Aqui esta el report de combofix y el log de hijack
ComboFix 08-02-24.4 - Pablo Ballester 2008-02-24 13:39:41.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.3082.18.382 [GMT -3:00]
Se ejecuta desde: C:\Users\Pablo Ballester\Desktop\ComboFix.exe
.
(((((((((((((((((( Archivos creados desde 2008-01-24 - 2008-02-24 )))))))))))))))))))))))))))))))))
.
Ningún archivo ha sido creado durante este intervalo de tiempo
.
(((((((((((((((((((((((((((((((((((((( Reporte Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-24 01:02 --------- d-----w C:\Users\Pablo Ballester\AppData\Roaming\AVG7
2008-02-22 20:54 --------- d-----w C:\Program Files\Process Explorer
2008-02-22 19:47 --------- d-----w C:\Program Files\World of Warcraft
2008-02-22 01:17 --------- d-----w C:\Program Files\Trend Micro
2008-02-22 01:14 --------- d-----w C:\Program Files\EsetOnlineScanner
2008-02-21 21:21 --------- d-----w C:\Users\Pablo Ballester\AppData\Roaming\Canon
2008-02-21 21:05 --------- d-----w C:\Program Files\Canon
2008-02-21 21:03 --------- d-----w C:\Program Files\Common Files\Canon
2008-02-20 14:17 --------- d-----w C:\ProgramData\Spybot - Search & Destroy
2008-02-20 03:19 --------- d-----w C:\Program Files\VstPlugins
2008-02-19 16:11 --------- d-----w C:\Users\Pablo Ballester\AppData\Roaming\Talkback
2008-02-18 01:25 --------- d-----w C:\Users\Pablo Ballester\AppData\Roaming\{A004037C-8B9A-4390-9074-1D3EEE0A3BDF}
2008-02-18 00:11 3,504,696 ----a-w C:\Windows\System32\ntkrnlpa.exe
2008-02-18 00:11 3,470,392 ----a-w C:\Windows\System32\ntoskrnl.exe
2008-02-18 00:10 45,112 ----a-w C:\Windows\system32\drivers\pciidex.sys
2008-02-18 00:10 21,560 ----a-w C:\Windows\system32\drivers\atapi.sys
2008-02-18 00:10 154,624 ----a-w C:\Windows\system32\drivers\nwifi.sys
2008-02-18 00:10 15,928 ----a-w C:\Windows\system32\drivers\pciide.sys
2008-02-18 00:10 109,624 ----a-w C:\Windows\system32\drivers\ataport.sys
2008-02-18 00:09 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-02-18 00:09 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-02-18 00:09 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
2008-02-18 00:09 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-02-18 00:09 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-02-18 00:09 1,686,528 ----a-w C:\Windows\System32\gameux.dll
2008-02-18 00:06 1,244,672 ----a-w C:\Windows\System32\mcmde.dll
2008-02-14 19:30 194,560 ----a-w C:\Windows\System32\WebClnt.dll
2008-02-14 19:30 110,080 ----a-w C:\Windows\system32\drivers\mrxdav.sys
2008-02-14 19:27 803,328 ----a-w C:\Windows\system32\drivers\tcpip.sys
2008-02-14 19:27 24,064 ----a-w C:\Windows\System32\netcfg.exe
2008-02-14 19:27 22,016 ----a-w C:\Windows\System32\netiougc.exe
2008-02-14 19:27 216,632 ----a-w C:\Windows\system32\drivers\netio.sys
2008-02-14 19:27 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll
2008-02-14 19:25 824,832 ----a-w C:\Windows\System32\wininet.dll
2008-02-14 19:25 56,320 ----a-w C:\Windows\System32\iesetup.dll
2008-02-14 19:25 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-02-14 19:25 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
