anuncios CID como kitarlos? - Página 3

Buscar

		Foro de Spyware » Spyware - Adware - Hijackers - Malwares » Foro de Virus y Spywares
anuncios CID como kitarlos?

Para evitar Virus, Spyware y otros Malwares, te recomendamos mantenerte informado en: InfoSpyware Blog

Foro de Virus y Spywares Ayuda con: Malwares - Virus - Spywares - Troyanos - Adwares - Worms - Hijackers - Dialers - Rootkits - Keylogger - etc.) Plantéanos tu problema en este sector.
No ponga su log de HijackThis aquí !!

Página 3 de 3

Enviar a:

Herramientas

post #21

12/05/08, 18:14:31

andu47

Usuario

Registrado: abr 2008

Ubicación: galilia

Mensajes: 23

Re: anuncios CID como kitarlos?

hola maco tardo una eternidad el analisis

Código HTML:

;***********************************************************************************************************************************************************************************
ANALYSIS: 2008-05-12 23:09:29
PROTECTIONS: 1
MALWARE: 24
SUSPECTS: 0
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description                                  Version                       Active    Updated
;===================================================================================================================================================================================
Kaspersky Anti-Virus 6.0                     6.0.0.299                     Yes       Yes
;===================================================================================================================================================================================
MALWARE
Id        Description                        Type                Active    Severity  Disinfectable  Disinfected Location
;===================================================================================================================================================================================
00139060  Cookie/Casalemedia                 TrackingCookie      No        0         Yes            No           D:\Documents and Settings\R\Cookies\r@casalemedia[2].txt
00139061  Cookie/Doubleclick                 TrackingCookie      No        0         Yes            No           D:\Documents and Settings\R\Cookies\r@doubleclick[1].txt
00139064  Cookie/Atlas DMT                   TrackingCookie      No        0         Yes            No           D:\Documents and Settings\R\Cookies\r@atdmt[2].txt
00145393  Cookie/Tradedoubler                TrackingCookie      No        0         Yes            No           D:\Documents and Settings\R\Cookies\r@tradedoubler[2].txt
00145457  Cookie/FastClick                   TrackingCookie      No        0         Yes            No           D:\Documents and Settings\R\Cookies\r@fastclick[1].txt
00145738  Cookie/Mediaplex                   TrackingCookie      No        0         Yes            No           D:\Documents and Settings\R\Cookies\r@mediaplex[1].txt
00149043  Cookie/CasinoKing                  TrackingCookie      No        0         Yes            No           D:\Documents and Settings\R\Cookies\r@casinolasvegas[1].txt
00167704  Cookie/Xiti                        TrackingCookie      No        0         Yes            No           D:\Documents and Settings\R\Cookies\r@xiti[1].txt
00167747  Cookie/Azjmp                       TrackingCookie      No        0         Yes            No           D:\Documents and Settings\R\Cookies\r@azjmp[1].txt
00168056  Cookie/YieldManager                TrackingCookie      No        0         Yes            No           D:\Documents and Settings\R\Cookies\r@ad.yieldmanager[1].txt
00168061  Cookie/Apmebf                      TrackingCookie      No        0         Yes            No           D:\Documents and Settings\R\Cookies\r@apmebf[1].txt
00168068  Cookie/Lop                         TrackingCookie      No        0         Yes            No           D:\Documents and Settings\R\Cookies\r@www.lop[2].txt
00168090  Cookie/Serving-sys                 TrackingCookie      No        0         Yes            No           D:\Documents and Settings\R\Cookies\r@serving-sys[1].txt
00168093  Cookie/Serving-sys                 TrackingCookie      No        0         Yes            No           D:\Documents and Settings\R\Cookies\r@bs.serving-sys[1].txt
00168095  Cookie/888                         TrackingCookie      No        0         Yes            No           D:\Documents and Settings\R\Cookies\r@888[1].txt
00168106  Cookie/Weborama                    TrackingCookie      No        0         Yes            No           D:\Documents and Settings\R\Cookies\r@weborama[1].txt
00168110  Cookie/Server.iad.Liveperson       TrackingCookie      No        0         Yes            No           D:\Documents and Settings\R\Cookies\r@server.iad.liveperson[1].txt
00169190  Cookie/Advertising                 TrackingCookie      No        0         Yes            No           D:\Documents and Settings\R\Cookies\r@advertising[1].txt
00170556  Cookie/RealMedia                   TrackingCookie      No        0         Yes            No           D:\Documents and Settings\R\Cookies\r@realmedia[1].txt
00172221  Cookie/Zedo                        TrackingCookie      No        0         Yes            No           D:\Documents and Settings\R\Cookies\r@zedo[2].txt
00184846  Cookie/Adrevolver                  TrackingCookie      No        0         Yes            No           D:\Documents and Settings\R\Cookies\r@adrevolver[2].txt
00529607  Application/MonacoGoldCasino       HackTools           No        0         No             No           D:\Documents and Settings\R\My Documents\My Music\ [Full Albums Album 2005][mp3] Mago.De.Oz.-.Gaia.II.La.Voz.Dormida.2CDs\[Full Albums Album 2005][mp3]  Mago.De.Oz.-.Gaia.II.La.Voz.Dormida.2CDs.rar[[PC GAME MULTILANGUAGE] Europa Casino - Win real money from your home - Bonus  2400 _ to all new players.exe]
01006923  Generic Trojan                     Virus/Trojan        No        0         Yes            No           D:\incoming\PC-Todo.En.Uno.V8.DVD.SPANISH.By.BoRrasS.[www.gamepcrip.com]\PC-Todo.En.Uno.V8.DVD.SPANISH.By.BoRrasS.[www.gamepcrip.com]\fsc-teu.v8\DVD5\TEU_V8_DVD1\AUTOPLAY\DOCS\MEDICINAS\VISTA\TIMESTOP\VISTACRACK.EXE
01006923  Generic Trojan                     Virus/Trojan        No        0         No             No           D:\incoming\PC-Todo.En.Uno.V8.DVD.SPANISH.By.BoRrasS.[www.gamepcrip.com].rar[PC-Todo.En.Uno.V8.DVD.SPANISH.By.BoRrasS.[www.gamepcrip.com]\fsc-teu.v8\DVD5\TEU_V8_DVD1\AUTOPLAY\DOCS\MEDICINAS\VISTA\TIMESTOP\VISTACRACK.EXE]
02931412  Adware/Lop                         Adware              No        0         Yes            No           C:\System Volume Information\_restore{5FED904E-6E1E-4B49-8681-D5C017BB5784}\RP658\A0564165.exe
;===================================================================================================================================================================================
SUSPECTS
Sent      Location                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              ;
;===================================================================================================================================================================================
;===================================================================================================================================================================================
VULNERABILITIES
Id        Severity   Description                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                ;
;===================================================================================================================================================================================
;===================================================================================================================================================================================

