Ver la Versión Completa : Problemazo posible virus (vundo)
Hace dias que tengo varios problemas con mi sistema.Aparente mente tengo el vundo , lo cual trate de eliminar y no quiere , ademas habia instalado el SuperAntiSpyware , tremendo problema , lo que hizo fue empeorar la situacion y para colmo no se quiere desinstalar y cuando trato de ver paginas como estas para buscar informacion y solucionar el problema cierra el Iexplorer automaticamente.
Actualmente estoi utilizando el Ares 2.0.9 enves de el Iexplorer , ya que si trato de bajar algun programa de anti troyan , antispyware , malware o antivirus por medio de la una pagina cancela la instalacion automaticamente..
Que puedo hacer?
Toda ayuda sera agradecida..Gracias
"El Dutche" 19/07/07, 00:03:24 Hola ! Por favor decime para entender un poco mejor, todos los síntomas de infección q tiene tu pc.
Gracias por contestar rapidamente..
Primeramente cuando sube la Pc el avast aviza q tiene un troyano.(el cual nunca puede eliminar)aparentemente es el vundo..
1.He notado q la Pc esta mas lenta
2.Cada vez que uso el explorador o descargo un archivo(programa) q sea para borarlo lo cancela automaticamente.
3.Y trato de borarlo manualmente pero no lo permite.
4.Ademas ahora me acabo de dar cuenta q haun asi bajando los programas del Ares no deja abrirlos..Ya he Intentando bajar el Hijack para postearlo , pero ya tedije, no deja abrir nada ...
MoonNightWalker 19/07/07, 00:46:33 Tal parece que es menudo problema, personalmente nunca a infectado mi equipo, sin embargo, si es el que se encuentra reportado se trata de un trojano, no se que vacuna tenas actualmente, pero McAffe presenta un reporte en su página http://vil.nai.com/vil/content/v_127690.htm
y Symantec tambien hace lo suyo http://www.symantec.com/es/mx/home_homeoffice/security_response/writeup.jsp?docid=2004-112210-3747-99
también encontré concejos en un anterior foro: http://www.forospyware.com/t14727.html y aquí
http://alerta-antivirus.red.es/virus/detalle_virus.html?cod=4489 y aquí
http://www.noticias24.com/tecnologia/?p=440
La verdad no se si y has seguido todos estos concenjos, espero que te sirvan de algo -_-, si es posible lanza mas detalles
"El Dutche" 19/07/07, 01:05:46 A ver, sugiero q trates de hacer un escaneo con estos 2 antivirus online:
- Ewido (una vez q termina de escanear y si encontró algo, clickea en Remove Infections). [Manual] (http://www.forospyware.com/t42048.html)
- Kaspersky (una vez q termina de escanear, péganos el reporte q te dé aquí, para su posterior análisis). [Manual] (http://www.forospyware.com/t55793.html)
Abrazo y espero el reporte...
