ComboFix 09-12-05.03 - Diosita 06/12/2009 12:02.1.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.34.3082.18.3071.1880 [GMT 1:00] Running from: c:\users\Diosita\Desktop\ComboFix.exe SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\$recycle.bin\S-1-5-21-2152478756-3922319563-605102323-500 c:\program files\ATI Technologies\ATI.ACE\Core-Static\atIAcmxx.dll c:\programdata\Microsoft\WLSetup c:\programdata\Microsoft\WLSetup\Logs\2009-08-01_18-17_b08-zeyk9lzg.log c:\programdata\Microsoft\WLSetup\wlt9687.tmp . ((((((((((((((((((((((((( Files Created from 2009-11-06 to 2009-12-06 ))))))))))))))))))))))))))))))) . 2009-12-06 11:12 . 2009-12-06 11:12 -------- d-----w- c:\users\Default\AppData\Local\temp 2009-12-05 11:23 . 2009-12-05 11:23 -------- d-----w- c:\users\Diosita\AppData\Local\Panda Security 2009-12-05 11:22 . 2009-12-05 11:22 13880 ----a-w- c:\windows\system32\drivers\COMFiltr.sys 2009-12-05 11:22 . 2009-12-06 10:16 172324 ----a-w- c:\windows\system32\drivers\APPFCONT.DAT 2009-12-05 11:22 . 2009-12-05 11:22 262 ----a-w- c:\windows\system32\PavCPL.dat 2009-12-05 11:22 . 2009-06-16 12:33 46728 ----a-w- c:\windows\system32\drivers\wnmflt.sys 2009-12-05 11:22 . 2009-06-16 12:32 53128 ----a-w- c:\windows\system32\drivers\dsaflt.sys 2009-12-05 11:22 . 2009-06-16 12:32 193800 ----a-w- c:\windows\system32\drivers\idsflt.sys 2009-12-05 11:19 . 2009-06-30 09:37 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys 2009-12-05 11:19 . 2009-12-05 11:19 -------- d-----w- c:\program files\Common Files\Panda Security 2009-12-05 11:19 . 2009-06-30 16:17 163336 ----a-w- c:\windows\system32\drivers\PavProc.sys 2009-12-05 11:19 . 2008-03-04 14:59 41144 ----a-w- c:\windows\system32\drivers\ShlDrv51.sys 2009-12-05 11:00 . 2009-12-05 11:00 -------- d-----w- c:\users\Diosita\AppData\Roaming\Malwarebytes 2009-12-05 11:00 . 2009-12-03 15:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-12-05 11:00 . 2009-12-05 11:00 4096 d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-12-05 11:00 . 2009-12-05 11:00 -------- d-----w- c:\programdata\Malwarebytes 2009-12-05 11:00 . 2009-12-03 15:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-11-25 11:42 . 2009-10-29 09:17 2048 ----a-w- c:\windows\system32\tzres.dll 2009-11-25 07:08 . 2009-08-11 16:44 1401856 ----a-w- c:\windows\system32\msxml6.dll 2009-11-25 07:08 . 2009-08-11 16:44 1248768 ----a-w- c:\windows\system32\msxml3.dll 2009-11-19 15:17 . 2009-10-21 00:04 45232 ------w- c:\windows\system32\drivers\DKRtWrt.sys 2009-11-19 15:17 . 2009-11-19 15:17 -------- d-----w- c:\program files\Common Files\Diskeeper Corporation 2009-11-19 15:17 . 2009-11-19 15:17 -------- d-----w- c:\programdata\Diskeeper Corporation 2009-11-19 15:17 . 2009-11-19 15:17 -------- d-----w- c:\program files\Windows Home Server 2009-11-19 15:17 . 2009-11-19 15:17 -------- d-----w- c:\program files\Diskeeper Corporation 2009-11-19 15:14 . 2009-11-19 15:15 -------- d-----w- c:\users\Diosita\Diskeeper 2009-11-18 23:09 . 2009-11-18 23:09 -------- d-----w- c:\program files\Windows Portable Devices 2009-11-18 21:56 . 2009-10-01 01:02 30208 ------w- c:\windows\system32\WPDShextAutoplay.exe 2009-11-18 21:55 . 2009-10-08 21:08 555520 ------w- c:\windows\system32\UIAutomationCore.dll 2009-11-18 21:55 . 2009-10-08 21:08 234496 ------w- c:\windows\system32\oleacc.dll 2009-11-18 21:55 . 2009-10-08 21:07 4096 ------w- c:\windows\system32\oleaccrc.dll 2009-11-15 18:53 . 2009-08-14 13:27 2036736 ------w- c:\windows\system32\win32k.sys 2009-11-15 18:52 . 