PC lenta, y no detecta dispositivos usb

Buscar

		Foro de Spyware » Spyware - Adware - Hijackers - Malwares » Foro Oficial de HijackThis en español
PC lenta, y no detecta dispositivos usb

Para evitar Virus, Spyware y ventanas emergentes, en InfoSpyware recomendamos navegar con: FIREFOX

Foro Oficial de HijackThis en español Analizamos tu log de HijackThis para eliminar Hijackers, Spyware, Adware, ToolBars, Virus, Troyanos y Malwares en gral. Antes lea las Políticas del Foro de HijackThis.

Herramientas

post #1 (permalink)

04/08/08, 23:11:24

dacomaco

Usuario

Registrado: jul 2008

Ubicación: tierra

Mensajes: 3

PC lenta, y no detecta dispositivos usb

Hola a todos, y gracias de antemano, mi problema es que mi pc esta muy lento, por ejemplo abro el windows mwdia y quiero reproducir algo y el windows media se cuelga y tarda al menos 15 minutos en ejecutarse, cuando conecto un pen drive o cualquier dispositivo al puerto usb no lo reconoce de inmediato de igual forma tarda al menos 15 minutos en reconocerlo y eso si lo hace, es decir para que me reconozca algo en el puerto tengo que apagar la laptop esperar dos minutos y encenderla con el dispositivo conectado al puerto, formatie mi disco duro y reinstale el windows con la particon d esoporte que tiene la misma laptop pero al parecer esta particion tambien esta infectada porque despues de unos dias se puso igual, mi disco duro esta a la mitad de lleno asi que no es que esta demasiado lleno, de igual manera pasa con muchos programas que tengo los trato de ejecutar y la compu no hace nada, espues de un momento lo hace todo pero de inmediato, la verdad ya no se que hacer, cualquier ayuda gracias, adjunto el hijackthis.log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:58:40 PM, on 8/4/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\NetWaiting\netWaiting.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Windows NT\HYPERTRM.EXE
C:\Program Files\Mozilla Firefox\firefox.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.alegropcs.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.alegropcs.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.alegropcs.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www1.la.dell.com/content/default.aspx?c=ec&l=es&s=gen
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1B367138-F2FB-43B1-83DC-0283175196B9} - C:\WINDOWS\system32\jkKbaBQH.dll (file missing)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {BD3C6F7C-6C8D-48F6-AC52-5E4071AEB257} - C:\WINDOWS\system32\awtqroOG.dll (file missing)
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe " -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Enlace de descarga usando Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/spanish//kavwebscan_unicode.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1212010392031
O16 - DPF: {AF5674CD-D85A-DB17-D560-EE526C7F07E0} - http://download.antimalwareguard.com/AntiMalwareGuard_Free.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{DC1DEEC1-AD0F-4003-B94A-84607CD602E4}: NameServer = 200.24.208.2 200.24.208.1
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: awtqroOG - awtqroOG.dll (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 8852 bytes

post #2 (permalink)

06/08/08, 01:04:23

ElPiedra

FS-Admin

Registrado: ene 2005

Ubicación: Miami

Mensajes: 29.503

Re: PC lenta, y no detecta dispositivos usb

Hola dacomaco, te doy la bienvenida al Foro de InfoSpyware.

ForoSpyware lo mantenemos voluntarios que tenemos nuestros trabajos y obligaciones fuera, por lo que no estamos 24/7, a lo que te pedimos paciencia en el análisis y respuesta de tu caso. Si 48hrs después de dejarnos el reporte de DSS no recibes una respuesta me puedes enviar un mp de recordatorio.

Descargar Deckard's System Scanner (DSS) y guárdalo en tu escritorio.
Cerrar todas las ventanas abiertas.
Hacele doble clic al archivo DSS.exe y seguí las instrucciones.
Cuando termine, abrirá de forma automática un archivo llamado main.txt el cual tenes que pegar su contenido en este mismo mensaje utilizando el botón de respuesta.
- *Nota* Si no se abre el log, puede encontrar el archivo en la carpeta C:\Deckard\System Scanner .
- *Nota* Si está utilizando Vista, es necesario hacer clic con el botón derecho en el icono dss.exe y seleccionar Ejecutar como Administrador.

Cita:

Si tu antivirus o cortafuegos se queja, por favor, permite a correr este script , ya que no es malicioso.

Una vez generado el reporte es importante que no reinicies tu equipo ya que algunos malwares contienen nombres aleatorios que se modifican en cada reinicio.
Al momento de efectuar los pasos es importante que estén los navegadores y programas cerrados por lo que o imprime los pasos o cópialos al bloc de notas para que los tengas a mano.
Te recomiendo suscribirte al feed de nuestro Blog de InfoSpyware para estar al tanto de las nuevas amenazas que circulan por la red y así en un futuro puedas prevenirlas.

Salu2

Hablándole al mundo en "Twitter""

Novedades del Foro | Antivirus Online | Eliminar Malwares | Políticas del Foro | Blog

* Ayúdanos haciendo una DONACIÓN para poder seguir Ayudando.
* Para evitar Virus y Spywares al navegar por internet, USE FIREFOX !!
* No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

post #3 (permalink)

06/08/08, 02:07:53

dacomaco

Usuario

Registrado: jul 2008

Ubicación: tierra

Mensajes: 3

Re: PC lenta, y no detecta dispositivos usb

Gracias por contestar, ElPiedra, hice lo que me pediste y aqui pego el archivo main.txt que aparecio tras ejecutar el dss.exe, adjunto tambien por si acaso un archivo llamado extra.txt que tambien se genero.

Main.txt

Deckard's System Scanner v20071014.68
Run by musIKito on 2008-08-05 23:23:57
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

System Restore is disabled; attempting to re-enable...success.

-- Last 1 Restore Point(s) --
1: 2008-08-06 04:24:20 UTC - RP1 - System Checkpoint

Backed up registry hives.
Performed disk cleanup.

Total Physical Memory: 447 MiB (512 MiB recommended).

-- HijackThis (run as musIKito.exe) --------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:30:11 PM, on 8/5/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\NetWaiting\netWaiting.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Documents and Settings\musIKito\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\musIKito.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.alegropcs.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.alegropcs.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.alegropcs.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www1.la.dell.com/content/default.aspx?c=ec&l=es&s=gen
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1B367138-F2FB-43B1-83DC-0283175196B9} - C:\WINDOWS\system32\jkKbaBQH.dll (file missing)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {BD3C6F7C-6C8D-48F6-AC52-5E4071AEB257} - C:\WINDOWS\system32\awtqroOG.dll (file missing)
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe " -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Enlace de descarga usando Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/spanish//kavwebscan_unicode.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1212010392031
O16 - DPF: {AF5674CD-D85A-DB17-D560-EE526C7F07E0} - http://download.antimalwareguard.com/AntiMalwareGuard_Free.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: awtqroOG - awtqroOG.dll (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 8706 bytes

-- File Associations -----------------------------------------------------------

All associations okay.

