• Registrarse
  • Iniciar sesión


  • Resultados 1 al 8 de 8

    Mi PC esta muy lenta(solucionado)

    Resumen del tema: Mi PC esta muy lenta(solucionado) - Hola, la verdad es la primera vez que hago esto, pero es que mi pc esta muy lenta y se cicla a cada rato, no se si tenga un virus pero espero que me puedan ...

      
    1. #1
      Usuario Avatar de arelysv84
      Registrado
      sep 2009
      Ubicación
      Coahuila
      Mensajes
      4

      Triste Mi PC esta muy lenta(solucionado)

      Hola, la verdad es la primera vez que hago esto, pero es que mi pc esta muy lenta y se cicla a cada rato, no se si tenga un virus pero espero que me puedan ayudar... Gracias

      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 10:03:45 p.m., on 22/09/2009
      Platform: Windows XP SP3 (WinNT 5.01.2600)
      MSIE: Internet Explorer v8.00 (8.00.6001.18702)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\csrss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\Asistente Infinitum\IsaMonitor.exe
      C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
      C:\Program Files\Prodigy Antivirus\Prodigy Antivirus\PsCtrls.exe
      C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
      C:\Program Files\Prodigy Antivirus\Prodigy Antivirus\pavsrv51.exe
      C:\Program Files\Prodigy Antivirus\Prodigy Antivirus\AVENGINE.EXE
      C:\Program Files\Prodigy Antivirus\Prodigy Antivirus\PsImSvc.exe
      C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Documents and Settings\All Users\Application Data\Weemi\weemi121.exe
      C:\WINDOWS\Explorer.EXE
      C:\windows\system\hpsysdrv.exe
      C:\WINDOWS\system32\hkcmd.exe
      C:\HP\KBD\KBD.EXE
      C:\Program Files\Prodigy Antivirus\Prodigy Antivirus\APVXDWIN.EXE
      C:\WINDOWS\ALCXMNTR.EXE
      C:\WINDOWS\system32\igfxtray.exe
      C:\Program Files\Common Files\Real\Update_OB\realsched.exe
      C:\Program Files\PowerISO\PWRISOVM.EXE
      C:\Program Files\Windows Live\Messenger\msnmsgr.exe
      C:\Program Files\Picasa2\PicasaMediaDetector.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Weemi\weemi.exe
      C:\WINDOWS\System32\alg.exe
      C:\Program Files\Prodigy Antivirus\Prodigy Antivirus\WebProxy.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\WINDOWS\System32\msiexec.exe
      C:\Documents and Settings\Owner\My Documents\Programas\Ad-AwareAE.exe
      C:\DOCUME~1\Owner\LOCALS~1\Temp\mia26.tmp\Ad-AwareAE.exe
      C:\Program Files\Mozilla Firefox\firefox.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\Program Files\Java\jre6\bin\jqs.exe
      C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
      C:\WINDOWS\system32\wbem\wmiprvse.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qus7.hpwis.com/
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qus7.hpwis.com/
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.live.com/sphome.aspx
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.live.com
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-qus7.hpwis.com/
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.live.com/sphome.aspx
      O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
      O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
      O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
      O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
      O2 - BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
      O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
      O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
      O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
      O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
      O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
      O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
      O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
      O4 - HKLM\..\Run: [WCOLOREAL] "C:\Program Files\Coloreal\coloreal.exe"
      O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
      O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded
      O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
      O4 - HKLM\..\Run: [PRISMSVR.EXE] "C:\WINDOWS\System32\PRISMSVR.EXE" /APPLY
      O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Prodigy Antivirus\Prodigy Antivirus\APVXDWIN.EXE" /s
      O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
      O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
      O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
      O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
      O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
      O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
      O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
      O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
      O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
      O4 - Global Startup: EasyFP.lnk = C:\Program Files\JDSoft\EasyFP\StartEasyFP.exe
      O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
      O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
      O9 - Extra button: Agregar entrada - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra 'Tools' menuitem: &Agregar entrada en Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)
      O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)
      O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
      O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/ZwinkyInitialSetup1.0.1.1.cab
      O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
      O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: ISA Monitor Service (IsaMonitor) - Fine Point Technologies, Inc. - C:\Program Files\Asistente Infinitum\IsaMonitor.exe
      O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
      O23 - Service: Content Monitoring Tool (msCMTSrvc) - Unknown owner - C:\WINDOWS\system32\msCMTSrvc.exe (file missing)
      O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
      O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
      O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Prodigy Antivirus\Prodigy Antivirus\PsCtrls.exe
      O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
      O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Prodigy Antivirus\Prodigy Antivirus\pavsrv51.exe
      O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Prodigy Antivirus\Prodigy Antivirus\PsImSvc.exe
      O23 - Service: Weemi Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\Weemi\weemi121.exe

      --
      End of file - 9704 bytes

    2. #2
      Moderador Gral.
      Avatar de Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      55.105

      Re: Mi PC esta muy lenta

      Hola


      Descarga lo siguiente:

      º CCLEANER. Lo instalas según Su Manual

      º MALWAREBYTE´S. Lo instalas y actualizas según su manual, PERO NO LO EJECUTES AUN

      º ComboFix.exe y guárdalo en el escritorio.


      Ejecuta CCLEANER usando sus opciones "Limpiador" y "Registro".

      Ejecuta MALWAREBYTE´S.

