2009-10-28 02:42 . 2006-11-02 12:35 -------- d-----w- c:\program files\MSBuild
2009-10-25 15:07 . 2009-04-23 15:42 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-10-24 05:09 . 2009-04-23 16:03 -------- d-----w- c:\program files\Java
2009-10-19 03:06 . 2009-05-15 06:31 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2009-10-19 03:06 . 2009-05-15 07:12 -------- d-----w- c:\program files\Common Files\Roxio Shared
2009-10-19 03:06 . 2009-05-15 07:12 -------- d-----w- c:\program files\Roxio
2009-10-19 03:05 . 2009-05-15 07:12 -------- d-----w- c:\program files\Common Files\Sonic Shared
2009-10-19 03:05 . 2009-04-23 15:42 -------- d-----w- c:\program files\Common Files\InstallShield
2009-10-15 06:28 . 2009-05-15 06:10 -------- d-----w- c:\program files\Google
2009-10-15 03:16 . 2009-10-05 00:20 806 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2009-10-15 03:16 . 2009-10-05 00:20 7456 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2009-10-05 00:21 . 2009-05-15 07:33 -------- d-----w- c:\programdata\Norton
2009-10-05 00:18 . 2009-10-05 00:18 -------- d-sh--we c:\programdata\Plantillas
2009-10-05 00:18 . 2009-10-05 00:18 -------- d-sh--we c:\programdata\Menú Inicio
2009-10-05 00:18 . 2009-10-05 00:18 -------- d-sh--we c:\programdata\Favoritos
2009-10-05 00:18 . 2009-10-05 00:18 -------- d-sh--we c:\programdata\Escritorio
2009-10-05 00:18 . 2009-10-05 00:18 -------- d-sh--we c:\programdata\Documentos
2009-10-05 00:18 . 2009-10-05 00:18 -------- d-sh--we c:\programdata\Datos de programa
2009-10-05 00:18 . 2009-10-05 00:18 -------- d-sh--we c:\program files\Archivos comunes
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe" [2009-05-15 39408]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2008-12-03 3882312]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2009-10-29 289072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-24 149280]
"SmartWiHelper"="c:\program files\Sony Corporation\SmartWi Connection Utility\SmartWiHelper.exe" [2009-03-05 77824]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"VAIOSurvey"="c:\program files\Sony\VAIO Survey\VAIO Sat Survey.exe" [2008-07-25 385024]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2008-12-18 317288]
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2008-03-06 236016]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\RunOnce]
"GrpConv"="grpconv -o" [X]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-3-1 789032]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2009-01-19 17:49 98304 ----a-w- c:\windows\System32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\SymEFA.sys]
@="FSFilter Activity Monitor"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\session manager\appcertdlls]
appsecdll REG_SZ c:\windows\system32\mscert.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-74565160-236023120-106992861-1000]
"EnableNotificationsRef"=dword:00000001

