Foro de Spyware - Ver Mensaje Individual - PC muy lento y se abren ventanas publicidad

Tema: PC muy lento y se abren ventanas publicidad

Ver Mensaje Individual

post #3 (permalink)

15/05/08, 14:31:48

gitaniko

Usuario

Registrado: may 2008

Ubicación: España

Mensajes: 2

Re: PC muy lento y se abren ventanas publicidad

Muchas gracias por las instrucciones. Parece que de momento va todo perfecto.

El ComboFix no he podido hacerlo funcionar ya que pulsaba dos veces, se abría una ventana y se cerraba rápidamente.

Aquí dejo mi log de MALWAREBYTES:

Malwarebytes' Anti-Malware 1.12
Versión de la Base de Datos: 744

Tipo de examen : Examen Completo (C:\|)
Objetos examinados: 203635
Tiempo transcurrido: 1 hour(s), 16 minute(s), 6 second(s)

Procesos en Memoria Infectados: 0
Módulos en Memoria Infectados: 2
Claves del Registro Infectadas: 24
Valores del Registro Infectados: 2
Elementos de Datos del Registro Infectados: 2
Carpetas Infectadas: 0
Ficheros Infectados: 24

Procesos en Memoria Infectados:
(No se han detectado elementos maliciosos)

Módulos en Memoria Infectados:
C:\WINDOWS\system32\qvuxyvxn.dll (Trojan.Vundo) -> Unloaded module successfully.
C:\WINDOWS\system32\rqRKCssR.dll (Trojan.Vundo) -> Unloaded module successfully.

Claves del Registro Infectadas:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{6c19aa22-5e2a-4bb3-9ce0-ac414db278e8} (Trojan.Vundo) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{6c19aa22-5e2a-4bb3-9ce0-ac414db278e8} (Trojan.Vundo) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{7f3ea905-de65-4d00-bc1f-ff3a77f8ca30} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2dc488b2-d891-101b-8652-00aa003a5593} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2dc488b3-d891-101b-8652-00aa003a5593} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2dc488b4-d891-101b-8652-00aa003a5593} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2dc488b5-d891-101b-8652-00aa003a5593} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2dc488b6-d891-101b-8652-00aa003a5593} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2dc488b7-d891-101b-8652-00aa003a5593} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2dc488b9-d891-101b-8652-00aa003a5593} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2dc488ba-d891-101b-8652-00aa003a5593} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2dc488bb-d891-101b-8652-00aa003a5593} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8996b0a1-d7be-101b-8650-00aa003a5593} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\WR (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Helper (Spyware.Banker) -> Quarantined and deleted successfully.

Valores del Registro Infectados:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\ShellExecuteHooks\{7f3ea905-de65-4d00-bc1f-ff3a77f8ca30} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\BM57b7ed91 (Trojan.Agent) -> Delete on reboot.

Elementos de Datos del Registro Infectados:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\rqrkcssr -> Delete on reboot.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\Lsa\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\rqrkcssr -> Delete on reboot.

Carpetas Infectadas:
(No se han detectado elementos maliciosos)

Ficheros Infectados:
C:\WINDOWS\system32\fhpssfmt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tmfssphf.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\iygrfypp.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ppyfrgyi.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ofgvevcy.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ycvevgfo.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qvuxyvxn.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\nxvyxuvq.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rqRKCssR.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\RssCKRqr.ini (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\RssCKRqr.ini2 (Trojan.Vundo) -> Delete on reboot.
C:\Documents and Settings\Tino\Configuración local\Archivos temporales de Internet\Content.IE5\YR7T3670\moorate[1] (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{03E39A46-99CA-4C28-BB0B-D904C3C951B7}\RP1306\A0343154.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{03E39A46-99CA-4C28-BB0B-D904C3C951B7}\RP1306\A0343160.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{03E39A46-99CA-4C28-BB0B-D904C3C951B7}\RP1309\A0344308.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{03E39A46-99CA-4C28-BB0B-D904C3C951B7}\RP1309\A0344346.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dbyedneu.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xvvubflt.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\Cfx32.ocx (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yqhulici.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\ps.dat (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cookie.dat (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\alog.txt (Stolen.Data) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\help.txt (Stolen.Data) -> Quarantined and deleted successfully.