• Registrarse
  • Iniciar sesión


  • Página 2 de 2 PrimeroPrimero 12
    Resultados 11 al 14 de 14

    POsible virus pc lenta

    Hola, si ahora edito lo anterior y este es el de combofix ComboFix 13-01-22.01 - Carmen 22/01/2013 20:19:33.1.1 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.51.1033.18.1979.1049 [GMT -5:00] Running from: c:\users\Carmen\Downloads\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* ...

    1. #11
      Usuario Avatar de kerlyfm
      Registrado
      dic 2012
      Ubicación
      argentina
      Mensajes
      27

      Re: POsible virus pc lenta

      Hola, si ahora edito lo anterior y este es el de combofix

      ComboFix 13-01-22.01 - Carmen 22/01/2013 20:19:33.1.1 - x64
      Microsoft Windows 7 Home Premium 6.1.7601.1.1252.51.1033.18.1979.1049 [GMT -5:00]
      Running from: c:\users\Carmen\Downloads\ComboFix.exe
      AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
      SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
      SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      * Created a new restore point
      .
      .
      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      C:\install.exe
      C:\programfiles
      c:\programfiles\128x64x32.ini
      c:\programfiles\acdr2.ini
      c:\programfiles\svchost.exe
      c:\programfiles\vggrenew41.jar
      c:\windows\SysWow64\SET4A0C.tmp
      c:\windows\SysWow64\SET771.tmp
      c:\windows\wininit.ini
      .
      .
      ((((((((((((((((((((((((( Files Created from 2012-12-23 to 2013-01-23 )))))))))))))))))))))))))))))))
      .
      .
      2013-01-23 02:24 . 2013-01-23 02:24 -------- d-----w- c:\users\Default\AppData\Local\temp
      2013-01-23 02:23 . 2013-01-23 02:23 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6E716092-A4AF-4E14-8EAA-6DD9BFFFCDD0}\offreg.dll
      2013-01-22 14:57 . 2013-01-08 05:32 9161176 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6E716092-A4AF-4E14-8EAA-6DD9BFFFCDD0}\mpengine.dll
      2013-01-20 19:02 . 2013-01-22 19:03 -------- d-----w- C:\_AT-Destroyer
      2013-01-19 23:26 . 2013-01-19 23:26 -------- d-----w- c:\users\Carmen\AppData\Roaming\Malwarebytes
      2013-01-19 23:26 . 2013-01-19 23:26 -------- d-----w- c:\programdata\Malwarebytes
      2013-01-19 23:26 . 2013-01-19 23:26 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
      2013-01-19 23:26 . 2012-12-14 21:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
      2013-01-19 23:26 . 2013-01-19 23:26 -------- d-----w- c:\users\Carmen\AppData\Local\Programs
      2013-01-14 21:33 . 2013-01-04 15:53 9060864 ----a-w- c:\windows\system32\mshtml.dll
      2013-01-14 02:43 . 2013-01-14 02:43 -------- d-----w- C:\e739855ac47eeaa52c79f2a28a9f1ee9
      2013-01-11 03:03 . 2013-01-11 03:03 -------- d-----w- C:\b744a33be978b4c12f6aa482514627ad
      2013-01-09 16:13 . 2012-11-09 05:45 750592 ----a-w- c:\windows\system32\win32spl.dll
      2013-01-09 16:12 . 2012-12-07 11:20 23552 ----a-w- c:\windows\system32\oflc.rs
      2013-01-09 16:12 . 2012-12-07 11:19 55296 ----a-w- c:\windows\system32\cero.rs
      2013-01-09 16:12 . 2012-12-07 10:46 55296 ----a-w- c:\windows\SysWow64\cero.rs
      2013-01-09 16:12 . 2012-11-01 05:43 2002432 ----a-w- c:\windows\system32\msxml6.dll
      2013-01-09 16:12 . 2012-11-01 05:43 1882624 ----a-w- c:\windows\system32\msxml3.dll
      2013-01-09 16:12 . 2012-11-01 04:47 1389568 ----a-w- c:\windows\SysWow64\msxml6.dll
      2013-01-09 16:12 . 2012-11-01 04:47 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
      2013-01-09 16:07 . 2012-11-20 05:48 307200 ----a-w- c:\windows\system32\ncrypt.dll
      2013-01-09 16:07 . 2012-11-20 04:51 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
      2013-01-09 15:51 . 2012-11-22 05:44 800768 ----a-w- c:\windows\system32\usp10.dll
      2013-01-09 15:50 . 2012-11-22 04:45 626688 ----a-w- c:\windows\SysWow64\usp10.dll
      2013-01-09 15:23 . 2012-11-23 03:13 68608 ----a-w- c:\windows\system32\taskhost.exe
      2013-01-09 15:23 . 2012-11-23 03:26 3149824 ----a-w- c:\windows\system32\win32k.sys
      2013-01-07 18:45 . 2013-01-07 18:45 -------- d--h--w- c:\programdata\Common Files
      2013-01-07 18:45 . 2013-01-07 18:45 -------- d-----w- c:\users\Carmen\AppData\Local\Avg2013
      2013-01-07 18:45 . 2013-01-07 18:52 -------- d-----w- c:\programdata\MFAData
