Hola!

Registrándote como bakuno podrás publicar, compartir y comunicarte en privado con otros bakuos :D

Regístrame ya!

ayuda con mi compu pliss

  • Autor de tema Autor de tema zed12
  • Fecha de inicio Fecha de inicio
Z

zed12

Bovino adolescente
Desde
15 Feb 2009
Mensajes
87
bueno bros le platico q de repente me di cuenta q mi compu esta consumiendo el
100% de procesos

cargo una web algun programa y se me eleva el proceso del cpu al 100% no manches no se por q si mi tarjeta madre es una pchips p53g core 2 duo e4500 soque 775 me consume 1.23 bg de ram y tengo 4 de ram y una tarjeta de video de 512 mb
y el uso del cpu cuando hago algo llega aveces al 100 % no mamches creo q es un virus o algo o sera mi procesador no se pero toy vien preocupado
tenia win xp pero lo pase a vista de 32 bits y aora estoy viendo esos problemas
alguien q me pueda ayudar con mi compu por favor
 
Debe de ser un virus cheqa eso primero y comentas si ese era el problema o persiste

Saludos
 
tengo el kav version 7 actualisado y ya le pase el scan y no me detecto nada
no se q tipo de antivirus o programa meterle para ver si me lo detecta
alguna sugerencia

vi los procesos
y lo raro q no te q al abrir una ventana de internet explorer en los procesos me abre 3 internet explores y de los 3 uno me consume el 46.57 kb y de hay el q le sigue es el explorador con 20 kb lo raro es q no mas tengo abierta una ventana de internet y me abre 3 procesos del mismo

bueno me baje el ad-ware y este es el reporte
ogfile created: 04/10/2009 10:18:33
Lavasoft Ad-Aware version: 8.0.8
Extended engine version: 8.1
User performing scan: ANGEL
*********************** Definitions database information ***********************
Lavasoft definition file: 149.63
Extended engine definition file: 8.1
******************************** Scan results: *********************************
Scan profile name: Análisis completo (ID: full)
Objects scanned: 190606
Objects detected: 29

Type Detected
==========================
Processes.......: 0
Registry entries: 0
Hostfile entries: 0
Files...........: 12
Folders.........: 0
LSPs............: 0
Cookies.........: 17
Browser hijacks.: 0
MRU objects.....: 0

Removed items:
Description: *atdmt* Family Name: Cookies Clean status: Success Item ID: 408910 Family ID: 0
Description: *2o7* Family Name: Cookies Clean status: Success Item ID: 408943 Family ID: 0
Description: *ad.yieldmanager* Family Name: Cookies Clean status: Success Item ID: 409172 Family ID: 0
Description: *pointroll* Family Name: Cookies Clean status: Success Item ID: 408826 Family ID: 0
Description: *ads.pointroll* Family Name: Cookies Clean status: Success Item ID: 408927 Family ID: 0
Description: *adserv* Family Name: Cookies Clean status: Success Item ID: 408921 Family ID: 0
Description: *apmebf* Family Name: Cookies Clean status: Success Item ID: 409163 Family ID: 0
Description: *atdmt* Family Name: Cookies Clean status: Success Item ID: 408910 Family ID: 0
Description: *bs.serving-sys* Family Name: Cookies Clean status: Success Item ID: 408902 Family ID: 0
Description: *serving-sys* Family Name: Cookies Clean status: Success Item ID: 409130 Family ID: 0
Description: *doubleclick* Family Name: Cookies Clean status: Success Item ID: 408875 Family ID: 0
Description: *hitbox* Family Name: Cookies Clean status: Success Item ID: 408858 Family ID: 0
Description: *.hitbox* Family Name: Cookies Clean status: Success Item ID: 409072 Family ID: 0
Description: *mediaplex* Family Name: Cookies Clean status: Success Item ID: 408991 Family ID: 0
Description: *overture* Family Name: Cookies Clean status: Success Item ID: 408834 Family ID: 0
Description: *tradedoubler* Family Name: Cookies Clean status: Success Item ID: 408964 Family ID: 0
Description: *atdmt* Family Name: Cookies Clean status: Success Item ID: 408910 Family ID: 0
Quarantined items:
Description: D:\System Volume Information\_restore{B78BC917-4B05-4C5C-B04A-1CDFAFB25519}\RP100\A0003417.exe Family Name: Win32.Adware.EShoper Clean status: Success Item ID: 399820 Family ID: 4990
Description: D:\System Volume Information\_restore{3E32B52D-E6E4-441D-A37E-98FD5E8758E7}\RP16\A0001213.exe Family Name: Win32.Backdoor.PcClient Clean status: Success Item ID: 1436297 Family ID: 822
Description: D:\respaldo usb\vista activacion\Activation.exe Family Name: Win32.Trojan.Agent Clean status: Success Item ID: 177492 Family ID: 936
Description: D:\System Volume Information\_restore{B78BC917-4B05-4C5C-B04A-1CDFAFB25519}\RP113\A0004351.exe Family Name: Win32.Trojan.Agent Clean status: Success Item ID: 553887 Family ID: 936
