Foro de InfoSpyware - Foro de Hijackthis - Foro de Virus

bueno primero que dana soy nuevo en el foro espero no este mal este poss ok bueno tengo unos procesos medios raros al momento de abrir una ventana de iexplorer en los procesos se me eleva la grafica al 100 % y me aparecen de 3 a 4 procesos de iexplorer uno de ellos consume el 40.6kb me recomendaron el combofix y aqui les posteo los resultados aver q diagnostico sale

ComboFix 09-10-04.01 - ANGEL 04/10/2009 15:37.1.2 - NTFSx86
Microsoft® Windows Vista™ Ultimate 6.0.6002.2.1252.52.3082.18.3326.2099 [GMT -5:00]
Running from: c:\users\ANGEL\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning enabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *enabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
SP: Kaspersky Internet Security *enabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\recycler\S-1-5-21-4191685020-9012219521-681871121-6867
c:\recycler\S-1-5-21-4191685020-9012219521-681871121-6867\apok35.exe
c:\recycler\S-1-5-21-4191685020-9012219521-681871121-6867\Desktop.ini
c:\recycler\S-1-5-21-8277264659-4909261492-219264329-4054
c:\users\ANGEL\AppData\Roaming\Microsoft\Clip Organizer\mstore10.mgc
c:\users\ANGEL\AppData\Roaming\Microsoft\Clip Organizer\Offic10.MGC
c:\windows\system32\prsgrc.dll
c:\windows\system32\ssprs.dll
c:\windows\system32\vgat83a.dll
.
((((((((((((((((((((((((( Files Created from 2009-09-04 to 2009-10-04 )))))))))))))))))))))))))))))))
.
2009-10-04 20:50 . 2009-10-04 20:51 -------- d-----w- c:\users\ANGEL\AppData\Local\temp
2009-10-04 20:50 . 2009-10-04 20:50 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-10-04 16:17 . 2009-10-04 16:17 -------- d-----w- c:\users\ANGEL\AppData\Roaming\Yahoo!
2009-10-04 16:17 . 2009-10-04 19:37 -------- d-----w- c:\program files\Yahoo!
2009-10-04 14:58 . 2009-10-04 20:33 -------- dc----w- c:\windows\system32\DRVSTORE
2009-10-04 14:51 . 2009-10-04 20:33 -------- dc-h--w- c:\programdata\~0
2009-10-04 14:51 . 2009-10-04 20:33 -------- d-----w- c:\programdata\Lavasoft
2009-10-04 14:51 . 2009-10-04 20:33 -------- d-----w- c:\program files\Lavasoft
2009-10-03 14:23 . 2009-10-03 14:23 -------- d-----w- c:\program files\Microsoft
2009-10-02 19:21 . 2009-10-01 15:29 195440 ------w- c:\windows\system32\MpSigStub.exe
2009-10-02 15:17 . 2009-10-02 15:17 -------- d-----w- c:\users\ANGEL\AppData\Roaming\Leadertech
2009-10-02 15:01 . 2009-10-02 15:01 -------- d-----w- c:\program files\EA Sports
2009-10-01 15:28 . 2008-07-12 13:18 467984 ----a-w- c:\windows\system32\d3dx10_39.dll
2009-10-01 15:28 . 2008-07-12 13:18 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2009-10-01 15:28 . 2008-07-12 13:18 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll
2009-09-30 01:10 . 2009-09-30 01:11 -------- d-----w- c:\users\ANGEL\AppData\Local\Computers and Structures
2009-09-28 20:36 . 2009-09-28 20:36 -------- d-----w- c:\program files\CAPCOM
2009-09-25 20:13 . 2009-09-25 20:31 -------- d-----w- C:\respaldo
2009-09-25 16:02 . 2009-09-25 16:02 -------- d---a-w- c:\windows\Filter
2009-09-25 16:02 . 2009-09-25 16:02 -------- d---a-w- c:\windows\EffRes
2009-09-25 16:02 . 2009-09-25 16:02 -------- d---a-w- c:\windows\Language
2009-09-25 16:02 . 2007-03-09 00:05 1466624 ----a-w- c:\windows\usbVM305.sys
2009-09-25 16:02 . 2007-03-09 00:03 1541120 ----a-w- c:\windows\VM305x64.sys
2009-09-25 16:02 . 2007-03-08 21:56 122880 ----a-w- c:\windows\rm305.exe
2009-09-25 16:02 . 2007-03-08 21:55 122880 ----a-w- c:\windows\rm305x64.exe
2009-09-25 16:02 . 2007-03-08 21:54 200704 ----a-w- c:\windows\RegUnstal.dll
