YOSIMANU
21/04/08, 14:12:09
::ups::HOLA BUENAS A TOD@S!!, os cuento el lineas generales mi problema, aver si me podeis echar una mano, porque sinceramente, no se que hacer... he leido en foro todo lo que hacia referfencia a problemas similares al mio, y he hecho todo lo indicado... y me siguen apareciendo las insoportables ventanas emergentes Cid, honestamente me estoy desesperando y no se ya que hacer; os comento todo lo que he hecho:
- he pasdo el ccleaner, el pasado el limpiador y el registro.
- he desactivado resturar el sistema.
- hice lo indicado para ver los archivos ocultos. (reinicia en prueba de fallos, en ingles es como feilures o algo asi)
- pase el panda online. (yo tengo instalado el norton 360, lo descative como puede)
- pase en otra ronda el Kaspersky on line. los resultado del kaspersky fueron que contenia dos Troyan, asi que los pase con el programa FileASSASSIN y los elimine, pulsano la pestaña "eliminar al reiniciar windows". REINICIE
Despues de esto seguían las ventanas Cid.
Asi que he desinstalado todos las herramientas messenger (plus, live...) y aún asi siguen apareciendo.
ah! tambien instale el superantispyware 4.0; y siempre que lo paso me detecta un virus lo lo elimino en cuarentena. Por otro lado instale el Spywareblaster y me dice que "all protection is anabled and validated. your computer is being protected"... Y el norton 360 también me dice que estoy protegido con seguriadad... así despues de todo esto, os rogaría un ultimo consejo...esto desesperado, uso bastante el ordenador al estar fuera de españa. Os agradeceria que me contestaseis lo mas pronto posible. MIl gracias de antemano. Os dejo a continuacion todos los reportes de los programas que espero que os ayuden.
1: Este es el reporte de HijackThis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:24:29, on 19/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Dell Network Assistant\hnm_svc.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\NetWaiting\netWaiting.exe
C:\PROGRA~1\DELLSU~1\DSAgnt.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
C:\Program Files\VoipCheapCom\VoipCheapCom.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\dlcxcoms.exe
C:\Program Files\Dell Network Assistant\ezi_hnm2.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.es/ig/dell?hl=es&client=dell-row&channel=es&ibd=2070121
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.es/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://support.euro.dell.com/segment.asp?country=es&language=es
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://support.euro.dell.com/segment.asp?country=es&language=es
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.es/ig/dell?hl=es&client=dell-row&channel=es&ibd=2070121
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\sw g.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [DLCXCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCXtim e.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [dupe amok gram atom] C:\Documents and Settings\All Users\Application Data\Once Dog Dupe Amok\Vga Platform.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
O4 - HKCU\..\Run: [DellSupport] "C:\PROGRA~1\DELLSU~1\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
O4 - HKCU\..\Run: [VoipCheapCom] "C:\Program Files\VoipCheapCom\VoipCheapCom.exe" -nosplash -minimized
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [litename] C:\DOCUME~1\MANUSHH\APPLIC~1\HEARTL~1\idol iso.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Dell Network Assistant.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Abrir en nueva ficha de fondo - res://C:\Program Files\Windows Live Toolbar\Components\es-es\msntabres.dll.mui/229?293d3d4f9fe641568e6743fc700f9c84
O8 - Extra context menu item: Abrir en nueva ficha en primer plano - res://C:\Program Files\Windows Live Toolbar\Components\es-es\msntabres.dll.mui/230?293d3d4f9fe641568e6743fc700f9c84
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Enviar a &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/spanish/kavwebscan_unicode.cab
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/cabs/ascstubie.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: dlcx_device - - C:\WINDOWS\system32\dlcxcoms.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Advanced Networking Service (hnmsvc) - SingleClick Systems - C:\Program Files\Dell Network Assistant\hnm_svc.exe
O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: Programador de LiveUpdate automático - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
--
End of file - 14354 bytes
2. reporte del Kaspersky online: relaizado el 18 abril.:
Objetivo a analizar Mi PC
C:\
D:\
E:\
Estadísticas
Número de objeros analizados 122784
Virus encontrados 2
Objetos infectados 2 / 0
Objetos sospechosos 0
Duración del análisis 01:36:04
Bombre del objeto infectado Nombre del virus Última acción
C:\Documents and Settings\Administrator\NTUSER.DAT Object is locked saltado
C:\Documents and Settings\Administrator\ntuser.dat.LOG Object is locked saltado
C:\Documents and Settings\All Users\Application Data\McAfee\MSC\McUsers.dat Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Microsoft\eHome\logs\ehRecvr.log Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked saltado
C:\Documents and Settings\All Users\Application Data\SingleClick Systems\HomeNet Manager\Logs\hnm_svc.log Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\2008-04-18_Log.ALUSchedulerSvc.LiveUpdate Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\index.qbs Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBConfig.log Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBDebug.log Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBDetect.log Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBNotify.log Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBRefr.log Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetCfg.log Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetCfg2.log Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetDev.log Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetLoc.log Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetUsr.log Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBStHash.log Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBValid.log Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\SPPolicy.log Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\SPStart.log Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\SPStop.log Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtErEvt.log Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtETmp\5C82BBEA.TMP Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtETmp\B17D0FC9.TMP Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtMoEvt.log Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtNvEvt.log Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtScEvt.log Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtTxFEvt.log Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtViEvt.log Object is locked saltado
C:\Documents and Settings\All Users\Start Menu\Programs\Descargar programas.exe Infectados: Backdoor.Win32.Hupigon.bnca saltado
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked saltado
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked saltado
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked saltado
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked saltado
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked saltado
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked saltado
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked saltado
C:\Documents and Settings\MANUSHH\Application Data\Gtek\GTUpdate\AUpdate\DellSupport\DSAgnt.log Object is locked saltado
C:\Documents and Settings\MANUSHH\Application Data\Gtek\GTUpdate\AUpdate\DellSupport\DSAgnt_GTAc tions.log Object is locked saltado
C:\Documents and Settings\MANUSHH\Application Data\Gtek\GTUpdate\AUpdate\DellSupport\gdql_d_DSAg nt.log Object is locked saltado
C:\Documents and Settings\MANUSHH\Application Data\Gtek\GTUpdate\AUpdate\DellSupport\glog.log Object is locked saltado
C:\Documents and Settings\MANUSHH\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\AppLogs \SUPERANTISPYWARE-4-18-2008( 0-29-47 ).LOG Object is locked saltado
C:\Documents and Settings\MANUSHH\Cookies\index.dat Object is locked saltado
C:\Documents and Settings\MANUSHH\Local Settings\Application Data\Ares\My Shared Folder\___ARESTRA___04 - tu mejor perfil.mp3 Object is locked saltado
C:\Documents and Settings\MANUSHH\Local Settings\Application Data\Ares\My Shared Folder\___ARESTRA___05 valerie.mp3 Object is locked saltado
C:\Documents and Settings\MANUSHH\Local Settings\Application Data\Ares\My Shared Folder\___ARESTRA___05-mark_ronson-valerie_(feat _amy_winehouse)(2).mp3 Object is locked saltado
C:\Documents and Settings\MANUSHH\Local Settings\Application Data\Ares\My Shared Folder\___ARESTRA___05-mark_ronson-valerie_(feat _amy_winehouse).mp3 Object is locked saltado
C:\Documents and Settings\MANUSHH\Local Settings\Application Data\Ares\My Shared Folder\___ARESTRA___11 - lo principal eres tu.mp3 Object is locked saltado
