• Registrarse
  • Iniciar sesión


  • Página 2 de 2 PrimeroPrimero 12
    Resultados 11 al 12 de 12

    Virus policia imposible de eliminar

    Resumen del tema: Virus policia imposible de eliminar - El virus continua en el ordenador. El log es el siguiente: ========== OTL ========== HKU\Albert_ON_C\Software\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! Registry value HKEY_USERS\Albert_ON_C\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\ deleted successfully. File C:\Program ...

    1. #11
      Usuario Avatar de porlantz
      Registrado
      jun 2008
      Ubicación
      BCN
      Mensajes
      6

      Re: Virus policia imposible de eliminar

      El virus continua en el ordenador. El log es el siguiente:

      ========== OTL ==========
      HKU\Albert_ON_C\Software\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
      Registry value HKEY_USERS\Albert_ON_C\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\ deleted successfully.
      File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
      C:\Users\Albert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\heqlfxod.lnk moved successfully.
      File C:\Users\Albert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\heqlfxod.lnk not found.
      C:\ProgramData\heqlfxod.odd moved successfully.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{18fa874b-a32d-11e0-aa76-806e6f6e6963}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{18fa874b-a32d-11e0-aa76-806e6f6e6963}\ not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{18fa874b-a32d-11e0-aa76-806e6f6e6963}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{18fa874b-a32d-11e0-aa76-806e6f6e6963}\ not found.
      File E:\goodies\ar32s301.exe not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{18fa874b-a32d-11e0-aa76-806e6f6e6963}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{18fa874b-a32d-11e0-aa76-806e6f6e6963}\ not found.
      File E:\AOESETUP.EXE /autorun not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{18fa874b-a32d-11e0-aa76-806e6f6e6963}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{18fa874b-a32d-11e0-aa76-806e6f6e6963}\ not found.
      File E:\DirectX\dxsetup.exe not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{18fa874b-a32d-11e0-aa76-806e6f6e6963}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{18fa874b-a32d-11e0-aa76-806e6f6e6963}\ not found.
      File E:\DirectX\dplay60a.exe not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{18fa874b-a32d-11e0-aa76-806e6f6e6963}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{18fa874b-a32d-11e0-aa76-806e6f6e6963}\ not found.
      File E:\DirectX\dxdiag.exe not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{18fa874b-a32d-11e0-aa76-806e6f6e6963}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{18fa874b-a32d-11e0-aa76-806e6f6e6963}\ not found.
      File E:\DirectX\dxinfo.exe not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{18fa874b-a32d-11e0-aa76-806e6f6e6963}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{18fa874b-a32d-11e0-aa76-806e6f6e6963}\ not found.
      File E:\goodies\DirectX\dx5test.exe not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{18fa874b-a32d-11e0-aa76-806e6f6e6963}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{18fa874b-a32d-11e0-aa76-806e6f6e6963}\ not found.
      File E:\goodies\DirectX\dxtool.exe not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{18fa874b-a32d-11e0-aa76-806e6f6e6963}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{18fa874b-a32d-11e0-aa76-806e6f6e6963}\ not found.
      File E:\goodies\msinfo\msinfo32.exe not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{18fa874b-a32d-11e0-aa76-806e6f6e6963}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{18fa874b-a32d-11e0-aa76-806e6f6e6963}\ not found.
      File E:\Sampler\Sampler.exe not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{18fa874b-a32d-11e0-aa76-806e6f6e6963}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{18fa874b-a32d-11e0-aa76-806e6f6e6963}\ not found.
      File E:\AOESETUP.EXE /autorun not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{18fa874b-a32d-11e0-aa76-806e6f6e6963}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{18fa874b-a32d-11e0-aa76-806e6f6e6963}\ not found.
      File E:\sampler\demos\zone\zoneA501.exe not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4d01cc11-87b1-11e1-a029-0014853d5139}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4d01cc11-87b1-11e1-a029-0014853d5139}\ not found.
      C:\Windows\Tasks\SCHEDLGU.TXT moved successfully.
      Unable to delete ADS C:\ProgramData\TEMP:56E2E879:Files .
      ========== COMMANDS ==========

      [EMPTYFLASH]

      User: Albert

      User: All Users

      User: Default
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes

      User: Default User
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes

      User: Public

      Total Flash Files Cleaned = 0.00 mb


      [EMPTYTEMP]

      User: Albert

      User: All Users

      User: Default
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes

      User: Default User
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes

      User: Public

      %systemdrive% .tmp files removed: 0 bytes
      %systemroot% .tmp files removed: 0 bytes
      %systemroot%\System32 .tmp files removed: 0 bytes
      %systemroot%\System32\drivers .tmp files removed: 0 bytes
      Windows Temp folder emptied: 95027928 bytes

      Total Files Cleaned = 91.00 mb

      C:\Windows\System32\drivers\etc\Hosts moved successfully.
      HOSTS file reset successfully

      OTLPE by OldTimer - Version 3.1.48.0 log created on 01222014_110505

    2. #12
      Moderador Gral.
      Avatar de Javierhf
      Registrado
      jun 2006
      Ubicación
      España - Madrid
      Mensajes
      16.497

      Re: Virus policia imposible de eliminar

      Buenas de nuevo, perdona el retraso.

      Veamos si podemos ver donde se esconde el "maldito", vuelve a sacar un informe como el que te indiqué en el post #4, pero poniendo estos parámetros en la ventana "Custom/Scan Fixes" :
      netsvcs
      msconfig
      drivers32
      activex
      %appdata%\*.exe /ncn /s
      %windir%\system32\*.sys /lockedfiles
      %programfiles%\*.*
      %allusersprofile%\*.*
      %SYSTEMDRIVE%\*.*
      Copialo y pegalo en la ventana y pulsa el botón "Run Scan" y nos pones el nuevo log.

      Y hazlo todo igualmente con el cable de conexión al router desconectado.

      Saludos.
      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    Página 2 de 2 PrimeroPrimero 12