Foro de Spyware - Foro de Hijackthis - Foro de Virus - InfoSpyware

Regresar   Foro de Spyware Spyware - Adware - Hijackers - Malwares Foro de Virus y Spywares
Actualizar anuncios CID como kitarlos?
Registrarse Lista de usuarios AntiSpywares AntiVirus
Respuesta
Página 3 de 3 < 12 3
 
Herramientas
  #21 (permalink)  
Antiguo 12/05/08, 17:14:31
Avatar de andu47
Usuario
  
Registrado: abr 2008
Ubicación: galilia
Mensajes: 21
Re: anuncios CID como kitarlos?
hola maco tardo una eternidad el analisis

Código HTML:
;***********************************************************************************************************************************************************************************
ANALYSIS: 2008-05-12 23:09:29
PROTECTIONS: 1
MALWARE: 24
SUSPECTS: 0
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description                                  Version                       Active    Updated
;===================================================================================================================================================================================
Kaspersky Anti-Virus 6.0                     6.0.0.299                     Yes       Yes
;===================================================================================================================================================================================
MALWARE
Id        Description                        Type                Active    Severity  Disinfectable  Disinfected Location
;===================================================================================================================================================================================
00139060  Cookie/Casalemedia                 TrackingCookie      No        0         Yes            No           D:\Documents and Settings\R\Cookies\r@casalemedia[2].txt
00139061  Cookie/Doubleclick                 TrackingCookie      No        0         Yes            No           D:\Documents and Settings\R\Cookies\r@doubleclick[1].txt
00139064  Cookie/Atlas DMT                   TrackingCookie      No        0         Yes            No           D:\Documents and Settings\R\Cookies\r@atdmt[2].txt
00145393  Cookie/Tradedoubler                TrackingCookie      No        0         Yes            No           D:\Documents and Settings\R\Cookies\r@tradedoubler[2].txt
00145457  Cookie/FastClick                   TrackingCookie      No        0         Yes            No           D:\Documents and Settings\R\Cookies\r@fastclick[1].txt
00145738  Cookie/Mediaplex                   TrackingCookie      No        0         Yes            No           D:\Documents and Settings\R\Cookies\r@mediaplex[1].txt
00149043  Cookie/CasinoKing                  TrackingCookie      No        0         Yes            No           D:\Documents and Settings\R\Cookies\r@casinolasvegas[1].txt
00167704  Cookie/Xiti                        TrackingCookie      No        0         Yes            No           D:\Documents and Settings\R\Cookies\r@xiti[1].txt
00167747  Cookie/Azjmp                       TrackingCookie      No        0         Yes            No           D:\Documents and Settings\R\Cookies\r@azjmp[1].txt
00168056  Cookie/YieldManager                TrackingCookie      No        0         Yes            No           D:\Documents and Settings\R\Cookies\r@ad.yieldmanager[1].txt
00168061  Cookie/Apmebf                      TrackingCookie      No        0         Yes            No           D:\Documents and Settings\R\Cookies\r@apmebf[1].txt
00168068  Cookie/Lop                         TrackingCookie      No        0         Yes            No           D:\Documents and Settings\R\Cookies\r@www.lop[2].txt
00168090  Cookie/Serving-sys                 TrackingCookie      No        0         Yes            No           D:\Documents and Settings\R\Cookies\r@serving-sys[1].txt
00168093  Cookie/Serving-sys                 TrackingCookie      No        0         Yes            No           D:\Documents and Settings\R\Cookies\r@bs.serving-sys[1].txt
00168095  Cookie/888                         TrackingCookie      No        0         Yes            No           D:\Documents and Settings\R\Cookies\r@888[1].txt
00168106  Cookie/Weborama                    TrackingCookie      No        0         Yes            No           D:\Documents and Settings\R\Cookies\r@weborama[1].txt
00168110  Cookie/Server.iad.Liveperson       TrackingCookie      No        0         Yes            No           D:\Documents and Settings\R\Cookies\r@server.iad.liveperson[1].txt
00169190  Cookie/Advertising                 TrackingCookie      No        0         Yes            No           D:\Documents and Settings\R\Cookies\r@advertising[1].txt
00170556  Cookie/RealMedia                   TrackingCookie      No        0         Yes            No           D:\Documents and Settings\R\Cookies\r@realmedia[1].txt
00172221  Cookie/Zedo                        TrackingCookie      No        0         Yes            No           D:\Documents and Settings\R\Cookies\r@zedo[2].txt
00184846  Cookie/Adrevolver                  TrackingCookie      No        0         Yes            No           D:\Documents and Settings\R\Cookies\r@adrevolver[2].txt
00529607  Application/MonacoGoldCasino       HackTools           No        0         No             No           D:\Documents and Settings\R\My Documents\My Music\ [Full Albums Album 2005][mp3] Mago.De.Oz.-.Gaia.II.La.Voz.Dormida.2CDs\[Full Albums Album 2005][mp3]  Mago.De.Oz.-.Gaia.II.La.Voz.Dormida.2CDs.rar[[PC GAME MULTILANGUAGE] Europa Casino - Win real money from your home - Bonus  2400 _ to all new players.exe]
01006923  Generic Trojan                     Virus/Trojan        No        0         Yes            No           D:\incoming\PC-Todo.En.Uno.V8.DVD.SPANISH.By.BoRrasS.[www.gamepcrip.com]\PC-Todo.En.Uno.V8.DVD.SPANISH.By.BoRrasS.[www.gamepcrip.com]\fsc-teu.v8\DVD5\TEU_V8_DVD1\AUTOPLAY\DOCS\MEDICINAS\VISTA\TIMESTOP\VISTACRACK.EXE
01006923  Generic Trojan                     Virus/Trojan        No        0         No             No           D:\incoming\PC-Todo.En.Uno.V8.DVD.SPANISH.By.BoRrasS.[www.gamepcrip.com].rar[PC-Todo.En.Uno.V8.DVD.SPANISH.By.BoRrasS.[www.gamepcrip.com]\fsc-teu.v8\DVD5\TEU_V8_DVD1\AUTOPLAY\DOCS\MEDICINAS\VISTA\TIMESTOP\VISTACRACK.EXE]
02931412  Adware/Lop                         Adware              No        0         Yes            No           C:\System Volume Information\_restore{5FED904E-6E1E-4B49-8681-D5C017BB5784}\RP658\A0564165.exe
;===================================================================================================================================================================================
SUSPECTS
Sent      Location                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              ;
;===================================================================================================================================================================================
;===================================================================================================================================================================================
VULNERABILITIES
Id        Severity   Description                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                ;
;===================================================================================================================================================================================
;===================================================================================================================================================================================
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiMeneame
Responder Con Cita
  #22 (permalink)  
Antiguo 12/05/08, 18:12:45
Avatar de maco1128
Usuario Habitual
  
Registrado: dic 2007
Ubicación: Guayana/Venezuela
Mensajes: 1.227
Contactar con maco1128 a través de MSN
Re: anuncios CID como kitarlos?
Hola.

Realiza lo siguiente por favor:

1.- Apaga el Restaurar Sistema(solo en Win Me y XP).

2.- Busca y elimina los siguientes archivos (en rojo), si tienes problemas usa FILEASSASIN o KillBox.
Cita:
D:\Documents and Settings\R\My Documents\My Music\ [Full Albums Album 2005][mp3] Mago.De.Oz.-.Gaia.II.La.Voz.Dormida.2CDs\[Full Albums Album 2005][mp3] Mago.De.Oz.-.Gaia.II.La.Voz.Dormida.2CDs.rar
D:\incoming\PC-Todo.En.Uno.V8.DVD.SPANISH.By.BoRrasS.[www.gamepcrip.com]\PC-Todo.En.Uno.V8.DVD.SPANISH.By.BoRrasS.[www.gamepcrip.com]\fsc-teu.v8\DVD5\TEU_V8_DVD1\AUTOPLAY\DOCS\MEDICINAS\VI STA\TIMESTOP\VISTACRACK.EXE
D:\incoming\PC-Todo.En.Uno.V8.DVD.SPANISH.By.BoRrasS.[www.gamepcrip.com].rar
3.- Reinicia el Pc.

4.- Ejecutas: Ccleaner.
  • Usando primero su opción de "Limpiador" para borrar cookies, temporales de Internet y todos los archivos que este te muestre como obsoletos.
  • Despues usa su opción de "Registro" para limpiar todo el registro de Windows (haciendo copia de seguridad).

5.- Deshaces el paso .

- Comenta si se solucionó el problema.