      Hacé un "escaneo completo". Una vez finalizado, si te detecta algo eliges " quitar lo seleccionado ".
      Si te pide reiniciar, lo haces.
      Ejecuta ComboFix.exe
      • Desactiva temporalmente el Antivirus y/o Antispyware.
      • Cierra todas las ventanas abiertas.
      • Hacele doble clic al archivo ComboFix.exe y seguí las instrucciones.
      • Cuando termine, generara un registro en C:\ComboFix.txt.
        • *Nota* Mientras CF este trabajando no mover el mouse ya que pararía su proceso.
        • *Nota* ComboFix puede reiniciar automáticamente el PC para completar el proceso de eliminación.
      Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.
      • Reinicia y pega el reporte de C:\ComboFix.txt en este mismo mensaje.



      PD: No vuelvas a ejecutar ComboFix ni ningun otro programa antivirus hasta que vuelva con una respuesta, ya que puedes hacer cambiar las cosas.


      En tu próxima respuesta, debes poner lo siguiente:

      º El reporte de malwarebyte´s, que se encuentra en su pestaña REGISTROS
      º El reporte de ComboFix
      º Un nuevo log de Hijackthis
      º Como funciona tu pc ahora


      Saludos

      `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.· No Desesperes.....Seguí Luchando `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.·

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de arelysv84
      Registrado
      sep 2009
      Ubicación
      Coahuila
      Mensajes
      4

      Triste reporte de malwarebyte´s y combofix

      El ccleaner se corrio perfectamente, este fue el resultado del malwarebyte:

      Malwarebytes' Anti-Malware 1.41
      Versión de la Base de Datos: 2854
      Windows 5.1.2600 Service Pack 3

      23/09/2009 10:05:49 p.m.
      mbam-log-2009-09-23 (22-05-49).txt

      Tipo de examen : Examen Completo (C:\|D:\|)
      Objetos examinados: 229569
      Tiempo transcurrido: 1 hour(s), 27 minute(s), 27 second(s)

      Procesos en Memoria Infectados: 0
      Módulos en Memoria Infectados: 0
      Claves del Registro Infectadas: 20
      Valores del Registro Infectados: 0
      Elementos de Datos del Registro Infectados: 0
      Carpetas Infectadas: 3
      Ficheros Infectados: 37

      Procesos en Memoria Infectados:
      (No se han detectado elementos maliciosos)

      Módulos en Memoria Infectados:
      (No se han detectado elementos maliciosos)

      Claves del Registro Infectadas:
      HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1e0de227-5ce4-4ea3-ab0c-8b03e1aa76bc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.

      Valores del Registro Infectados:
      (No se han detectado elementos maliciosos)

      Elementos de Datos del Registro Infectados:
      (No se han detectado elementos maliciosos)

      Carpetas Infectadas:
      C:\Documents and Settings\Owner\Application Data\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Owner\Application Data\FunWebProducts\Data (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Owner\Application Data\FunWebProducts\Data\Owner (Adware.MyWebSearch) -> Quarantined and deleted successfully.

      Ficheros Infectados:
      C:\Program Files\Windows Live\Messenger\riched20.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP114\A0007173.exe (Trojan.Agent) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP32\A0001755.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0041935.DLL (Adware.FunWeb) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042510.scr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042511.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042512.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042516.SCR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042517.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042519.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042524.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042525.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042526.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042527.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042528.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042529.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042531.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042532.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042533.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042534.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042535.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042536.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042537.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042538.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042539.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042550.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042553.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042554.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042555.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042556.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042557.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP170\A0042558.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP171\A0042612.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{C3A256EC-F74E-4D1B-B627-49321DAD0241}\RP182\A0060170.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Owner\Application Data\FunWebProducts\Data\Owner\avatar.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Owner\Application Data\FunWebProducts\Data\Owner\outfit.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Owner\Application Data\FunWebProducts\Data\Owner\zbucks.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.


      Tuve un poco de problemas al correr el combofix, porque me decia que tenia el "Microsoft Windows Recovery Console", que era necesario para poder arreglar algunas infecciones serias, que si lo queria descargar, le puse que si, asi que se lleno al 100% de la descarga y ya no hizo nada por 40 o 45 minutos, asi que la reinicie, lo volvi a correr y esta vez le puse que no se descargara, y este fue el reporte que me dio, no reinicio ni nada, solo puso este reporte:

      ComboFix 09-09-23.02 - Owner 23/09/2009 22:59.1.1 - NTFSx86
      Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.503.179 [GMT -6:00]
      Running from: c:\documents and settings\Owner\My Documents\Programas\ComboFix.exe
      AV: Prodigy Antivirus *On-access scanning disabled* (Updated) {EEE2D94A-D4C1-421A-AB2C-2CE8FE51747A}

      WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
      .

      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
      .

      c:\documents and settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Prodigy Antivirus.lnk
      c:\windows\Installer\26645.msi
      c:\windows\Installer\4a0e1.msp
      c:\windows\Installer\4a0e2.msp
      c:\windows\Installer\4a0e3.msp
      c:\windows\Installer\4a0e4.msp
      c:\windows\Installer\4a0e5.msp
      c:\windows\Installer\4a0e6.msp
      c:\windows\Installer\4a0e7.msp
      c:\windows\Installer\4a0e8.msp
      c:\windows\Installer\4a0e9.msp
      c:\windows\Installer\4a0ea.msp
      c:\windows\Installer\cf76a.msi
      c:\windows\Installer\cf76b.msp
      c:\windows\Installer\cf76c.msp
      c:\windows\Installer\cf76d.msp
      c:\windows\Installer\cf76e.msp
      c:\windows\Installer\cf76f.msp
      c:\windows\Installer\cf770.msp
      c:\windows\Installer\cf771.msp
      c:\windows\Installer\cf772.msp
      c:\windows\Installer\cf773.msp
      c:\windows\Installer\winamp.msi
      c:\windows\system32\iAlmcoin.dll
      c:\windows\system32\OgaCheckControl.dll
      c:\windows\system32\ps2.bat
      D:\Autorun.inf

      .
      ((((((((((((((((((((((((( Files Created from 2009-08-24 to 2009-09-24 )))))))))))))))))))))))))))))))
      .

