Autor Tema: VIRUS worm:win bagle gan! c (SOLUCIONADO)  (Leído 12270 veces)

Desconectado gentxo

  • Pro Member
  • ****
  • Mensajes: 866
VIRUS worm:win bagle gan! c (SOLUCIONADO)
« en: 21 de Enero de 2010, 04:09:30 pm »
VIRUS.
worm:win bagle gan! c.
Me ha desactivado Panda, AD-adware y trojan remover esto  ha ocurrido al habrir un archivo bajado de internet,
estoy sin proteccion,
Si entro en modo seguro me sale una pantalla azul con un codigo de error 0x800106ba.
He intalado mssefullinstall pero luego me lo deesactiva.
Ayuda porfa. AH! devo desactivar IE?

              Gracias

Desconectado Mr_X

  • Moderador
  • ******
  • Mensajes: 2635
Re: VIRUS worm:win bagle gan! c
« Respuesta #1 en: 21 de Enero de 2010, 05:03:37 pm »
Baja el ComboFix y ejecútalo... Pega aquí el contenido del archivo C:\ComboFix.txt
"... I'll wait I sow the seed, I set the scene and I watch the world go by..."

Desconectado gentxo

  • Pro Member
  • ****
  • Mensajes: 866
Re: VIRUS worm:win bagle gan! c
« Respuesta #2 en: 22 de Enero de 2010, 01:04:24 am »
Bien Mr_X
Cuando estaba con la descarga de Combofix veo que se pone en marcha AD-Aware y securyti essentials y me han eliminado estos virus.
Worm:win32/Bagle.gen!C
TrojanDownloader:win32/Bagle.gen!A
Trojan:winNT/Bagle.gen.
Y el equipo lo veo estabilizado en general pero he probado haber si se habia solucionado el problema de reiniciar en modo seguro y me sale la pantalla en azul con un testo y al final esta numeracion.
STOP:0x0000007b (0xF7C46528,0xc0000034, 0x00000000, 0x00000000)
Que hago con esta incidencia.
Gracias.

Desconectado Mr_X

  • Moderador
  • ******
  • Mensajes: 2635
Re: VIRUS worm:win bagle gan! c
« Respuesta #3 en: 22 de Enero de 2010, 01:13:21 am »
Que hago con esta incidencia.

Baja el ComboFix y ejecútalo... Pega aquí el contenido del archivo C:\ComboFix.txt
"... I'll wait I sow the seed, I set the scene and I watch the world go by..."

Desconectado gentxo

  • Pro Member
  • ****
  • Mensajes: 866
Re: VIRUS worm:win bagle gan! c
« Respuesta #4 en: 22 de Enero de 2010, 10:26:39 am »
Tengo alguna duda como manejar Combofix y es que no entiendo muy bien la parte donde el manual sugiere que se intale la "Consolade Recuperacion de Windows.
Pero alla voy te pongo el log.
Ah despues de ejecutar ComboFix se ha corregido lo de poder entrar en modo seguro. Gracias Mr_X