R0 SymEFA;Symantec Extended File Attributes;c:\windows\System32\drivers\NIS\1007020 .00B\SymEFA.sys [14/10/2009 10:46 p.m. 310320]
R3 SFEP;Sony Firmware Extension Parser;c:\windows\System32\drivers\SFEP.sys [23/04/2009 01:13 p.m. 9344]
S1 BHDrvx86;Symantec Heuristics Driver;c:\windows\System32\drivers\NIS\1007020.00B \BHDrvx86.sys [14/10/2009 10:46 p.m. 259632]
S1 ccHP;Symantec Hash Provider;c:\windows\System32\drivers\NIS\1007020.0 0B\cchpx86.sys [14/10/2009 10:46 p.m. 482432]
S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091021. 001\IDSvix86.sys [22/10/2009 10:25 p.m. 342576]
S2 gupdate1c9d523d793673f;Servicio de actualización de Google (gupdate1c9d523d793673f);c:\program files\Google\Update\GoogleUpdate.exe [15/05/2009 01:40 a.m. 133104]
S2 Norton Internet Security;Norton Internet Security;c:\program files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe [14/10/2009 10:46 p.m. 117640]
S2 regi;regi;c:\windows\System32\drivers\regi.sys [17/04/2007 08:39 p.m. 11032]
S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService.exe [23/04/2009 11:12 a.m. 109088]
S2 SampleCollector;Intel(R) Sample Collector;c:\program files\Sony\VAIO Care\collsvc.exe [15/05/2009 02:10 a.m. 122880]
S2 uCamMonitor;CamMonitor;c:\program files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [15/05/2009 02:36 a.m. 104960]
S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [23/04/2009 11:33 a.m. 415592]
S2 VCFw;VAIO Content Folder Watcher;c:\program files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [14/01/2009 02:08 p.m. 5184872]
S2 yksvc;Marvell Yukon Service;c:\windows\System32\svchost.exe -k yksvcs [20/01/2008 10:03 p.m. 21504]
S3 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [08/12/2008 03:46 p.m. 169312]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\System32\drivers\ArcSoftKsUFilte r.sys [15/05/2009 02:36 a.m. 17920]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\System32\drivers\btwl2cap.sys [23/04/2009 11:51 a.m. 29736]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [12/10/2009 03:30 a.m. 102448]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\System32\drivers\IntcHdmi.sys [23/04/2009 01:13 p.m. 112128]
S3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\System32\drivers\NETw5v32.sys [29/08/2008 12:18 a.m. 3664384]
S3 SOHCImp;VAIO Media plus Content Importer;c:\program files\Common Files\Sony Shared\SOHLib\SOHCImp.exe [15/05/2009 02:21 a.m. 120104]
S3 SOHDBSvr;VAIO Media plus Database Manager;c:\program files\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [15/05/2009 02:21 a.m. 70952]
S3 SOHDms;VAIO Media plus Digital Media Server;c:\program files\Common Files\Sony Shared\SOHLib\SOHDms.exe [15/05/2009 02:21 a.m. 390440]
S3 SOHDs;VAIO Media plus Device Searcher;c:\program files\Common Files\Sony Shared\SOHLib\SOHDs.exe [15/05/2009 02:21 a.m. 75048]
S3 SOHPlMgr;VAIO Media plus Playlist Manager;c:\program files\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [15/05/2009 02:21 a.m. 91432]
S3 SYMNDISV;Symantec Network Filter Driver;c:\windows\System32\drivers\NIS\1007020.00B \symndisv.sys [14/10/2009 10:46 p.m. 48688]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [15/05/2009 02:43 a.m. 394536]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [15/05/2009 02:20 a.m. 83240]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - ECACHE
*NewlyCreated* - MBR
*Deregistered* - mbr

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
yksvcs REG_MULTI_SZ yksvc
.
Contents of the 'Scheduled Tasks' folder

2009-10-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-15 06:10]

2009-10-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-15 06:10]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
IE: E&xportar a Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
DPF: {DAF7E6E6-D53A-439A-B28D-12271406B8A9} - hxxp://mobileapps.blackberry.com/devicesoftware/AxLoader.cab
.
- - - - ORPHANS REMOVED - - - -

BHO-{8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKLM-RunOnce-<NO NAME> - (no file)



************************************************** ************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-31 11:56
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

************************************************** ************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\N orton Internet Security]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files\Norton Internet Security\Engine\16.7.2.11\diMaster.dll\" /prefetch:1"
--

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\S ampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\collsvc.exe\" \"/service\" \"/counter=\Processor(_Total)\% Processor Time:5\" \"/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:5\" \"/counter=\Network Interface(*)\Bytes Total/sec:5\" \"/directory=inteldata\""
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Cl ass\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2009-10-31 11:59
ComboFix-quarantined-files.txt 2009-10-31 16:29

Pre-Run: 256.146.776.064 bytes libres
Post-Run: 256.173.133.824 bytes libres

- - End Of File - - 2AAD93D8BF688DC7FE08A60048698F1C


__________________________________________________


De momento parece que igual... se me acaba de abrir esta...

