|
|
Mi pc esta muy lenta creo que esta infectada pase el combofix
Este es un debate sobre Mi pc esta muy lenta creo que esta infectada pase el combofix escrito en el foro Foro de Virus y Spywares, parte de la categoria Seguridad informatica ; mi pc esta muy lenta creo que esta infectada pase el combofis y me sale esto ComboFix 08-01-23.2 - User ...
| Foro de Virus y Spywares Foro dedicado a la Ayuda con Malware: Virus - Spywares - Troyanos - Adwares - Worms - Hijackers - Dialers - Rootkits - Keylogger - etc. Expón el problema en este foro. |
 |
|
|
Herramientas | Desplegado |
|
#1
23-feb-2008, 05:02
|
|||
|
|||
 ComboFix 08-01-23.2 - User 2008-02-21 15:36:15.4 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.487 [GMT 0:00] Running from: C:\Documents and Settings\User\Desktop\ComboFix.exe WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((( Files Created from 2007-12-23 to 2008-01-23 ))))))))))))))))))))))))))))))) . 2008-01-23 15:29 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\Nircmd.exe 2008-01-21 20:44 . 2008-01-21 20:44 268 --ah----- C:\sqmdata07.sqm 2008-01-21 20:44 . 2008-01-21 20:44 244 --ah----- C:\sqmnoopt07.sqm 2008-01-20 21:53 . 2008-01-20 21:53 <DIR> d-------- C:\Program Files\MSXML 6.0 2008-01-20 21:44 . 2008-01-20 21:44 <DIR> d-------- C:\Program Files\MSXML 4.0 2008-01-20 14:59 . 2008-01-20 14:59 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab 2008-01-20 12:57 . 2008-01-20 12:57 <DIR> d-------- C:\Program Files\SigmaTel 2008-01-20 12:57 . 2008-01-20 12:57 <DIR> d-------- C:\Program Files\Sierra 2008-01-20 12:57 . 2008-01-20 12:57 <DIR> d-------- C:\Program Files\HP 2008-01-20 12:57 . 2008-01-20 12:57 <DIR> d-------- C:\Program Files\Hewlett-Packard 2008-01-20 12:57 . 2008-01-20 12:57 <DIR> d-------- C:\PatchTrlm14RevB 2008-01-20 12:57 . 2008-01-20 12:57 <DIR> d-------- C:\Kontiki 2008-01-20 12:03 . 2008-01-20 12:03 <DIR> d-------- C:\Program Files\Disk Space Visualizer 2008-01-20 11:34 . 2002-12-29 01:14 81,920 --a------ C:\WINDOWS\system32\Startup.cpl 2008-01-17 20:07 . 2008-01-17 20:07 <DIR> d-------- C:\Program Files\Windows Defender 2008-01-16 00:05 . 2008-01-16 00:06 <DIR> d-------- C:\WINDOWS\ERUNT 2008-01-13 17:53 . 2008-01-13 17:53 <DIR> d-------- C:\Program Files\Java 2008-01-13 17:53 . 2008-01-13 17:53 <DIR> d-------- C:\Program Files\Common Files\Java 2008-01-13 17:53 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl 2007-12-28 00:46 . 2007-12-28 14:54 20 --a------ C:\WINDOWS\system32\Rmvirus.lst 2007-12-27 13:17 . 2005-09-23 08:29 626,688 --a------ C:\WINDOWS\system32\msvcr80.dll 2007-12-25 18:11 . 2005-05-26 15:34 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll 2007-12-25 17:55 . 2007-12-25 17:55 <DIR> d-------- C:\Program Files\Microsoft Games . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) )) . 