2009-08-10 12:35 355328 ------w- c:\windows\system32\WSDApi.dll 2009-11-15 18:29 . 2009-08-07 02:24 44768 ------w- c:\windows\system32\wups2.dll 2009-11-15 18:29 . 2009-08-07 02:24 53472 ------w- c:\windows\system32\wuauclt.exe 2009-11-15 18:29 . 2009-08-07 01:45 2421760 ------w- c:\windows\system32\wucltux.dll 2009-11-15 18:29 . 2009-08-07 02:23 1929952 ------w- c:\windows\system32\wuaueng.dll 2009-11-15 18:29 . 2009-08-07 02:24 35552 ------w- c:\windows\system32\wups.dll 2009-11-15 18:29 . 2009-08-07 02:23 575704 ------w- c:\windows\system32\wuapi.dll 2009-11-15 18:29 . 2009-08-07 01:44 87552 ------w- c:\windows\system32\wudriver.dll 2009-11-15 18:29 . 2009-08-06 18:23 171608 ------w- c:\windows\system32\wuwebv.dll 2009-11-15 18:29 . 2009-08-06 17:44 33792 ------w- c:\windows\system32\wuapp.exe . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-12-06 10:53 . 2006-11-02 15:46 673544 ----a-w- c:\windows\system32\perfh00A.dat 2009-12-06 10:53 . 2006-11-02 15:46 133436 ----a-w- c:\windows\system32\perfc00A.dat 2009-12-06 10:18 . 2009-12-05 11:22 1132 ----a-w- c:\windows\system32\drivers\APPFLTR.CFG.bck 2009-12-06 10:18 . 2009-12-05 11:22 1132 ----a-w- c:\windows\system32\drivers\APPFLTR.CFG 2009-12-06 10:16 . 2009-12-05 11:22 172324 ----a-w- c:\windows\system32\drivers\APPFCONT.DAT.bck 2009-12-06 00:07 . 2009-07-21 15:08 12 ----a-w- c:\windows\bthservsdp.dat 2009-12-05 11:21 . 2009-12-05 11:21 -------- d-----w- c:\program files\Panda Security 2009-12-05 11:21 . 2009-12-05 11:21 -------- d-----w- c:\users\Diosita\AppData\Roaming\Panda Security 2009-12-05 11:21 . 2009-12-05 11:21 -------- d-----w- c:\programdata\Panda Security 2009-12-05 11:21 . 2007-12-14 10:01 4096 d--h--w- c:\program files\InstallShield Installation Information 2009-12-05 10:35 . 2007-12-14 09:57 1356 ----a-w- c:\users\Diosita\AppData\Local\d3d9caps.dat 2009-11-21 15:55 . 2008-09-21 20:22 1109 ----a-w- c:\users\Diosita\AppData\Roaming\Genie-soft\GBMPro8\Jobs\Backup Job\00000000\maindata.sys 2009-11-20 20:08 . 2008-04-15 23:06 4096 d-----w- c:\programdata\Roxio 2009-11-19 17:44 . 2008-02-13 18:06 4096 d-----w- c:\program files\Java 2009-11-18 23:09 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat 2009-11-18 23:09 . 2009-11-18 23:09 0 ---h--w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf 2009-11-18 23:08 . 2009-11-18 23:08 0 ---h--w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf 2009-11-16 09:01 . 2006-11-02 11:18 4096 d-----w- c:\program files\Windows Mail 2009-11-02 19:42 . 2009-10-17 17:09 195456 ------w- c:\windows\system32\MpSigStub.exe 2009-10-31 20:45 . 2009-10-29 10:55 4096 d-----w- c:\program files\nLite 2009-10-21 18:39 . 2007-12-14 09:57 72048 ------w- c:\users\Diosita\AppData\Local\GDIPFONTCACHEV1.DAT 2009-10-21 18:29 . 2009-10-21 18:13 4096 d-----w- c:\program files\Microsoft Works 2009-10-21 18:13 . 2009-10-21 18:13 -------- d-----w- c:\program files\Microsoft.NET 2009-10-21 17:47 . 2009-02-19 22:42 -------- d-----w- c:\program files\Microsoft 2009-10-21 17:07 . 2009-02-04 17:58 -------- d-----w- c:\users\Diosita\AppData\Roaming\SUPERAntiSpyware.com 2009-10-21 16:53 . 2008-02-28 08:50 -------- d-----w- c:\programdata\Apple Computer 2009-10-17 18:56 . 2007-12-16 19:17 4096 d-----w- c:\users\Diosita\AppData\Roaming\SecondLife 2009-10-17 18:56 . 2007-12-14 18:58 8192 d-----w- c:\program files\SecondLife 2009-10-17 17:00 . 2008-06-07 19:03 4096 d-----w- c:\program files\Microsoft Silverlight 2009-10-11 03:17 . 