Saludos.
__________________
[< Maco >]
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiMeneame
Responder Con Cita
  #23 (permalink)  
Antiguo 13/05/08, 05:36:12
Avatar de andu47
Usuario
  
Registrado: abr 2008
Ubicación: galilia
Mensajes: 21
Re: anuncios CID como kitarlos?
hola maco
segui los pasos q me dices y borre los archivos q me dices,pero no encontre el archivo vistacrakc
despues segui los pasos del ccleaner y si no te importa por si acaso te mando
loa resultados,de momento no saltó ningun anuncio CID

ENCONTRE EL MESSENGER PLUS Y TAMBIEN LO BORRE,TAMBIEN ESTA EL WINDOWRS PLUS PERO TUVE DUDAS SE PUEDE BORRAR ,SIGUIENDO LOS MISMOS PASOS?

muchas gracias maco por tu infinita paciencia,solo una pregunta mas por favor!parece q tengo archivos infectados que mi antivirus no resuelve
con esto que hice estara libre de infecciones?

Código HTML:
Windows Registry Editor Version 5.00


[HKEY_CLASSES_ROOT\.sch]
@="ExpressSCH"

[HKEY_CLASSES_ROOT\CLSID\{6A5DE670-2241-4308-99AF-FA5605236B76}]
@="Audio Converter PlugIn Class"

[HKEY_CLASSES_ROOT\CLSID\{6A5DE670-2241-4308-99AF-FA5605236B76}\InprocServer32]
@="C:\\Program Files\\Windows Plus\\Audio Converter\\ACPlugIn.dll"
"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\CLSID\{A62EC5D2-5642-4c20-AB08-025E068BF8B2}]
@="Windows Audio Converter ContextMenu Class"

[HKEY_CLASSES_ROOT\CLSID\{A62EC5D2-5642-4c20-AB08-025E068BF8B2}\InprocServer32]
@="C:\\Program Files\\Windows Plus\\Audio Converter\\ACShellExt3.dll"
"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\CLSID\{A62EC5D2-5642-4c20-AB08-025E068BF8B2}\ProgID]
@="ACShellExt2.ContextMenu"

[HKEY_CLASSES_ROOT\CLSID\{A62EC5D2-5642-4c20-AB08-025E068BF8B2}\SupportedTypes]
".mp3"=""
".wav"=""
".wma"=""

[HKEY_CLASSES_ROOT\CLSID\{A62EC5D2-5642-4c20-AB08-025E068BF8B2}\VersionIndependentProgID]
@="ACShellExt2.ContextMenu"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{125F0ACC-D3FC-402B-8D96-27F6E46D00D5}]
"SlowInfoCache"=hex:28,02,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,\
  00,00,00,00,00,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00
"Changed"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{17027E19-D86D-469B-BAA3-0DF356D6ED71}]
"SlowInfoCache"=hex:28,02,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,\
  00,00,00,00,00,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00
"Changed"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{45D68F08-56A0-4412-BB0F-8492BE978AC7}]
"SlowInfoCache"=hex:28,02,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,\
  00,00,00,00,00,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00
"Changed"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{558CD0A7-0548-4220-88FE-01CC1477DF61}]
"SlowInfoCache"=hex:28,02,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,\
  00,00,00,00,00,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00
"Changed"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{5AC9F44E-06C7-41E3-A464-37177AB9105D}]
"SlowInfoCache"=hex:28,02,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,\
  00,00,00,00,00,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00
"Changed"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{7C3E3706-8FBD-4169-9726-0A47FBF9D32A}]
"SlowInfoCache"=hex:28,02,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,\
  00,00,00,00,00,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00
"Changed"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{901C63FD-6673-47A6-9B5F-B13E3EBFA470}]
"SlowInfoCache"=hex:28,02,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,\
  00,00,00,00,00,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00
"Changed"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C3CE4CED-46B0-407E-A703-7A83AAE02A36}]
"SlowInfoCache"=hex:28,02,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,\
  00,00,00,00,00,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00
"Changed"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{DBE84DB2-1794-4244-9859-9B720CA89B4D}]
"SlowInfoCache"=hex:28,02,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,\
  00,00,00,00,00,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00
"Changed"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{F68E3631-68ED-4970-8D77-B81FE83AA6A1}]
"SlowInfoCache"=hex:28,02,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,\
  00,00,00,00,00,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
  00,00,00,00,00,00,00,00
"Changed"=dword:00000000

[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"D:\\DOCUME~1\\R\\LOCALS~1\\Temp\\~nsu.tmp\\Au_.exe"="Au_"
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiMeneame
Responder Con Cita
  #24 (permalink)  
Antiguo 13/05/08, 05:49:42
Avatar de maco1128
Usuario Habitual
  
Registrado: dic 2007
Ubicación: Guayana/Venezuela
Mensajes: 1.227
Contactar con maco1128 a través de MSN
Re: anuncios CID como kitarlos?
Hola.

