Lentitud del ordenador y problemas con el internet (Solucionado)

Buscar

		Foro de Spyware » Spyware - Adware - Hijackers - Malwares » Temas Solucionados
Lentitud del ordenador y problemas con el internet (Solucionado)

Para evitar Virus, Spyware y ventanas emergentes, en InfoSpyware recomendamos navegar con: FIREFOX

Temas Solucionados Casos de HijackThis y Malwares resueltos.
(Solo lectura)

Herramientas

post #1 (permalink)

07/10/08, 00:33:18

reloanju

Usuario

Registrado: sep 2008

Ubicación: Canada

Mensajes: 3

Lentitud del ordenador y problemas con el internet (Solucionado)

Hola a todos!

Hace mas o menos dos semanas se lleno mi ordenador de virus, instale Avira, Zone Alarm y Spybot-SD y con eso limpie lo que pude, pero sigo teniendo problemas. Cuando estoy en internet y hago clic en algun link se abre algo totalmente diferente a lo que deberia, aveces se abren paginas sin siquiera hacer clic y el ordenador esta mas lento de lo normal. La verdad es que soy un novato. Este es el reporte.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:13:29 PM, on 10/4/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\PROGRA~1\hpq\Shared\HPQTOA~1.EXE
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\Iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.talkamerica.net/members
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=pres ario&pf=laptop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: (no name) - >B4B5B-68BC-4B02-94D6-2FC0DE4A7897} - (no file)
O2 - BHO: (no name) - H>497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O2 - BHO: (no name) - rsion - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {6928C803-AA5D-4B3A-9943-3C3F784A02BD} - C:\WINDOWS\system32\hgGyyayv.dll (file missing)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: {85522a5a-a374-2dda-6234-f571d25ccbbb} - {bbbcc52d-175f-4326-add2-473aa5a22558} - C:\WINDOWS\system32\cimcmb.dll
O2 - BHO: (no name) - {DCB92C7F-043B-429D-935C-AEDEC08F70E0} - C:\WINDOWS\system32\wVPfdbBq.dll (file missing)
O2 - BHO: (no name) - è=49E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)
O4 - HKLM\..\Run: [hpWirelessAssistant] "C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [JustVoip] "C:\Program Files\JustVoip.com\JustVoip\JustVoip.exe" -nosplash -minimized
O4 - HKCU\..\Run: [32977925866477634410596760408279] "C:\Program Files\Antivirus 2009\av2009.exe"
O4 - HKCU\..\Run: [ieupdate] "C:\WINDOWS\system32\ieexplorer32.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Filter hijack: text/html - (no CLSID) - (no file)
O20 - AppInit_DLLs: cimcmb.dll
O20 - Winlogon Notify: hgGyyayv - hgGyyayv.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 7645 bytes

Les agradeceria mucho si me pueden ayudar y gracias por leer.

post #2 (permalink)

07/10/08, 13:23:24

thecat_re

Warrior

Registrado: ene 2007

Ubicación: Ciudad Bolivar, venezuela

Mensajes: 3.293

Re: Lentitud del ordenador y problemas con el internet

Hola te doy la Bienvenida al Foro de Infospyware

Descarga y/o Actualiza:

Realiza lo Siguiente:

Desactiva el Tea Timer de Spybo S&D

Con todos los programas cerrados ejecuta el HijackThis y dale a estas entradas:

O2 - BHO: (no name) - >B4B5B-68BC-4B02-94D6-2FC0DE4A7897} - (no file)

O2 - BHO: (no name) - H>497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)

O2 - BHO: (no name) - rsion - (no file)

O2 - BHO: (no name) - {6928C803-AA5D-4B3A-9943-3C3F784A02BD} - C:\WINDOWS\system32\hgGyyayv.dll (file missing)

O2 - BHO: {85522a5a-a374-2dda-6234-f571d25ccbbb} - {bbbcc52d-175f-4326-add2-473aa5a22558} - C:\WINDOWS\system32\cimcmb.dll

O2 - BHO: (no name) - {DCB92C7F-043B-429D-935C-AEDEC08F70E0} - C:\WINDOWS\system32\wVPfdbBq.dll (file missing)

O2 - BHO: (no name) - è=49E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)

O4 - HKCU\..\Run: [32977925866477634410596760408279] "C:\Program Files\Antivirus 2009\av2009.exe"

O4 - HKCU\..\Run: [ieupdate] "C:\WINDOWS\system32\ieexplorer32.exe"

O18 - Filter hijack: text/html - (no CLSID) - (no file)

O20 - AppInit_DLLs: cimcmb.dll

O20 - Winlogon Notify: hgGyyayv - hgGyyayv.dll (file missing)

Ejecuta estas herramientas, de a una:

Malwarebytes' Anti-Malware

Antes de usar ComboFix....
Desactiva temporalmente el Antivirus y/o Antispyware.
Cierra todas las ventanas abiertas.
Hacele doble clic al archivo ComboFix.exe y seguí las instrucciones.
Cuando termine, generara un registro en C:\ComboFix.txt.
- *Nota* Mientras CF este trabajando no mover el mouse ya que pararía su proceso.
- *Nota* ComboFix puede reiniciar automáticamente el PC para completar el proceso de eliminación.

Cita:

Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.

Descarga CCleaner y ejecútalo usando primero su opción de "Limpiador" para borrar cookies, temporales de Internet y todos los archivos que este te muestre como obsoletos, y luego usa su opción de "Registro" para limpiar todo el registro de Windows (haciendo copia de seguridad).

Reinicia y nos cuentas los resultados. junto con el reporte de C:\ComboFix.txt , uno nuevo de Hijackthis y el de Malwarebytes' Anti-Malware en este mismo mensaje.

Saludos nos comentas.

Novedades del Foro | Antivirus Online | Eliminar Malwares | Políticas del Foro | Blog

* Ayúdanos haciendo una DONACIÓN para poder seguir Ayudando.
* Para evitar Virus y Spywares al navegar por internet, USE FIREFOX !!
* No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

post #3 (permalink)

11/10/08, 00:33:54

reloanju

Usuario

Registrado: sep 2008

Ubicación: Canada

Mensajes: 3

Re: Lentitud del ordenador y problemas con el internet

Hola!
Muchas gracias por la ayuda, ya no tengo ningung problema con el ordenador

Es la primera vez que entro a un foro, y me parecio estupendo, muchas gracias de nuevo.

Detodas maneras aca estan los reportes:

ComboFix 08-10-07.06 - Kasim 2008-10-10 18:25:08.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1256.964.1033.18.107 [GMT -7:00]
Running from: C:\Documents and Settings\Kasim\Desktop\Fercho\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\IE4 Error Log.txt
C:\WINDOWS\system32\bggyirho.dll
C:\WINDOWS\system32\dwuyfl.dll
C:\WINDOWS\system32\dyzhxr.dll
C:\WINDOWS\system32\ipbvlpcr.dll
C:\WINDOWS\system32\ngxrrp.dll
C:\WINDOWS\system32\pdveikgf.dll
C:\WINDOWS\system32\qBbdfPVw.ini
C:\WINDOWS\system32\qBbdfPVw.ini2
C:\WINDOWS\system32\TDSSerrors.log
C:\WINDOWS\system32\vummdwuu.dll
C:\WINDOWS\system32\winsrc.dll.tmp
D:\Autorun.inf

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_TDSSSERV
-------\Service_TDSSserv

((((((((((((((((((((((((( Files Created from 2008-09-11 to 2008-10-11 )))))))))))))))))))))))))))))))
.

2008-10-10 18:18 . 2008-10-10 18:34 227,360 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-10-10 18:18 . 2008-10-10 18:31 3,692 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2008-10-10 17:23 . 2008-10-10 17:23 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-10 17:23 . 2008-10-10 17:23 <DIR> d-------- C:\Documents and Settings\Kasim\Application Data\Malwarebytes
2008-10-10 17:23 . 2008-10-10 17:23 <DIR> d----c--- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-10-10 17:23 . 2008-09-08 00:11 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-10-10 17:23 . 2008-09-08 00:11 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-10-03 21:32 . 2008-10-03 21:32 <DIR> d-------- C:\Program Files\Trend Micro
2008-09-30 17:25 . 2008-09-30 17:25 8,192 --a------ C:\WINDOWS\system32\tdssserf1.dll
2008-09-27 18:15 . 2008-09-27 18:16 <DIR> d--h-c--- C:\WINDOWS\ie8
2008-09-27 18:13 . 2008-09-27 18:13 <DIR> d-------- C:\e35cea620726f8453e5c6e58
2008-09-27 16:16 . 2008-10-10 17:00 <DIR> d-------- C:\Documents and Settings\Kasim\Application Data\U3
2008-09-27 15:46 . 2008-06-23 09:57 6,066,176 --------- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-09-27 15:46 . 2007-04-17 02:32 2,455,488 --------- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-09-27 15:46 . 2007-03-07 22:10 991,232 --------- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-09-27 15:46 . 2008-06-23 09:57 459,264 --------- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-09-27 15:46 . 2008-06-23 09:57 383,488 --------- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-09-27 15:46 . 2008-06-23 09:57 267,776 --------- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-09-27 15:46 . 2008-06-23 09:57 63,488 --------- C:\WINDOWS\system32\dllcache\icardie.dll
2008-09-27 15:46 . 2008-06-23 09:57 52,224 --------- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-09-27 15:46 . 2008-06-23 02:20 13,824 --------- C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-09-27 15:13 . 2008-09-27 15:13 <DIR> d-------- C:\WINDOWS\system32\scripting
2008-09-27 15:13 . 2008-09-27 15:13 <DIR> d-------- C:\WINDOWS\system32\en
2008-09-27 15:13 . 2008-09-27 15:13 <DIR> d-------- C:\WINDOWS\system32\bits
2008-09-27 15:13 . 2008-09-27 15:13 <DIR> d-------- C:\WINDOWS\l2schemas
2008-09-27 15:10 . 2008-09-27 15:14 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2008-09-27 15:02 . 2008-09-27 15:02 <DIR> d-------- C:\WINDOWS\EHome
2008-09-26 22:38 . 2008-09-26 22:41 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-09-26 22:38 . 2008-09-27 11:47 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-09-26 18:50 . 2008-09-26 18:50 <DIR> d----c--- C:\Documents and Settings\All Users\Application Data\MailFrontier
2008-09-26 18:50 . 2008-07-09 09:05 75,248 --a------ C:\WINDOWS\zllsputility.exe
2008-09-26 18:50 . 2004-04-27 04:40 11,264 --a------ C:\WINDOWS\system32\SpOrder.dll
2008-09-26 18:50 . 2008-09-26 18:53 4,212 --ah----- C:\WINDOWS\system32\zllictbl.dat
2008-09-26 18:49 . 2008-09-26 18:49 <DIR> d-------- C:\Program Files\Zone Labs
2008-09-26 18:47 . 2008-10-10 18:38 <DIR> d-------- C:\WINDOWS\Internet Logs
2008-09-26 18:23 . 2008-09-27 16:56 <DIR> d-------- C:\Documents and Settings\Kasim\Application Data\Netscape
2008-09-26 18:05 . 2008-09-26 18:25 974,965 --ahs---- C:\WINDOWS\system32\euixelej.ini
2008-09-26 17:46 . 2008-09-26 17:46 <DIR> d-------- C:\Program Files\Avira
2008-09-22 18:30 . 2008-09-26 18:02 1,016,907 --ahs---- C:\WINDOWS\system32\rpcbfefs.ini
2008-09-20 15:47 . 2008-09-22 18:25 1,015,887 --ahs---- C:\WINDOWS\system32\qokydiuc.ini
2008-09-19 10:08 . 2008-09-20 15:46 948,306 --ahs---- C:\WINDOWS\system32\qftoaktx.ini
2008-09-17 17:29 . 2008-09-19 10:03 948,126 --ahs---- C:\WINDOWS\system32\snfbtnoh.ini
2008-09-15 03:57 . 2008-09-15 03:57 23,392 --a------ C:\WINDOWS\system32\nscompat.tlb
2008-09-15 03:57 . 2008-09-15 03:57 16,832 --a------ C:\WINDOWS\system32\amcompat.tlb