2008-01-20 21:46 --------- d-----w C:\Program Files\Microsoft IntelliPoint 2008-01-20 12:30 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-01-20 12:27 --------- d-----w C:\Program Files\Common Files\Adobe 2008-01-20 12:13 --------- d-----w C:\Program Files\DivX 2008-01-17 23:01 --------- d-----w C:\Program Files\Common Files\Real 2008-01-13 17:30 --------- d-----w C:\Program Files\REGSHAVE 2008-01-13 17:30 --------- d-----w C:\Program Files\QuickTime 2008-01-06 20:54 --------- d-----w C:\Program Files\Maxis 2008-01-06 19:23 158,208 ----a-w C:\WINDOWS\pchealth\helpctr\bi naries\msconfig.exe 2008-01-05 23:31 150,528 -c--a-w C:\WINDOWS\pchealth\UploadLB\B inaries\UploadM.exe 2008-01-05 20:26 9,728 -c--a-w C:\WINDOWS\inf\unregpn.exe 2008-01-05 20:22 93,184 -c----r C:\WINDOWS\VIEW32.EXE 2008-01-05 20:22 86,016 -c--a-w C:\WINDOWS\unvise32qt.exe 2008-01-05 20:22 73,216 ----a-w C:\WINDOWS\ST6UNST.EXE 2008-01-05 20:22 45,568 ----a-w C:\WINDOWS\UniFish3.exe 2008-01-05 20:22 41,984 -c--a-w C:\WINDOWS\Ctregrun.exe 2008-01-05 20:22 33,280 -c--a-w C:\WINDOWS\DXTool.exe 2008-01-05 20:22 299,520 -c--a-w C:\WINDOWS\uninst.exe 2008-01-05 20:22 26,624 -c--a-w C:\WINDOWS\TBZoom.exe 2008-01-05 20:22 25,600 -c--a-w C:\WINDOWS\twunk_32.exe 2008-01-05 20:22 249,856 ----a-w C:\WINDOWS\Setup1.exe 2008-01-05 20:22 204,800 -c--a-w C:\WINDOWS\alcupd.exe 2008-01-05 20:22 2,058,752 -c--a-w C:\WINDOWS\QT32INST.EXE 2008-01-05 20:22 169,472 -c--a-w C:\WINDOWS\QTW32DEL.EXE 2008-01-05 20:22 165,888 -c--a-w C:\WINDOWS\CTDelLau.exe 2008-01-05 20:22 151,552 -c--a-w C:\WINDOWS\CTDEL.EXE 2008-01-05 20:22 15,360 -c--a-w C:\WINDOWS\TASKMAN.EXE 2008-01-05 20:22 107,008 -c--a-w C:\WINDOWS\PLAY32.EXE 2008-01-05 20:21 135,168 -c--a-w C:\WINDOWS\alcrmv.exe 2008-01-05 19:02 94,208 -c--a-w C:\WINDOWS\ScUnin.exe 2008-01-05 19:02 306,688 ----a-w C:\WINDOWS\IsUninst.exe 2008-01-05 19:02 --------- d-----w C:\Program Files\Railroad Tycoon II 2008-01-03 19:10 99,840 -c--a-w C:\WINDOWS\pchealth\helpctr\bi naries\HelpHost.exe 2008-01-03 19:10 743,936 ----a-w C:\WINDOWS\pchealth\helpctr\bi naries\HelpSvc.exe 2008-01-03 19:10 35,328 -c--a-w C:\WINDOWS\pchealth\helpctr\bi naries\notiflag.exe 2008-01-03 19:10 18,944 -c--a-w C:\WINDOWS\pchealth\helpctr\bi naries\HscUpd.exe 2008-01-03 19:10 158,208 ----a-w C:\WINDOWS\pchealth\helpctr\bi naries\MSConfig .exe 2008-01-03 19:05 98,304 -c--a-w C:\WINDOWS\system32\verifier.exe 2008-01-03 19:05 8,704 -c--a-w C:\WINDOWS\system32\wdfmgr.exe 2008-01-03 19:05 8,704 -c--a-w C:\WINDOWS\system32\uwdf.exe 2008-01-03 19:05 77,824 -c--a-w C:\WINDOWS\system32\usrmlnka.exe 2008-01-03 19:05 69,632 -c--a-w C:\WINDOWS\system32\usrshuta.exe 2008-01-03 19:05 65,536 -c--a-w C:\WINDOWS\system32\wextract.exe 2008-01-03 19:05 61,440 -c--a-w C:\WINDOWS\system32\usrprbda.exe 2008-01-03 19:05 5,632 -c--a-w C:\WINDOWS\system32\winver.exe 2008-01-03 19:05 5,632 ----a-w C:\WINDOWS\system32\write.exe 2008-01-03 19:05 49,664 -c--a-w C:\WINDOWS\system32\w32tm.exe 2008-01-03 19:05 47,104 -c--a-w C:\WINDOWS\system32\WRKGADM.EXE 2008-01-03 19:05 33,792 -c--a-w C:\WINDOWS\system32\vssadmin.exe 2008-01-03 19:05 32,256 -c--a-w C:\WINDOWS\system32\wpabaln.exe 2008-01-03 19:05 30,720 -c--a-w C:\WINDOWS\system32\xcopy.exe 2008-01-03 19:05 17,408 -c--a-w C:\WINDOWS\system32\wpdshextautopla y.exe 2008-01-03 