InfoSpyware

post #22

12/05/08, 19:12:45

M@co

Warrior

Registrado: dic 2007

Ubicación: Guayana - Venezuela

Mensajes: 7.085

Re: anuncios CID como kitarlos?

Hola.

Realiza lo siguiente por favor:

1.- Apaga el Restaurar Sistema(solo en Win Me y XP).

2.- Busca y elimina los siguientes archivos (en rojo), si tienes problemas usa FILEASSASIN o KillBox.

Cita:

D:\Documents and Settings\R\My Documents\My Music\ [Full Albums Album 2005][mp3] Mago.De.Oz.-.Gaia.II.La.Voz.Dormida.2CDs\[Full Albums Album 2005][mp3] Mago.De.Oz.-.Gaia.II.La.Voz.Dormida.2CDs.rar
D:\incoming\PC-Todo.En.Uno.V8.DVD.SPANISH.By.BoRrasS.[www.gamepcrip.com]\PC-Todo.En.Uno.V8.DVD.SPANISH.By.BoRrasS.[www.gamepcrip.com]\fsc-teu.v8\DVD5\TEU_V8_DVD1\AUTOPLAY\DOCS\MEDICINAS\VI STA\TIMESTOP\VISTACRACK.EXE
D:\incoming\PC-Todo.En.Uno.V8.DVD.SPANISH.By.BoRrasS.[www.gamepcrip.com].rar

3.- Reinicia el Pc.

4.- Ejecutas: Ccleaner.

Usando primero su opción de "Limpiador" para borrar cookies, temporales de Internet y todos los archivos que este te muestre como obsoletos.
Despues usa su opción de "Registro" para limpiar todo el registro de Windows (haciendo copia de seguridad).

5.- Deshaces el paso

.

- Comenta si se solucionó el problema.

Saludos.

