Norton Internet Security inutilizado. (Solucionado)

¡¡¡Sabía que no me fallaríais!

Aquí van los reportes.

El de Malwarebytes (limpio, esta vez):

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Versión de la Base de Datos: 6593

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

17/05/2011 1:49:26
mbam-log-2011-05-17 (01-49-26).txt

Tipos de Análisis: Análisis Completo (C:\|D:\|Q:\|)
Objetos examinados: 374738
Tiempo transcurrido: 38 minuto(s), 25 segundo(s)

Procesos en Memoria Infectados: 0
Módulos de Memoria Infectados: 0
Claves del Registro Infectadas: 0
Valores del Registro Infectados: 0
Elementos de Datos del Registro Infectados: 0
Carpetas Infectadas: 0
Archivos Infectados: 0

Procesos en Memoria Infectados:
(No se han detectado elementos maliciosos)

Módulos de Memoria Infectados:
(No se han detectado elementos maliciosos)

Claves del Registro Infectadas:
(No se han detectado elementos maliciosos)

Valores del Registro Infectados:
(No se han detectado elementos maliciosos)

Elementos de Datos del Registro Infectados:
(No se han detectado elementos maliciosos)

Carpetas Infectadas:
(No se han detectado elementos maliciosos)

Archivos Infectados:
(No se han detectado elementos maliciosos)



... Y el de Combofix:


ComboFix 11-05-16.02 - Pedro 17/05/2011 2:00.1.3 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.34.3082.18.4095.2096 [GMT 2:00]
Running from: c:\users\Pedro\Desktop\ComboFix.exe
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\AutocompletePro
c:\program files (x86)\AutocompletePro\AcRemoteUpdate.exe
c:\program files (x86)\AutocompletePro\AutocompletePro.dll
c:\program files (x86)\AutocompletePro\InstTracker.exe
c:\program files (x86)\AutocompletePro\[email protected]\chrome.manifest
c:\program files (x86)\AutocompletePro\[email protected]\chrome\content\browserOverlay.xul
c:\program files (x86)\AutocompletePro\[email protected]\chrome\content\options.js
c:\program files (x86)\AutocompletePro\[email protected]\chrome\content\options.xul
c:\program files (x86)\AutocompletePro\[email protected]\chrome\content\utils.js
c:\program files (x86)\AutocompletePro\[email protected]\defaults\preferences\predictad.js
c:\program files (x86)\AutocompletePro\[email protected]\install.rdf
c:\program files (x86)\AutocompletePro\TaskScheduler.dll
c:\program files (x86)\AutocompletePro\unins000.dat
c:\program files (x86)\AutocompletePro\unins000.exe
c:\program files (x86)\INSTALL.LOG
.
.
((((((((((((((((((((((((( Files Created from 2011-04-17 to 2011-05-17 )))))))))))))))))))))))))))))))
.
.
2011-05-17 00:04 . 2011-05-17 00:04 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-05-12 22:29 . 2011-05-12 22:29 388096 ----a-r- c:\users\Pedro\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-05-12 22:29 . 2011-05-12 22:29 -------- d-----w- c:\program files (x86)\Trend Micro
2011-05-12 20:49 . 2011-05-12 20:52 -------- d-----w- c:\users\Pedro\AppData\Local\NPE
2011-05-12 20:21 . 2011-05-12 20:21 -------- d-----w- c:\program files (x86)\FileASSASSIN
2011-05-12 18:59 . 2011-05-12 18:59 -------- d-----w- c:\program files (x86)\ESET
2011-05-12 18:51 . 2011-05-12 18:51 -------- d-----w- c:\users\Pedro\AppData\Roaming\QuickScan
2011-05-12 15:41 . 2009-06-30 08:37 33800 ----a-w- c:\windows\system32\drivers\pavboot64.sys
2011-05-12 15:41 . 2011-05-12 15:41 -------- d-----w- c:\program files (x86)\Panda Security
2011-05-12 15:39 . 2011-05-12 15:39 -------- d-----w- c:\windows\Sun
2011-05-12 14:44 . 2011-05-12 14:44 -------- d-----w- c:\program files\CCleaner
2011-05-12 14:43 . 2010-01-10 17:40 118784 ----a-w- c:\windows\SysWow64\MSSTDFMT.DLL
2011-05-12 14:43 . 2011-05-12 14:43 -------- d-----w- c:\program files (x86)\SpywareBlaster
2011-05-12 14:40 . 2011-05-12 14:40 -------- d-----w- c:\users\Pedro\AppData\Roaming\SUPERAntiSpyware.com
2011-05-12 14:40 . 2011-05-12 14:40 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2011-05-12 14:39 . 2011-05-12 14:39 -------- d-----w- c:\programdata\!SASCORE
2011-05-12 14:39 . 2011-05-12 14:40 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-05-12 12:25 . 2011-05-12 12:25 -------- d-----w- c:\users\Pedro\AppData\Roaming\Malwarebytes
2011-05-12 12:25 . 2011-05-12 12:25 -------- d-----w- c:\programdata\Malwarebytes
2011-05-12 12:25 . 2010-12-20 16:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-05-12 12:25 . 2011-05-12 12:25 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-05-12 12:25 . 2010-12-20 16:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-12 07:41 . 2011-05-12 07:41 -------- d-----w- c:\users\Pedro\AppData\Local\Symantec
2011-05-12 07:41 . 2011-04-18 07:15 8802128 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{749F3D6E-F365-4B51-8E08-07621E5E661F}\mpengine.dll
2011-05-12 07:41 . 2011-02-02 16:11 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-05-12 07:40 . 2011-04-09 06:45 5509504 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-05-12 07:40 . 2011-04-09 06:13 3957632 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-05-12 07:40 . 2011-04-09 06:13 3901824 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-05-12 07:40 . 2011-03-25 03:23 324608 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-05-12 07:40 . 2011-03-25 03:22 52224 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-05-12 07:40 . 2011-03-25 03:23 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-05-12 07:40 . 2011-03-25 03:23 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-05-12 07:40 . 2011-03-25 03:22 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2011-05-12 07:40 . 2011-03-25 03:22 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-05-12 07:40 . 2011-03-25 03:22 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
2011-05-04 07:23 . 2011-05-13 13:14 -------- d-----w- C:\temp
2011-04-28 13:11 . 2011-04-28 13:11 -------- d-----w- c:\program files (x86)\Common Files\Java
2011-04-28 07:02 . 2011-04-28 07:02 -------- d-----w- c:\users\Pedro\AppData\Roaming\OpenOffice.org
2011-04-28 07:00 . 2011-04-28 07:00 -------- d-----w- c:\program files (x86)\OpenOffice.org 3
2011-04-28 06:59 . 2011-02-02 19:40 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-04-28 06:59 . 2011-04-28 13:11 -------- d-----w- c:\program files (x86)\Java
2011-04-26 06:12 . 2011-04-26 06:12 -------- d-----w- c:\users\Pedro\AppData\Roaming\Plogue
2011-04-26 06:07 . 2011-04-26 06:11 -------- d-----w- c:\users\Pedro\AppData\Roaming\Garritan
2011-04-26 06:07 . 2011-04-26 06:07 -------- d-----w- c:\program files\vstplugins
2011-04-26 06:06 . 2011-04-26 06:06 -------- d-----w- c:\program files\Plogue
2011-04-26 06:06 . 2011-04-26 06:07 -------- d-----w- c:\program files\Garritan
2011-04-25 18:16 . 2011-04-25 18:16 -------- dc-h--w- c:\programdata\{A6DB2A6F-FF9D-453F-99D6-C1AA54BC0C14}
2011-04-25 18:16 . 2011-04-25 18:16 -------- d-----w- c:\program files\Native Instruments
2011-04-25 17:53 . 2011-04-25 17:55 -------- d-----w- c:\users\Pedro\AppData\Local\Native Instruments
2011-04-25 17:51 . 2011-04-25 17:51 -------- d-----w- c:\program files (x86)\Common Files\Digidesign
2011-04-25 17:51 . 2011-04-25 18:15 -------- d-----w- c:\program files (x86)\Common Files\Native Instruments
2011-04-25 17:51 . 2011-04-25 18:15 -------- d-----w- c:\program files (x86)\Native Instruments
2011-04-25 16:35 . 2011-04-25 16:35 -------- d-----w- c:\users\Pedro\AppData\Roaming\MakeMusic
2011-04-25 16:29 . 2011-04-25 16:35 -------- d-----w- c:\programdata\MakeMusic
2011-04-25 16:29 . 2011-04-25 16:29 -------- d-----w- C:\PSFONTS
2011-04-25 16:29 . 2011-04-25 16:35 -------- d-----w- c:\program files (x86)\Finale 2011
2011-04-25 16:07 . 2011-04-25 16:07 254528 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-04-25 16:07 . 2011-04-25 16:07 -------- d-----w- c:\program files (x86)\DAEMON Tools Toolbar
2011-04-25 16:07 . 2011-04-25 16:08 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2011-04-25 16:06 . 2011-04-25 16:20 -------- d-----w- c:\users\Pedro\AppData\Roaming\DAEMON Tools Lite
2011-04-25 16:06 . 2011-04-25 16:06 -------- d-----w- c:\programdata\DAEMON Tools Lite
2011-04-20 13:27 . 2011-04-20 13:27 -------- d-----w- c:\program files (x86)\Noteworthy Software
2011-04-20 09:04 . 2011-04-20 09:04 -------- d-----w- c:\program files (x86)\GVOX
2011-04-19 20:14 . 2011-04-19 20:14 -------- d-----w- c:\program files (x86)\ASIO4ALL v2
2011-04-19 13:56 . 2011-04-19 13:56 -------- d-----w- c:\programdata\Recovery
2011-04-19 09:52 . 2010-02-09 09:15 143360 ------w- c:\windows\SysWow64\VmixP6.dll
2011-04-19 09:52 . 2010-02-09 09:15 200704 ------w- c:\windows\SysWow64\CMPaOxy.dll
2011-04-19 09:52 . 2010-02-09 09:15 389120 ------w- c:\windows\system32\CMICNFG3.cpl
2011-04-19 09:52 . 2010-02-09 09:16 8151040 ------w- c:\windows\SysWow64\CMICNFG3.dll
2011-04-19 09:52 . 2010-02-09 09:15 792576 ------w- c:\windows\system32\Cmeaupci.exe
2011-04-19 09:51 . 2010-02-09 09:14 1155072 ----a-w- c:\windows\system32\drivers\cmudax3.sys
2011-04-19 09:51 . 2010-02-09 09:14 36864 ----a-w- c:\windows\system32\cmudax3.dll
2011-04-19 09:51 . 2010-02-09 09:16 359424 ------w- c:\windows\system32\CmiInstallResAll64.dll
2011-04-19 09:51 . 2010-02-09 09:16 524768 ----a-r- c:\windows\difxapi.dll
2011-04-18 01:09 . 2011-04-18 01:09 -------- d-----w- c:\users\Pedro\AppData\Roaming\SynthFont
2011-04-18 01:09 . 2011-04-18 01:18 -------- d-----w- c:\program files (x86)\SynthFont
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-17 05:29 . 2010-06-24 10:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-03-11 06:19 . 2011-04-14 15:14 1395712 ----a-w- c:\windows\system32\mfc42.dll
2011-03-11 06:19 . 2011-04-14 15:14 1359872 ----a-w- c:\windows\system32\mfc42u.dll
2011-03-11 05:40 . 2011-04-14 15:14 1164288 ----a-w- c:\windows\SysWow64\mfc42u.dll
2011-03-11 05:40 . 2011-04-14 15:14 1137664 ----a-w- c:\windows\SysWow64\mfc42.dll
2011-03-08 06:14 . 2011-04-14 15:05 976896 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-08 05:38 . 2011-04-14 15:05 740864 ----a-w- c:\windows\SysWow64\inetcomm.dll
2011-03-04 06:17 . 2011-04-27 08:39 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2011-03-04 06:17 . 2011-04-27 08:39 347648 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2011-03-03 06:17 . 2011-04-14 15:06 182272 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-03-03 06:14 . 2011-04-14 15:06 30208 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-03-03 05:27 . 2011-04-14 15:06 28672 ----a-w- c:\windows\SysWow64\dnscacheugc.exe
2011-03-03 03:58 . 2011-04-14 15:14 3133440 ----a-w- c:\windows\system32\win32k.sys
2011-02-24 06:30 . 2011-04-14 15:14 476160 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-02-24 06:29 . 2011-04-14 15:35 1197056 ----a-w- c:\windows\system32\wininet.dll
2011-02-24 06:24 . 2011-04-14 15:35 57856 ----a-w- c:\windows\system32\licmgr10.dll
2011-02-24 05:32 . 2011-04-14 15:14 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-02-24 05:32 . 2011-04-14 15:35 981504 ----a-w- c:\windows\SysWow64\wininet.dll
2011-02-24 05:30 . 2011-04-14 15:35 44544 ----a-w- c:\windows\SysWow64\licmgr10.dll
2011-02-24 05:05 . 2011-04-14 15:35 482816 ----a-w- c:\windows\system32\html.iec
2011-02-24 04:24 . 2011-04-14 15:35 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-02-24 04:23 . 2011-04-14 15:35 386048 ----a-w- c:\windows\SysWow64\html.iec
2011-02-24 03:50 . 2011-04-14 15:35 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-02-23 05:16 . 2011-04-14 15:14 461312 ----a-w- c:\windows\system32\drivers\srv.sys
2011-02-23 05:16 . 2011-04-14 15:14 401920 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-02-23 05:15 . 2011-04-14 15:14 161792 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-02-23 05:15 . 2011-04-14 15:02 157696 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-02-23 05:15 . 2011-04-14 15:02 286720 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-02-23 05:15 . 2011-04-14 15:02 126464 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-02-23 05:15 . 2011-04-14 15:02 90624 ----a-w- c:\windows\system32\drivers\bowser.sys
2011-02-19 06:37 . 2011-03-08 23:12 1135104 ----a-w- c:\windows\system32\FntCache.dll
2011-02-19 06:37 . 2011-03-08 23:12 1540608 ----a-w- c:\windows\system32\DWrite.dll
2011-02-19 06:36 . 2011-03-08 23:12 902656 ----a-w- c:\windows\system32\d2d1.dll
2011-02-19 06:36 . 2011-04-14 15:12 46080 ----a-w- c:\windows\system32\atmlib.dll
2011-02-19 05:32 . 2011-03-08 23:12 1074176 ----a-w- c:\windows\SysWow64\DWrite.dll
2011-02-19 05:32 . 2011-03-08 23:12 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2011-02-19 05:32 . 2011-04-14 15:12 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2011-02-19 04:13 . 2011-04-14 15:12 367104 ----a-w- c:\windows\system32\atmfd.dll
2011-02-19 03:37 . 2011-04-14 15:12 294912 ----a-w- c:\windows\SysWow64\atmfd.dll
2011-02-18 15:36 . 2011-02-18 15:36 51712 ----a-w- c:\windows\system32\drivers\usbaapl64.sys
2011-02-18 15:36 . 2011-02-18 15:36 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
2011-02-18 06:37 . 2011-04-14 15:14 612352 ----a-w- c:\windows\system32\vbscript.dll
2011-02-18 05:36 . 2011-04-14 15:14 428032 ----a-w- c:\windows\SysWow64\vbscript.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sony Ericsson PC Companion"="c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" [2011-02-28 427008]
"HPAdvisorDock"="c:\program files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe" [2010-09-28 1715768]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-05-04 2988928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2009-10-14 563736]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-15 932288]
"CloneCDTray"="c:\program files (x86)\SlySoft\CloneCD\CloneCDTray.exe" [2004-12-09 57344]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-03-07 421160]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
.
c:\users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-01-22 132656]
R3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-02-10 150528]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Servicio de tecnologías de activación de Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 pavboot;pavboot;c:\windows\system32\drivers\pavboot64.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1205000.07D\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1205000.07D\SYMEFA64.SYS [x]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\BASHDefs\20110430.001\BHDrvx64.sys [2011-04-15 1127032]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\IPSDefs\20110506.001\IDSvia64.sys [2011-03-14 476792]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1205000.07D\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1205000.07D\SYMNETS.SYS [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-05-04 128384]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
S2 hcwD3bda_dvbt;Hauppauge MSi2500 DVBT Service;c:\windows\system32\hauppauge\hcwD3dvb\DVBT\DVBService.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-10-14 92216]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\18.5.0.125\ccSvcHst.exe [2010-11-24 130000]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2009-10-14 635416]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-04-24 483688]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S3 hcwD3bda;Driver for WinTV DVB-T (Model 133xxx);c:\windows\system32\DRIVERS\hcwD3bda64.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-04-24 209768]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2011-05-12 c:\windows\Tasks\HPCeeScheduleForPedro.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 10:53]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-01-18 568888]
"CmPCIaudio"="c:\windows\Syswow64\CMICNFG3.dll" [2010-02-09 8151040]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.es/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-AutocompletePro2_is1 - c:\program files (x86)\AutocompletePro\unins000.exe
AddRemove-dBpoweramp DSP Effects - c:\windows\system32\SpoonUninstall.exe
AddRemove-dBpoweramp FLAC Codec - c:\windows\system32\SpoonUninstall.exe
AddRemove-dBpoweramp Monkeys Audio Codec - c:\windows\system32\SpoonUninstall.exe
AddRemove-dBpoweramp Music Converter - c:\windows\system32\SpoonUninstall.exe
AddRemove-dBpoweramp Ogg Vorbis Codec - c:\windows\system32\SpoonUninstall.exe
AddRemove-dMC Power Pack - c:\windows\system32\SpoonUninstall.exe
AddRemove-{08DB3902-2CE0-474D-BCE3-0177766CE9F1} - c:\program files (x86)\InstallShield Installation Information\{08DB3902-2CE0-474D-BCE3-0177766CE9F1}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\18.5.0.125\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\18.5.0.125\diMaster.dll\" /prefetch:1"
--
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-05-17 02:05:39
ComboFix-quarantined-files.txt 2011-05-17 00:05
.
Pre-Run: 539.608.682.496 bytes libres
Post-Run: 539.487.059.968 bytes libres
.
- - End Of File - - B759423E0F1233C4A6FB5D4582307EB5