C:\Documents and Settings\MANUSHH\Local Settings\Application Data\Ares\My Shared Folder\___ARESTRA___17 estelle - american boy [feat kanye west] (prod by will i am).mp3 Object is locked saltado
C:\Documents and Settings\MANUSHH\Local Settings\Application Data\Ares\My Shared Folder\___ARESTRA___dd2.mpg Object is locked saltado
C:\Documents and Settings\MANUSHH\Local Settings\Application Data\Ares\My Shared Folder\___ARESTRA___duffy - mercy.mp3 Object is locked saltado
C:\Documents and Settings\MANUSHH\Local Settings\Application Data\Ares\My Shared Folder\___ARESTRA___hate that i love you.mp3 Object is locked saltado
C:\Documents and Settings\MANUSHH\Local Settings\Application Data\Ares\My Shared Folder\___ARESTRA___jose manuel soto- entre dos aguas.mp3 Object is locked saltado
C:\Documents and Settings\MANUSHH\Local Settings\Application Data\Ares\My Shared Folder\___ARESTRA___man at play - executive pleasures 1 (2007).avi Object is locked saltado
C:\Documents and Settings\MANUSHH\Local Settings\Application Data\Ares\My Shared Folder\___ARESTRA___manu tenorio entenderas 2006 mp3 192kbps www mp3-es com.rar Object is locked saltado
C:\Documents and Settings\MANUSHH\Local Settings\Application Data\Ares\My Shared Folder\___ARESTRA___men at play - private viewing 04.wmv Object is locked saltado
C:\Documents and Settings\MANUSHH\Local Settings\Application Data\Ares\My Shared Folder\___ARESTRA___rita hayworth - put the blame on mame (gilda,1946).mp3 Object is locked saltado
C:\Documents and Settings\MANUSHH\Local Settings\Application Data\Ares\My Shared Folder\___ARESTRA___the office 301 hdtv-lol [vtv].avi Object is locked saltado
C:\Documents and Settings\MANUSHH\Local Settings\Application Data\Ares\My Shared Folder\___ARESTRA___yinynsqfl.mpg Object is locked saltado
C:\Documents and Settings\MANUSHH\Local Settings\Application Data\BVRP Software\NetWaiting\MoHlog.txt Object is locked saltado
C:\Documents and Settings\MANUSHH\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked saltado
C:\Documents and Settings\MANUSHH\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked saltado
C:\Documents and Settings\MANUSHH\Local Settings\History\History.IE5\index.dat Object is locked saltado
C:\Documents and Settings\MANUSHH\Local Settings\History\History.IE5\MSHist012008041820080 419\index.dat Object is locked saltado
C:\Documents and Settings\MANUSHH\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked saltado
C:\Documents and Settings\MANUSHH\NTUSER.DAT Object is locked saltado
C:\Documents and Settings\MANUSHH\ntuser.dat.LOG Object is locked saltado
C:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked saltado
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked saltado
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked saltado
C:\Documents and Settings\NetworkService\Local Settings\History\History.IE5\index.dat Object is locked saltado
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked saltado
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked saltado
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked saltado
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\logs\starwind.2008-04-18.00-27-57.log Object is locked saltado
C:\Program Files\Circle Developement\Uninstall.exe Infectados: Trojan-Dropper.Win32.Agent.lxl saltado
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcrst.dll Object is locked saltado
C:\Program Files\Common Files\Symantec Shared\coShared\WA\1.5\NCOWAD.dat Object is locked saltado
C:\Program Files\Common Files\Symantec Shared\coShared\WA\1.5\NCOWADMT.dat Object is locked saltado
C:\Program Files\Common Files\Symantec Shared\coShared\WA\1.5\NCOWAS.dat Object is locked saltado
C:\Program Files\Common Files\Symantec Shared\coShared\WA\1.5\NCOWAS.ldb Object is locked saltado
C:\Program Files\Common Files\Symantec Shared\EENGINE\EPERSIST.DAT Object is locked saltado
C:\Program Files\Common Files\Symantec Shared\SNDALRT.log Object is locked saltado
C:\Program Files\Common Files\Symantec Shared\SNDCON.log Object is locked saltado
C:\Program Files\Common Files\Symantec Shared\SNDDBG.log Object is locked saltado
C:\Program Files\Common Files\Symantec Shared\SNDFW.log Object is locked saltado
C:\Program Files\Common Files\Symantec Shared\SNDIDS.log Object is locked saltado
C:\Program Files\Common Files\Symantec Shared\SNDSYS.log Object is locked saltado
C:\Program Files\Dell Network Assistant\Logs\ezi_hnm.log Object is locked saltado