Description: D:\respaldo usb\cs3 keygen\CS3 Keygen Collection\InDesign CS3 VLK.exe Family Name: Win32.Trojan.Downloader Clean status: Success Item ID: 198969 Family ID: 952
Description: D:\System Volume Information\_restore{3E32B52D-E6E4-441D-A37E-98FD5E8758E7}\RP16\A0001219.exe Family Name: Win32.Trojan.Downloader Clean status: Success Item ID: 198969 Family ID: 952
Description: D:\respaldo usb\vista activacion\Activador_Vista-ALL-by-pelucas95\Activador Vista-ALL.EXE Family Name: Win32.Trojan.Monder Clean status: Success Item ID: 391472 Family ID: 3235
Description: C:\Downloads\AIO.Sly.Soft.2009.cargohe\AIO .Sly.Soft.2009.cargohe\AutoPlay\Docs\CloneDVD 2.9.2.0\KEYGEN SND\CloneDVD2Keygen.exe Family Name: Win32.Trojan.Renaz Clean status: Success Item ID: 1187125 Family ID: 564948
Description: C:\Users\ANGEL\AppData\Local\Temp\RarSFX2\data\XP\ia64.btm Family Name: Win32.Trojan.Wpakill Clean status: Success Item ID: 935881 Family ID: 935879
Description: D:\System Volume Information\_restore{3E32B52D-E6E4-441D-A37E-98FD5E8758E7}\RP16\A0001214.exe Family Name: Win32.TrojanPWS.Agent Clean status: Success Item ID: 170059 Family ID: 865
Description: D:\respaldo usb\cs3 keygen\CS3 Keygen Collection\Fireworks CS3 VLK.exe Family Name: Win32.TrojanSpy.Agent Clean status: Success Item ID: 735525 Family ID: 578746
Description: D:\System Volume Information\_restore{3E32B52D-E6E4-441D-A37E-98FD5E8758E7}\RP16\A0001217.exe Family Name: Win32.TrojanSpy.Agent Clean status: Success Item ID: 735525 Family ID: 578746
Scan and cleaning complete: Finished correctly after 2318 seconds
*********************************** Settings ***********************************
Scan profile:
ID: full, enabled:1, value: Análisis completo
ID: scancriticalareas, enabled:1, value: true
ID: scanrunningapps, enabled:1, value: true
ID: scanregistry, enabled:1, value: true
ID: scanlsp, enabled:1, value: true
ID: scanads, enabled:1, value: true
ID: scanhostsfile, enabled:1, value: true
ID: scanmru, enabled:1, value: true
ID: scanbrowserhijacks, enabled:1, value: true
ID: scantrackingcookies, enabled:1, value: true
ID: closebrowsers, enabled:1, value: false
ID: folderstoscan, enabled:1, value: C:\,D:\
ID: usespywareheuristics, enabled:1, value: true
ID: extendedengine, enabled:0, value: true
ID: useheuristics, enabled:0, value: true
ID: heuristicslevel, enabled:0, value: mild, domain: medium,mild,strict
ID: filescanningoptions, enabled:1
ID: scanrootkits, enabled:1, value: true
ID: archives, enabled:1, value: true
ID: onlyexecutables, enabled:1, value: false
ID: skiplargerthan, enabled:1, value: 20480
Scan global:
ID: global, enabled:1
ID: addtocontextmenu, enabled:1, value: true
ID: playsoundoninfection, enabled:1, value: false
ID: soundfile, enabled:0, value: *to be filled in automatically*\alert.wav
Scheduled scan settings:
<Empty>
Update settings:
ID: updates, enabled:1
ID: launchthreatworksafterscan, enabled:1, value: normal, domain: normal,off,silently
ID: softwareupdates, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall
ID: licenseandinfo, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall
ID: schedules, enabled:1, value: true
ID: updatedaily, enabled:1, value: Daily
ID: time, enabled:1, value: Sun Oct 04 09:58:00 2009
ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
ID: updateweekly, enabled:1, value: Weekly
ID: time, enabled:1, value: Sun Oct 04 09:58:00 2009
ID: frequency, enabled:1, value: weekly, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: true
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: true
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
Appearance settings:
ID: appearance, enabled:1
ID: skin, enabled:1, value: default.egl, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Resource
ID: showtrayicon, enabled:1, value: true
ID: language, enabled:1, value: es, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Language
Realtime protection settings:
ID: realtime, enabled:1
ID: processprotection, enabled:1, value: true
ID: registryprotection, enabled:0, value: true
ID: networkprotection, enabled:0, value: true
ID: usespywareheuristics, enabled:0, value: true
ID: extendedengine, enabled:0, value: true
ID: useheuristics, enabled:0, value: true
ID: heuristicslevel, enabled:0, value: strict, domain: medium,mild,strict
ID: infomessages, enabled:1, value: onlyimportant, domain: display,dontnotify,onlyimportant