-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 APPDRV - c:\windows\system32\drivers\appdrv.sys <Not Verified; Dell Inc; Application Driver>
R2 IOPort - c:\windows\system32\drivers\ioport.sys <Not Verified; Erik Salaj; IOPort>
R2 TVicPort - c:\windows\system32\drivers\tvicport.sys <Not Verified; EnTech Taiwan; TVicPort Generic Device Driver for Windows 95/98/ME/NT/2000/2003/XP/XP64>
R3 USBVSP - c:\windows\system32\drivers\usbvsp.sys <Not Verified; Atmel Corporation; Atmel USB Serial Adapter>

S3 AVR309Prj (AVR309:USB to UART device driver) - c:\windows\system32\drivers\avr309.sys <Not Verified; author Ing. Igor Cesko and Atmel corporation; AVR interface AVR309-USB driver>
S3 DSproct - c:\program files\dell support\gtaction\triggers\dsproct.sys <Not Verified; GTek Technologies Ltd.; processt>
S3 libusb0 (LibUsb-Win32 - Kernel Driver 03/09/2005, 0.1.10.1) - c:\windows\system32\drivers\libusb0.sys
S3 pccsmcfd (PCCS Mode Change Filter Driver) - c:\windows\system32\drivers\pccsmcfd.sys (file missing)
S3 Profos - c:\program files\common files\bitdefender\bitdefender threat scanner\profos.sys (file missing)
S3 Trufos - c:\program files\common files\bitdefender\bitdefender threat scanner\trufos.sys (file missing)
S3 WinDriver6 - c:\windows\system32\drivers\windrvr6.sys <Not Verified; Jungo; WinDriver Device Driver (x86)>

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 NICCONFIGSVC - c:\program files\dell\quickset\nicconfigsvc.exe <Not Verified; Dell Inc.; NicConfigSvc>

-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {C671678C-82C1-43F3-D700-0049433E9A4B}
Description: WinDriver
Device ID: ROOT\JUNGO\0000
Manufacturer: Jungo
Name: WinDriver
PNP Device ID: ROOT\JUNGO\0000
Service: WinDriver6

-- Scheduled Tasks -------------------------------------------------------------

2008-08-05 22:39:01 260 --a------ C:\WINDOWS\Tasks\Comprobar actualizaciones de Windows Live Toolbar.job
2008-08-01 18:30:00 356 --a------ C:\WINDOWS\Tasks\McAfee.com Scan for Viruses - My Computer (DBP6YDC1-musIKito).job

-- Files created between 2008-07-05 and 2008-08-05 -----------------------------

2008-08-04 20:30:53 7680 --a------ C:\WINDOWS\system32\ff_vfw.dll
2008-08-04 20:30:52 60273 --a------ C:\WINDOWS\system32\pthreadGC2.dll <Not Verified; Open Source Software community project; >
2008-08-04 20:30:51 0 d-------- C:\Program Files\ffdshow
2008-08-03 15:03:40 0 d-------- C:\Documents and Settings\musIKito\Application Data\Megaupload
2008-08-02 12:09:54 0 d-------- C:\Program Files\Trend Micro
2008-07-31 14:35:27 0 --a------ C:\WINDOWS\nsreg.dat
2008-07-31 14:35:14 0 d-------- C:\Documents and Settings\musIKito\Application Data\Mozilla
2008-07-31 12:20:01 0 d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-07-30 22:37:07 0 d-------- C:\WINDOWS\Sun
2008-07-28 19:16:21 89728 --a------ C:\WINDOWS\system32\drivers\usbvsp.sys <Not Verified; Atmel Corporation; Atmel USB Serial Adapter>
2008-07-28 19:16:11 1420565 --a------ C:\WINDOWS\NIU Internet Total Uninstaller.exe
2008-07-17 21:45:10 0 d-------- C:\a1633208ebe2d669c5ee
2008-07-16 17:01:17 0 d-------- C:\Program Files\Netscape
2008-07-16 17:00:50 9728 --a------ C:\WINDOWS\system32\rnaph.dll <Not Verified; Microsoft Corporation; Microsoft® Windows(TM) Operating System>
2008-07-16 16:02:00 0 d-------- C:\Program Files\NIU Internet Total
2008-07-14 15:54:30 0 d-------- C:\Documents and Settings\musIKito\Application Data\PC Suite
2008-07-14 15:54:26 0 d-------- C:\Documents and Settings\All Users\Application Data\PC Suite
2008-07-14 15:53:57 0 d-------- C:\Documents and Settings\musIKito\Application Data\Nokia
2008-07-14 15:51:50 0 d-------- C:\Program Files\DIFX
2008-07-14 15:51:14 48128 --a------ C:\WINDOWS\system32\nmwcdcls.dll <Not Verified; Nokia; >
2008-07-14 15:48:30 0 d-------- C:\Documents and Settings\All Users\Application Data\Installations
2008-07-12 18:04:18 0 d-------- C:\WINDOWS\$SQLUninstallSQL2000-KB948110-v8.00.2050-x86-ENU$
2008-07-11 18

