Anti Virus

ComboFix 11-03-19.04 - Adolfo 20/03/2011 11:23:37.23.
2 - x86
Microsoft Windows Vista Home Premium 6.0.6002.2.1252.57.3082.18.3034.1690 [GMT 5:00]
Running from: c:\users\Adolfo\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2011-02-20 to 2011-03-20 )))))))
))))))))))))))))))))))))
.
.
2011-03-20 16:48 . 2011-03-20 16:48
-------d-----wc:\users
\Public\AppData\Local\temp
2011-03-20 16:48 . 2011-03-20 16:48
-------d-----wc:\users
\Invitado\AppData\Local\temp
2011-03-20 16:48 . 2011-03-20 16:48
-------d-----wc:\users
\Default\AppData\Local\temp
2011-03-20 12:28 . 2011-03-20 12:28
28752 ----a-wc:\programdata\M
icrosoft\Microsoft Antimalware\Definition Updates\{B597589E-95B6-4C2C-96F2-7A7A9
17C727B}\MpKsl345668b8.sys
2011-03-20 12:28 . 2011-02-11 06:54
icrosoft\Microsoft Antimalware\Definition Updates\{B597589E-95B6-4C2C-96F2-7A7A9
17C727B}\mpengine.dll
2011-03-19 19:53 . 2010-09-16 17:26
37336 ----a-wc:\windows\syste
m32\CleanMFT32.exe
2011-03-19 19:53 . 2008-04-02 21:54
m32\UniBox210.ocx
2011-03-19 19:53 . 2008-04-02 21:53
m32\UniBoxVB12.ocx
2011-03-19 19:53 . 2008-04-02 21:53
m32\UniBox10.ocx
2011-03-19 19:53 . 2004-08-04 13:00
m32\msxml.dll
2011-03-19 19:53 . 2011-03-19 19:53
-------d-----wc:\progr
am files\Common Files\PC Tools
2011-03-19 17:00 . 2008-07-09 09:05
m32\ac3filter.acm
2011-03-19 17:00 . 2011-03-19 17:00
-------d-----wc:\progr
am files\XP Codec Pack
2011-03-19 16:59 . 2011-03-19 16:59
-------d-----wc:\users
\Adolfo\AppData\Local\DDMSettings
2011-03-19 16:57 . 2011-03-19 16:58
-------d-----wC:\Codig
osAVI
2011-03-19 16:57 . 2011-03-19 16:57
-------d-----wC:\Nueva
carpeta (4)
2011-03-19 16:48 . 2011-03-19 16:48
-------d-----wc:\progr
am files\BabylonToolbar
2011-03-19 14:50 . 2011-03-19 14:50
-------d-----wc:\windo
ws\system32\aliedit
2011-03-19 14:50 . 2011-03-19 14:50
-------d-----wc:\progr
am files\Trademanager
2011-03-18 13:58 . 2011-03-18 13:58
-------d-----wc:\users
\Adolfo\AppData\Local\Alibaba
2011-03-08 21:01 . 2010-12-17 15:45
m32\mstscax.dll
2011-03-08 21:01 . 2010-12-17 13:54
m32\mstsc.exe
2011-03-08 20:59 . 2010-12-29 18:28
m32\sbe.dll
2011-03-08 20:59 . 2010-12-29 18:28
m32\sbeio.dll
2011-03-08 20:59 . 2010-12-29 18:28
m32\EncDec.dll
2011-03-08 20:59 . 2010-12-29 18:26
m32\mpg2splt.ax
2011-03-05 23:01 . 2011-03-06 18:37
-------d-----wC:\ULFI
2011-03-02 00:35 . 2011-03-20 16:48
-------d-----wc:\users
\Adolfo\AppData\Local\temp
2011-03-01 14:31 . 2011-03-01 14:31
-------d-----wc:\progr
am files\Common Files\BCL Technologies
2011-03-01 13:44 . 2011-03-01 13:45
-------d-----wc:\progr
am files\Common Files\Adobe
2011-02-26 18:56 . 2011-03-01 14:32
-------d-----wC:\VENTU
RES
2011-02-24 21:34 . 2011-02-24 21:34
-------d-----wC:\Diego
2011-02-24 17:58 . 2011-02-24 19:12
-------d-----wC:\WEBAG
UANOVA
2011-02-22 13:00 . 2011-02-22 13:00
-------d-----wC:\TURIS
MO
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))
)))))))))))))))))))))))))))))))
.
2011-03-08 23:39 . 2010-06-24 16:33