19:05 146,432 ----a-w C:\WINDOWS\system32\WudfHost.exe 2008-01-03 19:05 13,824 -c--a-w C:\WINDOWS\system32\wscntfy.exe 2008-01-03 19:05 119,808 ----a-w C:\WINDOWS\system32\winmine.exe 2008-01-03 19:05 11,776 -c--a-w C:\WINDOWS\system32\winmsd.exe 2008-01-03 19:00 9,216 -c--a-w C:\WINDOWS\system32\subst.exe 2008-01-03 19:00 75,264 -c--a-w C:\WINDOWS\system32\telnet.exe 2008-01-03 19:00 679,936 -c--a-w C:\WINDOWS\system32\sstext3d.scr 2008-01-03 19:00 63,488 -c--a-w C:\WINDOWS\system32\unam4ie.exe 2008-01-03 19:00 610,304 -c--a-w C:\WINDOWS\system32\sspipes.scr 2008-01-03 19:00 51,200 -c--a-w C:\WINDOWS\system32\syncapp.exe 2008-01-03 19:00 47,104 -c--a-w C:\WINDOWS\system32\ssmypics.scr 2008-01-03 19:00 45,056 ----a-w C:\WINDOWS\system32\UninstallBeetle .exe 2008-01-03 19:00 44,544 -c--a-w C:\WINDOWS\system32\tscupgrd.exe 2008-01-03 19:00 4,096 -c--a-w C:\WINDOWS\system32\unlodctr.exe 2008-01-03 19:00 36,864 -c--a-w C:\WINDOWS\system32\syskey.exe 2008-01-03 19:00 31,744 -c--a-w C:\WINDOWS\system32\tracert6.exe 2008-01-03 19:00 3,072 -c--a-w C:\WINDOWS\system32\systray.exe 2008-01-03 19:00 20,992 -c--a-w C:\WINDOWS\system32\ssmarque.scr 2008-01-03 19:00 19,456 -c--a-w C:\WINDOWS\system32\tcpsvcs.exe 2008-01-03 19:00 18,944 -c--a-w C:\WINDOWS\system32\ssmyst.scr 2008-01-03 19:00 16,896 -c--a-w C:\WINDOWS\system32\tsshutdn.exe 2008-01-03 19:00 16,896 -c--a-w C:\WINDOWS\system32\tftp.exe 2008-01-03 19:00 16,384 -c--a-w C:\WINDOWS\system32\tskill.exe 2008-01-03 19:00 15,360 -c--a-w C:\WINDOWS\system32\taskman.exe 2008-01-03 19:00 14,848 -c--a-w C:\WINDOWS\system32\tsdiscon.exe 2008-01-03 19:00 14,848 -c--a-w C:\WINDOWS\system32\tscon.exe 2008-01-03 19:00 14,848 -c--a-w C:\WINDOWS\system32\stimon.exe 2008-01-03 19:00 14,336 -c--a-w C:\WINDOWS\system32\ssstars.scr 2008-01-03 19:00 12,288 -c--a-w C:\WINDOWS\system32\tracert.exe 2008-01-03 19:00 12,288 -c--a-w C:\WINDOWS\system32\tcmsetup.exe 2008-01-03 19:00 105,984 -c--a-w C:\WINDOWS\system32\sysocmgr.exe 2008-01-03 18:59 9,728 -c--a-w C:\WINDOWS\system32\sfc.exe 2008-01-03 18:59 9,728 -c--a-w C:\WINDOWS\system32\reset.exe 2008-01-03 18:59 9,216 -c--a-w C:\WINDOWS\system32\scrnsave.scr 2008-01-03 18:59 8,192 -c--a-w C:\WINDOWS\system32\smbinst.exe 2008-01-03 18:59 77,824 -c--a-w C:\WINDOWS\system32\shrpubw.exe 2008-01-03 18:59 77,312 -c--a-w C:\WINDOWS\system32\sdbinst.exe 2008-01-03 18:59 77,312 -c--a-w C:\WINDOWS\system32\rtcshare.exe 2008-01-03 18:59 704,512 -c--a-w C:\WINDOWS\system32\ss3dfo.scr 2008-01-03 18:59 70,144 -c--a-w C:\WINDOWS\system32\sigverif.exe 2008-01-03 18:59 7,168 -c--a-w C:\WINDOWS\system32\recover.exe 2008-01-03 18:59 67,072 -c--a-w C:\WINDOWS\system32\rdshost.exe 2008-01-03 18:59 62,464 -c--a-w C:\WINDOWS\system32\rdpclip.exe 2008-01-03 18:59 56,832 ----a-w C:\WINDOWS\system32\sol.exe 2008-01-03 18:59 538,624 ----a-w C:\WINDOWS\system32\spider.exe 2008-01-03 18:59 50,176 -c--a-w C:\WINDOWS\system32\reg.exe 2008-01-03 18:59 49,152 -c--a-w C:\WINDOWS\system32\rsmui.exe 2008-01-03 18:59 49,152 -c--a-w C:\WINDOWS\system32\rsm.exe 2007-06-17 07:43 44,544 --sha-w C:\WINDOWS\system32\drwaton.exe . Código:
<pre> ----a-w********** 158,208 2008-01-03 19:10:52**C:\WINDOWS\pchealth\helpctr\binaries\MSConfig .exe </pre> ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft� 92;Windows\CurrentVersion\Run] "NvCplDaemon"="C:\WINDOWS\system32\ NvCpl.dll" [2006-06-01 17:22 7618560] "nwiz"="nwiz.exe" [2008-01-03 16:02 1519616 C:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="C:\WINDOWS\system32	 2;NvMcTray.dll" [2006-06-01 17:22 86016] "LVCOMSX"="C:\WINDOWS\system32\LVCO MSX.EXE" [ ] "BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 12:00 110592 C:\WINDOWS\system32\bthprops.cpl] "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-11-03 19:20 866584] [HKEY_LOCAL_MACHINE\system\currentcontrol set\control\securityproviders] SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, wowfx.dll [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^autorun.exe] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\autorun.exe backup=C:\WINDOWS\pss\autorun.exeCo mmon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Find Fast.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Find Fast.lnk backup=C:\WINDOWS\pss\Microsoft Find Fast.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^User^Start Menu^Programs^Startup^findfast .exe] path=C:\Documents and Settings\User\Start Menu\Programs\Startup\findfast .exe backup=C:\WINDOWS\pss\findfast .exeStartup [HKLM\~\startupfolder\C:^Documents and Settings^User^Start Menu^Programs^Startup^findfast .exe] path=C:\Documents and Settings\User\Start Menu\Programs\Startup\findfast .exe backup=C:\WINDOWS\pss\findfast .exeStartup [HKLM\~\startupfolder\C:^Documents and Settings^User^Start Menu^Programs^Startup^findfast.exe] path=C:\Documents and Settings\User\Start Menu\Programs\Startup\findfast.exe backup=C:\WINDOWS\pss\findfast.exeS tartup [HKLM\~\startupfolder\C:^Documents and Settings^User^Start Menu^Programs^Startup^UDPixel.lnk] path=C:\Documents and Settings\User\Start Menu\Programs\Startup\UDPixel.lnk backup=C:\WINDOWS\pss\UDPixel.lnkSt artup [HKEY_LOCAL_MACHINE\software\microsoft� 92;shared tools\msconfig\startupreg\4oD] C:\Program Files\Kontiki\KHost.exe [HKEY_LOCAL_MACHINE\software\microsoft� 92;shared tools\msconfig\startupreg\avp] C:\WINDOWS\TEMP\win1F2E .exe [HKEY_LOCAL_MACHINE\software\microsoft� 92;shared tools\msconfig\startupreg\CaAvTray] C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVTray.exe [HKEY_LOCAL_MACHINE\software\microsoft� 92;shared tools\msconfig\startupreg\CAVRID] C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVRID.exe [HKEY_LOCAL_MACHINE\software\microsoft� 92;shared tools\msconfig\startupreg\CTDrive] C:\WINDOWS\system32\drvxes.dll [HKEY_LOCAL_MACHINE\software\microsoft� 92;shared tools\msconfig\startupreg\HP Component Manager] C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [HKEY_LOCAL_MACHINE\software\microsoft� 92;shared tools\msconfig\startupreg\HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [HKEY_LOCAL_MACHINE\software\microsoft� 92;shared