2008-12-24 07:24 411368 ------w- c:\windows\system32\deploytk.dll 2009-10-01 01:02 . 2009-11-18 21:56 2537472 ------w- c:\windows\system32\wpdshext.dll 2009-10-01 01:02 . 2009-11-18 21:56 334848 ------w- c:\windows\system32\PortableDeviceApi.dll 2009-10-01 01:02 . 2009-11-18 21:56 87552 ------w- c:\windows\system32\WPDShServiceObj.dll 2009-10-01 01:02 . 2009-11-18 21:56 31232 ------w- c:\windows\system32\BthMtpContextHandler.dll 2009-10-01 01:01 . 2009-11-18 21:56 546816 ------w- c:\windows\system32\wpd_ci.dll 2009-10-01 01:01 . 2009-11-18 21:56 160256 ------w- c:\windows\system32\PortableDeviceTypes.dll 2009-10-01 01:01 . 2009-11-18 21:56 60928 ------w- c:\windows\system32\PortableDeviceConnectApi.dll 2009-10-01 01:01 . 2009-11-18 21:56 350208 ------w- c:\windows\system32\WPDSp.dll 2009-10-01 01:01 . 2009-11-18 21:56 196608 ------w- c:\windows\system32\PortableDeviceWMDRM.dll 2009-10-01 01:01 . 2009-11-18 21:56 100864 ------w- c:\windows\system32\PortableDeviceClassExtension.dll 2009-10-01 01:01 . 2009-11-18 21:56 81920 ------w- c:\windows\system32\wpdbusenum.dll 2009-10-01 01:01 . 2009-11-18 21:56 40448 ------w- c:\windows\system32\drivers\WpdUsb.sys 2009-10-01 01:01 . 2009-11-18 21:56 226816 ------w- c:\windows\system32\WpdMtp.dll 2009-10-01 01:01 . 2009-11-18 21:56 61952 ------w- c:\windows\system32\WpdMtpUS.dll 2009-10-01 01:01 . 2009-11-18 21:56 33280 ------w- c:\windows\system32\WpdConns.dll 2009-09-30 22:07 . 2009-12-05 11:21 75016 ----a-w- c:\windows\system32\drivers\APPFLT.SYS 2009-09-25 02:10 . 2009-11-18 21:57 974848 ------w- c:\windows\system32\WindowsCodecs.dll 2009-09-25 02:07 . 2009-11-18 21:57 189440 ------w- c:\windows\system32\WindowsCodecsExt.dll 2009-09-25 02:04 . 2009-11-18 21:57 321024 ------w- c:\windows\system32\PhotoMetadataHandler.dll 2009-09-25 01:49 . 2009-11-18 21:57 1554432 ------w- c:\windows\system32\xpsservices.dll 2009-09-25 01:48 . 2009-11-18 21:57 351232 ------w- c:\windows\system32\XpsPrint.dll 2009-09-25 01:38 . 2009-11-18 21:57 847360 ------w- c:\windows\system32\OpcServices.dll 2009-09-25 01:36 . 2009-11-18 21:57 280064 ------w- c:\windows\system32\XpsGdiConverter.dll 2009-09-25 01:35 . 2009-11-18 21:57 135680 ------w- c:\windows\system32\XpsRasterService.dll 2009-09-25 01:33 . 2009-11-18 21:57 195584 ------w- c:\windows\system32\dxdiagn.dll 2009-09-25 01:33 . 2009-11-18 21:57 829440 ------w- c:\windows\system32\d3d10warp.dll 2009-09-25 01:33 . 2009-11-18 21:57 369664 ------w- c:\windows\system32\WMPhoto.dll 2009-09-25 01:32 . 2009-11-18 21:57 252928 ------w- c:\windows\system32\dxdiag.exe 2009-09-25 01:31 . 2009-11-18 21:57 519680 ------w- c:\windows\system32\d3d11.dll 2009-09-25 01:31 . 2009-11-18 21:57 486912 ------w- c:\windows\system32\d3d10level9.dll 2009-09-25 01:31 . 2009-11-18 21:57 161280 ------w- c:\windows\system32\d3d10_1.dll 2009-09-25 01:31 . 2009-11-18 21:57 218112 ------w- c:\windows\system32\d3d10_1core.dll 2009-09-25 01:31 . 2009-11-18 21:57 1030144 ------w- c:\windows\system32\d3d10.dll 2009-09-25 01:31 . 2009-11-18 21:57 828928 ------w- c:\windows\system32\d2d1.dll 2009-09-25 01:30 . 2009-11-18 21:57 481792 ------w- c:\windows\system32\dxgi.dll 2009-09-25 01:30 . 2009-11-18 21:57 190464 ------w- c:\windows\system32\d3d10core.dll 2009-09-25 01:27 . 2009-11-18 21:57 634880 ------w- c:\windows\system32\drivers\dxgkrnl.sys 2009-09-25 01:27 . 2009-11-18 21:57 37888 ------w- c:\windows\system32\cdd.dll 2009-09-25 01:27 . 