      2009-09-24 02:36 . 2009-09-24 02:36 -------- d-----w- c:\documents and settings\Owner\Application Data\Malwarebytes
      2009-09-24 02:36 . 2009-09-10 20:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
      2009-09-24 02:36 . 2009-09-24 02:36 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
      2009-09-24 02:36 . 2009-09-24 02:36 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
      2009-09-24 02:36 . 2009-09-10 20:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
      2009-09-24 02:27 . 2009-09-24 02:27 -------- d-----w- c:\program files\CCleaner
      2009-09-23 04:43 . 2009-09-23 04:28 15688 ----a-w- c:\windows\system32\lsdelete.exe
      2009-09-23 04:28 . 2009-09-23 04:27 64160 ----a-w- c:\windows\system32\drivers\Lbd.sys
      2009-09-23 04:00 . 2009-09-23 04:00 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
      2009-09-23 03:59 . 2009-09-23 04:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
      2009-09-23 03:59 . 2009-09-23 03:59 -------- d-----w- c:\program files\Lavasoft
      2009-09-23 03:50 . 2009-09-23 03:50 -------- d-----w- c:\program files\Trend Micro
      2009-09-21 06:43 . 2009-09-21 06:43 -------- d-----w- c:\windows\system32\wbem\Repository
      2009-09-21 06:34 . 2009-09-21 06:34 -------- d-----w- c:\documents and settings\Administrator\IETldCache
      2009-09-21 06:33 . 2009-09-21 06:42 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Microsoft
      2009-09-21 06:33 . 2003-01-24 15:09 -------- d-----w- c:\documents and settings\Administrator\Application Data\VERITAS
      2009-09-21 06:33 . 2009-09-21 06:42 -------- d-s---w- c:\documents and settings\Administrator
      2009-09-09 04:17 . 2009-06-21 21:44 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
      2009-09-05 23:52 . 2009-09-05 23:52 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
      2009-09-05 23:14 . 2009-09-05 23:14 -------- d-----w- c:\documents and settings\Owner\Application Data\Digsby
      2009-09-05 23:14 . 2009-09-05 23:18 -------- d-----w- c:\documents and settings\Owner\Local Settings\Application Data\Digsby
      2009-09-05 23:14 . 2009-09-05 23:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Winferno
      2009-09-05 23:09 . 2009-09-05 23:33 -------- d-----w- c:\program files\Winferno
      2009-09-05 23:08 . 2009-09-23 03:01 -------- d-----w- c:\program files\Weemi
      2009-09-05 23:08 . 2009-09-23 02:45 -------- d-----w- c:\documents and settings\All Users\Application Data\Weemi
      2009-09-05 02:30 . 2009-09-05 02:30 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Google
      2009-09-05 02:23 . 2008-04-13 18:45 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
      2009-09-05 02:23 . 2008-04-13 18:45 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys

      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2009-09-23 03:53 . 2003-01-24 15:28 -------- d-----w- c:\program files\Java
      2009-09-09 18:12 . 2009-07-28 04:36 -------- d-----w- c:\program files\Microsoft Silverlight
      2009-09-05 02:30 . 2009-07-15 06:41 -------- d-----w- c:\program files\Picasa2
      2009-08-27 07:22 . 2009-07-16 04:53 69784 ----a-w- c:\documents and settings\Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
      2009-08-22 21:15 . 2009-08-22 21:09 -------- d-----w- c:\program files\PowerISO
      2009-08-22 07:54 . 2009-07-15 06:40 -------- d-----w- c:\program files\Nero
      2009-08-22 07:53 . 2009-07-15 06:40 -------- d-----w- c:\program files\Common Files\Nero
      2009-08-22 01:55 . 2003-01-24 15:09 -------- d-----w- c:\documents and settings\Owner\Application Data\VERITAS
      2009-08-18 03:19 . 2009-08-18 03:19 -------- d-----w- c:\program files\Windows Media Connect 2
      2009-08-16 02:22 . 2009-08-16 02:22 -------- d-----w- c:\program files\MSBuild
      2009-08-16 02:22 . 2009-08-16 02:22 -------- d-----w- c:\program files\Reference Assemblies
      2009-08-15 04:53 . 2009-08-15 01:47 -------- d-----w- c:\program files\Asistente Infinitum
      2009-08-15 01:47 . 2003-01-24 14:51 -------- d--h--w- c:\program files\InstallShield Installation Information
      2009-08-09 08:44 . 2009-07-15 05:51 -------- d-----w- c:\documents and settings\Owner\Application Data\uTorrent
      2009-08-06 01:50 . 2009-08-06 01:50 -------- d-----w- c:\documents and settings\Owner\Application Data\Megaupload
      2009-08-05 09:01 . 2003-03-13 09:29 204800 ----a-w- c:\windows\system32\mswebdvd.dll
      2009-07-31 21:23 . 2009-08-21 05:09 411368 ----a-w- c:\windows\system32\deploytk.dll
      2009-07-28 04:36 . 2009-07-28 04:32 -------- d-----w- c:\program files\Microsoft
      2009-07-28 04:36 . 2009-07-28 04:36 -------- d-----w- c:\program files\Microsoft Office Outlook Connector
      2009-07-28 04:35 . 2009-07-28 04:31 -------- d-----w- c:\program files\Windows Live
      2009-07-28 04:35 . 2009-07-28 04:35 -------- d-----w- c:\program files\Microsoft Sync Framework
      2009-07-28 04:34 . 2009-07-28 04:34 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
      2009-07-28 04:31 . 2009-07-28 04:31 -------- d-----w- c:\program files\Windows Live SkyDrive
      2009-07-28 04:16 . 2009-07-28 04:16 -------- d-----w- c:\program files\Common Files\Windows Live
      2009-07-27 02:43 . 2009-07-27 02:43 58908 ----a-w- c:\windows\system32\drivers\scdemu.sys
      2009-07-26 18:12 . 2009-07-26 17:57 -------- d-----w- c:\program files\SystemRequirementsLab
      2009-07-26 17:57 . 2009-07-26 17:57 -------- d-----w- c:\documents and settings\Owner\Application Data\SystemRequirementsLab
      2009-07-26 17:50 . 2009-07-26 17:50 -------- d-----w- c:\program files\Managed DirectX (0901)
      2009-07-25 04:18 . 2009-07-25 04:09 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
      2009-07-21 02:29 . 2009-07-15 06:39 716272 ----a-w- c:\windows\system32\drivers\sptd.sys
      2009-07-17 19:01 . 2003-03-13 09:59 58880 ----a-w- c:\windows\system32\atl.dll
      2009-07-15 05:51 . 2009-07-15 05:51 0 ----a-w- c:\windows\nsreg.dat
      2009-07-15 05:21 . 2009-07-15 05:21 248 ----a-w- c:\windows\system32\PavCPL.dat
      2009-07-14 05:43 . 2004-08-04 07:56 286208 ------w- c:\windows\system32\wmpdxm.dll
      2009-07-03 17:09 . 2006-06-23 17:33 915456 ----a-w- c:\windows\system32\wininet.dll
      .

      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4

      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-07 3885408]
      "Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2007-10-23 443968]
      "NVIEW"="nview.dll" - c:\windows\system32\nview.dll [2002-12-12 798789]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-08 52736]
      "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-06-21 126976]
      "KBD"="c:\hp\KBD\KBD.EXE" [2001-07-07 61440]
      "StorageGuard"="c:\program files\VERITAS Software\Update Manager\sgtray.exe" [2002-06-18 155648]
      "WCOLOREAL"="c:\program files\Coloreal\coloreal.exe" [2002-11-27 131072]
      "Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2002-09-14 212992]
      "PS2"="c:\windows\system32\ps2.exe" [2002-08-01 81920]
      "APVXDWIN"="c:\program files\Prodigy Antivirus\Prodigy Antivirus\APVXDWIN.EXE" [2007-10-04 455984]
      "IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-06-21 155648]
      "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-07-21 198160]
      "PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2009-07-27 180224]
      "Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-09-23 520024]
      "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
      "nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2002-12-12 319488]
      "AlcxMonitor"="ALCXMNTR.EXE" - c:\windows\ALCXMNTR.EXE [2004-09-07 57344]

      [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
      "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

      c:\documents and settings\All Users\Start Menu\Programs\Startup\
      EasyFP.lnk - c:\program files\JDSoft\EasyFP\StartEasyFP.exe [2009-7-14 36864]

      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
      2007-02-16 01:02 50736 ----a-w- c:\windows\system32\avldr.dll

      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
      @="Service"

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
      "%windir%\\system32\\sessmgr.exe"=
      "c:\\Program Files\\uTorrent\\uTorrent.exe"=
      "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
      "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
      "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
      "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
      "c:\\Program Files\\Java\\jre1.6.0_03\\launch4j-tmp\\JDownloader.exe"=
      "c:\\Program Files\\Java\\jre1.6.0_03\\bin\\java.exe"=
      "c:\\Program Files\\Java\\jre6\\launch4j-tmp\\JDownloader.exe"=
      "c:\\WINDOWS\\system32\\java.exe"=
      "c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
      "c:\\Program Files\\Java\\jre6\\bin\\java.exe"=

      R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [22/09/2009 10:28 p.m. 64160]
      R1 ShldDrv;Panda File Shield Driver;c:\windows\system32\drivers\ShlDrv51.sys [14/07/2009 01:19 a.m. 38968]
      R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [27/07/2009 10:35 p.m. 55152]
      R2 IsaMonitor;ISA Monitor Service;c:\program files\Asistente Infinitum\IsaMonitor.exe [14/08/2009 07:47 p.m. 185856]
      R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [18/01/2009 03:34 p.m. 1028432]
      R2 PavProc;Panda Process Protection Driver;c:\windows\system32\drivers\PavProc.sys [14/07/2009 01:19 a.m. 178872]
      R3 FILEPRO;FILEPRO;c:\program files\JDSoft\EasyFP\filepro.sys [14/07/2009 11:58 p.m. 22003]
      S2 Weemi Service;Weemi Service;c:\documents and settings\All Users\Application Data\Weemi\weemi121.exe [22/09/2009 08:45 p.m. 54624]
      S3 fsssvc;Windows Live Protección Infantil;c:\program files\Windows Live\Family Safety\fsssvc.exe [06/02/2009 06:08 p.m. 533360]
      S3 msCMTSrvc;Content Monitoring Tool;c:\windows\system32\msCMTSrvc.exe --> c:\windows\system32\msCMTSrvc.exe [?]

      --- Other Services/Drivers In Memory ---

      *NewlyCreated* - FILEPRO
      *Deregistered* - mchInjDrv

      [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
      "c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
      .
      Contents of the 'Scheduled Tasks' folder

      2009-09-23 c:\windows\Tasks\Ad-Aware Update (Weekly).job
      - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 04:26]
      .
      .
      ------- Supplementary Scan -------
      .
      uStart Page = hxxp://www.google.com.mx/
      uDefault_Search_URL = hxxp://srch-qus7.hpwis.com/
      mSearch Bar = hxxp://srch-qus7.hpwis.com/
      IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
      IE: E&xportar a Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
      LSP: c:\program files\Prodigy Antivirus\Prodigy Antivirus\pavlsp.dll
      DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
      DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
      FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\bl8w3dh8.default\
      FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
      FF - prefs.js: browser.search.selectedEngine - MyWebSearch
      FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.mx
      FF - prefs.js: keyword.URL - hxxp://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZJxdm434YYMX&fl=0&ptb=pwcQiWVH3ZhzdeuQYqITYw&url=http://search.mywebsearch.com/mywebsearch/dft_redir.jhtml&st=kwd&searchfor=
      FF - component: c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\bl8w3dh8.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}\components\XpcomOpusConnector.dll
      FF - component: c:\program files\Real\RealPlayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
      FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
      FF - plugin: c:\program files\Picasa2\npPicasa3.dll
      FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
      FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
      .

      **************************************************************************

      catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
      Rootkit scan 2009-09-23 23:09
      Windows 5.1.2600 Service Pack 3 NTFS

      scanning hidden processes ...

      scanning hidden autostart entries ...

      scanning hidden files ...


      c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\bl8w3dh8.default\prefs.js.BAK 6431 bytes

      scan completed successfully
      hidden files: 1

      **************************************************************************
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------

      [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\WINDOWS\\System32\\Macromed\\Flash\\FlashUtil10c.exe,-101"

      [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
      "Enabled"=dword:00000001

      [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
      @="c:\\WINDOWS\\System32\\Macromed\\Flash\\FlashUtil10c.exe"

      [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

      [HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker3"

      [HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"

      [HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      --------------------- DLLs Loaded Under Running Processes ---------------------

      - - - - - - - > 'winlogon.exe'(640)
      c:\windows\system32\avldr.dll
      .
      Completion time: 2009-09-24 23:13
      ComboFix-quarantined-files.txt 2009-09-24 05:13

      Pre-Run: 68,707,786,752 bytes free
      Post-Run: 68,696,924,160 bytes free

      Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=,1,2,3,4
      235 --- E O F --- 2009-09-09 07:03

    4. #4
      Moderador Gral.
      Avatar de Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      55.105

      Re: Mi PC esta muy lenta

      Hola arelysv84

      Realiza lo siguiente :

      • Clic en INICIO > EJECUTAR >
        • Y ahí pones notepad.exe y ACEPTAR
        • Ahora copia y pega el texto del cuadro de mas abajo dentro del Notepad


      Código:
      KillAll::
      
      File::
      c:\windows\nsreg.dat
      c:\program files\JDSoft\EasyFP\StartEasyFP.exe
      
      Folder::
      c:\program files\Weemi
      c:\documents and settings\All Users\Application Data\Weemi
      
      Rootkit::
      c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\bl8w3dh8.default\prefs.js.BAK

      • Guarda este archivo con el nombre CFScript.txt
      • Arrastra y suelta el archivo CFScript.txt dentro del archivo ComboFix.exe como lo muestra el screenshot de abajo.



      • ComboFix comenzará otra vez a ejecutarse. Cuando termine generara un nuevo reporte que tendras que pegar en este mismo tema.


      saludos

      `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.· No Desesperes.....Seguí Luchando `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.·

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #5
      Usuario Avatar de arelysv84
      Registrado
      sep 2009
      Ubicación
      Coahuila
      Mensajes
      4

      Idea reporte del combofix

      Este fue el resultado del reporte ya con archivo txt

      ComboFix 09-09-23.02 - Owner 24/09/2009 20:23.2.1 - NTFSx86
      Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.503.190 [GMT -6:00]
      Running from: c:\documents and settings\Owner\My Documents\Programas\ComboFix.exe
      Command switches used :: c:\documents and settings\Owner\Desktop\CFScript.txt
      AV: Prodigy Antivirus *On-access scanning enabled* (Updated) {EEE2D94A-D4C1-421A-AB2C-2CE8FE51747A}

      WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

      FILE ::
      "c:\program files\JDSoft\EasyFP\StartEasyFP.exe"
      "c:\windows\nsreg.dat"
      .

      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
      .

      c:\documents and settings\All Users\Application Data\Weemi
      c:\documents and settings\All Users\Application Data\Weemi\weemi121.exe
      c:\program files\JDSoft\EasyFP\StartEasyFP.exe
      c:\program files\Weemi
      c:\program files\Weemi\uninstall.exe
      c:\program files\Weemi\weemi.dll
      c:\program files\Weemi\weemi.exe
      c:\windows\nsreg.dat

      .
      ((((((((((((((((((((((((( Files Created from 2009-08-25 to 2009-09-25 )))))))))))))))))))))))))))))))
      .

      2009-09-24 02:36 . 2009-09-24 02:36 -------- d-----w- c:\documents and settings\Owner\Application Data\Malwarebytes
      2009-09-24 02:36 . 2009-09-10 20:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
      2009-09-24 02:36 . 2009-09-24 02:36 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
      2009-09-24 02:36 . 2009-09-24 02:36 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
      2009-09-24 02:36 . 2009-09-10 20:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
      2009-09-24 02:27 . 2009-09-24 02:27 -------- d-----w- c:\program files\CCleaner
      2009-09-23 04:43 . 2009-09-23 04:28 15688 ----a-w- c:\windows\system32\lsdelete.exe
      2009-09-23 04:28 . 2009-09-23 04:27 64160 ----a-w- c:\windows\system32\drivers\Lbd.sys
      2009-09-23 04:00 . 2009-09-23 04:00 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
      2009-09-23 03:59 . 2009-09-23 04:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
      2009-09-23 03:59 . 2009-09-23 03:59 -------- d-----w- c:\program files\Lavasoft
      2009-09-23 03:50 . 2009-09-23 03:50 -------- d-----w- c:\program files\Trend Micro
      2009-09-21 06:43 . 2009-09-21 06:43 -------- d-----w- c:\windows\system32\wbem\Repository
      2009-09-21 06:34 . 2009-09-21 06:34 -------- d-----w- c:\documents and settings\Administrator\IETldCache
      2009-09-21 06:33 . 2009-09-21 06:42 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Microsoft
      2009-09-21 06:33 . 2003-01-24 15:09 -------- d-----w- c:\documents and settings\Administrator\Application Data\VERITAS
      2009-09-21 06:33 . 2009-09-21 06:42 -------- d-s---w- c:\documents and settings\Administrator
      2009-09-09 04:17 . 2009-06-21 21:44 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
      2009-09-05 23:52 . 2009-09-05 23:52 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
      2009-09-05 23:14 . 2009-09-05 23:14 -------- d-----w- c:\documents and settings\Owner\Application Data\Digsby
      2009-09-05 23:14 . 2009-09-05 23:18 -------- d-----w- c:\documents and settings\Owner\Local Settings\Application Data\Digsby
      2009-09-05 23:14 . 2009-09-05 23:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Winferno
      2009-09-05 23:09 . 2009-09-05 23:33 -------- d-----w- c:\program files\Winferno
      2009-09-05 02:30 . 2009-09-05 02:30 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Google
      2009-09-05 02:23 . 2008-04-13 18:45 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
      2009-09-05 02:23 . 2008-04-13 18:45 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys

      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2009-09-23 03:53 . 2003-01-24 15:28 -------- d-----w- c:\program files\Java
      2009-09-09 18:12 . 2009-07-28 04:36 -------- d-----w- c:\program files\Microsoft Silverlight
      2009-09-05 02:30 . 2009-07-15 06:41 -------- d-----w- c:\program files\Picasa2
      2009-08-27 07:22 . 2009-07-16 04:53 69784 ----a-w- c:\documents and settings\Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
      2009-08-22 21:15 . 2009-08-22 21:09 -------- d-----w- c:\program files\PowerISO
      2009-08-22 07:54 . 2009-07-15 06:40 -------- d-----w- c:\program files\Nero
      2009-08-22 07:53 . 2009-07-15 06:40 -------- d-----w- c:\program files\Common Files\Nero
      2009-08-22 01:55 . 2003-01-24 15:09 -------- d-----w- c:\documents and settings\Owner\Application Data\VERITAS
      2009-08-18 03:19 . 2009-08-18 03:19 -------- d-----w- c:\program files\Windows Media Connect 2
      2009-08-16 02:22 . 2009-08-16 02:22 -------- d-----w- c:\program files\MSBuild
      2009-08-16 02:22 . 2009-08-16 02:22 -------- d-----w- c:\program files\Reference Assemblies
      2009-08-15 04:53 . 2009-08-15 01:47 -------- d-----w- c:\program files\Asistente Infinitum
      2009-08-15 01:47 . 2003-01-24 14:51 -------- d--h--w- c:\program files\InstallShield Installation Information
      2009-08-09 08:44 . 2009-07-15 05:51 -------- d-----w- c:\documents and settings\Owner\Application Data\uTorrent
      2009-08-06 01:50 . 2009-08-06 01:50 -------- d-----w- c:\documents and settings\Owner\Application Data\Megaupload
      2009-08-05 09:01 . 2003-03-13 09:29 204800 ----a-w- c:\windows\system32\mswebdvd.dll
      2009-07-31 21:23 . 2009-08-21 05:09 411368 ----a-w- c:\windows\system32\deploytk.dll
      2009-07-28 04:36 . 2009-07-28 04:32 -------- d-----w- c:\program files\Microsoft
      2009-07-28 04:36 . 2009-07-28 04:36 -------- d-----w- c:\program files\Microsoft Office Outlook Connector
      2009-07-28 04:35 . 2009-07-28 04:31 -------- d-----w- c:\program files\Windows Live
      2009-07-28 04:35 . 2009-07-28 04:35 -------- d-----w- c:\program files\Microsoft Sync Framework
      2009-07-28 04:34 . 2009-07-28 04:34 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
      2009-07-28 04:31 . 2009-07-28 04:31 -------- d-----w- c:\program files\Windows Live SkyDrive
      2009-07-28 04:16 . 2009-07-28 04:16 -------- d-----w- c:\program files\Common Files\Windows Live
      2009-07-27 02:43 . 2009-07-27 02:43 58908 ----a-w- c:\windows\system32\drivers\scdemu.sys
      2009-07-25 04:18 . 2009-07-25 04:09 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
      2009-07-21 02:29 . 2009-07-15 06:39 716272 ----a-w- c:\windows\system32\drivers\sptd.sys
      2009-07-17 19:01 . 2003-03-13 09:59 58880 ----a-w- c:\windows\system32\atl.dll
      2009-07-15 05:21 . 2009-07-15 05:21 248 ----a-w- c:\windows\system32\PavCPL.dat
      2009-07-14 05:43 . 2004-08-04 07:56 286208 ------w- c:\windows\system32\wmpdxm.dll
      2009-07-03 17:09 . 2006-06-23 17:33 915456 ------w- c:\windows\system32\wininet.dll
      .

