Regístrate gratis para participar de los foros, o si ya estás registrado haz login.
Foros de soluciones « Seguridad, virus y spyware
Mi PC en lentitud de muerte
| comentario del autor | Mar May 20, 2008 10:23 pm |
|
Tengo la Pc con sistema operativo muy lenta, desde hace varias semana, le pase el antivirus Panda Segurity y el SUPERAntiSpyware y me detectaron un virus y varios Malwares y otros bichos, que fueron eliminados, pero mi maquina continua lenta, le active el Hijackthis y este es el resultado:
Por favor me podrian indicar si mi maquina esta infectada. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:09:48 p.m., on 20/05/2008 Platform: Windows 2003 SP2 (WinNT 5.02.3790) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Boot mode: Normal Running processes: D:\Program Files (x86)\Panda Security\Panda Internet Security 2008\TPSrvWow.exe D:\WINDOWS\RTHDCPL.EXE D:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe D:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe D:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe D:\WINDOWS\SysWOW64\ctfmon.exe D:\Program Files (x86)\MSN Messenger\msnmsgr.exe D:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe D:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe D:\Program Files (x86)\Panda Security\Panda Internet Security 2008\PsCtrls.exe D:\Program Files (x86)\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe D:\Program Files (x86)\Panda Security\Panda Internet Security 2008\PavFnSvr.exe D:\Program Files (x86)\HP\Digital Imaging\bin\hpqimzone.exe D:\Program Files (x86)\Common Files\Panda Software\PavShld\pavprsrv.exe D:\Program Files (x86)\Panda Security\Panda Internet Security 2008\pavsrvx86.exe D:\Program Files (x86)\Roxio\Media Experience\DMXLauncher.exe D:\Program Files (x86)\Roxio\Drag-to-Disc\DrgToDsc.exe D:\WINDOWS\SysWOW64\HPZipm12.exe D:\Program Files (x86)\Panda Security\Panda Internet Security 2008\AVENGINE.EXE D:\Program Files (x86)\Panda Security\Panda Internet Security 2008\AntiSpam\pskmssvc.exe d:\program files (x86)\panda security\panda internet security 2008\firewall\PSHOST.EXE D:\Program Files (x86)\Panda Security\Panda Internet Security 2008\PsImSvc.exe d:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe D:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe D:\Program Files (x86)\Dantz\Retrospect\retrorun.exe D:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe D:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe D:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe D:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe D:\Program Files (x86)\Panda Security\Panda Internet Security 2008\ApvxdWin.exe D:\Program Files (x86)\MSN Messenger\usnsvc.exe D:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe D:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe D:\Program Files (x86)\Common Files\Logitech\LComMgr\Communications_Helper.exe D:\Program Files (x86)\Logitech\QuickCam10\QuickCam10.exe D:\Program Files (x86)\Common Files\Logitech\LComMgr\LVComSX.exe D:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe D:\Program Files (x86)\Winamp\winampa.exe D:\Program Files (x86)\Java\jre1.6.0_05\bin\jusched.exe D:\Program Files (x86)\Panda Security\Panda Internet Security 2008\SRVLOAD.EXE D:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe D:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe D:\Program Files (x86)\Panda Security\Panda Internet Security 2008\WebProxy.exe D:\Program Files (x86)\Panda Security\Panda Internet Security 2008\PavBckPT.exe D:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.vagos.es/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos F2 - REG:system.ini: UserInit=userinit O2 - BHO: Aplicación auxiliar de vínculos de Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - (no file) O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~2\SPYBOT~1\SDHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files (x86)\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [GrooveMonitor] "D:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [DMXLauncher] "D:\Program Files (x86)\Roxio\Media Experience\DMXLauncher.exe" O4 - HKLM\..\Run: [RoxioDragToDisc] "D:\Program Files (x86)\Roxio\Drag-to-Disc\DrgToDsc.exe" O4 - HKLM\..\Run: [ISUSPM Startup] "d:\Program Files (x86)\Common Files\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKLM\..\Run: [ISUSScheduler] "D:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [HP Software Update] D:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [LogitechCommunicationsManager] "D:\Program Files (x86)\Common Files\Logitech\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "D:\Program Files (x86)\Logitech\QuickCam10\QuickCam10.exe" /hide O4 - HKLM\..\Run: [LVCOMSX] "D:\Program Files (x86)\Common Files\Logitech\LComMgr\LVComSX.exe" O4 - HKLM\..\Run: [RoxWatchTray] "D:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" O4 - HKLM\..\Run: [WinampAgent] "D:\Program Files (x86)\Winamp\winampa.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files (x86)\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [APVXDWIN] "D:\Program Files (x86)\Panda Security\Panda Internet Security 2008\APVXDWIN.EXE" /s O4 - HKLM\..\Run: [SCANINICIO] "D:\Program Files (x86)\Panda Security\Panda Internet Security 2008\Inicio.exe" O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "D:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [Cambiador de Fondos] D:\Program Files (x86)\Cambiador de fondos\CambiadorDeFondos.exe cambiar O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files (x86)\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [SUPERAntiSpyware] D:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICIO LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICIO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Servicio de red') O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Servicio de red') O4 - HKUS\S-1-5-21-3394078683-725629867-2348534172-500\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe (User 'Administrator') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user') O4 - Startup: Herramienta de búsqueda de soportes de Picture Motion Browser.lnk = D:\Program Files (x86)\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Inicio rápido de HP Photosmart Premier.lnk = D:\Program Files (x86)\Hp\Digital Imaging\bin\hpqthb08.exe O8 - Extra context menu item: E&xportar a Microsoft Excel - res://D:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files (x86)\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files (x86)\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Barra de búsqueda de Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - D:\Program Files (x86)\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~2\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~2\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O15 - ESC Trusted Zone: http://runonce.msn.com O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqlar/downloads/sysinfo.cab O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} (DeviceEnum Class) - http://h30155.www3.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_ site.cab?1188602274359 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://www.driveragent.com/files/driveragent.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{C0E4B9AF-75CB-46CC-958D-323899327D8E}: NameServer = 200.51.212.7,200.51.211.7 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O20 - Winlogon Notify: !SASWinLogon - D:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Unknown owner - D:\WINDOWS\System32\dmadmin.exe (file missing) O23 - Service: Event Log (Eventlog) - Unknown owner - D:\WINDOWS\system32\services.exe (file missing) O23 - Service: HTTP SSL (HTTPFilter) - Unknown owner - D:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Unknown owner - D:\WINDOWS\system32\imapi.exe (file missing) O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - d:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - D:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe O23 - Service: Coordinador de transacciones distribuidas de Microsoft (MSDTC) - Unknown owner - D:\WINDOWS\system32\msdtc.exe (file missing) O23 - Service: NBService - Nero AG - D:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: Net Logon (Netlogon) - Unknown owner - D:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: NMIndexingService - Nero AG - D:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: NT LM Security Support Provider (NtLmSsp) - Unknown owner - D:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - D:\WINDOWS\system32\nvsvc64.exe (file missing) O23 - Service: Panda Software Controller - Panda Software International - D:\Program Files (x86)\Panda Security\Panda Internet Security 2008\PsCtrls.exe O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - D:\Program Files (x86)\Panda Security\Panda Internet Security 2008\PavFnSvr.exe O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - D:\Program Files (x86)\Common Files\Panda Software\PavShld\pavprsrv.exe O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - D:\Program Files (x86)\Panda Security\Panda Internet Security 2008\pavsrvx86.exe O23 - Service: Plug and Play (PlugPlay) - Unknown owner - D:\WINDOWS\system32\services.exe (file missing) O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\system32\HPZipm12.exe O23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - D:\Program Files (x86)\Panda Security\Panda Internet Security 2008\AntiSpam\pskmssvc.exe O23 - Service: IPSEC Services (PolicyAgent) - Unknown owner - D:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Protected Storage (ProtectedStorage) - Unknown owner - D:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Panda Host Service (PSHost) - Panda Software International - d:\program files (x86)\panda security\panda internet security 2008\firewall\PSHOST.EXE O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - D:\Program Files (x86)\Panda Security\Panda Internet Security 2008\PsImSvc.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - d:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Remote Desktop Help Session Manager (RDSessMgr) - Unknown owner - D:\WINDOWS\system32\sessmgr.exe (file missing) O23 - Service: Retrospect Launcher (RetroLauncher) - Dantz Development Corporation - D:\Program Files (x86)\Dantz\Retrospect\retrorun.exe O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - D:\Program Files (x86)\Common Files\Sonic Shared\RoxioUPnPRenderer9.exe O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - D:\Program Files (x86)\Common Files\Sonic Shared\RoxioUpnpService9.exe O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - D:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - D:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - D:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: Security Accounts Manager (SamSs) - Unknown owner - D:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: stllssvr - MicroVision Development, Inc. - D:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Panda TPSrv (TPSrv) - Panda Software International - D:\Program Files (x86)\Panda Security\Panda Internet Security 2008\TPSrvWow.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - Unknown owner - D:\WINDOWS\System32\TuneUpDefragService.exe (file missing) O23 - Service: Virtual Disk Service (vds) - Unknown owner - D:\WINDOWS\System32\vds.exe (file missing) O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - D:\WINDOWS\System32\vssvc.exe (file missing) O23 - Service: WMI Performance Adapter (WmiApSrv) - Unknown owner - D:\WINDOWS\system32\wbem\wmiapsrv.exe (file missing) -- End of file - 16206 bytes Muchas gracias, Eugirne de Bariloche, Argentina |
|
| sin valorar | Mie May 21, 2008 1:30 pm |
|
Tu log esta limpio.
El tema de lentitud es por el monton de antivirus residentes y servicios que carga tu maquina en el inicio, pero no es tema de virus. Vola el Panda que chupa como bestia e instala el Avira y de los demas deja solo el SuperAntiSpyware Despues corre el CCleaner: Limpiador y Registro hasta que tire limpio y anda a Herramientas, Inicio y deja solo lo imprescindible, lo demas se carga cuando ejecutas el programa no es necesario por ejemplo Adobe en el inicio. |
|
| comentario del autor | Mie May 21, 2008 5:42 pm |
|
por vuestra respuesta, ahora me que tranqui, hice los pasos que me indicaste, respecto al antivirus, no es facil encontrar uno que trabaje con xp 64x, todos corren en XP 32x y Vista sea este en 32 o 64x, lo unico que consegui fue el Panda, aunque se que es bastante pesado, pero a caballo regalado no se le mira los dientes.
Tenia antes el kaspersky, pero problema con la llaves, despues puse el Nod 32, y no agarraba un Virus, despues puse el Norton Segurity y no corria en xp 64x, y este que me indicas no lo conocia. el Panda lo tengo con licencia 1 año real. Bueno te agradezco toda tu ayuda. Eugirne de Bariloche - Argentina |
|
|
|
|