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Thursday, July 19, 2007 6:24:38 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.93.0
Kaspersky Anti-Virus database last update: 19/07/2007
Kaspersky Anti-Virus database records: 365212
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\
Scan Statistics:
Total number of scanned objects: 265270
Number of viruses found: 6
Number of infected objects: 18
Number of suspicious objects: 0
Duration of the scan process: 04:03:14
Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Support\MPLog-12072006-003306.log Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Owner\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Owner\Desktop\Audio e Imagen\Diseño\JAVA\pop up loko.txt Infected: not-virus:BadJoke.JS.RJump skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows Defender\FileTracker\{236D8827-930B-4ADA-A5AC-4CBDC8B44ACF} Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\Perflib_Perfdata_53c.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\~DF290.tmp Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Owner\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Owner\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\integ\avast.int Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcrst.dll Object is locked skipped
C:\RECYCLER\S-1-5-21-2449531179-1670228699-940634455-1003\Dc17.bad Infected: Trojan-Downloader.Win32.Delf.amb skipped
C:\System Volume Information\catalog.wci\00000002.ps1 Object is locked skipped
C:\System Volume Information\catalog.wci\00000002.ps2 Object is locked skipped
C:\System Volume Information\catalog.wci\00010005.ci Object is locked skipped
C:\System Volume Information\catalog.wci\cicat.fid Object is locked skipped
C:\System Volume Information\catalog.wci\cicat.hsh Object is locked skipped
C:\System Volume Information\catalog.wci\CiCL0001.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiP10000.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiP20000.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiPT0000.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiSL0001.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiSP0000.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiST0000.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiVP0000.000 Object is locked skipped
C:\System Volume Information\catalog.wci\INDEX.000 Object is locked skipped
C:\System Volume Information\catalog.wci\propstor.bk1 Object is locked skipped
C:\System Volume Information\catalog.wci\propstor.bk2 Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP21\A0008009.dll Infected: Trojan-Downloader.Win32.Delf.amb skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP31\A0010362.ini Infected: Trojan-Downloader.Win32.Delf.amb skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP31\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{30D299 0C-4D65-4221-9294-6EE53D932570}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.lo g Object is locked skipped
C:\WINDOWS\system32\avdlpfxl.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kb skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\cbabdcdcbcbace.dll Object is locked skipped
C:\WINDOWS\system32\clcrb.log Infected: Packed.Win32.Klone.g skipped
C:\WINDOWS\system32\clk.dll Infected: Trojan-Downloader.Win32.Delf.amb skipped
C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\dkwbgghs.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kb skipped
C:\WINDOWS\system32\edcnxrjq.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kb skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\jwbgmeei.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kb skipped
C:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped
C:\WINDOWS\system32\mkmfutnn.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kb skipped
C:\WINDOWS\system32\pgbaytae.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kb skipped
C:\WINDOWS\system32\rahcdqfc.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kb skipped
C:\WINDOWS\system32\rqdnkrsq.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kb skipped
C:\WINDOWS\system32\tkhlewfi.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kb skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MA P Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MA P Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DAT A Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\system32\wudb.dll Infected: Trojan-Downloader.Win32.Wswu.a skipped
C:\WINDOWS\Temp\Cookies\index.dat Object is locked skipped
C:\WINDOWS\Temp\History\History.IE5\index.dat Object is locked skipped
C:\WINDOWS\Temp\Perflib_Perfdata_5cc.dat Object is locked skipped
C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
F:\Instalaciones\photo shop 10\adobe adobe photoshop cs3 serial keygen.zip/Adobe Adobe Photoshop CS3.exe Infected: Trojan-Proxy.Win32.Agent.lu skipped
F:\Instalaciones\photo shop 10\adobe adobe photoshop cs3 serial keygen.zip ZIP: infected - 1 skipped
F:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
Scan process completed.
"El Dutche" 19/07/07, 18:54:32 Hola de nuevo ! :Bien:
Sugiero q hagas estos pasos en este orden y sin saltearte ninguno:
1) Descarga e instala y/o actualiza estos programas (no los ejecutes aún).
- SUPERAntiSpyware (http://www.infospyware.com/Anti-Spywares.htm)
- VundoFix.exe (http://www.infospyware.com/Anti-Malwares.htm)
- ComboFix.exe (http://www.infospyware.com/Anti-Malwares.htm)
y guárdala en el escritorio de Windows.
- CCleaner (http://www.infospyware.com/Herramientas.htm) [Manual] (http://www.forospyware.com/t39511.html)
2) A continuación:
- Apaga Restaurar Sistema (http://www.forospyware.com/292280-post2.html).
- Activa Ver Archivos Ocultos (http://www.forospyware.com/292282-post3.html).
- Inicia tu pc en Modo Seguro (http://www.forospyware.com/292284-post4.html).
3) A continuación ejecuta en este orden:
- SUPERAntiSpyware
- VundoFix.exe
Originalmente publicado por El Piedra
*Nota* Para ejecutar la herramienta VundoFix.exe sigua estos pasos
Hacer Doble-click al archivo VundoFix.exe para activarlo.
Marque la casilla - "Run VundoFix as a task".
Recibirá un mensaje que dice que el programa se cerrara y que abrira nuevamente en un minuto o menos. Déle ACEPTAR.
Cuando VundoFix abre nuevamente, presione el botón "Scan for Vundo"
Una vez que termina la exploración, presione el botón "Remove Vundo"
Recibirá un mensaje preguntado si desea quitar los archivos y ponerle YES
Una vez presionado YES su escritorio parpadeara en blanco ya que esta quitando el parasito.
Cuando termina presionar en OK para reiniciar el equipo en modo normal.
- ComboFix.exe y para ejecutarlo hacé esto:
Hace doble-click en el archivo combofix.exe y seguí los avisos. Cuando termine este generara un reporte que tendrías que pegar aquí en este post así lo analizamos.
Nota: Puede que algunos Antivirus como Panda detecten un falso positivo en ComboFix pero no hay que preocuparse por esto.
Por último, elimina los BackUps del VundoFix y también al VundoFix.
- CCleaner, y usa su opción "Limpiador" para eliminar cookies y temporales. Luego usa la opción "Registro", para limpiar toda basura q haya en el registro de Windows (antes, realiza una copia de seguridad).
4) Reinicia en Modo Normal.
5) Activa Restaurar Sistema y desactiva Ver Archivos Ocultos
6) Pásale a estos 2 antivirus online a tu pc:
- Ewido (una vez q termina de escanear, clickea en Remove Infections). [Manual] (http://www.forospyware.com/t42048.html)
- Kaspersky (una vez q termina de escanear, péganos el reporte q te dé aquí, para su posterior análisis). [Manual] (http://www.forospyware.com/t55793.html)
Nota: Es MUY importante q me pegues el nuevo reporte del Kaspersky aquí.
Abrazo y comentame como te fue.
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Friday, July 20, 2007 8:52:23 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.93.0
Kaspersky Anti-Virus database last update: 21/07/2007
Kaspersky Anti-Virus database records: 365968
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
A:\
C:\
D:\
E:\
G:\
H:\
I:\
J:\
Scan Statistics:
Total number of scanned objects: 212032
Number of viruses found: 5
Number of infected objects: 23
Number of suspicious objects: 0
Duration of the scan process: 02:19:00
Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Support\MPLog-12072006-003306.log Object is locked skipped
C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp Object is locked skipped
C:\Documents and Settings\All Users\DRM\drmstore.hds Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\UserData\index.dat Object is locked skipped
C:\Documents and Settings\Owner\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Owner\Desktop\Audio e Imagen\Diseño\JAVA\pop up loko.txt Infected: not-virus:BadJoke.JS.RJump skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Messenger\dudle19@hotmail.com\Shari ngMetadata\Logs\Dfsr00005.log Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Messenger\dudle19@hotmail.com\Shari ngMetadata\pending.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Messenger\dudle19@hotmail.com\Shari ngMetadata\Working\database_6A54_6D3D_546D_D5F\dfs r.db Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Messenger\dudle19@hotmail.com\Shari ngMetadata\Working\database_6A54_6D3D_546D_D5F\fsr .log Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Messenger\dudle19@hotmail.com\Shari ngMetadata\Working\database_6A54_6D3D_546D_D5F\fsr tmp.log Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Messenger\dudle19@hotmail.com\Shari ngMetadata\Working\database_6A54_6D3D_546D_D5F\tmp .edb Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows Defender\FileTracker\{3A449EA2-F27F-45DA-999F-B2C6860AA8E5} Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows Live Contacts\dudle19@hotmail.com\real\members.stg Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows Live Contacts\dudle19@hotmail.com\shadow\members.stg Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\gnakhtmz.default\Cac he\_CACHE_001_ Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\gnakhtmz.default\Cac he\_CACHE_002_ Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\gnakhtmz.default\Cac he\_CACHE_003_ Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\gnakhtmz.default\Cac he\_CACHE_MAP_ Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\History\History.IE5\MSHist012007072020070 721\index.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\Perflib_Perfdata_c10.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\~DF8240.tmp Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\~DF838D.tmp Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\~DFBE9B.tmp Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\~DFBEDC.tmp Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\EV27JK8S\46a11b7c38afd9ac[1].png Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\EV27JK8S\46a11bd5e8a4e8d2[1].png Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\QK9A111P\2023619089_thumb2[1].jpg Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\QZCA7J3H\V11843449402300010001[1].mp3 Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\RNLBPPKB\crossdomain[1].xml Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\VJP8WWPG\std_068fc92c6d1f7a885ad 75d5749b5fd50[1].mp3 Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\ZAX86IQD\widget_8[1].swf Object is locked skipped
C:\Documents and Settings\Owner\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Owner\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\integ\avast.int Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\report\Protección residente.txt Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcrst.dll Object is locked skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\avdlpfxl.d ll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kb skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\dkwbgghs.d ll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kb skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\edcnxrjq.d ll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kb skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\jwbgmeei.d ll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kb skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\mkmfutnn.d ll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kb skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\pgbaytae.d ll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kb skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\rahcdqfc.d ll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kb skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\rqdnkrsq.d ll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kb skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\tkhlewfi.d ll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kb skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP21\A0008009.dll Infected: Trojan-Downloader.Win32.Delf.amb skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP31\A0010396.dll Infected: Trojan-Downloader.Win32.Delf.amb skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP31\A0010406.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kb skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP31\A0010407.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kb skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP31\A0010408.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kb skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP31\A0010409.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kb skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP31\A0010410.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kb skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP31\A0010411.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kb skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP31\A0010412.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kb skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP31\A0010413.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kb skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP31\A0010414.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kb skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP32\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.lo g Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\clcrb.log Infected: Packed.Win32.Klone.g skipped
C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MA P Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MA P Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DAT A Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\system32\wudb.dll Infected: Trojan-Downloader.Win32.Wswu.a skipped
C:\WINDOWS\Temp\Cookies\index.dat Object is locked skipped
C:\WINDOWS\Temp\History\History.IE5\index.dat Object is locked skipped
C:\WINDOWS\Temp\Perflib_Perfdata_5d4.dat Object is locked skipped
C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
D:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP32\change.log Object is locked skipped
Scan was interrupted by user!
"El Dutche" 20/07/07, 21:14:17 Hola !
Hacé esto ahora:
1) Activa ver archivos ocultos (http://www.forospyware.com/t68195.html) y luego reinicia tu pc en modo a prueba de fallos (http://www.forospyware.com/t68195.html) y busca y elimina manualmente a este archivo:
C:\WINDOWS\system32\wudb.dll
Si no se deja eliminar utiliza para hacerlo al FileASSASSIN (http://www.infospyware.com/Herramientas.htm) y si no se deja eliminar con el FileASSASSIN, eliminalo con el KillBox (http://www.forospyware.com/t68195.html).
2) Reinicia en modo normal.
3) Desactiva restaurar sistema.
4) Activa restaurar sistema.
5) Hacé un nuevo escaneo con el Kaspersky online y pégame aquí el nuevo reporte q te dé.
Nota: No sé porq interrumpistes el escaneo con el Kaspersky, pero tratá de no interrumpir este nuevo escaneo q te pido, así nos aseguramos bien de eliminar toda infección. :Bien:
Perdona por interumpir el scaneo , pero tarda mas q una carabana de cojos..
"El Dutche" 20/07/07, 21:30:38 Perdona por interumpir el scaneo, pero tarda mas q una carabana de cojos..
Jajaja, hazlo con paciencia mi amigo. Es por tu seguridad. :afirmar: :Bien:
Bueno la Computadora ya corre bien( bastante desente para ser la mia).ya puedo ver el foro y otras paginas desde el IExplorer.Al igual q instalar los programas.Aqui te dejo el ultimo reporte ..Aver como anda la pasiente.
Yo tengo 2 discos C; y F; , en el C: esta el sistema operativo y algunos prgramas , en el F: solo hay artes y diseños ya que trabajo de artista grafico.
Elimine el F; para el escaneo ya q nunca he bajado nada en ese disco, nunca ha dado problema y cada ves q hago un escaneo nunca a salido nada..
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Friday, July 20, 2007 11:20:01 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.93.0
Kaspersky Anti-Virus database last update: 21/07/2007
Kaspersky Anti-Virus database records: 366011
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - Folders:
C:\!KillBox\
C:\audio\
C:\cmdcons\
C:\Documents and Settings\All Users\
C:\Documents and Settings\Default User\
C:\Documents and Settings\LocalService\
C:\Documents and Settings\NetworkService\
C:\Documents and Settings\Owner\Application Data\
C:\Documents and Settings\Owner\backup\
C:\Documents and Settings\Owner\Contacts\
C:\Documents and Settings\Owner\Cookies\
C:\Documents and Settings\Owner\Favorites\
C:\Documents and Settings\Owner\Incomplete\
C:\Documents and Settings\Owner\Local Settings\
C:\Documents and Settings\Owner\My Documents\
C:\Documents and Settings\Owner\My Recent Documents\
C:\Documents and Settings\Owner\NetHood\
C:\Documents and Settings\Owner\PrintHood\
C:\Documents and Settings\Owner\SendTo\
C:\Documents and Settings\Owner\Start Menu\
C:\Documents and Settings\Owner\Templates
C:\Documents and Settings\Owner\UserData\
C:\Documents and Settings\Owner\WINDOWS\
C:\hp\
C:\Intel\
C:\Internet Explorer\
C:\MSOCache\
C:\My Downloads\
C:\My Music\
C:\My Pictures\
C:\Program Files\Alwil Software\
C:\Program Files\BackWeb\
C:\Program Files\Bonjour\
C:\Program Files\CCleaner\
C:\Program Files\CD to MP3 Ripper\
C:\Program Files\Common Files\
C:\Program Files\CyberLink\
C:\Program Files\DivX\
C:\Program Files\DivXCodec\
C:\Program Files\Easy Internet signup\
C:\Program Files\EasyXSoft\
C:\Program Files\Google\
C:\Program Files\GooglePreviewIE Toolbar\
C:\Program Files\HighMAT CD Writing Wizard\
C:\Program Files\HP\
C:\Program Files\HP Instant Support\
C:\Program Files\InstallShield Installation Information\
C:\Program Files\IntelliMover Data Transfer Demo\
C:\Program Files\Internet Explorer\
C:\Program Files\Java\
C:\Program Files\Microsoft AntiSpyware\
C:\Program Files\microsoft frontpage\
C:\Program Files\Microsoft Works\
C:\Program Files\Movie Maker\
C:\Program Files\Mozilla Firefox\
C:\Program Files\MSN Gaming Zone\
C:\Program Files\MSN Messenger\
C:\Program Files\MTV Networks\
C:\Program Files\MuvExToE\
C:\Program Files\NetMeeting\
C:\Program Files\NimoCodec Pack\
C:\Program Files\Outlook Express\
C:\Program Files\PC-Doctor for Windows\
C:\Program Files\Quicknation\
C:\Program Files\QuickTime\
C:\Program Files\RecordNow!\
C:\Program Files\SDVDRIP190\
C:\Program Files\Spybot - Search & Destroy\
C:\Program Files\SUPERAntiSpyware\
C:\Program Files\Uninstall Information\
C:\Program Files\Updates from HP\
C:\Program Files\vg\
C:\Program Files\Winamp\
C:\Program Files\Windows Defender\
C:\Program Files\Windows Media Connect 2\
C:\Program Files\Windows Media Player\
C:\Program Files\Windows NT\
C:\Program Files\WindowsUpdate\
C:\Program Files\WinZip\
C:\Program Files\xerox\
C:\Program Files\XP Codec Pack\
C:\Program Files\XviD\
C:\Program Files\Yahoo!\
C:\Python22\
C:\QooBox\
C:\RECYCLER\
C:\Start Menu\
C:\sysprep\
C:\System Volume Information\
C:\system.sav\
C:\temp\
C:\VundoFix Backups\
C:\wamp\
C:\WINDOWS\
Scan Statistics:
Total number of scanned objects: 96245
Number of viruses found: 4
Number of infected objects: 25
Number of suspicious objects: 0
Duration of the scan process: 01:14:26
Infected Object Name / Virus Name / Last Action
C:\!KillBox\wudb.dll Infected: Trojan-Downloader.Win32.Wswu.a skipped
C:\!KillBox\wudb.dll( 1) Infected: Trojan-Downloader.Win32.Wswu.a skipped
C:\!KillBox\wudb.dll( 2) Infected: Trojan-Downloader.Win32.Wswu.a skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Support\MPLog-12072006-003306.log Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Owner\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Messenger\dudle19@hotmail.com\Shari ngMetadata\Logs\Dfsr00005.log Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Messenger\dudle19@hotmail.com\Shari ngMetadata\pending.