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2008-10-07 23:35 --------- d-----w C:\Program Files\MSN Messenger
2008-10-02 03:21 --------- d-----w C:\Program Files\CONEXANT
2008-10-02 03:16 --------- d-----w C:\Program Files\Google
2008-10-01 04:03 --------- d-----w C:\Documents and Settings\Kasim\Application Data\ZoomBrowser EX
2008-10-01 04:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\ZoomBrowser
2008-09-27 21:21 --------- d--h--r C:\Documents and Settings\Kasim\Application Data\yahoo!
2008-09-27 21:21 --------- d-----w C:\Program Files\Windows Live Toolbar
2008-09-27 21:21 --------- d-----w C:\Documents and Settings\All Users\Application Data\yahoo!
2008-09-27 00:46 --------- dc----w C:\Documents and Settings\All Users\Application Data\Avira
2008-09-27 00:20 --------- dc----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-09-15 00:14 --------- d-----w C:\Program Files\Windows Media Connect 2
2008-08-24 23:26 --------- d-----w C:\Program Files\iTunes
2008-08-06 00:55 265,720 ----a-w C:\WINDOWS\system32\msdbg2.dll
2008-07-19 05:10 94,920 ----a-w C:\WINDOWS\system32\dllcache\cdm.dll
2008-07-19 05:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-19 05:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-19 05:10 53,448 ----a-w C:\WINDOWS\system32\dllcache\wuauclt.exe
2008-07-19 05:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-19 05:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-19 05:10 36,552 ----a-w C:\WINDOWS\system32\dllcache\wups.dll
2008-07-19 05:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-19 05:09 563,912 ----a-w C:\WINDOWS\system32\dllcache\wuapi.dll
2008-07-19 05:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-19 05:09 325,832 ----a-w C:\WINDOWS\system32\dllcache\wucltui.dll
2008-07-19 05:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-19 05:09 205,000 ----a-w C:\WINDOWS\system32\dllcache\wuweb.dll
2008-07-19 05:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-19 05:09 1,811,656 ----a-w C:\WINDOWS\system32\dllcache\wuaueng.dll
2008-07-19 05:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
2008-07-19 05:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
2008-03-12 04:08 718 ----a-w C:\Documents and Settings\Kasim\Application Data\wklnhst.dat
2007-11-20 03:15 32 -c--a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat
.

((((((((((((((((((((((((((((((((((((((((((((( AWF )))))))))))))))))))))))))))))))))))))))))))))))))) ))))))))
.
----a-w 39,792 2007-10-11 03:51:55 C:\Program Files\Adobe\Reader 8.0\Reader\bak\Reader_sl.exe
----a-w 39,792 2008-01-12 05:16:38 C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe

----a-w 344,064 2005-11-11 05:05:00 C:\Program Files\ATI Technologies\ATI Control Panel\bak\atiptaxx.exe

----a-w 81,920 2004-07-28 00:50:18 C:\Program Files\Common Files\InstallShield\UpdateService\bak\issch.exe
----a-w 81,920 2004-07-27 23:50:18 C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

----a-w 221,184 2004-07-28 00:50:42 C:\Program Files\Common Files\InstallShield\UpdateService\bak\ISUSPM.exe
----a-w 221,184 2004-07-27 23:50:42 C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe

----a-w 185,896 2007-02-01 03:22:07 C:\Program Files\Common Files\Real\Update_OB\bak\realsched.exe

----a-w 49,152 2005-02-17 07:11:42 C:\Program Files\HP\HP Software Update\bak\HPWuSchd2.exe

----a-w 94,208 2005-12-12 19:39:52 C:\Program Files\HP\QuickPlay\bak\QPService.exe

----a-w 233,534 2005-08-01 22:26:42 C:\Program Files\HPQ\Default Settings\bak\cpqset.exe

----a-w 409,600 2005-12-07 18:56:56 C:\Program Files\HPQ\Quick Launch Buttons\bak\EabServr.exe

----a-w 271,672 2007-08-16 03:15:24 C:\Program Files\iTunes\bak\iTunesHelper.exe
----a-w 271,672 2007-08-16 03:15:24 C:\Program Files\iTunes\iTunesHelper.exe

----a-w 36,975 2005-11-10 21:03:52 C:\Program Files\Java\jre1.5.0_06\bin\bak\jusched.exe

----a-w 286,720 2007-06-29 13:24:52 C:\Program Files\QuickTime\bak\qttask.exe

----a-w 729,178 2005-06-19 20:50:08 C:\Program Files\Synaptics\SynTP\bak\SynTPEnh.exe

----a-w 679,936 2005-10-28 23:11:02 C:\WINDOWS\CREATOR\bak\Remind_XP.exe

----a-w 1,187,840 2005-10-11 18:23:50 C:\WINDOWS\SMINST\bak\RecGuard.exe

----a-w 15,360 2004-08-04 08:00:00 C:\WINDOWS\system32\bak\ctfmon.exe

.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"JustVoip"="C:\Program Files\JustVoip.com\JustVoip\JustVoip.exe" [N/A]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"hpWirelessAssistant"="C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2005-12-13 507904]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-08-15 271672]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-07-09 919016]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\I SUSPM.exe" [2004-07-27 221184]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 5674352]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HP Photosmart Premier Fast Start.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [2005-09-24 73728]
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [2007-01-04 118784]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\GloballyOpenPorts\List]
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\F]
\Shell\AutoRun\command - F:\LaunchU3.exe
.
.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Start Page = hxxp://www.yahoo.com/
R0 -: HKCU-Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.micros oft:en-US&ie=utf8&oe=utf8
R0 -: HKLM-Main,Search Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 -: HKCU-SearchURL,(Default) = hxxp://www.google.com/search?q=%s
.