2008-02-11 12:39 253,952 ----a-w C:\Windows\System32\OnlineScannerDLLA.dll
2008-02-11 12:39 237,568 ----a-w C:\Windows\System32\OnlineScannerDLLW.dll
2008-02-08 16:53 110,592 ----a-w C:\Windows\System32\OnlineScannerLang.dll
2008-02-05 11:48 77,824 ----a-w C:\Windows\System32\OnlineScannerUninstaller.exe
2008-02-04 00:33 --------- d-----w C:\Users\Pablo Ballester\AppData\Roaming\MiniLyrics
2008-01-31 14:07 --------- d-----w C:\Users\Pablo Ballester\AppData\Roaming\Microsoft Web Folders
2008-01-31 13:56 --------- d-----w C:\ProgramData\Microsoft Help
2008-01-31 13:55 --------- d-----w C:\Program Files\Microsoft Works
2008-01-29 16:40 --------- d-----w C:\ProgramData\Kaspersky Lab
2008-01-29 14:12 --------- d-----w C:\ProgramData\SUPERAntiSpyware.com
2008-01-28 22:32 501,760 ----a-w C:\Windows\System32\Deutz Engine.scr
2008-01-28 22:32 501,760 ----a-w C:\Windows\System32\Deutz Engine.exe
2008-01-25 21:55 229,376 ----a-w C:\Windows\System32\UCI32A27.dll
2008-01-12 13:16 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-12 13:16 --------- d-----w C:\Program Files\Google
2008-01-09 18:10 --------- d-----w C:\Program Files\Windows Mail
2008-01-09 17:33 211,000 ----a-w C:\Windows\system32\drivers\volsnap.sys
2008-01-09 17:33 11,776 ----a-w C:\Windows\System32\sbunattend.exe
2008-01-09 17:33 1,060,920 ----a-w C:\Windows\system32\drivers\ntfs.sys
2008-01-09 17:33 --------- d-----w C:\Program Files\Windows Sidebar
2008-01-04 20:18 --------- d-----w C:\Program Files\Windows Photo Gallery
2008-01-04 20:18 --------- d-----w C:\Program Files\Windows Defender
2008-01-04 20:17 --------- d-----w C:\Program Files\Windows Calendar
2008-01-04 20:17 --------- d-----w C:\Program Files\MSN Messenger
2008-01-04 20:12 --------- d-----w C:\Program Files\Winamp
2008-01-04 20:12 --------- d-----w C:\Program Files\VirtualDubMod
2008-01-04 20:10 --------- d-----w C:\Program Files\Minilyrics
2008-01-04 20:09 --------- d-----w C:\Program Files\Kodak Gallery Client
2008-01-04 20:07 --------- d-----w C:\Program Files\DVD Flick
2008-01-04 20:07 --------- d-----w C:\Program Files\CCleaner
2008-01-04 20:06 --------- d-----w C:\Program Files\Ares
2008-01-04 15:51 --------- d-----w C:\Program Files\ASIO4ALL v2
2008-01-03 18:33 --------- d-----w C:\Users\Pablo Ballester\AppData\Roaming\BitTorrent
2007-12-29 19:24 --------- d-----w C:\Users\Pablo Ballester\AppData\Roaming\Acreon
2007-12-24 03:52 --------- d-----w C:\Program Files\Common Files\Blizzard Entertainment
2007-12-12 22:23 9,728 ----a-w C:\Windows\System32\LAPRXY.DLL
2007-12-12 22:23 223,232 ----a-w C:\Windows\System32\WMASF.DLL
2007-12-12 22:23 1,327,104 ----a-w C:\Windows\System32\quartz.dll
2007-12-03 15:20 107,888 ----a-w C:\Windows\System32\CmdLineExt.dll
2007-10-22 20:59 583 ---ha-w C:\Users\Pablo Ballester\DMOrganizer.dat
2007-10-21 00:16 228 ----a-w C:\Users\Pablo Ballester\AppData\Roaming\wklnhst.dat
2007-10-11 00:10 174 --sha-w C:\Program Files\desktop.ini
2007-10-10 21:09 13,495 ----a-w C:\Users\Pablo Ballester\AppData\Roaming\nvModes.dat
.
((((((((((((((((((((((((((((((((( Cargando Puntos Reg ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* entradas vacías & entradas legítimas predeterminadas no son mostradas
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 09:35 125440]
"ccleaner"="C:\Program Files\CCleaner\CCleaner.exe" [2008-02-20 11:15 816368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="--" []
"NvSvc"="--C:\Windows\system32\nvsvc.dll" [ ]
"NvCplDaemon"="--C:\Windows\system32\NvCpl.dll" [ ]
"NvMediaCenter"="--C:\Windows\system32\NvMcTray.dll" [ ]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-09-15 02:50 1021224]
"HP Software Update"="--C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [ ]
"QPService"="--C:\Program Files\HP\QuickPlay\QPService.exe" [ ]
"QlbCtrl"="--" []
"HP Health Check Scheduler"="--C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [ ]
"hpWirelessAssistant"="--" []
"WAWifiMessage"="--" []
"SunJavaUpdateSched"="--C:\Program Files\Java\jre1.6.0\bin\jusched.exe" [ ]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-12-19 21:38 579072]
"SynTPStart"="C:\Program Files\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 02:29 102400]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-10-22 18:22 6731312]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]
"AirCardEnabler"="" []
"WatcherHelper"="C:\Program Files\Sierra Wireless Inc\3G Watcher\WaHelper.exe" [2007-05-29 14:58 120352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="%WINDIR%\SMINST\launcher.exe" [ ]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"SSDPSRV"="C:\Windows\system32\ssdpsrv.exe" [2002-03-25 20:51 57104]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2007-10-25 23:28 219136]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [2000-01-21 05:15:56 65588]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgwlntf]
avgwlntf.dll 2007-10-11 00:21 9216 C:\Windows\System32\avgwlntf.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{4E1C6D80-3296-4F35-9B9D-3AB9A443B85C}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)|Edge=TRUE|
"{34E523C1-9E58-47A0-8444-478358424182}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{35F40C21-2182-464D-BE15-C608A9264EC2}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{46E23DA2-AD38-4BF5-B349-343CC0ABC1A8}"= C:\Program Files\HP\QuickPlay\QP.exe:Quick Play|Desc=Quick Play
"{ECDA53ED-449E-46EF-9933-D999906441BC}"= C:\Program Files\HP\QuickPlay\QPService.exe:Quick Play Resident Program|Desc=Quick Play Resident Program
"{17D77223-7395-4575-BF27-38AC1A5E2484}"= UDP:C:\Program Files\BitTorrent_DNA\dna.exe:BitTorrent DNA
"{431B2A8A-25F4-48A6-BF30-B155F30F419B}"= TCP:C:\Program Files\BitTorrent_DNA\dna.exe:BitTorrent DNA
"{760910B4-6D04-4741-A7FB-70DD14E3F245}"= UDP:C:\Program Files\BitTorrent\bittorrent.exe:BitTorrent
"{7D18CE67-DF06-4258-AFE4-A4E831DC48C9}"= TCP:C:\Program Files\BitTorrent\bittorrent.exe:BitTorrent
"{2ACE1679-DB85-4D0A-9F54-1C81A928FC8D}"= UDP:C:\Program Files\BitTorrent_DNA\dna.exe:BitTorrent DNA
"{9F8C1450-A181-4250-9926-DCC03434B316}"= TCP:C:\Program Files\BitTorrent_DNA\dna.exe:BitTorrent DNA
"{2A794281-BC3C-4122-92F0-B089C5E4A603}"= UDP:C:\Program Files\BitTorrent\bittorrent.exe:BitTorrent
"{86A07320-997B-4491-982E-9F2248CC07CB}"= TCP:C:\Program Files\BitTorrent\bittorrent.exe:BitTorrent
"TCP Query User{226AFB77-B57D-4932-A333-3CA76A80E11C}C:\program files\ares\ares.exe"= UDP:C:\program files\ares\ares.exe:Ares p2p for windows|Desc=Ares p2p for windows
"UDP Query User{BA5A281A-D7B1-40C4-9826-5C4C569174D9}C:\program files\ares\ares.exe"= TCP:C:\program files\ares\ares.exe:Ares p2p for windows|Desc=Ares p2p for windows
"TCP Query User{2246F64E-7969-4D69-A997-0409FC579D4D}C:\program files\ares\ares.exe"= UDP:C:\program files\ares\ares.exe:Ares p2p for windows|Desc=Ares p2p for windows
"UDP Query User{5B5D16F5-8871-4A8C-A50C-8980269B4DEA}C:\program files\ares\ares.exe"= TCP:C:\program files\ares\ares.exe:Ares p2p for windows|Desc=Ares p2p for windows