Novedades del Foro | Antivirus Online | Eliminar Malwares | Políticas del Foro | Blog

* Ayúdanos haciendo una DONACIÓN para poder seguir Ayudando.
* Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
* No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

post #23

13/05/08, 06:36:12

andu47

Usuario

Registrado: abr 2008

Ubicación: galilia

Mensajes: 23

Re: anuncios CID como kitarlos?

hola maco
segui los pasos q me dices y borre los archivos q me dices,pero no encontre el archivo vistacrakc
despues segui los pasos del ccleaner y si no te importa por si acaso te mando
loa resultados,de momento no saltó ningun anuncio CID

ENCONTRE EL MESSENGER PLUS Y TAMBIEN LO BORRE,TAMBIEN ESTA EL WINDOWRS PLUS PERO TUVE DUDAS SE PUEDE BORRAR ,SIGUIENDO LOS MISMOS PASOS?

muchas gracias maco por tu infinita paciencia,solo una pregunta mas por favor!parece q tengo archivos infectados que mi antivirus no resuelve
con esto que hice estara libre de infecciones?

Código HTML:

Windows Registry Editor Version 5.00


[HKEY_CLASSES_ROOT\.sch]
@="ExpressSCH"

[HKEY_CLASSES_ROOT\CLSID\{6A5DE670-2241-4308-99AF-FA5605236B76}]
@="Audio Converter PlugIn Class"

[HKEY_CLASSES_ROOT\CLSID\{6A5DE670-2241-4308-99AF-FA5605236B76}\InprocServer32]
@="C:\\Program Files\\Windows Plus\\Audio Converter\\ACPlugIn.dll"
"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\CLSID\{A62EC5D2-5642-4c20-AB08-025E068BF8B2}]
@="Windows Audio Converter ContextMenu Class"

[HKEY_CLASSES_ROOT\CLSID\{A62EC5D2-5642-4c20-AB08-025E068BF8B2}\InprocServer32]
@="C:\\Program Files\\Windows Plus\\Audio Converter\\ACShellExt3.dll"
"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\CLSID\{A62EC5D2-5642-4c20-AB08-025E068BF8B2}\ProgID]
@="ACShellExt2.ContextMenu"

[HKEY_CLASSES_ROOT\CLSID\{A62EC5D2-5642-4c20-AB08-025E068BF8B2}\SupportedTypes]
".mp3"=""
".wav"=""
".wma"=""

[HKEY_CLASSES_ROOT\CLSID\{A62EC5D2-5642-4c20-AB08-025E068BF8B2}\VersionIndependentProgID]
@="ACShellExt2.ContextMenu"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{125F0ACC-D3FC-402B-8D96-27F6E46D00D5}]
"SlowInfoCache"=hex:28,02,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,\
  00,00,00,00,00,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00
"Changed"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{17027E19-D86D-469B-BAA3-0DF356D6ED71}]
"SlowInfoCache"=hex:28,02,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,\
  00,00,00,00,00,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00
"Changed"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{45D68F08-56A0-4412-BB0F-8492BE978AC7}]
"SlowInfoCache"=hex:28,02,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,\
  00,00,00,00,00,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00
"Changed"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{558CD0A7-0548-4220-88FE-01CC1477DF61}]
"SlowInfoCache"=hex:28,02,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,\
  00,00,00,00,00,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00
"Changed"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{5AC9F44E-06C7-41E3-A464-37177AB9105D}]
"SlowInfoCache"=hex:28,02,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,\
  00,00,00,00,00,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00
"Changed"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{7C3E3706-8FBD-4169-9726-0A47FBF9D32A}]
"SlowInfoCache"=hex:28,02,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,\
  00,00,00,00,00,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00
"Changed"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{901C63FD-6673-47A6-9B5F-B13E3EBFA470}]
"SlowInfoCache"=hex:28,02,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,\
  00,00,00,00,00,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00
"Changed"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C3CE4CED-46B0-407E-A703-7A83AAE02A36}]
"SlowInfoCache"=hex:28,02,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,\
  00,00,00,00,00,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00
"Changed"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{DBE84DB2-1794-4244-9859-9B720CA89B4D}]
"SlowInfoCache"=hex:28,02,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,\
  00,00,00,00,00,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00
"Changed"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{F68E3631-68ED-4970-8D77-B81FE83AA6A1}]
"SlowInfoCache"=hex:28,02,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,\
  00,00,00,00,00,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00
"Changed"=dword:00000000

[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"D:\\DOCUME~1\\R\\LOCALS~1\\Temp\\~nsu.tmp\\Au_.exe"="Au_"

post #24

13/05/08, 06:49:42

M@co

Warrior

Registrado: dic 2007

Ubicación: Guayana - Venezuela

Mensajes: 7.085

Re: anuncios CID como kitarlos?