tools\msconfig\startupreg\HPHmon06] [HKEY_LOCAL_MACHINE\software\microsoft� 92;shared tools\msconfig\startupreg\HPHUPD06] [HKEY_LOCAL_MACHINE\software\microsoft� 92;shared tools\msconfig\startupreg\kdx] C:\Program Files\Kontiki\KHost.exe [HKEY_LOCAL_MACHINE\software\microsoft� 92;shared tools\msconfig\startupreg\letqzsbm] C:\Program Files\letqzsbm\ponefefu.dll [HKEY_LOCAL_MACHINE\software\microsoft� 92;shared tools\msconfig\startupreg\Load] C:\WINDOWS\system32\jkkli.exe [HKEY_LOCAL_MACHINE\software\microsoft� 92;shared tools\msconfig\startupreg\lsass] C:\WINDOWS\lsass .exe [HKEY_LOCAL_MACHINE\software\microsoft� 92;shared tools\msconfig\startupreg\NapsterSh ell] C:\Program Files\Napster\napster.exe [HKEY_LOCAL_MACHINE\software\microsoft� 92;shared tools\msconfig\startupreg\Printer] C:\WINDOWS\system32\printer.exe [HKEY_LOCAL_MACHINE\software\microsoft� 92;shared tools\msconfig\startupreg\smgr] [HKEY_LOCAL_MACHINE\software\microsoft� 92;shared tools\msconfig\startupreg\Spoolsv] C:\WINDOWS\system32\spoolvs.exe [HKEY_LOCAL_MACHINE\software\microsoft� 92;shared tools\msconfig\startupreg\WMC_AutoU pdate] [HKEY_LOCAL_MACHINE\software\microsoft� 92;shared tools\msconfig\startupreg\xanatkbc] regsvr32 /u C:\Documents and Settings\All Users\Application Data\xanatkbc.dll [HKEY_LOCAL_MACHINE\software\microsoft� 92;shared tools\msconfig\services] "Spooler"=2 (0x2) R1 CTSYN;Creative S/W Synth;C:\WINDOWS\system32\drivers&# 092;CTSYN.SYS [1999-06-16 01:00] S3 gel90xne;gel90xne;C:\DOCUME~1\User\ LOCALS~1\Temp\gel90xne.sys [] S4 avp ;avp ;"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp .exe" [] S4 avp ;avp ;"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp .exe" [] [HKEY_CURRENT_USER\software\microsoft	 2;windows\currentversion\explorer\m ountpoints2\E] \Shell\AutoRun\command - E:\autorun.exe \Shell\setup\command - E:\setup.exe . Contents of the 'Scheduled Tasks' folder "2008-01-17 00:00:00 C:\WINDOWS\Tasks\At1.job" - C:\WINDOWS\system32\0KK8DX4O.ex e "2008-01-20 09:00:00 C:\WINDOWS\Tasks\At10.job" - C:\WINDOWS\system32\0KK8DX4O.ex e "2008-01-20 10:00:00 C:\WINDOWS\Tasks\At11.job" - C:\WINDOWS\system32\0KK8DX4O.ex e "2008-01-20 11:00:00 C:\WINDOWS\Tasks\At12.job" - C:\WINDOWS\system32\0KK8DX4O.ex e "2008-01-20 12:00:00 C:\WINDOWS\Tasks\At13.job" - C:\WINDOWS\system32\0KK8DX4O.ex e "2008-01-20 13:00:02 C:\WINDOWS\Tasks\At14.job" - C:\WINDOWS\system32\0KK8DX4O.ex e "2008-01-20 14:00:00 C:\WINDOWS\Tasks\At15.job" - C:\WINDOWS\system32\0KK8DX4O.ex e "2008-01-20 15:00:00 C:\WINDOWS\Tasks\At16.job" - C:\WINDOWS\system32\0KK8DX4O.ex e "2008-01-20 16:00:00 C:\WINDOWS\Tasks\At17.job" - C:\WINDOWS\system32\0KK8DX4O.ex e "2008-01-21 17:00:00 C:\WINDOWS\Tasks\At18.job" - C:\WINDOWS\system32\0KK8DX4O.ex e "2008-01-22 18:00:00 C:\WINDOWS\Tasks\At19.job" - C:\WINDOWS\system32\0KK8DX4O.ex e "2008-01-17 01:00:00 C:\WINDOWS\Tasks\At2.job" - C:\WINDOWS\system32\0KK8DX4O.ex e "2008-01-22 19:00:00 C:\WINDOWS\Tasks\At20.job" - C:\WINDOWS\system32\0KK8DX4O.ex e "2008-01-22 20:00:00 C:\WINDOWS\Tasks\At21.job" - C:\WINDOWS\system32\0KK8DX4O.ex e "2008-01-22 21:00:00 