icrosoft\IdentityCRL\production\ppcrlconfig600.dll
2011-02-16 13:41 . 2011-02-16 13:41
75776 ----a-wc:\windows\cadka
sdeinst01s.exe
2011-02-13 17:31 . 2011-02-13 17:31
8704
----a-wc:\windows\syste
m32\SpOrder.dll
2011-02-13 17:31 . 2011-02-13 17:31
m32\VistaInfo32.dll
2011-02-11 06:54 . 2009-10-05 23:16
icrosoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-01-29 13:55 . 2011-01-29 13:55
439632 ------wc:\programdata\M
icrosoft\Microsoft Antimalware\Definition Updates\{52935293-4DC4-45A6-BFB1-01CA1
686AC59}\gapaengine.dll
2011-01-20 16:37 . 2011-02-09 12:38
m32\drivers\dxgkrnl.sys
2011-01-20 16:08 . 2011-02-09 12:38
m32\dxgi.dll
2011-01-20 16:08 . 2011-02-09 12:38
m32\d3d10_1core.dll
2011-01-20 16:08 . 2011-02-09 12:38
m32\d3d10_1.dll
2011-01-20 16:08 . 2011-02-09 12:38
m32\d3d10.dll
2011-01-20 16:08 . 2011-02-09 12:38
m32\d3d10core.dll
2011-01-20 16:07 . 2011-02-09 12:38
m32\cdd.dll
2011-01-20 16:07 . 2011-02-09 12:38
m32\winspool.drv
2011-01-20 16:07 . 2011-02-09 12:38
m32\stobject.dll
2011-01-20 16:06 . 2011-02-09 12:38
m32\mf.dll
2011-01-20 16:06 . 2011-02-09 12:38
m32\printfilterpipelineprxy.dll
2011-01-20 16:04 . 2011-02-09 12:38
m32\mfplat.dll
2011-01-20 16:04 . 2011-02-09 12:38
m32\mfps.dll
2011-01-20 14:28 . 2011-02-09 12:38
m32\xpsservices.dll
2011-01-20 14:27 . 2011-02-09 12:38
m32\XpsPrint.dll
2011-01-20 14:26 . 2011-02-09 12:38
m32\printfilterpipelinesvc.exe
2011-01-20 14:25 . 2011-02-09 12:38
m32\OpcServices.dll
2011-01-20 14:24 . 2011-02-09 12:38
m32\XpsGdiConverter.dll
2011-01-20 14:24 . 2011-02-09 12:38
m32\XpsRasterService.dll
2011-01-20 14:15 . 2011-02-09 12:38
m32\MFH264Dec.dll
2011-01-20 14:14 . 2011-02-09 12:38
m32\MFHEAACdec.dll
2011-01-20 14:14 . 2011-02-09 12:38
m32\mfmp4src.dll
2011-01-20 14:14 . 2011-02-09 12:38
m32\mfreadwrite.dll
2011-01-20 14:12 . 2011-02-09 12:38
m32\d3d10warp.dll
2011-01-20 14:11 . 2011-02-09 12:38
m32\d3d10level9.dll
2011-01-20 13:47 . 2011-02-09 12:38
m32\d2d1.dll
2011-01-20 13:44 . 2011-02-09 12:38
m32\DWrite.dll
2011-01-20 13:44 . 2011-02-09 12:38
m32\FntCache.dll
2011-01-08 08:47 . 2011-02-09 12:36
m32\atmlib.dll
2011-01-08 06:28 . 2011-02-09 12:36
m32\atmfd.dll
2010-12-31 13:57 . 2011-02-09 12:39
m32\win32k.sys
2010-12-28 15:55 . 2011-01-12 19:13
m32\odbc32.dll
2010-12-25 22:27 . 2010-12-25 22:27
45056 ----a-rc:\users\Adolfo\
AppData\Roaming\Microsoft\Installer\{42929F0F-CE14-47AF-9FC7-FF297A603021}\NewSh
ortcut1_42929F0FCE1447AF9FC7FF297A603021_1.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))
)))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{9c905b42-976e-43c1-bc30-fc5937017909}"= "c:\program files\shARES\tbshA0.dll" [
2008-09-15 1784856]
"{0974848a-b5bc-49f2-9778-307742b4a55d}"= "c:\program files\softonic.com4\tbsoft
.dll" [2010-10-18 3908192]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files\DVDVideoSoftTB\tbDVD
0.dll" [2010-10-18 3908192]
"{69dfef64-c99e-4db0-bc63-ceb3bd218569}"= "c:\program files\TraduceGratis\tbTra0