************************************************** ************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-10 18:36:38
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

************************************************** ************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\PROGRA~1\HPQ\shared\HPQTOA~1.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\wscntfy.exe
.
************************************************** ************************
.
Completion time: 2008-10-10 18:59:38 - machine was rebooted
ComboFix-quarantined-files.txt 2008-10-11 01:57:50

Pre-Run: 12,024,467,456 bytes free
Post-Run: 12,017,537,024 bytes free

217 --- E O F --- 2008-09-29 00:34:03

Malwarebytes' Anti-Malware 1.27
Versiَn de la Base de Datos: 1127
Windows 5.1.2600 Service Pack 3

10/10/2008 6:15:47 PM
mbam-log-2008-10-10 (18-15-47).txt

Tipo de examen : Examen Completo (C:\|D:\|)
Objetos examinados: 113251
Tiempo transcurrido: 43 minute(s), 4 second(s)

Procesos en Memoria Infectados: 0
Mَdulos en Memoria Infectados: 0
Claves del Registro Infectadas: 7
Valores del Registro Infectados: 0
Elementos de Datos del Registro Infectados: 1
Carpetas Infectadas: 2
Ficheros Infectados: 13

Procesos en Memoria Infectados:
(No se han detectado elementos maliciosos)

Mَdulos en Memoria Infectados:
(No se han detectado elementos maliciosos)

Claves del Registro Infectadas:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\tdssdata (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\tdss (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IProxyProvid er (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.

Valores del Registro Infectados:
(No se han detectado elementos maliciosos)

Elementos de Datos del Registro Infectados:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Explorer\Advanced\StartMenuLogOff (Hijack.StartMenu) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Carpetas Infectadas:
C:\Program Files\SpyDefender Pro (Rogue.SpyDefender) -> Quarantined and deleted successfully.
C:\Program Files\SpyDefender Pro\bak (Rogue.SpyDefender) -> Quarantined and deleted successfully.

Ficheros Infectados:
C:\Program Files\SpyDefender Pro\SpyDefender.ini (Rogue.SpyDefender) -> Quarantined and deleted successfully.
C:\Program Files\SpyDefender Pro\bak\SpyDefender.exe (Rogue.SpyDefender) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tdssadw.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\tdssl.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\tdssserf.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\tdssmain.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\tdssinit.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\tdsslog.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\tdssservers.dat (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\drivers\tdssserv.sys (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\BMcf4c5af0.xml (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\BMcf4c5af0.txt (Trojan.Vundo) -> Quarantined and deleted successfully.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:18:12 PM, on 10/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\hpq\Shared\HPQTOA~1.EXE
C:\Program Files\WinZip\WZQKPICK.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [hpWirelessAssistant] "C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 6153 bytes

De nuevo muchas gracias.

post #4 (permalink)

14/10/08, 19:55:59

thecat_re

Warrior

Registrado: ene 2007

Ubicación: Ciudad Bolivar, venezuela

Mensajes: 3.293

Re: Lentitud del ordenador y problemas con el internet

Hola Nuevamente

Disculpa lo tarde, aun hay archivos nocivos que eliminar.

Realiza lo siguiente:

Abrir el Notepad (Bloc de Notas)

Ir a INICIO > EJECUTAR >
Y ahí pones notepad.exe y ACEPTAR

Ahora copia y pega estos archivos dentro del Notepad

Código:

KillAll::

File::
C:\WINDOWS\system32\tdssserf1.dll
C:\WINDOWS\system32\SpOrder.dll
C:\WINDOWS\system32\euixelej.ini
C:\WINDOWS\system32\rpcbfefs.ini
C:\WINDOWS\system32\qokydiuc.ini
C:\WINDOWS\system32\qftoaktx.ini
C:\WINDOWS\system32\snfbtnoh.ini

AWF:: 
C:\Program Files\Adobe\Reader 8.0\Reader\bak\Reader_sl.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\ATI Technologies\ATI Control Panel\bak\atiptaxx.exe
C:\Program Files\Common Files\InstallShield\UpdateService\bak\issch.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\InstallShield\UpdateService\bak\ISUSPM.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Common Files\Real\Update_OB\bak\realsched.exe
C:\Program Files\HP\HP Software Update\bak\HPWuSchd2.exe
C:\Program Files\HP\QuickPlay\bak\QPService.exe
C:\Program Files\HPQ\Default Settings\bak\cpqset.exe
C:\Program Files\HPQ\Quick Launch Buttons\bak\EabServr.exe
C:\Program Files\iTunes\bak\iTunesHelper.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.5.0_06\bin\bak\jusched.exe
C:\Program Files\QuickTime\bak\qttask.exe
C:\Program Files\Synaptics\SynTP\bak\SynTPEnh.exe
C:\WINDOWS\CREATOR\bak\Remind_XP.exe
C:\WINDOWS\SMINST\bak\RecGuard.exe
C:\WINDOWS\system32\bak\ctfmon.exe

Graba este archivo con el nombre CFScript.txt y déjalo en tu escritorio.

Arrastrar y soltar el archivo CFScript.txt dentro del archivo ComboFix.exe como lo muestra la animación de abajo. Esto activara ComboFix nuevamente.

Reinicia tu PC y nos dejas un nuevo reporte de ComboFix , comentándonos como esta funcionado todo actualmente?

post #5 (permalink)

21/10/08, 21:02:45

reloanju

Usuario

Registrado: sep 2008

Ubicación: Canada

Mensajes: 3

Re: Lentitud del ordenador y problemas con el internet

Hola thecat_re !
Pues me sorprende que todavia hayan archivos o no se que contagiado, porque el ordenador esta funcionando muy bien, pero si lo dices no tengo nada que decir en contra. Ya segui las nuevas indicaciones y aca esta el reporte nuevo.

