Mi PC esta muy lenta(solucionado)

**arelysv84** · 22/09/09, 23:21:28

Hola, la verdad es la primera vez que hago esto, pero es que mi pc esta muy lenta y se cicla a cada rato, no se si tenga un virus pero espero que me puedan ayudar... Gracias

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:03:45 p.m., on 22/09/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Asistente Infinitum\IsaMonitor.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files\Prodigy Antivirus\Prodigy Antivirus\PsCtrls.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Prodigy Antivirus\Prodigy Antivirus\pavsrv51.exe
C:\Program Files\Prodigy Antivirus\Prodigy Antivirus\AVENGINE.EXE
C:\Program Files\Prodigy Antivirus\Prodigy Antivirus\PsImSvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\All Users\Application Data\Weemi\weemi121.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Prodigy Antivirus\Prodigy Antivirus\APVXDWIN.EXE
C:\WINDOWS\ALCXMNTR.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Weemi\weemi.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Prodigy Antivirus\Prodigy Antivirus\WebProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\msiexec.exe
C:\Documents and Settings\Owner\My Documents\Programas\Ad-AwareAE.exe
C:\DOCUME~1\Owner\LOCALS~1\Temp\mia26.tmp\Ad-AwareAE.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qus7.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qus7.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.live.com/sphome.aspx
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.live.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-qus7.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.live.com/sphome.aspx
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [WCOLOREAL] "C:\Program Files\Coloreal\coloreal.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [PRISMSVR.EXE] "C:\WINDOWS\System32\PRISMSVR.EXE" /APPLY
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Prodigy Antivirus\Prodigy Antivirus\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: EasyFP.lnk = C:\Program Files\JDSoft\EasyFP\StartEasyFP.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Agregar entrada - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Agregar entrada en Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)
O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)
O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/ZwinkyInitialSetup1.0.1.1.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ISA Monitor Service (IsaMonitor) - Fine Point Technologies, Inc. - C:\Program Files\Asistente Infinitum\IsaMonitor.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Content Monitoring Tool (msCMTSrvc) - Unknown owner - C:\WINDOWS\system32\msCMTSrvc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Prodigy Antivirus\Prodigy Antivirus\PsCtrls.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Prodigy Antivirus\Prodigy Antivirus\pavsrv51.exe
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Prodigy Antivirus\Prodigy Antivirus\PsImSvc.exe
O23 - Service: Weemi Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\Weemi\weemi121.exe

--
End of file - 9704 bytes

**Leosolari** · 23/09/09, 11:49:49

Hola

Descarga lo siguiente:

º CCLEANER. Lo instalas según Su Manual

º MALWAREBYTE´S. Lo instalas y actualizas según su manual, PERO NO LO EJECUTES AUN

º ComboFix.exe y guárdalo en el escritorio.

Ejecuta CCLEANER usando sus opciones "Limpiador" y "Registro".

Ejecuta MALWAREBYTE´S.

Hacé un "escaneo completo". Una vez finalizado, si te detecta algo eliges " quitar lo seleccionado ".
Si te pide reiniciar, lo haces.

Ejecuta ComboFix.exe

Desactiva temporalmente el Antivirus y/o Antispyware.
Cierra todas las ventanas abiertas.
Hacele doble clic al archivo ComboFix.exe y seguí las instrucciones.
Cuando termine, generara un registro en C:\ComboFix.txt.
- *Nota* Mientras CF este trabajando no mover el mouse ya que pararía su proceso.
- *Nota* ComboFix puede reiniciar automáticamente el PC para completar el proceso de eliminación.

Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.

Reinicia y pega el reporte de C:\ComboFix.txt en este mismo mensaje.

PD: No vuelvas a ejecutar ComboFix ni ningun otro programa antivirus hasta que vuelva con una respuesta, ya que puedes hacer cambiar las cosas.

En tu próxima respuesta, debes poner lo siguiente:

º El reporte de malwarebyte´s, que se encuentra en su pestaña REGISTROS
º El reporte de ComboFix
º Un nuevo log de Hijackthis
º Como funciona tu pc ahora

Saludos

**arelysv84** · 24/09/09, 00:26:25

El ccleaner se corrio perfectamente, este fue el resultado del malwarebyte:

Malwarebytes' Anti-Malware 1.41
Versión de la Base de Datos: 2854
Windows 5.1.2600 Service Pack 3

23/09/2009 10:05:49 p.m.
mbam-log-2009-09-23 (22-05-49).txt

Tipo de examen : Examen Completo (C:\|D:\|)
Objetos examinados: 229569
Tiempo transcurrido: 1 hour(s), 27 minute(s), 27 second(s)

Procesos en Memoria Infectados: 0
Módulos en Memoria Infectados: 0
Claves del Registro Infectadas: 20
Valores del Registro Infectados: 0
Elementos de Datos del Registro Infectados: 0
Carpetas Infectadas: 3
Ficheros Infectados: 37

Procesos en Memoria Infectados:
(No se han detectado elementos maliciosos)

Módulos en Memoria Infectados:
(No se han detectado elementos maliciosos)

Claves del Registro Infectadas:
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1e0de227-5ce4-4ea3-ab0c-8b03e1aa76bc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Valores del Registro Infectados:
(No se han detectado elementos maliciosos)

Elementos de Datos del Registro Infectados:
(No se han detectado elementos maliciosos)

Carpetas Infectadas:
C:\Documents and Settings\Owner\Application Data\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\FunWebProducts\Data (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\FunWebProducts\Data\Owner (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Ficheros Infectados:
C:\Program Files\Windows Live\Messenger\riched20.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP114\A0007173.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP32\A0001755.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0041935.DLL (Adware.FunWeb) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042510.scr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042511.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042512.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042516.SCR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042517.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042519.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042524.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042525.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042526.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042527.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042528.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042529.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042531.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042532.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042533.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042534.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042535.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042536.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042537.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042538.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042539.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042550.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042553.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042554.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042555.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042556.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042557.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042558.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP171\A0042612.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP182\A0060170.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\FunWebProducts\Data\Owner\avatar.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\FunWebProducts\Data\Owner\outfit.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\FunWebProducts\Data\Owner\zbucks.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Tuve un poco de problemas al correr el combofix, porque me decia que tenia el "Microsoft Windows Recovery Console", que era necesario para poder arreglar algunas infecciones serias, que si lo queria descargar, le puse que si, asi que se lleno al 100% de la descarga y ya no hizo nada por 40 o 45 minutos, asi que la reinicie, lo volvi a correr y esta vez le puse que no se descargara, y este fue el reporte que me dio, no reinicio ni nada, solo puso este reporte:

ComboFix 09-09-23.02 - Owner 23/09/2009 22:59.1.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.503.179 [GMT -6:00]
Running from: c:\documents and settings\Owner\My Documents\Programas\ComboFix.exe
AV: Prodigy Antivirus *On-access scanning disabled* (Updated) {EEE2D94A-D4C1-421A-AB2C-2CE8FE51747A}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Prodigy Antivirus.lnk
c:\windows\Installer\26645.msi
c:\windows\Installer\4a0e1.msp
c:\windows\Installer\4a0e2.msp
c:\windows\Installer\4a0e3.msp
c:\windows\Installer\4a0e4.msp
c:\windows\Installer\4a0e5.msp
c:\windows\Installer\4a0e6.msp
c:\windows\Installer\4a0e7.msp
c:\windows\Installer\4a0e8.msp
c:\windows\Installer\4a0e9.msp
c:\windows\Installer\4a0ea.msp
c:\windows\Installer\cf76a.msi
c:\windows\Installer\cf76b.msp
c:\windows\Installer\cf76c.msp
c:\windows\Installer\cf76d.msp
c:\windows\Installer\cf76e.msp
c:\windows\Installer\cf76f.msp
c:\windows\Installer\cf770.msp
c:\windows\Installer\cf771.msp
c:\windows\Installer\cf772.msp
c:\windows\Installer\cf773.msp
c:\windows\Installer\winamp.msi
c:\windows\system32\iAlmcoin.dll
c:\windows\system32\OgaCheckControl.dll
c:\windows\system32\ps2.bat
D:\Autorun.inf

.
((((((((((((((((((((((((( Files Created from 2009-08-24 to 2009-09-24 )))))))))))))))))))))))))))))))
.

2009-09-24 02:36 . 2009-09-24 02:36 -------- d-----w- c:\documents and settings\Owner\Application Data\Malwarebytes
2009-09-24 02:36 . 2009-09-10 20:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-24 02:36 . 2009-09-24 02:36 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-09-24 02:36 . 2009-09-24 02:36 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-09-24 02:36 . 2009-09-10 20:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-09-24 02:27 . 2009-09-24 02:27 -------- d-----w- c:\program files\CCleaner
2009-09-23 04:43 . 2009-09-23 04:28 15688 ----a-w- c:\windows\system32\lsdelete.exe
2009-09-23 04:28 . 2009-09-23 04:27 64160 ----a-w- c:\windows\system32\drivers\Lbd.sys
2009-09-23 04:00 . 2009-09-23 04:00 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-09-23 03:59 . 2009-09-23 04:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2009-09-23 03:59 . 2009-09-23 03:59 -------- d-----w- c:\program files\Lavasoft
2009-09-23 03:50 . 2009-09-23 03:50 -------- d-----w- c:\program files\Trend Micro
2009-09-21 06:43 . 2009-09-21 06:43 -------- d-----w- c:\windows\system32\wbem\Repository
2009-09-21 06:34 . 2009-09-21 06:34 -------- d-----w- c:\documents and settings\Administrator\IETldCache
2009-09-21 06:33 . 2009-09-21 06:42 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Microsoft
2009-09-21 06:33 . 2003-01-24 15:09 -------- d-----w- c:\documents and settings\Administrator\Application Data\VERITAS
2009-09-21 06:33 . 2009-09-21 06:42 -------- d-s---w- c:\documents and settings\Administrator
2009-09-09 04:17 . 2009-06-21 21:44 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2009-09-05 23:52 . 2009-09-05 23:52 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2009-09-05 23:14 . 2009-09-05 23:14 -------- d-----w- c:\documents and settings\Owner\Application Data\Digsby
2009-09-05 23:14 . 2009-09-05 23:18 -------- d-----w- c:\documents and settings\Owner\Local Settings\Application Data\Digsby
2009-09-05 23:14 . 2009-09-05 23:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Winferno
2009-09-05 23:09 . 2009-09-05 23:33 -------- d-----w- c:\program files\Winferno
2009-09-05 23:08 . 2009-09-23 03:01 -------- d-----w- c:\program files\Weemi
2009-09-05 23:08 . 2009-09-23 02:45 -------- d-----w- c:\documents and settings\All Users\Application Data\Weemi
2009-09-05 02:30 . 2009-09-05 02:30 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Google
2009-09-05 02:23 . 2008-04-13 18:45 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2009-09-05 02:23 . 2008-04-13 18:45 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-23 03:53 . 2003-01-24 15:28 -------- d-----w- c:\program files\Java
2009-09-09 18:12 . 2009-07-28 04:36 -------- d-----w- c:\program files\Microsoft Silverlight
2009-09-05 02:30 . 2009-07-15 06:41 -------- d-----w- c:\program files\Picasa2
2009-08-27 07:22 . 2009-07-16 04:53 69784 ----a-w- c:\documents and settings\Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-08-22 21:15 . 2009-08-22 21:09 -------- d-----w- c:\program files\PowerISO
2009-08-22 07:54 . 2009-07-15 06:40 -------- d-----w- c:\program files\Nero
2009-08-22 07:53 . 2009-07-15 06:40 -------- d-----w- c:\program files\Common Files\Nero
2009-08-22 01:55 . 2003-01-24 15:09 -------- d-----w- c:\documents and settings\Owner\Application Data\VERITAS
2009-08-18 03:19 . 2009-08-18 03:19 -------- d-----w- c:\program files\Windows Media Connect 2
2009-08-16 02:22 . 2009-08-16 02:22 -------- d-----w- c:\program files\MSBuild
2009-08-16 02:22 . 2009-08-16 02:22 -------- d-----w- c:\program files\Reference Assemblies
2009-08-15 04:53 . 2009-08-15 01:47 -------- d-----w- c:\program files\Asistente Infinitum
2009-08-15 01:47 . 2003-01-24 14:51 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-08-09 08:44 . 2009-07-15 05:51 -------- d-----w- c:\documents and settings\Owner\Application Data\uTorrent
2009-08-06 01:50 . 2009-08-06 01:50 -------- d-----w- c:\documents and settings\Owner\Application Data\Megaupload
2009-08-05 09:01 . 2003-03-13 09:29 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-07-31 21:23 . 2009-08-21 05:09 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-07-28 04:36 . 2009-07-28 04:32 -------- d-----w- c:\program files\Microsoft
2009-07-28 04:36 . 2009-07-28 04:36 -------- d-----w- c:\program files\Microsoft Office Outlook Connector
2009-07-28 04:35 . 2009-07-28 04:31 -------- d-----w- c:\program files\Windows Live
2009-07-28 04:35 . 2009-07-28 04:35 -------- d-----w- c:\program files\Microsoft Sync Framework
2009-07-28 04:34 . 2009-07-28 04:34 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-07-28 04:31 . 2009-07-28 04:31 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-07-28 04:16 . 2009-07-28 04:16 -------- d-----w- c:\program files\Common Files\Windows Live
2009-07-27 02:43 . 2009-07-27 02:43 58908 ----a-w- c:\windows\system32\drivers\scdemu.sys
2009-07-26 18:12 . 2009-07-26 17:57 -------- d-----w- c:\program files\SystemRequirementsLab
2009-07-26 17:57 . 2009-07-26 17:57 -------- d-----w- c:\documents and settings\Owner\Application Data\SystemRequirementsLab
2009-07-26 17:50 . 2009-07-26 17:50 -------- d-----w- c:\program files\Managed DirectX (0901)
2009-07-25 04:18 . 2009-07-25 04:09 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2009-07-21 02:29 . 2009-07-15 06:39 716272 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-07-17 19:01 . 2003-03-13 09:59 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-15 05:51 . 2009-07-15 05:51 0 ----a-w- c:\windows\nsreg.dat
2009-07-15 05:21 . 2009-07-15 05:21 248 ----a-w- c:\windows\system32\PavCPL.dat
2009-07-14 05:43 . 2004-08-04 07:56 286208 ------w- c:\windows\system32\wmpdxm.dll
2009-07-03 17:09 . 2006-06-23 17:33 915456 ----a-w- c:\windows\system32\wininet.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-07 3885408]
"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2007-10-23 443968]
"NVIEW"="nview.dll" - c:\windows\system32\nview.dll [2002-12-12 798789]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-08 52736]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-06-21 126976]
"KBD"="c:\hp\KBD\KBD.EXE" [2001-07-07 61440]
"StorageGuard"="c:\program files\VERITAS Software\Update Manager\sgtray.exe" [2002-06-18 155648]
"WCOLOREAL"="c:\program files\Coloreal\coloreal.exe" [2002-11-27 131072]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2002-09-14 212992]
"PS2"="c:\windows\system32\ps2.exe" [2002-08-01 81920]
"APVXDWIN"="c:\program files\Prodigy Antivirus\Prodigy Antivirus\APVXDWIN.EXE" [2007-10-04 455984]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-06-21 155648]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-07-21 198160]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2009-07-27 180224]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-09-23 520024]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2002-12-12 319488]
"AlcxMonitor"="ALCXMNTR.EXE" - c:\windows\ALCXMNTR.EXE [2004-09-07 57344]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
EasyFP.lnk - c:\program files\JDSoft\EasyFP\StartEasyFP.exe [2009-7-14 36864]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
2007-02-16 01:02 50736 ----a-w- c:\windows\system32\avldr.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Java\\jre1.6.0_03\\launch4j-tmp\\JDownloader.exe"=
"c:\\Program Files\\Java\\jre1.6.0_03\\bin\\java.exe"=
"c:\\Program Files\\Java\\jre6\\launch4j-tmp\\JDownloader.exe"=
"c:\\WINDOWS\\system32\\java.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [22/09/2009 10:28 p.m. 64160]
R1 ShldDrv;Panda File Shield Driver;c:\windows\system32\drivers\ShlDrv51.sys [14/07/2009 01:19 a.m. 38968]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [27/07/2009 10:35 p.m. 55152]
R2 IsaMonitor;ISA Monitor Service;c:\program files\Asistente Infinitum\IsaMonitor.exe [14/08/2009 07:47 p.m. 185856]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [18/01/2009 03:34 p.m. 1028432]
R2 PavProc;Panda Process Protection Driver;c:\windows\system32\drivers\PavProc.sys [14/07/2009 01:19 a.m. 178872]
R3 FILEPRO;FILEPRO;c:\program files\JDSoft\EasyFP\filepro.sys [14/07/2009 11:58 p.m. 22003]
S2 Weemi Service;Weemi Service;c:\documents and settings\All Users\Application Data\Weemi\weemi121.exe [22/09/2009 08:45 p.m. 54624]
S3 fsssvc;Windows Live Protección Infantil;c:\program files\Windows Live\Family Safety\fsssvc.exe [06/02/2009 06:08 p.m. 533360]
S3 msCMTSrvc;Content Monitoring Tool;c:\windows\system32\msCMTSrvc.exe --> c:\windows\system32\msCMTSrvc.exe [?]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - FILEPRO
*Deregistered* - mchInjDrv

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-09-23 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 04:26]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.mx/
uDefault_Search_URL = hxxp://srch-qus7.hpwis.com/
mSearch Bar = hxxp://srch-qus7.hpwis.com/
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportar a Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
LSP: c:\program files\Prodigy Antivirus\Prodigy Antivirus\pavlsp.dll
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\bl8w3dh8.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - MyWebSearch
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.mx
FF - prefs.js: keyword.URL - hxxp://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZJxdm434YYMX&fl=0&ptb=pwcQiWVH3ZhzdeuQYqITYw&url=http://search.mywebsearch.com/mywebsearch/dft_redir.jhtml&st=kwd&searchfor=
FF - component: c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\bl8w3dh8.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}\components\XpcomOpusConnector.dll
FF - component: c:\program files\Real\RealPlayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Picasa2\npPicasa3.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-23 23:09
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\bl8w3dh8.default\prefs.js.BAK 6431 bytes

scan completed successfully
hidden files: 1

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\System32\\Macromed\\Flash\\FlashUtil10c.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\WINDOWS\\System32\\Macromed\\Flash\\FlashUtil10c.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(640)
c:\windows\system32\avldr.dll
.
Completion time: 2009-09-24 23:13
ComboFix-quarantined-files.txt 2009-09-24 05:13

Pre-Run: 68,707,786,752 bytes free
Post-Run: 68,696,924,160 bytes free

Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=,1,2,3,4
235 --- E O F --- 2009-09-09 07:03

**Leosolari** · 24/09/09, 07:19:07

Hola arelysv84

Realiza lo siguiente :

Clic en INICIO > EJECUTAR >
- Y ahí pones notepad.exe y ACEPTAR
- Ahora copia y pega el texto del cuadro de mas abajo dentro del Notepad

Código:

KillAll::

File::
c:\windows\nsreg.dat
c:\program files\JDSoft\EasyFP\StartEasyFP.exe

Folder::
c:\program files\Weemi
c:\documents and settings\All Users\Application Data\Weemi

Rootkit::
c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\bl8w3dh8.default\prefs.js.BAK

Guarda este archivo con el nombre CFScript.txt
Arrastra y suelta el archivo CFScript.txt dentro del archivo ComboFix.exe como lo muestra el screenshot de abajo.
ComboFix comenzará otra vez a ejecutarse. Cuando termine generara un nuevo reporte que tendras que pegar en este mismo tema.

saludos

**arelysv84** · 24/09/09, 21:56:45

Este fue el resultado del reporte ya con archivo txt

ComboFix 09-09-23.02 - Owner 24/09/2009 20:23.2.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.503.190 [GMT -6:00]
Running from: c:\documents and settings\Owner\My Documents\Programas\ComboFix.exe
Command switches used :: c:\documents and settings\Owner\Desktop\CFScript.txt
AV: Prodigy Antivirus *On-access scanning enabled* (Updated) {EEE2D94A-D4C1-421A-AB2C-2CE8FE51747A}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

FILE ::
"c:\program files\JDSoft\EasyFP\StartEasyFP.exe"
"c:\windows\nsreg.dat"
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\Weemi
c:\documents and settings\All Users\Application Data\Weemi\weemi121.exe
c:\program files\JDSoft\EasyFP\StartEasyFP.exe
c:\program files\Weemi
c:\program files\Weemi\uninstall.exe
c:\program files\Weemi\weemi.dll
c:\program files\Weemi\weemi.exe
c:\windows\nsreg.dat

.
((((((((((((((((((((((((( Files Created from 2009-08-25 to 2009-09-25 )))))))))))))))))))))))))))))))
.

2009-09-24 02:36 . 2009-09-24 02:36 -------- d-----w- c:\documents and settings\Owner\Application Data\Malwarebytes
2009-09-24 02:36 . 2009-09-10 20:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-24 02:36 . 2009-09-24 02:36 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-09-24 02:36 . 2009-09-24 02:36 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-09-24 02:36 . 2009-09-10 20:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-09-24 02:27 . 2009-09-24 02:27 -------- d-----w- c:\program files\CCleaner
2009-09-23 04:43 . 2009-09-23 04:28 15688 ----a-w- c:\windows\system32\lsdelete.exe
2009-09-23 04:28 . 2009-09-23 04:27 64160 ----a-w- c:\windows\system32\drivers\Lbd.sys
2009-09-23 04:00 . 2009-09-23 04:00 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-09-23 03:59 . 2009-09-23 04:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2009-09-23 03:59 . 2009-09-23 03:59 -------- d-----w- c:\program files\Lavasoft
2009-09-23 03:50 . 2009-09-23 03:50 -------- d-----w- c:\program files\Trend Micro
2009-09-21 06:43 . 2009-09-21 06:43 -------- d-----w- c:\windows\system32\wbem\Repository
2009-09-21 06:34 . 2009-09-21 06:34 -------- d-----w- c:\documents and settings\Administrator\IETldCache
2009-09-21 06:33 . 2009-09-21 06:42 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Microsoft
2009-09-21 06:33 . 2003-01-24 15:09 -------- d-----w- c:\documents and settings\Administrator\Application Data\VERITAS
2009-09-21 06:33 . 2009-09-21 06:42 -------- d-s---w- c:\documents and settings\Administrator
2009-09-09 04:17 . 2009-06-21 21:44 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2009-09-05 23:52 . 2009-09-05 23:52 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2009-09-05 23:14 . 2009-09-05 23:14 -------- d-----w- c:\documents and settings\Owner\Application Data\Digsby
2009-09-05 23:14 . 2009-09-05 23:18 -------- d-----w- c:\documents and settings\Owner\Local Settings\Application Data\Digsby
2009-09-05 23:14 . 2009-09-05 23:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Winferno
2009-09-05 23:09 . 2009-09-05 23:33 -------- d-----w- c:\program files\Winferno
2009-09-05 02:30 . 2009-09-05 02:30 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Google
2009-09-05 02:23 . 2008-04-13 18:45 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2009-09-05 02:23 . 2008-04-13 18:45 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-23 03:53 . 2003-01-24 15:28 -------- d-----w- c:\program files\Java
2009-09-09 18:12 . 2009-07-28 04:36 -------- d-----w- c:\program files\Microsoft Silverlight
2009-09-05 02:30 . 2009-07-15 06:41 -------- d-----w- c:\program files\Picasa2
2009-08-27 07:22 . 2009-07-16 04:53 69784 ----a-w- c:\documents and settings\Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-08-22 21:15 . 2009-08-22 21:09 -------- d-----w- c:\program files\PowerISO
2009-08-22 07:54 . 2009-07-15 06:40 -------- d-----w- c:\program files\Nero
2009-08-22 07:53 . 2009-07-15 06:40 -------- d-----w- c:\program files\Common Files\Nero
2009-08-22 01:55 . 2003-01-24 15:09 -------- d-----w- c:\documents and settings\Owner\Application Data\VERITAS
2009-08-18 03:19 . 2009-08-18 03:19 -------- d-----w- c:\program files\Windows Media Connect 2
2009-08-16 02:22 . 2009-08-16 02:22 -------- d-----w- c:\program files\MSBuild
2009-08-16 02:22 . 2009-08-16 02:22 -------- d-----w- c:\program files\Reference Assemblies
2009-08-15 04:53 . 2009-08-15 01:47 -------- d-----w- c:\program files\Asistente Infinitum
2009-08-15 01:47 . 2003-01-24 14:51 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-08-09 08:44 . 2009-07-15 05:51 -------- d-----w- c:\documents and settings\Owner\Application Data\uTorrent
2009-08-06 01:50 . 2009-08-06 01:50 -------- d-----w- c:\documents and settings\Owner\Application Data\Megaupload
2009-08-05 09:01 . 2003-03-13 09:29 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-07-31 21:23 . 2009-08-21 05:09 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-07-28 04:36 . 2009-07-28 04:32 -------- d-----w- c:\program files\Microsoft
2009-07-28 04:36 . 2009-07-28 04:36 -------- d-----w- c:\program files\Microsoft Office Outlook Connector
2009-07-28 04:35 . 2009-07-28 04:31 -------- d-----w- c:\program files\Windows Live
2009-07-28 04:35 . 2009-07-28 04:35 -------- d-----w- c:\program files\Microsoft Sync Framework
2009-07-28 04:34 . 2009-07-28 04:34 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-07-28 04:31 . 2009-07-28 04:31 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-07-28 04:16 . 2009-07-28 04:16 -------- d-----w- c:\program files\Common Files\Windows Live
2009-07-27 02:43 . 2009-07-27 02:43 58908 ----a-w- c:\windows\system32\drivers\scdemu.sys
2009-07-25 04:18 . 2009-07-25 04:09 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2009-07-21 02:29 . 2009-07-15 06:39 716272 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-07-17 19:01 . 2003-03-13 09:59 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-15 05:21 . 2009-07-15 05:21 248 ----a-w- c:\windows\system32\PavCPL.dat
2009-07-14 05:43 . 2004-08-04 07:56 286208 ------w- c:\windows\system32\wmpdxm.dll
2009-07-03 17:09 . 2006-06-23 17:33 915456 ------w- c:\windows\system32\wininet.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-09-24_05.09.41 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-09-25 02:35 . 2009-09-25 02:35 16384 c:\windows\temp\Perflib_Perfdata_5f8.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-07 3885408]
"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2007-10-23 443968]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"NVIEW"="nview.dll" - c:\windows\system32\nview.dll [2002-12-12 798789]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-08 52736]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-06-21 126976]
"KBD"="c:\hp\KBD\KBD.EXE" [2001-07-07 61440]
"StorageGuard"="c:\program files\VERITAS Software\Update Manager\sgtray.exe" [2002-06-18 155648]
"WCOLOREAL"="c:\program files\Coloreal\coloreal.exe" [2002-11-27 131072]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2002-09-14 212992]
"PS2"="c:\windows\system32\ps2.exe" [2002-08-01 81920]
"APVXDWIN"="c:\program files\Prodigy Antivirus\Prodigy Antivirus\APVXDWIN.EXE" [2007-10-04 455984]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-06-21 155648]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-07-21 198160]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2009-07-27 180224]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-09-23 520024]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2002-12-12 319488]
"AlcxMonitor"="ALCXMNTR.EXE" - c:\windows\ALCXMNTR.EXE [2004-09-07 57344]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
EasyFP.lnk - c:\qoobox\Quarantine\C\Program Files\JDSoft\EasyFP\StartEasyFP.exe.vir [2009-7-14 36864]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
2007-02-16 01:02 50736 ----a-w- c:\windows\system32\avldr.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Java\\jre1.6.0_03\\launch4j-tmp\\JDownloader.exe"=
"c:\\Program Files\\Java\\jre1.6.0_03\\bin\\java.exe"=
"c:\\Program Files\\Java\\jre6\\launch4j-tmp\\JDownloader.exe"=
"c:\\WINDOWS\\system32\\java.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [22/09/2009 10:28 p.m. 64160]
R1 ShldDrv;Panda File Shield Driver;c:\windows\system32\drivers\ShlDrv51.sys [14/07/2009 01:19 a.m. 38968]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [27/07/2009 10:35 p.m. 55152]
R2 IsaMonitor;ISA Monitor Service;c:\program files\Asistente Infinitum\IsaMonitor.exe [14/08/2009 07:47 p.m. 185856]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [18/01/2009 03:34 p.m. 1028432]
R2 PavProc;Panda Process Protection Driver;c:\windows\system32\drivers\PavProc.sys [14/07/2009 01:19 a.m. 178872]
S2 Weemi Service;Weemi Service;"c:\documents and settings\All Users\Application Data\Weemi\weemi121.exe" "c:\program files\Weemi\weemi.dll" Service --> c:\documents and settings\All Users\Application Data\Weemi\weemi121.exe [?]
S3 FILEPRO;FILEPRO;c:\program files\JDSoft\EasyFP\filepro.sys [14/07/2009 11:58 p.m. 22003]
S3 fsssvc;Windows Live Protección Infantil;c:\program files\Windows Live\Family Safety\fsssvc.exe [06/02/2009 06:08 p.m. 533360]
S3 msCMTSrvc;Content Monitoring Tool;c:\windows\system32\msCMTSrvc.exe --> c:\windows\system32\msCMTSrvc.exe [?]

--- Other Services/Drivers In Memory ---

*Deregistered* - mchInjDrv

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-09-23 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 04:26]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.mx/
uDefault_Search_URL = hxxp://srch-qus7.hpwis.com/
mSearch Bar = hxxp://srch-qus7.hpwis.com/
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportar a Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
LSP: c:\program files\Prodigy Antivirus\Prodigy Antivirus\pavlsp.dll
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\bl8w3dh8.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - MyWebSearch
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.mx
FF - prefs.js: keyword.URL - hxxp://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZJxdm434YYMX&fl=0&ptb=pwcQiWVH3ZhzdeuQYqITYw&url=http://search.mywebsearch.com/mywebsearch/dft_redir.jhtml&st=kwd&searchfor=
FF - component: c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\bl8w3dh8.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}\components\XpcomOpusConnector.dll
FF - component: c:\program files\Real\RealPlayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Picasa2\npPicasa3.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHANS REMOVED - - - -

AddRemove-Weemi - c:\program files\Weemi\uninstall.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-24 20:35
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\System32\\Macromed\\Flash\\FlashUtil10c.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\WINDOWS\\System32\\Macromed\\Flash\\FlashUtil10c.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(644)
c:\windows\system32\avldr.dll

- - - - - - - > 'explorer.exe'(4452)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files\Prodigy Antivirus\Prodigy Antivirus\PsCtrlS.exe
c:\program files\Common Files\Panda Software\PavShld\PavPrSrv.exe
c:\program files\Prodigy Antivirus\Prodigy Antivirus\PAVSRV51.EXE
c:\program files\Prodigy Antivirus\Prodigy Antivirus\AVENGINE.EXE
c:\program files\Prodigy Antivirus\Prodigy Antivirus\PsImSvc.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Prodigy Antivirus\Prodigy Antivirus\WebProxy.exe
c:\windows\system32\rundll32.exe
.
**************************************************************************
.
Completion time: 2009-09-25 20:48 - machine was rebooted
ComboFix-quarantined-files.txt 2009-09-25 02:47
ComboFix2.txt 2009-09-24 05:13

Pre-Run: 68,577,439,744 bytes free
Post-Run: 68,666,822,656 bytes free

Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=,1,2,3,4
243 --- E O F --- 2009-09-09 07:03

QUE SIGUE??

**Leosolari** · 25/09/09, 08:09:52

Hola de nuevo

Desinstala CF de esta manera:

Ve a Inicio > Ejecutar
Escribe lo siguiente: ComboFix /u como muestra la imagen debajo:

o
Esto activara el desinstalador de ComboFix abriendo su pantalla principal y luego de unos segundos veras ("ComboFix is uninstalled")

Esto realizara las siguientes tareas:

Se borraran:
- ComboFix: sus archivos y carpetas.
- VundoFix: copias de seguridad (si está presente)
- La carpeta C:\Deckard (si está presente)
- La carpeta C: _OtMoveIt (si está presente)
Restablece la configuración del reloj.
Ocultar extensiones de archivo (si es necesario.)
Oculta los archivos que estaban ocultos
Reactiva el "Restaurar Sistema"

Descarga ADVANCED SYSTEMCARE 3 . Lo instalas y ejecutas de esta manera:

A.- Presiona el botón LIMPIEZA WINDOWS y luego ESCANEAR. Cuando termine, presionas el botón REPARAR.

B.- Presiona el botón PREVENCION Y MEJORA y luego ESCANEAR. Cuando termine, presionas el botón REPARAR.

C.- Presiona el botón UTILIDADES y alli utilizas el LIMPIADOR DE DISCO y el DESFRAGMENTADOR DE REGISTRO-

Reinicia el ordenador y nos comentas como funciona ahora.

Saludos

**arelysv84** · 28/09/09, 14:37:46

MUCHISIMAS GRACIAS, YA TRABAJA MUCHO MEJOR MI PC. SOS UN AMOR MIL GRACIAS

**Leosolari** · 28/09/09, 15:27:44

Por cualquier otro problema, no dudes en volver a postear. Te dejo saludos.

Tema Solucionado

PD: si deseas REABRIR ESTE TEMA, presiona

y un MODERADOR atenderà la consulta...

Por último te recomiendo suscribirte por email al Feed de nuestro Blog de Infospyware para estar al tanto de las nuevas amenazas que circulan por la red y así en un futuro puedas prevenirlas.

Mi PC esta muy lenta(solucionado)

Herramientas

Mi PC esta muy lenta(solucionado)

Re: Mi PC esta muy lenta

reporte de malwarebyte´s y combofix

Re: Mi PC esta muy lenta

reporte del combofix

Re: Mi PC esta muy lenta

Re: Mi PC esta muy lenta

Re: Mi PC esta muy lenta