.dll" [2010-12-09 3911776]
"{ba5844d2-b2c5-49eb-86f5-248d776a6f08}"= "c:\program files\Uptodown\prxtbUpto.d
ll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{9c905b42-976e-43c1-bc30-fc5937017909}]
.
[HKEY_CLASSES_ROOT\clsid\{0974848a-b5bc-49f2-9778-307742b4a55d}]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_CLASSES_ROOT\clsid\{69dfef64-c99e-4db0-bc63-ceb3bd218569}]
.
[HKEY_CLASSES_ROOT\clsid\{ba5844d2-b2c5-49eb-86f5-248d776a6f08}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0974848a-b5bc-49f2-9778-307742b4a5
5d}]
2010-10-18 17:26
3908192 ----a-wc:\program files\softonic.com4\t
bsoft.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD24
9D}]
2010-10-18 10:26
3908192 ----a-wc:\program files\ConduitEngine\C
onduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{64182481-4F71-486b-A045-B233BD0DA8
FC}]
c:\program files\facemoods.com\facemoods\1.4.17.1\bh\facemoods.dll [BU]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{69dfef64-c99e-4db0-bc63-ceb3bd2185
69}]
2010-12-09 17:51
3911776 ----a-wc:\program files\TraduceGratis\t
bTra0.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5
f5}]
2010-10-18 10:26
3908192 ----a-wc:\program files\DVDVideoSoftTB\
tbDVD0.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9c905b42-976e-43c1-bc30-fc59370179
09}]
2008-09-15 11:47
1784856 ----a-wc:\program files\shARES\tbshA0.d
ll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ba5844d2-b2c5-49eb-86f5-248d776a6f
08}]
2011-01-17 21:54
175912 ----a-wc:\program files\Uptodown\prxtbU
pto.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{9c905b42-976e-43c1-bc30-fc5937017909}"= "c:\program files\shARES\tbshA0.dll" [
2008-09-15 1784856]
"{0974848a-b5bc-49f2-9778-307742b4a55d}"= "c:\program files\softonic.com4\tbsoft
.dll" [2010-10-18 3908192]
"{DB4E9724-F518-4dfd-9C7C-78B52103CAB9}"= "c:\program files\facemoods.com\facemo
ods\1.4.17.1\facemoodsTlbr.dll" [BU]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\Condui
tEngine.dll" [2010-10-18 3908192]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files\DVDVideoSoftTB\tbDVD
0.dll" [2010-10-18 3908192]
"{69dfef64-c99e-4db0-bc63-ceb3bd218569}"= "c:\program files\TraduceGratis\tbTra0

.dll" [2010-12-09 3911776]
"{ba5844d2-b2c5-49eb-86f5-248d776a6f08}"= "c:\program files\Uptodown\prxtbUpto.d
ll" [2011-01-17 175912]
.
.
.
[HKEY_CLASSES_ROOT\clsid\{db4e9724-f518-4dfd-9c7c-78b52103cab9}]
[HKEY_CLASSES_ROOT\facemoods.dskBnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]
[HKEY_CLASSES_ROOT\facemoods.dskBnd]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
.
.
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{9C905B42-976E-43C1-BC30-FC5937017909}"= "c:\program files\shARES\tbshA0.dll" [
2008-09-15 1784856]
"{0974848A-B5BC-49F2-9778-307742B4A55D}"= "c:\program files\softonic.com4\tbsoft
.dll" [2010-10-18 3908192]
"{872B5B88-9DB5-4310-BDD0-AC189557E5F5}"= "c:\program files\DVDVideoSoftTB\tbDVD
0.dll" [2010-10-18 3908192]
"{69DFEF64-C99E-4DB0-BC63-CEB3BD218569}"= "c:\program files\TraduceGratis\tbTra0
.dll" [2010-12-09 3911776]
"{BA5844D2-B2C5-49EB-86F5-248D776A6F08}"= "c:\program files\Uptodown\prxtbUpto.d
ll" [2011-01-17 175912]
.
.
.
.
.
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
[2009-06-05 39408]
"SightSpeed"="c:\program files\Dell Video Chat\DellVideoChat.exe" [2008-12-18 48
23928]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"ScrUpd.exe"="c:\windows\System32\ScrUpd.exe" [2007-09-21 158208]
"PC Speed Maximizer"="c:\program files\PC Speed Maximizer\SPMTray.exe" [BU]
"googletalk"="c:\program files\Google\Google Talk\googletalk.exe" [2007-11-21 32
93184]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"ConferenceRS"="c:\windows\ConferenceRS.exe" [2010-12-10 4177648]
"aliim"="c:\program files\Trademanager\aliim.exe" [2011-03-02 214424]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe
" [2010-05-14 248552]

"Persistence"="c:\windows\system32\igfxpers.exe" [2008-12-09 154136]
"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-02-05 1
28232]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-12-09 150040]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2
008-05-07 178712]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-12-09 178712]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [
2008-10-25 31072]
"Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickS
earchBox.exe" [2009-09-22 122368]
"facemoods"="c:\program files\facemoods.com\facemoods\1.4.17.1\facemoodssrv.exe"
[BU]
"dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009
-01-30 206064]
"Dell Webcam Central"="c:\program files\Dell Webcam\Dell Webcam Central\WebcamDe
ll.exe" [2008-06-03 446635]
"Dell DataSafe Online"="c:\program files\Dell DataSafe Online\DataSafeOnline.exe
" [2008-11-03 1745648]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2008-12-22 3810
304]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2008-09-04 200704]
"TkBellExe"="c:\program files\real\realplayer\Update\realsched.exe" [2011-01-18
274608]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 99740
8]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_
sl.exe" [2011-01-30 35736]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-1116 932288]
"Nitro PDF Printer Monitor"="c:\program files\Nitro PDF\Professional\NitroPDFPri
nterMonitor.exe" [2009-01-16 209216]
"BabylonToolbar"="c:\program files\BabylonToolbar\BabylonToolbar\1.4.19.19\Babyl
onToolbarsrv.exe" [2010-11-07 286720]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-02-15 1230
704]
"SSDMonitor"="c:\program files\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2
010-11-15 112600]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RealUpgradeHelper"="c:\program files\Common Files\Real\Update_OB\upgrdhlp.exe"
[BU]
.
c:\users\Invitado\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-2-27 1316192]
.
c:\users\Adolfo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-2-27 1316192]
Recorte de pantalla e Inicio rpido de OneNote 2007.lnk - c:\program files\Microso
ft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
Tabla de contenido de OneNote.onetoc2 [2009-6-6 3656]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-6-5
752168]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra0
8.exe [N/A]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SS
Scheduler.exe [2010-1-15 255536]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Star
tup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-2-27
1316192]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.s
ys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2197353019-6
37075332-1472733929-1000]
"EnableNotificationsRef"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c
:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate1c9ed6018e9099;Servicio de actualizacin de Google (gupdate1c9ed6018e909
9);c:\program files\Google\Update\GoogleUpdate.exe [2009-06-15 133104]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program
files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 PCD5SRVC{3F6A8B78-EC003E00-05040104};PCD5SRVC{3F6A8B78-EC003E00-05040104} - P
CDR Kernel Mode Service Helper Driver;c:\progra~1\DELLSU~1\HWDiag\bin\PCD5SRVC.p
kms [2008-11-04 22904]
R3 VST_DPV;VST_DPV;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2008-01-21 987648]
R3 VSTHWBS2;VSTHWBS2;c:\windows\system32\DRIVERS\VSTBS23.SYS [2008-01-21 251904]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\wind
ows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 75
3504]
R4 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRep
ository\stwrt.inf_ae0b52e0\aestsrv.exe [2008-12-15 81920]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Window
s Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.
exe [2008-12-18 155648]
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program
files\Common Files\PC Tools\sMonitor\StartManSvc.exe [2010-10-01 632792]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [20
08-06-12 29736]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVE
RS\MpNWMon.sys [2010-10-25 43392]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrv
WFP.sys [2010-10-25 54144]
S3 NisSrv;Inspeccin de red de Microsoft;c:\program files\Microsoft Security Clien
t\Antimalware\NisSrv.exe [2010-11-11 206360]
S3 OA009Ufd;Creative Camera OA009 Upper Filter Driver;c:\windows\system32\DRIVER
S\OA009Ufd.sys [2008-09-03 144672]
S3 OA009Vid;Creative Camera OA009 Function Driver;c:\windows\system32\DRIVERS\OA
009Vid.sys [2008-09-03 269216]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MPKSL345668B8
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ
BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ
FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2011-03-20 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-0
6-05 22:47]
.
2011-03-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-15 02:20]
.
2011-03-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-15 02:20]
.
2011-03-19 c:\windows\Tasks\Norton Security Scan for Adolfo.job
- c:\program files\Norton Security Scan\Norton Security Scan\Engine\2.7.3.34\Nss
.exe [2010-05-07 09:14]
.
2011-03-19 c:\windows\Tasks\ParetoLogic Registration.job
- c:\program files\Common Files\ParetoLogic\UUS2\UUS.dll [2009-01-13 14:59]
.
2011-03-01 c:\windows\Tasks\ParetoLogic Update Version2.job
- c:\program files\Common Files\ParetoLogic\UUS2\Pareto_Update.exe [2009-01-13 1
4:59]
.
2011-03-20 c:\windows\Tasks\RMSchedule.job
- c:\program files\Registry Mechanic\RegMech.exe [2011-03-19 22:05]
.
2011-03-20 c:\windows\Tasks\User_Feed_Synchronization-{9B938EA0-CF02-4EDF-818E-C
90342AEDF0D}.job
- c:\windows\system32\msfeedssync.exe [2011-02-09 04:47]
.
.
------- Supplementary Scan ------.
uStart Page = about:blank
mStart Page = hxxp://www.misstic.org/
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: Crawler Search - tbr:iemenu
IE: E&xportar a Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Enviar imagen al dispositivo &Bluetooth... - c:\program files\WIDCOMM\Blueto
oth Software\btsendto_ie_ctx.htm
IE: Enviar pgina al dispositivo &Bluetooth... - c:\program files\WIDCOMM\Bluetoot
h Software\btsendto_ie.htm
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\Google
ToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
Trusted Zone: alipay.com
Trusted Zone: alisoft.com
Trusted Zone: taobao.com
TCP: {D9ED355F-24BA-45C6-81E2-0B85241293FD} = 200.13.249.101 200.75.51.133
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Tool
bar\ctbr.dll
.
.
------- File Associations -------
.
.reg=Regedit.Document
.
- - - - ORPHANS REMOVED - - - .
AddRemove-Weather Services - c:\progra~1\THEWEA~1\Framework\wxfw.cpl
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http:/
/www.gmer.net
Rootkit scan 2011-03-20 11:48
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
ConferenceRS = c:\windows\ConferenceRS.exe ?
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PCD5SRVC{3F6A8B78-EC003E00-050
40104}]
"ImagePath"="\??\c:\progra~1\DELLSU~1\HWDiag\bin\PCD5SRVC.pkms"
.
--------------------- LOCKED REGISTRY KEYS --------------------.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC108002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
.
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
.

@Allowed: (B 1 2 3 4 5) (S-1-5-20)
.
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
.
--------------------- DLLs Loaded Under Running Processes --------------------.
- - - - - - - > 'Explorer.exe'(5564)
c:\windows\system32\btmmhook.dll
.
Completion time: 2011-03-20 11:50:58
ComboFix-quarantined-files.txt 2011-03-20 16:50
ComboFix2.txt 2011-03-02 00:35
ComboFix3.txt 2011-01-15 13:53
ComboFix4.txt 2010-12-04 22:38
ComboFix5.txt 2011-03-20 16:20
.
Pre-Run: 126.197.497.856 bytes libres
Post-Run: 126.196.879.360 bytes libres
.
- - End Of File - - CCDEC0E166031B3AFAE849468B2157CB

Anti Virus

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Anti Virus

Uploaded by

Copyright:

Available Formats

ComboFix 11-03-19.04 - Adolfo 20/03/2011 11:23:37.23.

"{69dfef64-c99e-4db0-bc63-ceb3bd218569}"= "c:\program files\TraduceGratis\tbTra0

"{69dfef64-c99e-4db0-bc63-ceb3bd218569}"= "c:\program files\TraduceGratis\tbTra0

" [2010-05-14 248552]

@Denied: (A) (Everyone)

You might also like