Para que estes seguro de la limpieza del Pc haz un escan con Kaspersky Antivirus online.

Si el reporte de Kaspersky muestra alguna infeccion lo pegas en una proxima respuesta.

Salu2.
__________________
[< Maco >]
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiMeneame
Responder Con Cita
  #25 (permalink)  
Antiguo 13/05/08, 09:08:54
Avatar de andu47
Usuario
  
Registrado: abr 2008
Ubicación: galilia
Mensajes: 21
hola de nuevo maco
te pego los resultados,pero creo que algo en todo lo que me dijistes no hice bien verdad?

Código HTML:
eliminado: programa troyano Backdoor.Win32.Bancodor.ap	File: D:\incoming\PC-Todo.En.Uno.V8.DVD.SPANISH.By.BoRrasS.[www.gamepcrip.com]\PC-Todo.En.Uno.V8.DVD.SPANISH.By.BoRrasS.[www.gamepcrip.com]\fsc-teu.v8\DVD5\TEU_V8_DVD1\AUTOPLAY\DOCS\MEDICINAS\VISTA\TIMESTOP\VISTACRACK.EXE


Eventos
-------
Hora	Nombre	Estado	Razón
----	------	------	-----
13/05/2008 12:02:33	File: D:\Documents and Settings\R\My Documents\00000001.tif	correcto	iSwift
13/05/2008 12:02:33	File: D:\Documents and Settings\R\My Documents\001-348 Galicia Asisa 2ED.pdf	correcto	iSwift
13/05/2008 12:02:33	File: D:\Documents and Settings\R\My Documents\1	correcto	iSwift
13/05/2008 12:02:33	File: D:\Documents and Settings\R\My Documents\17-12-reducida07,lamastelle.wav	correcto	iSwift
13/05/2008 12:02:33	File: D:\Documents and Settings\R\My Documents\19-12-reducida07nuevo.wav	correcto	iSwift
13/05/2008 12:02:33	File: D:\Documents and Settings\R\My Documents\1N540X.pdf	correcto	iSwift
13/05/2008 12:02:33	File: D:\Documents and Settings\R\My Documents\4-12-2007 lamastelle.WAV	correcto	iSwift
13/05/2008 12:02:33	File: D:\Documents and Settings\R\My Documents\4-12-2007lamastellreducidaei.mp3	correcto	iSwift
13/05/2008 12:02:34	File: D:\Documents and Settings\R\My Documents\5--12--07reducida.wav	correcto	analizado
13/05/2008 12:02:34	File: D:\Documents and Settings\R\My Documents\5--12--07reducida.wav:Zone.Identifier	correcto	analizado
13/05/2008 12:02:34	File: D:\Documents and Settings\R\My Documents\5-12-07,lamastelle.WAV	correcto	iSwift
13/05/2008 12:02:34	File: D:\Documents and Settings\R\My Documents\5-12-07.WAV	correcto	iSwift
13/05/2008 12:02:34	File: D:\Documents and Settings\R\My Documents\6-03-2008 original.WAV	correcto	iSwift
13/05/2008 12:02:34	File: D:\Documents and Settings\R\My Documents\800x600_house_wallpaper02.jpg	correcto	iSwift
13/05/2008 12:02:35	File: D:\Documents and Settings\R\My Documents\A ti me dicen que te olvide.doc	archivo comprimido Embedded	
13/05/2008 12:02:35	File: D:\Documents and Settings\R\My Documents\A ti me dicen que te olvide.doc/1Table	correcto	analizado
13/05/2008 12:02:35	File: D:\Documents and Settings\R\My Documents\A ti me dicen que te olvide.doc	correcto	analizado
13/05/2008 12:02:35	File: D:\Documents and Settings\R\My Documents\Abogada susi.doc	correcto	iSwift