45 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2008-07-11 18

31 0 d-------- C:\Program Files\Common Files\Adobe

-- Find3M Report ---------------------------------------------------------------

2008-08-05 23:21:35 0 d-------- C:\Documents and Settings\musIKito\Application Data\MegauploadToolbar
2008-08-03 15:03:04 0 d-------- C:\Program Files\MegauploadToolbar
2008-08-03 15:01:25 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-07-22 23:07:34 0 d-------- C:\Documents and Settings\musIKito\Application Data\AdobeUM
2008-07-21 19:50:11 81984 --a------ C:\WINDOWS\system32\bdod.bin
2008-07-21 19:42:47 0 d-------- C:\Program Files\Common Files
2008-07-11 17:35:49 0 d-------- C:\Documents and Settings\musIKito\Application Data\Adobe
2008-06-19 23:32:54 0 d-------- C:\Program Files\BitDefender
2008-06-19 23:32:51 0 d-------- C:\Program Files\Common Files\BitDefender
2008-06-18 18:17:20 0 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-06-18 18:17:03 0 d-------- C:\Program Files\MSXML 6.0
2008-06-18 18:06:11 0 d-------- C:\Program Files\MSXML 4.0
2008-06-13 22:52:24 0 d-------- C:\Program Files\Common Files\SystemDoctor
2008-06-13 17:38:41 484948 --ahs---- C:\WINDOWS\system32\HQBabKkj.ini2
2008-06-13 15:16:46 0 d-------- C:\Program Files\AntiMalwareGuard
2008-06-13 14:53:08 0 d-------- C:\Program Files\AVG
2008-06-12 22:21:04 0 d-------- C:\Documents and Settings\musIKito\Application Data\DriveCleaner Free
2008-06-12 15:43:45 0 d-------- C:\Documents and Settings\musIKito\Application Data\SystemDoctor Free
2008-06-09 16:45:30 0 d-------- C:\Program Files\Panda Security
2008-06-05 06:27:44 0 d-------- C:\Documents and Settings\musIKito\Application Data\Sun
2008-06-02 09:17:43 212 --a------ C:\WINDOWS\ildasmfnt.bin

-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1B367138-F2FB-43B1-83DC-0283175196B9}]
C:\WINDOWS\system32\jkKbaBQH.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BD3C6F7C-6C8D-48F6-AC52-5E4071AEB257}]
C:\WINDOWS\system32\awtqroOG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe" [11/10/2005 02:03 PM]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" [05/10/2006 12:12 PM]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [09/22/2006 05:47 AM]
"Dell QuickSet"="C:\Program Files\Dell\QuickSet\quickset.exe" [08/23/2006 05:14 PM]
"Broadcom Wireless Manager UI"="C:\WINDOWS\system32\WLTRAY.exe" [11/23/2006 03:45 AM]
"SigmatelSysTrayApp"="stsystra.exe" [09/22/2006 05:06 AM C:\WINDOWS\stsystra.exe]
"DVDLauncher"="C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [12/09/2005 09:29 PM]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\I SUSPM.exe" [07/27/2004 05:50 PM]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [07/27/2004 05:50 PM]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [06/13/2008 02:53 PM]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT \TINTSETP.exe" [08/04/2004 06:00 AM]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TIN TSETP.exe" [08/04/2004 06:00 AM]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScI nst.exe" [08/04/2004 06:00 AM]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.e xe" [08/04/2004 06:00 AM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"ModemOnHold"="C:\Program Files\NetWaiting\netWaiting.exe" [09/10/2003 03:24 AM]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [10/18/2007 11:34 AM]

[HKEY_USERS\.default\software\microsoft\windows\cur rentversion\run]
"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1 \DW\dwtrig20.exe" -t

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [4/23/2008 3:38:16 AM]
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [1/23/2007 12:30:26 AM]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\ShellExecuteHooks]
"{BD3C6F7C-6C8D-48F6-AC52-5E4071AEB257}"= C:\WINDOWS\system32\awtqroOG.dll [ ]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\awtqroOG]
awtqroOG.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\jkKbaBQH

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc p2psvc p2pimsvc p2pgasvc PNRPSvc

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{5b248ba0-3190-11dd-8158-0019b94e2245}]
AutoRun\command- E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\iuhi64.exe
open\command- E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\iuhi64.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{63079f78-3406-11dd-bd9d-806d6172696f}]
AutoRun\command- E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\iuhi64.exe
open\command- E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\iuhi64.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{6c07a153-3255-11dd-815b-0019b94e2245}]
AutoRun\command- E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\iuhi64.exe
open\command- E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\iuhi64.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{7b5e28de-30f3-11dd-8154-0019b94e2245}]
AutoRun\command- RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\iuhi64.exe
open\command- RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\iuhi64.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{7ca32112-4c72-11dd-878c-0019b94e2245}]
AutoRun\command- fooool.exe
explore\Command- fooool.exe
open\Command- fooool.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{ab0ee3c7-42b6-11dd-876d-0019b94e2245}]
AutoRun\command- 2.cmd
explore\Command- 2.cmd
open\Command- 2.cmd

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{d8f4c7d6-2daa-11dd-8149-0019b94e2245}]
AutoRun\command- RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\iuhi64.exe
open\command- RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\iuhi64.exe

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{18B0E5C2-99CB-11CF-AYX5-00401C648513}]
C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\iuhi64.exe

-- End of Deckard's System Scanner: finished at 2008-08-05 23:35:42 ------------

Extra.txt

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Mobile AMD Sempron(tm) Processor 3500+
Percentage of Memory in Use: 75%
Physical Memory (total/avail): 446.04 MiB / 108.49 MiB
Pagefile Memory (total/avail): 1053.46 MiB / 639.65 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1939.62 MiB

C: is Fixed (NTFS) - 52.71 GiB total, 25.78 GiB free.
D: is CDROM (CDFS)

\\.\PHYSICALDRIVE0 - SAMSUNG HM060HI - 55.89 GiB - 3 partitions
\PARTITION0 - Unknown - 70.57 MiB
\PARTITION1 (bootable) - Installable File System - 52.71 GiB - C:
\PARTITION2 - Unknown - 3.1 GiB

-- Security Center -------------------------------------------------------------

AUOptions is disabled.
Windows Internal Firewall is disabled.

FirstRunDisabled is set.

AV: AVG Anti-Virus Free v8.0 (AVG Technologies)

[HKLM\System\CurrentControlSet\Services\SharedAcces s\Parameters\FirewallPolicy\DomainProfile\Authoriz edApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\syste m32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKLM\System\CurrentControlSet\Services\SharedAcces s\Parameters\FirewallPolicy\StandardProfile\Author izedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\syste m32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\WINDOWS\\system32\\mmc.exe"="C:\\WINDOWS\\sys tem32\\mmc.exe:*:Enabled:Microsoft Management Console"
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"="C:\\Program Files\\AVG\\AVG8\\avgupd.exe:*:Enabled:avgupd.exe"
"C:\\Program Files\\AVG\\AVG8\\avgemc.exe"="C:\\Program Files\\AVG\\AVG8\\avgemc.exe:*:Enabled:avgemc.exe"