2009-11-18 21:57 793088 ------w- c:\windows\system32\FntCache.dll 2009-09-25 01:27 . 2009-11-18 21:57 1064448 ------w- c:\windows\system32\DWrite.dll 2009-09-24 22:54 . 2009-11-18 21:57 258048 ------w- c:\windows\system32\winspool.drv 2009-09-24 22:54 . 2009-11-18 21:57 667648 ------w- c:\windows\system32\printfilterpipelinesvc.exe 2009-09-24 22:54 . 2009-11-18 21:57 26112 ------w- c:\windows\system32\printfilterpipelineprxy.dll 2009-09-14 09:29 . 2009-10-17 17:08 144896 ------w- c:\windows\system32\drivers\srv2.sys 2009-09-10 16:48 . 2009-10-17 17:10 218624 ------w- c:\windows\system32\msv1_0.dll 2009-09-10 14:59 . 2009-10-27 18:25 8147456 ------w- c:\windows\system32\wmploc.DLL 2009-09-10 14:58 . 2009-10-27 18:25 310784 ------w- c:\windows\system32\unregmp2.exe 2009-09-10 02:01 . 2009-11-18 21:57 3023360 ------w- c:\windows\system32\UIRibbon.dll 2009-09-10 02:00 . 2009-11-18 21:57 1164800 ------w- c:\windows\system32\UIRibbonRes.dll 2009-09-10 02:00 . 2009-11-18 21:57 92672 ------w- c:\windows\system32\UIAnimation.dll 2009-09-09 09:29 . 2009-12-05 11:21 199432 ----a-w- c:\windows\system32\drivers\neti1639.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920] "swg"="c:\program files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2007-12-14 171448] "GBMPro8Agent"="c:\program files\Genie-Soft\GBMPro8\GBMAgent.exe" [2008-09-11 189056] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" [X] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184] "RtHDVCpl"="RtHDVCpl.exe" [2007-07-06 4669440] "Skytel"="Skytel.exe" [2007-06-15 1826816] "GBMPro8Agent"="c:\program files\Genie-Soft\GBMPro8\GBMAgent.exe" [2008-09-11 189056] "RoxWatchTray"="c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe" [2007-08-24 240112] "DMXLauncher"="c:\program files\Roxio\CinePlayer\DMXLauncher.exe" [2007-08-14 113136] "CTCheck"="c:\program files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe" [2007-11-06 397312] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696] "Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdcBase.exe" [2007-05-31 648072] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280] "APVXDWIN"="c:\program files\Panda Security\Panda Global Protection 2010\APVXDWIN.EXE" [2009-09-25 906496] "SCANINICIO"="c:\program files\Panda Security\Panda Global Protection 2010\Inicio.exe" [2009-08-12 56064] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Iniciar OpdiTracker.lnk - c:\program files\Opdicom\OpdiTracker\OptT3STA.exe [2007-4-3 225280] NDAS Device Management.lnk - c:\program files\NDAS\System\ndasmgmt.exe [2007-11-27 236520] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr] 2008-03-18 15:58 58672 ----a-w- c:\windows\System32\avldr.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PskSvcRetail] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "VistaSp2"=hex(b):ad,3e,5a,33,44,e1,c9,01 R0 lfsfilt;Lean File Sharing;c:\windows\System32\drivers\lfsfilt.sys [12/02/2008 9:18 254440] R0 lpx;LPX Protocol;c:\windows\System32\drivers\lpx.sys [27/11/2007 17:06 62056] R0 pavboot;Panda boot driver;c:\windows\System32\drivers\pavboot.sys [05/12/2009 12:19 28552] R1 APPFLT;App Filter Plugin;c:\windows\System32\drivers\APPFLT.SYS [05/12/2009 12:21 75016] R1 DSAFLT;DSA Filter Plugin;c:\windows\System32\drivers\dsaflt.sys [05/12/2009 12:22 53128] R1 FNETMON;NetMon Filter Plugin;c:\windows\System32\drivers\fnetmon.sys [05/12/2009 12:21 22072] R1 IDSFLT;Ids Filter Plugin;c:\windows\System32\drivers\idsflt.sys [05/12/2009 