C:\Program Files\Norton 360\Log\AutoProtect.log Object is locked saltado
C:\Program Files\Norton 360\Log\AVContext.log Object is locked saltado
C:\Program Files\Norton 360\Log\AVManual.log Object is locked saltado
C:\Program Files\Norton 360\Log\Backup.log Object is locked saltado
C:\Program Files\Norton 360\Log\CUInternetPageViewHistory.log Object is locked saltado
C:\Program Files\Norton 360\Log\CUInternetSearchHistory.log Object is locked saltado
C:\Program Files\Norton 360\Log\CUInternetTempFiles.log Object is locked saltado
C:\Program Files\Norton 360\Log\CUWindowsTempFiles.log Object is locked saltado
C:\Program Files\Norton 360\Log\EmailScan.log Object is locked saltado
C:\Program Files\Norton 360\Log\InternetSecurity.log Object is locked saltado
C:\Program Files\Norton 360\Log\ISIntrusionPrevented.log Object is locked saltado
C:\Program Files\Norton 360\Log\ISIOTraffic.log Object is locked saltado
C:\Program Files\Norton 360\Log\ISNewNetwork.log Object is locked saltado
C:\Program Files\Norton 360\Log\LiveUpdate.log Object is locked saltado
C:\Program Files\Norton 360\Log\NCO.log Object is locked saltado
C:\Program Files\Norton 360\Log\VABrowserSettings.log Object is locked saltado
C:\Program Files\Norton 360\Log\VAIPAddresses.log Object is locked saltado
C:\Program Files\Norton 360\Log\VAWeakPasswords.log Object is locked saltado
C:\Program Files\Norton 360\Log\WDFScanner.log Object is locked saltado
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked saltado
C:\WINDOWS\CSC\00000001 Object is locked saltado
C:\WINDOWS\Debug\PASSWD.LOG Object is locked saltado
C:\WINDOWS\ModemLog_Conexant HDA D110 MDC V.92 Modem.txt Object is locked saltado
C:\WINDOWS\Registration\{02D4B3F1-FD88-11D1-960D-00805FC79235}.{D7098D56-FA1B-4C80-992A-622A7203FCD2}.crmlog Object is locked saltado
C:\WINDOWS\SchedLgU.Txt Object is locked saltado
C:\WINDOWS\SoftwareDistribution\EventCache\{D68C63 49-92B6-4AE7-AC38-29FF8B08F71A}.bin Object is locked saltado
C:\WINDOWS\SoftwareDistribution\ReportingEvents.lo g Object is locked saltado
C:\WINDOWS\Sti_Trace.log Object is locked saltado
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked saltado
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked saltado
C:\WINDOWS\system32\config\ACEEvent.evt Object is locked saltado
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked saltado
C:\WINDOWS\system32\config\DEFAULT Object is locked saltado
C:\WINDOWS\system32\config\default.LOG Object is locked saltado
C:\WINDOWS\system32\config\Media Ce.evt Object is locked saltado
C:\WINDOWS\system32\config\SAM Object is locked saltado
C:\WINDOWS\system32\config\SAM.LOG Object is locked saltado
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked saltado
C:\WINDOWS\system32\config\SECURITY Object is locked saltado
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked saltado
C:\WINDOWS\system32\config\SOFTWARE Object is locked saltado
C:\WINDOWS\system32\config\software.LOG Object is locked saltado
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked saltado
C:\WINDOWS\system32\config\SYSTEM Object is locked saltado
C:\WINDOWS\system32\config\system.LOG Object is locked saltado
C:\WINDOWS\system32\drivers\etc\Hosts.bak Object is locked saltado
C:\WINDOWS\system32\drivers\sptd.sys Object is locked saltado
C:\WINDOWS\system32\h323log.txt Object is locked saltado
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked saltado
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked saltado
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked saltado
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MA P Object is locked saltado
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MA P Object is locked saltado
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DAT A Object is locked saltado
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked saltado
C:\WINDOWS\Temp\cc1D.tmp Object is locked saltado
C:\WINDOWS\Temp\cc1E.tmp Object is locked saltado
C:\WINDOWS\Temp\cc1F.tmp Object is locked saltado
C:\WINDOWS\Temp\cc35.tmp Object is locked saltado
C:\WINDOWS\Temp\cc36.tmp Object is locked saltado
C:\WINDOWS\Temp\cc37.tmp Object is locked saltado
C:\WINDOWS\Temp\cc38.tmp Object is locked saltado
C:\WINDOWS\Temp\JET22E1.tmp Object is locked saltado
C:\WINDOWS\Temp\JET27E2.tmp Object is locked saltado
C:\WINDOWS\Temp\mcmsc_iy6I73wfnezsGc6 Object is locked saltado
C:\WINDOWS\wiadebug.log Object is locked saltado
C:\WINDOWS\wiaservc.log Object is locked saltado
C:\WINDOWS\WindowsUpdate.log Object is locked saltado
Análisis completado.