Hola.

Para que estes seguro de la limpieza del Pc haz un escan con Kaspersky Antivirus online.

Si el reporte de Kaspersky muestra alguna infeccion lo pegas en una proxima respuesta.

Salu2.

post #25

13/05/08, 10:08:54

andu47

Usuario

Registrado: abr 2008

Ubicación: galilia

Mensajes: 23

hola de nuevo maco
te pego los resultados,pero creo que algo en todo lo que me dijistes no hice bien verdad?

Código HTML:

eliminado: programa troyano Backdoor.Win32.Bancodor.ap	File: D:\incoming\PC-Todo.En.Uno.V8.DVD.SPANISH.By.BoRrasS.[www.gamepcrip.com]\PC-Todo.En.Uno.V8.DVD.SPANISH.By.BoRrasS.[www.gamepcrip.com]\fsc-teu.v8\DVD5\TEU_V8_DVD1\AUTOPLAY\DOCS\MEDICINAS\VISTA\TIMESTOP\VISTACRACK.EXE


Eventos
-------
Hora	Nombre	Estado	Razón
----	------	------	-----
13/05/2008 12:02:33	File: D:\Documents and Settings\R\My Documents\00000001.tif	correcto	iSwift
13/05/2008 12:02:33	File: D:\Documents and Settings\R\My Documents\001-348 Galicia Asisa 2ED.pdf	correcto	iSwift
13/05/2008 12:02:33	File: D:\Documents and Settings\R\My Documents\1	correcto	iSwift
13/05/2008 12:02:33	File: D:\Documents and Settings\R\My Documents\17-12-reducida07,lamastelle.wav	correcto	iSwift
13/05/2008 12:02:33	File: D:\Documents and Settings\R\My Documents\19-12-reducida07nuevo.wav	correcto	iSwift
13/05/2008 12:02:33	File: D:\Documents and Settings\R\My Documents\1N540X.pdf	correcto	iSwift
13/05/2008 12:02:33	File: D:\Documents and Settings\R\My Documents\4-12-2007 lamastelle.WAV	correcto	iSwift
13/05/2008 12:02:33	File: D:\Documents and Settings\R\My Documents\4-12-2007lamastellreducidaei.mp3	correcto	iSwift
13/05/2008 12:02:34	File: D:\Documents and Settings\R\My Documents\5--12--07reducida.wav	correcto	analizado
13/05/2008 12:02:34	File: D:\Documents and Settings\R\My Documents\5--12--07reducida.wav:Zone.Identifier	correcto	analizado
13/05/2008 12:02:34	File: D:\Documents and Settings\R\My Documents\5-12-07,lamastelle.WAV	correcto	iSwift
13/05/2008 12:02:34	File: D:\Documents and Settings\R\My Documents\5-12-07.WAV	correcto	iSwift
13/05/2008 12:02:34	File: D:\Documents and Settings\R\My Documents\6-03-2008 original.WAV	correcto	iSwift
13/05/2008 12:02:34	File: D:\Documents and Settings\R\My Documents\800x600_house_wallpaper02.jpg	correcto	iSwift
13/05/2008 12:02:35	File: D:\Documents and Settings\R\My Documents\A ti me dicen que te olvide.doc	archivo comprimido Embedded	
13/05/2008 12:02:35	File: D:\Documents and Settings\R\My Documents\A ti me dicen que te olvide.doc/1Table	correcto	analizado
13/05/2008 12:02:35	File: D:\Documents and Settings\R\My Documents\A ti me dicen que te olvide.doc	correcto	analizado
13/05/2008 12:02:35	File: D:\Documents and Settings\R\My Documents\Abogada susi.doc	correcto	iSwift


Estadísticas
------------
Objeto	Analizados	Detectados	Sin procesar	Eliminados	Desplazado a cuarentena	Comprimido	Ejecutable comprimido	Protegido con contraseña	Dañado
------	----------	----------	------------	----------	-----------------------	----------	---------------------	------------------------	------
Total	881946	1	1	0	0	86318	1531	453	7
Mis documentos	14483	0	0	0	0	551	14	0	0
Buzones de correo	961	0	0	0	0	358	0	0	0
HDD (C:)	66152	0	0	0	0	109	332	105	0
DATA (D:)	637416	1	1	0	0	84324	876	340	2
Unidad DVD-RW (E:)	0	0	0	0	0	0	0	0	0
Disco extraíble (F:)	0	0	0	0	0	0	0	0	0
Disco extraíble (G:)	0	0	0	0	0	0	0	0	0
Disco extraíble (H:)	0	0	0	0	0	0	0	0	0
Disco extraíble (I:)	0	0	0	0	0	0	0	0	0
Nuevo (K:)	162934	0	0	0	0	976	309	8	5
Unidad DVD (L:)	0	0	0	0	0	0	0	0	0


Configuración
-------------
Nombre	Valor
------	-----
Nivel de seguridad	Recomendado
Acción	Preguntar al usuario después de terminar el análisis
Tipos de archivos	Todos
Analizar sólo los archivos nuevos y modificados	No
Analizar archivos comprimidos	Todos
Analizar objetos OLE incorporados	Todos
Ignorar si el objeto es mayor de	No
Ignorar si el análisis tarda más de	No
Analizar formatos de correo	No
Analizar archivos comprimidos protegidos por contraseña	No
Activar la tecnología iChecker	Sí
Activar la tecnología iSwift	Sí
Mostrar las amenazas detectadas en la ficha "Detectados"	Sí

por favor disculpa mi error la anterior respuesta lo hice con mi antivirus,ahora me acabo de dar cuenta,ahora lo hago como me dices en el mensaje,y cuando acabe pego los resultados

saludos

maco espero haber acertado por fin!!graciñas de verdad

saludos

Código HTML:

 KASPERSKY ONLINE SCANNER INFORME
 martes, 13 de mayo de 2008 21:43:42
 Sistema operativo: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
 Kaspersky Online Scanner versión: 5.0.84.1
 Ultima actualización: 13/05/2008
 Registros en la base antivirus: 769683
-------------------------------------------------------------------------------

Configuración del análisis:
	Analizar usando las siguientes bases: estendidas
	Analizar archivos: verdadero
	Analizar bases de correo: verdadero

Objetivo a analizar - Mi PC:
	C:\
	D:\
	E:\
	F:\
	G:\
	H:\
	I:\
	K:\
	L:\

Estadísticas:
	Número de objeros analizados: 293027
	Virus encontrados: 0
	Objetos infectados: 0 / 0
	Objetos sospechosos: 0
	Duración del análisis: 05:00:20

Bombre del objeto infectado / Nombre del virus / Última acción
C:\Program Files\config32\klog.dat	Object is locked	saltado
C:\Program Files\eMule\Temp\006.part	Object is locked	saltado
C:\Program Files\eMule\Temp\013.part	Object is locked	saltado
C:\Program Files\eMule\Temp\015.part	Object is locked	saltado
C:\Program Files\Yahoo!\Messenger\logs\billing_R.log	Object is locked	saltado
C:\Program Files\Yahoo!\Messenger\logs\client_R.log	Object is locked	saltado
C:\Program Files\Yahoo!\Messenger\logs\network_R.log	Object is locked	saltado
C:\WINDOWS\Debug\PASSWD.LOG	Object is locked	saltado
C:\WINDOWS\Registration\{02D4B3F1-FD88-11D1-960D-00805FC79235}.{B18F2B5D-BCE4-48BF-9CC3-C33C1FE6EDE9}.crmlog	Object is locked	saltado
C:\WINDOWS\SchedLgU.Txt	Object is locked	saltado
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log	Object is locked	saltado
C:\WINDOWS\Sti_Trace.log	Object is locked	saltado
C:\WINDOWS\system32\CatRoot2\edb.log	Object is locked	saltado
C:\WINDOWS\system32\CatRoot2\tmp.edb	Object is locked	saltado
C:\WINDOWS\system32\config\AppEvent.Evt	Object is locked	saltado
C:\WINDOWS\system32\config\DEFAULT	Object is locked	saltado
C:\WINDOWS\system32\config\default.LOG	Object is locked	saltado
C:\WINDOWS\system32\config\IntelDH.evt	Object is locked	saltado
C:\WINDOWS\system32\config\Media Ce.evt	Object is locked	saltado
C:\WINDOWS\system32\config\SAM	Object is locked	saltado
C:\WINDOWS\system32\config\SAM.LOG	Object is locked	saltado
C:\WINDOWS\system32\config\SecEvent.Evt	Object is locked	saltado
C:\WINDOWS\system32\config\SECURITY	Object is locked	saltado
C:\WINDOWS\system32\config\SECURITY.LOG	Object is locked	saltado
C:\WINDOWS\system32\config\SOFTWARE	Object is locked	saltado
C:\WINDOWS\system32\config\software.LOG	Object is locked	saltado
C:\WINDOWS\system32\config\SysEvent.Evt	Object is locked	saltado
C:\WINDOWS\system32\config\SYSTEM	Object is locked	saltado
C:\WINDOWS\system32\config\system.LOG	Object is locked	saltado
C:\WINDOWS\system32\drivers\fidbox.dat	Object is locked	saltado
C:\WINDOWS\system32\drivers\fidbox.idx	Object is locked	saltado
C:\WINDOWS\system32\drivers\fidbox2.dat	Object is locked	saltado
C:\WINDOWS\system32\drivers\fidbox2.idx	Object is locked	saltado
C:\WINDOWS\system32\h323log.txt	Object is locked	saltado
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR	Object is locked	saltado
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP	Object is locked	saltado
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER	Object is locked	saltado
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP	Object is locked	saltado
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP	Object is locked	saltado
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA	Object is locked	saltado
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP	Object is locked	saltado
C:\WINDOWS\Temp\~DF6E09.tmp	Object is locked	saltado
C:\WINDOWS\wiadebug.log	Object is locked	saltado
C:\WINDOWS\wiaservc.log	Object is locked	saltado
C:\WINDOWS\WindowsUpdate.log	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Report\0549_File_Monitoring_eventlog.rpt	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Report\054d_Web_Monitoring_eventlog.rpt	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Report\detected.idx	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Report\detected.rpt	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Report\eventlog.rpt	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Report\report.rpt	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.103.Crwl	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.103.gthr	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\MSStmp.log	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010001.wid	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010002.wid	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010003.wid	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000A.wid	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000B.wid	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.wid	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000D.wid	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000F.wid	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010016.wid	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001D.ci	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001D.wid	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001D.wsb	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.000	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\CiPT0000.000	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\Used0000.000	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\CiST0000.000	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk1.gthr	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk2.gthr	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy141.gthr	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\tmp.edb	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Windows.edb	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf1.tmp	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf2.tmp	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Perflib_Perfdata_4b8.dat	Object is locked	saltado
D:\Documents and Settings\All Users\Documents\Recorded TV\TempRec\TempSBE\MSDVRMM_340957528_10354688_430	Object is locked	saltado
D:\Documents and Settings\All Users\Documents\Recorded TV\TempRec\TempSBE\MSDVRMM_340957528_6815744_201	Object is locked	saltado
D:\Documents and Settings\All Users\Documents\Recorded TV\TempRec\TempSBE\SBE3.tmp	Object is locked	saltado
D:\Documents and Settings\All Users\Documents\Recorded TV\TempRec\TempSBE\SBE4.tmp	Object is locked	saltado
D:\Documents and Settings\All Users\Documents\Recorded TV\TempRec\{EA11E798-553F-4660-B155-0DBC6FE75961}.TmpSBE	Object is locked	saltado
D:\Documents and Settings\All Users\Documents\Recorded TV\TempRec\{EA799677-2ECF-4EF1-9202-4DA7157CBD7C}.TmpSBE	Object is locked	saltado
D:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat	Object is locked	saltado
D:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG	Object is locked	saltado
D:\Documents and Settings\LocalService\Local Settings\Temp\Archivos temporales de Internet\Content.IE5\index.dat	Object is locked	saltado
D:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat	Object is locked	saltado
D:\Documents and Settings\LocalService\Local Settings\Temp\Historial\History.IE5\index.dat	Object is locked	saltado
D:\Documents and Settings\LocalService\NTUSER.DAT	Object is locked	saltado
D:\Documents and Settings\LocalService\ntuser.dat.LOG	Object is locked	saltado
D:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat	Object is locked	saltado
D:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG	Object is locked	saltado
D:\Documents and Settings\NetworkService\NTUSER.DAT	Object is locked	saltado
D:\Documents and Settings\NetworkService\ntuser.dat.LOG	Object is locked	saltado
D:\Documents and Settings\R\Application Data\$_hpcst$.hpc	Object is locked	saltado
D:\Documents and Settings\R\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\AppLogs\SUPERANTISPYWARE-5-13-2008( 15-44-4 ).LOG	Object is locked	saltado
D:\Documents and Settings\R\Cookies\index.dat	Object is locked	saltado
D:\Documents and Settings\R\Local Settings\Application Data\Microsoft\Desktop Search\Logs\OTFSMonLog.txt	Object is locked	saltado
D:\Documents and Settings\R\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat	Object is locked	saltado
D:\Documents and Settings\R\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG	Object is locked	saltado
D:\Documents and Settings\R\Local Settings\History\History.IE5\index.dat	Object is locked	saltado
D:\Documents and Settings\R\Local Settings\History\History.IE5\MSHist012008051320080514\index.dat	Object is locked	saltado
D:\Documents and Settings\R\Local Settings\Temp\Perflib_Perfdata_b64.dat	Object is locked	saltado
D:\Documents and Settings\R\Local Settings\Temp\WCESLog.log	Object is locked	saltado
D:\Documents and Settings\R\Local Settings\Temporary Internet Files\Content.IE5\index.dat	Object is locked	saltado
D:\Documents and Settings\R\NTUSER.DAT	Object is locked	saltado
D:\Documents and Settings\R\ntuser.dat.LOG	Object is locked	saltado
D:\System Volume Information\MountPointManagerRemoteDatabase	Object is locked	saltado

Análisis completado.

Última edición por AntonioG fecha: 13/05/08 a las 17:26:50. Razón: Combinar mensajes en cadena, favor de usar el boton "Editar" para agregar informacion

post #26

14/05/08, 16:46:22

andu47

Usuario

Registrado: abr 2008

Ubicación: galilia

Mensajes: 23

Re: anuncios CID como kitarlos?

hola

me parece que el problema de los anuncios CID esta solucionado
no me ha vuelto a pasar,menos mal
lo de los virus no se!
muchas gracias maco por tu ayuda a solucionar el problema
un saludo

post #27

25/05/08, 16:00:15

andu47

Usuario

Registrado: abr 2008

Ubicación: galilia

Mensajes: 23

Re: anuncios CID como kitarlos?

ha pasado algo?no recibi respuesta por que

post #28

25/05/08, 16:57:34

M@co

Warrior

Registrado: dic 2007

Ubicación: Guayana - Venezuela

Mensajes: 7.085

Re: anuncios CID como kitarlos?

Hola.

El reporte de kaspersky online esta limpio; ademas dices que ya no aparecen las ventanas de publicidad del CID.

Comenta si se puede dar por solucionado el tema.

Salu2!.

post #29

26/05/08, 12:55:17

andu47

Usuario

Registrado: abr 2008

Ubicación: galilia

Mensajes: 23

Re: anuncios CID como kitarlos?

tema solucionado,muchas gracias por la paciencia y el tiempo en solucionarme el tema
un saludo

Página 3 de 3

« Tema Anterior | Próximo Tema »

Herramientas
Mostrar Versión Imprimible Enviar por Correo

Reglas del foro
No puedes crear nuevos temas No puedes responder temas No puedes subir adjuntos No puedes editar tus mensajes BB code is activado Las caritas están activado Código [IMG] está activado Código HTML está desactivado Trackbacks are desactivado Pingbacks are activado Refbacks are activado Políticas del foro

Temas Similares

Tema	Autor	Foro	Respuestas	Último mensaje
Problema con Explorer y spyware	Arturo GMX	Foro de Virus y Spywares	13	11/03/08 02:28:59
windows security alert con Worm Win32 Netsky detectado (SOLUCIONADO)	jac52	Temas Solucionados	31	09/03/08 14:15:16
Solo para genios en virus y PC	MasterVideogame	Foro de Virus y Spywares	2	22/09/07 00:20:23
Como quitar CID?	sergio4669	Temas Solucionados	1	22/06/07 16:26:05
tengo viruses, como podria kitarlos? (Solucionado)	el multas	Temas Solucionados	15	16/06/07 10:55:28

Todas las horas son GMT -4. La hora es 21:24:55.

InfoSpyware es miembro de ASAP - Alliance of Security Analysis Professionals

Foro de InfoSpyware - Foro de Hijackthis - Foro de Virus