Ahora, HiJackthis: lanzo el programa y aparece un aviso de que por alguna razón el sistema deniega acceso de escritura al fichero de hosts ("hostsfile").
Sigo adelante y tras el análisis tengo problemas para guardar el log en la ubicación predeterminada (c:\Program files (x86)\Trend Micro\HijackThis|HiJackthis.log).
Lo resuelvo eligiendo "do a system scan only" y guardando el reporte en otra ubicación (concretamente en el escritorio).

Ahí va:




Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:27:35, on 17/05/2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16766)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanionInfo.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.es/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPCON/10
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: SuggestMeYesBHO - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files (x86)\AutocompletePro\AutocompletePro.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.5.0.125\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.5.0.125\IPS\IPSBHO.DLL
O2 - BHO: Aplicación auxiliar de inicio de sesión de Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.5.0.125\coIEPlg.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sony Ericsson PC Companion] "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background
O4 - HKCU\..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (BitDefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos-beta/OnlineScanner.cab
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Hauppauge MSi2500 DVBT Service (hcwD3bda_dvbt) - Unknown owner - C:\Windows\system32\hauppauge\hcwD3dvb\DVBT\DVBService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: hpqwmiex - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\18.5.0.125\ccSvcHst.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

--
End of file - 24571 bytes



...Y con este bonito poema me despido hasta tus nuevas indicaciones. Añade otras mil gracias al lote.

¡¡¡Saludos!

Hola de nuevo. Estoy atascado en el procedimiento que me indicas : desinstalado Norton y desinstalado HiJackthis 2.0.4, al bajar la versión 2.0.2 obtengo este mensaje de Winrar:

! C:\Users\Pedro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GE9VU8LT\HijackThis[1].zip: Final inesperado del archivo

Y si intento seguir adelante ignorándolo, obtengo este otro:

! C:\Users\Pedro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GE9VU8LT\HijackThis[1].zip: El archivo tiene un formato desconocido o está dañado
! No se puede ejecutar "C:\Users\Pedro\AppData\Local\Temp\Rar$EX01.514\HJT-InfoSpyware.exe"

Probablemente sea una melonada, pero antes de liarme a dar palos de ciego (los novatos tenemos gran facilidad para ocasionar destrozos en nuestros intentos de resolver problemas informáticos; qué te voy a contar que no sepas...) prefiero esperar a tu consejo...

Thanks again!

Saludos.

...Pues no, de momento no está habiendo suerte. He probado los siguientes métodos:

1. Lo primero que hice fue pinchar sin más en el archivo adjunto del post que me indicas (si lo entiendo bien, en este caso estoy intentando abrir el archivo .zip desde un archivo temporal de internet para después extraer el instalador a mi escritorio). Me apareció el mensaje que te comentaba en la respuesta anterior.

2. Pinchar con botón derecho y "guardar destino en..." mi escritorio. El archivo .zip se guarda en el escritorio, pero al abrirlo obtengo el mensaje:

! C:\Users\Pedro\Desktop\HijackThis.zip: Final inesperado del archivo

3. Los pasos anteriores fueron empleando Winrar como programa predeterminado para achivos comprimidos. Por agotar las posibilidades, me he bajado una copia de evaluación de Winzip (que he comprobado que funciona correctamente con otros comprimidos que tengo en mi disco duro), y sigue dando mensaje de error:

"No se puede abrir el archivo. No parece un archivo comprimido válido. Si es un archivo descargado, pruebe a descargarlo de nuevo"

He repetido varias veces cada uno de estos procedimientos; he guardado el archivo .zip en distintas ubicaciones (en "documentos", directamente en C:\) y cada vez lo he borrado y he empezado desde cero... Pero se resiste.

Me pregunto si no habrá algún problema con el archivo .zip en cuestión: ¿soy el único que tiene problemas para descomprimirlo?

El caso es que estoy deseando seguir tus indicaciones para la cuestión de mi antivirus, pero me veo atascado en una acción tan trivial como ¡¡¡bajar un fichero y descomprimirlo!!

Ahora tengo que irme al curro, pero luego probaré desde el ordenador de un amigo, por si acaso el problema estuviese -también- en mi cacharro.
Si de por medio surge alguna idea, será más que bienvenida...
Saludos.

Bueeeeno, finalmente el problema estaba, en efecto, en mi cacharro: he descargado la versión antigua de HJThis en el equipo de un amigo y me lo he traido en un pendrive.

Ya he seguido los pasos que me indicaste. Dos salvedades:

1. Al arrancar Combofix me ha aparecido un aviso de que hay actualizaciones, preguntándome si quería descargarlas. He optado por "jugar conservador" y he lanzado la versión sin actualizar (espero que eso no arruine el proceso...).

2. Cuando Combofix ha reiniciado el equipo, durante el arranque han aparecido ventanas del programa SuperAntispyware (o sea, que estaba en activo) y un coñazo de actualización de pc Companion que me anda saliendo hace unos días.
Espero que esto no interfiera en el trabajo de Combofix (no tengo ni idea, así que prefiero advertirlo).

Este es el reporte de Combofix. Si hace falta repetir algo, o corregir, o seguir adelante, estoy a tus órdenes.

¡¡¡Gracias de nuevo!!





