Вы находитесь на странице: 1из 8

ComboFix 12-05-23.01 - pc 23/05/2012 12:37:38.4.

1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.34.3082.18.895.431 [GMT -3:00
]
Running from: c:\documents and settings\pc\Mis documentos\Descargas\ComboFix.exe
AV: Symantec Endpoint Protection *Enabled/Outdated* {FB06448E-52B8-493A-90F3-E43
226D3305C}
* Created a new restore point
.
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))
)))))))))))))))))))))))))))))
.
.
c:\windows\system32\avisynth.dll
c:\windows\system32\CafeAgent.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-04-23 to 2012-05-23 )))))))
))))))))))))))))))))))))
.
.
2012-05-23 15:34 . 2012-05-23 15:34
419488 ----a-wc:\windows\syste
m32\FlashPlayerApp.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))
)))))))))))))))))))))))))))))))
.
2012-05-23 15:34 . 2011-12-26 19:17
70304 ----a-wc:\windows\syste
m32\FlashPlayerCPLApp.cpl
2012-03-05 17:31 . 2011-05-10 19:37
73728 ----a-wc:\windows\syste
m32\javacpl.cpl
2012-03-05 17:31 . 2011-02-10 12:11
472808 ----a-wc:\windows\syste
m32\deployJava1.dll
2011-09-03 06:20 . 2012-03-05 17:43
134104 ----a-wc:\archivos de p
rograma\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-11-04_20.56.26 )))))))))))))))))
))))))))))))))))))))))))
.
+ 2006-12-02 03:08 . 2006-12-02 03:08 49152
c:\windows\WinSxS\x86
_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80KOR.dll
+ 2006-12-02 03:08 . 2006-12-02 03:08 49152
c:\windows\WinSxS\x86
_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80JPN.dll
+ 2006-12-02 03:08 . 2006-12-02 03:08 61440
c:\windows\WinSxS\x86
_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll
+ 2006-12-02 03:08 . 2006-12-02 03:08 61440
c:\windows\WinSxS\x86
_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80FRA.dll
+ 2006-12-02 03:08 . 2006-12-02 03:08 61440
c:\windows\WinSxS\x86
_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ESP.dll
+ 2006-12-02 03:08 . 2006-12-02 03:08 57344
c:\windows\WinSxS\x86
_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll
+ 2006-12-02 03:08 . 2006-12-02 03:08 65536
c:\windows\WinSxS\x86
_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80DEU.dll
+ 2006-12-02 03:08 . 2006-12-02 03:08 45056
c:\windows\WinSxS\x86
_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHT.dll

+ 2006-12-02 03:08 . 2006-12-02 03:08 40960


c:\windows\WinSxS\x86
_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHS.dll
+ 2006-12-02 03:26 . 2006-12-02 03:26 57856
c:\windows\WinSxS\x86
_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll
+ 2006-12-02 03:25 . 2006-12-02 03:25 69632
c:\windows\WinSxS\x86
_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll
+ 2006-12-02 01:56 . 2006-12-02 01:56 96256
c:\windows\WinSxS\x86
_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll
+ 2012-05-23 15:28 . 2012-05-23 15:28 16384
c:\windows\Temp\Perfl
ib_Perfdata_668.dat
+ 2012-01-13 18:22 . 2008-09-25 01:00 54576
c:\windows\system32\s
pool\drivers\w32x86\3\BRMDW080.EXE
+ 2012-01-13 18:22 . 2008-09-25 01:00 58672
c:\windows\system32\s
pool\drivers\w32x86\3\BRMD080.EXE
+ 2012-01-13 18:22 . 2009-02-20 01:02 78848
c:\windows\system32\s
pool\drivers\w32x86\3\BRLGM08A.DLL
+ 2012-01-13 18:22 . 2009-03-03 01:02 91648
c:\windows\system32\s
pool\drivers\w32x86\3\BRENM08A.DLL
+ 2012-01-13 18:22 . 2008-09-25 01:00 85504
c:\windows\system32\s
pool\drivers\w32x86\3\BRDSM080.DLL
+ 2012-01-13 19:13 . 2012-01-13 19:13 60808
c:\windows\system32\S
32EVNT1.DLL
- 2006-05-22 12:00 . 2011-08-25 14:29 89354
c:\windows\system32\p
erfc00A.dat
+ 2006-05-22 12:00 . 2011-11-17 16:09 89354
c:\windows\system32\p
erfc00A.dat
- 2006-05-22 12:00 . 2011-08-25 14:29 70260
c:\windows\system32\p
erfc009.dat
+ 2006-05-22 12:00 . 2011-11-17 16:09 70260
c:\windows\system32\p
erfc009.dat
+ 2009-09-17 21:28 . 2009-09-17 21:28 87368
c:\windows\system32\F
wsVpn.dll
+ 2009-09-03 19:03 . 2009-09-03 19:03 26416
c:\windows\system32\d
rivers\symredrv.sys
+ 2009-09-03 19:03 . 2009-09-03 19:03 38448
c:\windows\system32\d
rivers\symndisv.sys
+ 2009-09-03 19:03 . 2009-09-03 19:03 35120
c:\windows\system32\d
rivers\symndis.sys
+ 2009-09-03 19:03 . 2009-09-03 19:03 39856
c:\windows\system32\d
rivers\symids.sys
+ 2009-09-03 19:03 . 2009-09-03 19:03 12720
c:\windows\system32\d
rivers\symdns.sys
+ 2009-08-25 23:05 . 2009-08-25 23:05 43696
c:\windows\system32\d
rivers\srtspx.sys
+ 2009-07-14 15:51 . 2009-07-14 15:51 23888
c:\windows\system32\d
rivers\COH_Mon.sys
+ 2011-02-08 01:16 . 2011-02-08 01:16 62592
c:\windows\system32\d
llcache\cdrom.sys
+ 2006-08-26 01:44 . 2006-08-26 01:44 89600
c:\windows\system32\a
tl71.dll
+ 2012-01-13 19:13 . 2012-01-13 19:13 21446
c:\windows\Installer\
{2EFCC193-D915-4CCB-9201-31773A27BC06}\ARPPRODUCTICON.exe
+ 2011-12-26 19:18 . 2011-12-26 19:18 2678
c:\windows\java\Packag
es\Data\VJBDBB9B.DAT
+ 2011-12-26 19:18 . 2011-12-26 19:18 2678
c:\windows\java\Packag
es\Data\R9JHNRPZ.DAT
+ 2011-12-26 19:18 . 2011-12-26 19:18 2678
c:\windows\java\Packag
es\Data\QXNL3N93.DAT
+ 2011-12-26 19:18 . 2011-12-26 19:18 2678
c:\windows\java\Packag
es\Data\8A75NDRZ.DAT

+ 2011-12-26 19:18 . 2011-12-26 19:18 2678


es\Data\0L7RH3J7.DAT
+ 2009-09-17 21:30 . 2009-09-17 21:30 107848
SymVPN.dll
+ 2009-09-03 19:16 . 2009-09-03 19:16 242056
SymRedir.dll
+ 2009-09-03 19:17 . 2009-09-03 19:17 625032
SymNeti.dll
+ 2012-01-13 18:22 . 2009-03-06 01:04 505344
spool\drivers\w32x86\3\BRUIM08A.DLL
+ 2012-01-13 18:22 . 2009-02-27 01:03 244736
spool\drivers\w32x86\3\BROHL08A.DLL
+ 2012-01-13 18:22 . 2008-09-25 01:00 393216
spool\drivers\w32x86\3\BRMD080.DLL
+ 2012-01-13 18:22 . 2009-03-06 01:04 339456
spool\drivers\w32x86\3\BRDLM08A.DLL
+ 2012-01-13 18:22 . 2008-10-31 01:00 327680
spool\drivers\w32x86\3\BRDIM08A.DLL
- 2006-05-22 12:00 . 2011-08-25 14:29 499148
perfh00A.dat
+ 2006-05-22 12:00 . 2011-11-17 16:09 499148
perfh00A.dat
- 2006-05-22 12:00 . 2011-08-25 14:29 436496
perfh009.dat
+ 2006-05-22 12:00 . 2011-11-17 16:09 436496
perfh009.dat
+ 2003-02-21 01:42 . 2007-03-21 23:33 348160
MSVCR71.DLL
+ 2011-02-10 13:29 . 2007-03-21 23:33 503808
MSVCP71.DLL
+ 2012-05-23 15:34 . 2012-05-23 15:34 351904
Macromed\Flash\FlashUtil32_11_2_202_235_Plugin.exe
+ 2011-12-26 19:17 . 2011-12-26 19:17 247968
Macromed\Flash\FlashUtil11c_Plugin.exe
+ 2011-12-26 19:17 . 2011-12-26 19:17 247968
Macromed\Flash\FlashUtil11c_ActiveX.exe
+ 2011-12-26 19:17 . 2011-12-26 19:17 335520
Macromed\Flash\FlashUtil11c_ActiveX.dll
+ 2012-05-23 15:34 . 2012-05-23 15:34 257696
Macromed\Flash\FlashPlayerUpdateService.exe
- 2011-08-25 14:30 . 2011-05-04 07:52 157472
javaws.exe
+ 2012-03-05 17:31 . 2012-03-05 17:31 157472
javaws.exe
+ 2012-03-05 17:31 . 2012-03-05 17:31 149280
javaw.exe
+ 2011-12-26 19:18 . 2003-02-28 21:26 139536
javaee.dll
- 2011-02-10 13:57 . 2003-02-28 21:26 139536
javaee.dll
+ 2012-03-05 17:31 . 2012-03-05 17:31 149280
java.exe
+ 2011-02-08 01:16 . 2011-02-08 01:16 922112
imapi2fs.dll
+ 2011-02-08 01:16 . 2011-02-08 01:16 426496
imapi2.dll
+ 2009-09-03 19:03 . 2009-09-03 19:03 188080
drivers\symtdi.sys
+ 2009-09-03 19:03 . 2009-09-03 19:03 145968
drivers\symfw.sys

c:\windows\java\Packag
c:\windows\system32\
c:\windows\system32\
c:\windows\system32\
c:\windows\system32\
c:\windows\system32\
c:\windows\system32\
c:\windows\system32\
c:\windows\system32\
c:\windows\system32\
c:\windows\system32\
c:\windows\system32\
c:\windows\system32\
c:\windows\system32\
c:\windows\system32\
c:\windows\system32\
c:\windows\system32\
c:\windows\system32\
c:\windows\system32\
c:\windows\system32\
c:\windows\system32\
c:\windows\system32\
c:\windows\system32\
c:\windows\system32\
c:\windows\system32\
c:\windows\system32\
c:\windows\system32\
c:\windows\system32\
c:\windows\system32\
c:\windows\system32\

+ 2012-01-13 19:13 . 2012-01-13 19:13 124976


c:\windows\system32\
drivers\SYMEVENT.SYS
+ 2009-08-25 23:05 . 2009-08-25 23:05 320560
c:\windows\system32\
drivers\srtspl.sys
+ 2009-08-25 23:05 . 2009-08-25 23:05 281648
c:\windows\system32\
drivers\srtsp.sys
+ 2011-02-08 01:16 . 2011-02-08 01:16 922112
c:\windows\system32\
dllcache\imapi2fs.dll
+ 2011-02-08 01:16 . 2011-02-08 01:16 426496
c:\windows\system32\
dllcache\imapi2.dll
+ 2012-01-13 19:12 . 2009-08-18 21:22 511328
c:\windows\system32\
capicom.dll
+ 2012-03-05 17:34 . 2012-03-05 17:34 203776
c:\windows\Installer
\84a41.msi
+ 2012-03-05 17:31 . 2012-03-05 17:31 901120
c:\windows\Installer
\84a33.msi
+ 2011-12-26 19:18 . 2011-12-26 19:18 902656
c:\windows\Installer
\1033cb.msi
+ 2012-03-05 17:50 . 2011-02-08 01:16 379184
c:\windows\$NtUninst
allKB952011$\spuninst\updspapi.dll
+ 2012-03-05 17:50 . 2011-02-08 01:16 221488
c:\windows\$NtUninst
allKB952011$\spuninst\spuninst.exe
+ 2006-12-02 03:25 . 2006-12-02 03:25 1093120
c:\windows\WinSxS\x
86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll
+ 2006-12-02 03:25 . 2006-12-02 03:25 1101824
c:\windows\WinSxS\x
86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll
+ 2012-01-13 18:22 . 2008-10-31 01:00 1586688
c:\windows\system32
\spool\drivers\w32x86\3\BRBMM08A.DLL
+ 2003-03-19 00:20 . 2007-03-21 23:39 1060864
c:\windows\system32
\MFC71.DLL
- 2003-03-19 00:20 . 2003-03-19 00:20 1060864
c:\windows\system32
\mfc71.dll
+ 2012-05-23 15:34 . 2012-05-23 15:34 8797856
c:\windows\system32
\Macromed\Flash\NPSWF32_11_2_202_235.dll
+ 2011-04-13 22:40 . 2011-04-13 22:40 4284416
c:\windows\system32
\GPhotos.scr
+ 2011-06-06 15:55 . 2011-06-06 15:55 1189004
c:\windows\Installe
r\$PatchCache$\Managed\68AB67CA7DA74301B744AA0100000010\10.1.0\JSByteCodeWin.bin
+ 2012-01-13 19:13 . 2012-01-13 19:13 15481856
c:\windows\Install
er\787df.msi
+ 2012-04-04 13:32 . 2012-04-04 13:32 16613376
c:\windows\Install
er\5857e.msp
+ 2012-01-03 17:58 . 2012-01-03 17:58 15929344
c:\windows\Install
er\15bf3.msp
.
-- Snapshot reset to current date -.
((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))
)))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PDVD9LanguageShortcut"="c:\archivos de programa\CyberLink\PowerDVD9\Language\La
nguage.exe" [2008-10-13 50472]
"VTTimer"="VTTimer.exe" [2005-03-07 53248]
"PCTVOICE"="pctspk.exe" [2003-12-18 180224]
"GrooveMonitor"="c:\archivos de programa\Microsoft Office\Office12\GrooveMonitor

.exe" [2006-10-27 31016]


"snp325"="c:\windows\vsnp325.exe" [2009-05-20 835584]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]
"HDAudDeck"="c:\archivos de programa\VIA\VIAudioi\HDADeck\HDeck.exe" [2009-01-21
33587200]
"RTHDCPL"="RTHDCPL.EXE" [2009-04-30 17881088]
"Adobe ARM"="c:\archivos de programa\Archivos comunes\Adobe\ARM\1.0\AdobeARM.exe
" [2012-01-03 843712]
"CafeAgent"="c:\windows\system32\CafeAgent.exe" [BU]
"ccApp"="c:\archivos de programa\Archivos comunes\Symantec Shared\ccApp.exe" [20
09-07-08 115560]
"nwiz"="nwiz.exe" [BU]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-01-29 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-01-29 13666920]
"SunJavaUpdateSched"="c:\archivos de programa\Archivos comunes\Java\Java Update\
jusched.exe" [2012-01-18 254696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Men Inicio\Programas\Inicio\
Adobe Gamma.lnk - c:\archivos de programa\Archivos comunes\Adobe\Calibration\Ado
be Gamma Loader.exe [2005-3-16 113664]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"NoSecCPL"= 0 (0x0)
"NoConfigPage"= 0 (0x0)
"NoFileSysPage"= 0 (0x0)
"NoDevMgrPage"= 0 (0x0)
"NoVirtMemPage"= 0 (0x0)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]
"NoSecCPL"= 0 (0x0)
"NoConfigPage"= 0 (0x0)
"NoFileSysPage"= 0 (0x0)
"NoDevMgrPage"= 0 (0x0)
"NoVirtMemPage"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoRecentDocsNetHood"= 0 (0x0)
"NoStartMenuSubFolders"= 0 (0x0)
"NoCommonGroups"= 0 (0x0)
"NoFavoritesMenu"= 1 (0x1)
"NoSMMyPictures"= 0 (0x0)
"NoStartMenuMyMusic"= 0 (0x0)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer
]
"NoRecentDocsNetHood"= 0 (0x0)
"DisableLocalMachineRun"= 0 (0x0)
"DisableLocalMachineRunOnce"= 0 (0x0)
"DisableCurrentUserRun"= 0 (0x0)
"DisableCurrentUserRunOnce"= 0 (0x0)
"NoStartMenuSubFolders"= 0 (0x0)
"NoCommonGroups"= 0 (0x0)
"NoFavoritesMenu"= 1 (0x1)
"NoSMMyPictures"= 0 (0x0)
"NoStartMenuMyMusic"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify

\DfLogon]
2009-08-05 16:45
65536 ----a-wc:\windows\system32\LogonDll.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute
REG_MULTI_SZ
autocheck autochk /k:C *
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec A
ntivirus]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVi
rus]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\Authoriz
edApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Archivos de programa\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Archivos de programa\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Archivos de programa\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Archivos de programa\\Skype\\Phone\\Skype.exe"=
"c:\\Archivos de programa\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Archivos de programa\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Archivos de programa\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Archivos de programa\\Symantec\\Symantec Endpoint Protection\\Smc.exe"=
"c:\\Archivos de programa\\Symantec\\Symantec Endpoint Protection\\SNAC.EXE"=
"c:\\Archivos de programa\\Archivos comunes\\Symantec Shared\\ccApp.exe"=
.
R0 DeepFrz;DeepFrz;c:\windows\system32\drivers\DeepFrz.sys [05/08/2009 13:48 152
472]
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2011/02/10 10:32];c:\ar
chivos de programa\CyberLink\PowerDVD9\000.fcl [28/02/2009 19:40 87536]
R2 DFServ;DFServ;c:\archivos de programa\Faronics\Deep Freeze\Install C-0\DFServ
.exe [05/08/2009 13:38 1056256]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\archivos de programa\Archivos comu
nes\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [05/03/2012 14:33 106104]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system
32\drivers\viahduaa.sys [11/05/2011 18:39 1050112]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system
32\Macromed\Flash\FlashPlayerUpdateService.exe [23/05/2012 12:34 257696]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [28/05/2011 2:45 1684
736]
S3 PAC207;PC Camera;c:\windows\system32\drivers\PFC027.SYS [29/05/2007 13:30 508
160]
S3 Philipscam1;Cmara digital Philips 645: vdeo;c:\windows\system32\drivers\philcam
1.sys [28/05/2011 2:24 75776]
S3 SNP325;USB PC Camera (SNPSTD325);c:\windows\system32\drivers\snp325.sys [23/0
2/2011 15:36 451456]
S3 VIASens;Vinyl Sensaura WDM 3D Audio Driver;c:\windows\system32\drivers\viasen
s.sys [10/05/2011 17:10 391680]
.
Contents of the 'Scheduled Tasks' folder
.

2012-05-23 c:\windows\Tasks\Adobe Flash Player Updater.job


- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-23 15
:34]
.
2011-11-17 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\archivos de programa\Apple Software Update\SoftwareUpdate.exe [2008-07-30 1
5:34]
.
.
------- Supplementary Scan ------.
uStart Page = hxxp://www.google.com.ar/
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportar a Microsoft Excel - c:\archiv~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: Interfaces\{09ACE41E-CAD4-467B-A715-CBC726CD4B54}: NameServer = 200.45.191.
35,200.45.191.40
TCP: Interfaces\{68802050-B56D-46A7-84B1-2636148A7F3C}: NameServer = 200.45.191.
35,200.45.191.40
TCP: Interfaces\{6F086BBE-4652-497F-A0E6-8A5A7477D3EF}: NameServer = 200.45.191.
35,200.45.191.40
TCP: Interfaces\{6F8AC38E-ECD4-4080-A621-4154BFBF4BAE}: NameServer = 200.45.191.
35,200.45.191.40
TCP: Interfaces\{8E238A18-9097-438F-BF1A-A634370F7BAE}: NameServer = 200.45.191.
35,200.45.191.40
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
FF - ProfilePath - c:\documents and settings\pc\Datos de programa\Mozilla\Firefo
x\Profiles\tvmmerr4.default\
.
.
------- File Associations ------.
.scr=AutoCADScriptFile
.
- - - - ORPHANS REMOVED - - - .
SafeBoot-Symantec Antvirus
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http:/
/www.gmer.net
Rootkit scan 2012-05-23 12:47
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\archivos de programa\VIA\VIAudioi\HDADeck\HDeck.exe 1??????????
?????????????????????????????????????????????
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************

.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{B154377D-700F-42cc-9474-23858
FBDF4BD}]
"ImagePath"="\??\c:\archivos de programa\CyberLink\PowerDVD9\000.fcl"
.
--------------------- DLLs Loaded Under Running Processes --------------------.
- - - - - - - > 'winlogon.exe'(684)
c:\windows\system32\LogonDll.dll
.
Completion time: 2012-05-23 12:50:44
ComboFix-quarantined-files.txt 2012-05-23 15:50
ComboFix2.txt 2012-01-13 18:50
ComboFix3.txt 2011-12-26 18:51
ComboFix4.txt 2011-11-04 21:03
.
Pre-Run: 22.658.486.272 bytes libres
Post-Run: 22.695.043.072 bytes libres
.
- - End Of File - - A96858FC6F4B4FDD0DA8B510C6B407AF