-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\musIKito\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=DANIELITO
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\musIKito
LOGONSERVER=\\DANIELITO
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\Sys tem32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;c:\Program Files\Microsoft SQL Server\90\Tools\binn\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WS F;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 76 Stepping 2, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=4c02
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\musIKito\LOCALS~1\Temp
TMP=C:\DOCUME~1\musIKito\LOCALS~1\Temp
USERDOMAIN=DANIELITO
USERNAME=musIKito
USERPROFILE=C:\Documents and Settings\musIKito
VS80COMNTOOLS=C:\Program Files\Microsoft Visual Studio 8\Common7\Tools\
windir=C:\WINDOWS
__COMPAT_LAYER=DisableNXShowUI

-- User Profiles ---------------------------------------------------------------

musIKito (admin)
Administrator (admin)

-- Add/Remove Programs ---------------------------------------------------------

--> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
1.11.9.0 --> "C:\Program Files\MCS Electronics\BASCOM-AVR\unins000.exe"
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activ eX.exe
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugi n.exe
Adobe Reader 7.1.0 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A71000000002}
Adobe Reader Chinese Simplified Fonts --> MsiExec.exe /I{AC76BA86-7AD7-2447-0000-705000000001}
AMD Processor Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe" -l0x9
Archivos auxiliares de instalación de Microsoft SQL Server (español) --> MsiExec.exe /X{44FEB532-0908-4A87-BC22-32F0960717EC}
ATI Catalyst Control Center --> MsiExec.exe /I{AC6AE077-1566-4655-BE73-38A869C150DC}
ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallI NFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
AVG Free 8.0 --> C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
AVRStudio4 --> C:\Program Files\InstallShield Installation Information\{D5D88F8F-FDA4-4CF4-9F3E-3F40118C2120}\setup.exe -runfromtemp -l0x0009 -removeonly
BASCOM-8051 DEMO Setup --> C:\PROGRA~1\MCSELE~1\BASCOM~2\UNWISE.EXE C:\PROGRA~1\MCSELE~1\BASCOM~2\INSTALL.LOG
Broadcom Management Programs --> MsiExec.exe /I{FB64BF25-3593-4E4E-AA85-84AEF1D1475F}
Cisco Networking Academy curriculum 4.0.0.2 --> "C:\CISCO_CCNA\unins000.exe"
Compresor WinRAR --> C:\Program Files\WinRAR\uninstall.exe
Conexant HDA D110 MDC V.92 Modem --> C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BF A&SUBSYS_14F100C3\HXFSETUP.EXE -U -Idel1028p.inf
Dell Support 3.2.1 --> MsiExec.exe /X{CEE2252C-4035-4B27-8EC6-0B085DD3A413}
Dell Wireless WLAN Card --> "C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Dell\Dell Wireless WLAN Card"
Digital Line Detect --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E646DCF0-5A68-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanel
Escritor de VSS de Microsoft SQL Server --> MsiExec.exe /I{EF858DE8-4B84-4FEC-88E9-4CC9FFD2646F}
Extensión de Windows Live Toolbar (Windows Live Toolbar) --> MsiExec.exe /X{01802DCC-4DE0-440B-A63B-FCB0C521DBC3}
ffdshow [rev 2033] [2008-07-05] --> "C:\Program Files\ffdshow\unins000.exe"
Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
Herramientas de Microsoft SQL Server 2005 Express Edition --> MsiExec.exe /I{9ECA16A2-595E-4D9C-A0C4-FE6DB9598E84}
High Definition Audio Driver Package - KB835221 --> C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuni nst.exe
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix 2050 for SQL Server 2000 ENU (KB948110) --> "C:\WINDOWS\$SQLUninstallSQL2000-KB948110-v8.00.2050-x86-ENU$\spuninst\spuninst.exe"
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spunins t.exe"
J2SE Runtime Environment 5.0 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Kaspersky Online Scanner --> C:\WINDOWS\system32\KASPER~1\KASPER~1\kavuninstall .exe
MCU --> MsiExec.exe /I{D2988E9B-C73F-422C-AD4B-A66EBE257120}
Megaupload Toolbar --> C:\Program Files\MegauploadToolbar\uninstall.exe
Menús inteligentes (Windows Live Toolbar) --> MsiExec.exe /X{1479D5E1-7F8D-49CB-AD0A-6DD8ED37662E}
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spu ninst.exe"
Microsoft Device Emulator, versión 1.0 - ESN --> MsiExec.exe /X{4989F660-D303-4E1E-B280-773FBAF5FCF9}
Microsoft Document Explorer 2005 --> C:\Program Files\Common Files\Microsoft Shared\Help 8\Microsoft Document Explorer 2005\install.exe
Microsoft Document Explorer 2005 --> MsiExec.exe /X{44D4AF75-6870-41F5-9181-662EA05507E1}
Microsoft Document Explorer 2005 Language Pack - ESN --> MsiExec.exe /X{43DA3863-85B6-4C37-9BF2-148181978435}
Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{90110C0A-6000-11D3-8CFE-0150048383C9}
Microsoft SQL Server 2005 --> "c:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\ARPWrapper.exe" /Remove
Microsoft SQL Server 2005 Express Edition (SQLEXPRESS) --> MsiExec.exe /I{7018D165-FE75-44A9-8C82-EB1A4B376899}
Microsoft SQL Server 2005 Mobile [ESN] Developer Tools --> MsiExec.exe /X{DD855DBE-BF8C-4E38-A1C9-F3259CCF50B6}
Microsoft SQL Server Desktop Engine (MICROSOFTSMLBIZ) --> MsiExec.exe /X{E09B48B5-E141-427A-AB0C-D3605127224A}
Microsoft SQL Server Native Client --> MsiExec.exe /I{88532296-5477-4934-A883-A6402049247C}
Microsoft User-Mode Driver Framework Feature Pack 1.5 --> "C:\WINDOWS\$NtUninstallWudf01005$\spuninst\spunin st.exe"
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual J# 2.0 Redistributable Package --> C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Micr osoft Visual J# 2.0 Redistributable Package\install.exe
Microsoft Visual Studio 2005 Professional - ESN --> c:\Program Files\Microsoft Visual Studio 8\Microsoft Visual Studio 2005 Professional Edition - ESN\setup.exe
Modem Helper --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F142D56-3326-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanel
Mozilla Firefox (3.0.1) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVC80_x86 --> MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{79ACDEE9-29B6-4E2A-8C65-4352774D5BEA}
NetWaiting --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanel
NIU Internet Total --> C:\WINDOWS\NIU Internet Total Uninstaller.exe
Nokia Connectivity Adapter Cable DKU-5 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F1BA3CD5-89DC-4273-8603-A75F33E9B335}\Setup.exe" -l0x9
Packet Tracer 4.11 --> "C:\Program Files\Packet Tracer 4.11\unins000.exe"
Panda ActiveScan 2.0 --> C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe
Paquete de idioma de Microsoft Document Explorer 2005 - Español --> C:\Program Files\Common Files\Microsoft Shared\Help 8\Microsoft Document Explorer 2005 Language Pack - ESN\install.exe
Paquete de idioma de Microsoft Visual J# 2.0 Redistributable - ESN --> C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Paqu ete de idioma de Microsoft Visual J# 2.0 Redistributable - ESN\install.exe
PowerDVD 5.7 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
Proteus 6 Professional --> C:\Program Files\InstallShield Installation Information\{0FB13C8F-CD29-417F-8459-2D651A1DEC33}\setup.exe -runfromtemp -l0x0009 -removeonly
Proteus 7 Professional --> C:\Program Files\InstallShield Installation Information\{13C4E8F0-B747-4C7C-9090-884832F9F90A}\setup.exe -runfromtemp -l0x0009 -removeonly
QuickSet --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C5074CC4-0E26-4716-A307-960272A90040}\setup.exe" -l0x9 APPDRVNT4
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Step By Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spunins t.exe"
Security Update para Microsoft Visual Studio 2005 Professional - ESN (KB925674) --> C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {124D38C7-5BE5-4D4E-8D6D-9F10DC6B6D11} /package {40610C0A-B084-41E9-A591-0695B548FF2A}
Security Update para Microsoft Visual Studio 2005 Professional - ESN (KB937060) --> C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {78DD9A0A-4AE1-46D0-B9A6-578EFCA47A3C} /package {40610C0A-B084-41E9-A591-0695B548FF2A}
Sonic Activation Module --> MsiExec.exe /I{5B6BE547-21E2-49CA-B2E2-6A5F470593B1}
Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUnin stall
Visor de resaltado (Windows Live Toolbar) --> MsiExec.exe /X{E8B5B4D8-C7EA-4A81-B1DD-A7F4B779B324}
Windows Driver Package - Nokia Modem (03/05/2008 3.7) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_635B28EFCF A9395123BB1C251595CB16129E2560\nokia_bluetooth.inf
Windows Live Asistente para el inicio de sesión --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Windows Live Favorites para Windows Live Toolbar --> MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}
Windows Live installer --> MsiExec.exe /X{9E1DDBE7-BF44-4AC8-87CA-3D25FC63C6E1}
Windows Live Messenger --> MsiExec.exe /X{FC411B47-30BF-428C-9C1E-F6C54A94EA7E}
Windows Live Toolbar --> "C:\Program Files\Windows Live Toolbar\UnInstall.exe" {6998733B-9A6B-4DDE-954A-06992583AB12}
Windows Live Toolbar --> MsiExec.exe /X{6998733B-9A6B-4DDE-954A-06992583AB12}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spunin st.exe"