      2013-01-07 18:45 . 2013-01-07 18:45 -------- d-----w- c:\users\Carmen\AppData\Local\MFAData
      2013-01-06 14:09 . 2013-01-06 14:09 -------- d-----w- c:\users\Carmen\AppData\Local\Macromedia
      2013-01-06 14:04 . 2013-01-06 14:04 -------- d-----w- c:\programdata\McAfee Security Scan
      2013-01-06 14:04 . 2013-01-06 15:48 -------- d-----w- c:\program files (x86)\McAfee Security Scan
      2013-01-06 14:04 . 2013-01-09 19:28 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
      .
      .
      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2013-01-09 19:28 . 2011-12-28 21:33 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
      2012-12-16 17:11 . 2012-12-22 05:38 46080 ----a-w- c:\windows\system32\atmlib.dll
      2012-12-16 14:45 . 2012-12-22 05:38 367616 ----a-w- c:\windows\system32\atmfd.dll
      2012-12-16 14:13 . 2012-12-22 05:38 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
      2012-12-16 14:13 . 2012-12-22 05:38 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
      2012-11-30 04:45 . 2013-01-09 16:15 44032 ----a-w- c:\windows\apppatch\acwow64.dll
      2012-11-12 12:28 . 2012-12-11 22:45 1638912 ----a-w- c:\windows\system32\mshtml.tlb
      2012-11-12 11:52 . 2012-12-11 22:45 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
      2012-11-09 05:45 . 2012-12-11 22:44 2048 ----a-w- c:\windows\system32\tzres.dll
      2012-11-09 04:42 . 2012-12-11 22:44 2048 ----a-w- c:\windows\SysWow64\tzres.dll
      2012-11-02 05:59 . 2012-12-11 22:38 478208 ----a-w- c:\windows\system32\dpnet.dll
      2012-11-02 05:11 . 2012-12-11 22:38 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
      2012-10-27 06:26 . 2012-12-11 22:45 981504 ----a-w- c:\windows\SysWow64\wininet.dll
      2012-10-27 05:51 . 2012-12-11 22:45 1188864 ----a-w- c:\windows\system32\wininet.dll
      2012-10-27 05:51 . 2012-12-11 22:45 1494528 ----a-w- c:\windows\system32\urlmon.dll
      2012-10-27 05:51 . 2012-12-11 22:45 134144 ----a-w- c:\windows\system32\url.dll
      2012-10-27 05:49 . 2012-12-11 22:45 97792 ----a-w- c:\windows\system32\mshtmled.dll
      2012-10-27 05:49 . 2012-12-11 22:45 735744 ----a-w- c:\windows\system32\msfeeds.dll
      2012-10-27 05:49 . 2012-12-11 22:45 64512 ----a-w- c:\windows\system32\jsproxy.dll
      2012-10-27 05:49 . 2012-12-11 22:45 247808 ----a-w- c:\windows\system32\ieui.dll
      2012-10-27 05:49 . 2012-12-11 22:45 2453504 ----a-w- c:\windows\system32\iertutil.dll
      2012-10-27 05:49 . 2012-12-11 22:45 12295680 ----a-w- c:\windows\system32\ieframe.dll
      .
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4
      .
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "DriverScanner"="c:\program files (x86)\Uniblue\DriverScanner\launcher.exe" [2011-10-20 338296]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
      "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "ConsentPromptBehaviorAdmin"= 5 (0x5)
      "ConsentPromptBehaviorUser"= 3 (0x3)
      "EnableUIADesktopToggle"= 0 (0x0)
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
      "LoadAppInit_DLLs"=1 (0x1)
      .
      R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
      R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-08 160944]
      R3 LVcKap64;Logitech AEC Driver;c:\windows\system32\DRIVERS\LVcKap64.sys [x]
      R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [x]
      R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe [2012-09-05 234776]
      R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
      R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
      R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
      R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
      R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
      R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
      R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-05-10 51712]
      R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-13 1255736]
      R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120]
      R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
      S1 aswKbd;aswKbd; [x]
      S1 aswSnx;aswSnx; [x]
      S1 aswSP;aswSP; [x]
      S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
      S2 aswFsBlk;aswFsBlk; [x]
      S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-07-03 71064]
      S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
      S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]
      S2 HPWMISVC;HPWMISVC;c:\program files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-01-18 20480]
      S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
      S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
      S2 RtVOsdService;RtVOsdService Installer;c:\program files\Realtek\RtVOsd\RtVOsdService.exe [2010-06-24 315392]
      S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
      S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-06-23 344680]
      S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [2010-01-20 1088544]
      .
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
      2013-01-15 19:43 1606760 ----a-w- c:\program files (x86)\Google\Chrome\Application\24.0.1312.52\Installer\setup.exe
      .
      Contents of the 'Scheduled Tasks' folder
      .
      2013-01-23 c:\windows\Tasks\Adobe Flash Player Updater.job
      - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-06 19:28]
      .
      2013-01-22 c:\windows\Tasks\DriverScanner.job
      - c:\program files (x86)\Uniblue\DriverScanner\dsmonitor.exe [2011-12-22 19:43]
      .
      2013-01-22 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-550353915-1322569350-513920242-1002Core.job
      - c:\users\Carmen\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-24 22:52]
      .
      2013-01-23 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-550353915-1322569350-513920242-1002UA.job
      - c:\users\Carmen\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-24 22:52]
      .
      2013-01-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-15 00:11]
      .
      2013-01-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-15 00:11]
      .
      2012-12-30 c:\windows\Tasks\HPCeeScheduleForCarmen.job
      - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 03:15]
      .
      .
      --------- X64 Entries -----------
      .
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
      @="{472083B0-C522-11CF-8763-00608CC02F24}"
      [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
      2012-07-03 16:21 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
      .
      ------- Supplementary Scan -------
      .
      uStart Page = hxxp://www.google.com/
      uLocal Page = c:\windows\system32\blank.htm
      mLocal Page = c:\windows\SysWOW64\blank.htm
      uInternet Settings,ProxyOverride = localhost;*.local
      IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
      TCP: DhcpNameServer = 192.168.0.1
      TCP: Interfaces\{C21D6B7F-73C1-4875-9FCB-AFBD67264841}: NameServer = 8.8.8.8,8.8.4.4
      FF - ProfilePath - c:\users\Carmen\AppData\Roaming\Mozilla\Firefox\Profiles\jrc9joou.default-1342296118418\
      .
      - - - - ORPHANS REMOVED - - - -
      .
      Wow6432Node-HKCU-Run-WebCamRT.exe - (no file)
      Wow6432Node-HKLM-Run-<NO NAME> - (no file)
      AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe
      .
      .
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------
      .
      [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
      @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker5"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Shockwave Flash Object"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
      @="0"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
      @="ShockwaveFlash.ShockwaveFlash.11"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="ShockwaveFlash.ShockwaveFlash"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Macromedia Flash Factory Object"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
      @="FlashFactory.FlashFactory.1"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="FlashFactory.FlashFactory"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker5"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
      @Denied: (Full) (Everyone)
      .
      Completion time: 2013-01-22 21:28:23
      ComboFix-quarantined-files.txt 2013-01-23 02:28
      .
      Pre-Run: 161,787,355,136 bytes free
      Post-Run: 161,328,218,112 bytes free
      .
      - - End Of File - - E4FA238D96B6D7BD102E1E99C5231B88