3. EL programa Superantispyware 4.0 tienes dos intems en curentena, que hago: REMOVE OR RESTORE? o los sigo manteniendo en cuarentena??; se tratan de dos: Adware. Tracking Cookie: manushh@ad.adtoma(2).txt ymanushh@adserver(!).txt
GRACIAS!!:frown:
- he pasdo el ccleaner, el pasado el limpiador y el registro.
- he desactivado resturar el sistema.
- hice lo indicado para ver los archivos ocultos. (reinicia en prueba de fallos, en ingles es como feilures o algo asi)
- pase el panda online. (yo tengo instalado el norton 360, lo descative como puede)
- pase en otra ronda el Kaspersky on line. los resultado del kaspersky fueron que contenia dos Troyan, asi que los pase con el programa FileASSASSIN y los elimine, pulsano la pestaña "eliminar al reiniciar windows". REINICIE
Despues de esto seguían las ventanas Cid.
Asi que he desinstalado todos las herramientas messenger (plus, live...) y aún asi siguen apareciendo.
ah! tambien instale el superantispyware 4.0; y siempre que lo paso me detecta un virus lo lo elimino en cuarentena. Por otro lado instale el Spywareblaster y me dice que "all protection is anabled and validated. your computer is being protected"... Y el norton 360 también me dice que estoy protegido con seguriadad... así despues de todo esto, os rogaría un ultimo consejo...esto desesperado, uso bastante el ordenador al estar fuera de españa. Os agradeceria que me contestaseis lo mas pronto posible. MIl gracias de antemano. Os dejo a continuacion todos los reportes de los programas que espero que os ayuden.
1: Este es el reporte de HijackThis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:24:29, on 19/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Dell Network Assistant\hnm_svc.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\NetWaiting\netWaiting.exe
C:\PROGRA~1\DELLSU~1\DSAgnt.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
C:\Program Files\VoipCheapCom\VoipCheapCom.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\dlcxcoms.exe
C:\Program Files\Dell Network Assistant\ezi_hnm2.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.es/ig/dell?hl=es&client=dell-row&channel=es&ibd=2070121
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.es/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://support.euro.dell.com/segment.asp?country=es&language=es
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://support.euro.dell.com/segment.asp?country=es&language=es
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.es/ig/dell?hl=es&client=dell-row&channel=es&ibd=2070121
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\sw g.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [DLCXCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCXtim e.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [dupe amok gram atom] C:\Documents and Settings\All Users\Application Data\Once Dog Dupe Amok\Vga Platform.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
O4 - HKCU\..\Run: [DellSupport] "C:\PROGRA~1\DELLSU~1\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
O4 - HKCU\..\Run: [VoipCheapCom] "C:\Program Files\VoipCheapCom\VoipCheapCom.exe" -nosplash -minimized
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [litename] C:\DOCUME~1\MANUSHH\APPLIC~1\HEARTL~1\idol iso.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Dell Network Assistant.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Abrir en nueva ficha de fondo - res://C:\Program Files\Windows Live Toolbar\Components\es-es\msntabres.dll.mui/229?293d3d4f9fe641568e6743fc700f9c84
O8 - Extra context menu item: Abrir en nueva ficha en primer plano - res://C:\Program Files\Windows Live Toolbar\Components\es-es\msntabres.dll.mui/230?293d3d4f9fe641568e6743fc700f9c84
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Enviar a &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/spanish/kavwebscan_unicode.cab
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/cabs/ascstubie.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: dlcx_device - - C:\WINDOWS\system32\dlcxcoms.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Advanced Networking Service (hnmsvc) - SingleClick Systems - C:\Program Files\Dell Network Assistant\hnm_svc.exe
O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: Programador de LiveUpdate automático - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
--
End of file - 14354 bytes
2. reporte del Kaspersky online: relaizado el 18 abril.:
Objetivo a analizar Mi PC
C:\
D:\
E:\
Estadísticas
Número de objeros analizados 122784
Virus encontrados 2