-- Application Event Log -------------------------------------------------------

Event Record #/Type9405 / Success
Event Submitted/Written: 08/05/2008 05:07:03 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

Event Record #/Type9400 / Error
Event Submitted/Written: 08/05/2008 05:02:44 PM
Event ID/Source: 17120 / MSSQL$SQLEXPRESS
Event Description:
SQL Server no pudo generar el subproceso FRunCM. Busque información sobre posibles problemas relacionados en el registro de errores de SQL Server y el registro de sucesos de Windows.

Event Record #/Type9399 / Error
Event Submitted/Written: 08/05/2008 05:02:44 PM
Event ID/Source: 17826 / MSSQL$SQLEXPRESS
Event Description:
No se pudo iniciar la biblioteca de red debido a un error interno. Para determinar la causa, revise los errores inmediatamente anteriores a éste en el registro de errores.

Event Record #/Type9398 / Error
Event Submitted/Written: 08/05/2008 05:02:44 PM
Event ID/Source: 17182 / MSSQL$SQLEXPRESS
Event Description:
Error de inicialización de TDSSNIClient: 0xd, código de estado 0x1.

Event Record #/Type9397 / Error
Event Submitted/Written: 08/05/2008 05:02:44 PM
Event ID/Source: 17182 / MSSQL$SQLEXPRESS
Event Description:
Error de inicialización de TDSSNIClient: 0xd, código de estado 0x4.

-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.

-- System Event Log ------------------------------------------------------------

Event Record #/Type14017 / Error
Event Submitted/Written: 08/05/2008 11:35:34 PM
Event ID/Source: 7011 / Service Control Manager
Event Description:
Timeout (30000 milliseconds) waiting for a transaction response from the avg8wd service.

Event Record #/Type14016 / Error
Event Submitted/Written: 08/05/2008 11:33:51 PM
Event ID/Source: 7011 / Service Control Manager
Event Description:
Timeout (30000 milliseconds) waiting for a transaction response from the SENS service.

Event Record #/Type14015 / Error
Event Submitted/Written: 08/05/2008 11:32:51 PM
Event ID/Source: 7011 / Service Control Manager
Event Description:
Timeout (30000 milliseconds) waiting for a transaction response from the avg8wd service.

Event Record #/Type14014 / Error
Event Submitted/Written: 08/05/2008 11:31:23 PM
Event ID/Source: 7011 / Service Control Manager
Event Description:
Timeout (30000 milliseconds) waiting for a transaction response from the Schedule service.

Event Record #/Type14013 / Error
Event Submitted/Written: 08/05/2008 11:29:24 PM
Event ID/Source: 7011 / Service Control Manager
Event Description:
Timeout (30000 milliseconds) waiting for a transaction response from the avg8wd service.

-- End of Deckard's System Scanner: finished at 2008-08-05 23:35:42 ------------

PD:

Gracias, muchas gracias por ayudarme.

post #4 (permalink)

06/08/08, 19:21:26

ElPiedra

FS-Admin

Registrado: ene 2005

Ubicación: Miami

Mensajes: 29.503

Re: PC lenta, y no detecta dispositivos usb

Hola ,dacomaco.

Paso 1- Descarga, Instala y/o actualiza estas herramientas: (pero no los ejecutes aun)

Paso 2- Con todos los programas cerrados, ejecuta HijackThis y dale

a las siguientes entradas:

O2 - BHO: (no name) - {1B367138-F2FB-43B1-83DC-0283175196B9} - C:\WINDOWS\system32\jkKbaBQH.dll (file missing)

O2 - BHO: (no name) - {BD3C6F7C-6C8D-48F6-AC52-5E4071AEB257} - C:\WINDOWS\system32\awtqroOG.dll (file missing)

O16 - DPF: {AF5674CD-D85A-DB17-D560-EE526C7F07E0} - http://download.antimalwareguard.com/AntiMalwareGuard_Free.exe

O20 - Winlogon Notify: awtqroOG - awtqroOG.dll (file missing)

Paso 3- Ejecuta estas herramientas, de a una:

Malwarebytes' Anti-Malware
*Nota* Es importante que envíes a "Cuarentena" todo lo que este detecte antes de copiar y pegarnos su reporte.