****************************** System information ******************************
Computer name: MEJIA
Processor name: Intel(R) Core(TM)2 Duo CPU E4500 @ 2.20GHz
Processor identifier: x86 Family 6 Model 15 Stepping 13
Raw info: processorarchitecture 0, processortype 586, processorlevel 6, processor revision 3853, number of processors 2
Physical memory available: 2237911040 bytes
Physical memory total: 3487051776 bytes
Virtual memory available: 1887969280 bytes
Virtual memory total: 2147352576 bytes
Memory load: 35%
Microsoft Windows Vista Ultimate Edition, 32-bit Service Pack 2 (build 6002)
Windows startup mode:
Running processes:
PID: 492 name: C:\Windows\System32\smss.exe owner: SYSTEM domain: NT AUTHORITY
PID: 628 name: C:\Windows\System32\csrss.exe owner: SYSTEM domain: NT AUTHORITY
PID: 680 name: C:\Windows\System32\wininit.exe owner: SYSTEM domain: NT AUTHORITY
PID: 692 name: C:\Windows\System32\csrss.exe owner: SYSTEM domain: NT AUTHORITY
PID: 724 name: C:\Windows\System32\services.exe owner: SYSTEM domain: NT AUTHORITY
PID: 736 name: C:\Windows\System32\lsass.exe owner: SYSTEM domain: NT AUTHORITY
PID: 744 name: C:\Windows\System32\lsm.exe owner: SYSTEM domain: NT AUTHORITY
PID: 904 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: NT AUTHORITY
PID: 936 name: C:\Windows\System32\winlogon.exe owner: SYSTEM domain: NT AUTHORITY
PID: 988 name: C:\Windows\System32\nvvsvc.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1016 name: C:\Windows\System32\svchost.exe owner: Servicio de red domain: NT AUTHORITY
PID: 1056 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1148 name: C:\Windows\System32\svchost.exe owner: SERVICIO LOCAL domain: NT AUTHORITY
PID: 1220 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1236 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1364 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1388 name: C:\Windows\System32\SLsvc.exe owner: Servicio de red domain: NT AUTHORITY
PID: 1424 name: C:\Windows\System32\svchost.exe owner: SERVICIO LOCAL domain: NT AUTHORITY
PID: 1580 name: C:\Windows\System32\nvvsvc.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1660 name: C:\Windows\System32\svchost.exe owner: Servicio de red domain: NT AUTHORITY
PID: 220 name: C:\Windows\System32\spoolsv.exe owner: SYSTEM domain: NT AUTHORITY
PID: 364 name: C:\Windows\System32\taskeng.exe owner: ANGEL domain: mejia
PID: 440 name: C:\Windows\System32\svchost.exe owner: SERVICIO LOCAL domain: NT AUTHORITY
PID: 740 name: C:\Windows\System32\dwm.exe owner: ANGEL domain: mejia
PID: 1408 name: C:\Windows\explorer.exe owner: ANGEL domain: mejia
PID: 1816 name: C:\Windows\System32\taskeng.exe owner: SYSTEM domain: NT AUTHORITY
PID: 2212 name: C:\Program Files\Windows Defender\MSASCui.exe owner: ANGEL domain: mejia
PID: 2232 name: C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe owner: ANGEL domain: mejia
PID: 2312 name: C:\Program Files\Java\jre6\bin\jusched.exe owner: ANGEL domain: mejia
PID: 2320 name: C:\Program Files\HP\HP Software Update\hpwuschd2.exe owner: ANGEL domain: mejia
PID: 2332 name: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe owner: ANGEL domain: mejia
PID: 2352 name: C:\Program Files\Windows Sidebar\sidebar.exe owner: ANGEL domain: mejia
PID: 2424 name: C:\Program Files\Windows Live\Messenger\msnmsgr.exe owner: ANGEL domain: mejia
PID: 2432 name: C:\Program Files\DAEMON Tools Lite\daemon.exe owner: ANGEL domain: mejia
PID: 2448 name: C:\Program Files\Windows Media Player\wmpnscfg.exe owner: ANGEL domain: mejia
PID: 2628 name: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe owner: SYSTEM domain: NT AUTHORITY
PID: 2672 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: NT AUTHORITY
PID: 2688 name: C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe owner: SYSTEM domain: NT AUTHORITY
PID: 2800 name: C:\Windows\System32\svchost.exe owner: SERVICIO LOCAL domain: NT AUTHORITY
PID: 2840 name: C:\Windows\System32\svchost.exe owner: SERVICIO LOCAL domain: NT AUTHORITY
PID: 2860 name: C:\Windows\System32\svchost.exe owner: Servicio de red domain: NT AUTHORITY
PID: 2884 name: C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe owner: SYSTEM domain: NT AUTHORITY
PID: 2908 name: C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe owner: SYSTEM domain: NT AUTHORITY
PID: 2972 name: C:\Windows\System32\svchost.exe owner: SERVICIO LOCAL domain: NT AUTHORITY
PID: 3016 name: C:\Program Files\Windows Sidebar\sidebar.exe owner: ANGEL domain: mejia
PID: 3068 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: NT AUTHORITY
PID: 3120 name: C:\Windows\System32\SearchIndexer.exe owner: SYSTEM domain: NT AUTHORITY
PID: 3880 name: C:\Program Files\Windows Media Player\wmpnetwk.exe owner: Servicio de red domain: NT AUTHORITY
PID: 4088 name: C:\Program Files\Windows Live\Contacts\wlcomm.exe owner: ANGEL domain: mejia
PID: 5376 name: C:\Windows\System32\conime.exe owner: ANGEL domain: mejia
PID: 4200 name: C:\Windows\System32\wbem\WmiPrvSE.exe owner: SYSTEM domain: NT AUTHORITY
PID: 4176 name: C:\Windows\System32\taskeng.exe owner: SERVICIO LOCAL domain: NT AUTHORITY
PID: 3432 name: C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe owner: SYSTEM domain: NT AUTHORITY
PID: 5460 name: C:\Windows\System32\wbem\unsecapp.exe owner: SYSTEM domain: NT AUTHORITY
PID: 5480 name: C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe owner: ANGEL domain: mejia
PID: 172 name: C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe owner: ANGEL domain: mejia
Startup items:
Name: {8C7461EF-2B13-11d2-BE35-3078302C2030}
imagepath: Component Categories cache daemon
Name: WebCheck
imagepath: {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
Name: Windows Defender
imagepath: %ProgramFiles%\Windows Defender\MSASCui.exe -hide
Name: GrooveMonitor
imagepath: "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
Name: Adobe Reader Speed Launcher
imagepath: "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
Name: SunJavaUpdateSched
imagepath: "C:\Program Files\Java\jre6\bin\jusched.exe"
Name: HP Software Update
imagepath: C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
Name:
Name: AVP
imagepath: "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
Name: Ad-Watch
imagepath: C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
Name:
imagepath: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
Bootexecute items:
Name:
imagepath: autocheck autochk *
Running services:
Name: AeLookupSvc
displayname: Experiencia con aplicaciones
Name: Appinfo
displayname: Información de la aplicación
Name: AudioEndpointBuilder
displayname: Compilador de extremo de audio de Windows
Name: Audiosrv
displayname: Audio de Windows
Name: AVP
displayname: Kaspersky Internet Security 7.0
Name: BFE
displayname: Motor de filtro de base
Name: BITS
displayname: Servicio de transferencia inteligente en segundo plano
Name: CryptSvc
displayname: Servicios de cifrado
Name: CscService
displayname: Archivos sin conexión
Name: DcomLaunch
displayname: Iniciador de procesos de servidor DCOM
Name: Dhcp
displayname: Cliente DHCP
Name: Dnscache
displayname: Cliente DNS
Name: DPS
displayname: Servicio de directivas de diagnóstico
Name: EMDMgmt
displayname: ReadyBoost
Name: Eventlog
displayname: Registro de eventos de Windows
Name: EventSystem
displayname: Sistema de eventos COM+
Name: fdPHost
displayname: Host de proveedor de detección de función
Name: FDResPub
displayname: Publicación de recurso de detección de función
Name: gpsvc
displayname: Cliente de directiva de grupo
Name: hpqcxs08
displayname: hpqcxs08
Name: hpqddsvc
displayname: Servicio HP CUE DeviceDiscovery
Name: IKEEXT
displayname: Módulos de creación de claves de IPsec para IKE y AuthIP
Name: iphlpsvc
displayname: Aplicación auxiliar IP
Name: KtmRm
displayname: KTMRM para DTC (Coordinador de transacciones distribuidas)
Name: LanmanServer
displayname: Servidor
Name: LanmanWorkstation
displayname: Estación de trabajo
Name: Lavasoft Ad-Aware Service
displayname: Lavasoft Ad-Aware Service
Name: lmhosts
displayname: Aplicación auxiliar de NetBIOS sobre TCP/IP
Name: MMCSS
displayname: Programador de aplicaciones multimedia
Name: MpsSvc
displayname: Firewall de Windows
Name: Nero BackItUp Scheduler 4.0
displayname: Nero BackItUp Scheduler 4.0
Name: Net Driver HPZ12
displayname: Net Driver HPZ12
Name: Netman
displayname: Conexiones de red
Name: netprofm
displayname: Servicio de lista de redes
Name: NlaSvc
displayname: Reconocimiento de ubicación de red
Name: nsi
displayname: Servicio Interfaz de almacenamiento en red
Name: nvsvc
displayname: NVIDIA Display Driver Service
Name: PcaSvc
displayname: Servicio de compatibilidad de programas
Name: PlugPlay
displayname: Plug and Play
Name: Pml Driver HPZ12
displayname: Pml Driver HPZ12
Name: PolicyAgent
displayname: Agente de directiva IPsec
Name: ProfSvc
displayname: Servicio de perfil de usuario
Name: RasMan
displayname: Administrador de conexión de acceso remoto
Name: RpcSs
displayname: Llamada a procedimiento remoto (RPC)
Name: SamSs
displayname: Administrador de cuentas de seguridad
Name: Schedule
displayname: Programador de tareas
Name: seclogon
displayname: Inicio de sesión secundario
Name: SENS
displayname: Servicio de notificación de eventos de sistema
Name: ShellHWDetection
displayname: Detección de hardware shell
Name: slsvc
displayname: Licencias de software
Name: Spooler
displayname: Cola de impresión
Name: SSDPSRV
displayname: Detección SSDP
Name: SstpSvc
displayname: Servicio de protocolo de túnel de sockets seguros
Name: StarWindServiceAE
displayname: StarWind AE Service
Name: Stereo Service
displayname: NVIDIA Stereoscopic 3D Driver Service
Name: stisvc
displayname: Adquisición de imágenes de Windows (WIA)
Name: SysMain
displayname: Superfetch
Name: TabletInputService
displayname: Servicio de entrada de Tablet PC
Name: TapiSrv
displayname: Telefonía
Name: TermService
displayname: Terminal Services
Name: Themes
displayname: Temas
Name: TrkWks
displayname: Cliente de seguimiento de vínculos distribuidos
Name: upnphost
displayname: Dispositivo host de UPnP
Name: UxSms
displayname: Administrador de sesión del Administrador de ventanas de escritorio
Name: W32Time
displayname: Horario de Windows
Name: WdiSystemHost
displayname: Host de sistema de diagnóstico
Name: WebClient
displayname: Cliente web
Name: WerSvc
displayname: Servicio Informe de errores de Windows
Name: WinDefend
displayname: Windows Defender
Name: Winmgmt
displayname: Instrumental de administración de Windows
Name: WMPNetworkSvc
displayname: Servicio de uso compartido de red del Reproductor de Windows Media
Name: WPDBusEnum
displayname: Servicio enumerador de dispositivos portátiles
Name: wscsvc
displayname: Centro de seguridad
Name: WSearch
displayname: Windows Search
Name: wuauserv
displayname: Windows Update
Name: wudfsvc
displayname: Windows Driver Foundation - User-mode Driver Framework

estoy poniendo a prueba la maquina a ver si mejora algo

bueno ya la estuve checnado y sigue usando el 100 % del cpu no baja
y siguen apareciendo esos 3 procesos de iexplorer y no mas tengo abierta una ventana
aguna sugerencia
les mando la imagen del adminitrador

capturad.jpg


aqui la segunda parte de los procesos

captura1f.jpg


bueno aver si con esa informacion me pueden ayudar a detectar algo
 
SE LLAMA TROYANO Y ESSTA VIVIENDO EN TU RED TE RECOMIENDO DESCARGUES:

http://www.combofix.org/

CHAU ME COMENTAS QUE PEX AAAAAA Y TRATA DE NO PONER PROGRAMAS BASURA EN TU SISTEMA !!!
 
vius haz un esacneo online desde la pagina de karspersky o panda antivirus
 
bro baje el combofis y estos son los resultado q me mando

y me dices el diagnostico q paso por q no entiendo hay va

ComboFix 09-10-04.01 - ANGEL 04/10/2009 15:37.1.2 - NTFSx86
Microsoft® Windows Vista™ Ultimate 6.0.6002.2.1252.52.3082.18.3326.2099 [GMT -5:00]
Running from: c:\users\ANGEL\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning enabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *enabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
SP: Kaspersky Internet Security *enabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\recycler\S-1-5-21-4191685020-9012219521-681871121-6867
c:\recycler\S-1-5-21-4191685020-9012219521-681871121-6867\apok35.exe
c:\recycler\S-1-5-21-4191685020-9012219521-681871121-6867\Desktop.ini
c:\recycler\S-1-5-21-8277264659-4909261492-219264329-4054
c:\users\ANGEL\AppData\Roaming\Microsoft\Clip Organizer\mstore10.mgc
c:\users\ANGEL\AppData\Roaming\Microsoft\Clip Organizer\Offic10.MGC
c:\windows\system32\prsgrc.dll
c:\windows\system32\ssprs.dll
c:\windows\system32\vgat83a.dll
.
((((((((((((((((((((((((( Files Created from 2009-09-04 to 2009-10-04 )))))))))))))))))))))))))))))))
.
2009-10-04 20:50 . 2009-10-04 20:51 -------- d-----w- c:\users\ANGEL\AppData\Local\temp
2009-10-04 20:50 . 2009-10-04 20:50 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-10-04 16:17 . 2009-10-04 16:17 -------- d-----w- c:\users\ANGEL\AppData\Roaming\Yahoo!
2009-10-04 16:17 . 2009-10-04 19:37 -------- d-----w- c:\program files\Yahoo!
2009-10-04 14:58 . 2009-10-04 20:33 -------- dc----w- c:\windows\system32\DRVSTORE
2009-10-04 14:51 . 2009-10-04 20:33 -------- dc-h--w- c:\programdata\~0
2009-10-04 14:51 . 2009-10-04 20:33 -------- d-----w- c:\programdata\Lavasoft
2009-10-04 14:51 . 2009-10-04 20:33 -------- d-----w- c:\program files\Lavasoft
2009-10-03 14:23 . 2009-10-03 14:23 -------- d-----w- c:\program files\Microsoft
2009-10-02 19:21 . 2009-10-01 15:29 195440 ------w- c:\windows\system32\MpSigStub.exe
2009-10-02 15:17 . 2009-10-02 15:17 -------- d-----w- c:\users\ANGEL\AppData\Roaming\Leadertech
2009-10-02 15:01 . 2009-10-02 15:01 -------- d-----w- c:\program files\EA Sports
2009-10-01 15:28 . 2008-07-12 13:18 467984 ----a-w- c:\windows\system32\d3dx10_39.dll
2009-10-01 15:28 . 2008-07-12 13:18 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2009-10-01 15:28 . 2008-07-12 13:18 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll
2009-09-30 01:10 . 2009-09-30 01:11 -------- d-----w- c:\users\ANGEL\AppData\Local\Computers and Structures
2009-09-28 20:36 . 2009-09-28 20:36 -------- d-----w- c:\program files\CAPCOM
2009-09-25 20:13 . 2009-09-25 20:31 -------- d-----w- C:\respaldo
2009-09-25 16:02 . 2009-09-25 16:02 -------- d---a-w- c:\windows\Filter
2009-09-25 16:02 . 2009-09-25 16:02 -------- d---a-w- c:\windows\EffRes
2009-09-25 16:02 . 2009-09-25 16:02 -------- d---a-w- c:\windows\Language
2009-09-25 16:02 . 2007-03-09 00:05 1466624 ----a-w- c:\windows\usbVM305.sys
2009-09-25 16:02 . 2007-03-09 00:03 1541120 ----a-w- c:\windows\VM305x64.sys
2009-09-25 16:02 . 2007-03-08 21:56 122880 ----a-w- c:\windows\rm305.exe
2009-09-25 16:02 . 2007-03-08 21:55 122880 ----a-w- c:\windows\rm305x64.exe
2009-09-25 16:02 . 2007-03-08 21:54 200704 ----a-w- c:\windows\RegUnstal.dll
2009-09-25 16:02 . 2007-01-05 18:37 81920 ----a-w- c:\windows\VM305Sti.dll
2009-09-25 16:02 . 2007-01-05 18:37 53248 ----a-w- c:\windows\Sti305.exe
2009-09-25 16:02 . 2007-01-05 18:37 24576 ----a-w- c:\windows\RunSetup.dll
2009-09-22 21:40 . 2009-09-22 21:40 -------- d-----w- c:\program files\NVIDIA Corporation
2009-09-21 18:23 . 2009-09-21 18:23 -------- d-----w- c:\program files\MSI
2009-09-15 18:58 . 2009-09-15 21:33 -------- d-----w- c:\users\ANGEL\AppData\Local\Google
2009-09-15 18:53 . 2009-09-17 14:33 -------- d-----w- c:\program files\Google
2009-09-15 18:50 . 2009-09-15 18:52 -------- d-----w- c:\windows\system32\Adobe
2009-09-14 17:46 . 2009-09-14 17:46 -------- d-----w- C:\ckis
2009-09-14 17:41 . 2009-09-22 12:32 95259 ----a-w- c:\windows\system32\drivers\klick.dat
2009-09-14 17:41 . 2009-09-22 12:32 107547 ----a-w- c:\windows\system32\drivers\klin.dat
2009-09-14 17:39 . 2009-10-04 20:50 172603680 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-09-14 17:39 . 2009-09-14 17:39 -------- d-----w- c:\program files\Kaspersky Lab
2009-09-10 21:29 . 2009-09-26 21:00 -------- d-----w- c:\users\ANGEL\AppData\Roaming\Dark Sector
2009-09-10 04:28 . 2009-08-14 16:27 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-09-10 04:28 . 2009-08-14 13:49 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-09-10 04:28 . 2009-08-14 13:49 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-09-10 04:28 . 2009-08-14 13:49 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-09-10 04:28 . 2009-08-14 13:48 105984 ----a-w- c:\windows\system32\netiohlp.dll
2009-09-10 04:28 . 2009-08-14 13:49 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-09-10 04:28 . 2009-08-14 13:49 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-09-10 04:28 . 2009-08-14 13:49 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-09-10 04:28 . 2009-08-14 13:49 10240 ----a-w- c:\windows\system32\finger.exe
2009-09-10 04:28 . 2009-08-14 13:48 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2009-09-10 04:28 . 2009-08-14 15:53 17920 ----a-w- c:\windows\system32\netevent.dll
2009-09-10 04:27 . 2009-07-11 19:01 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2009-09-10 04:27 . 2009-07-11 17:03 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2009-09-10 04:27 . 2009-07-11 19:01 302592 ----a-w- c:\windows\system32\wlansec.dll
2009-09-10 04:27 . 2009-07-11 19:01 65024 ----a-w- c:\windows\system32\wlanapi.dll
2009-09-10 04:27 . 2009-07-11 19:01 513536 ----a-w- c:\windows\system32\wlansvc.dll
2009-09-10 04:27 . 2009-06-10 11:41 2868224 ----a-w- c:\windows\system32\mf.dll
2009-09-07 18:37 . 2009-09-14 21:20 -------- d-----w- c:\users\ANGEL\AppData\Roaming\HpUpdate
2009-09-07 18:36 . 2009-09-07 18:36 -------- d-----w- c:\windows\Hewlett-Packard
2009-09-06 23:48 . 2009-09-06 23:48 -------- d-----w- c:\windows\system32\xlive
2009-09-06 23:48 . 2009-09-06 23:49 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2009-09-06 23:47 . 2008-10-27 15:04 514384 ----a-w- c:\windows\system32\XAudio2_3.dll
2009-09-06 23:47 . 2008-10-27 15:04 235856 ----a-w- c:\windows\system32\xactengine3_3.dll
2009-09-06 23:47 . 2008-10-27 15:04 70992 ----a-w- c:\windows\system32\XAPOFX1_2.dll
2009-09-06 23:47 . 2008-10-27 15:04 23376 ----a-w- c:\windows\system32\X3DAudio1_5.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-04 19:45 . 2009-04-11 16:52 666672 ----a-w- c:\windows\system32\perfh00A.dat
2009-10-04 19:45 . 2009-04-11 16:52 129582 ----a-w- c:\windows\system32\perfc00A.dat
2009-10-04 19:38 . 2009-08-23 00:19 -------- d-----w- c:\programdata\Kaspersky Lab
2009-10-04 19:37 . 2009-09-22 21:43 32879 ----a-w- c:\programdata\nvModes.dat
2009-10-04 19:37 . 2009-08-12 21:28 -------- d-----w- c:\programdata\NVIDIA
2009-10-04 16:53 . 2009-09-14 17:39 2277980 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-10-04 05:26 . 2009-08-12 22:09 -------- d-----w- c:\users\ANGEL\AppData\Roaming\vlc
2009-10-02 00:28 . 2009-10-02 00:28 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_xusb21_01005.Wdf
2009-10-01 16:11 . 2009-08-12 21:42 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-09-30 01:08 . 2009-09-30 01:08 1024 ----a-w- c:\windows\system32\trpbgj5.dll
2009-09-30 01:08 . 2009-09-30 01:08 1024 ----a-w- c:\windows\system32\grcauth2.dll
2009-09-30 01:08 . 2009-09-30 01:08 1024 ----a-w- c:\windows\system32\grcauth1.dll
2009-09-30 01:08 . 2009-09-30 01:08 1024 ----a-w- c:\windows\system32\clauth2.dll
2009-09-30 01:08 . 2009-09-30 01:08 1024 ----a-w- c:\windows\system32\clauth1.dll
2009-09-22 21:38 . 2009-08-15 01:59 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-09-22 21:38 . 2009-08-15 02:33 -------- d-----w- c:\program files\AGEIA Technologies
2009-09-18 19:28 . 2009-08-12 21:08 680 ----a-w- c:\users\ANGEL\AppData\Local\d3d9caps.dat
2009-09-14 18:13 . 2007-10-31 18:41 112144 ----a-w- c:\windows\system32\drivers\kl1.sys
2009-09-14 17:14 . 2009-08-31 17:39 -------- d-----w- c:\programdata\HP Product Assistant
2009-09-10 08:10 . 2009-08-13 20:17 -------- d-----w- c:\program files\Microsoft Silverlight
2009-09-10 08:01 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-09-10 08:01 . 2009-08-12 21:45 -------- d-----w- c:\programdata\Microsoft Help
2009-09-07 18:37 . 2009-08-31 17:35 -------- d-----w- c:\program files\HP
2009-09-04 22:44 . 2009-09-18 16:23 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2009-09-04 22:44 . 2009-09-18 16:23 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2009-09-04 22:44 . 2009-09-18 16:23 238936 ----a-w- c:\windows\system32\xactengine3_5.dll
2009-09-04 22:29 . 2009-09-18 16:23 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2009-09-04 22:29 . 2009-09-18 16:23 235344 ----a-w- c:\windows\system32\d3dx11_42.dll
2009-09-04 22:29 . 2009-09-18 16:23 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2009-09-04 22:29 . 2009-09-18 16:23 5501792 ----a-w- c:\windows\system32\d3dcsx_42.dll
2009-09-04 22:29 . 2009-09-18 16:23 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2009-08-31 18:07 . 2009-08-31 18:07 -------- d-----w- c:\programdata\HPSSUPPLY
2009-08-31 17:44 . 2009-08-31 17:41 -------- d-----w- c:\users\ANGEL\AppData\Roaming\HP
2009-08-31 17:41 . 2009-08-31 17:34 163779 ----a-w- c:\windows\hpoins37.dat
2009-08-31 17:41 . 2009-08-31 17:41 -------- d-----w- c:\programdata\WEBREG
2009-08-31 17:40 . 2009-08-31 17:32 -------- d-----w- c:\programdata\HP
2009-08-31 17:36 . 2009-08-31 17:36 -------- d-----w- c:\program files\Common Files\HP
2009-08-31 17:36 . 2009-08-31 17:36 -------- d-----w- c:\program files\Common Files\Hewlett-Packard
2009-08-31 17:35 . 2009-08-31 17:35 -------- d-----w- c:\program files\Hewlett-Packard
2009-08-31 15:54 . 2009-08-31 15:54 -------- d-----w- c:\users\ANGEL\AppData\Roaming\dvdcss
2009-08-31 15:27 . 2009-08-31 15:27 -------- d-----w- c:\program files\Alcohol Soft
2009-08-30 02:39 . 2009-08-12 21:09 99864 ----a-w- c:\users\ANGEL\AppData\Local\GDIPFONTCACHEV1.DAT
2009-08-30 00:27 . 2009-08-30 00:03 -------- d-----w- c:\programdata\Autodesk
2009-08-30 00:03 . 2009-08-30 00:03 -------- d-----w- c:\users\ANGEL\AppData\Roaming\Autodesk
2009-08-29 00:27 . 2009-09-02 23:26 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-08-29 00:14 . 2009-09-02 23:26 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-08-27 14:01 . 2009-08-27 14:01 139152 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-08-27 14:01 . 2009-08-27 14:01 139152 ----a-w- c:\users\ANGEL\AppData\Roaming\PnkBstrK.sys
2009-08-27 14:01 . 2009-08-27 14:01 139152 ----a-w- c:\users\ANGEL\AppData\Roaming\PnkBstrK.sys
2009-08-27 14:01 . 2009-08-27 14:01 111928 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-08-27 14:01 . 2009-08-27 14:01 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-08-27 14:01 . 2009-08-27 14:01 794408 ----a-w- c:\windows\system32\pbsvc.exe
2009-08-25 17:21 . 2009-08-25 17:21 -------- d-----w- c:\program files\ESET
2009-08-25 17:17 . 2009-08-22 16:15 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files
2009-08-23 15:01 . 2009-08-23 15:01 -------- d-----w- c:\programdata\WindowsSearch
2009-08-20 01:20 . 2009-08-20 01:20 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-08-20 01:19 . 2009-08-20 01:19 -------- d-----w- c:\program files\Java
2009-08-18 16:34 . 2009-08-18 16:34 -------- d-----w- c:\program files\Unity
2009-08-18 00:05 . 2009-08-12 22:02 -------- d-----w- c:\program files\Common Files\Adobe
2009-08-17 07:42 . 2009-08-17 07:42 2505248 ----a-w- c:\windows\system32\nvcpluir.dll
2009-08-17 07:42 . 2009-08-17 07:42 2173472 ----a-w- c:\windows\system32\nvcplui.exe
2009-08-17 07:42 . 2009-08-17 07:42 1411616 ----a-w- c:\windows\system32\nvsvsr.dll
2009-08-17 07:42 . 2009-08-17 07:42 1346080 ----a-w- c:\windows\system32\nvsvs.dll
2009-08-17 05:57 . 2009-08-17 05:57 9545152 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2009-08-17 05:57 . 2009-08-17 05:57 485920 ----a-w- c:\windows\system32\nvudisp.exe
2009-08-17 05:57 . 2009-08-17 05:57 4224 ----a-w- c:\windows\system32\drivers\nvBridge.kmd
2009-08-17 05:57 . 2009-08-17 05:57 3298304 ----a-w- c:\windows\system32\nvwgf2um.dll
2009-08-17 05:57 . 2009-08-17 05:57 2169376 ----a-w- c:\windows\system32\nvcuvid.dll
2009-08-17 05:57 . 2009-08-17 05:57 1985536 ----a-w- c:\windows\system32\nvcuda.dll
2009-08-17 05:57 . 2009-08-17 05:57 1706528 ----a-w- c:\windows\system32\nvcuvenc.dll
2009-08-17 05:57 . 2009-08-17 05:57 155648 ----a-w- c:\windows\system32\nvcod162.dll
2009-08-17 05:57 . 2009-08-17 05:57 155648 ----a-w- c:\windows\system32\nvcod.dll
2009-08-17 05:57 . 2009-08-17 05:57 10858496 ----a-w- c:\windows\system32\nvoglv32.dll
2009-08-17 05:57 . 2007-06-28 16:43 7569920 ----a-w- c:\windows\system32\nvd3dum.dll
2009-08-17 05:57 . 2007-06-28 16:43 1044992 ----a-w- c:\windows\system32\nvapi.dll
2009-08-15 01:52 . 2009-08-12 22:40 -------- d-----w- c:\users\ANGEL\AppData\Roaming\DAEMON Tools Lite
2009-08-15 01:28 . 2009-08-12 21:48 -------- d-----w- c:\program files\Microsoft Works
2009-08-14 18:36 . 2009-08-14 18:36 70936 ----a-w- c:\windows\system32\PhysXLoader.dll
2009-08-13 23:43 . 2009-08-13 23:43 -------- d-----w- c:\program files\MSXML 4.0
2009-08-13 00:52 . 2009-08-13 00:40 -------- d-----w- c:\users\ANGEL\AppData\Roaming\Nero
2009-08-13 00:39 . 2009-08-13 00:22 -------- d-----w- c:\program files\Common Files\Nero
2009-08-13 00:31 . 2009-08-13 00:22 -------- d-----w- c:\program files\Nero
2009-08-13 00:27 . 2009-08-13 00:22 -------- d-----w- c:\programdata\Nero
2009-08-12 22:43 . 2009-08-12 22:43 -------- d-----w- c:\programdata\DAEMON Tools Lite
2009-08-12 22:43 . 2009-08-12 22:42 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2009-08-12 22:43 . 2009-08-12 22:42 -------- d-----w- c:\program files\DAEMON Tools Lite
2009-08-12 22:41 . 2009-08-12 22:41 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-08-12 22:11 . 2009-08-12 22:10 -------- d-----w- c:\program files\Windows Live
2009-08-12 22:11 . 2009-08-12 22:11 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-08-12 22:09 . 2009-08-12 22:09 -------- d-----w- c:\program files\VideoLAN
2009-08-12 22:03 . 2009-08-12 22:03 -------- d-----w- c:\program files\Common Files\Windows Live
2009-08-12 21:52 . 2009-08-12 21:52 -------- d-----w- c:\program files\MSECache
2009-08-12 21:48 . 2006-11-02 12:35 -------- d-----w- c:\program files\MSBuild
2009-08-12 21:47 . 2009-08-12 21:47 -------- d-----w- c:\program files\Microsoft.NET
2009-08-12 21:47 . 2009-08-12 21:47 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2009-08-12 21:42 . 2009-08-12 21:12 -------- d-----w- c:\program files\Common Files\InstallShield
2009-08-12 21:39 . 2009-08-12 21:39 -------- d-----w- c:\program files\FT27B2
2009-08-12 21:38 . 2009-08-12 21:38 -------- d-----w- c:\program files\FT2491
2009-08-12 21:04 . 2009-08-12 21:04 -------- d-sh--we c:\programdata\Plantillas
2009-08-12 21:04 . 2009-08-12 21:04 -------- d-sh--we c:\programdata\Menú Inicio
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]
"USDownloader"="c:\users\ANGEL\Documents\USDownloader134\USDownloader134\USDownloader.exe" [2007-06-15 526336]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-08-20 149280]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\KASPER~1\KASPER~1.0\r3hook.dll c:\progra~1\KASPER~1\KASPER~1.0\adialhk.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):18,aa,f7,f7,a9,ba,c9,01
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{4B6051EE-1B87-4DF7-BA44-BD9C2158E45B}"= UDP:c:\users\ANGEL\Documents\USDownloader134\USDownloader134\USDownloader.exe:USDownloader
"{F2E4637F-87DA-4D1A-9580-6DB7AED636DF}"= TCP:c:\users\ANGEL\Documents\USDownloader134\USDownloader134\USDownloader.exe:USDownloader
"TCP Query User{D5D1D8F6-E408-47E1-971E-7DD264A9ED49}c:\\program files\\windows live\\messenger\\msnmsgr.exe"= UDP:c:\program files\windows live\messenger\msnmsgr.exe:Windows Live Messenger
"TCP Query User{729F5339-CFA6-4C5D-B95D-1DA287BF9401}c:\\program files\\aspyr\\dark sector\\ds.exe"= UDP:c:\program files\aspyr\dark sector\ds.exe:Dark Sector
"UDP Query User{92CD5BA2-4126-4402-8088-B0541AF36D77}c:\\program files\\aspyr\\dark sector\\ds.exe"= TCP:c:\program files\aspyr\dark sector\ds.exe:Dark Sector
"{29ED467A-9830-46CD-BBCF-4956836FDA76}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{CAFB3576-29D0-49D5-89E6-A27D839005BA}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{AE86EE8A-2C9B-4D5E-B31D-F4A68AB95BF6}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{CB5DABD3-59D1-4217-8AD2-8D9D3A6A06DA}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{114AFEBB-425E-4BDD-B13E-C0CEFFF05746}"= c:\program files\HP\Digital Imaging\bin\hpqtra08.exe:hpqtra08.exe
"{FB7F79F4-4FB7-49DE-915F-9B7F508C371A}"= c:\program files\HP\Digital Imaging\bin\hpqste08.exe:hpqste08.exe
"{F3E1C5A8-17EA-47B9-A32C-F1B7825880BB}"= c:\program files\HP\Digital Imaging\bin\hposid01.exe:hposid01.exe
"{DB759481-F4BB-474B-8251-45660CA311EC}"= c:\program files\HP\Digital Imaging\bin\hpqkygrp.exe:hpqkygrp.exe
"{A9A58A70-69E5-498F-B0CB-4B503EC52B42}"= c:\program files\HP\Digital Imaging\bin\hpfccopy.exe:hpfccopy.exe
"{77454D17-85AB-4F9A-B8D9-8C4DA9AA9B24}"= c:\program files\HP\Digital Imaging\bin\hpoews01.exe:hpoews01.exe
"{824B7682-03AC-4EA7-A49D-278F0C09C688}"= c:\program files\HP\Digital Imaging\bin\hpiscnapp.exe:hpiscnapp.exe
"{1DDD23B2-0054-45A8-BED0-8A4285D77A4C}"= c:\program files\HP\Digital Imaging\bin\hpqcopy2.exe:hpqcopy2.exe
"{EBE9ACF9-64CA-4398-A6D3-38D89E0DB5F5}"= c:\program files\HP\Digital Imaging\bin\hpqgplgtupl.exe:hpqgplgtupl.exe
"{4195B481-2C15-4EFC-BE1B-8E5D321B4C3E}"= c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe:hpqgpc01.exe
"TCP Query User{CBC256AB-C76F-4A07-AEA5-056CCFB9B65C}c:\\program files\\nd games\\dark sector\\ds.exe"= UDP:c:\program files\nd games\dark sector\ds.exe:Dark Sector
"UDP Query User{DBC4DE99-B5B3-4BC7-84AD-E4B35C36B56F}c:\\program files\\nd games\\dark sector\\ds.exe"= TCP:c:\program files\nd games\dark sector\ds.exe:Dark Sector
"TCP Query User{5CA488DC-28BE-4774-9C43-C3BC31AEEC57}c:\\kav\\kaspersky internet security 7.0.1.325\\spanish\\setup.exe"= UDP:c:\kav\kaspersky internet security 7.0.1.325\spanish\setup.exe:Kaspersky Internet Security 7.0 Instalación
"UDP Query User{0C745E64-7463-498E-981D-9E1BF5CF05E3}c:\\kav\\kaspersky internet security 7.0.1.325\\spanish\\setup.exe"= TCP:c:\kav\kaspersky internet security 7.0.1.325\spanish\setup.exe:Kaspersky Internet Security 7.0 Instalación
"TCP Query User{3425B7EA-C5AB-4C1B-8EBA-D074DCB30079}c:\\program files\\java\\jre6\\bin\\javaw.exe"= UDP:c:\program files\java\jre6\bin\javaw.exe:Java(TM) Platform SE binary
"UDP Query User{BB11A3D6-D2E8-41D6-94E2-1B83FDE4E5CE}c:\\program files\\java\\jre6\\bin\\javaw.exe"= TCP:c:\program files\java\jre6\bin\javaw.exe:Java(TM) Platform SE binary
"{FA587C05-FA3B-4E8B-9E52-2F0EFF76F699}"= UDP:c:\program files\CAPCOM\RESIDENT EVIL 5\RE5DX9.EXE:RESIDENT EVIL 5 (DX9)
"{90B33A92-F3E3-4639-92BD-974A1AC41FF2}"= TCP:c:\program files\CAPCOM\RESIDENT EVIL 5\RE5DX9.EXE:RESIDENT EVIL 5 (DX9)
"{09157648-DE1A-41D5-895F-31BC14AEA2E5}"= UDP:c:\program files\CAPCOM\RESIDENT EVIL 5\RE5DX10.EXE:RESIDENT EVIL 5 (DX10)
"{FAAA7860-C45B-4E40-917A-E912BE141B4D}"= TCP:c:\program files\CAPCOM\RESIDENT EVIL 5\RE5DX10.EXE:RESIDENT EVIL 5 (DX10)
"TCP Query User{F2295FF5-6484-4A0F-8E3D-B3B411622A92}c:\\program files\\java\\jre6\\bin\\java.exe"= UDP:c:\program files\java\jre6\bin\java.exe:Java(TM) Platform SE binary
"UDP Query User{04DA540B-FE4E-4359-84BB-8C0131D785B2}c:\\program files\\java\\jre6\\bin\\java.exe"= TCP:c:\program files\java\jre6\bin\java.exe:Java(TM) Platform SE binary
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\System32\drivers\klim6.sys [16/10/2007 11:05 a.m. 20496]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [17/08/2009 01:32 a.m. 239648]
R3 VL807;VL807 Filter;c:\windows\System32\drivers\VL807.sys [12/08/2009 04:38 p.m. 22016]
S3 XBox;XBox Filter;c:\windows\System32\drivers\Xbox.sys [12/08/2009 04:39 p.m. 22528]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder
2009-10-04 c:\windows\Tasks\User_Feed_Synchronization-{BCBD3FCD-AA3E-4067-9247-61D4BCEF00CC}.job
- c:\windows\system32\msfeedssync.exe [2009-08-12 20:13]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://google.com/
IE: Agregar al componente Anti-Banners - c:\program files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
IE: Descargar con USDownloader - c:\users\ANGEL\Documents\USDownloader134\USDownloader134\Ext\downloadie.html
IE: E&xportar a Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} - hxxp://liveupdate.msi.com.tw/autobios/LOnline/install.cab
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-04 15:51
Windows 6.0.6002 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...

c:\users\ANGEL\AppData\Local\Temp\catchme.dll 53248 bytes executable
scan completed successfully
hidden files: 1
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(920)
c:\progra~1\KASPER~1\KASPER~1.0\r3hook.dll
c:\progra~1\KASPER~1\KASPER~1.0\adialhk.dll
- - - - - - - > 'lsass.exe'(740)
c:\progra~1\KASPER~1\KASPER~1.0\r3hook.dll
c:\progra~1\KASPER~1\KASPER~1.0\adialhk.dll
c:\program files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll
.
Completion time: 2009-10-04 15:54
ComboFix-quarantined-files.txt 2009-10-04 20:54
Pre-Run: 65,837,883,392 bytes libres
Post-Run: 65,910,063,104 bytes libres
302 --- E O F --- 2009-10-02 19:21
 
mientas le paso el scan en linea como me recomiendas amigo
 
Debes iniciar sesión o registrarte para participar.
Volver
Arriba