ComboFix 08-10-19.04 - Kasim 2008-10-21 16:32:08.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1256.964.1033.18.108 [GMT -7:00]
Running from: C:\Documents and Settings\Kasim\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Kasim\Desktop\CFScript.txt
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

FILE ::
C:\WINDOWS\system32\euixelej.ini
C:\WINDOWS\system32\qftoaktx.ini
C:\WINDOWS\system32\qokydiuc.ini
C:\WINDOWS\system32\rpcbfefs.ini
C:\WINDOWS\system32\snfbtnoh.ini
C:\WINDOWS\system32\SpOrder.dll
C:\WINDOWS\system32\tdssserf1.dll
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\euixelej.ini
C:\WINDOWS\system32\qftoaktx.ini
C:\WINDOWS\system32\qokydiuc.ini
C:\WINDOWS\system32\rpcbfefs.ini
C:\WINDOWS\system32\snfbtnoh.ini
C:\WINDOWS\system32\SpOrder.dll

.
((((((((((((((((((((((((( Files Created from 2008-09-21 to 2008-10-21 )))))))))))))))))))))))))))))))
.

2008-10-14 17:04 . 2008-10-14 17:05 1,393 --a------ C:\WINDOWS\imsins.BAK
2008-10-14 15:11 . 2008-09-08 03:41 333,824 --------- C:\WINDOWS\system32\dllcache\srv.sys
2008-10-14 15:10 . 2008-08-14 03:11 2,189,184 --------- C:\WINDOWS\system32\dllcache\ntoskrnl.exe
2008-10-14 15:10 . 2008-08-14 03:09 2,145,280 --------- C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
2008-10-14 15:10 . 2008-08-14 02:33 2,066,048 --------- C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
2008-10-14 15:10 . 2008-08-14 02:33 2,023,936 --------- C:\WINDOWS\system32\dllcache\ntkrpamp.exe
2008-10-14 15:10 . 2008-09-15 05:12 1,846,400 --------- C:\WINDOWS\system32\dllcache\win32k.sys
2008-10-11 06:34 . 2008-10-11 06:34 0 --a------ C:\WINDOWS\nsreg.dat
2008-10-10 19:57 . 2008-10-10 19:57 739,178 --a--c--- C:\cc_20081010_195713.reg
2008-10-10 19:38 . 2008-10-10 19:41 <DIR> d-------- C:\Program Files\CCleaner
2008-10-10 18:18 . 2008-10-21 16:44 1,271,840 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-10-10 18:18 . 2008-10-21 16:40 15,932 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2008-10-10 17:23 . 2008-10-10 17:23 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-10 17:23 . 2008-10-10 17:23 <DIR> d-------- C:\Documents and Settings\Kasim\Application Data\Malwarebytes
2008-10-10 17:23 . 2008-10-10 17:23 <DIR> d----c--- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-10-10 17:23 . 2008-09-08 00:11 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-10-10 17:23 . 2008-09-08 00:11 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-10-03 21:32 . 2008-10-03 21:32 <DIR> d-------- C:\Program Files\Trend Micro
2008-09-27 18:15 . 2008-09-27 18:16 <DIR> d--h-c--- C:\WINDOWS\ie8
2008-09-27 18:13 . 2008-09-27 18:13 <DIR> d-------- C:\e35cea620726f8453e5c6e58
2008-09-27 16:16 . 2008-10-10 17:00 <DIR> d-------- C:\Documents and Settings\Kasim\Application Data\U3
2008-09-27 15:46 . 2008-10-03 10:41 6,066,176 --------- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-09-27 15:46 . 2007-04-17 02:32 2,455,488 --------- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-09-27 15:46 . 2007-03-07 22:10 991,232 --------- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-09-27 15:46 . 2008-08-26 00:24 459,264 --------- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-09-27 15:46 . 2008-08-26 00:24 383,488 --------- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-09-27 15:46 . 2008-08-26 00:24 267,776 --------- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-09-27 15:46 . 2008-08-26 00:24 63,488 --------- C:\WINDOWS\system32\dllcache\icardie.dll
2008-09-27 15:46 . 2008-08-26 00:24 52,224 --------- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-09-27 15:46 . 2008-08-25 01:38 13,824 --------- C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-09-27 15:13 . 2008-09-27 15:13 <DIR> d-------- C:\WINDOWS\system32\scripting
2008-09-27 15:13 . 2008-09-27 15:13 <DIR> d-------- C:\WINDOWS\system32\en
2008-09-27 15:13 . 2008-09-27 15:13 <DIR> d-------- C:\WINDOWS\system32\bits
2008-09-27 15:13 . 2008-09-27 15:13 <DIR> d-------- C:\WINDOWS\l2schemas
2008-09-27 15:10 . 2008-09-27 15:14 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2008-09-27 15:02 . 2008-09-27 15:02 <DIR> d-------- C:\WINDOWS\EHome
2008-09-26 22:38 . 2008-09-26 22:41 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-09-26 22:38 . 2008-10-10 20:17 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-09-26 18:50 . 2008-09-26 18:50 <DIR> d----c--- C:\Documents and Settings\All Users\Application Data\MailFrontier
2008-09-26 18:50 . 2008-07-09 09:05 75,248 --a------ C:\WINDOWS\zllsputility.exe
2008-09-26 18:50 . 2008-09-26 18:53 4,212 --ah----- C:\WINDOWS\system32\zllictbl.dat
2008-09-26 18:49 . 2008-09-26 18:49 <DIR> d-------- C:\Program Files\Zone Labs
2008-09-26 18:47 . 2008-10-21 16:41 <DIR> d-------- C:\WINDOWS\Internet Logs
2008-09-26 18:23 . 2008-09-27 16:56 <DIR> d-------- C:\Documents and Settings\Kasim\Application Data\Netscape
2008-09-26 17:46 . 2008-09-26 17:46 <DIR> d-------- C:\Program Files\Avira

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2008-10-21 23:41 1,084,906 ----a-w C:\WINDOWS\Internet Logs\tvDebug.zip
2008-10-21 23:41 --------- d-----w C:\Program Files\QuickTime
2008-10-21 23:41 --------- d-----w C:\Program Files\iTunes
2008-10-15 00:06 314,880 ----a-w C:\WINDOWS\Internet Logs\xDB1.tmp
2008-10-13 02:31 --------- d-----w C:\Documents and Settings\Kasim\Application Data\LimeWire
2008-10-11 03:23 --------- d-----w C:\Program Files\Yahoo!
2008-10-07 23:35 --------- d-----w C:\Program Files\MSN Messenger
2008-10-02 03:21 --------- d-----w C:\Program Files\CONEXANT
2008-10-02 03:16 --------- d-----w C:\Program Files\Google
2008-10-01 04:03 --------- d-----w C:\Documents and Settings\Kasim\Application Data\ZoomBrowser EX
2008-10-01 04:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\ZoomBrowser
2008-09-27 21:21 --------- d--h--r C:\Documents and Settings\Kasim\Application Data\yahoo!
2008-09-27 21:21 --------- d-----w C:\Program Files\Windows Live Toolbar
2008-09-27 21:21 --------- d-----w C:\Documents and Settings\All Users\Application Data\yahoo!
2008-09-27 00:46 --------- dc----w C:\Documents and Settings\All Users\Application Data\Avira
2008-09-27 00:20 --------- dc----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-09-15 12:12 1,846,400 ----a-w C:\WINDOWS\system32\win32k.sys
2008-09-15 00:14 --------- d-----w C:\Program Files\Windows Media Connect 2
2008-09-08 10:41 333,824 ----a-w C:\WINDOWS\system32\drivers\srv.sys
2008-08-27 08:24 3,593,216 ------w C:\WINDOWS\system32\dllcache\mshtml.dll
2008-08-25 08:37 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2008-08-23 05:56 635,848 ------w C:\WINDOWS\system32\dllcache\iexplore.exe
2008-08-23 05:54 161,792 ------w C:\WINDOWS\system32\dllcache\ieakui.dll
2008-08-14 10:11 2,189,184 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
2008-08-14 10:04 138,496 ------w C:\WINDOWS\system32\dllcache\afd.sys
2008-08-14 09:33 2,066,048 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
2008-08-06 00:55 265,720 ----a-w C:\WINDOWS\system32\msdbg2.dll
2008-03-12 04:08 718 ----a-w C:\Documents and Settings\Kasim\Application Data\wklnhst.dat
2007-11-20 03:15 32 -c--a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat
.