Antes de usar ComboFix....
Desactiva temporalmente el Antivirus y/o Antispyware.
Cierra todas las ventanas abiertas.
Hacele doble clic al archivo ComboFix.exe y seguí las instrucciones.
Cuando termine, generara un registro en C:\ComboFix.txt.
- *Nota* Mientras CF este trabajando no mover el mouse ya que pararía su proceso.
- *Nota* ComboFix puede reiniciar automáticamente el PC para completar el proceso de eliminación.

Cita:

Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.

Paso 4- Descarga CCleaner y ejecútalo usando primero su opción de "Limpiador" para borrar cookies, temporales de Internet y todos los archivos que este te muestre como obsoletos, y luego usa su opción de "Registro" para limpiar todo el registro de Windows (haciendo copia de seguridad).

Reinicia y nos contas los resultados. junto con el reporte de

Paso 5- Reinicia en modo normal y nos dejas los reportes de:

Malwarebytes' Anti-Malware
C:\ComboFix.txt en este mismo mensaje.

**Nota**
- Para mayor comodidad imprime los pasos.
- Recuerda regresar y contarnos los resultados.

Salu2

Hablándole al mundo en "Twitter""

post #5 (permalink)

07/08/08, 23:41:10

dacomaco

Usuario

Registrado: jul 2008

Ubicación: tierra

Mensajes: 3

Re: PC lenta, y no detecta dispositivos usb

Hola, perdon por haber me demorado tanto en responder, hice todo lo que me indicaste y mi computador mejoro mucho de como estaba pero todavia sigue un poco lento, por ejemplo cuando escribo las letras aparecen muy lento, y a ratos todavia se cuelga al windows media, cuando conecto un pen drive en el usb despues de 5 minutos lo detecta, pero al menos ya lo detecta, con todo adjunto los log que me indicas:
HIJACKTHIS
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:00:39 PM, on 8/7/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\NetWaiting\netWaiting.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.alegropcs.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www1.la.dell.com/content/default.aspx?c=ec&l=es&s=gen
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = 192.168.77.102:3128
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe " -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Enlace de descarga usando Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/spanish//kavwebscan_unicode.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1212010392031
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 8023 bytes

MALWARE BYTES Y ANTI-MALWARE

Malwarebytes' Anti-Malware 1.24
Versión de la Base de Datos: 1030
Windows 5.1.2600 Service Pack 2

10:26:21 AM 8/7/2008
mbam-log-8-7-2008 (10-26-08).txt

Tipo de examen : Examen Completo (C:\|)
Objetos examinados: 125532
Tiempo transcurrido: 47 minute(s), 39 second(s)

Procesos en Memoria Infectados: 0
Módulos en Memoria Infectados: 0
Claves del Registro Infectadas: 16
Valores del Registro Infectados: 1
Elementos de Datos del Registro Infectados: 0
Carpetas Infectadas: 8
Ficheros Infectados: 13

Procesos en Memoria Infectados:
(No se han detectado elementos maliciosos)

Módulos en Memoria Infectados:
(No se han detectado elementos maliciosos)

Claves del Registro Infectadas:
HKEY_CLASSES_ROOT\udcpchk.udcpchk (Rogue.DriveCleaner) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\{5222008a-dd62-49c7-a735-7bd18ecc7350} (Rogue.VirusRemover) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\AntiMalwareGuard (Rogue.AntiMalwareGuard) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{5954b2db-09a7-4023-847c-107539dc560d} (Rogue.DriveCleaner) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IProxyProvid er (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\udcpchk.udcpchk.1 (Rogue.DriveCleaner) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{943b96a4-9bf6-42fe-8d0b-4bca71c3632f} (Rogue.DriveCleaner) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{4f43b1f3-0ce8-493b-96d2-990cec05edbb} (Rogue.DriveCleaner) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\SystemDoctor.Free (Rogue.SystemDoctor) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\AntiSpywareExpert (Rogue.AntiSpywareExpert) -> No action taken.

Valores del Registro Infectados:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\ShellExecuteHooks\{bd3c6f7c-6c8d-48f6-ac52-5e4071aeb257} (Trojan.Vundo) -> No action taken.

Elementos de Datos del Registro Infectados:
(No se han detectado elementos maliciosos)

Carpetas Infectadas:
C:\Program Files\Common Files\SystemDoctor (Rogue.SystemDoctor) -> No action taken.
C:\Documents and Settings\All Users\Application Data\SystemDoctor Free (Rogue.SystemDoctor) -> No action taken.
C:\Documents and Settings\musIKito\Application Data\DriveCleaner Free (Rogue.DriveCleaner) -> No action taken.
C:\Documents and Settings\musIKito\Application Data\SystemDoctor Free (Rogue.SystemDoctor) -> No action taken.
C:\Documents and Settings\musIKito\Application Data\SystemDoctor Free\Logs (Rogue.SystemDoctor) -> No action taken.
C:\Program Files\AntiMalwareGuard (Rogue.AntiMalwareGuard) -> No action taken.
C:\Documents and Settings\musIKito\Application Data\DriveCleaner Free\Logs (Rogue.DriveCleaner) -> No action taken.
C:\Documents and Settings\All Users\Application Data\SystemDoctor Free\Data (Rogue.SystemDoctor) -> No action taken.