"TCP Query User{FF4BCBC5-9CA0-4AF7-887C-9F27FCF2E367}C:\program files\valve\hl.exe"= UDP:C:\program files\valve\hl.exe:Half-Life Launcher|Desc=Half-Life Launcher
"UDP Query User{532C2CF7-8F43-49C1-AB40-B1CC5F5EE2BE}C:\program files\valve\hl.exe"= TCP:C:\program files\valve\hl.exe:Half-Life Launcher|Desc=Half-Life Launcher
"TCP Query User{C7FC4DF5-F06E-493A-97BF-92ADADA01BC7}C:\program files\hp games\wheel of fortune\wheel of fortune.exe"= UDP:C:\program files\hp games\wheel of fortune\wheel of fortune.exe:Wheel of Fortune|Desc=Wheel of Fortune
"UDP Query User{6C88D0BE-1388-435D-9A04-F37AF85FC0EC}C:\program files\hp games\wheel of fortune\wheel of fortune.exe"= TCP:C:\program files\hp games\wheel of fortune\wheel of fortune.exe:Wheel of Fortune|Desc=Wheel of Fortune
"TCP Query User{B58FFBEC-BF73-4975-AA6B-1B6015165460}C:\program files\ea games\medal of honor pacific assault™\mohpa.exe"= UDP:C:\program files\ea games\medal of honor pacific assault™\mohpa.exe:Medal of Honor Pacific Assault™|Desc=Medal of Honor Pacific Assault™
"UDP Query User{9560A1D9-D781-4FF4-AB80-430B374E820C}C:\program files\ea games\medal of honor pacific assault™\mohpa.exe"= TCP:C:\program files\ea games\medal of honor pacific assault™\mohpa.exe:Medal of Honor Pacific Assault™|Desc=Medal of Honor Pacific Assault™
"{4E0C9D12-FD5D-4D88-8344-4D8495C3AD06}"= Disabled:UDP:C:\Program Files\Skype\Phone\Skype.exe:Skype
"{F435E0F1-8FA1-46C8-A9A5-6EE910A69F8E}"= Disabled:TCP:C:\Program Files\Skype\Phone\Skype.exe:Skype
"{6EE9FCD9-79F0-40FA-850C-D432D35555EF}"= Disabled:UDP:C:\Program Files\Skype\Phone\Skype.exe:Skype
"{9B64AFF5-ACA4-4C54-93AA-AF3C58919C12}"= Disabled:TCP:C:\Program Files\Skype\Phone\Skype.exe:Skype
"{AD969013-E6D2-4567-B92D-332D7B3FD80F}"= UDP:C:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:Pro Evolution Soccer 2008
"{438E78CF-8B05-4A41-A317-5E80E96CF62D}"= TCP:C:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:Pro Evolution Soccer 2008
"{D432D0D5-7971-4F12-BC10-DAD7C34E3B80}"= UDP:C:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:Pro Evolution Soccer 2008
"{1250BAA4-D850-49A4-8589-58D43216EE14}"= TCP:C:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:Pro Evolution Soccer 2008
"TCP Query User{950AB873-C47F-4E9C-B6AF-714BB37C65FC}C:\program files\ea games\medal of honor pacific assault™\mohpa.exe"= UDP:C:\program files\ea games\medal of honor pacific assault™\mohpa.exe:Medal of Honor Pacific Assault™|Desc=Medal of Honor Pacific Assault™
"UDP Query User{88088F42-F435-4461-8E1B-796FF42EA825}C:\program files\ea games\medal of honor pacific assault™\mohpa.exe"= TCP:C:\program files\ea games\medal of honor pacific assault™\mohpa.exe:Medal of Honor Pacific Assault™|Desc=Medal of Honor Pacific Assault™
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitTorrent\bittorrent.exe"= C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent
"<NO NAME>"=
"C:\Program Files\Sierra Wireless Inc\3G Watcher\SwiApiMux.exe"= C:\Program Files\Sierra Wireless Inc\3G Watcher\SwiApiMux.exe:*:Enabled:SwiApiMux
R2 XAudio;XAudio;C:\Windows\system32\DRIVERS\xaudio.sys [2007-07-10 06:27]
R3 AvgWFP;AVG7 Firewall Driver x86;C:\Windows\system32\Drivers\avgwfp.sys [2007-12-19 21:39]
R3 nvsmu;nvsmu;C:\Windows\system32\DRIVERS\nvsmu.sys [2007-02-16 05:50]
R3 swivsp;AC8xx Virtual Serial Port;C:\Windows\system32\DRIVERS\swivspnt.sys [2007-03-26 14:18]
S2 asc3550o;asc3550o;C:\Windows\system32\drivers\asc3550o.sys [2006-11-02 05:30]
S3 BCM43XV;Controlador de adaptador de red 802.11 extensible Broadcom;C:\Windows\system32\DRIVERS\bcmwl6.sys [2007-01-03 12:43]
S3 SWNC8U12;Sierra Wireless MUX NDIS Driver (UMTS12);C:\Windows\system32\DRIVERS\swnc8u12.sys [2007-06-27 17:41]
S3 swumx12;Sierra Wireless USB MUX Driver (UMTS12);C:\Windows\system32\DRIVERS\swumx12.sys [2007-06-27 17:42]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{03ef3513-9e9e-11dc-ad12-00a0d5ffff85}]
\shell\AutoRun\command - F:\autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3e46d484-98a2-11dc-9f74-001b244312da}]
\shell\Auto\command - F:\MSOCache\doWTP_RESTORE.exe
\shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\MSOCache\doWTP_RESTORE.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ae42592c-8989-11dc-8b4c-00a0d5ffff85}]
\shell\Auto\command - F:\sxs.exe
\shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\sxs.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-02-24 13:43:49
Windows 6.0.6000 NTFS
escaneando procesos ocultos ...
escaneando entradas ocultas de autostart ...
escaneando archivos ocultos ...
el escaneo se completo con exito
archivos ocultos: 0
**************************************************************************
.
Tiempo completado: 2008-02-24 13:44:48
.
2008-02-21 19:13:40 --- E O F ---
----------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:18:07, on 24-02-2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\Sierra Wireless Inc\3G Watcher\WaHelper.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\conime.exe
C:\Windows\Explorer.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.cl/R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aplicación auxiliar de vínculos de Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [Windows Defender] --
O4 - HKLM\..\Run: [NvSvc] --RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] --RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] --RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HP Software Update] --C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QPService] --"C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] --
O4 - HKLM\..\Run: [HP Health Check Scheduler] --C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] --
O4 - HKLM\..\Run: [WAWifiMessage] --
O4 - HKLM\..\Run: [SunJavaUpdateSched] --"C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WatcherHelper] "C:\Program Files\Sierra Wireless Inc\3G Watcher\WaHelper.exe"
O4 - HKLM\..\RunServices: [SSDPSRV] C:\Windows\system32\ssdpsrv.exe
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Servicio de red')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O13 - Gopher Prefix:
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cabO16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) -
http://downloads.ewido.net/ewidoOnlineScan.cabO16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) -
http://www.eset.eu/buxus/docs/OnlineScanner.cabO16 - DPF: {6218F7B5-0D3A-48BA-AE4C-49DCFA63D400} (CSEQueryObject Object) -
http://www.myheritage.es/Genoogle/Componen...EngineQuery.dllO16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) -
http://www.nvidia.com/content/DriverDownlo.../sysreqlab2.cabO16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) -
http://h20270.www2.hp.com/ediags/gmn2/inst...ctDetection.cabO16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) -
http://www.nvidia.com/content/DriverDownlo...iaSmartScan.cabO16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cabO20 - Winlogon Notify: avgwlntf - C:\Windows\SYSTEM32\avgwlntf.dll
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - --"C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe" (file missing)
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - --"C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe" (file missing)
O23 - Service: HP Health Check Service - Unknown owner - --"C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe" (file missing)
O23 - Service: hpqwmiex - Unknown owner - --C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - --"C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe" (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - --"C:\Program Files\Common Files\LightScribe\LSSrvc.exe" (file missing)
O23 - Service: RoxMediaDB9 - Unknown owner - --"C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe" (file missing)
O23 - Service: stllssvr - Unknown owner - --"C:\Program Files\Common Files\SureThing Shared\stllssvr.exe" (file missing)
O23 - Service: Servicio Lector del diario USN de Carpetas para compartir de Messenger (usnjsvc) - Unknown owner - --"C:\Program Files\MSN Messenger\usnsvc.exe" (file missing)
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 7509 bytes
Ayuda con el log
Feb 21 2008, 07:36 PM