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Messenger\dudle19@hotmail.com\Shari ngMetadata\Working\database_6A54_6D3D_546D_D5F\dfs r.db Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Messenger\dudle19@hotmail.com\Shari ngMetadata\Working\database_6A54_6D3D_546D_D5F\fsr .log Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Messenger\dudle19@hotmail.com\Shari ngMetadata\Working\database_6A54_6D3D_546D_D5F\fsr tmp.log Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Messenger\dudle19@hotmail.com\Shari ngMetadata\Working\database_6A54_6D3D_546D_D5F\tmp .edb Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows Defender\FileTracker\{C37D9A9B-E763-492F-8E8C-DE790044C03B} Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows Live Contacts\dudle19@hotmail.com\real\members.stg Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows Live Contacts\dudle19@hotmail.com\shadow\members.stg Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\History\History.IE5\MSHist012007072020070 721\index.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\~DF3975.tmp Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\~DF3FE6.tmp Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\~DF5D81.tmp Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\~DF5DAC.tmp Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\403JXJZY\l_52cf2ec95bc28d4c426d7 41ed0ad9e29[1].jpg Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\integ\avast.int Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\report\Protección residente.txt Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcrst.dll Object is locked skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\avdlpfxl.d ll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kb skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\dkwbgghs.d ll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kb skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\edcnxrjq.d ll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kb skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\jwbgmeei.d ll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kb skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\mkmfutnn.d ll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kb skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\pgbaytae.d ll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kb skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\rahcdqfc.d ll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kb skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\rqdnkrsq.d ll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kb skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\tkhlewfi.d ll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kb skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP21\A0008009.dll Infected: Trojan-Downloader.Win32.Delf.amb skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP31\A0010396.dll Infected: Trojan-Downloader.Win32.Delf.amb skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP31\A0010406.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kb skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP31\A0010407.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kb skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP31\A0010408.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kb skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP31\A0010409.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kb skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP31\A0010410.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kb skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP31\A0010411.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kb skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP31\A0010412.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kb skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP31\A0010413.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kb skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP31\A0010414.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kb skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP33\A0010760.dll Infected: Trojan-Downloader.Win32.Wswu.a skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP33\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{33F612 DF-927C-4850-83F7-BFDDC1CE5B4C}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.lo g Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\clcrb.log Infected: Packed.Win32.Klone.g skipped
C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MA P Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MA P Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DAT A Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\Cookies\index.dat Object is locked skipped
C:\WINDOWS\Temp\History\History.IE5\index.dat Object is locked skipped
C:\WINDOWS\Temp\Perflib_Perfdata_5bc.dat Object is locked skipped
C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
Scan process completed.
| |