ComboFix 10-01-21.07 - fulgencio 22/01/2010  13:29:12.1.1 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.34.3082.18.1023.696 [GMT 1:00]
Running from: c:\documents and settings\fulgencio\Escritorio\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\fulgencio\Datos de programa\drivers\downld
c:\documents and settings\fulgencio\Datos de programa\inst.exe
c:\documents and settings\fulgencio\Datos de programa\m
c:\documents and settings\fulgencio\Datos de programa\m\data.oct
c:\documents and settings\fulgencio\Datos de programa\m\list.oct
c:\documents and settings\fulgencio\Datos de programa\m\shared\3D Blocks 2006 v2.75 by ICU.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\3DMark 03 Pro 3.2.0 (Serial).zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\4Videosoft DVD to Nokia Converter 3.1.10.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\4Videosoft Nokia Video Converter 3.1.10.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\8Signs Firewall v2.1.3.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\98lite Pro 2.0.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\A123 DVD to Zune Ripper 3.8.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Abuse-net 2.01.00.57 (Serial).zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Abyss v2.0.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Acala DVD to Pocket PC Movie 3.1.1 keygen.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\ActiveClick 2.0d.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\ADEX Registry 2.5.1.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Advanced Call Center v5.1.0.653 by Vietcr..k.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Advanced CD Ripper Pro v2.40 by ENFUSiA.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Agile Messenger 3.0 for Pocket PC (Serial).zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\AibaseCS v1.210 cr..ked by ARN.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\AIM Monitor Sniffer v3.0.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\AistXSearch v2.76.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\AL Pictures Slideshow Studio 4.0.0.0.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Aone Ultra Video Joiner v3.5.4 WinALL Keygen Only by BRD.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Ap PDF Split Merge v3.1.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Artizen HDR 2.8.0.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\AtomTime Pro v3.1.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Axion Flare Effects v2.0 by Anthrax.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\AZZ Cardfile v2.2.04 Serial.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Batch Fax2JPEG 3.00 Build 908 cr..k.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\BattleForge v09.24.2009 +2 TRAINER build 271132.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Belltech Label Maker with Data Merge v2.0.072305 by HS.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Bfly ScreenSaver.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Black Cat Manager 8.17-key.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Blasteroids Delta Plus 1 TrainerTRDogs.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Brothers in Arms SAVEGAME.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Browse Assist 3.0.9.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Business Cards 4.19.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Cacidi QtoInDesign Batch for Adobe InDesign 1.51.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\CamShot WebCam HTTP Server 2.4.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\CATIII Software Code Signer Pro v1.2 Incl Keygen by SSG.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\CFA Installer v3.73 by Fallen.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Championship Five Hundred Pro v5.31.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Charm Real Converter Pro v5.6 by Core.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Christmas Village 1.0.0 (cr..k).zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\CloneDVD v3.5.9.0 by Lz0.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Coinz 1.1 for PalmOS.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Collectibles Organizer Deluxe v2.6 Incl Keygen by TBE.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Competition Test v3.0 by NGEN.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\ComponentOne Studio for ActiveX 2006 v3.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Cookie Pal 1.5e (Serial).zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Cool Info XP 4.0.6.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Cool Record Edit Pro v5.2 by AHCU.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Copy DVD Gold v2.20.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Corel Graphics Suite 11 for Mac.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Corel MediaOne Plus v2.0.00 Multilanguage + Activation Key.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Crime Catcher 3.22.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\CrossIPTC v1.2.0TBEDAFormmaker v2.1 GERMAN by diGERATi.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Dangerous Dave In The Haunted Mansion Retail JAVA K500 by RLYEH.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\DAO 3.3b (Serial).zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\DawningSoft PDF2HTM v2.0 build 0915 by Bidjan.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\DBtoWEB 1.4a for Office 2000.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\DesktopPlant v1.7.0 WinALL cr..kED by LUCiD.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Disk Explorer Professional v3.60.06 by ACME.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Doblon Power Video Karaoke v1.2.28 cr..ked by ARN.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\DocToHTML 1.2 (Serial).zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Domino Video Converter Pro 1.00.620.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\DoubleKiller Pro 2.1.0.104.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Draven's Revenge 1.0.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\E20-815 Practice Exam Testing Engine Software 1.0.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Email Assistant 1.01 (Serial).zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\EmailPRESENTER Full Latest Version.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\EMailWolf.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\eMPower v7.2.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\ES Calc 2.2b (Serial).zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Essential NetTools 1.0 (Serial).zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Explore The Underworld Screensaver.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Express Plus v1.0.6.4.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Extra DVD to Zune Ripper v5.5 by AT4RE.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\File Cutter 1.4a.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\FileNcode 1.0.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\FlashGet 1.71 (Serial).zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Fly Wheel 3.35 (Serial).zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Fractal Mandala ScreenSaver 2.0.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Freewind SQL Converter 1.9.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\GBTimelapse v1.3.6.1 NET Incl Keygen by ECLiPSE.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\GetRight v4.5c by TNT.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Gold Calculator Gold Edition 3.21-key.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Gold Star Karma Fighter Retail for SymbianOS S60v3 JAVA by RLYEH.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\GradeBook1 2.4.1 for Mac (Serial).zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Graphic Workshop Pro 2.0.50.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\HandyLauncher v3.3 Retail for Pocket PC Full by RLYEH.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\HardCopy Pro v2.7.0 WinAll Incl Patch by EiTHeL.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\HGSAutokosten 5.0 (Serial).zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\HHK GEOgraf CAD v3.0e 1314 GERMAN WinALL Incl Keyfilemaker by Core.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Hide IP NG v1.25 by Under SEH T3am.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Hide My MAC Address 1.0.2705.21817.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\HPGL Import for AutoCAD 1.0.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\HTMLEncryptor v1.1.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\HTTP Server Monitor 1.6 (Serial).zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\ICQ 2000b Beta 4.65 build 3281 cr..k Updated by ReaLisTy (Ads Killer).zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\ID AntiSpam v1.2 by PSC.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\IDpack Lite v7.0.24 by PH.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\ImageEn for Delphi5 v2.2.3 by ENFUSiA.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\ImageForge Gold 4.01.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\iMagic Restaurant Reservation 1.7 (Serial).zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\ImTOO ISO Burner v1.0.52 build 1114 by Veltaros.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\ImTOO PSP Video Converter 2.1.50build -714b (Serial).zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\InspiredORANGE orangeProcesstrace 2006 v2.15 Incl Keygen DATECODE 20060907 by Lz0.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Intense Concentration v1.4.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Internet Quotes Assistant v2.41.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Investintech Able2Extract Professional v6.0 by FOFF.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\iPalm Memo 0.2.0 for Mac.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\IPNet v2.48.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\iYak 1.0.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Jacks Magic Pro 1.01.