Realiza lo siguiente :

• Clic en INICIO > EJECUTAR >
  • Y ahí pones notepad.exe y ACEPTAR
  • Ahora copia y pega el texto del cuadro de mas abajo dentro del Notepad

• Guarda este archivo con el nombre CFScript.txt
• Arrastra y suelta el archivo CFScript.txt dentro del archivo ComboFix.exe como lo muestra el screenshot de abajo.
  
  
  
  
  
  
• ComboFix comenzará otra vez a ejecutarse. Cuando termine generara un nuevo reporte que tendras que pegar en este mismo tema.

Nos omentas como funciona ahora el ordenador.
saludos

Listo... este es el nuevo log...

ComboFix 09-10-30.01 - Jose Ramon 02/11/2009 10:16.2.2 - NTFSx86 MINIMAL
Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1252.58.3082.18.2938.2572 [GMT -4,5:30]
Running from: c:\users\Jose Ramon\Desktop\ComboFix.exe
Command switches used :: c:\users\Jose Ramon\Desktop\CFScript.txt
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Created a new restore point

FILE ::
"c:\program files\Ask.com"
"c:\windows\bthservsdp.dat"
"c:\windows\system32\mscert.dll"
"c:\windows\system32\uses32.dat"
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\bthservsdp.dat
c:\windows\system32\uses32.dat
c:\windows\system32\wininet.exe

.
((((((((((((((((((((((((( Files Created from 2009-10-02 to 2009-11-02 )))))))))))))))))))))))))))))))
.