2009-09-25 16:02 . 2007-01-05 18:37 81920 ----a-w- c:\windows\VM305Sti.dll
2009-09-25 16:02 . 2007-01-05 18:37 53248 ----a-w- c:\windows\Sti305.exe
2009-09-25 16:02 . 2007-01-05 18:37 24576 ----a-w- c:\windows\RunSetup.dll
2009-09-22 21:40 . 2009-09-22 21:40 -------- d-----w- c:\program files\NVIDIA Corporation
2009-09-21 18:23 . 2009-09-21 18:23 -------- d-----w- c:\program files\MSI
2009-09-15 18:58 . 2009-09-15 21:33 -------- d-----w- c:\users\ANGEL\AppData\Local\Google
2009-09-15 18:53 . 2009-09-17 14:33 -------- d-----w- c:\program files\Google
2009-09-15 18:50 . 2009-09-15 18:52 -------- d-----w- c:\windows\system32\Adobe
2009-09-14 17:46 . 2009-09-14 17:46 -------- d-----w- C:\ckis
2009-09-14 17:41 . 2009-09-22 12:32 95259 ----a-w- c:\windows\system32\drivers\klick.dat
2009-09-14 17:41 . 2009-09-22 12:32 107547 ----a-w- c:\windows\system32\drivers\klin.dat
2009-09-14 17:39 . 2009-10-04 20:50 172603680 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-09-14 17:39 . 2009-09-14 17:39 -------- d-----w- c:\program files\Kaspersky Lab
2009-09-10 21:29 . 2009-09-26 21:00 -------- d-----w- c:\users\ANGEL\AppData\Roaming\Dark Sector
2009-09-10 04:28 . 2009-08-14 16:27 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-09-10 04:28 . 2009-08-14 13:49 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-09-10 04:28 . 2009-08-14 13:49 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-09-10 04:28 . 2009-08-14 13:49 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-09-10 04:28 . 2009-08-14 13:48 105984 ----a-w- c:\windows\system32\netiohlp.dll
2009-09-10 04:28 . 2009-08-14 13:49 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-09-10 04:28 . 2009-08-14 13:49 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-09-10 04:28 . 2009-08-14 13:49 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-09-10 04:28 . 2009-08-14 13:49 10240 ----a-w- c:\windows\system32\finger.exe
2009-09-10 04:28 . 2009-08-14 13:48 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2009-09-10 04:28 . 2009-08-14 15:53 17920 ----a-w- c:\windows\system32\netevent.dll
2009-09-10 04:27 . 2009-07-11 19:01 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2009-09-10 04:27 . 2009-07-11 17:03 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2009-09-10 04:27 . 2009-07-11 19:01 302592 ----a-w- c:\windows\system32\wlansec.dll
2009-09-10 04:27 . 2009-07-11 19:01 65024 ----a-w- c:\windows\system32\wlanapi.dll
2009-09-10 04:27 . 2009-07-11 19:01 513536 ----a-w- c:\windows\system32\wlansvc.dll
2009-09-10 04:27 . 2009-06-10 11:41 2868224 ----a-w- c:\windows\system32\mf.dll
2009-09-07 18:37 . 2009-09-14 21:20 -------- d-----w- c:\users\ANGEL\AppData\Roaming\HpUpdate
2009-09-07 18:36 . 2009-09-07 18:36 -------- d-----w- c:\windows\Hewlett-Packard
2009-09-06 23:48 . 2009-09-06 23:48 -------- d-----w- c:\windows\system32\xlive
2009-09-06 23:48 . 2009-09-06 23:49 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2009-09-06 23:47 . 2008-10-27 15:04 514384 ----a-w- c:\windows\system32\XAudio2_3.dll
2009-09-06 23:47 . 2008-10-27 15:04 235856 ----a-w- c:\windows\system32\xactengine3_3.dll
2009-09-06 23:47 . 2008-10-27 15:04 70992 ----a-w- c:\windows\system32\XAPOFX1_2.dll
2009-09-06 23:47 . 2008-10-27 15:04 23376 ----a-w- c:\windows\system32\X3DAudio1_5.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2009-10-04 19:45 . 2009-04-11 16:52 666672 ----a-w- c:\windows\system32\perfh00A.dat
2009-10-04 19:45 . 2009-04-11 16:52 129582 ----a-w- c:\windows\system32\perfc00A.dat
2009-10-04 19:38 . 2009-08-23 00:19 -------- d-----w- c:\programdata\Kaspersky Lab
2009-10-04 19:37 . 2009-09-22 21:43 32879 ----a-w- c:\programdata\nvModes.dat
2009-10-04 19:37 . 2009-08-12 21:28 -------- d-----w- c:\programdata\NVIDIA
2009-10-04 16:53 . 2009-09-14 17:39 2277980 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-10-04 05:26 . 2009-08-12 22:09 -------- d-----w- c:\users\ANGEL\AppData\Roaming\vlc
2009-10-02 00:28 . 2009-10-02 00:28 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_xusb21_010 05.Wdf
2009-10-01 16:11 . 2009-08-12 21:42 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-09-30 01:08 . 2009-09-30 01:08 1024 ----a-w- c:\windows\system32\trpbgj5.dll
2009-09-30 01:08 . 2009-09-30 01:08 1024 ----a-w- c:\windows\system32\grcauth2.dll
2009-09-30 01:08 . 2009-09-30 01:08 1024 ----a-w- c:\windows\system32\grcauth1.dll
2009-09-30 01:08 . 2009-09-30 01:08 1024 ----a-w- c:\windows\system32\clauth2.dll
2009-09-30 01:08 . 2009-09-30 01:08 1024 ----a-w- c:\windows\system32\clauth1.dll
2009-09-22 21:38 . 2009-08-15 01:59 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-09-22 21:38 . 2009-08-15 02:33 -------- d-----w- c:\program files\AGEIA Technologies
2009-09-18 19:28 . 2009-08-12 21:08 680 ----a-w- c:\users\ANGEL\AppData\Local\d3d9caps.dat
2009-09-14 18:13 . 2007-10-31 18:41 112144 ----a-w- c:\windows\system32\drivers\kl1.sys
2009-09-14 17:14 . 2009-08-31 17:39 -------- d-----w- c:\programdata\HP Product Assistant
2009-09-10 08:10 . 2009-08-13 20:17 -------- d-----w- c:\program files\Microsoft Silverlight
2009-09-10 08:01 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-09-10 08:01 . 2009-08-12 21:45 -------- d-----w- c:\programdata\Microsoft Help
2009-09-07 18:37 . 2009-08-31 17:35 -------- d-----w- c:\program files\HP
2009-09-04 22:44 . 2009-09-18 16:23 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2009-09-04 22:44 . 2009-09-18 16:23 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2009-09-04 22:44 . 2009-09-18 16:23 238936 ----a-w- c:\windows\system32\xactengine3_5.dll
2009-09-04 22:29 . 2009-09-18 16:23 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2009-09-04 22:29 . 2009-09-18 16:23 235344 ----a-w- c:\windows\system32\d3dx11_42.dll
2009-09-04 22:29 . 2009-09-18 16:23 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2009-09-04 22:29 . 2009-09-18 16:23 5501792 ----a-w- c:\windows\system32\d3dcsx_42.dll
2009-09-04 22:29 . 2009-09-18 16:23 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2009-08-31 18:07 . 2009-08-31 18:07 -------- d-----w- c:\programdata\HPSSUPPLY
2009-08-31 17:44 . 2009-08-31 17:41 -------- d-----w- c:\users\ANGEL\AppData\Roaming\HP
2009-08-31 17:41 . 2009-08-31 17:34 163779 ----a-w- c:\windows\hpoins37.dat
2009-08-31 17:41 . 2009-08-31 17:41 -------- d-----w- c:\programdata\WEBREG
2009-08-31 17:40 . 2009-08-31 17:32 -------- d-----w- c:\programdata\HP
2009-08-31 17:36 . 2009-08-31 17:36 -------- d-----w- c:\program files\Common Files\HP
2009-08-31 17:36 . 2009-08-31 17:36 -------- d-----w- c:\program files\Common Files\Hewlett-Packard
2009-08-31 17:35 . 2009-08-31 17:35 -------- d-----w- c:\program files\Hewlett-Packard
2009-08-31 15:54 . 2009-08-31 15:54 -------- d-----w- c:\users\ANGEL\AppData\Roaming\dvdcss
2009-08-31 15:27 . 2009-08-31 15:27 -------- d-----w- c:\program files\Alcohol Soft
2009-08-30 02:39 . 2009-08-12 21:09 99864 ----a-w- c:\users\ANGEL\AppData\Local\GDIPFONTCACHEV1.DAT
2009-08-30 00:27 . 2009-08-30 00:03 -------- d-----w- c:\programdata\Autodesk
2009-08-30 00:03 . 2009-08-30 00:03 -------- d-----w- c:\users\ANGEL\AppData\Roaming\Autodesk
2009-08-29 00:27 . 2009-09-02 23:26 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-08-29 00:14 . 2009-09-02 23:26 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-08-27 14:01 . 2009-08-27 14:01 139152 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-08-27 14:01 . 2009-08-27 14:01 139152 ----a-w- c:\users\ANGEL\AppData\Roaming\PnkBstrK.sys
2009-08-27 14:01 . 2009-08-27 14:01 139152 ----a-w- c:\users\ANGEL\AppData\Roaming\PnkBstrK.sys
2009-08-27 14:01 . 2009-08-27 14:01 111928 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-08-27 14:01 . 2009-08-27 14:01 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-08-27 14:01 . 2009-08-27 14:01 794408 ----a-w- c:\windows\system32\pbsvc.exe
2009-08-25 17:21 . 2009-08-25 17:21 -------- d-----w- c:\program files\ESET
2009-08-25 17:17 . 2009-08-22 16:15 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files
2009-08-23 15:01 . 2009-08-23 15:01 -------- d-----w- c:\programdata\WindowsSearch
2009-08-20 01:20 . 2009-08-20 01:20 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-08-20 01:19 . 2009-08-20 01:19 -------- d-----w- c:\program files\Java
2009-08-18 16:34 . 2009-08-18 16:34 -------- d-----w- c:\program files\Unity
2009-08-18 00:05 . 2009-08-12 22:02 -------- d-----w- c:\program files\Common Files\Adobe
2009-08-17 07:42 . 2009-08-17 07:42 2505248 ----a-w- c:\windows\system32\nvcpluir.dll
2009-08-17 07:42 . 2009-08-17 07:42 2173472 ----a-w- c:\windows\system32\nvcplui.exe
2009-08-17 07:42 . 2009-08-17 07:42 1411616 ----a-w- c:\windows\system32\nvsvsr.dll
2009-08-17 07:42 . 2009-08-17 07:42 1346080 ----a-w- c:\windows\system32\nvsvs.dll
2009-08-17 05:57 . 2009-08-17 05:57 9545152 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2009-08-17 05:57 . 2009-08-17 05:57 485920 ----a-w- c:\windows\system32\nvudisp.exe
2009-08-17 05:57 . 2009-08-17 05:57 4224 ----a-w- c:\windows\system32\drivers\nvBridge.kmd
2009-08-17 05:57 . 2009-08-17 05:57 3298304 ----a-w- c:\windows\system32\nvwgf2um.dll
2009-08-17 05:57 . 2009-08-17 05:57 2169376 ----a-w- c:\windows\system32\nvcuvid.dll
2009-08-17 05:57 . 2009-08-17 05:57 1985536 ----a-w- c:\windows\system32\nvcuda.dll
2009-08-17 05:57 . 2009-08-17 05:57 1706528 ----a-w- c:\windows\system32\nvcuvenc.dll
2009-08-17 05:57 . 2009-08-17 05:57 155648 ----a-w- c:\windows\system32\nvcod162.dll
2009-08-17 05:57 . 2009-08-17 05:57 155648 ----a-w- c:\windows\system32\nvcod.dll
2009-08-17 05:57 . 2009-08-17 05:57 10858496 ----a-w- c:\windows\system32\nvoglv32.dll
2009-08-17 05:57 . 2007-06-28 16:43 7569920 ----a-w- c:\windows\system32\nvd3dum.dll
2009-08-17 05:57 . 2007-06-28 16:43 1044992 ----a-w- c:\windows\system32\nvapi.dll
2009-08-15 01:52 . 2009-08-12 22:40 -------- d-----w- c:\users\ANGEL\AppData\Roaming\DAEMON Tools Lite
2009-08-15 01:28 . 2009-08-12 21:48 -------- d-----w- c:\program files\Microsoft Works
2009-08-14 18:36 . 2009-08-14 18:36 70936 ----a-w- c:\windows\system32\PhysXLoader.dll
2009-08-13 23:43 . 2009-08-13 23:43 -------- d-----w- c:\program files\MSXML 4.0
2009-08-13 00:52 . 2009-08-13 00:40 -------- d-----w- c:\users\ANGEL\AppData\Roaming\Nero
2009-08-13 00:39 . 2009-08-13 00:22 -------- d-----w- c:\program files\Common Files\Nero
2009-08-13 00:31 . 2009-08-13 00:22 -------- d-----w- c:\program files\Nero
2009-08-13 00:27 . 2009-08-13 00:22 -------- d-----w- c:\programdata\Nero
2009-08-12 22:43 . 2009-08-12 22:43 -------- d-----w- c:\programdata\DAEMON Tools Lite
2009-08-12 22:43 . 2009-08-12 22:42 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2009-08-12 22:43 . 2009-08-12 22:42 -------- d-----w- c:\program files\DAEMON Tools Lite
2009-08-12 22:41 . 2009-08-12 22:41 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-08-12 22:11 . 2009-08-12 22:10 -------- d-----w- c:\program files\Windows Live
2009-08-12 22:11 . 2009-08-12 22:11 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-08-12 22:09 . 2009-08-12 22:09 -------- d-----w- c:\program files\VideoLAN
2009-08-12 22:03 . 2009-08-12 22:03 -------- d-----w- c:\program files\Common Files\Windows Live
2009-08-12 21:52 . 2009-08-12 21:52 -------- d-----w- c:\program files\MSECache
2009-08-12 21:48 . 2006-11-02 12:35 -------- d-----w- c:\program files\MSBuild
2009-08-12 21:47 . 2009-08-12 21:47 -------- d-----w- c:\program files\Microsoft.NET
2009-08-12 21:47 . 2009-08-12 21:47 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2009-08-12 21:42 . 2009-08-12 21:12 -------- d-----w- c:\program files\Common Files\InstallShield
2009-08-12 21:39 . 2009-08-12 21:39 -------- d-----w- c:\program files\FT27B2
2009-08-12 21:38 . 2009-08-12 21:38 -------- d-----w- c:\program files\FT2491
2009-08-12 21:04 . 2009-08-12 21:04 -------- d-sh--we c:\programdata\Plantillas
2009-08-12 21:04 . 2009-08-12 21:04 -------- d-sh--we c:\programdata\Menú Inicio
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]
"USDownloader"="c:\users\ANGEL\Documents\USDownloa der134\USDownloader134\USDownloader.exe" [2007-06-15 526336]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-08-20 149280]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\KASPER~1\KASPER~1.0\r3h ook.dll c:\progra~1\KASPER~1\KASPER~1.0\adialhk.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\WinDefend]
@="Service"
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Wind ows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):18,aa,f7,f7,a9,ba,c9,01
[HKLM\~\services\sharedaccess\parameters\firewallpo licy\FirewallRules]
"{4B6051EE-1B87-4DF7-BA44-BD9C2158E45B}"= UDP:c:\users\ANGEL\Documents\USDownloader134\USDow nloader134\USDownloader.exe:USDownloader
"{F2E4637F-87DA-4D1A-9580-6DB7AED636DF}"= TCP:c:\users\ANGEL\Documents\USDownloader134\USDow nloader134\USDownloader.exe:USDownloader
"TCP Query User{D5D1D8F6-E408-47E1-971E-7DD264A9ED49}c:\\program files\\windows live\\messenger\\msnmsgr.exe"= UDP:c:\program files\windows live\messenger\msnmsgr.exe:Windows Live Messenger
"TCP Query User{729F5339-CFA6-4C5D-B95D-1DA287BF9401}c:\\program files\\aspyr\\dark sector\\ds.exe"= UDP:c:\program files\aspyr\dark sector\ds.exeark Sector
"UDP Query User{92CD5BA2-4126-4402-8088-B0541AF36D77}c:\\program files\\aspyr\\dark sector\\ds.exe"= TCP:c:\program files\aspyr\dark sector\ds.exeark Sector
"{29ED467A-9830-46CD-BBCF-4956836FDA76}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{CAFB3576-29D0-49D5-89E6-A27D839005BA}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{AE86EE8A-2C9B-4D5E-B31D-F4A68AB95BF6}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{CB5DABD3-59D1-4217-8AD2-8D9D3A6A06DA}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{114AFEBB-425E-4BDD-B13E-C0CEFFF05746}"= c:\program files\HP\Digital Imaging\bin\hpqtra08.exe:hpqtra08.exe
"{FB7F79F4-4FB7-49DE-915F-9B7F508C371A}"= c:\program files\HP\Digital Imaging\bin\hpqste08.exe:hpqste08.exe
"{F3E1C5A8-17EA-47B9-A32C-F1B7825880BB}"= c:\program files\HP\Digital Imaging\bin\hposid01.exe:hposid01.exe
"{DB759481-F4BB-474B-8251-45660CA311EC}"= c:\program files\HP\Digital Imaging\bin\hpqkygrp.exe:hpqkygrp.exe
"{A9A58A70-69E5-498F-B0CB-4B503EC52B42}"= c:\program files\HP\Digital Imaging\bin\hpfccopy.exe:hpfccopy.exe
"{77454D17-85AB-4F9A-B8D9-8C4DA9AA9B24}"= c:\program files\HP\Digital Imaging\bin\hpoews01.exe:hpoews01.exe
"{824B7682-03AC-4EA7-A49D-278F0C09C688}"= c:\program files\HP\Digital Imaging\bin\hpiscnapp.exe:hpiscnapp.exe
"{1DDD23B2-0054-45A8-BED0-8A4285D77A4C}"= c:\program files\HP\Digital Imaging\bin\hpqcopy2.exe:hpqcopy2.exe
"{EBE9ACF9-64CA-4398-A6D3-38D89E0DB5F5}"= c:\program files\HP\Digital Imaging\bin\hpqgplgtupl.exe:hpqgplgtupl.exe
"{4195B481-2C15-4EFC-BE1B-8E5D321B4C3E}"= c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe:hpqgpc01.exe
"TCP Query User{CBC256AB-C76F-4A07-AEA5-056CCFB9B65C}c:\\program files\\nd games\\dark sector\\ds.exe"= UDP:c:\program files\nd games\dark sector\ds.exeark Sector
"UDP Query User{DBC4DE99-B5B3-4BC7-84AD-E4B35C36B56F}c:\\program files\\nd games\\dark sector\\ds.exe"= TCP:c:\program files\nd games\dark sector\ds.exeark Sector
"TCP Query User{5CA488DC-28BE-4774-9C43-C3BC31AEEC57}c:\\kav\\kaspersky internet security 7.0.1.325\\spanish\\setup.exe"= UDP:c:\kav\kaspersky internet security 7.0.1.325\spanish\setup.exe:Kaspersky Internet Security 7.0 Instalación
"UDP Query User{0C745E64-7463-498E-981D-9E1BF5CF05E3}c:\\kav\\kaspersky internet security 7.0.1.325\\spanish\\setup.exe"= TCP:c:\kav\kaspersky internet security 7.0.1.325\spanish\setup.exe:Kaspersky Internet Security 7.0 Instalación
"TCP Query User{3425B7EA-C5AB-4C1B-8EBA-D074DCB30079}c:\\program files\\java\\jre6\\bin\\javaw.exe"= UDP:c:\program files\java\jre6\bin\javaw.exe:Java(TM) Platform SE binary
"UDP Query User{BB11A3D6-D2E8-41D6-94E2-1B83FDE4E5CE}c:\\program files\\java\\jre6\\bin\\javaw.exe"= TCP:c:\program files\java\jre6\bin\javaw.exe:Java(TM) Platform SE binary
"{FA587C05-FA3B-4E8B-9E52-2F0EFF76F699}"= UDP:c:\program files\CAPCOM\RESIDENT EVIL 5\RE5DX9.EXE:RESIDENT EVIL 5 (DX9)
"{90B33A92-F3E3-4639-92BD-974A1AC41FF2}"= TCP:c:\program files\CAPCOM\RESIDENT EVIL 5\RE5DX9.EXE:RESIDENT EVIL 5 (DX9)
"{09157648-DE1A-41D5-895F-31BC14AEA2E5}"= UDP:c:\program files\CAPCOM\RESIDENT EVIL 5\RE5DX10.EXE:RESIDENT EVIL 5 (DX10)
"{FAAA7860-C45B-4E40-917A-E912BE141B4D}"= TCP:c:\program files\CAPCOM\RESIDENT EVIL 5\RE5DX10.EXE:RESIDENT EVIL 5 (DX10)
"TCP Query User{F2295FF5-6484-4A0F-8E3D-B3B411622A92}c:\\program files\\java\\jre6\\bin\\java.exe"= UDP:c:\program files\java\jre6\bin\java.exe:Java(TM) Platform SE binary
"UDP Query User{04DA540B-FE4E-4359-84BB-8C0131D785B2}c:\\program files\\java\\jre6\\bin\\java.exe"= TCP:c:\program files\java\jre6\bin\java.exe:Java(TM) Platform SE binary
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\System32\drivers\klim6.sys [16/10/2007 11:05 a.m. 20496]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [17/08/2009 01:32 a.m. 239648]
R3 VL807;VL807 Filter;c:\windows\System32\drivers\VL807.sys [12/08/2009 04:38 p.m. 22016]
S3 XBox;XBox Filter;c:\windows\System32\drivers\Xbox.sys [12/08/2009 04:39 p.m. 22528]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSe tup SIGNUP
.
Contents of the 'Scheduled Tasks' folder
2009-10-04 c:\windows\Tasks\User_Feed_Synchronization-{BCBD3FCD-AA3E-4067-9247-61D4BCEF00CC}.job
- c:\windows\system32\msfeedssync.exe [2009-08-12 20:13]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://google.com/
IE: Agregar al componente Anti-Banners - c:\program files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
IE: Descargar con USDownloader - c:\users\ANGEL\Documents\USDownloader134\USDownloa der134\Ext\downloadie.html
IE: E&xportar a Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} - hxxp://liveupdate.msi.com.tw/autobios/LOnline/install.cab
.
************************************************** ************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-04 15:51
Windows 6.0.6002 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...

c:\users\ANGEL\AppData\Local\Temp\catchme.dll 53248 bytes executable
scan completed successfully
hidden files: 1
************************************************** ************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(920)
c:\progra~1\KASPER~1\KASPER~1.0\r3hook.dll
c:\progra~1\KASPER~1\KASPER~1.0\adialhk.dll
- - - - - - - > 'lsass.exe'(740)
c:\progra~1\KASPER~1\KASPER~1.0\r3hook.dll
c:\progra~1\KASPER~1\KASPER~1.0\adialhk.dll
c:\program files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll
.
Completion time: 2009-10-04 15:54
ComboFix-quarantined-files.txt 2009-10-04 20:54
Pre-Run: 65,837,883,392 bytes libres
Post-Run: 65,910,063,104 bytes libres
302 --- E O F --- 2009-10-02 19:21


aqui el reporte del HJT
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 05:41:59 p.m., on 04/10/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10c.ex e
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [USDownloader] "C:\Users\ANGEL\Documents\USDownloader134\USDownlo ader134\USDownloader.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O8 - Extra context menu item: Agregar al componente Anti-Banners - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
O8 - Extra context menu item: Descargar con USDownloader - C:\Users\ANGEL\Documents\USDownloader134\USDownloa der134\Ext\downloadie.html
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Estadísticas del componente Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Selección inteligente de HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/LOnline/install.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldes-es.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\r3hook.dll C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