((((((((((((((((((((((((((((( snapshot@2008-10-10_18.46.27.12 )))))))))))))))))))))))))))))))))))))))))
.
+ 2005-10-28 23:11:02 679,936 ----a-w C:\WINDOWS\CREATOR\Remind_XP.exe
+ 2008-08-14 10:09:26 2,145,280 ------w C:\WINDOWS\Driver Cache\i386\ntkrnlmp.exe
+ 2008-08-14 09:33:16 2,066,048 ------w C:\WINDOWS\Driver Cache\i386\ntkrnlpa.exe
+ 2008-08-14 09:33:16 2,023,936 ------w C:\WINDOWS\Driver Cache\i386\ntkrpamp.exe
+ 2008-08-14 10:11:02 2,189,184 ------w C:\WINDOWS\Driver Cache\i386\ntoskrnl.exe
+ 2008-06-23 16:57:27 124,928 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\advpack.dll
+ 2008-06-23 16:57:27 347,136 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\dxtmsft.dll
+ 2008-06-23 16:57:27 214,528 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\dxtrans.dll
+ 2008-06-23 16:57:27 133,120 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\extmgr.dll
+ 2008-06-23 16:57:28 63,488 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\icardie.dll
+ 2008-06-23 09:20:25 70,656 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\ie4uinit.exe
+ 2008-06-23 16:57:29 153,088 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\ieakeng.dll
+ 2008-06-23 16:57:29 230,400 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\ieaksie.dll
+ 2008-06-21 05:23:54 161,792 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\ieakui.dll
+ 2008-06-23 16:57:29 383,488 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\ieapfltr.dll
+ 2008-06-23 16:57:29 384,512 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\iedkcs32.dll
+ 2008-06-23 16:57:33 6,066,176 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\ieframe.dll
+ 2008-06-23 16:57:33 44,544 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\iernonce.dll
+ 2008-06-23 16:57:34 267,776 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\iertutil.dll
+ 2008-06-23 09:20:26 13,824 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\ieudinit.exe
+ 2008-06-23 09:20:52 625,664 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\iexplore.exe
+ 2008-06-23 16:57:35 27,648 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\jsproxy.dll
+ 2008-06-23 16:57:36 459,264 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\msfeeds.dll
+ 2008-06-23 16:57:36 52,224 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\msfeedsbs.dll
+ 2008-06-24 17:57:40 3,592,192 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\mshtml.dll
+ 2008-06-23 16:57:39 477,696 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\mshtmled.dll
+ 2008-06-23 16:57:39 193,024 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\msrating.dll
+ 2008-06-23 16:57:40 671,232 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\mstime.dll
+ 2008-06-23 16:57:40 102,912 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\occache.dll
+ 2008-06-23 16:57:40 44,544 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\pngfilt.dll
+ 2007-03-06 01:22:41 213,216 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\updspapi.dll
+ 2008-06-23 16:57:40 105,984 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\url.dll
+ 2008-06-23 16:57:40 1,159,680 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\urlmon.dll
+ 2008-06-23 16:57:41 233,472 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\webcheck.dll
+ 2008-06-23 16:57:41 826,368 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\wininet.dll
+ 2005-10-11 18:23:50 1,187,840 ----a-w C:\WINDOWS\SMINST\RecGuard.exe
- 2008-06-23 16:57:27 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2008-08-26 07:24:28 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2004-08-04 08:00:00 15,360 ----a-w C:\WINDOWS\system32\ctfmon.exe
- 2008-06-23 16:57:27 124,928 ------w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2008-08-26 07:24:28 124,928 ------w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2004-08-04 08:00:00 15,360 ----a-w C:\WINDOWS\system32\dllcache\ctfmon.exe
- 2008-06-23 16:57:27 347,136 ------w C:\WINDOWS\system32\dllcache\dxtmsft.dll
+ 2008-08-26 07:24:28 347,136 ------w C:\WINDOWS\system32\dllcache\dxtmsft.dll
- 2008-06-23 16:57:27 214,528 ------w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2008-08-26 07:24:28 214,528 ------w C:\WINDOWS\system32\dllcache\dxtrans.dll
- 2008-06-23 16:57:27 133,120 ------w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2008-08-26 07:24:28 133,120 ------w C:\WINDOWS\system32\dllcache\extmgr.dll
- 2008-06-23 16:57:29 153,088 ------w C:\WINDOWS\system32\dllcache\ieakeng.dll
+ 2008-08-26 07:24:28 153,088 ------w C:\WINDOWS\system32\dllcache\ieakeng.dll
- 2008-06-23 16:57:29 230,400 ------w C:\WINDOWS\system32\dllcache\ieaksie.dll
+ 2008-08-26 07:24:28 230,400 ------w C:\WINDOWS\system32\dllcache\ieaksie.dll
- 2008-06-23 16:57:29 384,512 ------w C:\WINDOWS\system32\dllcache\iedkcs32.dll
+ 2008-08-26 07:24:29 384,512 ------w C:\WINDOWS\system32\dllcache\iedkcs32.dll
- 2008-06-23 16:57:33 44,544 ------w C:\WINDOWS\system32\dllcache\iernonce.dll
+ 2008-08-26 07:24:29 44,544 ------w C:\WINDOWS\system32\dllcache\iernonce.dll
- 2008-06-23 16:57:35 27,648 ------w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2008-08-26 07:24:30 27,648 ------w C:\WINDOWS\system32\dllcache\jsproxy.dll
- 2008-06-23 16:57:39 477,696 ------w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2008-08-26 07:24:30 477,696 ------w C:\WINDOWS\system32\dllcache\mshtmled.dll
- 2008-06-23 16:57:39 193,024 ------w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2008-08-26 07:24:30 193,024 ------w C:\WINDOWS\system32\dllcache\msrating.dll
- 2008-06-23 16:57:40 671,232 ------w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2008-08-26 07:24:30 671,232 ------w C:\WINDOWS\system32\dllcache\mstime.dll
- 2008-06-23 16:57:40 102,912 ------w C:\WINDOWS\system32\dllcache\occache.dll
+ 2008-08-26 07:24:30 102,912 ------w C:\WINDOWS\system32\dllcache\occache.dll
- 2008-06-23 16:57:40 44,544 ------w C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2008-08-26 07:24:30 44,544 ------w C:\WINDOWS\system32\dllcache\pngfilt.dll
- 2008-06-23 16:57:40 105,984 ------w C:\WINDOWS\system32\dllcache\url.dll
+ 2008-08-26 07:24:30 105,984 ------w C:\WINDOWS\system32\dllcache\url.dll
- 2008-06-23 16:57:40 1,159,680 ------w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2008-08-26 07:24:31 1,159,680 ------w C:\WINDOWS\system32\dllcache\urlmon.dll
- 2008-06-23 16:57:41 233,472 ------w C:\WINDOWS\system32\dllcache\webcheck.dll
+ 2008-08-26 07:24:31 233,472 ------w C:\WINDOWS\system32\dllcache\webcheck.dll
- 2008-06-23 16:57:41 826,368 ------w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2008-08-26 07:24:31 826,368 ------w C:\WINDOWS\system32\dllcache\wininet.dll
- 2008-06-20 11:40:08 138,496 ----a-w C:\WINDOWS\system32\drivers\afd.sys
+ 2008-08-14 10:04:36 138,496 ----a-w C:\WINDOWS\system32\drivers\afd.sys
- 2008-06-23 16:57:27 347,136 ------w C:\WINDOWS\system32\dxtmsft.dll
+ 2008-08-26 07:24:28 347,136 ------w C:\WINDOWS\system32\dxtmsft.dll
- 2008-06-23 16:57:27 214,528 ------w C:\WINDOWS\system32\dxtrans.dll
+ 2008-08-26 07:24:28 214,528 ------w C:\WINDOWS\system32\dxtrans.dll
- 2008-06-23 16:57:27 133,120 ------w C:\WINDOWS\system32\extmgr.dll
+ 2008-08-26 07:24:28 133,120 ------w C:\WINDOWS\system32\extmgr.dll
- 2008-09-27 22:23:31 242,328 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2008-10-15 21:00:17 242,328 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
- 2008-06-23 16:57:28 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
+ 2008-08-26 07:24:28 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
- 2008-06-23 09:20:25 70,656 ------w C:\WINDOWS\system32\ie4uinit.exe
+ 2008-08-25 08:37:59 70,656 ------w C:\WINDOWS\system32\ie4uinit.exe
- 2008-06-23 16:57:29 153,088 ------w C:\WINDOWS\system32\ieakeng.dll
+ 2008-08-26 07:24:28 153,088 ------w C:\WINDOWS\system32\ieakeng.dll
- 2008-06-23 16:57:29 230,400 ------w C:\WINDOWS\system32\ieaksie.dll
+ 2008-08-26 07:24:28 230,400 ------w C:\WINDOWS\system32\ieaksie.dll
- 2008-06-21 05:23:54 161,792 ------w C:\WINDOWS\system32\ieakui.dll
+ 2008-08-23 05:54:51 161,792 ------w C:\WINDOWS\system32\ieakui.dll
- 2008-06-23 16:57:29 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
+ 2008-08-26 07:24:28 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
- 2008-06-23 16:57:29 384,512 ------w C:\WINDOWS\system32\iedkcs32.dll
+ 2008-08-26 07:24:29 384,512 ------w C:\WINDOWS\system32\iedkcs32.dll
- 2008-06-23 16:57:33 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
+ 2008-10-03 17:41:15 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
- 2008-06-23 16:57:33 44,544 ------w C:\WINDOWS\system32\iernonce.dll
+ 2008-08-26 07:24:29 44,544 ------w C:\WINDOWS\system32\iernonce.dll
- 2008-06-23 16:57:34 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
+ 2008-08-26 07:24:29 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
- 2008-06-23 16:57:35 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2008-08-26 07:24:30 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
- 2007-04-24 19:32:06 1,485,696 ----a-w C:\WINDOWS\system32\LegitCheckControl.dll
+ 2008-03-21 01:06:36 1,480,232 ----a-w C:\WINDOWS\system32\LegitCheckControl.dll
- 2008-08-26 20:28:14 16,208,504 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2008-10-07 19:19:40 16,721,856 ----a-w C:\WINDOWS\system32\MRT.exe
- 2008-06-23 16:57:36 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
+ 2008-08-26 07:24:30 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
- 2008-06-23 16:57:36 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
+ 2008-08-26 07:24:30 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
- 2008-06-24 17:57:40 3,592,192 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2008-08-27 08:24:32 3,593,216 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2008-06-23 16:57:39 477,696 ------w C:\WINDOWS\system32\mshtmled.dll
+ 2008-08-26 07:24:30 477,696 ------w C:\WINDOWS\system32\mshtmled.dll
- 2008-06-23 16:57:39 193,024 ------w C:\WINDOWS\system32\msrating.dll
+ 2008-08-26 07:24:30 193,024 ------w C:\WINDOWS\system32\msrating.dll
- 2008-06-23 16:57:40 671,232 ------w C:\WINDOWS\system32\mstime.dll
+ 2008-08-26 07:24:30 671,232 ------w C:\WINDOWS\system32\mstime.dll
- 2008-06-23 16:57:40 102,912 ------w C:\WINDOWS\system32\occache.dll
+ 2008-08-26 07:24:30 102,912 ------w C:\WINDOWS\system32\occache.dll
- 2008-06-23 16:57:40 44,544 ------w C:\WINDOWS\system32\pngfilt.dll
+ 2008-08-26 07:24:30 44,544 ------w C:\WINDOWS\system32\pngfilt.dll
- 2007-11-30 12:39:22 17,272 ------w C:\WINDOWS\system32\spmsg.dll
+ 2007-11-30 11:18:51 17,272 ------w C:\WINDOWS\system32\spmsg.dll
- 2008-06-23 16:57:40 105,984 ----a-w C:\WINDOWS\system32\url.dll
+ 2008-08-26 07:24:30 105,984 ----a-w C:\WINDOWS\system32\url.dll
- 2008-06-23 16:57:40 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2008-08-26 07:24:31 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
- 2008-06-23 16:57:41 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2008-08-26 07:24:31 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
- 2008-06-23 16:57:41 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
+ 2008-08-26 07:24:31 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-08-18 1832272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"hpWirelessAssistant"="C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2005-12-13 507904]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 39792]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-08-15 271672]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-07-09 919016]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\I SUSPM.exe" [2004-07-27 221184]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 5674352]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [2007-01-04 118784]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Photosmart Premier Fast Start.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Photosmart Premier Fast Start.lnk
backup=C:\WINDOWS\pss\HP Photosmart Premier Fast Start.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\GloballyOpenPorts\List]
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017

S3 DCamUSBVeo532;Veo Web Camera;C:\WINDOWS\system32\Drivers\ubVeo532.sys [2002-07-01 95232]
S3 HSFHWATI;HSFHWATI;C:\WINDOWS\system32\DRIVERS\HSFH WATI.sys [ ]

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\F]
\Shell\AutoRun\command - F:\LaunchU3.exe
.
- - - - ORPHANS REMOVED - - - -

BHO-{6928C803-AA5D-4B3A-9943-3C3F784A02BD} - (no file)
BHO-{bbbcc52d-175f-4326-add2-473aa5a22558} - (no file)
BHO-{DCB92C7F-043B-429D-935C-AEDEC08F70E0} - (no file)
Notify-hgGyyayv - (no file)

************************************************** ************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-21 16:42:11
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

************************************************** ************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\PROGRA~1\HPQ\shared\HPQTOA~1.EXE
C:\Program Files\iPod\bin\iPodService.exe
.
************************************************** ************************
.
Completion time: 2008-10-21 16:50:18 - machine was rebooted
ComboFix-quarantined-files.txt 2008-10-21 23:50:04
ComboFix2.txt 2008-10-11 02:00:06

Pre-Run: 11,349,823,488 bytes free
Post-Run: 11,549,368,320 bytes free

335 --- E O F --- 2008-10-15 00:06:04

Bueno de nuevo muchas gracias por el tiempo y el interes.

post #6 (permalink)

23/10/08, 13:06:04

thecat_re

Warrior

Registrado: ene 2007

Ubicación: Ciudad Bolivar, venezuela

Mensajes: 3.293

Re: Lentitud del ordenador y problemas con el internet

Hola,Todo Limpio. Para terminar solo quedaría desinstalar CF de la siguiente manera:

Ir a Inicio > Ejecutar
Escribir lo siguiente: ComboFix /u como muestra la imagen debajo:
Esto activara el desinstalador de ComboFix abriendo su pantalla principal y luego de unos segundos veras ("ComboFix is uninstalled")

Cita:

Para evitar este tipo de infecciones te recomiendo usar un navegador mas seguro como Firefox

Saludos damos el Tema por Solucionado.

« Tema Anterior | Próximo Tema »

Herramientas
Mostrar Versión Imprimible Enviar por Correo

Reglas del foro
No puedes crear nuevos temas No puedes responder temas No puedes subir adjuntos No puedes editar tus mensajes BB code is activado Las caritas están activado Código [IMG] está activado Código HTML está desactivado Trackbacks are desactivado Pingbacks are desactivado Refbacks are desactivado

Ir a

Temas Similares

Tema	Autor	Foro	Respuestas	Último mensaje
Problemas con el bluetooth	jocapapi	Foro de Hardware	9	07/07/08 09:16:21
tengo un problema con la instalacion de xp.......	paidos	Foro de Hardware	13	17/05/08 08:30:34
Hyperacelerar un Notebook	Help_me	Foro de Hardware	17	09/01/08 16:52:23
desaparece carpeta favoritos internet explores	JARAMAGO	Foro de Virus y Spywares	16	15/11/07 07:46:04
Necesito ayuda con audio de mi PC, Plis (Cerrado)	dulceboon30	Foro de Hardware	2	07/06/07 14:54:09

Todas las horas son GMT -4. La hora es 04:53:21.

InfoSpyware es miembro de ASAP - Alliance of Security Analysis Professionals