2009-11-02 14:52 . 2009-11-02 14:54 -------- d-----w- c:\users\Jose Ramon\AppData\Local\temp
2009-11-02 14:52 . 2009-11-02 14:52 -------- d-----w- c:\users\Public\AppData\Local\temp
2009-10-31 03:48 . 2009-10-31 03:48 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2009-10-31 03:48 . 2009-10-31 15:55 -------- d-----w- c:\users\Jose Ramon\AppData\Roaming\SUPERAntiSpyware.com
2009-10-31 03:48 . 2009-10-31 15:55 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-10-30 11:26 . 2009-10-30 11:26 680 ----a-w- c:\users\Jose Ramon\AppData\Local\d3d9caps.dat
2009-10-30 05:25 . 2009-10-30 05:25 -------- d-----w- c:\users\Jose Ramon\AppData\Roaming\Sony Corporation
2009-10-29 04:33 . 2009-10-29 04:36 -------- d-----w- c:\program files\JDownloader
2009-10-29 02:39 . 2009-10-29 02:39 -------- d-----w- c:\users\Jose Ramon\AppData\Roaming\Canneverbe_Limited
2009-10-29 02:39 . 2009-10-29 02:39 -------- d-----w- c:\programdata\Canneverbe Limited
2009-10-29 02:38 . 2009-09-29 02:27 7168 ----a-w- c:\windows\system32\drivers\StarOpen.sys
2009-10-29 02:38 . 2009-10-29 02:38 -------- d-----w- c:\program files\CDBurnerXP
2009-10-29 02:08 . 2009-10-29 02:08 -------- d-----w- c:\program files\Trend Micro
2009-10-29 02:03 . 2009-10-29 02:03 -------- d-----w- c:\users\Jose Ramon\AppData\Roaming\Malwarebytes
2009-10-29 02:03 . 2009-09-10 19:24 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-29 02:03 . 2009-10-29 02:03 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-29 02:03 . 2009-10-29 02:03 -------- d-----w- c:\programdata\Malwarebytes
2009-10-29 02:03 . 2009-09-10 19:23 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-29 01:16 . 2009-10-29 01:16 -------- d-----w- c:\program files\Ask.com
2009-10-29 01:15 . 2009-10-29 01:15 -------- d-----w- c:\program files\uTorrent
2009-10-29 01:14 . 2009-11-02 14:54 -------- d-----w- c:\users\Jose Ramon\AppData\Roaming\uTorrent
2009-10-29 00:09 . 2009-10-30 04:46 8192 ----a-w- c:\users\Public\mtwb.dat
2009-10-28 18:07 . 2009-10-28 18:08 -------- d-----w- C:\Venezuela TopograficoV3
2009-10-28 02:37 . 2009-10-28 02:37 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2009-10-28 02:36 . 2009-10-28 02:36 -------- d-----w- c:\users\Jose Ramon\AppData\Local\Microsoft Help
2009-10-28 02:28 . 2009-10-28 02:29 -------- d-----w- c:\program files\Jasc Software Inc
2009-10-26 03:52 . 2009-10-26 03:53 -------- d-----w- c:\program files\Mp Trim editor de mp3
2009-10-25 15:13 . 2009-10-25 15:13 -------- d-----w- c:\program files\Hewlett Packard
2009-10-24 05:09 . 2009-10-24 05:09 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-21 20:08 . 1997-11-19 20:19 303616 ----a-w- c:\windows\IsUninst.exe
2009-10-21 05:46 . 2009-10-21 05:47 -------- d-----w- c:\programdata\WinZip
2009-10-21 05:32 . 2009-10-21 20:07 -------- d-----w- c:\users\Jose Ramon\Para la HP48
2009-10-19 03:15 . 2009-10-30 04:12 256 ----a-w- c:\windows\system32\pool.bin
2009-10-19 03:15 . 2009-10-19 03:15 -------- d-----w- c:\users\Jose Ramon\AppData\Roaming\Research In Motion
2009-10-19 03:08 . 2009-10-19 03:08 -------- d-----w- c:\programdata\InstallShield
2009-10-19 03:05 . 2009-10-19 03:07 -------- d-----w- c:\programdata\Roxio
2009-10-19 02:59 . 2007-01-18 14:54 26496 ----a-w- c:\windows\system32\drivers\RimSerial.sys
2009-10-19 02:58 . 2009-10-19 02:59 -------- d-----w- c:\program files\Common Files\Research In Motion
2009-10-19 02:58 . 2009-10-19 02:58 -------- d-----w- c:\program files\Research In Motion
2009-10-19 02:54 . 2009-10-19 02:54 -------- d-sh--w- c:\windows\ftpcache
2009-10-17 05:09 . 2009-10-17 05:09 -------- d-----w- c:\programdata\eMule
2009-10-17 05:08 . 2009-10-17 05:09 -------- d-----w- c:\users\Jose Ramon\AppData\Local\eMule
2009-10-17 05:08 . 2009-10-17 05:08 -------- d-----w- c:\program files\eMule
2009-10-16 21:09 . 2009-10-16 21:09 -------- d-----w- c:\program files\CCleaner
2009-10-15 22:54 . 2009-10-15 22:54 -------- d-----w- c:\programdata\Symantec
2009-10-15 06:19 . 2009-10-28 15:31 -------- d-----w- c:\users\Jose Ramon\AppData\Roaming\GARMIN
2009-10-15 06:19 . 2009-10-15 06:19 -------- d-----w- c:\programdata\GARMIN
2009-10-15 06:14 . 2009-10-27 04:19 -------- d-----w- C:\Venezuela Ruteable
2009-10-15 06:08 . 2009-10-31 14:42 -------- d-----w- C:\Garmin
2009-10-15 06:08 . 2009-10-15 06:08 -------- d-----w- c:\program files\DIFX
2009-10-15 06:07 . 2009-10-15 06:13 -------- d-----w- c:\program files\Garmin
2009-10-14 01:09 . 2009-11-02 14:54 -------- d-----w- c:\users\Jose Ramon\Tracing
2009-10-14 00:43 . 2009-10-14 00:43 -------- d-----w- c:\windows\Sun
2009-10-13 03:14 . 2009-10-13 03:18 -------- d-----w- c:\users\Jose Ramon\AppData\Local\Adobe
2009-10-05 00:28 . 2009-10-15 06:24 -------- d-----w- c:\users\Jose Ramon\AppData\Local\Google
2009-10-05 00:20 . 2009-08-26 00:08 25648 ----a-r- c:\windows\system32\drivers\SymIMV.sys
2009-10-05 00:20 . 2009-10-15 03:16 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2009-10-05 00:20 . 2009-10-15 03:16 -------- d-----w- c:\program files\Symantec
2009-10-05 00:20 . 2009-10-13 01:53 -------- d-----w- c:\program files\Common Files\Symantec Shared
2009-10-05 00:18 . 2009-10-05 00:18 -------- d-sh--we c:\users\Default\Reciente

