| Ver la Versión Completa : Problema con el Winstall Mike Bu Suprise 23/11/06, 22:54:14 hola necesito ayuda con esto , tengo un problema con mi pc una X roja aparece con un mensaje de spyware infection hasta ahora ya hise todo lo necesario para eliminarlo pero no alparecer sigue hay.. espero su ayuda gracias........... Salba 23/11/06, 22:56:51 Hola Mike Bu Suprise bienvenido al foro. Sigue estos: http://www.forospyware.com/t6486.html Me comentas. Saludos Mike Bu Suprise 23/11/06, 23:02:31 muchas gracias por responder . ya realise esos pasos y la X sigue hay .............que puedo hacer ??? Hardrive 23/11/06, 23:10:32 Hola Escanea con Ewido y Kaspersky On-Line (http://www.forospyware.com/foro-de-virus-y-spywares/aviso-7.html) en ese orden y nos pegas los 2 reportes juntos, en este mismo tema. Salu2 Mike Bu Suprise 24/11/06, 02:51:15 Aka el reporte del Ewido ewido anti-spyware online scanner http://www.ewido.net __________________________________________________ Name: TrackingCookie.Yieldmanager Path: C:\Documents and Settings\Owner\Cookies\owner@ad.yieldmanager[1].txt Risk: Medium Name: TrackingCookie.Adbrite Path: C:\Documents and Settings\Owner\Cookies\owner@adbrite[1].txt Risk: Medium Name: TrackingCookie.Euroclick Path: C:\Documents and Settings\Owner\Cookies\owner@adopt.euroclick[2].txt Risk: Medium Name: TrackingCookie.Addynamix Path: C:\Documents and Settings\Owner\Cookies\owner@ads.addynamix[1].txt Risk: Medium Name: TrackingCookie.Advertising Path: C:\Documents and Settings\Owner\Cookies\owner@advertising[2].txt Risk: Medium Name: TrackingCookie.Atdmt Path: C:\Documents and Settings\Owner\Cookies\owner@atdmt[2].txt Risk: Medium Name: TrackingCookie.Doubleclick Path: C:\Documents and Settings\Owner\Cookies\owner@doubleclick[1].txt Risk: Medium Name: TrackingCookie.Fastclick Path: C:\Documents and Settings\Owner\Cookies\owner@fastclick[1].txt Risk: Medium Name: TrackingCookie.Trafficmp Path: C:\Documents and Settings\Owner\Cookies\owner@trafficmp[1].txt Risk: Medium Name: TrackingCookie.Tribalfusion Path: C:\Documents and Settings\Owner\Cookies\owner@tribalfusion[1].txt Risk: Medium Name: Downloader.Qoologic.bj Path: [1308] C:\WINDOWS\System32\atxcdaj.dll Risk: High Name: Downloader.Qoologic.bj Path: [1640] C:\WINDOWS\System32\atxcdaj.dll Risk: High Name: Downloader.Qoologic.bj Path: [1860] C:\WINDOWS\System32\atxcdaj.dll Risk: High Name: Downloader.Qoologic.bj Path: [1884] C:\WINDOWS\System32\atxcdaj.dll Risk: High Name: Downloader.Qoologic.bj Path: [1956] C:\WINDOWS\System32\atxcdaj.dll Risk: High Name: Downloader.Qoologic.bj Path: [2016] C:\WINDOWS\System32\atxcdaj.dll Risk: High Name: Downloader.Qoologic.bj Path: [168] C:\WINDOWS\System32\atxcdaj.dll Risk: High Name: Downloader.Qoologic.bj Path: [140] C:\WINDOWS\System32\atxcdaj.dll Risk: High Name: Downloader.Qoologic.bj Path: [216] C:\WINDOWS\System32\atxcdaj.dll Risk: High Name: Downloader.Qoologic.bj Path: [512] C:\WINDOWS\System32\atxcdaj.dll Risk: High Name: Downloader.Qoologic.bj Path: [2052] C:\WINDOWS\System32\atxcdaj.dll Risk: High Name: Downloader.Qoologic.bj Path: [2060] C:\WINDOWS\System32\atxcdaj.dll Risk: High Name: Downloader.Qoologic.bj Path: [2100] C:\WINDOWS\System32\atxcdaj.dll Risk: High Name: Downloader.Qoologic.bj Path: [2292] C:\WINDOWS\System32\atxcdaj.dll Risk: High Name: TrackingCookie.Trafficmp Path: C:\Documents and Settings\Owner\Cookies\owner@trafficmp[1].txt Risk: Medium Name: TrackingCookie.Tribalfusion Path: C:\Documents and Settings\Owner\Cookies\owner@tribalfusion[1].txt Risk: Medium Name: Not-A-Virus.Hoax.Win32.Renos.eo Path: C:\Documents and Settings\Owner\Local Settings\Temp\__delete_on_reboot__x_y_t_u_t_s_c_w_ ._e_x_e_ Risk: Low Name: Downloader.Qoologic.bj Path: C:\WINDOWS\system32\__delete_on_reboot__a_t_x_c_d_ a_j_._d_l_l_ Risk: High Name: Downloader.Qoologic.ax Path: C:\WINDOWS\system32\__delete_on_reboot__f_w_r_l_l_ ._d_l_l_ Risk: High Kaspersky KASPERSKY ONLINE SCANNER REPORT Friday, November 24, 2006 2:45:20 AM Operating System: Microsoft Windows XP Home Edition, Service Pack 1 (Build 2600) Kaspersky Online Scanner version: 5.0.83.0 Kaspersky Anti-Virus database last update: 24/11/2006 Kaspersky Anti-Virus database records: 231291 Scan Settings Scan using the following antivirus database standard Scan Archives true Scan Mail Bases true Scan Target My Computer C:\ D:\ E:\ G:\ H:\ I:\ J:\ Scan Statistics Total number of scanned objects 51528 Number of viruses found 3 Number of infected objects 3 / 0 Number of suspicious objects 0 Duration of the scan process 01:30:15 Infected Object Name Virus Name Last Action C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat Object is locked skipped C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\Owner\Cookies\index.dat Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\ApplicationHistory\hpqgalry.exe.cf8dd223.ini. inuse Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\HP\Digital Imaging\db\administrativeInfo.dbf Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.cdx Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.dbf Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.cdx Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.dbf Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\HP\Digital Imaging\db\CB_Server_Errors.txt Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.cdx Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.dbf Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.cdx Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.dbf Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.fpt Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.cdx Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.dbf Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.cdx Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.dbf Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\HP\Digital Imaging\db\managedFolderTable.dbf Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.cdx Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.dbf Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.cdx Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.dbf Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.cdx Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.dbf Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\Owner\Local Settings\History\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\Owner\Local Settings\History\History.IE5\MSHist012006112420061 125\index.dat Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Temp\fla531.tmp Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Temp\hpodvd09.log Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Temp\Perflib_Perfdata_ad4.dat Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Temp\__delete_on_reboot__x_y_t_u_t_s_c_w_ ._e_x_e_ Infected: not-virus:Hoax.Win32.Renos.eo skipped C:\Documents and Settings\Owner\Local Settings\Temp\~DFF95D.tmp Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\Owner\NTUSER.DAT Object is locked skipped C:\Documents and Settings\Owner\ntuser.dat.LOG Object is locked skipped C:\Program Files\BigFix\__Data\BigFix\__Local\Tmp\conf-900.dat Object is locked skipped C:\Program Files\BigFix\__Data\BigFix\__Local\Tmp\ie7conflict .dat Object is locked skipped C:\Program Files\BigFix\__Data\BigFix\__Local\Tmp\notes.dat Object is locked skipped C:\Program Files\BigFix\__Data\BigFix\__Local\Tmp\partner-700.dat Object is locked skipped C:\Program Files\BigFix\__Data\BigFix\__Local\Tmp\subscrip-2000.dat Object is locked skipped C:\Program Files\BigFix\__Data\BigFix\__Local\Tmp\survey.dat Object is locked skipped C:\Program Files\BigFix\__Data\BigFix\__Local\Tmp\updates-300.dat Object is locked skipped C:\Program Files\BigFix\__Data\BigFix\__Local\Tmp\urgent-800.dat Object is locked skipped C:\Program Files\HP\hpcoretech\hpcmerr.log Object is locked skipped C:\Program Files\Norton AntiVirus\AVApp.log Object is locked skipped C:\Program Files\Norton AntiVirus\AVError.log Object is locked skipped C:\Program Files\Norton AntiVirus\AVVirus.log Object is locked skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.lo g Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\default Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\software Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\system Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\config\systemprofile\Cookies\i ndex.dat Object is locked skipped C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat Object is locked skipped C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DAT A Object is locked skipped C:\WINDOWS\system32\__delete_on_reboot__a_t_x_c_d_ a_j_._d_l_l_ Infected: Trojan-Downloader.Win32.Qoologic.bj skipped C:\WINDOWS\system32\__delete_on_reboot__f_w_r_l_l_ ._d_l_l_ Infected: Trojan-Downloader.Win32.Qoologic.ax skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped Scan process completed. aver que se puede hacer gracias................ Hardrive 24/11/06, 05:10:26 Hola Sigue con los siguientes pasos: 1. - Activa la opcion ver archivos ocultos (http://www.forospyware.com/46-post3.html). 2. - Borra los siguientes archivos: C:\WINDOWS\System32\atxcdaj.dll C:\Documents and Settings\Owner\Local Settings\Temp\__delete_on_reboot__x_y_t_u_t_s_c_w_ ._e_x_e_ C:\WINDOWS\system32\__delete_on_reboot__f_w_r_l_l_ ._d_l_l_ C:\WINDOWS\system32\__delete_on_reboot__a_t_x_c_d_ a_j_._d_l_l_ 3. - Analiza con: AVG Antispyware 7.5 (http://www.infospyware.com/Anti-Spywares.htm) actualizado. 4. - No salgas del modo seguro. Has lo siguiente en cada cuenta de usuario: Cierra todas las ventanas. Pasa el Disk Cleaner (http://www.infospyware.com/Herramientas.htm). Limpia el registro con RegSeeker (http://www.infospyware.com/Herramientas.htm) (manual (http://www.forospyware.com/t713.html)). 5. - Inicia en modo normal y escanea con Panda ActiveScan Online (http://www.forospyware.com/foro-de-virus-y-spywares/aviso-7.html). Cuando termine, nos pegas el reporte. Nos cuentas Salu2 Mike Bu Suprise 24/11/06, 16:06:42 Aqui esta el reporte del Panda ...................... Incidencia Estado Elemento Adware:adware/spysheriff No desinfectado c:\winstall.exe Adware:adware/webhancer No desinfectado c:\windows\whCC-GIANT.exe Dialer:dialer.su No desinfectado hkey_local_machine\software\microsoft\windows\curr entversion\uninstall\Switch Spyware:spyware/media-motor No desinfectado Registro de Windows Herramienta potencialmente no deseada:application/zango No desinfectado HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\ActiveX Compatibility\{99410cde-6f16-42ce-9d49-3807f78f0287} Spyware:Cookie/ademails No desinfectado C:\Documents and Settings\Owner\Cookies\owner@www.ademails[1].txt Mike Bu Suprise 24/11/06, 16:09:54 hasta ahora he hecho todos los pasos pero la X vuelve a reaperecer una y otra ves SpRiTeR 24/11/06, 16:23:52 Hola... :1: Descarga y ejecuta el Killbox (http://www.forospyware.com/49-post6.html) y marcando la casilla "Delete on reboot", elimina los siguientes archivos: C:\winstall.exe C:\windows\whCC-GIANT.exe :2: Luego Abre el Regedit (Inicio-> Ejecutar-> Regedit) y elimina estos registros: HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\ActiveX Compatibility\{99410cde-6f16-42ce-9d49-3807f78f0287} hkey_local_machine\software\microsoft\windows\curr entversion\uninstall\Switch Spyware:spyware/media-motor Mike Bu Suprise 25/11/06, 16:28:28 el PC ahora esta limpio pero ahora tengo otro problema no puedo instalar nada y se resetea o cuando intento entrar a esta pagina se resetea solo tambien y me dice algo sobre el regedit............lo intento abrir y se reinicia ayuda por favor Hardrive 25/11/06, 16:32:19 Hola otra vez Para seguir con tu problema, por favor danos mas detalles: ¿Por que dices que no puedes instalar nada? ¿Que sucede? ¿Cual es el mensaje del regedit que mencionas? Escribelo textualmente. ¿Seguro que tu PC esta limpia? Mientras mas detalles, mejor. Salu2 Mike Bu Suprise 25/11/06, 16:42:33 ok limpie toda la computadora volvi a instalar windows hasta ahora bien pero el problema empeso cuando queize instalar un programa lo quise instalar in si razon alguna se reseteo lo mas curioso es que el internet trabaja bien mientras no entre a www.forospyware.com hay es cuando se vuelve a resetear por si sola al ver esto fui al regedit intente abrirlo sale un mensaje que dice "Resgistry edting has been disabled by your admisnistrator.".....pero no encuentro razon por que no hay de mas cuentas solo la principal. Hardrive 25/11/06, 16:49:31 Mmm ::pensar:: ¿Seguro que tu PC esta limpia? Pues yo no estoy muy seguro... Para destrabar el registro, ejecuta Reg Unlocker (http://www.forospyware.com/attachments/forum12/556d1162104639-reg-unlocker-v1.1.exe). Asegurate de no tener ninguno de los programas mencionados en los siguientes links: http://www.forospyware.com/t7.html http://www.forospyware.com/t5.html http://www.forospyware.com/t61051.html Ademas, escanea con Ewido y Kaspersky On-Line (http://www.forospyware.com/foro-de-virus-y-spywares/aviso-7.html) en ese orden y nos pegas los 2 reportes juntos, en este mismo tema. Salu2 Mike Bu Suprise 26/11/06, 01:59:04 esto es otro problema solo puedo ingresar al foro x medio de yahoo, no de forma directa ,en el momento que voy a descargar el Regedit unlock se resetea sola osea que no puedo hacer nada y el regedit con el mismo problema no puedo instalar ni descargar nada ?? es una situasuion desesperante podria existir alguna otra forma de poder abrir el rededit y tratar de eliminar este problema gracias por su ayuda. punkitaso 26/11/06, 02:11:05 Hola... Sería bueno que leas este tutorial (http://www.forospyware.com/t3805.html). Tal vez así se solucione el problema. Nos comentas. Saludos.:Bien: Mike Bu Suprise 26/11/06, 04:03:53 este es el reporte se lo pase 2 veces reporte 1 Incidencia Estado Elemento Virus:W32/Brontok.N.worm Desinfectado Sistema Operativo Spyware:Cookie/Atlas DMT No desinfectado C:\Documents and Settings\Owner\Cookies\owner@atdmt[2].txt Spyware:Cookie/Doubleclick No desinfectado C:\Documents and Settings\Owner\Cookies\owner@doubleclick[1].txt Virus:W32/Brontok.N.worm Desinfectado C:\Documents and Settings\Owner\Local Settings\Application Data\csrss.exe Virus:W32/Brontok.N.worm Desinfectado C:\Documents and Settings\Owner\Local Settings\Application Data\inetinfo.exe Virus:W32/Brontok.N.worm Desinfectado C:\Documents and Settings\Owner\Local Settings\Application Data\smss.exe Virus:W32/Brontok.N.worm Desinfectado C:\Documents and Settings\Owner\Local Settings\Application Data\svchost.exe Virus:W32/Brontok.N.worm Desinfectado C:\Documents and Settings\Owner\My Documents\CyberLink\PowerDVD\PowerDVD.exe Virus:W32/Brontok.N.worm Desinfectado C:\Documents and Settings\Owner\Templates\7008-NendangBro.com Virus:W32/Brontok.N.worm Desinfectado C:\WINDOWS\KesenjanganSosial.exe Virus:W32/Brontok.N.worm Desinfectado C:\WINDOWS\system32\cmd-brontok.exe Virus:W32/Brontok.N.worm Desinfectado C:\WINDOWS\system32\Owner's Setting.scr reporte 2 Incidencia Estado Elemento Spyware:Cookie/Atlas DMT No desinfectado C:\Documents and Settings\Owner\Cookies\owner@atdmt[2].txt Spyware:Cookie/Doubleclick No desinfectado C:\Documents and Settings\Owner\Cookies\owner@doubleclick[1].txt Hardrive 26/11/06, 04:42:38 Hola otra vez Realiza una limpieza desde cero: 1. - Entra en Modo Seguro (http://www.forospyware.com/47-post4.html) (Modo a Prueba de Fallos). 2. - Escanea con: Tu antivirus actualizado (todos tus discos locales). Spybot S&D 1.4 (http://www.infospyware.com/Anti-Spywares.htm) actualizado (opcion "Analizar problemas"). AVG Antispyware 7.5 (http://www.infospyware.com/Anti-Spywares.htm) actualizado. 3. - No salgas del modo seguro. Has lo siguiente en cada cuenta de usuario: Cierra todas las ventanas. Pasa el Disk Cleaner (http://www.infospyware.com/Herramientas.htm). Limpia el registro con RegSeeker (http://www.infospyware.com/Herramientas.htm) (manual (http://www.forospyware.com/t713.html)). 4. - Inicia en modo normal y escanea con Ewido y Kaspersky On-Line (http://www.forospyware.com/foro-de-virus-y-spywares/aviso-7.html) en ese orden y guardas los reportes de cada uno. 5. - Escanea con Ewido y Kaspersky On-Line (http://www.forospyware.com/foro-de-virus-y-spywares/aviso-7.html) en ese orden y nos pegas los 2 reportes juntos, en este mismo tema. Salu2 Mike Bu Suprise 26/11/06, 15:47:12 ok estos fueron los resultados. Ewido Report ewido anti-spyware online scanner http://www.ewido.net __________________________________________________ Name: TrackingCookie.2o7 Path: C:\Documents and Settings\Owner\Cookies\owner@gateway.122.2o7[1].txt Risk: Medium Kaspersky report Sunday, November 26, 2006 12:44:19 PM Operating System: Microsoft Windows XP Home Edition, Service Pack 1 (Build 2600) Kaspersky Online Scanner version: 5.0.83.0 Kaspersky Anti-Virus database last update: 26/11/2006 Kaspersky Anti-Virus database records: 231816 Scan Settings Scan using the following antivirus database standard Scan Archives true Scan Mail Bases true Scan Target My Computer C:\ D:\ E:\ G:\ H:\ I:\ J:\ Scan Statistics Total number of scanned objects 23663 Number of viruses found 0 Number of infected objects 0 / 0 Number of suspicious objects 0 Duration of the scan process 00:24:30 Infected Object Name Virus Name Last Action C:\Documents and Settings\All Users\Application Data\AOL\ACS\1.0\ph Object is locked skipped C:\Documents and Settings\All Users\Application Data\AOL\ACS\1.0\variable Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat Object is locked skipped C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\Owner\Cookies\index.dat Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\Owner\Local Settings\History\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Temp\Perflib_Perfdata_71c.dat Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\Owner\NTUSER.DAT Object is locked skipped C:\Documents and Settings\Owner\ntuser.dat.LOG Object is locked skipped C:\Program Files\BigFix\__Data\emachines\__Local\Tmp\eMachine _Specific.dat Object is locked skipped C:\Program Files\BigFix\__Data\emachines\__Local\Tmp\General. dat Object is locked skipped C:\Program Files\BigFix\__Data\emachines\__Local\Tmp\Security .dat Object is locked skipped C:\Program Files\BigFix\__Data\emachines\__Local\Tmp\Security _UK.dat Object is locked skipped C:\Program Files\BigFix\__Data\emachines\__Local\Tmp\UK_Speci fic.dat Object is locked skipped C:\Program Files\BigFix\__Data\emachines\__Local\Tmp\Urgent.d at Object is locked skipped C:\Program Files\BigFix\__Data\emachines\__Local\Tmp\Virus.da t Object is locked skipped C:\Program Files\BigFix\__Data\emachines\__Local\Tmp\Welcome. dat Object is locked skipped C:\Program Files\Common Files\AOL\ACS\US\forms.fdb Object is locked skipped C:\Program Files\Common Files\AOL\ACS\US\static Object is locked skipped C:\Program Files\Norton AntiVirus\AVApp.log Object is locked skipped C:\Program Files\Norton AntiVirus\AVError.log Object is locked skipped C:\Program Files\Norton AntiVirus\AVVirus.log Object is locked skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped C:\System Volume Information\_restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP2\change.log Object is locked skipped C:\WINDOWS\Debug\oakley.log Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\EventCache\{55C622 D7-F77B-4435-B176-36921BB0A6D5}.bin Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.lo g Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\default Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\software Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\system Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DAT A Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped Scan process completed. SpRiTeR 26/11/06, 15:48:55 Los reportes estan limpios. Vuelve a seguir los pasos 1, 2 y 3 que te indica Hardrive. Mike Bu Suprise 02/12/06, 14:04:00 gracias ahora al parece esta todo bien, gracias por toda su ayuda me sirvio de mucho...:aplausos: |