Objetos infectados 2 / 0
Objetos sospechosos 0
Duración del análisis 01:36:04
Bombre del objeto infectado Nombre del virus Última acción
C:\Documents and Settings\Administrator\NTUSER.DAT Object is locked saltado
C:\Documents and Settings\Administrator\ntuser.dat.LOG Object is locked saltado
C:\Documents and Settings\All Users\Application Data\McAfee\MSC\McUsers.dat Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Microsoft\eHome\logs\ehRecvr.log Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked saltado
C:\Documents and Settings\All Users\Application Data\SingleClick Systems\HomeNet Manager\Logs\hnm_svc.log Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\2008-04-18_Log.ALUSchedulerSvc.LiveUpdate Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\index.qbs Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBConfig.log Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBDebug.log Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBDetect.log Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBNotify.log Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBRefr.log Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetCfg.log Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetCfg2.log Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetDev.log Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetLoc.log Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetUsr.log Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBStHash.log Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBValid.log Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\SPPolicy.log Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\SPStart.log Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\SPStop.log Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtErEvt.log Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtETmp\5C82BBEA.TMP Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtETmp\B17D0FC9.TMP Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtMoEvt.log Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtNvEvt.log Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtScEvt.log Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtTxFEvt.log Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtViEvt.log Object is locked saltado
C:\Documents and Settings\All Users\Start Menu\Programs\Descargar programas.exe Infectados: Backdoor.Win32.Hupigon.bnca saltado
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked saltado
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked saltado
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked saltado
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked saltado
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked saltado
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked saltado
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked saltado
C:\Documents and Settings\MANUSHH\Application Data\Gtek\GTUpdate\AUpdate\DellSupport\DSAgnt.log Object is locked saltado
C:\Documents and Settings\MANUSHH\Application Data\Gtek\GTUpdate\AUpdate\DellSupport\DSAgnt_GTAc tions.log Object is locked saltado
C:\Documents and Settings\MANUSHH\Application Data\Gtek\GTUpdate\AUpdate\DellSupport\gdql_d_DSAg nt.log Object is locked saltado
C:\Documents and Settings\MANUSHH\Application Data\Gtek\GTUpdate\AUpdate\DellSupport\glog.log Object is locked saltado
C:\Documents and Settings\MANUSHH\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\AppLogs \SUPERANTISPYWARE-4-18-2008( 0-29-47 ).LOG Object is locked saltado
C:\Documents and Settings\MANUSHH\Cookies\index.dat Object is locked saltado
C:\Documents and Settings\MANUSHH\Local Settings\Application Data\Ares\My Shared Folder\___ARESTRA___04 - tu mejor perfil.mp3 Object is locked saltado
C:\Documents and Settings\MANUSHH\Local Settings\Application Data\Ares\My Shared Folder\___ARESTRA___05 valerie.mp3 Object is locked saltado
C:\Documents and Settings\MANUSHH\Local Settings\Application Data\Ares\My Shared Folder\___ARESTRA___05-mark_ronson-valerie_(feat _amy_winehouse)(2).mp3 Object is locked saltado
C:\Documents and Settings\MANUSHH\Local Settings\Application Data\Ares\My Shared Folder\___ARESTRA___05-mark_ronson-valerie_(feat _amy_winehouse).mp3 Object is locked saltado
C:\Documents and Settings\MANUSHH\Local Settings\Application Data\Ares\My Shared Folder\___ARESTRA___11 - lo principal eres tu.mp3 Object is locked saltado
C:\Documents and Settings\MANUSHH\Local Settings\Application Data\Ares\My Shared Folder\___ARESTRA___17 estelle - american boy [feat kanye west] (prod by will i am).mp3 Object is locked saltado