12:22 193800] R1 ndasfat;NDAS FAT;c:\windows\System32\drivers\ndasfat.sys [12/02/2008 9:18 372584] R1 NETFLTDI;Panda Net Driver [TDI Layer];c:\windows\System32\drivers\NETFLTDI.SYS [05/12/2009 12:21 159112] R1 ShldDrv;Panda File Shield Driver;c:\windows\System32\drivers\ShlDrv51.sys [05/12/2009 12:19 41144] R1 WNMFLT;Wifi Monitor Filter Plugin;c:\windows\System32\drivers\wnmflt.sys [05/12/2009 12:22 46728] R2 AmFSM;AmFSM;c:\windows\System32\drivers\amm8660.sys [05/12/2009 12:21 49160] R2 ComFiltr;Panda Anti-Dialer;c:\windows\System32\drivers\COMFiltr.sys [05/12/2009 12:22 13880] R2 Gwmsrv;Panda Goodware Cache Manager;c:\windows\system32\svchost -k Panda --> c:\windows\system32\svchost -k Panda [?] R2 PavProc;Panda Process Protection Driver;c:\windows\System32\drivers\PavProc.sys [05/12/2009 12:19 163336] R2 PskSvcRetail;Panda PSK service;c:\program files\Panda Security\Panda Global Protection 2010\psksvc.exe [05/12/2009 12:21 28928] R3 DKRtWrt;DKRtWrt;c:\windows\System32\drivers\DKRtWrt.sys [19/11/2009 16:17 45232] R3 ndasbus;NDAS Bus Driver;c:\windows\System32\drivers\ndasbus.sys [27/11/2007 17:06 75752] R3 ndasscsi;NDAS SCSI Miniport Driver;c:\windows\System32\drivers\ndasscsi.sys [27/11/2007 17:06 187240] R3 NETIMFLT01060039;PANDA NDIS IM Filter Miniport v1.6.0.39;c:\windows\System32\drivers\neti1639.sys [05/12/2009 12:21 199432] S2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files\Roxio\Digital Home 10\RoxioUpnpService10.exe [24/08/2007 14:53 362992] S2 RoxLiveShare10;LiveShare P2P Server 10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe [24/08/2007 14:52 309744] S2 RoxWatch10;Roxio Hard Drive Watcher 10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe [24/08/2007 14:52 166384] S3 FontCache;Servicio de caché de fuentes de Windows;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [01/04/2008 8:47 21504] S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [24/08/2007 14:53 72176] S3 RoxMediaDB10;RoxMediaDB10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [24/08/2007 14:52 1083888] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] WindowsMobile REG_MULTI_SZ wcescomm rapimgr LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr bthsvcs REG_MULTI_SZ BthServ LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache panda REG_MULTI_SZ Gwmsrv . ------- Supplementary Scan ------- . uStart Page = hxxp://www.terra.es/ IE: E&xportar a Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 DPF: Garmin Communicator Plug-In - hxxps://my.garmin.com/static/m/cab/2.6.4/GarminAxControl.CAB DPF: {B785FA3C-1DE9-4D20-8396-613C486FE95E} - hxxps://aeat.es/imagenes/comun/cactivex.cab FF - ProfilePath - c:\users\Diosita\AppData\Roaming\Mozilla\Firefox\Profiles\ys01d3q2.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.terra.es/ FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- FF - user.js: general.useragent.extra.zencast - Creative ZENcast v2.00.13);user_pref(yahoo.homepage.dontask, truec:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true); . - - - - ORPHANS REMOVED - - - - AddRemove-NVIDIA Drivers - c:\windows\system32\nvunrm.exe UninstallGUI ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-12-06 12:12 Windows 6.0.6002 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Completion time: 2009-12-06 12:15 ComboFix-quarantined-files.txt 2009-12-06 11:15 Pre-Run: 72.530.911.232 bytes libres Post-Run: 72.766.074.880 bytes libres - - End Of File - - 420C831B27137A0653CEB3A11F4BDAA5