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2009-11-02 14:49 . 2008-01-21 08:32 666396 ----a-w- c:\windows\system32\perfh00A.dat
2009-11-02 14:49 . 2008-01-21 08:32 129328 ----a-w- c:\windows\system32\perfc00A.dat
2009-10-31 15:02 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Defender
2009-10-31 14:19 . 2009-04-23 15:48 -------- d-----w- c:\program files\Apoint
2009-10-28 12:25 . 2009-10-05 00:19 126776 ----a-w- c:\users\Jose Ramon\AppData\Local\GDIPFONTCACHEV1.DAT
2009-10-28 02:44 . 2009-05-15 06:24 -------- d-----w- c:\programdata\Microsoft Help
2009-10-28 02:42 . 2006-11-02 12:35 -------- d-----w- c:\program files\MSBuild
2009-10-25 15:07 . 2009-04-23 15:42 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-10-24 05:09 . 2009-04-23 16:03 -------- d-----w- c:\program files\Java
2009-10-19 03:06 . 2009-05-15 06:31 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2009-10-19 03:06 . 2009-05-15 07:12 -------- d-----w- c:\program files\Common Files\Roxio Shared
2009-10-19 03:06 . 2009-05-15 07:12 -------- d-----w- c:\program files\Roxio
2009-10-19 03:05 . 2009-05-15 07:12 -------- d-----w- c:\program files\Common Files\Sonic Shared
2009-10-19 03:05 . 2009-04-23 15:42 -------- d-----w- c:\program files\Common Files\InstallShield
2009-10-15 06:28 . 2009-05-15 06:10 -------- d-----w- c:\program files\Google
2009-10-15 03:16 . 2009-10-05 00:20 806 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2009-10-15 03:16 . 2009-10-05 00:20 7456 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2009-10-05 00:21 . 2009-05-15 07:33 -------- d-----w- c:\programdata\Norton
2009-10-05 00:18 . 2009-10-05 00:18 -------- d-sh--we c:\programdata\Plantillas
2009-10-05 00:18 . 2009-10-05 00:18 -------- d-sh--we c:\programdata\Menú Inicio
2009-10-05 00:18 . 2009-10-05 00:18 -------- d-sh--we c:\programdata\Favoritos
2009-10-05 00:18 . 2009-10-05 00:18 -------- d-sh--we c:\programdata\Escritorio
2009-10-05 00:18 . 2009-10-05 00:18 -------- d-sh--we c:\programdata\Documentos
2009-10-05 00:18 . 2009-10-05 00:18 -------- d-sh--we c:\programdata\Datos de programa
2009-10-05 00:18 . 2009-10-05 00:18 -------- d-sh--we c:\program files\Archivos comunes
.