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Jagacy 1.4.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Joboshare DVD to PSP Converter v2.0 by SND.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\JPEG Optimizer 3.07 (Serial).zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\KC Softwares KFTP v4.4.489 Incl Keymaker by NiTROUS.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Kryptel Silver Key v3.42 by diGERATi.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Lincoln Beach Software IE ImageElements Tool Suite v1.1 by Bidjan.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\LockBox Utility 1.0.2.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Macromedia Authorware 7.01 (Serial).zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Macromedia Authorware Attain 5.0.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\MakeFaces for Palm OS 2.1.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Maxx PDFMailer v3.0.27 Professional French by HS.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\MCAD VB.NET Core Collection (U00-314) 12.7.05-key.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\MeggieSoft Pinochle and Bezique 14.5.14501 (Serial).zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Merchants of Brooklyn v1.2 +7 TRAINER.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\MeshWorks v1.0.3.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\MindMapper 4.5 MindMapper 4.5 (Serial).zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Mindterm 3.1.2.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\mmm-b4 Fahrtenbuch 4.1.256 (Serial).zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\mnoGoSearch SQL 3.2.41.1.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\MoneyBar 1.7 keygen.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\MP3 Detective 5.1.13 (Serial).zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\MP3 Spy 0.91 (Serial).zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\MP3 WAV Converter 2.65.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\MSDict Concise Oxford-Duden German Dictionary 3.10.15.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Muhurta Explorer v1.80 Retail.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\My Schedule v1.62 by ACME.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\MyLanViewer v3.3.5 by FFF.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\MySlideShow v2.3.4 WinAll Incl Patch by WDYL.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\NativeJ v3.6.2.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\NeoCrypt 1.11 (Serial).zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\NHL 2002 No-CD Key+cr..k.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\OCS SelfExtractor Creator 5.0 (Serial).zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\office Convert Document To Image Free 6.2.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\OJOSoft PSP Video Converter v2.6.5.0430 by FOFF.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\OJOsoft Zune Video Converter by HAZE.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\OO Defrag Pro 6.5.851.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Opera 7.50 Final build 7338 (Serial).zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Otto Matic Any for Mac (Serial).zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\PACT Timer v99.1d.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\PDF Print Control v1.07 for Adobe Acrobat by SSG.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\PDF2Office Standard 3.0.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Personal Quest 1.50a.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Picture Resize Genius v2.9.4 by LTTeam.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\PornAway 1.0.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Power Dvd Solution 1.0 (Serial).zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Power Video Converter v1.5.6 by BRD.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\PS FileRenamer v2.68 Bilanguage WinAll by LAXiTY.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Quick License Manager Pro v4.2.9.0 by FFF.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Quran v1.0 Retail JAVA by RLYEH.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Rarlab WinRAR v3.61 Incl DOSRAR UZBEK cr..ked by F4CG.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Rick Dangerous (1989) (Kixx Rainbird Software) FULL!.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\River Past Audio Converter Pro v6.10.1 by TBE.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\River Past RealMedia Booster Pack v1.3.2 WinALL Incl Keygen READ NFO by BRD.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Rockos Quest NoCD Patch by gimpsRus.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Sacredware Highway 3D v1.05 for SymbianOS7 UIQ SE Pxx0.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Shine FLV Video Converter v2.00 by Bidjan.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\SKP4CAD 2010 - Export SKP keygen.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Smart Sender v2.0 by FSS.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\SnagIt 6.0.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Snood v3.0 by F.Y.S. cr..kers.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\SolvoEd Classic English-Russian 6.3.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Sothink Glanda v4.1.70209 by YAG.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\SourcePublisher for Ada v1.4.366b IRIX Incl Keygen by Lz0.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\SourcePublisher for C Plus Plus v1.4.242 for Linux Incl Keygen by ORiON.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\SpaceAgent 2.5 (Serial).zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Spider-Man The Movie v1.3 [ENGLISH] No-CD Fixed EXE.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Spy Remover v2.05 WinALL REGGED by LUCiD.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Square Off 1.6 (Serial).zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Star Trek 25th Anniversary (1992) (Interplay) (F) FULL!.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Stardock WinStyles Enhanced 1.42.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Steelray Project Viewer v3.0.0.0 Linux by ZWT.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Steganos Internet Trace Destructor v6.5.1.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Super DVD Ripper v2.20 by ARTeam.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Super Folder Lock v2.10.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Super Win A1Click Ultra PC Cleaner v1.01.47 Retail by ARN.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\SuperMemo v3.1 XScale for Pocket PC.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\SuperSpeed RamDisk Plus Secure v8.0.0.4 Win2kXP2k3 Desktop by EMBRACE.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\SuperSpeed RamDisk v8.0.0.4 Win2kXP2k3 Desktop Incl Keymaker by EMBRACE.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Syncro Effector 1.20.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Tab Book 1.0.2.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Tasker 3.13.040504.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Tech Tool 4.0.4 for Mac (Serial).zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Teleport Pro v1.29 by LasH.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Ten Thumbs Typing Tutor v4.0.1 by diGERATi.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Tests 2009 2.2.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Text Assist 4.00.012 (Serial).zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\The Bat v3.71.01 Professional Edition WinALL cr..ked by Core.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\The Book of Kells 1.0.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Thoth 1.5.2 for Mac.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\TimingDesigner v8.002 by SHOCK.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\TrayExplorer 2.0 (Serial).zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Tutu MPEG MP4 Converter 3.01.09.0526.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\TypeSpeak 1.0.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Valentine Card.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\VideoVista Professional Edition v2.3.0.304 by TE.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\VisNetic Firewall 2.13.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Vista Controls Icon Collection 1 patch.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Visual Localize v3.0.00.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Warhammer 40000 Dawn Of War and Extensions Multilanguage.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Wave Events 2.0 (Serial).zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\WebWrap 1.1.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\WinAvi All verisons (Serial).zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\WindowBlinds 7.0 Build 230.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Windows 2000 Advanced Server Multi Language (Serial).zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\WinISO v5.0 by Reform.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\WinMUD v1.12.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\WinRAR v3.80 Beta 5 by TaGoR.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Womble MPEG Video Wizard DVD v09.2008 by Unknown.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\X2Net OneStore 1.1.1.202.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Xilisoft DVD Ripper Platinum v5.0.34 build 0428 by Under SEH T3am.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\XMLtoXLS 5.6 cr..ked.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Zeno Clash v1.0 +6 TRAINER.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Zmanerator 1.0.4.zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Zolotov WinLock 1.24 (Serial).zip
c:\documents and settings\fulgencio\Datos de programa\m\shared\Zoom Player v4.03 WMV Professional.zip
c:\documents and settings\fulgencio\Datos de programa\m\srvlist.oct
c:\windows\system32\srosa2.sys

.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SK9OU0S
-------\Legacy_SROSA
-------\Service_sK9Ou0s


(((((((((((((((((((((((((   Files Created from 2009-12-22 to 2010-01-22  )))))))))))))))))))))))))))))))
.

2010-01-21 14:57 . 2009-08-06 21:06   3036024   ----a-w-   c:\documents and settings\fulgencio\Datos de programa\Simply Super Software\Trojan Remover\ico95.exe
2010-01-21 14:41 . 2009-09-01 21:45   3093368   ----a-w-   c:\documents and settings\fulgencio\Datos de programa\Simply Super Software\Trojan Remover\csj72.exe
2010-01-21 13:51 . 2010-01-21 14:18   --------   d-----w-   C:\SMCLpav
2010-01-21 09:15 . 2010-01-14 10:12   181120   ------w-   c:\windows\system32\MpSigStub.exe
2010-01-21 08:28 . 2010-01-22 12:33   --------   d--h--w-   c:\documents and settings\fulgencio\Datos de programa\drivers
2010-01-19 10:30 . 2004-08-20 12:00   120320   ----a-w-   c:\windows\system32\winmine.exe
2010-01-18 21:33 . 2010-01-22 08:01   --------   d-----w-   c:\archivos de programa\Trojan Remover
2010-01-18 21:33 . 2010-01-18 21:33   --------   d-----w-   c:\documents and settings\fulgencio\Datos de programa\Simply Super Software
2010-01-18 21:33 . 2010-01-18 21:33   --------   d-----w-   c:\documents and settings\All Users\Datos de programa\Simply Super Software
2010-01-17 18:10 . 2004-10-09 09:51   503507   ----a-r-   c:\windows\system32\drivers\V0080Dev.sys
2010-01-17 18:10 . 2004-08-11 03:22   3525   ----a-r-   c:\windows\system32\drivers\CamH2111.bin
2010-01-17 18:10 . 2004-08-11 03:22   3525   ----a-r-   c:\windows\system32\drivers\CamF2111.bin
2010-01-17 18:10 . 2004-08-04 01:00   20480   ----a-r-   c:\windows\V0080Cfg.exe
2010-01-17 18:10 . 2004-07-26 01:00   49152   ----a-r-   c:\windows\system32\V0080Hwx.dll
2010-01-17 18:10 . 2004-07-19 01:00   36864   ----a-r-   c:\windows\system32\V0080Pin.dll
2010-01-17 18:10 . 2004-06-29 01:55   106496   ----a-r-   c:\windows\system32\V0080Sti.dll
2010-01-17 18:10 . 2004-06-10 01:00   126976   ----a-r-   c:\windows\system32\V0080Vfw.dll
2010-01-17 18:10 . 2004-05-21 06:05   1125376   ----a-r-   c:\windows\system32\drivers\V0080Evx.sys
2010-01-17 18:10 . 2003-10-03 01:05   65536   ----a-r-   c:\windows\system32\CtCamMgr.dll
2010-01-17 18:10 . 2002-09-17 01:04   36864   ----a-r-   c:\windows\system32\CtRegApp.dll
2010-01-17 18:09 . 2010-01-17 18:09   --------   d-----w-   c:\windows\CtDrvInstall
2010-01-16 14:56 . 2010-01-16 14:56   --------   d-----w-   c:\documents and settings\All Users\Datos de programa\Nokia
2010-01-16 13:49 . 2008-08-26 08:26   18816   ----a-w-   c:\windows\system32\drivers\pccsmcfd.sys
2010-01-16 13:48 . 2010-01-16 14:54   --------   d-----w-   c:\documents and settings\All Users\Datos de programa\Installations
2010-01-16 11:38 . 2010-01-16 13:50   --------   d-----w-   c:\archivos de programa\DIFX
2010-01-16 11:37 . 2010-01-16 11:37   --------   d-----w-   c:\archivos de programa\Samsung
2010-01-16 11:28 . 2010-01-16 11:36   --------   d-----w-   c:\documents and settings\fulgencio\Datos de programa\Samsung
2010-01-16 11:08 . 2006-05-03 21:53   174592   ----a-w-   c:\windows\system32\framedyn.dll
2010-01-16 11:07 . 2007-07-03 16:00   9256   ----a-w-   c:\windows\system32\drivers\sscdwhnt.sys
2010-01-16 11:07 . 2007-07-03 16:00   9256   ----a-w-   c:\windows\system32\drivers\sscdwh.sys
2010-01-16 11:07 . 2007-07-03 15:58   106792   ----a-w-   c:\windows\system32\drivers\sscdmdm.sys
2010-01-16 11:07 . 2007-07-03 15:57   11944   ----a-w-   c:\windows\system32\drivers\sscdmdfl.sys
2010-01-16 11:07 . 2007-07-03 15:56   9256   ----a-w-   c:\windows\system32\drivers\sscdcmnt.sys
2010-01-16 11:07 . 2007-07-03 15:56   9256   ----a-w-   c:\windows\system32\drivers\sscdcm.sys
2010-01-16 11:07 . 2007-07-03 15:54   80552   ----a-w-   c:\windows\system32\drivers\sscdbus.sys
2010-01-16 11:07 . 2010-01-16 11:07   --------   d-----w-   c:\windows\system32\Samsung_USB_Drivers
2010-01-16 11:06 . 2006-07-24 15:05   5632   ----a-w-   c:\windows\system32\drivers\StarOpen.sys
2010-01-12 23:08 . 2009-11-21 15:58   471552   -c----w-   c:\windows\system32\dllcache\aclayers.dll
2010-01-09 11:14 . 1999-03-23 08:12   304128   ----a-w-   c:\windows\unin040a.exe
2010-01-09 11:14 . 2010-01-09 11:14   --------   d-----w-   c:\documents and settings\fulgencio\WINDOWS
2010-01-08 15:05 . 2010-01-08 15:05   --------   d-----w-   c:\windows\Performance
2010-01-08 15:04 . 2010-01-08 15:04   --------   d-----w-   c:\archivos de programa\Microsoft Windows 7 Upgrade Advisor
2010-01-07 15:23 . 2010-01-07 15:23   --------   d-----w-   C:\Panda Security
2010-01-07 15:23 . 2010-01-07 15:23   --------   d-----w-   C:\gabilos
2010-01-07 15:02 . 2010-01-07 15:02   --------   d-----w-   c:\archivos de programa\RegoDemo
2010-01-03 13:19 . 2010-01-03 13:19   --------   d-----w-   c:\windows\Sun
2010-01-02 08:24 . 2010-01-02 08:24   --------   d-----w-   c:\documents and settings\fulgencio\Datos de programa\ACD Systems
2010-01-02 08:20 . 2010-01-02 08:20   --------   d-----w-   c:\documents and settings\All Users\Datos de programa\ACD Systems
2010-01-02 08:20 . 2010-01-02 08:20   --------   d-----w-   c:\archivos de programa\ACD Systems
2010-01-02 08:20 . 2010-01-02 08:20   --------   d-----w-   c:\archivos de programa\Archivos comunes\ACD Systems
2010-01-01 21:36 . 2010-01-01 21:36   --------   d-----w-   c:\documents and settings\All Users\Datos de programa\Panda Software
2009-12-31 14:16 . 1999-10-11 01:00   41984   ------w-   c:\windows\Ctregrun.exe
2009-12-31 12:57 . 2009-12-31 12:57   --------   d-----w-   c:\archivos de programa\Archivos comunes\Sonic Shared
2009-12-31 12:56 . 2009-12-31 12:56   --------   d-----w-   c:\archivos de programa\Archivos comunes\HP
2009-12-31 12:48 . 2009-12-31 13:10   88611   ----a-w-   c:\windows\hpoins06.dat
2009-12-31 12:48 . 2005-06-03 03:31   5389   ------w-   c:\windows\hpomdl06.dat
2009-12-31 12:42 . 2006-04-10 13:03   38400   ----a-w-   c:\windows\system32\hpz3l054.dll
2009-12-31 12:42 . 2006-04-10 13:02   74240   ----a-w-   c:\windows\system32\Spool\prtprocs\w32x86\hpzpp054.dll
2009-12-31 12:35 . 2006-04-13 00:02   659456   ----a-w-   c:\windows\system32\hpowiax2.dll
2009-12-31 09:24 . 2009-12-31 09:24   --------   d-----w-   C:\TEMP
2009-12-29 08:53 . 2009-12-29 08:53   --------   d-----w-   c:\windows\system32\XPSViewer
2009-12-29 08:53 . 2009-12-29 08:53   --------   d-----w-   c:\archivos de programa\Reference Assemblies
2009-12-29 08:53 . 2008-07-06 12:06   89088   ----a-w-   c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2009-12-29 08:52 . 2008-07-06 12:06   89088   -c----w-   c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-12-29 08:52 . 2008-07-06 12:06   117760   ------w-   c:\windows\system32\prntvpt.dll
2009-12-29 08:52 . 2008-07-06 10:50   597504   -c----w-   c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-12-29 08:52 . 2008-07-06 10:50   597504   ------w-   c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2009-12-29 08:52 . 2009-12-29 08:53   --------   d-----w-   C:\c9ff0055037712fa1ecb
2009-12-29 08:52 . 2008-07-06 12:06   575488   -c----w-   c:\windows\system32\dllcache\xpsshhdr.dll
2009-12-29 08:52 . 2008-07-06 12:06   575488   ------w-   c:\windows\system32\xpsshhdr.dll
2009-12-29 08:52 . 2008-07-06 12:06   1676288   -c----w-   c:\windows\system32\dllcache\xpssvcs.dll
2009-12-29 08:52 . 2008-07-06 12:06   1676288   ------w-   c:\windows\system32\xpssvcs.dll
2009-12-29 08:33 . 2009-12-29 08:33   --------   d-----w-   c:\archivos de programa\Microsoft CAPICOM 2.1.0.2
2009-12-29 03:37 . 2009-08-06 18:23   274288   ----a-w-   c:\windows\system32\mucltui.dll
2009-12-29 03:37 . 2009-08-06 18:23   215920   ----a-w-   c:\windows\system32\muweb.dll
2009-12-28 18:59 . 2010-01-15 21:29   --------   d-----w-   c:\documents and settings\fulgencio\Tracing
2009-12-28 18:55 . 2009-12-28 18:55   --------   d-----w-   c:\archivos de programa\Microsoft SQL Server Compact Edition
2009-12-28 18:54 . 2009-12-28 18:54   --------   d-----w-   c:\archivos de programa\Microsoft
2009-12-28 18:54 . 2009-12-28 18:54   --------   d-----w-   c:\archivos de programa\Windows Live SkyDrive
2009-12-28 18:54 . 2009-12-28 18:58   --------   d-----w-   c:\archivos de programa\Windows Live
2009-12-28 18:46 . 2009-12-28 18:46   --------   d-----w-   c:\archivos de programa\Archivos comunes\Windows Live
2009-12-28 13:54 . 2009-12-28 13:54   --------   d-----w-   c:\documents and settings\LocalService\Datos de programa\TuneUp Software
2009-12-26 20:55 . 2009-12-26 20:55   --------   d-----w-   c:\documents and settings\fulgencio\.dvdcss
2009-12-26 20:47 . 2009-12-26 20:47   --------   d-----w-   c:\documents and settings\fulgencio\Datos de programa\dvdcss
2009-12-26 17:41 . 2009-12-26 17:42   --------   d-----w-   c:\archivos de programa\CCleaner
2009-12-26 17:09 . 2009-12-26 17:09   --------   d-----w-   c:\archivos de programa\MSXML 4.0
2009-12-26 16:39 . 2005-05-05 07:48   67072   ----a-w-   c:\windows\system32\Spool\prtprocs\w32x86\hpzpp3xu.dll
2009-12-26 16:39 . 2005-05-05 07:51   37376   ----a-w-   c:\windows\system32\hpz3l3xu.dll
2009-12-26 16:39 . 2008-04-13 18:45   15104   -c--a-w-   c:\windows\system32\dllcache\usbscan.sys
2009-12-26 16:39 . 2008-04-13 18:45   15104   ----a-w-   c:\windows\system32\drivers\usbscan.sys
2009-12-26 12:03 . 2009-12-26 12:03   --------   d-----w-   c:\archivos de programa\DNIe
2009-12-26 11:57 . 2009-12-26 11:57   --------   d-----w-   c:\archivos de programa\PDF Suite
2009-12-26 11:49 . 2010-01-01 23:19   --------   d-----w-   c:\documents and settings\fulgencio\Datos de programa\Vso
2009-12-26 11:49 . 2009-12-26 11:49   47360   ----a-w-   c:\windows\system32\drivers\pcouffin.sys
2009-12-26 11:49 . 2009-12-26 11:49   47360   ----a-w-   c:\documents and settings\fulgencio\Datos de programa\pcouffin.sys
2009-12-26 11:49 . 2009-09-02 15:41   217127   ----a-w-   c:\windows\system32\drv43260.dll
2009-12-26 11:49 . 2009-09-02 15:41   208935   ----a-w-   c:\windows\system32\drv33260.dll
2009-12-26 11:49 . 2009-09-02 15:41   102439   ----a-w-   c:\windows\system32\sipr3260.dll
2009-12-26 11:49 . 2009-09-02 15:41   65602   ----a-w-   c:\windows\system32\cook3260.dll
2009-12-26 11:49 . 2009-09-02 15:41   626688   ----a-w-   c:\windows\system32\vp7vfw.dll
2009-12-26 11:49 . 2009-09-02 15:41   176165   ----a-w-   c:\windows\system32\drv23260.dll
2009-12-26 11:49 . 2009-09-02 15:41   1184984   ----a-w-   c:\windows\system32\wvc1dmod.dll
2009-12-26 11:49 . 2009-12-26 11:49   --------   d-----w-   c:\archivos de programa\VSO
2009-12-26 11:41 . 2010-01-21 11:14   --------   d-----w-   c:\archivos de programa\Your Uninstaller 2008
2009-12-26 09:20 . 2009-12-26 09:21   --------   d-----w-   c:\documents and settings\fulgencio\Datos de programa\Nero
2009-12-26 09:10 . 2009-12-26 09:10   --------   d-----w-   c:\archivos de programa\Windows Sidebar
2009-12-26 09:03 . 2009-12-26 09:11   --------   d-----w-   c:\archivos de programa\Nero
2009-12-26 09:02 . 2009-12-26 09:07   --------   d-----w-   c:\documents and settings\All Users\Datos de programa\Nero
2009-12-26 09:02 . 2009-12-26 09:19   --------   d-----w-   c:\archivos de programa\Archivos comunes\Nero
2009-12-26 08:32 . 2009-12-10 11:35   30536   ----a-w-   c:\windows\system32\TURegOpt.exe
2009-12-26 08:32 . 2009-12-10 11:28   30024   ----a-w-   c:\windows\system32\uxtuneup.dll
2009-12-26 08:31 . 2009-12-26 08:32   --------   d-----w-   c:\archivos de programa\TuneUp Utilities 2010
2009-12-26 08:31 . 2009-12-26 08:31   --------   d-sh--w-   c:\documents and settings\All Users\Datos de programa\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2009-12-26 02:02 . 2009-12-26 02:02   --------   d-sh--w-   c:\documents and settings\LocalService\IETldCache
2009-12-26 00:51 . 2010-01-22 12:23   --------   dc----w-   c:\windows\system32\DRVSTORE
2009-12-26 00:48 . 2010-01-22 12:23   --------   d-----w-   c:\documents and settings\All Users\Datos de programa\Lavasoft
2009-12-26 00:45 . 2009-12-26 00:45   --------   d-----w-   c:\archivos de programa\Archivos comunes\CyberLink
2009-12-26 00:44 . 2009-12-26 00:44   29480   ----a-w-   c:\windows\system32\msxml3a.dll
2009-12-26 00:42 . 2009-12-26 01:23   53319   ----a-w-   c:\documents and settings\All Users\Datos de programa\TEMP\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}\PostBuild.exe
2009-12-26 00:18 . 2009-12-26 00:19   --------   d-----w-   c:\documents and settings\fulgencio\Datos de programa\CyberLink
2009-12-26 00:08 . 2006-11-29 12:06   3426072   ----a-w-   c:\windows\system32\d3dx9_32.dll
2009-12-26 00:08 . 2006-09-28 15:05   2414360   ----a-w-   c:\windows\system32\d3dx9_31.dll
2009-12-26 00:08 . 2009-12-26 00:08   --------   d-----w-   c:\windows\Logs
2009-12-26 00:08 . 2009-12-26 00:08   --------   d-----w-   c:\archivos de programa\Winamp Detect
2009-12-26 00:07 . 2010-01-16 10:21   --------   d-----w-   c:\documents and settings\fulgencio\Datos de programa\Winamp