    2. #12
      Ex-Colaborador Avatar de RevesdeLiberte
      Registrado
      feb 2010
      Ubicación
      México
      Mensajes
      7.976

      Re: POsible virus pc lenta

      Buenas.


      Des-instala MCAfee Security Scan. No olvides ir comentando los resultados.



      Realiza lo siguiente:


      Abre el Bloc de Notas.

      • Ve a Inicio > Todos los programas > Accesorios > Bloc de notas.
        • Copiar el siguiente código y pegarlo en el Bloc de notas: (No copiar la palabra "Código:")
      Código:
      KillAll::
      
      Folder::
      c:\program files (x86)\Uniblue
      C:\Users\Carmen\AppData\Roaming\Uniblue 
      C:\Program Files (x86)\PC Speed Maximizer 
      
      File::
      C:\Users\Carmen\AppData\Roaming\GhostObjGAFix.xml
      C:\Users\Carmen\AppData\Roaming\wklnhst.dat
      C:\ProgramData\ezsidmv.dat
      
      Registry::
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "DriverScanner"=-
      
      AtJob::
      c:\windows\Tasks\DriverScanner.job
      
      DDS::
      uInternet Settings,ProxyOverride = localhost;*.local
      • Vas al menú Archivo > Guardar > Escritorio y guarda el archivo como CFScript.txt


      - Antes de usar el CFScript...


      • A continuación arrastra y suelta el archivo CFScript.txt dentro del archivo ComboFix.exe como lo muestra la animación de abajo. Esto activara ComboFix nuevamente.



      *Nota* Despues del reinicio si recibes el mensaje "Intento de operacion ilegal en una clave del registro que estaba marcada para su eliminacion" reinicia nuevamente el ordenador.


      • Cuando termine generará un reporte en C:\ComboFix.txt, del cual debes pegar todo el contenido en tu siguiente respuesta. No olvides comentar como funciona el ordenador respecto al problema planteado inicialmente.





      Saludos.
      La paciencia es un árbol de raíces amargas, pero de frutos dulces.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #13
      Usuario Avatar de kerlyfm
      Registrado
      dic 2012
      Ubicación
      argentina
      Mensajes
      27

      Re: POsible virus pc lenta

      Hola, hize lo del combofix. Busque el archivo y ahi te pongo el lo que dice el reporte, espero que sea el correcto. Ahora veo que tal funciona la pc y te comento.

      ComboFix 13-01-22.01 - Carmen 29/01/2013 18:06:33.3.1 - x64
      Microsoft Windows 7 Home Premium 6.1.7601.1.1252.51.1033.18.1979.1041 [GMT -5:00]
      Running from: C:\Users\Carmen\Downloads\ComboFix.exe
      Command switches used :: C:\Users\Carmen\Desktop\CFScript.txt
      AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
      SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
      SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

      FILE ::
      "C:\ProgramData\ezsidmv.dat"
      "C:\Users\Carmen\AppData\Roaming\GhostObjGAFix.xml"
      "C:\Users\Carmen\AppData\Roaming\wklnhst.dat"


      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


      C:\Program Files (x86)\PC Speed Maximizer
      c:\program files (x86)\Uniblue
      c:\program files (x86)\Uniblue\DriverScanner\cwebpage.dll
      c:\program files (x86)\Uniblue\DriverScanner\DriverInstaller32.exe
      c:\program files (x86)\Uniblue\DriverScanner\driverscanner.exe
      c:\program files (x86)\Uniblue\DriverScanner\ds_move_serial.exe
      c:\program files (x86)\Uniblue\DriverScanner\ds_ubm.exe
      c:\program files (x86)\Uniblue\DriverScanner\dsmonitor.exe
      c:\program files (x86)\Uniblue\DriverScanner\dsnotifier.exe
      c:\program files (x86)\Uniblue\DriverScanner\InstallerExtensions.dll
      c:\program files (x86)\Uniblue\DriverScanner\intermediate_views.dat
      c:\program files (x86)\Uniblue\DriverScanner\Launcher.exe
      c:\program files (x86)\Uniblue\DriverScanner\library.dat
      c:\program files (x86)\Uniblue\DriverScanner\locale\br\br.dll
      c:\program files (x86)\Uniblue\DriverScanner\locale\br\LC_MESSAGES\messages.mo
      c:\program files (x86)\Uniblue\DriverScanner\locale\de\de.dll
      c:\program files (x86)\Uniblue\DriverScanner\locale\de\LC_MESSAGES\messages.mo
      c:\program files (x86)\Uniblue\DriverScanner\locale\dk\dk.dll
      c:\program files (x86)\Uniblue\DriverScanner\locale\dk\LC_MESSAGES\messages.mo
      c:\program files (x86)\Uniblue\DriverScanner\locale\en\en.dll
      c:\program files (x86)\Uniblue\DriverScanner\locale\en\LC_MESSAGES\messages.mo
      c:\program files (x86)\Uniblue\DriverScanner\locale\es\es.dll
      c:\program files (x86)\Uniblue\DriverScanner\locale\es\LC_MESSAGES\messages.mo
      c:\program files (x86)\Uniblue\DriverScanner\locale\fi\fi.dll
      c:\program files (x86)\Uniblue\DriverScanner\locale\fi\LC_MESSAGES\messages.mo
      c:\program files (x86)\Uniblue\DriverScanner\locale\fr\fr.dll
      c:\program files (x86)\Uniblue\DriverScanner\locale\fr\LC_MESSAGES\messages.mo
      c:\program files (x86)\Uniblue\DriverScanner\locale\gr\gr.dll
      c:\program files (x86)\Uniblue\DriverScanner\locale\gr\LC_MESSAGES\messages.mo
      c:\program files (x86)\Uniblue\DriverScanner\locale\it\it.dll
      c:\program files (x86)\Uniblue\DriverScanner\locale\it\LC_MESSAGES\messages.mo
      c:\program files (x86)\Uniblue\DriverScanner\locale\jp\jp.dll
      c:\program files (x86)\Uniblue\DriverScanner\locale\jp\LC_MESSAGES\messages.mo
      c:\program files (x86)\Uniblue\DriverScanner\locale\nl\LC_MESSAGES\messages.mo
      c:\program files (x86)\Uniblue\DriverScanner\locale\nl\nl.dll
      c:\program files (x86)\Uniblue\DriverScanner\locale\no\LC_MESSAGES\messages.mo
      c:\program files (x86)\Uniblue\DriverScanner\locale\no\no.dll
      c:\program files (x86)\Uniblue\DriverScanner\locale\pl\LC_MESSAGES\messages.mo
      c:\program files (x86)\Uniblue\DriverScanner\locale\pl\pl.dll
      c:\program files (x86)\Uniblue\DriverScanner\locale\pt\LC_MESSAGES\messages.mo
      c:\program files (x86)\Uniblue\DriverScanner\locale\pt\pt.dll
      c:\program files (x86)\Uniblue\DriverScanner\locale\ru\LC_MESSAGES\messages.mo
      c:\program files (x86)\Uniblue\DriverScanner\locale\ru\ru.dll
      c:\program files (x86)\Uniblue\DriverScanner\locale\se\LC_MESSAGES\messages.mo
      c:\program files (x86)\Uniblue\DriverScanner\locale\se\se.dll
      c:\program files (x86)\Uniblue\DriverScanner\locale\tr\LC_MESSAGES\messages.mo
      c:\program files (x86)\Uniblue\DriverScanner\locale\tr\tr.dll
      c:\program files (x86)\Uniblue\DriverScanner\locale\xs\LC_MESSAGES\messages.mo
      c:\program files (x86)\Uniblue\DriverScanner\locale\xs\xs.dll
      c:\program files (x86)\Uniblue\DriverScanner\locale\xt\LC_MESSAGES\messages.mo
      c:\program files (x86)\Uniblue\DriverScanner\locale\xt\xt.dll
      c:\program files (x86)\Uniblue\DriverScanner\Microsoft.VC90.CRT.manifest
      c:\program files (x86)\Uniblue\DriverScanner\msvcp90.dll
      c:\program files (x86)\Uniblue\DriverScanner\msvcr90.dll
      c:\program files (x86)\Uniblue\DriverScanner\unins000.dat
      c:\program files (x86)\Uniblue\DriverScanner\unins000.exe
      c:\program files (x86)\Uniblue\DriverScanner\unins000.msg
      c:\program files (x86)\Uniblue\DriverScanner\UninstallHelper.dll
      c:\program files (x86)\Uniblue\DriverScanner\views.dat
      c:\program files (x86)\Uniblue\DriverScanner\x64\DriverInstaller64.exe
      c:\program files (x86)\Uniblue\DriverScanner\x64\Microsoft.VC90.CRT.manifest
      c:\program files (x86)\Uniblue\DriverScanner\x64\msvcp90.dll
      c:\program files (x86)\Uniblue\DriverScanner\x64\msvcr90.dll
      C:\Users\Carmen\AppData\Roaming\Uniblue
      C:\Users\Carmen\AppData\Roaming\Uniblue\DriverScanner\_temp\ub.exe
      C:\Users\Carmen\AppData\Roaming\Uniblue\DriverScanner\error.log
      C:\Users\Carmen\AppData\Roaming\Uniblue\DriverScanner\monitor.log
      C:\Users\Carmen\AppData\Roaming\Uniblue\DriverScanner\settings.dat
      C:\Users\Carmen\AppData\Roaming\Uniblue\DriverScanner\ubm.dat