((((((((((((((((((((((((((((( SnapShot@2009-10-31_16.27.05 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-01-21 01:58 . 2009-11-02 14:39 44980 c:\windows\System32\WDI\ShutdownPerformanceDiagnos tics_SystemData.bin
+ 2006-11-02 13:02 . 2009-11-02 14:39 83336 c:\windows\System32\WDI\BootPerformanceDiagnostics _SystemData.bin
- 2009-05-15 05:58 . 2009-10-31 16:18 16384 c:\windows\System32\config\systemprofile\AppData\R oaming\Microsoft\Windows\Cookies\index.dat
+ 2009-05-15 05:58 . 2009-11-02 14:42 16384 c:\windows\System32\config\systemprofile\AppData\R oaming\Microsoft\Windows\Cookies\index.dat
+ 2009-05-15 05:58 . 2009-11-02 14:42 32768 c:\windows\System32\config\systemprofile\AppData\L ocal\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-05-15 05:58 . 2009-10-31 16:18 32768 c:\windows\System32\config\systemprofile\AppData\L ocal\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-05-15 05:58 . 2009-10-31 16:18 16384 c:\windows\System32\config\systemprofile\AppData\L ocal\Microsoft\Windows\History\History.IE5\index.d at
+ 2009-05-15 05:58 . 2009-11-02 14:42 16384 c:\windows\System32\config\systemprofile\AppData\L ocal\Microsoft\Windows\History\History.IE5\index.d at
+ 2009-10-31 19:31 . 2009-10-31 19:31 22528 c:\windows\Installer\a49faf.msi
+ 2009-10-05 00:20 . 2009-11-02 14:39 7562 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-74565160-236023120-106992861-1000_UserData.bin
- 2006-11-02 10:33 . 2009-10-31 16:23 586568 c:\windows\System32\perfh009.dat
+ 2006-11-02 10:33 . 2009-11-02 14:49 586568 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2009-10-31 16:23 100640 c:\windows\System32\perfc009.dat
+ 2006-11-02 10:33 . 2009-11-02 14:49 100640 c:\windows\System32\perfc009.dat
+ 2009-07-17 02:48 . 2009-11-02 14:41 628864 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\FontCache3.0.0.0.dat
- 2009-07-17 02:48 . 2009-10-31 16:08 628864 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\FontCache3.0.0.0.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe" [2009-05-15 39408]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2008-12-03 3882312]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2009-10-29 289072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-24 149280]
"SmartWiHelper"="c:\program files\Sony Corporation\SmartWi Connection Utility\SmartWiHelper.exe" [2009-03-05 77824]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"VAIOSurvey"="c:\program files\Sony\VAIO Survey\VAIO Sat Survey.exe" [2008-07-25 385024]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2008-12-18 317288]
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2008-03-06 236016]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-3-1 789032]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2009-01-19 17:49 98304 ----a-w- c:\windows\System32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\SymEFA.sys]
@="FSFilter Activity Monitor"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-74565160-236023120-106992861-1000]
"EnableNotificationsRef"=dword:00000001

R0 SymEFA;Symantec Extended File Attributes;c:\windows\System32\drivers\NIS\1007020 .00B\SymEFA.sys [14/10/2009 10:46 p.m. 310320]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\System32\drivers\NIS\1007020.00B \BHDrvx86.sys [14/10/2009 10:46 p.m. 259632]
R1 ccHP;Symantec Hash Provider;c:\windows\System32\drivers\NIS\1007020.0 0B\cchpx86.sys [14/10/2009 10:46 p.m. 482432]
R1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091021. 001\IDSvix86.sys [22/10/2009 10:25 p.m. 342576]
R2 Norton Internet Security;Norton Internet Security;c:\program files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe [14/10/2009 10:46 p.m. 117640]
R2 regi;regi;c:\windows\System32\drivers\regi.sys [17/04/2007 08:39 p.m. 11032]
R2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService.exe [23/04/2009 11:12 a.m. 109088]
R2 SampleCollector;Intel(R) Sample Collector;c:\program files\Sony\VAIO Care\collsvc.exe [15/05/2009 02:10 a.m. 122880]
R2 uCamMonitor;CamMonitor;c:\program files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [15/05/2009 02:36 a.m. 104960]
R2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [23/04/2009 11:33 a.m. 415592]
R2 VCFw;VAIO Content Folder Watcher;c:\program files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [14/01/2009 02:08 p.m. 5184872]
R2 yksvc;Marvell Yukon Service;c:\windows\System32\svchost.exe -k yksvcs [20/01/2008 10:03 p.m. 21504]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\System32\drivers\ArcSoftKsUFilte r.sys [15/05/2009 02:36 a.m. 17920]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [12/10/2009 03:30 a.m. 102448]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\System32\drivers\IntcHdmi.sys [23/04/2009 01:13 p.m. 112128]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\System32\drivers\NETw5v32.sys [29/08/2008 12:18 a.m. 3664384]
R3 SFEP;Sony Firmware Extension Parser;c:\windows\System32\drivers\SFEP.sys [23/04/2009 01:13 p.m. 9344]
R3 SYMNDISV;Symantec Network Filter Driver;c:\windows\System32\drivers\NIS\1007020.00B \symndisv.sys [14/10/2009 10:46 p.m. 48688]
S2 gupdate1c9d523d793673f;Servicio de actualización de Google (gupdate1c9d523d793673f);c:\program files\Google\Update\GoogleUpdate.exe [15/05/2009 01:40 a.m. 133104]
S3 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [08/12/2008 03:46 p.m. 169312]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\System32\drivers\btwl2cap.sys [23/04/2009 11:51 a.m. 29736]
S3 SOHCImp;VAIO Media plus Content Importer;c:\program files\Common Files\Sony Shared\SOHLib\SOHCImp.exe [15/05/2009 02:21 a.m. 120104]
S3 SOHDBSvr;VAIO Media plus Database Manager;c:\program files\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [15/05/2009 02:21 a.m. 70952]
S3 SOHDms;VAIO Media plus Digital Media Server;c:\program files\Common Files\Sony Shared\SOHLib\SOHDms.exe [15/05/2009 02:21 a.m. 390440]
S3 SOHDs;VAIO Media plus Device Searcher;c:\program files\Common Files\Sony Shared\SOHLib\SOHDs.exe [15/05/2009 02:21 a.m. 75048]
S3 SOHPlMgr;VAIO Media plus Playlist Manager;c:\program files\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [15/05/2009 02:21 a.m. 91432]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [15/05/2009 02:43 a.m. 394536]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [15/05/2009 02:20 a.m. 83240]

--- Other Services/Drivers In Memory ---

*Deregistered* - mbr

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
yksvcs REG_MULTI_SZ yksvc
.
Contents of the 'Scheduled Tasks' folder

2009-11-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-15 06:10]

2009-11-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-15 06:10]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
IE: E&xportar a Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
DPF: {DAF7E6E6-D53A-439A-B28D-12271406B8A9} - hxxp://mobileapps.blackberry.com/devicesoftware/AxLoader.cab
.

************************************************** ************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-02 10:24
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

[0] 0x5FB04752

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

************************************************** ************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\N orton Internet Security]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files\Norton Internet Security\Engine\16.7.2.11\diMaster.dll\" /prefetch:1"
--

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\S ampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\collsvc.exe\" \"/service\" \"/counter=\Processor(_Total)\% Processor Time:5\" \"/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:5\" \"/counter=\Network Interface(*)\Bytes Total/sec:5\" \"/directory=inteldata\""
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Cl ass\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(5436)
c:\program files\WIDCOMM\Bluetooth Software\btmmhook.dll
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\WLANExt.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files\CDBurnerXP\NMSAccessU.exe
c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\windows\system32\DllHost.exe
c:\program files\Sony\VAIO Update 4\VAIOUpdt.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\Sony Corporation\SmartWi Connection Utility\CCP.exe
c:\program files\Sony\VAIO Care\VCsystray.exe
c:\program files\Sony Corporation\SmartWi Connection Utility\SmartWi.exe
c:\program files\Sony\VAIO Care\listener.exe
c:\program files\Sony\VAIO Event Service\VESMgr.exe
c:\windows\system32\DllHost.exe
c:\program files\Sony\VAIO Power Management\SPMgr.exe
c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
c:\program files\Sony\VAIO Event Service\VESMgrSub.exe
c:\windows\system32\igfxext.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\system32\DllHost.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\Presen tationFontCache.exe
c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
.
************************************************** ************************
.
Completion time: 2009-11-02 10:31 - machine was rebooted
ComboFix-quarantined-files.txt 2009-11-02 15:01
ComboFix2.txt 2009-10-31 16:29

Pre-Run: 256.088.821.760 bytes libres
Post-Run: 253.048.455.168 bytes libres

- - End Of File - - 576681BB4B5355C5E127DA81B8881BEE

Bueno....y como va tu ordenador ahora ??

Lo siento, practicamente igual... se me siguen abriendo estas paginas...

http://ads.right-ads.com previo abre esta segunda y se re-direcciona a la anterior...

http://67.201.36.16/index.html


me tiene arto!!!!

Que mas me suguieren hacer? gracias

Hola de nuevo.

Reinicia el ordenador y verifica su funcionamiento.


Saludos