C:\WINDOWS\Tasks\At22.job" - C:\WINDOWS\system32\0KK8DX4O.ex e "2008-01-22 22:00:00 C:\WINDOWS\Tasks\At23.job" - C:\WINDOWS\system32\0KK8DX4O.ex e "2008-01-16 23:00:00 C:\WINDOWS\Tasks\At24.job" - C:\WINDOWS\system32\0KK8DX4O.ex e "2008-01-09 02:00:01 C:\WINDOWS\Tasks\At3.job" - C:\WINDOWS\system32\0KK8DX4O.ex e "2008-01-09 03:00:00 C:\WINDOWS\Tasks\At4.job" - C:\WINDOWS\system32\0KK8DX4O.ex e "2007-12-29 04:01:30 C:\WINDOWS\Tasks\At5.job" - C:\WINDOWS\system32\0KK8DX4O.ex e "2007-09-30 04:00:00 C:\WINDOWS\Tasks\At6.job" - C:\WINDOWS\system32\0KK8DX4O.ex e "2007-09-30 05:00:00 C:\WINDOWS\Tasks\At7.job" - C:\WINDOWS\system32\0KK8DX4O.ex e "2007-11-28 07:00:00 C:\WINDOWS\Tasks\At8.job" - C:\WINDOWS\system32\0KK8DX4O.ex e "2007-10-23 07:00:00 C:\WINDOWS\Tasks\At9.job" - C:\WINDOWS\system32\0KK8DX4O.ex e "2008-01-23 15:24:56 C:\WINDOWS\Tasks\MP Scheduled Scan.job" - C:\Program Files\Windows Defender\MpCmdRun.exe . ************************************************** ************************ catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-01-23 15:37:08 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************** ************************ . ayudaaaa!!!!! |
|
#2
23-feb-2008, 13:53
|
|||
|
|||
|
Descarga el programa HijackThis 2.0.2
y colócalo en una carpeta propia para el HijackThis (por ejemplo una carpeta C:\HijackThis\  . Ejecútalo y presiona el botón "Do a system scan and save a logfile"; el programa realizará el escaneo e inmediatamente generará el Log, sólo te pedira el nombre del archivo y su ubicación, puedes simplemente guardarlo así como está. Se abrirá el Bloc de Notas, copia todo el contenido y pégalo como respuesta a este tema.Una vez descargado, da doble click en el icono del HijackThis.exe. Primero da click en el botón "Config", y aparecerán 7 opciones . Fíjate que no estén tildadas la primera ( “Mark everything found for fixing alter scan”) y la última (“Run Hijack This scan at startup and show it ítems are fond”).Luego presiona "Back" Para empezar el escaneo de posibles hijackers, clickea en el botón "Scan". Se te presentará una lista con todos los elementos encontrados por el programa . y sube su log, por cierto no pases el combofix sino te lo manda pasar nadie, ya que es una herramineta muy potente pero elimina cosas tambien de windows, asi que empecemos por partes, vale
|
|
| Marcadores |
| Etiquetas |
| combofix, creo, infectada, lenta |
«
Tema Anterior
|
Próximo Tema
»
| Herramientas | |
| Desplegado | |
Mode Lineal
|
|
|
||||
| Tema | Autor | Foro | Respuestas | Último mensaje |
| Ya está el Log | Sikamikaniko | Logs de HijackThis | 7 | 02-sep-2008 21:07 |
| Esta muy lenta mi PC | aries65 | Logs de HijackThis | 9 | 01-jun-2008 18:24 |
| Microsoft liberara una version de prueba de Windows 7 esta semana | marga | Noticias | 0 | 26-may-2008 19:51 |
| Windows Vista SP1… ya está disponible desde las actualizaciones automáticas | marga | Noticias | 0 | 24-abr-2008 16:19 |
| Aqui esta mi log | CapoCañonero | Logs de HijackThis | 1 | 31-dic-2007 15:49 |
La franja horaria es GMT +2. Ahora son las 05:08.