C:\Documents and Settings\MANUSHH\Local Settings\Application Data\Ares\My Shared Folder\___ARESTRA___dd2.mpg Object is locked saltado
C:\Documents and Settings\MANUSHH\Local Settings\Application Data\Ares\My Shared Folder\___ARESTRA___duffy - mercy.mp3 Object is locked saltado
C:\Documents and Settings\MANUSHH\Local Settings\Application Data\Ares\My Shared Folder\___ARESTRA___hate that i love you.mp3 Object is locked saltado
C:\Documents and Settings\MANUSHH\Local Settings\Application Data\Ares\My Shared Folder\___ARESTRA___jose manuel soto- entre dos aguas.mp3 Object is locked saltado
C:\Documents and Settings\MANUSHH\Local Settings\Application Data\Ares\My Shared Folder\___ARESTRA___man at play - executive pleasures 1 (2007).avi Object is locked saltado
C:\Documents and Settings\MANUSHH\Local Settings\Application Data\Ares\My Shared Folder\___ARESTRA___manu tenorio entenderas 2006 mp3 192kbps www mp3-es com.rar Object is locked saltado
C:\Documents and Settings\MANUSHH\Local Settings\Application Data\Ares\My Shared Folder\___ARESTRA___men at play - private viewing 04.wmv Object is locked saltado
C:\Documents and Settings\MANUSHH\Local Settings\Application Data\Ares\My Shared Folder\___ARESTRA___rita hayworth - put the blame on mame (gilda,1946).mp3 Object is locked saltado
C:\Documents and Settings\MANUSHH\Local Settings\Application Data\Ares\My Shared Folder\___ARESTRA___the office 301 hdtv-lol [vtv].avi Object is locked saltado
C:\Documents and Settings\MANUSHH\Local Settings\Application Data\Ares\My Shared Folder\___ARESTRA___yinynsqfl.mpg Object is locked saltado
C:\Documents and Settings\MANUSHH\Local Settings\Application Data\BVRP Software\NetWaiting\MoHlog.txt Object is locked saltado
C:\Documents and Settings\MANUSHH\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked saltado
C:\Documents and Settings\MANUSHH\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked saltado
C:\Documents and Settings\MANUSHH\Local Settings\History\History.IE5\index.dat Object is locked saltado
C:\Documents and Settings\MANUSHH\Local Settings\History\History.IE5\MSHist012008041820080 419\index.dat Object is locked saltado
C:\Documents and Settings\MANUSHH\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked saltado
C:\Documents and Settings\MANUSHH\NTUSER.DAT Object is locked saltado
C:\Documents and Settings\MANUSHH\ntuser.dat.LOG Object is locked saltado
C:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked saltado
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked saltado
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked saltado
C:\Documents and Settings\NetworkService\Local Settings\History\History.IE5\index.dat Object is locked saltado
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked saltado
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked saltado
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked saltado
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\logs\starwind.2008-04-18.00-27-57.log Object is locked saltado
C:\Program Files\Circle Developement\Uninstall.exe Infectados: Trojan-Dropper.Win32.Agent.lxl saltado
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcrst.dll Object is locked saltado
C:\Program Files\Common Files\Symantec Shared\coShared\WA\1.5\NCOWAD.dat Object is locked saltado
C:\Program Files\Common Files\Symantec Shared\coShared\WA\1.5\NCOWADMT.dat Object is locked saltado
C:\Program Files\Common Files\Symantec Shared\coShared\WA\1.5\NCOWAS.dat Object is locked saltado
C:\Program Files\Common Files\Symantec Shared\coShared\WA\1.5\NCOWAS.ldb Object is locked saltado
C:\Program Files\Common Files\Symantec Shared\EENGINE\EPERSIST.DAT Object is locked saltado
C:\Program Files\Common Files\Symantec Shared\SNDALRT.log Object is locked saltado
C:\Program Files\Common Files\Symantec Shared\SNDCON.log Object is locked saltado
C:\Program Files\Common Files\Symantec Shared\SNDDBG.log Object is locked saltado
C:\Program Files\Common Files\Symantec Shared\SNDFW.log Object is locked saltado
C:\Program Files\Common Files\Symantec Shared\SNDIDS.log Object is locked saltado
C:\Program Files\Common Files\Symantec Shared\SNDSYS.log Object is locked saltado
C:\Program Files\Dell Network Assistant\Logs\ezi_hnm.log Object is locked saltado
C:\Program Files\Norton 360\Log\AutoProtect.log Object is locked saltado
C:\Program Files\Norton 360\Log\AVContext.log Object is locked saltado
C:\Program Files\Norton 360\Log\AVManual.log Object is locked saltado
C:\Program Files\Norton 360\Log\Backup.log Object is locked saltado