ComboFix 11-05-16.02 - Pedro 18/05/2011 21:39:08.2.3 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.34.3082.18.4095.2695 [GMT 2:00]
Running from: c:\users\Pedro\Desktop\ComboFix.exe
Command switches used :: c:\users\Pedro\Desktop\CFScript.txt
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
FILE ::
"c:\windows\system32\DRIVERS\hcwD3bda64.sys"
"c:\windows\system32\hauppauge\hcwD3dvb\DVBT\DVBService.exe"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\DRIVERS\hcwD3bda64.sys
c:\windows\system32\hauppauge\hcwD3dvb\DVBT\DVBService.exe
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_hcwD3bda
-------\Service_hcwD3bda_dvbt
.
.
((((((((((((((((((((((((( Files Created from 2011-04-18 to 2011-05-18 )))))))))))))))))))))))))))))))
.
.
2011-05-18 19:44 . 2011-05-18 19:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-05-17 20:07 . 2011-05-17 20:08 -------- d-----w- c:\programdata\WinZip
2011-05-17 11:18 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2011-05-17 11:18 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2011-05-12 20:49 . 2011-05-12 20:52 -------- d-----w- c:\users\Pedro\AppData\Local\NPE
2011-05-12 20:21 . 2011-05-12 20:21 -------- d-----w- c:\program files (x86)\FileASSASSIN
2011-05-12 18:59 . 2011-05-12 18:59 -------- d-----w- c:\program files (x86)\ESET
2011-05-12 18:51 . 2011-05-12 18:51 -------- d-----w- c:\users\Pedro\AppData\Roaming\QuickScan
2011-05-12 15:41 . 2009-06-30 08:37 33800 ----a-w- c:\windows\system32\drivers\pavboot64.sys
2011-05-12 15:41 . 2011-05-12 15:41 -------- d-----w- c:\program files (x86)\Panda Security
2011-05-12 15:39 . 2011-05-12 15:39 -------- d-----w- c:\windows\Sun
2011-05-12 14:44 . 2011-05-12 14:44 -------- d-----w- c:\program files\CCleaner
2011-05-12 14:43 . 2010-01-10 17:40 118784 ----a-w- c:\windows\SysWow64\MSSTDFMT.DLL
2011-05-12 14:43 . 2011-05-12 14:43 -------- d-----w- c:\program files (x86)\SpywareBlaster
2011-05-12 14:40 . 2011-05-12 14:40 -------- d-----w- c:\users\Pedro\AppData\Roaming\SUPERAntiSpyware.com
2011-05-12 14:40 . 2011-05-12 14:40 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2011-05-12 14:39 . 2011-05-12 14:39 -------- d-----w- c:\programdata\!SASCORE
2011-05-12 14:39 . 2011-05-12 14:40 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-05-12 12:25 . 2011-05-12 12:25 -------- d-----w- c:\users\Pedro\AppData\Roaming\Malwarebytes
2011-05-12 12:25 . 2011-05-12 12:25 -------- d-----w- c:\programdata\Malwarebytes
2011-05-12 12:25 . 2010-12-20 16:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-05-12 12:25 . 2011-05-12 12:25 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-05-12 12:25 . 2010-12-20 16:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-12 07:41 . 2011-05-12 07:41 -------- d-----w- c:\users\Pedro\AppData\Local\Symantec
2011-05-12 07:41 . 2011-04-18 07:15 8802128 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{749F3D6E-F365-4B51-8E08-07621E5E661F}\mpengine.dll
2011-05-12 07:41 . 2011-02-02 16:11 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-05-12 07:40 . 2011-04-09 06:45 5509504 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-05-12 07:40 . 2011-04-09 06:13 3957632 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-05-12 07:40 . 2011-04-09 06:13 3901824 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-05-12 07:40 . 2011-03-25 03:23 324608 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-05-12 07:40 . 2011-03-25 03:22 52224 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-05-12 07:40 . 2011-03-25 03:23 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-05-12 07:40 . 2011-03-25 03:23 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-05-12 07:40 . 2011-03-25 03:22 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2011-05-12 07:40 . 2011-03-25 03:22 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-05-12 07:40 . 2011-03-25 03:22 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
2011-05-04 07:23 . 2011-05-18 12:02 -------- d-----w- C:\temp
2011-04-28 13:11 . 2011-04-28 13:11 -------- d-----w- c:\program files (x86)\Common Files\Java
2011-04-28 07:02 . 2011-04-28 07:02 -------- d-----w- c:\users\Pedro\AppData\Roaming\OpenOffice.org
2011-04-28 07:00 . 2011-04-28 07:00 -------- d-----w- c:\program files (x86)\OpenOffice.org 3
2011-04-28 06:59 . 2011-02-02 19:40 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-04-28 06:59 . 2011-04-28 13:11 -------- d-----w- c:\program files (x86)\Java
2011-04-26 06:12 . 2011-04-26 06:12 -------- d-----w- c:\users\Pedro\AppData\Roaming\Plogue
2011-04-26 06:07 . 2011-04-26 06:11 -------- d-----w- c:\users\Pedro\AppData\Roaming\Garritan
2011-04-26 06:07 . 2011-04-26 06:07 -------- d-----w- c:\program files\vstplugins
2011-04-26 06:06 . 2011-04-26 06:06 -------- d-----w- c:\program files\Plogue
2011-04-26 06:06 . 2011-04-26 06:07 -------- d-----w- c:\program files\Garritan
2011-04-25 18:16 . 2011-04-25 18:16 -------- dc-h--w- c:\programdata\{A6DB2A6F-FF9D-453F-99D6-C1AA54BC0C14}
2011-04-25 18:16 . 2011-04-25 18:16 -------- d-----w- c:\program files\Native Instruments
2011-04-25 17:53 . 2011-04-25 17:55 -------- d-----w- c:\users\Pedro\AppData\Local\Native Instruments
2011-04-25 17:51 . 2011-04-25 17:51 -------- d-----w- c:\program files (x86)\Common Files\Digidesign
2011-04-25 17:51 . 2011-04-25 18:15 -------- d-----w- c:\program files (x86)\Common Files\Native Instruments
2011-04-25 17:51 . 2011-04-25 18:15 -------- d-----w- c:\program files (x86)\Native Instruments
2011-04-25 16:35 . 2011-04-25 16:35 -------- d-----w- c:\users\Pedro\AppData\Roaming\MakeMusic
2011-04-25 16:29 . 2011-04-25 16:35 -------- d-----w- c:\programdata\MakeMusic
2011-04-25 16:29 . 2011-04-25 16:29 -------- d-----w- C:\PSFONTS
2011-04-25 16:29 . 2011-04-25 16:35 -------- d-----w- c:\program files (x86)\Finale 2011
2011-04-25 16:07 . 2011-04-25 16:07 254528 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-04-25 16:07 . 2011-05-18 19:31 -------- d-----w- c:\program files (x86)\DAEMON Tools Toolbar
2011-04-25 16:07 . 2011-04-25 16:08 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2011-04-25 16:06 . 2011-04-25 16:20 -------- d-----w- c:\users\Pedro\AppData\Roaming\DAEMON Tools Lite