      ((((((((((((((((((((((((((((( SnapShot@2009-09-24_05.09.41 )))))))))))))))))))))))))))))))))))))))))
      .
      + 2009-09-25 02:35 . 2009-09-25 02:35 16384 c:\windows\temp\Perflib_Perfdata_5f8.dat
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4

      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-07 3885408]
      "Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2007-10-23 443968]
      "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
      "NVIEW"="nview.dll" - c:\windows\system32\nview.dll [2002-12-12 798789]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-08 52736]
      "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-06-21 126976]
      "KBD"="c:\hp\KBD\KBD.EXE" [2001-07-07 61440]
      "StorageGuard"="c:\program files\VERITAS Software\Update Manager\sgtray.exe" [2002-06-18 155648]
      "WCOLOREAL"="c:\program files\Coloreal\coloreal.exe" [2002-11-27 131072]
      "Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2002-09-14 212992]
      "PS2"="c:\windows\system32\ps2.exe" [2002-08-01 81920]
      "APVXDWIN"="c:\program files\Prodigy Antivirus\Prodigy Antivirus\APVXDWIN.EXE" [2007-10-04 455984]
      "IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-06-21 155648]
      "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-07-21 198160]
      "PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2009-07-27 180224]
      "Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-09-23 520024]
      "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
      "nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2002-12-12 319488]
      "AlcxMonitor"="ALCXMNTR.EXE" - c:\windows\ALCXMNTR.EXE [2004-09-07 57344]

      [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
      "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

      c:\documents and settings\All Users\Start Menu\Programs\Startup\
      EasyFP.lnk - c:\qoobox\Quarantine\C\Program Files\JDSoft\EasyFP\StartEasyFP.exe.vir [2009-7-14 36864]

      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
      2007-02-16 01:02 50736 ----a-w- c:\windows\system32\avldr.dll

      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
      @="Service"

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
      "%windir%\\system32\\sessmgr.exe"=
      "c:\\Program Files\\uTorrent\\uTorrent.exe"=
      "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
      "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
      "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
      "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
      "c:\\Program Files\\Java\\jre1.6.0_03\\launch4j-tmp\\JDownloader.exe"=
      "c:\\Program Files\\Java\\jre1.6.0_03\\bin\\java.exe"=
      "c:\\Program Files\\Java\\jre6\\launch4j-tmp\\JDownloader.exe"=
      "c:\\WINDOWS\\system32\\java.exe"=
      "c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
      "c:\\Program Files\\Java\\jre6\\bin\\java.exe"=

      R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [22/09/2009 10:28 p.m. 64160]
      R1 ShldDrv;Panda File Shield Driver;c:\windows\system32\drivers\ShlDrv51.sys [14/07/2009 01:19 a.m. 38968]
      R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [27/07/2009 10:35 p.m. 55152]
      R2 IsaMonitor;ISA Monitor Service;c:\program files\Asistente Infinitum\IsaMonitor.exe [14/08/2009 07:47 p.m. 185856]
      R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [18/01/2009 03:34 p.m. 1028432]
      R2 PavProc;Panda Process Protection Driver;c:\windows\system32\drivers\PavProc.sys [14/07/2009 01:19 a.m. 178872]
      S2 Weemi Service;Weemi Service;"c:\documents and settings\All Users\Application Data\Weemi\weemi121.exe" "c:\program files\Weemi\weemi.dll" Service --> c:\documents and settings\All Users\Application Data\Weemi\weemi121.exe [?]
      S3 FILEPRO;FILEPRO;c:\program files\JDSoft\EasyFP\filepro.sys [14/07/2009 11:58 p.m. 22003]
      S3 fsssvc;Windows Live Protección Infantil;c:\program files\Windows Live\Family Safety\fsssvc.exe [06/02/2009 06:08 p.m. 533360]
      S3 msCMTSrvc;Content Monitoring Tool;c:\windows\system32\msCMTSrvc.exe --> c:\windows\system32\msCMTSrvc.exe [?]

      --- Other Services/Drivers In Memory ---

      *Deregistered* - mchInjDrv

      [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
      "c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
      .
      Contents of the 'Scheduled Tasks' folder

      2009-09-23 c:\windows\Tasks\Ad-Aware Update (Weekly).job
      - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 04:26]
      .
      .
      ------- Supplementary Scan -------
      .
      uStart Page = hxxp://www.google.com.mx/
      uDefault_Search_URL = hxxp://srch-qus7.hpwis.com/
      mSearch Bar = hxxp://srch-qus7.hpwis.com/
      IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
      IE: E&xportar a Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
      LSP: c:\program files\Prodigy Antivirus\Prodigy Antivirus\pavlsp.dll
      DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
      DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
      FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\bl8w3dh8.default\
      FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
      FF - prefs.js: browser.search.selectedEngine - MyWebSearch
      FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.mx
      FF - prefs.js: keyword.URL - hxxp://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZJxdm434YYMX&fl=0&ptb=pwcQiWVH3ZhzdeuQYqITYw&url=http://search.mywebsearch.com/mywebsearch/dft_redir.jhtml&st=kwd&searchfor=
      FF - component: c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\bl8w3dh8.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}\components\XpcomOpusConnector.dll
      FF - component: c:\program files\Real\RealPlayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
      FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
      FF - plugin: c:\program files\Picasa2\npPicasa3.dll
      FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
      FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
      .
      - - - - ORPHANS REMOVED - - - -

      AddRemove-Weemi - c:\program files\Weemi\uninstall.exe



      **************************************************************************

      catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
      Rootkit scan 2009-09-24 20:35
      Windows 5.1.2600 Service Pack 3 NTFS

      scanning hidden processes ...

      scanning hidden autostart entries ...

      scanning hidden files ...

      scan completed successfully
      hidden files: 0

      **************************************************************************
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------

      [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\WINDOWS\\System32\\Macromed\\Flash\\FlashUtil10c.exe,-101"

      [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
      "Enabled"=dword:00000001

      [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
      @="c:\\WINDOWS\\System32\\Macromed\\Flash\\FlashUtil10c.exe"

      [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

      [HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker3"

      [HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"

      [HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      --------------------- DLLs Loaded Under Running Processes ---------------------

      - - - - - - - > 'winlogon.exe'(644)
      c:\windows\system32\avldr.dll

      - - - - - - - > 'explorer.exe'(4452)
      c:\windows\system32\WININET.dll
      c:\windows\system32\ieframe.dll
      c:\windows\system32\webcheck.dll
      c:\windows\system32\WPDShServiceObj.dll
      c:\windows\system32\PortableDeviceTypes.dll
      c:\windows\system32\PortableDeviceApi.dll
      .
      ------------------------ Other Running Processes ------------------------
      .
      c:\program files\Java\jre6\bin\jqs.exe
      c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
      c:\program files\Prodigy Antivirus\Prodigy Antivirus\PsCtrlS.exe
      c:\program files\Common Files\Panda Software\PavShld\PavPrSrv.exe
      c:\program files\Prodigy Antivirus\Prodigy Antivirus\PAVSRV51.EXE
      c:\program files\Prodigy Antivirus\Prodigy Antivirus\AVENGINE.EXE
      c:\program files\Prodigy Antivirus\Prodigy Antivirus\PsImSvc.exe
      c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
      c:\windows\system32\wbem\unsecapp.exe
      c:\program files\Prodigy Antivirus\Prodigy Antivirus\WebProxy.exe
      c:\windows\system32\rundll32.exe
      .
      **************************************************************************
      .
      Completion time: 2009-09-25 20:48 - machine was rebooted
      ComboFix-quarantined-files.txt 2009-09-25 02:47
      ComboFix2.txt 2009-09-24 05:13

      Pre-Run: 68,577,439,744 bytes free
      Post-Run: 68,666,822,656 bytes free

      Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=,1,2,3,4
      243 --- E O F --- 2009-09-09 07:03

      QUE SIGUE??

    6. #6
      Moderador Gral.
      Avatar de Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      55.105

      Re: Mi PC esta muy lenta

      Hola de nuevo

      Desinstala CF de esta manera:

      • Ve a Inicio > Ejecutar
      • Escribe lo siguiente: ComboFix /u como muestra la imagen debajo:
        o
      • Esto activara el desinstalador de ComboFix abriendo su pantalla principal y luego de unos segundos veras ("ComboFix is uninstalled")


      Esto realizara las siguientes tareas:


      • Se borraran:
        • ComboFix: sus archivos y carpetas.
        • VundoFix: copias de seguridad (si está presente)
        • La carpeta C:\Deckard (si está presente)
        • La carpeta C: _OtMoveIt (si está presente)
      • Restablece la configuración del reloj.
      • Ocultar extensiones de archivo (si es necesario.)
      • Oculta los archivos que estaban ocultos
      • Reactiva el "Restaurar Sistema"




      Descarga ADVANCED SYSTEMCARE 3 . Lo instalas y ejecutas de esta manera:

      A.- Presiona el botón LIMPIEZA WINDOWS y luego ESCANEAR. Cuando termine, presionas el botón REPARAR.

      B.- Presiona el botón PREVENCION Y MEJORA y luego ESCANEAR. Cuando termine, presionas el botón REPARAR.

      C.- Presiona el botón UTILIDADES y alli utilizas el LIMPIADOR DE DISCO y el DESFRAGMENTADOR DE REGISTRO-



      Reinicia el ordenador y nos comentas como funciona ahora.

      Saludos

      `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.· No Desesperes.....Seguí Luchando `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.·

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    7. #7
      Usuario Avatar de arelysv84
      Registrado
      sep 2009
      Ubicación
      Coahuila
      Mensajes
      4

      Wink Re: Mi PC esta muy lenta

      MUCHISIMAS GRACIAS, YA TRABAJA MUCHO MEJOR MI PC. SOS UN AMOR MIL GRACIAS

    8. #8
      Moderador Gral.
      Avatar de Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      55.105

      Re: Mi PC esta muy lenta

      Por cualquier otro problema, no dudes en volver a postear. Te dejo saludos.


      Tema Solucionado



      PD: si deseas REABRIR ESTE TEMA, presiona y un MODERADOR atenderà la consulta...


      Por último te recomiendo suscribirte por email al Feed de nuestro Blog de Infospyware para estar al tanto de las nuevas amenazas que circulan por la red y así en un futuro puedas prevenirlas.

      `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.· No Desesperes.....Seguí Luchando `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.·

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.