      ---- Previous Run -------

      C:\Program Files (x86)\Windows Live\Messenger\msacm32.dll
      C:\ProgramData\ezsidmv.dat
      C:\Users\Carmen\AppData\Roaming\GhostObjGAFix.xml
      C:\Users\Carmen\AppData\Roaming\wklnhst.dat


      ((((((((((((((((((((((((( Files Created from 2012-12-28 to 2013-01-29 )))))))))))))))))))))))))))))))


      2013-01-29 23:20:41 . 2013-01-29 23:20:41 -------- d-----w- C:\Users\Default\AppData\Local\temp
      2013-01-29 19:13:33 . 2013-01-08 05:32:08 9161176 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{65FC68B9-98B1-4349-9783-CF4B865E3870}\mpengine.dll
      2013-01-27 15:52:12 . 2013-01-27 15:52:12 -------- d-----w- C:\Program Files (x86)\Common Files\Skype
      2013-01-24 02:04:52 . 2013-01-24 02:04:52 -------- d-----w- C:\Users\Carmen\AppData\Roaming\Iminent
      2013-01-24 02:04:44 . 2013-01-24 02:04:44 -------- d-----w- C:\ProgramData\Iminent
      2013-01-24 02:04:18 . 2013-01-24 02:04:18 -------- d-----w- C:\Program Files (x86)\Common Files\Umbrella
      2013-01-24 02:04:14 . 2013-01-24 02:05:10 -------- d-----w- C:\Program Files (x86)\Iminent
      2013-01-24 02:02:49 . 2013-01-24 02:02:52 -------- d-----w- C:\Users\Carmen\AppData\Local\Ares
      2013-01-24 01:59:44 . 2013-01-24 02:02:47 -------- d-----w- C:\Program Files (x86)\Ares
      2013-01-20 19:02:48 . 2013-01-24 21:03:11 -------- d-----w- C:\_AT-Destroyer
      2013-01-19 23:26:39 . 2013-01-19 23:26:39 -------- d-----w- C:\Users\Carmen\AppData\Roaming\Malwarebytes
      2013-01-19 23:26:25 . 2013-01-19 23:26:25 -------- d-----w- C:\ProgramData\Malwarebytes
      2013-01-19 23:26:22 . 2013-01-19 23:26:31 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
      2013-01-19 23:26:22 . 2012-12-14 21:49:28 24176 ----a-w- C:\Windows\system32\drivers\mbam.sys
      2013-01-19 23:26:07 . 2013-01-19 23:26:07 -------- d-----w- C:\Users\Carmen\AppData\Local\Programs
      2013-01-14 21:33:31 . 2013-01-04 15:53:13 9060864 ----a-w- C:\Windows\system32\mshtml.dll
      2013-01-14 02:43:02 . 2013-01-14 02:43:04 -------- d-----w- C:\e739855ac47eeaa52c79f2a28a9f1ee9
      2013-01-11 03:03:36 . 2013-01-11 03:03:40 -------- d-----w- C:\b744a33be978b4c12f6aa482514627ad
      2013-01-09 16:13:22 . 2012-11-09 05:45:32 750592 ----a-w- C:\Windows\system32\win32spl.dll
      2013-01-09 16:12:59 . 2012-12-07 11:20:03 23552 ----a-w- C:\Windows\system32\oflc.rs
      2013-01-09 16:12:59 . 2012-12-07 11:19:56 55296 ----a-w- C:\Windows\system32\cero.rs
      2013-01-09 16:12:59 . 2012-12-07 10:46:36 55296 ----a-w- C:\Windows\SysWow64\cero.rs
      2013-01-09 16:12:12 . 2012-11-01 05:43:42 2002432 ----a-w- C:\Windows\system32\msxml6.dll
      2013-01-09 16:12:10 . 2012-11-01 05:43:42 1882624 ----a-w- C:\Windows\system32\msxml3.dll
      2013-01-09 16:12:09 . 2012-11-01 04:47:54 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll
      2013-01-09 16:12:09 . 2012-11-01 04:47:54 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
      2013-01-09 16:07:20 . 2012-11-20 05:48:49 307200 ----a-w- C:\Windows\system32\ncrypt.dll
      2013-01-09 16:07:20 . 2012-11-20 04:51:09 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
      2013-01-09 15:51:00 . 2012-11-22 05:44:23 800768 ----a-w- C:\Windows\system32\usp10.dll
      2013-01-09 15:50:55 . 2012-11-22 04:45:03 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
      2013-01-09 15:23:31 . 2012-11-23 03:13:57 68608 ----a-w- C:\Windows\system32\taskhost.exe
      2013-01-09 15:23:28 . 2012-11-23 03:26:31 3149824 ----a-w- C:\Windows\system32\win32k.sys
      2013-01-07 18:45:36 . 2013-01-07 18:45:36 -------- d--h--w- C:\ProgramData\Common Files
      2013-01-07 18:45:36 . 2013-01-07 18:45:36 -------- d-----w- C:\Users\Carmen\AppData\Local\Avg2013
      2013-01-07 18:45:35 . 2013-01-07 18:52:48 -------- d-----w- C:\ProgramData\MFAData
      2013-01-07 18:45:35 . 2013-01-07 18:45:35 -------- d-----w- C:\Users\Carmen\AppData\Local\MFAData
      2013-01-06 14:09:12 . 2013-01-06 14:09:12 -------- d-----w- C:\Users\Carmen\AppData\Local\Macromedia
      2013-01-06 14:04:22 . 2013-01-24 16:50:46 -------- d-----w- C:\Program Files (x86)\McAfee Security Scan
      2013-01-06 14:04:18 . 2013-01-09 19:28:08 697864 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
      .


      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

      2013-01-09 19:28:08 . 2011-12-28 21:33:17 74248 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
      2012-12-16 17:11:22 . 2012-12-22 05:38:45 46080 ----a-w- C:\Windows\system32\atmlib.dll
      2012-12-16 14:45:03 . 2012-12-22 05:38:40 367616 ----a-w- C:\Windows\system32\atmfd.dll
      2012-12-16 14:13:28 . 2012-12-22 05:38:36 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
      2012-12-16 14:13:20 . 2012-12-22 05:38:45 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
      2012-11-30 04:45:10 . 2013-01-09 16:15:38 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
      2012-11-12 12:28:37 . 2012-12-11 22:45:04 1638912 ----a-w- C:\Windows\system32\mshtml.tlb
      2012-11-12 11:52:18 . 2012-12-11 22:45:04 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
      2012-11-09 05:45:09 . 2012-12-11 22:44:18 2048 ----a-w- C:\Windows\system32\tzres.dll
      2012-11-09 04:42:49 . 2012-12-11 22:44:18 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
      2012-11-02 05:59:11 . 2012-12-11 22:38:48 478208 ----a-w- C:\Windows\system32\dpnet.dll
      2012-11-02 05:11:31 . 2012-12-11 22:38:47 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll


      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


      *Note* empty entries & legit default entries are not shown
      REGEDIT4

      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "ares"="C:\Program Files (x86)\Ares\Ares.exe" [2013-01-21 22:51:34 1097216]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
      "avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe" [2012-07-03 16:21:30 4273976]
      "Iminent"="C:\Program Files (x86)\Iminent\Iminent.exe" [2012-12-19 15:05:40 1074888]
      "IminentMessenger"="C:\Program Files (x86)\Iminent\Iminent.Messengers.exe" [2012-12-19 15:05:40 884936]

      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "ConsentPromptBehaviorAdmin"= 5 (0x5)
      "ConsentPromptBehaviorUser"= 3 (0x3)
      "EnableUIADesktopToggle"= 0 (0x0)

      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
      "LoadAppInit_DLLs"=1 (0x1)