Ficheros Infectados:
C:\Documents and Settings\All Users\Application Data\SystemDoctor Free\Data\ActivationCode (Rogue.SystemDoctor) -> No action taken.
C:\Documents and Settings\All Users\Application Data\SystemDoctor Free\Data\HOURS (Rogue.SystemDoctor) -> No action taken.
C:\Documents and Settings\All Users\Application Data\SystemDoctor Free\Data\ProductCode (Rogue.SystemDoctor) -> No action taken.
C:\WINDOWS\pskt.ini (Trojan.Vundo) -> No action taken.
C:\WINDOWS\BM2b2b6230.xml (Trojan.Vundo) -> No action taken.
C:\Documents and Settings\musIKito\Application Data\SystemDoctor Free\Logs\update.log (Rogue.SystemDoctor) -> No action taken.
C:\WINDOWS\system32\clkcnt.txt (Trojan.Vundo) -> No action taken.
C:\Documents and Settings\musIKito\Application Data\Microsoft\Internet Explorer\Quick Launch\AntiMalwareGuard.lnk (Rogue.AntiMalwareGuard) -> No action taken.
C:\Program Files\Common Files\SystemDoctor\err.log (Rogue.SystemDoctor) -> No action taken.
C:\WINDOWS\cookies.ini (Malware.Trace) -> No action taken.
C:\WINDOWS\BM2b2b6230.txt (Trojan.Vundo) -> No action taken.
C:\Documents and Settings\All Users\Application Data\SystemDoctor Free\Data\Abbr (Rogue.SystemDoctor) -> No action taken.
C:\Documents and Settings\musIKito\Application Data\DriveCleaner Free\Logs\update.log (Rogue.DriveCleaner) -> No action taken.

COMBOFIX

ComboFix 08-08-06.04 - musIKito 2008-08-07 13:31:16.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.114 [GMT -5:00]
Running from: C:\Documents and Settings\musIKito\Desktop\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\musIKito\err.log
C:\Documents and Settings\musIKito\ResErrors.log
C:\WINDOWS\system32\ckqjxfpd.ini
C:\WINDOWS\system32\HQBabKkj.ini
C:\WINDOWS\system32\HQBabKkj.ini2
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\pwwpwpqk.ini
C:\WINDOWS\system32\rxconruv.ini
C:\WINDOWS\system32\toxgqtpg.ini
C:\WINDOWS\system32\wcvvesjl.ini
C:\WINDOWS\system32\xsskifiv.ini

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_IPRIP
-------\Service_Iprip

((((((((((((((((((((((((( Files Created from 2008-07-07 to 2008-08-07 )))))))))))))))))))))))))))))))
.

2008-08-07 00:30 . 2008-08-07 00:30 <DIR> d-------- C:\Program Files\CCleaner
2008-08-07 00:26 . 2008-08-07 00:26 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-08-07 00:26 . 2008-08-07 00:26 <DIR> d-------- C:\Documents and Settings\musIKito\Application Data\Malwarebytes
2008-08-07 00:26 . 2008-08-07 00:26 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-08-07 00:26 . 2008-07-30 20:07 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-08-07 00:26 . 2008-07-30 20:07 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-08-05 23:23 . 2008-08-05 23:23 <DIR> d-------- C:\Deckard
2008-08-04 20:30 . 2008-08-04 20:30 <DIR> d-------- C:\Program Files\ffdshow
2008-08-04 20:30 . 2008-06-08 23:58 60,273 --a------ C:\WINDOWS\system32\pthreadGC2.dll
2008-08-04 20:30 . 2008-06-12 20:36 7,680 --a------ C:\WINDOWS\system32\ff_vfw.dll
2008-08-04 20:30 . 2008-06-12 20:37 6,144 --a------ C:\WINDOWS\system32\ff_acm.acm
2008-08-04 20:30 . 2007-07-10 18:10 547 --a------ C:\WINDOWS\system32\ff_vfw.dll.manifest
2008-08-03 15:57 . 2008-08-03 15:57 50 --a------ C:\WINDOWS\MegaManager.INI
2008-08-03 15:03 . 2008-08-03 15:03 <DIR> d-------- C:\Documents and Settings\musIKito\Application Data\Megaupload
2008-08-02 12:09 . 2008-08-02 12:09 <DIR> d-------- C:\Program Files\Trend Micro
2008-07-31 14:35 . 2008-07-31 14:35 0 --a------ C:\WINDOWS\nsreg.dat
2008-07-31 12:20 . 2008-07-31 12:20 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-07-30 22:37 . 2008-07-30 22:37 <DIR> d-------- C:\WINDOWS\Sun
2008-07-29 11:43 . 2008-06-19 17:24 28,544 --a------ C:\WINDOWS\system32\drivers\pavboot.sys
2008-07-28 19:16 . 2008-07-28 19:16 1,420,565 --a------ C:\WINDOWS\NIU Internet Total Uninstaller.exe
2008-07-28 19:16 . 2003-09-08 14:43 89,728 --a------ C:\WINDOWS\system32\drivers\usbvsp.sys
2008-07-28 05:07 . 2008-07-28 05:07 268 --ah----- C:\sqmdata01.sqm
2008-07-28 05:07 . 2008-07-28 05:07 244 --ah----- C:\sqmnoopt01.sqm
2008-07-27 00:21 . 2008-07-27 00:21 268 --ah----- C:\sqmdata00.sqm
2008-07-27 00:21 . 2008-07-27 00:21 244 --ah----- C:\sqmnoopt00.sqm
2008-07-17 21:45 . 2008-07-17 21:45 <DIR> d-------- C:\a1633208ebe2d669c5ee
2008-07-16 17:01 . 2008-07-16 17:01 <DIR> d-------- C:\Program Files\Netscape
2008-07-16 17:01 . 2008-07-28 19:54 25,214 --a------ C:\WINDOWS\niu.ico
2008-07-16 17:00 . 2008-07-16 17:00 9,728 --a------ C:\WINDOWS\system32\rnaph.dll
2008-07-16 16:02 . 2008-07-28 19:16 <DIR> d-------- C:\Program Files\NIU Internet Total
2008-07-14 15:54 . 2008-07-16 16:17 <DIR> d-------- C:\Documents and Settings\musIKito\Application Data\PC Suite
2008-07-14 15:54 . 2008-07-16 16:16 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\PC Suite
2008-07-14 15:53 . 2008-07-14 15:54 <DIR> d-------- C:\Documents and Settings\musIKito\Application Data\Nokia
2008-07-14 15:51 . 2008-07-14 15:51 <DIR> d-------- C:\Program Files\DIFX
2008-07-14 15:51 . 2007-11-29 10:32 48,128 --a------ C:\WINDOWS\system32\nmwcdcls.dll
2008-07-14 15:48 . 2008-07-14 15:48 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Installations
2008-07-12 18:04 . 2008-07-12 18:04 <DIR> d-------- C:\WINDOWS\$SQLUninstallSQL2000-KB948110-v8.00.2050-x86-ENU$
2008-07-11 18:10 . 2008-07-11 18:10 <DIR> d-------- C:\Program Files\Common Files\Adobe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2008-08-07 04:26 --------- d-----w C:\Documents and Settings\musIKito\Application Data\MegauploadToolbar
2008-08-03 20:03 --------- d-----w C:\Program Files\MegauploadToolbar
2008-08-03 20:01 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-07-23 04:07 --------- d-----w C:\Documents and Settings\musIKito\Application Data\AdobeUM
2008-07-07 20:06 86,792 ----a-w C:\WINDOWS\system32\drivers\bdfndisf.sys
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-06-20 04:32 --------- d-----w C:\Program Files\Common Files\BitDefender
2008-06-20 04:32 --------- d-----w C:\Program Files\BitDefender
2008-06-18 23:35 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-06-18 23:17 --------- d-----w C:\Program Files\MSXML 6.0
2008-06-18 23:17 --------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-06-18 23:06 --------- d-----w C:\Program Files\MSXML 4.0
2008-06-18 04:19 --------- d-----w C:\Documents and Settings\Administrator\Application Data\CyberLink
2008-06-13 19:53 96,520 ----a-w C:\WINDOWS\system32\drivers\avgldx86.sys
2008-06-13 19:53 75,272 ----a-w C:\WINDOWS\system32\drivers\avgtdix.sys
2008-06-13 19:53 --------- d-----w C:\Program Files\AVG
2008-06-13 19:53 --------- d-----w C:\Documents and Settings\All Users\Application Data\avg8
2008-06-13 13:10 272,128 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-09 21:45 --------- d-----w C:\Program Files\Panda Security
2008-05-29 21:07 731 ----a-w C:\Documents and Settings\musIKito\LOREPRUEBA.BIN
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"ModemOnHold"="C:\Program Files\NetWaiting\netWaiting.exe" [2003-09-10 03:24 20480]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 11:34 5724184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe" [2005-11-10 14:03 36975]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-05-10 12:12 90112]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-09-22 05:47 761947]
"Dell QuickSet"="C:\Program Files\Dell\QuickSet\quickset.exe" [2006-08-23 17:14 1032192]
"Broadcom Wireless Manager UI"="C:\WINDOWS\system32\WLTRAY.exe" [2006-11-23 03:45 1392640]
"DVDLauncher"="C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-12-09 21:29 49152]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\I SUSPM.exe" [2004-07-27 17:50 221184]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 17:50 81920]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-06-13 14:53 1177368]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT \TINTSETP.EXE" [2004-08-04 06:00 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TIN TSETP.EXE" [2004-08-04 06:00 455168]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScI nst.exe" [2004-08-04 06:00 59392]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.E XE" [2004-08-04 06:00 208952]
"SigmatelSysTrayApp"="stsystra.exe" [2006-09-22 05:06 282624 C:\WINDOWS\stsystra.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 06:00 15360]
"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1 \DW\dwtrig20.exe" [2005-04-25 13:45 36040]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-04-23 03:38:16 29696]
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2007-01-23 00:30:26 24576]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.avis"= ff_acm.acm

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\WINDOWS\\system32\\mmc.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgemc.exe"=

R0 pavboot;pavboot;C:\WINDOWS\system32\drivers\pavboo t.sys [2008-06-19 17:24]
R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-06-13 14:53]
R2 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-06-13 14:53]
R2 IOPort;IOPort;C:\WINDOWS\system32\DRIVERS\IOPORT.S YS [1998-11-27 19:57]
S3 AVR309Prj;AVR309:USB to UART device driver;C:\WINDOWS\system32\Drivers\AVR309.sys [2003-12-22 15:51]
S3 libusb0;LibUsb-Win32 - Kernel Driver 03/09/2005, 0.1.10.1;C:\WINDOWS\system32\DRIVERS\libusb0.sys [2005-06-23 00:17]
S3 USBVSP;USBVSP;C:\WINDOWS\system32\drivers\Usbvsp.s ys [2003-09-08 14:43]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{7ca32112-4c72-11dd-878c-0019b94e2245}]
\Shell\AutoRun\command - fooool.exe
\Shell\explore\Command - fooool.exe
\Shell\open\Command - fooool.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{ab0ee3c7-42b6-11dd-876d-0019b94e2245}]
\Shell\AutoRun\command - 2.cmd
\Shell\explore\Command - 2.cmd
\Shell\open\Command - 2.cmd

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{18B0E5C2-99CB-11CF-AYX5-00401C648513}]
C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\iuhi64.exe
.
Contents of the 'Scheduled Tasks' folder

2008-08-07 C:\WINDOWS\Tasks\Comprobar actualizaciones de Windows Live Toolbar.job
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 11:20]

2008-08-01 C:\WINDOWS\Tasks\McAfee.com Scan for Viruses - My Computer (DBP6YDC1-musIKito).job
- c:\program files\mcafee.com\vso\mcmnhdlr.exe []
.
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\musIKito\Application Data\Mozilla\Firefox\Profiles\52q5rczc.default\
FF -: plugin - C:\Program Files\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll
FF -: plugin - C:\Program Files\Java\jre1.5.0_06\bin\NPJava11.dll
FF -: plugin - C:\Program Files\Java\jre1.5.0_06\bin\NPJava12.dll
FF -: plugin - C:\Program Files\Java\jre1.5.0_06\bin\NPJava13.dll
FF -: plugin - C:\Program Files\Java\jre1.5.0_06\bin\NPJava14.dll
FF -: plugin - C:\Program Files\Java\jre1.5.0_06\bin\NPJava32.dll
FF -: plugin - C:\Program Files\Java\jre1.5.0_06\bin\NPJPI150_06.dll
FF -: plugin - C:\Program Files\Java\jre1.5.0_06\bin\NPOJI610.dll

************************************************** ************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-07 13:39:49
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

************************************************** ************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\WLTRYSVC.EXE
C:\WINDOWS\system32\BCMWLTRY.EXE
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\system32\snmp.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\WINDOWS\system32\cscript.exe
C:\Program Files\AVG\AVG8\avgrsx.exe
C:\Program Files\AVG\AVG8\avgrsx.exe
.
************************************************** ************************
.
Completion time: 2008-08-07 13:46:49 - machine was rebooted [musIKito]
ComboFix-quarantined-files.txt 2008-08-07 18:46:43

Pre-Run: 27,508,461,568 bytes free
Post-Run: 27,415,502,848 bytes free

209 --- E O F --- 2008-07-25 09:32:42

PD: Te agradezco por todo tu tiempo y esfuerzo invertido en ayudarme, muchas gracias

post #6 (permalink)

11/08/08, 15:14:38

ElPiedra

FS-Admin

Registrado: ene 2005

Ubicación: Miami

Mensajes: 29.503

Re: PC lenta, y no detecta dispositivos usb