Estadísticas
------------
Objeto	Analizados	Detectados	Sin procesar	Eliminados	Desplazado a cuarentena	Comprimido	Ejecutable comprimido	Protegido con contraseña	Dañado
------	----------	----------	------------	----------	-----------------------	----------	---------------------	------------------------	------
Total	881946	1	1	0	0	86318	1531	453	7
Mis documentos	14483	0	0	0	0	551	14	0	0
Buzones de correo	961	0	0	0	0	358	0	0	0
HDD (C:)	66152	0	0	0	0	109	332	105	0
DATA (D:)	637416	1	1	0	0	84324	876	340	2
Unidad DVD-RW (E:)	0	0	0	0	0	0	0	0	0
Disco extraíble (F:)	0	0	0	0	0	0	0	0	0
Disco extraíble (G:)	0	0	0	0	0	0	0	0	0
Disco extraíble (H:)	0	0	0	0	0	0	0	0	0
Disco extraíble (I:)	0	0	0	0	0	0	0	0	0
Nuevo (K:)	162934	0	0	0	0	976	309	8	5
Unidad DVD (L:)	0	0	0	0	0	0	0	0	0


Configuración
-------------
Nombre	Valor
------	-----
Nivel de seguridad	Recomendado
Acción	Preguntar al usuario después de terminar el análisis
Tipos de archivos	Todos
Analizar sólo los archivos nuevos y modificados	No
Analizar archivos comprimidos	Todos
Analizar objetos OLE incorporados	Todos
Ignorar si el objeto es mayor de	No
Ignorar si el análisis tarda más de	No
Analizar formatos de correo	No
Analizar archivos comprimidos protegidos por contraseña	No
Activar la tecnología iChecker	Sí
Activar la tecnología iSwift	Sí
Mostrar las amenazas detectadas en la ficha "Detectados"	Sí
por favor disculpa mi error la anterior respuesta lo hice con mi antivirus,ahora me acabo de dar cuenta,ahora lo hago como me dices en el mensaje,y cuando acabe pego los resultadossaludos

maco espero haber acertado por fin!!graciñas de verdad
saludos
Código HTML:
 KASPERSKY ONLINE SCANNER INFORME
 martes, 13 de mayo de 2008 21:43:42
 Sistema operativo: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
 Kaspersky Online Scanner versión: 5.0.84.1
 Ultima actualización: 13/05/2008
 Registros en la base antivirus: 769683
-------------------------------------------------------------------------------

Configuración del análisis:
	Analizar usando las siguientes bases: estendidas
	Analizar archivos: verdadero
	Analizar bases de correo: verdadero

Objetivo a analizar - Mi PC:
	C:\
	D:\
	E:\
	F:\
	G:\
	H:\
	I:\
	K:\
	L:\

Estadísticas:
	Número de objeros analizados: 293027
	Virus encontrados: 0
	Objetos infectados: 0 / 0
	Objetos sospechosos: 0
	Duración del análisis: 05:00:20

Bombre del objeto infectado / Nombre del virus / Última acción
C:\Program Files\config32\klog.dat	Object is locked	saltado
C:\Program Files\eMule\Temp\006.part	Object is locked	saltado
C:\Program Files\eMule\Temp\013.part	Object is locked	saltado
C:\Program Files\eMule\Temp\015.part	Object is locked	saltado
C:\Program Files\Yahoo!\Messenger\logs\billing_R.log	Object is locked	saltado
C:\Program Files\Yahoo!\Messenger\logs\client_R.log	Object is locked	saltado
C:\Program Files\Yahoo!\Messenger\logs\network_R.log	Object is locked	saltado
C:\WINDOWS\Debug\PASSWD.LOG	Object is locked	saltado
C:\WINDOWS\Registration\{02D4B3F1-FD88-11D1-960D-00805FC79235}.{B18F2B5D-BCE4-48BF-9CC3-C33C1FE6EDE9}.crmlog	Object is locked	saltado
C:\WINDOWS\SchedLgU.Txt	Object is locked	saltado
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log	Object is locked	saltado
C:\WINDOWS\Sti_Trace.log	Object is locked	saltado
C:\WINDOWS\system32\CatRoot2\edb.log	Object is locked	saltado
C:\WINDOWS\system32\CatRoot2\tmp.edb	Object is locked	saltado
C:\WINDOWS\system32\config\AppEvent.Evt	Object is locked	saltado
C:\WINDOWS\system32\config\DEFAULT	Object is locked	saltado
C:\WINDOWS\system32\config\default.LOG	Object is locked	saltado
C:\WINDOWS\system32\config\IntelDH.evt	Object is locked	saltado
C:\WINDOWS\system32\config\Media Ce.evt	Object is locked	saltado
C:\WINDOWS\system32\config\SAM	Object is locked	saltado
C:\WINDOWS\system32\config\SAM.LOG	Object is locked	saltado
C:\WINDOWS\system32\config\SecEvent.Evt	Object is locked	saltado
C:\WINDOWS\system32\config\SECURITY	Object is locked	saltado
C:\WINDOWS\system32\config\SECURITY.LOG	Object is locked	saltado
C:\WINDOWS\system32\config\SOFTWARE	Object is locked	saltado
C:\WINDOWS\system32\config\software.LOG	Object is locked	saltado
C:\WINDOWS\system32\config\SysEvent.Evt	Object is locked	saltado
C:\WINDOWS\system32\config\SYSTEM	Object is locked	saltado
C:\WINDOWS\system32\config\system.LOG	Object is locked	saltado
C:\WINDOWS\system32\drivers\fidbox.dat	Object is locked	saltado
C:\WINDOWS\system32\drivers\fidbox.idx	Object is locked	saltado
C:\WINDOWS\system32\drivers\fidbox2.dat	Object is locked	saltado
C:\WINDOWS\system32\drivers\fidbox2.idx	Object is locked	saltado
C:\WINDOWS\system32\h323log.txt	Object is locked	saltado
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR	Object is locked	saltado
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP	Object is locked	saltado
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER	Object is locked	saltado
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP	Object is locked	saltado
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP	Object is locked	saltado
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA	Object is locked	saltado
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP	Object is locked	saltado
C:\WINDOWS\Temp\~DF6E09.tmp	Object is locked	saltado
C:\WINDOWS\wiadebug.log	Object is locked	saltado
C:\WINDOWS\wiaservc.log	Object is locked	saltado
C:\WINDOWS\WindowsUpdate.log	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Report\0549_File_Monitoring_eventlog.rpt	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Report\054d_Web_Monitoring_eventlog.rpt	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Report\detected.idx	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Report\detected.rpt	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Report\eventlog.rpt	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Report\report.rpt	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.103.Crwl	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.103.gthr	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\MSStmp.log	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010001.wid	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010002.wid	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010003.wid	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000A.wid	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000B.wid	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.wid	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000D.wid	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000F.wid	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010016.wid	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001D.ci	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001D.wid	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001D.wsb	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.000	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\CiPT0000.000	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\Used0000.000	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\CiST0000.000	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk1.gthr	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk2.gthr	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy141.gthr	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\tmp.edb	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Windows.edb	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf1.tmp	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf2.tmp	Object is locked	saltado
D:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Perflib_Perfdata_4b8.dat	Object is locked	saltado
D:\Documents and Settings\All Users\Documents\Recorded TV\TempRec\TempSBE\MSDVRMM_340957528_10354688_430	Object is locked	saltado
D:\Documents and Settings\All Users\Documents\Recorded TV\TempRec\TempSBE\MSDVRMM_340957528_6815744_201	Object is locked	saltado
D:\Documents and Settings\All Users\Documents\Recorded TV\TempRec\TempSBE\SBE3.tmp	Object is locked	saltado
D:\Documents and Settings\All Users\Documents\Recorded TV\TempRec\TempSBE\SBE4.tmp	Object is locked	saltado
D:\Documents and Settings\All Users\Documents\Recorded TV\TempRec\{EA11E798-553F-4660-B155-0DBC6FE75961}.TmpSBE	Object is locked	saltado
D:\Documents and Settings\All Users\Documents\Recorded TV\TempRec\{EA799677-2ECF-4EF1-9202-4DA7157CBD7C}.TmpSBE	Object is locked	saltado
D:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat	Object is locked	saltado
D:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG	Object is locked	saltado
D:\Documents and Settings\LocalService\Local Settings\Temp\Archivos temporales de Internet\Content.IE5\index.dat	Object is locked	saltado
D:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat	Object is locked	saltado
D:\Documents and Settings\LocalService\Local Settings\Temp\Historial\History.IE5\index.dat	Object is locked	saltado
D:\Documents and Settings\LocalService\NTUSER.DAT	Object is locked	saltado
D:\Documents and Settings\LocalService\ntuser.dat.LOG	Object is locked	saltado
D:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat	Object is locked	saltado
D:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG	Object is locked	saltado
D:\Documents and Settings\NetworkService\NTUSER.DAT	Object is locked	saltado
D:\Documents and Settings\NetworkService\ntuser.dat.LOG	Object is locked	saltado
D:\Documents and Settings\R\Application Data\$_hpcst$.hpc	Object is locked	saltado
D:\Documents and Settings\R\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\AppLogs\SUPERANTISPYWARE-5-13-2008( 15-44-4 ).LOG	Object is locked	saltado
D:\Documents and Settings\R\Cookies\index.dat	Object is locked	saltado
D:\Documents and Settings\R\Local Settings\Application Data\Microsoft\Desktop Search\Logs\OTFSMonLog.txt	Object is locked	saltado
D:\Documents and Settings\R\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat	Object is locked	saltado
D:\Documents and Settings\R\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG	Object is locked	saltado
D:\Documents and Settings\R\Local Settings\History\History.IE5\index.dat	Object is locked	saltado
D:\Documents and Settings\R\Local Settings\History\History.IE5\MSHist012008051320080514\index.dat	Object is locked	saltado
D:\Documents and Settings\R\Local Settings\Temp\Perflib_Perfdata_b64.dat	Object is locked	saltado
D:\Documents and Settings\R\Local Settings\Temp\WCESLog.log	Object is locked	saltado
D:\Documents and Settings\R\Local Settings\Temporary Internet Files\Content.IE5\index.dat	Object is locked	saltado
D:\Documents and Settings\R\NTUSER.DAT	Object is locked	saltado
D:\Documents and Settings\R\ntuser.dat.LOG	Object is locked	saltado
D:\System Volume Information\MountPointManagerRemoteDatabase	Object is locked	saltado

Análisis completado.
Última edición por AntonioG fecha: 13/05/08 a las 16:26:50. Razón: Combinar mensajes en cadena, favor de usar el boton "Editar" para agregar informacion
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiMeneame
Responder Con Cita
  #26 (permalink)  
Antiguo 14/05/08, 15:46:22
Avatar de andu47
Usuario
  
Registrado: abr 2008
Ubicación: galilia
Mensajes: 21
Re: anuncios CID como kitarlos?
holame parece que el problema de los anuncios CID esta solucionado
no me ha vuelto a pasar,menos mal
lo de los virus no se!
muchas gracias maco por tu ayuda a solucionar el problema
un saludo
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiMeneame
Responder Con Cita
Respuesta
Página 3 de 3 < 12 3

« Tema Anterior | Próximo Tema »


Herramientas

Reglas del foro
no Puedes crear nuevos temas
no Puedes responder a temas
no Puedes adjuntar archivos
no Puedes editar tus mensajes
El código vB está activado
Las caritas están activado
Código [IMG] está activado
Código HTML está desactivado
Trackbacks está desactivado
Pingbacks está desactivado
Refbacks está desactivado

Temas Similares
Tema Autor Foro Respuestas Último mensaje
Problema con Explorer y spyware Arturo GMX Foro de Virus y Spywares 13 11/03/08 01:28:59
windows security alert con Worm Win32 Netsky detectado (SOLUCIONADO) jac52 Temas Solucionados 31 09/03/08 13:15:16
Solo para genios en virus y PC MasterVideogame Foro de Virus y Spywares 2 21/09/07 23:20:23
Como quitar CID? sergio4669 Foro Oficial de HijackThis en español 1 22/06/07 15:26:05
tengo viruses, como podria kitarlos? (Solucionado) el multas Temas Solucionados 15 16/06/07 09:55:28


Google
 
Foro Spyware Web



Todas las horas son GMT -4. La hora es 03:59:40.

Políticas del Foro - InfoSpyware - Sitemap - Contáctanos - Blog  

Powered by: vBulletin, Versión 3.6.10
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
© Copyright 2005 - 2008 InfoSpyware ® Todos los derechos reservados.
InfoSpyware es miembro de ASAP - Alliance of Security Analysis Professionals

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368