      R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 19:27:14 138576]
      R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 2228 86072]
      R2 RtVOsdService;RtVOsdService Installer;C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [2010-06-24 19:24:12 315392]
      R2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-01-08 17:55:20 161536]
      R3 LVcKap64;Logitech AEC Driver;C:\Windows\system32\DRIVERS\LVcKap64.sys [x]
      R3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\system32\DRIVERS\LVPr2M64.sys [x]
      R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 20:35:28 5434368]
      R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys [x]
      R3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 21:01:11 292864]
      R3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 21:01:11 1485312]
      R3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 21:01:11 740864]
      R3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 11:07:05 59392]
      R3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys [2011-05-10 12:06:08 51712]
      R3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe [2010-12-13 02:46:20 1255736]
      R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys [2009-06-10 20:35:33 389120]
      R4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 2310 57184]
      S1 aswKbd;aswKbd; [x]
      S1 aswSnx;aswSnx; [x]
      S1 aswSP;aswSP; [x]
      S2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 02:14:26 98208]
      S2 aswFsBlk;aswFsBlk; [x]
      S2 aswMonFlt;aswMonFlt;C:\Windows\system32\drivers\aswMonFlt.sys [2012-07-03 16:21:52 71064]
      S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 21:07:50 94264]
      S2 HPWMISVC;HPWMISVC;C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-01-18 22:04:08 20480]
      S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 21:49:28 398184]
      S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 21:49:28 682344]
      S2 SProtection;SProtection;C:\Program Files (x86)\Common Files\Umbrella\Umbrella.exe [2012-12-14 14:57:16 2620016]
      S3 MBAMProtector;MBAMProtector;C:\Windows\system32\drivers\mbam.sys [2012-12-14 21:49:28 24176]
      S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-06-23 1356 344680]
      S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\Windows\system32\DRIVERS\rtl8192se.sys [2010-01-20 01:55:34 1088544]


      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
      2013-01-25 20:50:16 1607120 ----a-w- C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.56\Installer\chrmstp.exe

      Contents of the 'Scheduled Tasks' folder

      2013-01-29 C:\Windows\Tasks\Adobe Flash Player Updater.job
      - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-06 14:04:18 . 2013-01-09 19:28:09]

      2013-01-29 C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-550353915-1322569350-513920242-1002Core.job
      - C:\Users\Carmen\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-24 12:46:05 . 2012-07-11 22:52:10]

      2013-01-29 C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-550353915-1322569350-513920242-1002UA.job
      - C:\Users\Carmen\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-24 12:46:05 . 2012-07-11 22:52:10]

      2013-01-29 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
      - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-15 00:11:54 . 2012-03-15 00:11:41]

      2013-01-29 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
      - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-15 00:11:54 . 2012-03-15 00:11:41]

      2013-01-27 C:\Windows\Tasks\HPCeeScheduleForCarmen.job
      - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 03:15:40 . 2010-09-14 03:15:40]


      --------- X64 Entries -----------


      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
      @="{472083B0-C522-11CF-8763-00608CC02F24}"
      [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
      2012-07-03 16:21:16 133400 ----a-w- C:\Program Files\AVAST Software\Avast\ashShA64.dll

      ------- Supplementary Scan -------

      uStart Page = Google
      uLocal Page = C:\Windows\system32\blank.htm
      mStart Page = Google
      mLocal Page = C:\Windows\SysWOW64\blank.htm
      IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
      TCP: DhcpNameServer = 192.168.0.1
      TCP: Interfaces\{C21D6B7F-73C1-4875-9FCB-AFBD67264841}: NameServer = 8.8.8.8,8.8.4.4
      FF - ProfilePath - C:\Users\Carmen\AppData\Roaming\Mozilla\Firefox\Profiles\jrc9joou.default-1342296118418\
      FF - prefs.js: browser.search.selectedEngine - Wikipedia (en)
      FF - ExtSQL: 2013-01-23 21:04; [email protected]; C:\Program Files (x86)\Iminent\[email protected]
      FF - ExtSQL: 2013-01-24 09:52; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; C:\Users\Carmen\AppData\Roaming\Mozilla\Firefox\Profiles\jrc9joou.default-1342296118418\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

      - - - - ORPHANS REMOVED - - - -

      Wow6432Node-HKLM-Run-<NO NAME> - (no file)
      AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - C:\Program Files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe
      AddRemove-{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1 - C:\Program Files (x86)\Uniblue\DriverScanner\unins000.exe

    4. #14
      Ex-Colaborador Avatar de RevesdeLiberte
      Registrado
      feb 2010
      Ubicación
      México
      Mensajes
      7.976

      Re: POsible virus pc lenta

      Hola.


      Pegaste el reporte de ComboFix incompleto. Por favor pegalo completo y coméntame como va todo ahora.


      La paciencia es un árbol de raíces amargas, pero de frutos dulces.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    Página 2 de 2 PrimeroPrimero 12