--
End of file - 6547 bytes

esos son los datos ... espero me echen la mano gracias

Hola zed12

El log de hijackthis está limpio.


Saludos


PD:

bueno eso es buena noticia pero aun asi mi cpu se eleva al 100 % de su capacidad y me aparecen de 2 a 3 procesos de iexplorer y aveces se alenta el inter como la compu
algo mas q se deva o se pueda hacer
gracias

Por favor, sigue estos pasos:

Descarga lo siguiente:

º CCLEANER. Lo instalas según Su Manual

º DR WEB CURE-IT y su MANUAL


Ejecuta CCLEANER usando primero su opción de "Limpiador" para borrar cookies, temporales de Internet y todos los archivos que este te muestre como obsoletos, y luego usa su opción de "Registro" para limpiar todo el registro de Windows (haciendo copia de seguridad).


Ejecuta DR WEB, haciendo 1ero un chequeo express y luego un EXAMEN COMPLETO, eliminado todo lo que encuentre.

Realiza un scan online con Kaspersky o con Panda Active Scan.


En tu pròxima respuesta, debes pegar el reporte de DR WEB y el del scan online.

bueno una disculpa me tarde en constesta ya q el scaner del dr web tarto mucho

bueno primero te pongo el reporte del scaner en linea

fue con el panda scaner


aqui el reporte del DR WEB

A0039979.exe\nircmd.exe;D:\System Volume Information\_restore{98DF804A-3E7B-4D1E-9F6A-AD1CBE29D537}\RP234\A0039979.exe;Tool.NirCmd.1;;
A0039979.exe;D:\System Volume Information\_restore{98DF804A-3E7B-4D1E-9F6A-AD1CBE29D537}\RP234;Archivo comprimido contiene objetos infectados;Movido.;
A0039984.exe;D:\System Volume Information\_restore{98DF804A-3E7B-4D1E-9F6A-AD1CBE29D537}\RP234;Tool.StartupRun.122;Incurable. Eliminado.;


bueno el primero me detecto en la particion c:
el segundo me detecto en la particion d:

espero diagnostico por hacer

º Descarga OTM by OldTimer en el escritorio.

º Hace doble clic sobre OTM.exe para ejecutarlo.

º Asegurate que esté marcado "Unregister Dll's and Ocx's".

º Copia el texto que se encuentra dentro del recuadrado de abajo, y pegalo en el marco izquierdo de OTMoveIt llamado "Paste instruccions for items to be moved ".


º Hace clic en MoveIt para lanzar la supresión. En la parte derecha de la ventana del programa llamada Results podes ver los resultados de la supresión.

º Simultáneamente se abrirá un aviso preguntando si deseas reiniciar el PC. Debes pulsar YES. En caso de no preguntar, deberás reiniciar de todas maneras, para terminar con la eliminación.

º Los resultados aparecen después del reinicio en C: \ _ OTM\MovedFiles\***_***.log (Donde sale "***_***" es la fecha y hora).

Este resultado debes copiar y pegar en tu próxima respuesta.

buenas dias

aqui te pongo los resultados del OTM

me manda un segundo archivo con extencion .res de 1 kb no lo puedo abrir o no tiene nada por q lo abri con el blok de notas y no sala nada

bueno hay t edejo el resultado espero respuesta

bro disculpa pero me podrias decir si aqui se termino el proceso de curacion de mi maquina ??????

o falta algo q no se haya eliminado

o alo mejor andas ocupadon y no has visto mi reporte del otm
jeje

bueno creo q mi poss paso a la historia aun se siguen ejecuntado dos iexplorer al abrir una ventana a internet
y ya no se eleva tanto el cpu pero si llega a veces hasta ek 90 %
hay si falto algo hasmelo saber ok
gracias