Os envio el report del Karpersky que indica que algo que le pasa a mi PC para que me ayudeis a sanarlo.

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Monday, September 17, 2007 3:16:20 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.93.1
Kaspersky Anti-Virus database last update: 17/09/2007
Kaspersky Anti-Virus database records: 419725
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\

Scan Statistics:
Total number of scanned objects: 98711
Number of viruses found: 5
Number of infected objects: 17
Number of suspicious objects: 0
Duration of the scan process: 01:07:17

Infected Object Name / Virus Name / Last Action
C:\Archivos de programa\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped
C:\Archivos de programa\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped
C:\Archivos de programa\Alwil Software\Avast4\DATA\integ\avast.int Object is locked skipped
C:\Archivos de programa\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped
C:\Archivos de programa\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped
C:\Archivos de programa\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped
C:\Archivos de programa\Alwil Software\Avast4\DATA\report\Protección residente.txt Object is locked skipped
C:\Documents and Settings\All Users\Datos de programa\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Datos de programa\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Historial\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\usuario\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\usuario\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\usuario\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\usuario\Configuración local\Datos de programa\Mozilla\Firefox\Profiles\n1z0hd7r.default \Cache\A225276Fd01/EXE-file/stream/data0009 Infected: not-a-virus:FraudTool.Win32.SpywareSecure.a skipped
C:\Documents and Settings\usuario\Configuración local\Datos de programa\Mozilla\Firefox\Profiles\n1z0hd7r.default \Cache\A225276Fd01/EXE-file/stream Infected: not-a-virus:FraudTool.Win32.SpywareSecure.a skipped
C:\Documents and Settings\usuario\Configuración local\Datos de programa\Mozilla\Firefox\Profiles\n1z0hd7r.default \Cache\A225276Fd01/EXE-file Infected: not-a-virus:FraudTool.Win32.SpywareSecure.a skipped
C:\Documents and Settings\usuario\Configuración local\Datos de programa\Mozilla\Firefox\Profiles\n1z0hd7r.default \Cache\A225276Fd01 Embedded EXE: infected - 3 skipped
C:\Documents and Settings\usuario\Configuración local\Datos de programa\Mozilla\Firefox\Profiles\n1z0hd7r.default \Cache\A225276Fd01 UPX: infected - 3 skipped
C:\Documents and Settings\usuario\Configuración local\Datos de programa\Mozilla\Firefox\Profiles\n1z0hd7r.default \Cache\A225276Fd01 PE_Patch.UPX: infected - 3 skipped
C:\Documents and Settings\usuario\Configuración local\Datos de programa\Mozilla\Firefox\Profiles\n1z0hd7r.default \Cache\_CACHE_001_ Object is locked skipped
C:\Documents and Settings\usuario\Configuración local\Datos de programa\Mozilla\Firefox\Profiles\n1z0hd7r.default \Cache\_CACHE_002_ Object is locked skipped
C:\Documents and Settings\usuario\Configuración local\Datos de programa\Mozilla\Firefox\Profiles\n1z0hd7r.default \Cache\_CACHE_003_ Object is locked skipped
C:\Documents and Settings\usuario\Configuración local\Datos de programa\Mozilla\Firefox\Profiles\n1z0hd7r.default \Cache\_CACHE_MAP_ Object is locked skipped
C:\Documents and Settings\usuario\Configuración local\Historial\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\usuario\Configuración local\Historial\History.IE5\MSHist0120070917200709 18\index.dat Object is locked skipped
C:\Documents and Settings\usuario\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\usuario\Datos de programa\Mozilla\Firefox\Profiles\n1z0hd7r.default \cert8.db Object is locked skipped
C:\Documents and Settings\usuario\Datos de programa\Mozilla\Firefox\Profiles\n1z0hd7r.default \history.dat Object is locked skipped
C:\Documents and Settings\usuario\Datos de programa\Mozilla\Firefox\Profiles\n1z0hd7r.default \key3.db Object is locked skipped
C:\Documents and Settings\usuario\Datos de programa\Mozilla\Firefox\Profiles\n1z0hd7r.default \parent.lock Object is locked skipped
C:\Documents and Settings\usuario\Datos de programa\Mozilla\Firefox\Profiles\n1z0hd7r.default \search.sqlite Object is locked skipped
C:\Documents and Settings\usuario\Datos de programa\Mozilla\Firefox\Profiles\n1z0hd7r.default \urlclassifier2.sqlite Object is locked skipped
C:\Documents and Settings\usuario\Datos de programa\SPAMfighter\Logs\Agent.log.txt Object is locked skipped
C:\Documents and Settings\usuario\ntuser.dat Object is locked skipped
C:\Documents and Settings\usuario\ntuser.dat.LOG Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{B12DEC43-8390-46E7-B0D9-A8AA43D75647}\RP15\A0005663.exe Infected: not-a-virus:FraudTool.Win32.Takedawnload.a skipped
C:\System Volume Information\_restore{B12DEC43-8390-46E7-B0D9-A8AA43D75647}\RP16\A0006649.exe Infected: not-a-virus:FraudTool.Win32.Takedawnload.a skipped
C:\System Volume Information\_restore{B12DEC43-8390-46E7-B0D9-A8AA43D75647}\RP17\A0006922.exe Infected: not-a-virus:FraudTool.Win32.Takedawnload.a skipped
C:\System Volume Information\_restore{B12DEC43-8390-46E7-B0D9-A8AA43D75647}\RP28\A0009160.exe Infected: not-a-virus:FraudTool.Win32.Takedawnload.a skipped
C:\System Volume Information\_restore{B12DEC43-8390-46E7-B0D9-A8AA43D75647}\RP39\A0016222.exe Infected: Backdoor.Win32.IRCBot.acc skipped
C:\System Volume Information\_restore{B12DEC43-8390-46E7-B0D9-A8AA43D75647}\RP39\A0016480.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.a skipped
C:\System Volume Information\_restore{B12DEC43-8390-46E7-B0D9-A8AA43D75647}\RP48\A0020112.exe Infected: Backdoor.Win32.IRCBot.acc skipped
C:\System Volume Information\_restore{B12DEC43-8390-46E7-B0D9-A8AA43D75647}\RP48\change.log Object is locked skipped
C:\System Volume Information\_restore{B12DEC43-8390-46E7-B0D9-A8AA43D75647}\RP5\A0000781.exe Infected: not-a-virus:FraudTool.Win32.Takedawnload.a skipped
C:\System Volume Information\_restore{B12DEC43-8390-46E7-B0D9-A8AA43D75647}\RP6\A0001808.exe/data0006/data0011 Infected: not-a-virus:AdTool.Win32.WhenU.a skipped
C:\System Volume Information\_restore{B12DEC43-8390-46E7-B0D9-A8AA43D75647}\RP6\A0001808.exe/data0006 Infected: not-a-virus:AdTool.Win32.WhenU.a skipped
C:\System Volume Information\_restore{B12DEC43-8390-46E7-B0D9-A8AA43D75647}\RP6\A0001808.exe NSIS: infected - 2 skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\Internet Logs\509C9EDE9A2E4FB.ldb Object is locked skipped
C:\WINDOWS\Internet Logs\fwdbglog.txt Object is locked skipped
C:\WINDOWS\Internet Logs\fwpktlog.txt Object is locked skipped
C:\WINDOWS\Internet Logs\IAMDB.RDB Object is locked skipped
C:\WINDOWS\Internet Logs\tvDebug.log Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{56F4AB 73-3E07-4D7B-8C2F-CDFFD8D53AFF}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.lo g Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\ACEEvent.evt Object is locked skipped
C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MA P Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MA P Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DAT A Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\Perflib_Perfdata_694.dat Object is locked skipped
C:\WINDOWS\Temp\ZLT04897.TMP Object is locked skipped
C:\WINDOWS\Temp\ZLT0489a.TMP Object is locked skipped
C:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.
Gracias