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-21 13:52 . 2009-12-25 17:20   --------   d--h--w-   c:\archivos de programa\InstallShield Installation Information
2010-01-21 13:34 . 2009-12-25 17:30   --------   d-----w-   c:\documents and settings\All Users\Datos de programa\Panda Security
2010-01-21 08:28 . 2010-01-21 12:59   8530   ----a-w-   c:\windows\pchealth\helpctr\Config\Cache\Personal_32_3082.dat
2010-01-18 16:39 . 2004-08-20 12:00   91782   ----a-w-   c:\windows\system32\perfc00A.dat
2010-01-18 16:39 . 2004-08-20 12:00   508614   ----a-w-   c:\windows\system32\perfh00A.dat
2010-01-17 18:07 . 2009-12-25 17:59   --------   d-----w-   c:\archivos de programa\Creative
2010-01-16 15:02 . 2010-01-16 13:50   --------   d-----w-   c:\documents and settings\fulgencio\Datos de programa\Nokia
2010-01-16 14:56 . 2010-01-16 13:50   --------   d-----w-   c:\archivos de programa\Archivos comunes\Nokia
2010-01-16 14:56 . 2010-01-16 13:49   --------   d-----w-   c:\archivos de programa\Nokia
2010-01-16 14:55 . 2010-01-16 14:55   36864   ----a-w-   c:\documents and settings\All Users\Datos de programa\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\Sleep.exe
2010-01-16 14:55 . 2010-01-16 14:55   3351812   ----a-w-   c:\documents and settings\All Users\Datos de programa\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\msxml6Exec.exe
2010-01-16 14:55 . 2010-01-16 14:55   3203453   ----a-w-   c:\documents and settings\All Users\Datos de programa\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\vcredistExec.exe
2010-01-16 14:52 . 2010-01-16 13:50   --------   d-----w-   c:\documents and settings\fulgencio\Datos de programa\PC Suite
2010-01-16 14:52 . 2010-01-16 14:52   0   ---ha-w-   c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2010-01-16 14:52 . 2010-01-16 14:52   0   ---ha-w-   c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2010-01-16 13:50 . 2010-01-16 13:50   --------   d-----w-   c:\documents and settings\All Users\Datos de programa\PC Suite
2010-01-16 13:50 . 2010-01-16 13:50   --------   d-----w-   c:\archivos de programa\Archivos comunes\PCSuite
2010-01-16 13:49 . 2010-01-16 13:49   --------   d-----w-   c:\archivos de programa\PC Connectivity Solution
2010-01-16 13:49 . 2010-01-16 13:49   95232   ----a-w-   c:\documents and settings\All Users\Datos de programa\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\pcswpcsi.exe
2010-01-16 13:49 . 2010-01-16 13:49   8192   ----a-w-   c:\documents and settings\All Users\Datos de programa\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstCCD.exe
2010-01-16 13:49 . 2010-01-16 13:49   61440   ----a-w-   c:\documents and settings\All Users\Datos de programa\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2010-01-16 13:49 . 2010-01-16 13:49   10240   ----a-w-   c:\documents and settings\All Users\Datos de programa\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstPCS.exe
2010-01-16 13:47 . 2010-01-16 13:49   33669504   ----a-w-   c:\documents and settings\All Users\Datos de programa\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Nokia_PC_Suite_7_1_40_1_spa_web.exe
2010-01-16 13:44 . 2010-01-16 14:56   24416256   ----a-w-   c:\documents and settings\All Users\Datos de programa\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\NokiaSoftwareUpdaterSetup_es.exe
2010-01-04 11:37 . 2009-12-25 17:47   --------   d-----w-   c:\archivos de programa\CyberLink
2010-01-04 11:30 . 2009-12-25 17:48   --------   d-----w-   c:\documents and settings\All Users\Datos de programa\CyberLink
2010-01-04 11:30 . 2009-12-25 17:37   --------   d-----w-   c:\archivos de programa\ASUSTeK
2009-12-25 21:01 . 2009-12-25 17:03   76487   ----a-w-   c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-12-25 17:54 . 2009-12-25 17:54   --------   d-----w-   c:\archivos de programa\SMC
2009-12-25 17:54 . 2009-12-25 17:54   13378560   ----a-w-   c:\archivos de programa\SMC2802W 2.4GHz 54 Mbps Wireless PCI Adapter.msi
2009-12-25 17:54 . 2009-12-25 17:54   15872   ----a-w-   c:\archivos de programa\1034.MST
2009-12-25 17:53 . 2009-12-25 17:54   5275   ----a-w-   c:\archivos de programa\0x040a.ini
2009-12-25 17:51 . 2009-12-25 17:49   --------   d-----w-   c:\archivos de programa\ArcSoft
2009-12-25 17:39 . 2009-12-25 17:39   --------   d-----w-   c:\archivos de programa\ASUS
2009-12-25 17:38 . 2009-12-25 17:35   7296   --s---w-   c:\windows\system32\drivers\EIO.SYS
2009-12-25 17:36 . 2009-12-25 17:18   --------   d-----w-   c:\archivos de programa\Archivos comunes\InstallShield
2009-12-25 17:31 . 2009-12-25 17:31   --------   d-----w-   c:\documents and settings\All Users\Datos de programa\Backup
2009-12-25 17:20 . 2009-12-25 17:20   --------   d-----w-   c:\archivos de programa\Realtek Sound Manager
2009-12-25 17:20 . 2009-12-25 17:20   --------   d-----w-   c:\archivos de programa\AvRack
2009-12-25 17:04 . 2009-12-25 17:04   --------   d-----w-   c:\archivos de programa\microsoft frontpage
2009-12-25 17:03 . 2009-12-25 17:03   --------   d-----w-   c:\archivos de programa\Servicios en línea
2009-12-25 17:02 . 2009-12-25 17:02   21900   ----a-w-   c:\windows\system32\emptyregdb.dat
2009-12-21 19:06 . 2004-08-20 12:00   916480   ----a-w-   c:\windows\system32\wininet.dll
2009-11-21 15:58 . 2004-08-20 12:00   471552   ----a-w-   c:\windows\AppPatch\aclayers.dll
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ASUS SmartDoctor"="c:\program files\ASUS\SmartDoctor\\SmartDoctor.exe" [2004-09-17 974848]
"PC Suite Tray"="c:\archivos de programa\Nokia\Nokia PC Suite 7\PCSuite.exe" [2004-03-07 844800]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Device Detector"="DevDetect.exe -autorun" [X]
"UserFaultCheck"="c:\windows\system32\dumprep 0 -u" [X]
"SoundMan"="SOUNDMAN.EXE" [2004-11-15 77824]
"NVRaidService"="c:\windows\system32\nvraidservice.exe" [2004-09-02 83968]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-09-03 4554752]
"nwiz"="nwiz.exe" [2004-09-03 921600]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2004-09-03 86016]
"CertificateRegistration"="aetcrss1.exe" [2005-10-31 28672]
"SunJavaUpdateSched"="c:\archivos de programa\Java\jre6\bin\jusched.exe" [2009-12-25 149280]
"WinampAgent"="c:\archivos de programa\Winamp\winampa.exe" [2009-12-18 39424]
"GrooveMonitor"="c:\archivos de programa\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"PDFServiceEngine"="c:\archivos de programa\PDF Suite\PDFServiceEngine.exe" [2008-06-25 393216]
"RegistrarUsrDNIeCertStoreDLL"="c:\archivos de programa\DNIe\udcs.exe" [2009-03-02 37888]
"HP Software Update"="c:\archivos de programa\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Men£ Inicio\Programas\Inicio\
HP Digital Imaging Monitor.lnk - c:\archivos de programa\HP\Digital Imaging\bin\hpqtra08.exe [2005-5-11 282624]
SMC2802W 54Mbps WLAN Monitor.lnk - c:\archivos de programa\SMC\SMC2802W 2.4GHz 54 Mbps Wireless PCI Adapter\Installer\WINXP\SMC11GMonitor.exe [2003-11-28 860262]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\archivos de programa\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"CTRegRun"=c:\windows\CTRegRun.EXE

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Archivos de programa\\uTorrent\\uTorrent.exe"=
"c:\\Documents and Settings\\fulgencio\\Mis documentos\\DESCARGAS\\utorrent.exe"=
"c:\\Archivos de programa\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Archivos de programa\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Archivos de programa\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Archivos de programa\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Archivos de programa\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Archivos de programa\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Archivos de programa\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Archivos de programa\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Archivos de programa\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Archivos de programa\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Archivos de programa\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Archivos de programa\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Archivos de programa\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Archivos de programa\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Archivos de programa\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Archivos de programa\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Archivos de programa\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Archivos de programa\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Archivos de programa\\HP\\Digital Imaging\\bin\\hpoews01.exe"=

R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\archivos de programa\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [10/12/2009 12:32 1044808]
R3 2802W;SMC2802W 2.4GHz 54 Mbps Wireless PCI Driver;c:\windows\system32\drivers\2802W.sys [08/03/2004 16:23 390112]
R3 SCR33X USB Smart Card Reader;SCR33X USB Smart Card Reader;c:\windows\system32\drivers\SCR33X2K.sys [06/04/2004 4:24 64088]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\archivos de programa\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14/10/2009 7:24 10064]
R3 w3304an5;WN3X0X Wireless Adapter;c:\archiv~1\SMC\SMC280~1.4GH\INSTAL~1\WINXP\w3304an5.SYS [07/10/2002 4:14 15104]
S3 SCR131C;SCRx31 Serial Smart Card Reader;c:\windows\system32\drivers\SCR131C.sys [07/11/2002 4:04 181875]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\aetsprov]
2005-10-27 09:33   20480   ----a-w-   c:\windows\system32\aetsprov.dll

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\Credential Manager]
2005-12-16 14:18   1241088   ----a-w-   c:\windows\system32\aetcmgr.dll
.
Contents of the 'Scheduled Tasks' folder

2010-01-22 c:\windows\Tasks\Análisis automático.job
- c:\archivos de programa\TuneUp Utilities 2010\TuneUpSystemStatusCheck.exe [2009-12-10 11:38]

2010-01-22 c:\windows\Tasks\User_Feed_Synchronization-{B31B3EFF-9FB9-46D3-9B76-ADECBECC174A}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 03:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://google.es/
IE: E&xportar a Microsoft Excel - c:\archiv~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\fulgencio\Datos de programa\Mozilla\Firefox\Profiles\43tdrpts.default\
FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query=
FF - prefs.js: browser.search.selectedEngine - Winamp Search
FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampab&query=
FF - component: c:\archivos de programa\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - plugin: c:\archivos de programa\Mozilla Firefox\plugins\npwachk.dll
FF - plugin: c:\archivos de programa\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - ORPHANS REMOVED - - - -

SafeBoot-Lavasoft Ad-Aware Service
SafeBoot-PskSvcRetail



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-22 13:33
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...  

scanning hidden autostart entries ...

scanning hidden files ...  

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(3968)
c:\windows\system32\WININET.dll
c:\windows\system32\webcheck.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\System32\SCardSvr.exe
c:\windows\ATKKBService.exe
c:\archivos de programa\Java\jre6\bin\jqs.exe
c:\archivos de programa\Archivos comunes\Nero\Nero BackItUp 4\NBService.exe
c:\windows\SOUNDMAN.EXE
c:\windows\system32\RUNDLL32.EXE
c:\windows\system32\aetcrss1.exe
c:\archivos de programa\Archivos comunes\ACD Systems\ES\DevDetect.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\HPZipm12.exe
c:\windows\system32\wdfmgr.exe
c:\archivos de programa\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
c:\windows\system32\wscntfy.exe
c:\archivos de programa\HP\Digital Imaging\bin\hpqSTE08.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Completion time: 2010-01-22  13:39:38 - machine was rebooted
ComboFix-quarantined-files.txt  2010-01-22 12:39

Pre-Run: 166.823.145.472 bytes libres
Post-Run: 166.407.811.072 bytes libres

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - 39DCAB2BA482A4552FC835897C409FFD

Desconectado Mr_X

  • Moderador
  • ******
  • Mensajes: 2635
Re: VIRUS worm:win bagle gan! c
« Respuesta #5 en: 22 de Enero de 2010, 04:46:14 pm »
Tenías bastante basura... Actualiza los programas antimalware y pásalos iniciando en Modo seguro... Saca un log del HijackThis (clic aquí) y otro del Autoruns (clic aquí)...
"... I'll wait I sow the seed, I set the scene and I watch the world go by..."

Desconectado gentxo

  • Pro Member
  • ****
  • Mensajes: 866
Re: VIRUS worm:win bagle gan! c
« Respuesta #6 en: 22 de Enero de 2010, 10:29:14 pm »
Dime como desinstalo ComboFix pues unas instrucciones que bienen en el manual que he descargado creo que no ha funcionado.
Las indicaciones son estas.
Inicio=> Ejecutar=>Teclear o Copiar y pegar el siguieen comandoy pulsar Enter ComboFix /u pero cuando hago Enter lo que me sale es el ejecutable del mismo..


Bien Log de Hijackthis.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:44:53, on 22/01/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Archivos de programa\Microsoft Security Essentials\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Archivos de programa\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\nvraidservice.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\aetcrss1.exe
C:\Archivos de programa\Java\jre6\bin\jusched.exe
C:\Archivos de programa\Winamp\winampa.exe
C:\Archivos de programa\Microsoft Office\Office12\GrooveMonitor.exe
C:\Archivos de programa\HP\HP Software Update\HPWuSchd2.exe
C:\Archivos de programa\Archivos comunes\ACD Systems\ES\DevDetect.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Archivos de programa\HP\Digital Imaging\bin\hpqtra08.exe
C:\Archivos de programa\SMC\SMC2802W 2.4GHz 54 Mbps Wireless PCI Adapter\Installer\WINXP\SMC11GMonitor.exe
C:\WINDOWS\ATKKBService.exe
C:\Archivos de programa\Java\jre6\bin\jqs.exe
C:\Archivos de programa\Archivos comunes\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Archivos de programa\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\Archivos de programa\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Archivos de programa\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Archivos de programa\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\explorer.exe
C:\Archivos de programa\Microsoft Security Essentials\msseces.exe
C:\Archivos de programa\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.es/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
O2 - BHO: Aplicación auxiliar de vínculos de Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Archivos de programa\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Archivos de programa\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Archivos de programa\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [CertificateRegistration] aetcrss1.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Archivos de programa\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Archivos de programa\Winamp\winampa.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Archivos de programa\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [PDFServiceEngine] C:\Archivos de programa\PDF Suite\PDFServiceEngine.exe
O4 - HKLM\..\Run: [RegistrarUsrDNIeCertStoreDLL] "C:\Archivos de programa\DNIe\udcs.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Archivos de programa\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [MSSE] "c:\Archivos de programa\Microsoft Security Essentials\msseces.exe" -hide
O4 - HKCU\..\Run: [ASUS SmartDoctor] C:\Program Files\ASUS\SmartDoctor\\SmartDoctor.exe  /start
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Archivos de programa\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Archivos de programa\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: SMC2802W 54Mbps WLAN Monitor.lnk = C:\Archivos de programa\SMC\SMC2802W 2.4GHz 54 Mbps Wireless PCI Adapter\Installer\WINXP\SMC11GMonitor.exe
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Agregar entrada - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Archivos de programa\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Agregar entrada en Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Archivos de programa\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARCHIV~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARCHIV~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARCHIV~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O9 - Extra button: PDF Suite - {EE8D6672-6616-43E6-B42D-2EEBE3A090A7} - C:\Archivos de programa\PDF Suite\IE_Plugin.dll (HKCU)
O9 - Extra 'Tools' menuitem: Convert with PDF Suite - {EE8D6672-6616-43E6-B42D-2EEBE3A090A7} - C:\Archivos de programa\PDF Suite\IE_Plugin.dll (HKCU)
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Archivos de programa\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Archivos de programa\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Archivos de programa\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Archivos de programa\Archivos comunes\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia - C:\Archivos de programa\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Archivos de programa\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Archivos de programa\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

--
End of file - 8083 bytes

-------------------------------------------------------------------------------

Log de Autoruns

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms"   ""   ""   ""
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\AppSetup"   ""   ""   ""
"HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Startup"   ""   ""   ""
"HKCU\Software\Policies\Microsoft\Windows\System\Scripts\Logon"   ""   ""   ""
"HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Logon"   ""   ""   ""
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit"   ""   ""   ""
"HKCU\SOFTWARE\Classes\Protocols\Filter"   ""   ""   ""
"HKLM\SOFTWARE\Classes\Protocols\Filter"   ""   ""   ""
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"   ""   ""   ""
+ "Aplicación auxiliar de vínculos de Adobe PDF Reader"   "Adobe PDF Helper for Internet Explorer"   "(Verified) Adobe Systems, Incorporated"   "c:\archivos de programa\archivos comunes\adobe\acrobat\activex\acroiehelper.dll"
"Task Scheduler"   ""   ""   ""
"HKLM\System\CurrentControlSet\Services"   ""   ""   ""
"HKLM\System\CurrentControlSet\Services"   ""   ""   ""
+ "2802W"   "SMC2802W Wireless NDIS 5.1 Driver"   "(Not verified) SMC Networks, Inc."   "c:\windows\system32\drivers\2802w.sys"
"HKCU\Software\Microsoft\Windows NT\CurrentVersion\Drivers32"   ""   ""   ""
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32"   ""   ""   ""
"HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute"   ""   ""   ""
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options"   ""   ""   ""
"HKLM\Software\Microsoft\Command Processor\Autorun"   ""   ""   ""
"HKCU\Software\Microsoft\Command Processor\Autorun"   ""   ""   ""
"HKCU\SOFTWARE\Classes\Exefile\Shell\Open\Command\(Default)"   ""   ""   ""
"HKLM\SOFTWARE\Classes\Exefile\Shell\Open\Command\(Default)"   ""   ""   ""
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls"   ""   ""   ""
"HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls"   ""   ""   ""
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\ServiceControllerStart"   ""   ""   ""
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\LsaStart"   ""   ""   ""
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\System"   ""   ""   ""
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\UIHost"   ""   ""   ""
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries"   ""   ""   ""
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors"   ""   ""   ""
"HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SecurityProviders"   ""   ""   ""
"HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order"   ""   ""   ""


Ah dime como desintalo ComboFix si es que crees que no es necesario ya pues se que tiene que ver para que los CD o DVD y discos externos arranque automaticamente 
Gracias

Desconectado Mr_X

  • Moderador
  • ******
  • Mensajes: 2635
Re: VIRUS worm:win bagle gan! c
« Respuesta #7 en: 23 de Enero de 2010, 12:19:50 am »
El ComboFix no se instala en el equipo... Para restablecer la funcionalidad de los CDs dale con el botón derecho a la unidad-->Propiedades-->Reproducción automática...
"... I'll wait I sow the seed, I set the scene and I watch the world go by..."

Desconectado gentxo

  • Pro Member
  • ****
  • Mensajes: 866
Re: VIRUS worm:win bagle gan! c
« Respuesta #8 en: 23 de Enero de 2010, 03:07:21 am »
No consigo la reproduccion automatica ni con las bandejas ni con los pen driver o discos duros esternos

Desconectado Mr_X

  • Moderador
  • ******
  • Mensajes: 2635
Re: VIRUS worm:win bagle gan! c
« Respuesta #9 en: 23 de Enero de 2010, 05:17:51 am »
Revisa las políticas: botón Inicio-->Ejecutar-->GPEDIT.MSC-->Configuración del equipo-->Sistema-->del lado derecho de la ventana verifica que 'Desactivar reproducción automática' esté como 'Deshabilitada' ó 'No configurada'...
"... I'll wait I sow the seed, I set the scene and I watch the world go by..."

 

Aviso Legal | Política de Privacidad | Política de Cookies

el contenido de la web se rige bajo licencia
Creative Commons License