2011-04-25 16:06 . 2011-04-25 16:06 -------- d-----w- c:\programdata\DAEMON Tools Lite
2011-04-20 13:27 . 2011-04-20 13:27 -------- d-----w- c:\program files (x86)\Noteworthy Software
2011-04-20 09:04 . 2011-04-20 09:04 -------- d-----w- c:\program files (x86)\GVOX
2011-04-19 20:14 . 2011-04-19 20:14 -------- d-----w- c:\program files (x86)\ASIO4ALL v2
2011-04-19 13:56 . 2011-04-19 13:56 -------- d-----w- c:\programdata\Recovery
2011-04-19 09:52 . 2010-02-09 09:15 143360 ------w- c:\windows\SysWow64\VmixP6.dll
2011-04-19 09:52 . 2010-02-09 09:15 200704 ------w- c:\windows\SysWow64\CMPaOxy.dll
2011-04-19 09:52 . 2010-02-09 09:15 389120 ------w- c:\windows\system32\CMICNFG3.cpl
2011-04-19 09:52 . 2010-02-09 09:16 8151040 ------w- c:\windows\SysWow64\CMICNFG3.dll
2011-04-19 09:52 . 2010-02-09 09:15 792576 ------w- c:\windows\system32\Cmeaupci.exe
2011-04-19 09:51 . 2010-02-09 09:14 1155072 ----a-w- c:\windows\system32\drivers\cmudax3.sys
2011-04-19 09:51 . 2010-02-09 09:14 36864 ----a-w- c:\windows\system32\cmudax3.dll
2011-04-19 09:51 . 2010-02-09 09:16 359424 ------w- c:\windows\system32\CmiInstallResAll64.dll
2011-04-19 09:51 . 2010-02-09 09:16 524768 ----a-r- c:\windows\difxapi.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-17 05:29 . 2010-06-24 10:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-03-11 06:19 . 2011-04-14 15:14 1395712 ----a-w- c:\windows\system32\mfc42.dll
2011-03-11 06:19 . 2011-04-14 15:14 1359872 ----a-w- c:\windows\system32\mfc42u.dll
2011-03-11 05:40 . 2011-04-14 15:14 1164288 ----a-w- c:\windows\SysWow64\mfc42u.dll
2011-03-11 05:40 . 2011-04-14 15:14 1137664 ----a-w- c:\windows\SysWow64\mfc42.dll
2011-03-08 06:14 . 2011-04-14 15:05 976896 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-08 05:38 . 2011-04-14 15:05 740864 ----a-w- c:\windows\SysWow64\inetcomm.dll
2011-03-04 06:17 . 2011-04-27 08:39 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2011-03-04 06:17 . 2011-04-27 08:39 347648 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2011-03-03 06:17 . 2011-04-14 15:06 182272 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-03-03 06:14 . 2011-04-14 15:06 30208 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-03-03 05:27 . 2011-04-14 15:06 28672 ----a-w- c:\windows\SysWow64\dnscacheugc.exe
2011-03-03 03:58 . 2011-04-14 15:14 3133440 ----a-w- c:\windows\system32\win32k.sys
2011-02-24 06:30 . 2011-04-14 15:14 476160 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-02-24 06:29 . 2011-04-14 15:35 1197056 ----a-w- c:\windows\system32\wininet.dll
2011-02-24 06:24 . 2011-04-14 15:35 57856 ----a-w- c:\windows\system32\licmgr10.dll
2011-02-24 05:32 . 2011-04-14 15:14 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-02-24 05:32 . 2011-04-14 15:35 981504 ----a-w- c:\windows\SysWow64\wininet.dll
2011-02-24 05:30 . 2011-04-14 15:35 44544 ----a-w- c:\windows\SysWow64\licmgr10.dll
2011-02-24 05:05 . 2011-04-14 15:35 482816 ----a-w- c:\windows\system32\html.iec
2011-02-24 04:24 . 2011-04-14 15:35 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-02-24 04:23 . 2011-04-14 15:35 386048 ----a-w- c:\windows\SysWow64\html.iec
2011-02-24 03:50 . 2011-04-14 15:35 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-02-23 05:16 . 2011-04-14 15:14 461312 ----a-w- c:\windows\system32\drivers\srv.sys
2011-02-23 05:16 . 2011-04-14 15:14 401920 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-02-23 05:15 . 2011-04-14 15:14 161792 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-02-23 05:15 . 2011-04-14 15:02 157696 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-02-23 05:15 . 2011-04-14 15:02 286720 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-02-23 05:15 . 2011-04-14 15:02 126464 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-02-23 05:15 . 2011-04-14 15:02 90624 ----a-w- c:\windows\system32\drivers\bowser.sys
2011-02-19 06:37 . 2011-03-08 23:12 1135104 ----a-w- c:\windows\system32\FntCache.dll
2011-02-19 06:37 . 2011-03-08 23:12 1540608 ----a-w- c:\windows\system32\DWrite.dll
2011-02-19 06:36 . 2011-03-08 23:12 902656 ----a-w- c:\windows\system32\d2d1.dll
2011-02-19 06:36 . 2011-04-14 15:12 46080 ----a-w- c:\windows\system32\atmlib.dll
2011-02-19 05:32 . 2011-03-08 23:12 1074176 ----a-w- c:\windows\SysWow64\DWrite.dll
2011-02-19 05:32 . 2011-03-08 23:12 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2011-02-19 05:32 . 2011-04-14 15:12 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2011-02-19 04:13 . 2011-04-14 15:12 367104 ----a-w- c:\windows\system32\atmfd.dll
2011-02-19 03:37 . 2011-04-14 15:12 294912 ----a-w- c:\windows\SysWow64\atmfd.dll
2011-02-18 15:36 . 2011-02-18 15:36 51712 ----a-w- c:\windows\system32\drivers\usbaapl64.sys
2011-02-18 15:36 . 2011-02-18 15:36 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
2011-02-18 06:37 . 2011-04-14 15:14 612352 ----a-w- c:\windows\system32\vbscript.dll
2011-02-18 05:36 . 2011-04-14 15:14 428032 ----a-w- c:\windows\SysWow64\vbscript.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-05-17_00.04.19 )))))))))))))))))))))))))))))))))))))))))
.
- 2011-05-16 13:35 . 2011-05-16 13:35 13318 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
+ 2011-05-18 19:44 . 2011-05-18 19:44 13318 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
- 2009-07-14 04:54 . 2011-05-16 14:54 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-05-18 19:45 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-05-16 14:54 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-05-18 19:45 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-05-16 14:54 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-05-18 19:45 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-09-24 09:30 . 2011-05-18 19:29 39804 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
- 2009-07-14 05:10 . 2011-05-16 14:56 45684 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-05-18 19:29 45684 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-01-21 20:16 . 2011-05-18 19:29 12520 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1271540932-3323753543-600315572-1000_UserData.bin
- 2011-01-22 05:06 . 2011-05-16 20:04 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-01-22 05:06 . 2011-05-18 13:05 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-01-22 05:06 . 2011-05-16 20:04 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-01-22 05:06 . 2011-05-18 13:05 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-05-16 20:04 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-05-18 13:05 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-01-22 18:11 . 2011-05-16 14:54 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-01-22 18:11 . 2011-05-18 19:46 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:46 . 2011-05-17 20:10 78720 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2011-01-22 18:11 . 2011-05-18 19:46 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2011-01-22 18:11 . 2011-05-16 14:54 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-01-22 18:11 . 2011-05-18 19:46 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-01-22 18:11 . 2011-05-16 14:54 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-01-22 18:11 . 2011-05-18 19:46 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-01-22 18:11 . 2011-05-16 23:07 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-01-22 18:11 . 2011-05-16 23:07 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-01-22 18:11 . 2011-05-18 19:46 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-05-17 20:07 . 2011-05-17 20:07 29184 c:\windows\Installer\{CD95F661-A5C4-44F5-A6AA-ECDD91C240C1}\IconCD95F6617.exe
- 2011-05-16 14:54 . 2011-05-16 14:54 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-05-18 19:45 . 2011-05-18 19:45 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-05-18 19:45 . 2011-05-18 19:45 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-05-16 14:54 . 2011-05-16 14:54 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-09-24 07:19 . 2011-05-18 19:31 704046 c:\windows\system32\perfh00A.dat
- 2010-09-24 07:19 . 2011-05-16 15:11 704046 c:\windows\system32\perfh00A.dat
+ 2009-07-14 02:36 . 2011-05-18 19:31 616254 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2011-05-16 15:11 616254 c:\windows\system32\perfh009.dat
- 2010-09-24 07:19 . 2011-05-16 15:11 137786 c:\windows\system32\perfc00A.dat
+ 2010-09-24 07:19 . 2011-05-18 19:31 137786 c:\windows\system32\perfc00A.dat
+ 2009-07-14 02:36 . 2011-05-18 19:31 106376 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2011-05-16 15:11 106376 c:\windows\system32\perfc009.dat
- 2009-07-14 05:12 . 2011-05-16 20:04 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-07-14 05:12 . 2011-05-17 01:06 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-07-14 05:01 . 2011-05-18 19:44 310296 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2011-05-16 13:35 310296 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-05-17 20:07 . 2011-05-17 20:07 632320 c:\windows\Installer\{CD95F661-A5C4-44F5-A6AA-ECDD91C240C1}\IconCD95F66110.exe
+ 2009-07-14 04:45 . 2011-05-17 19:18 3801083 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
- 2009-07-14 04:45 . 2011-05-12 19:35 3801083 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
- 2011-01-21 20:12 . 2011-05-16 13:35 1291616 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2011-01-21 20:12 . 2011-05-18 14:03 1291616 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2011-01-21 20:32 . 2011-05-16 13:35 5403440 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1271540932-3323753543-600315572-1000-8192.dat
+ 2011-01-21 20:32 . 2011-05-18 19:44 5403440 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1271540932-3323753543-600315572-1000-8192.dat
+ 2009-07-14 02:34 . 2011-05-18 19:40 10223616 c:\windows\system32\SMI\Store\Machine\schema.dat
- 2009-07-14 02:34 . 2011-05-16 15:04 10223616 c:\windows\system32\SMI\Store\Machine\schema.dat
+ 2011-04-04 13:00 . 2011-04-04 13:00 14182400 c:\windows\Installer\3af06.msi
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sony Ericsson PC Companion"="c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" [2011-02-28 427008]
"HPAdvisorDock"="c:\program files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe" [2010-09-28 1715768]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-05-04 2988928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2009-10-14 563736]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-15 932288]
"CloneCDTray"="c:\program files (x86)\SlySoft\CloneCD\CloneCDTray.exe" [2004-12-09 57344]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-03-07 421160]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
.
c:\users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-02-10 150528]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Servicio de tecnologías de activación de Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 pavboot;pavboot;c:\windows\system32\drivers\pavboot64.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-05-04 128384]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-10-14 92216]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2009-10-14 635416]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-04-24 483688]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-04-24 209768]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2011-05-12 c:\windows\Tasks\HPCeeScheduleForPedro.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 10:53]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"combofix"="c:\combofix\CF19916.cfxxe" [X]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-01-18 568888]
"CmPCIaudio"="c:\windows\Syswow64\CMICNFG3.dll" [2010-02-09 8151040]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.es/
uLocal Page = %SystemRoot%\system32\blank.htm
mLocal Page = %SystemRoot%\system32\blank.htm
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\windows\SysWOW64\ezSharedSvcHost.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanionInfo.exe
c:\program files (x86)\OpenOffice.org 3\program\soffice.exe
c:\program files (x86)\OpenOffice.org 3\program\soffice.bin
.
**************************************************************************
.
Completion time: 2011-05-18 21:49:17 - machine was rebooted
ComboFix-quarantined-files.txt 2011-05-18 19:49
ComboFix2.txt 2011-05-17 00:05
.
Pre-Run: 540.538.970.112 bytes libres
Post-Run: 540.335.239.168 bytes libres
.
- - End Of File - - B8EACB6AF444EEE9DBA4F28D12DC1E5B