C:\Program Files\Norton 360\Log\CUInternetPageViewHistory.log Object is locked saltado
C:\Program Files\Norton 360\Log\CUInternetSearchHistory.log Object is locked saltado
C:\Program Files\Norton 360\Log\CUInternetTempFiles.log Object is locked saltado
C:\Program Files\Norton 360\Log\CUWindowsTempFiles.log Object is locked saltado
C:\Program Files\Norton 360\Log\EmailScan.log Object is locked saltado
C:\Program Files\Norton 360\Log\InternetSecurity.log Object is locked saltado
C:\Program Files\Norton 360\Log\ISIntrusionPrevented.log Object is locked saltado
C:\Program Files\Norton 360\Log\ISIOTraffic.log Object is locked saltado
C:\Program Files\Norton 360\Log\ISNewNetwork.log Object is locked saltado
C:\Program Files\Norton 360\Log\LiveUpdate.log Object is locked saltado
C:\Program Files\Norton 360\Log\NCO.log Object is locked saltado
C:\Program Files\Norton 360\Log\VABrowserSettings.log Object is locked saltado
C:\Program Files\Norton 360\Log\VAIPAddresses.log Object is locked saltado
C:\Program Files\Norton 360\Log\VAWeakPasswords.log Object is locked saltado
C:\Program Files\Norton 360\Log\WDFScanner.log Object is locked saltado
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked saltado
C:\WINDOWS\CSC\00000001 Object is locked saltado
C:\WINDOWS\Debug\PASSWD.LOG Object is locked saltado
C:\WINDOWS\ModemLog_Conexant HDA D110 MDC V.92 Modem.txt Object is locked saltado
C:\WINDOWS\Registration\{02D4B3F1-FD88-11D1-960D-00805FC79235}.{D7098D56-FA1B-4C80-992A-622A7203FCD2}.crmlog Object is locked saltado
C:\WINDOWS\SchedLgU.Txt Object is locked saltado
C:\WINDOWS\SoftwareDistribution\EventCache\{D68C63 49-92B6-4AE7-AC38-29FF8B08F71A}.bin Object is locked saltado
C:\WINDOWS\SoftwareDistribution\ReportingEvents.lo g Object is locked saltado
C:\WINDOWS\Sti_Trace.log Object is locked saltado
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked saltado
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked saltado
C:\WINDOWS\system32\config\ACEEvent.evt Object is locked saltado
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked saltado
C:\WINDOWS\system32\config\DEFAULT Object is locked saltado
C:\WINDOWS\system32\config\default.LOG Object is locked saltado
C:\WINDOWS\system32\config\Media Ce.evt Object is locked saltado
C:\WINDOWS\system32\config\SAM Object is locked saltado
C:\WINDOWS\system32\config\SAM.LOG Object is locked saltado
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked saltado
C:\WINDOWS\system32\config\SECURITY Object is locked saltado
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked saltado
C:\WINDOWS\system32\config\SOFTWARE Object is locked saltado
C:\WINDOWS\system32\config\software.LOG Object is locked saltado
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked saltado
C:\WINDOWS\system32\config\SYSTEM Object is locked saltado
C:\WINDOWS\system32\config\system.LOG Object is locked saltado
C:\WINDOWS\system32\drivers\etc\Hosts.bak Object is locked saltado
C:\WINDOWS\system32\drivers\sptd.sys Object is locked saltado
C:\WINDOWS\system32\h323log.txt Object is locked saltado
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked saltado
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked saltado
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked saltado
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MA P Object is locked saltado
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MA P Object is locked saltado
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DAT A Object is locked saltado
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked saltado
C:\WINDOWS\Temp\cc1D.tmp Object is locked saltado
C:\WINDOWS\Temp\cc1E.tmp Object is locked saltado
C:\WINDOWS\Temp\cc1F.tmp Object is locked saltado
C:\WINDOWS\Temp\cc35.tmp Object is locked saltado
C:\WINDOWS\Temp\cc36.tmp Object is locked saltado
C:\WINDOWS\Temp\cc37.tmp Object is locked saltado
C:\WINDOWS\Temp\cc38.tmp Object is locked saltado
C:\WINDOWS\Temp\JET22E1.tmp Object is locked saltado
C:\WINDOWS\Temp\JET27E2.tmp Object is locked saltado
C:\WINDOWS\Temp\mcmsc_iy6I73wfnezsGc6 Object is locked saltado
C:\WINDOWS\wiadebug.log Object is locked saltado
C:\WINDOWS\wiaservc.log Object is locked saltado
C:\WINDOWS\WindowsUpdate.log Object is locked saltado
Análisis completado.
3. EL programa Superantispyware 4.0 tienes dos intems en curentena, que hago: REMOVE OR RESTORE? o los sigo manteniendo en cuarentena??; se tratan de dos: Adware. Tracking Cookie: manushh@ad.adtoma(2).txt ymanushh@adserver(!).txt
GRACIAS!!:frown: