Combo FixComboFix 08-07-08.7 - Rosi 2008-07-09 16:11:46.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.3082.18.996 [GMT 2:00]
Se ejecuta desde: G:\Para usar en Portatil\ComboFix.exe
* Creado un nuevo punto de restauración
.
(((((((((((((((((((((((((((((((((((( Otras eliminaciones )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Windows\Downloaded Program Files\setup.inf
C:\Windows\system32\MSINET.oca
.
(((((((((((((((((( Archivos creados desde 2008-06-09 - 2008-07-09 )))))))))))))))))))))))))))))))))
.
Ningún archivo ha sido creado durante este intervalo de tiempo
.
(((((((((((((((((((((((((((((((((((((( Reporte Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-09 14:15 18,423,584 --sha-w C:\Windows\system32\drivers\fidbox.dat
2008-07-09 14:09 --------- d-----w C:\ProgramData\Kaspersky Lab
2008-07-09 11:18 248,492 --sha-w C:\Windows\system32\drivers\fidbox.idx
2008-07-09 01:41 --------- d-----w C:\Program Files\Windows Mail
2008-07-09 01:41 --------- d-----w C:\Program Files\Windows Defender
2008-07-09 01:32 41,984 ----a-w C:\Windows\system32\drivers\monitor.sys
2008-07-09 01:32 1,060,920 ----a-w C:\Windows\system32\drivers\ntfs.sys
2008-07-09 01:31 8,147,968 ----a-w C:\Windows\System32\wmploc.DLL
2008-07-09 01:31 7,680 ----a-w C:\Windows\System32\spwmp.dll
2008-07-09 01:31 4,096 ----a-w C:\Windows\System32\dxmasf.dll
2008-07-09 01:31 356,864 ----a-w C:\Windows\System32\MediaMetadataHandler.dll
2008-07-09 01:29 45,112 ----a-w C:\Windows\system32\drivers\pciidex.sys
2008-07-09 01:29 3,504,696 ----a-w C:\Windows\System32\ntkrnlpa.exe
2008-07-09 01:29 3,470,392 ----a-w C:\Windows\System32\ntoskrnl.exe
2008-07-09 01:29 25,656 ----a-w C:\Windows\system32\drivers\msahci.sys
2008-07-09 01:29 211,000 ----a-w C:\Windows\system32\drivers\volsnap.sys
2008-07-09 01:29 21,560 ----a-w C:\Windows\system32\drivers\atapi.sys
2008-07-09 01:29 17,464 ----a-w C:\Windows\system32\drivers\intelide.sys
2008-07-09 01:29 154,624 ----a-w C:\Windows\system32\drivers\nwifi.sys
2008-07-09 01:29 109,624 ----a-w C:\Windows\system32\drivers\ataport.sys
2008-07-09 01:27 1,585,664 ----a-w C:\Windows\System32\setupapi.dll
2008-07-09 01:24 82,432 ----a-w C:\Windows\system32\drivers\sdbus.sys
2008-07-09 01:24 57,856 ----a-w C:\Windows\System32\SLUINotify.dll
2008-07-09 01:24 566,784 ----a-w C:\Windows\System32\SLCommDlg.dll
2008-07-09 01:24 39,936 ----a-w C:\Windows\System32\slcinst.dll
2008-07-09 01:24 351,232 ----a-w C:\Windows\System32\SLUI.exe
2008-07-09 01:24 33,280 ----a-w C:\Windows\System32\slwmi.dll
2008-07-09 01:24 268,288 ----a-w C:\Windows\System32\mcbuilder.exe
2008-07-09 01:24 223,232 ----a-w C:\Windows\System32\SLC.dll
2008-07-09 01:24 2,605,568 ----a-w C:\Windows\System32\SLsvc.exe
2008-07-09 01:24 186,368 ----a-w C:\Windows\System32\SLLUA.exe
2008-07-09 01:23 974,336 ----a-w C:\Windows\System32\crypt32.dll
2008-07-09 01:23 53,760 ----a-w C:\Windows\system32\drivers\hdaudbus.sys
2008-07-09 01:22 2,048 ----a-w C:\Windows\System32\tzres.dll
2008-07-08 23:21 355,584 ----a-w C:\Windows\System32\TuneUpDefragService.exe
2008-07-08 23:21 --------- d-----w C:\Users\Rosi\AppData\Roaming\TuneUp Software
2008-07-08 23:21 --------- d-----w C:\ProgramData\TuneUp Software
2008-07-08 23:21 --------- d-----w C:\Program Files\TuneUp Utilities 2008
2008-07-08 23:20 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-07-08 16:26 --------- d-----w C:\Program Files\Malwarebytes' Anti-Malware
2008-07-08 02:44 --------- d-----w C:\Program Files\Windows Sidebar
2008-07-08 01:36 87,040 ----a-w C:\Windows\System32\msoert2.dll
2008-07-08 01:36 39,424 ----a-w C:\Windows\System32\ACCTRES.dll
2008-07-08 01:36 205,824 ----a-w C:\Windows\System32\msoeacct.dll
2008-07-08 01:35 49,664 ----a-w C:\Windows\System32\csrsrv.dll
2008-07-08 01:35 376,320 ----a-w C:\Windows\System32\winsrv.dll
2008-07-08 01:35 194,560 ----a-w C:\Windows\System32\WebClnt.dll
2008-07-08 01:35 110,080 ----a-w C:\Windows\system32\drivers\mrxdav.sys
2008-07-08 01:33 374,456 ----a-w C:\Windows\System32\mcupdate_GenuineIntel.dll
2008-07-08 01:32 414,208 ----a-w C:\Windows\System32\msscp.dll
2008-07-08 01:31 86,016 ----a-w C:\Windows\System32\icfupgd.dll
2008-07-08 01:31 63,488 ----a-w C:\Windows\system32\drivers\mpsdrv.sys
2008-07-08 01:31 61,952 ----a-w C:\Windows\System32\cmifw.dll
2008-07-08 01:31 396,800 ----a-w C:\Windows\System32\MPSSVC.dll
2008-07-08 01:31 392,192 ----a-w C:\Windows\System32\FirewallAPI.dll
2008-07-08 01:31 23,040 ----a-w C:\Windows\system32\drivers\tunnel.sys
2008-07-08 01:31 178,688 ----a-w C:\Windows\System32\iphlpsvc.dll
2008-07-08 01:31 16,896 ----a-w C:\Windows\System32\wfapigp.dll
2008-07-08 01:31 15,360 ----a-w C:\Windows\system32\drivers\TUNMP.SYS
2008-07-08 01:29 2,048 ----a-w C:\Windows\System32\msxml3r.dll
2008-07-08 01:29 104,448 ----a-w C:\Windows\System32\DWWIN.EXE
2008-07-08 01:29 1,191,936 ----a-w C:\Windows\System32\msxml3.dll
2008-07-08 01:27 803,328 ----a-w C:\Windows\system32\drivers\tcpip.sys
2008-07-08 01:27 24,064 ----a-w C:\Windows\System32\netcfg.exe
2008-07-08 01:27 22,016 ----a-w C:\Windows\System32\netiougc.exe
2008-07-08 01:27 216,632 ----a-w C:\Windows\system32\drivers\netio.sys
2008-07-08 01:27 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll
2008-07-08 01:25 9,728 ----a-w C:\Windows\System32\LAPRXY.DLL
2008-07-08 01:25 223,232 ----a-w C:\Windows\System32\WMASF.DLL
2008-07-08 01:25 2,048 ----a-w C:\Windows\System32\asferror.dll
2008-07-08 01:25 2,027,008 ----a-w C:\Windows\System32\win32k.sys
2008-07-08 01:24 296,448 ----a-w C:\Windows\System32\gdi32.dll
2008-07-08 01:23 2,048 ----a-w C:\Windows\System32\msxml6r.dll
2008-07-08 01:23 1,335,296 ----a-w C:\Windows\System32\msxml6.dll
2008-07-08 01:22 84,480 ----a-w C:\Windows\System32\INETRES.dll
2008-07-08 01:22 737,792 ----a-w C:\Windows\System32\inetcomm.dll
2008-07-08 01:22 14,848 ----a-w C:\Windows\System32\wshrm.dll
2008-07-08 01:22 113,664 ----a-w C:\Windows\system32\drivers\rmcast.sys
2008-07-08 01:21 11,776 ----a-w C:\Windows\System32\sbunattend.exe
2008-07-08 01:19 84,992 ----a-w C:\Windows\system32\drivers\srvnet.sys
2008-07-08 01:19 83,968 ----a-w C:\Windows\System32\dnsrslvr.dll
2008-07-08 01:19 58,368 ----a-w C:\Windows\system32\drivers\mrxsmb20.sys
2008-07-08 01:19 24,576 ----a-w C:\Windows\System32\dnscacheugc.exe
2008-07-08 01:19 130,048 ----a-w C:\Windows\system32\drivers\srv2.sys
2008-07-08 01:19 101,888 ----a-w C:\Windows\system32\drivers\mrxsmb.sys
2008-07-08 01:18 788,992 ----a-w C:\Windows\System32\rpcrt4.dll
2008-07-08 01:18 148,992 ----a-w C:\Windows\system32\drivers\ks.sys
2008-07-08 01:17 5,120 ----a-w C:\Windows\System32\wmi.dll
2008-07-08 01:17 152,576 ----a-w C:\Windows\System32\imagehlp.dll
2008-07-08 01:17 12,800 ----a-w C:\Windows\system32\drivers\fs_rec.sys
2008-07-08 01:16 1,327,104 ----a-w C:\Windows\System32\quartz.dll
2008-07-08 01:15 99,840 ----a-w C:\Windows\System32\poqexec.exe
2008-07-08 01:14 826,368 ----a-w C:\Windows\System32\wininet.dll
2008-07-08 01:14 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-07-08 01:14 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
2008-07-08 01:13 56,320 ----a-w C:\Windows\System32\iesetup.dll
2008-07-08 01:12 633,856 ----a-w C:\Windows\System32\user32.dll
2008-07-08 01:10 750,080 ----a-w C:\Windows\System32\qmgr.dll
2008-07-08 00:21 91,700 ----a-w C:\Windows\system32\drivers\klin.dat
2008-07-08 00:21 85,860 ----a-w C:\Windows\system32\drivers\klick.dat
.
((((((((((((((((((((((((((((((((( Cargando Puntos Reg ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* entradas vacías & entradas legítimas predeterminadas no son mostradas
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-07-08 03:21 1232896]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-04-01 11:39 486856]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 12:34 5724184]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]
"TOSCDSPD"="C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe" [2007-05-16 10:32 435768]
"Veoh"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" [2008-05-15 16:11 3644464]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [2007-04-27 15:08 138008]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2007-04-27 15:08 154392]
"Persistence"="C:\Windows\system32\igfxpers.exe" [2007-04-27 15:08 133912]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-27 13:50 815104]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"Camera Assistant Software"="C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" [2007-04-10 17:40 413696]
"Desktop SMS"="C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe" [2007-01-19 13:25 1507328]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-02-12 14:37 174872]
"IaNvSrv"="C:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe" [2007-03-13 17:49 33048]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-05-27 10:50 413696]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 04:28 144784]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-04-28 21:33 185896]
"topi"="C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2007-04-02 12:48 577536]
"Toshiba Registration"="C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe" [2007-05-04 13:05 571024]
"Ulead AutoDetector"="C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.exe" [2005-07-28 09:32 94208]
"Ulead Calendar Checker"="C:\Program Files\Ulead Systems\Ulead Photo Express 6\CalCheck.exe" [2005-08-22 10:10 69632]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25 6731312]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2007-11-19 23:12:02 113664]
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-02-27 14:31:34 2756608]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.dvacm"= C:\PROGRA~1\COMMON~1\ULEADS~1\vio\dvacm.acm
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{7BD2893F-AD05-4D47-929E-975E50144144}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|
R0 iaNvStor;Intel® Turbo Memory Technology NAND Controller;C:\Windows\system32\drivers\ianvstor.sys [2007-03-11 01:11]
R1 IDSvix86;Symantec Intrusion Prevention Driver;C:\ProgramData\Symantec\Definitions\SymcData\idsdefs\20080215.002\IDSvix86.sys [2008-02-13 18:18]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\system32\DRIVERS\klim6.sys [2007-10-16 11:05]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2008-01-28 11:43]
R2 UxTuneUp;TuneUp Ampliación del thema;C:\Windows\System32\svchost.exe [2006-11-02 11:45]
R3 SYMNDISV;SYMNDISV;C:\Windows\system32\Drivers\SYMNDISV.SYS [2007-10-30 20:55]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\Windows\System32\TuneUpDefragService.exe [2008-07-09 01:21]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
*Newly Created Service* - CATCHME
.
Contenido de carpeta 'Tareas Programadas'
"2008-07-09 14:08:22 C:\Windows\Tasks\Mantenimiento con 1 clic.job"
- C:\Program Files\TuneUp Utilities 2008\OneClickStarter.exe
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-07-09 16:16:08
Windows 6.0.6000 NTFS
escaneando procesos ocultos ...
escaneando entradas ocultas de autostart ...
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
TOSCDSPD = C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe?/i???????<?N???8???`????????????
escaneando archivos ocultos ...
el escaneo se completo con exito
archivos ocultos: 0
**************************************************************************
.
Tiempo completado: 2008-07-09 16:17:31
ComboFix-quarantined-files.txt 2008-07-09 14:17:26
El sistema no puede encontrar el texto del mensaje para el mensaje número 0x2379 en el archivo de mensajes para Application.
23 dirs 61,179,604,992 bytes libres
192 --- E O F --- 2008-07-09 01:34:13
HijackthisLogfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:45:17, on 07/07/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16386)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\wuauclt.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe
C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.exe
C:\Program Files\Ulead Systems\Ulead Photo Express 6\CalCheck.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\Windows Mail\WinMail.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Windows\System32\dfrgui.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Windows\system32\conime.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.es
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.forospyware.comR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.1.1:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Aplicación auxiliar de vínculos de Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe"
O4 - HKLM\..\Run: [Desktop SMS] C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe /auto
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [IaNvSrv] C:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.exe
O4 - HKLM\..\Run: [Ulead Calendar Checker] C:\Program Files\Ulead Systems\Ulead Photo Express 6\CalCheck.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Servicio de red')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: eBay - Compra, vende y diviértete - {76577871-04EC-495E-A12B-91F7C3600AFA} -
http://rover.ebay.com/rover/1/1185-44560-9400-3/4 (file missing)
O9 - Extra button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} -
http://www.amazon.co.uk/exec/obidos/redire...nk-21&site=home (file missing)
O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cabO16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) -
http://messenger.zone.msn.com/binary/MineS...er.cab56986.cabO23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
--
End of file - 9686 bytes
Primer y segundo Log (Caito), Log del hijackthis
Jul 7 2008, 04:53 PM
¿qué más? 