Hola altoyclaro bienvenid@ al Foro

Realiza lo Siguiente:

Apaga Restaurar Sistema (http://www.forospyware.com/292280-post2.html)

Ahora Elimina los Siguientes Archivos: ( Si no se dejan Eliminar usa FileAssasin (http://www.forospyware.com/t68195.html#post298547)): (ojo solo los que marco con rojo)

C:\Documents and Settings\usuario\Configuración local\Datos de programa\Mozilla\Firefox\Profiles\n1z0hd7r.default \Cache\A225276Fd01
C:\System Volume Information\_restore{B12DEC43-8390-46E7-B0D9-A8AA43D75647}\RP6\A0001808.exe

Luego Prendes REstaurar Sistema


Sigue el enlace de aca -------->"11 Pasos para eliminar Spyware" (http://www.forospyware.com/9-post1.html) (excepto el paso 10)
NOta: en el paso 7 realiza el escaneo online con el:

ewido (http://www.forospyware.com/foro-de-virus-y-spywares/aviso-7.html)(dale click a remove infections) y

kaspersky (http://www.forospyware.com/foro-de-virus-y-spywares/aviso-7.html) (nos pegas el reporte)

Por favor vuelve y comentanos como te fue

Salu2
:adios:

Andres

Amigo ADRESMIX:No consigo localizar en mi PC los archivos que me indicas .
Ni el C:\Documents & setting...\A225...etc,ni el C:\System Volume Information...\A000...etc,a pesar de que aparecen en el report del Kaspersky ¿?

hola..

la carpeta system_volume esta oculta y protegida por el sistema, en ella se guardan los punto de restauracion del sistema por lo que no podras acceder a ella..

para vaciarla simplemente apaga y luego prende la opcion restaurar sistema.

Entonces amigos andresmix y axl456,¿cual es la solucion,porque la infeccion,al parecer, sigue?

Entonces amigos andresmix y axl456,¿cual es la solucion,porque la infeccion,al parecer, sigue?


Hola realizaste los 11 pasos que te mencionaba mas arriba???
Eliminaste todos los archivos que te habian señalado???
Realizaste lo que axl456 te sugirio???
Realiza un escaneo con Panda Active Scan (http://www.forospyware.com/foro-de-virus-y-spywares/aviso-7.html)y nos pegas el reporte para analizarlo
COmentanos si los problemas siguen
:adios: