Foro de InfoSpyware - Foro de Hijackthis - Foro de Virus

Buenos días a todos,

Tengo varios virus y espías localizados por Avast antivirus.

Este es el resultado del escaneo:



Los virus están en lo que el programa llama baúl. No sé si significará que están en cuarentena o que...

Quisiera saber si los puedo eliminar sin más o tengo que dar otros pasos.

Espero vuestras sugerencias.

Gracias.

Hola Aeet,

Puedes eliminarlos sin problemas de la cuarentena (Vault).

Luego vuelve a escanear tu PC con tu antivirus residente o puedes pasarle estos Antivirus Online: Ewido y Kaspersky (en ese orden) para ver si encuentran algo más.

Nos comentas,
Dilbert.

Gracias Dilbert,

Los he borrado y he pasado el ewido y el kaspersky.

Este es el reporte de Ewido:

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 12:53:11 10/01/2007

+ Scan result:



:mozilla.199:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.200:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.665:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.666:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
C:\Documents and Settings\Administrador\Cookies\administrador@bfast[2].txt -> TrackingCookie.Bfast : Cleaned.
:mozilla.174:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.175:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Clickzs : Cleaned.
C:\Documents and Settings\Administrador\Cookies\administrador@cpvfe ed[2].txt -> TrackingCookie.Cpvfeed : Cleaned.
C:\Documents and Settings\Administrador\Cookies\administrador@cpvfe ed[3].txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.218:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.219:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.220:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.221:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.223:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.224:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.225:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.226:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.61:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.727:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.728:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.729:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
C:\Documents and Settings\Administrador\Cookies\administrador@links ynergy[1].txt -> TrackingCookie.Linksynergy : Cleaned.
:mozilla.667:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.668:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.669:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.654:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Masterstats : Cleaned.
C:\Documents and Settings\Administrador\Cookies\administrador@media plex[1].txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Administrador\Cookies\administrador@www.m yaffiliateprogram[2].txt -> TrackingCookie.Myaffiliateprogram : Cleaned.
:mozilla.74:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.75:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.76:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.77:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.78:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.79:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.64:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.65:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.66:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.67:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.68:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.69:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.70:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
C:\Documents and Settings\Administrador\Cookies\administrador@stats 1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.502:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.506:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.507:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.508:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.509:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.510:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.277:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.278:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.279:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.280:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.281:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.282:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.650:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.651:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.530:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.531:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Administrador\Cookies\administrador@trade doubler[2].txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.562:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.563:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.564:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.6:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.7:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.8:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.9:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.594:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.595:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.596:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cookies.txt -> TrackingCookie.Zedo : Cleaned.
C:\Documents and Settings\Administrador\Escritorio\Instalación MP4\AMV Convert Tools_3-5 02\MP3set3_5_02.rar/MSI.CAB/_6227252443C841BF9FFDFF29A9856421 -> Trojan.DelAll.q : Cleaned with backup (quarantined).
C:\Documents and Settings\Administrador\Escritorio\Instalación MP4\AMV Convert Tools_3-5 02\MSI.CAB/_6227252443C841BF9FFDFF29A9856421 -> Trojan.DelAll.q : Cleaned with backup (quarantined).
C:\Documents and Settings\Administrador\Escritorio\Instalación MP4\AMV Convert Tools_3.68\MSI.CAB/_6227252443C841BF9FFDFF29A9856421 -> Trojan.DelAll.q : Cleaned with backup (quarantined).
C:\Documents and Settings\Administrador\Escritorio\Instalación MP4\The AMV movie conversion tool\MP3set3_68\MSI.CAB/_6227252443C841BF9FFDFF29A9856421 -> Trojan.DelAll.q : Cleaned with backup (quarantined).

::Report end


En el siguiente post te pongo el de Kaspersky.

Muchas gracias.

Reporte del escaneado de Kaspersky:

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Wednesday, January 10, 2007 4:14:05 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 10/01/2007
Kaspersky Anti-Virus database records: 257336
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
F:\

Scan Statistics:
Total number of scanned objects: 47282
Number of viruses found: 15
Number of infected objects: 157 / 0
Number of suspicious objects: 0
Duration of the scan process: 00:45:24

Infected Object Name / Virus Name / Last Action
C:\Archivos de programa\Avast\DATA\aswResp.dat Object is locked skipped
C:\Archivos de programa\Avast\DATA\Avast4.db Object is locked skipped
C:\Archivos de programa\Avast\DATA\log\AshWebSv.ws Object is locked skipped
C:\Archivos de programa\Avast\DATA\log\aswMaiSv.log Object is locked skipped
C:\Archivos de programa\Avast\DATA\log\nshield.log Object is locked skipped
C:\Archivos de programa\Avast\DATA\report\Protección residente.txt Object is locked skipped
C:\Archivos de programa\VSAdd-in\VSAdd-in.dll Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\Administrador\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\ApplicationHistory\hpqgalry.exe.733f6a55. ini.inuse Object is locked skipped
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\HP\Digital Imaging\db\administrativeInfo.dbf Object is locked skipped
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\HP\Digital Imaging\db\albumImagesTable.cdx Object is locked skipped
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\HP\Digital Imaging\db\albumImagesTable.dbf Object is locked skipped
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\HP\Digital Imaging\db\albumTable.cdx Object is locked skipped
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\HP\Digital Imaging\db\albumTable.dbf Object is locked skipped
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\HP\Digital Imaging\db\CB_Server_Errors.txt Object is locked skipped
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\HP\Digital Imaging\db\EXIFTable.cdx Object is locked skipped
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\HP\Digital Imaging\db\EXIFTable.dbf Object is locked skipped
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\HP\Digital Imaging\db\imageTable.cdx Object is locked skipped
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\HP\Digital Imaging\db\imageTable.dbf Object is locked skipped
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\HP\Digital Imaging\db\imageTable.fpt Object is locked skipped
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\HP\Digital Imaging\db\keywordImagesTable.cdx Object is locked skipped
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\HP\Digital Imaging\db\keywordImagesTable.dbf Object is locked skipped
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\HP\Digital Imaging\db\keywordTable.cdx Object is locked skipped
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\HP\Digital Imaging\db\keywordTable.dbf Object is locked skipped
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\HP\Digital Imaging\db\managedFolderTable.dbf Object is locked skipped
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\HP\Digital Imaging\db\pathnameTable.cdx Object is locked skipped
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\HP\Digital Imaging\db\pathnameTable.dbf Object is locked skipped
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\HP\Digital Imaging\db\ROFImagesTable.cdx Object is locked skipped
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\HP\Digital Imaging\db\ROFImagesTable.dbf Object is locked skipped
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\HP\Digital Imaging\db\ROFTable.cdx Object is locked skipped
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\HP\Digital Imaging\db\ROFTable.dbf Object is locked skipped
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Microsoft\Messenger\juaniniguez@hotmail.c om\SharingMetadata\Logs\Dfsr.log Object is locked skipped
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Microsoft\Messenger\juaniniguez@hotmail.c om\SharingMetadata\pending.dat Object is locked skipped
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Microsoft\Messenger\juaniniguez@hotmail.c om\SharingMetadata\Working\database_A9C_1C53_255C_ B2C0\dfsr.db Object is locked skipped
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Microsoft\Messenger\juaniniguez@hotmail.c om\SharingMetadata\Working\database_A9C_1C53_255C_ B2C0\fsr.log Object is locked skipped
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Microsoft\Messenger\juaniniguez@hotmail.c om\SharingMetadata\Working\database_A9C_1C53_255C_ B2C0\fsrtmp.log Object is locked skipped
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Microsoft\Messenger\juaniniguez@hotmail.c om\SharingMetadata\Working\database_A9C_1C53_255C_ B2C0\tmp.edb Object is locked skipped
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Microsoft\Windows Live Contacts\juaniniguez@hotmail.com\real\members.stg Object is locked skipped
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Microsoft\Windows Live Contacts\juaniniguez@hotmail.com\shadow\members.st g Object is locked skipped
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \Cache\6F7AFF4Ad01 Infected: not-a-virus:Downloader.Win32.WinFixer.m skipped
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \Cache\_CACHE_001_ Object is locked skipped
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \Cache\_CACHE_002_ Object is locked skipped
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \Cache\_CACHE_003_ Object is locked skipped
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \Cache\_CACHE_MAP_ Object is locked skipped
C:\Documents and Settings\Administrador\Configuración local\Historial\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Administrador\Configuración local\Historial\History.IE5\MSHist0120070110200701 11\index.dat Object is locked skipped
C:\Documents and Settings\Administrador\Configuración local\Temp\hpodvd09.log Object is locked skipped
C:\Documents and Settings\Administrador\Configuración local\Temp\QSMAS_S1.TRA Object is locked skipped
C:\Documents and Settings\Administrador\Configuración local\Temp\temp.fr610C\VSAdd-in.dll Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\Administrador\Configuración local\Temp\~DF759E.tmp Object is locked skipped
C:\Documents and Settings\Administrador\Configuración local\Temp\~DF8367.tmp Object is locked skipped
C:\Documents and Settings\Administrador\Configuración local\Temp\~DF8378.tmp Object is locked skipped
C:\Documents and Settings\Administrador\Configuración local\Temp\~DF9534.tmp Object is locked skipped
C:\Documents and Settings\Administrador\Configuración local\Temp\~DF9557.tmp Object is locked skipped
C:\Documents and Settings\Administrador\Configuración local\Temp\~DFE07E.tmp Object is locked skipped
C:\Documents and Settings\Administrador\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \formhistory.dat Object is locked skipped
C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \history.dat Object is locked skipped
C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \parent.lock Object is locked skipped
C:\Documents and Settings\Administrador\Datos de programa\Sun\Java\Deployment\cache\javapi\v1.0\jar \java.jar-5f22f99-187a6b2c.zip/GetAccess.class Infected: Trojan-Downloader.Java.OpenConnection.aj skipped
C:\Documents and Settings\Administrador\Datos de programa\Sun\Java\Deployment\cache\javapi\v1.0\jar \java.jar-5f22f99-187a6b2c.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.aj skipped
C:\Documents and Settings\Administrador\Datos de programa\Sun\Java\Deployment\cache\javapi\v1.0\jar \java.jar-5f22f99-187a6b2c.zip ZIP: infected - 2 skipped
C:\Documents and Settings\Administrador\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Administrador\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Historial\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\tracking.log Object is locked skipped
C:\System Volume Information\_restore{27BBF476-A824-438F-93A9-39BC37483C34}\RP196\A0017937.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.109 skipped
C:\System Volume Information\_restore{27BBF476-A824-438F-93A9-39BC37483C34}\RP196\A0017940.exe Infected: Trojan.Win32.Small.ju skipped
C:\System Volume Information\_restore{27BBF476-A824-438F-93A9-39BC37483C34}\RP196\A0017943.exe Infected: Trojan.Win32.Small.ju skipped
C:\System Volume Information\_restore{27BBF476-A824-438F-93A9-39BC37483C34}\RP196\A0017944.exe Infected: not-a-virus:Downloader.Win32.WinFixer.r skipped
C:\System Volume Information\_restore{27BBF476-A824-438F-93A9-39BC37483C34}\RP203\A0018674.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ek skipped
C:\System Volume Information\_restore{27BBF476-A824-438F-93A9-39BC37483C34}\RP242\A0022979.exe Infected: not-a-virus:AdWare.Win32.Dudu.f skipped
C:\System Volume Information\_restore{27BBF476-A824-438F-93A9-39BC37483C34}\RP242\A0023201.dll Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{27BBF476-A824-438F-93A9-39BC37483C34}\RP242\A0023225.dll Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{27BBF476-A824-438F-93A9-39BC37483C34}\RP242\A0023243.dll Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{27BBF476-A824-438F-93A9-39BC37483C34}\RP242\A0023258.dll Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{27BBF476-A824-438F-93A9-39BC37483C34}\RP242\A0023265.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{27BBF476-A824-438F-93A9-39BC37483C34}\RP242\A0023266.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{27BBF476-A824-438F-93A9-39BC37483C34}\RP242\A0023267.exe Infected: not-a-virus:AdWare.Win32.Searchcolor.a skipped
C:\System Volume Information\_restore{27BBF476-A824-438F-93A9-39BC37483C34}\RP242\A0023268.dll Infected: Trojan.Win32.BHO.o skipped
C:\System Volume Information\_restore{27BBF476-A824-438F-93A9-39BC37483C34}\RP242\A0023269.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{27BBF476-A824-438F-93A9-39BC37483C34}\RP242\A0023270.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{27BBF476-A824-438F-93A9-39BC37483C34}\RP242\A0023271.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{27BBF476-A824-438F-93A9-39BC37483C34}\RP242\A0023272.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{27BBF476-A824-438F-93A9-39BC37483C34}\RP242\A0023273.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{27BBF476-A824-438F-93A9-39BC37483C34}\RP242\A0023274.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{27BBF476-A824-438F-93A9-39BC37483C34}\RP242\A0023286.dll Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{27BBF476-A824-438F-93A9-39BC37483C34}\RP242\A0024286.dll Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{27BBF476-A824-438F-93A9-39BC37483C34}\RP243\A0024300.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{27BBF476-A824-438F-93A9-39BC37483C34}\RP243\A0024302.dll Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{27BBF476-A824-438F-93A9-39BC37483C34}\RP243\A0024304.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{27BBF476-A824-438F-93A9-39BC37483C34}\RP243\A0024314.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{27BBF476-A824-438F-93A9-39BC37483C34}\RP243\A0024315.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{27BBF476-A824-438F-93A9-39BC37483C34}\RP243\A0024319.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{27BBF476-A824-438F-93A9-39BC37483C34}\RP243\A0024320.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{27BBF476-A824-438F-93A9-39BC37483C34}\RP243\A0024322.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{27BBF476-A824-438F-93A9-39BC37483C34}\RP243\A0024323.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{27BBF476-A824-438F-93A9-39BC37483C34}\RP244\A0024344.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{27BBF476-A824-438F-93A9-39BC37483C34}\RP244\A0024345.dll Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{27BBF476-A824-438F-93A9-39BC37483C34}\RP244\A0024347.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{27BBF476-A824-438F-93A9-39BC37483C34}\RP244\A0024351.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{27BBF476-A824-438F-93A9-39BC37483C34}\RP244\A0024352.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{27BBF476-A824-438F-93A9-39BC37483C34}\RP244\A0024357.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{27BBF476-A824-438F-93A9-39BC37483C34}\RP244\A0024358.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{27BBF476-A824-438F-93A9-39BC37483C34}\RP244\A0024360.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{27BBF476-A824-438F-93A9-39BC37483C34}\RP244\A0024361.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{27BBF476-A824-438F-93A9-39BC37483C34}\RP244\A0024371.dll Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{27BBF476-A824-438F-93A9-39BC37483C34}\RP244\A0024392.dll Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{27BBF476-A824-438F-93A9-39BC37483C34}\RP244\A0024433.dll Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{27BBF476-A824-438F-93A9-39BC37483C34}\RP244\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\MKDEMSG.LOG Object is locked skipped
C:\WINDOWS\MKDEWE.TRN Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{83D3B3 4F-267A-4366-9FFF-237912193E8E}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.lo g Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\aceiconu.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\WINDOWS\system32\adlxuybs.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\attyrbor.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\bjhmrsct.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\byiajrky.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\caggdonw.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\CatRoot\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\ahrdldl.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.fl skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\config\systemprofile\Configura ción local\Archivos temporales de Internet\Content.IE5\index.dat Object is locked skipped
C:\WINDOWS\system32\config\systemprofile\Configura ción local\Historial\History.IE5\index.dat Object is locked skipped
C:\WINDOWS\system32\config\systemprofile\Cookies\i ndex.dat Object is locked skipped
C:\WINDOWS\system32\cytawajc.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\dbblhleh.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\dhisyljv.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\WINDOWS\system32\dpcngffd.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\dpiiedsf.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\dqycfeqy.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\eblsnbmn.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\eerdffbf.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\ekjbdogc.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\eoojijeh.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\epwyogvr.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\euiptklf.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\ewkvtbtp.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\feicwnrk.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\fkeonafy.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\WINDOWS\system32\flpiplbc.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\fnrvjoxb.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\gersixok.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\gfxwcafp.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\gpkyvwbr.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\grasikbm.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\hccndmje.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\WINDOWS\system32\hdixnwod.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\WINDOWS\system32\heqqtckf.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\hiedwycv.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\WINDOWS\system32\hqfdqcir.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\hsboeofn.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\WINDOWS\system32\htnppdwk.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\hvfcxtfc.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\hykbtqjc.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\jcdpksky.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\WINDOWS\system32\jefnnrwt.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\jofodgat.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\WINDOWS\system32\jvdalhxt.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ft skipped
C:\WINDOWS\system32\jvuggksq.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\jyfxonfl.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\kqrfwenl.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\kwixapdl.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\kxjktavc.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\lckyywne.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\lnrnfkhh.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\lwtugqyx.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\lxqqqoes.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\WINDOWS\system32\meoyiaer.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\mktbhkoh.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\msdqqcix.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\ndbuaimp.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\nmqvkutt.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\nmyjxrca.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\nnyulqbx.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\noxmcmka.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\WINDOWS\system32\oapiwvyr.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\ohingbyk.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\WINDOWS\system32\ojkqwwrh.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\ojqovsnx.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\WINDOWS\system32\okkdipoq.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\oqqgmqbd.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\peslbrsx.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\pityrdnl.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\ptxobdrm.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\WINDOWS\system32\pudlfonq.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\qffpamhv.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\qgumwxdk.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\qkwchiov.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\ratoohrc.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\rigfyofp.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\WINDOWS\system32\rmfbneqy.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\rqxyntik.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\slfajhid.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\WINDOWS\system32\smgmtdgt.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\WINDOWS\system32\sxpmkrds.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\syghiyqw.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\syhobjil.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\toxnvpns.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\ueltytnb.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\uiyvkvya.dll Infected: Trojan.Win32.BHO.g skipped
C:\WINDOWS\system32\uroncxsf.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\usdjjnca.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\WINDOWS\system32\vcdbacul.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\vgguulnh.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\vgvnrvma.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\vimbrtbw.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\vkhaarhc.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\vrtgdand.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\vsegppyk.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MA P Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MA P Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DAT A Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\system32\wgcojeui.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\wgfbnbds.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\wgxnybhc.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\whjgwsmd.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\wtvnmjqd.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\wxjjcbtp.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\wyhvfaem.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\xgjmtmll.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\xhbwdfnq.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\xkuurhml.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\xnjdgyvq.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\xpuakbgc.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\xxdoseau.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\yfppwmwy.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\system32\yqdetqfi.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\WINDOWS\system32\yueagexs.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\Temp\Perflib_Perfdata_70c.dat Object is locked skipped
C:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.

Hola Aeet

Sigue estos pasos:

Descarga y Actualiza todas las herramientas antes de comenzar

1.- Desactiva Restaurar Sistema

2.- Activa Ver Archivos Ocultos

3.- Reinicia el pc en Modo a Prueba de Fallos

4.- Ve a inicio/panel de control/ agregar o quitar programas y desinstalas el VSAdd-in

5.- Busca y elimina estos archivos, en caso de que no los puedas eliminar utilizas la herramienta "Killbox"

C:\WINDOWS\system32\aceiconu.dll
C:\WINDOWS\system32\adlxuybs.exe
C:\WINDOWS\system32\attyrbor.exe
C:\WINDOWS\system32\bjhmrsct.exe
C:\WINDOWS\system32\byiajrky.exe
C:\WINDOWS\system32\caggdonw.exe
C:\WINDOWS\system32\CatRoot\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\ahrdldl.dll
C:\WINDOWS\system32\cytawajc.exe
C:\WINDOWS\system32\dbblhleh.exe
C:\WINDOWS\system32\dhisyljv.dll
C:\WINDOWS\system32\dpcngffd.exe
C:\WINDOWS\system32\dpiiedsf.exe
C:\WINDOWS\system32\dqycfeqy.exe
C:\WINDOWS\system32\eblsnbmn.exe
C:\WINDOWS\system32\eerdffbf.exe
C:\WINDOWS\system32\ekjbdogc.exe
C:\WINDOWS\system32\eoojijeh.exe
C:\WINDOWS\system32\epwyogvr.exe
C:\WINDOWS\system32\euiptklf.exe
C:\WINDOWS\system32\ewkvtbtp.exe
C:\WINDOWS\system32\feicwnrk.exe
C:\WINDOWS\system32\fkeonafy.dll
C:\WINDOWS\system32\flpiplbc.exe
C:\WINDOWS\system32\fnrvjoxb.exe
C:\WINDOWS\system32\gersixok.exe
C:\WINDOWS\system32\gfxwcafp.exe
C:\WINDOWS\system32\gpkyvwbr.exe
C:\WINDOWS\system32\grasikbm.dll
C:\WINDOWS\system32\hccndmje.dll
C:\WINDOWS\system32\hdixnwod.dll
C:\WINDOWS\system32\heqqtckf.exe
C:\WINDOWS\system32\hiedwycv.dll
C:\WINDOWS\system32\hqfdqcir.exe
C:\WINDOWS\system32\hsboeofn.dll
C:\WINDOWS\system32\htnppdwk.exe
C:\WINDOWS\system32\hvfcxtfc.exe
C:\WINDOWS\system32\hykbtqjc.exe
C:\WINDOWS\system32\jcdpksky.dll
C:\WINDOWS\system32\jefnnrwt.exe
C:\WINDOWS\system32\jofodgat.dll
C:\WINDOWS\system32\jvdalhxt.dll
C:\WINDOWS\system32\jvuggksq.exe
C:\WINDOWS\system32\jyfxonfl.exe
C:\WINDOWS\system32\kqrfwenl.exe
C:\WINDOWS\system32\kwixapdl.exe
C:\WINDOWS\system32\kxjktavc.exe
C:\WINDOWS\system32\lckyywne.exe
C:\WINDOWS\system32\lnrnfkhh.exe
C:\WINDOWS\system32\lwtugqyx.exe
C:\WINDOWS\system32\lxqqqoes.dll
C:\WINDOWS\system32\meoyiaer.exe
C:\WINDOWS\system32\mktbhkoh.exe
C:\WINDOWS\system32\msdqqcix.exe
C:\WINDOWS\system32\ndbuaimp.exe
C:\WINDOWS\system32\nmqvkutt.exe
C:\WINDOWS\system32\nmyjxrca.exe
C:\WINDOWS\system32\nnyulqbx.exe
C:\WINDOWS\system32\noxmcmka.dll
C:\WINDOWS\system32\oapiwvyr.exe
C:\WINDOWS\system32\ohingbyk.dll
C:\WINDOWS\system32\ojkqwwrh.exe
C:\WINDOWS\system32\ojqovsnx.dll
C:\WINDOWS\system32\okkdipoq.exe
C:\WINDOWS\system32\oqqgmqbd.exe
C:\WINDOWS\system32\peslbrsx.exe
C:\WINDOWS\system32\pityrdnl.exe
C:\WINDOWS\system32\ptxobdrm.dll
C:\WINDOWS\system32\pudlfonq.exe
C:\WINDOWS\system32\qffpamhv.exe
C:\WINDOWS\system32\qgumwxdk.exe
C:\WINDOWS\system32\qkwchiov.exe
C:\WINDOWS\system32\ratoohrc.exe
C:\WINDOWS\system32\rigfyofp.dll
C:\WINDOWS\system32\rmfbneqy.exe
C:\WINDOWS\system32\rqxyntik.exe
C:\WINDOWS\system32\slfajhid.dll
C:\WINDOWS\system32\smgmtdgt.dll
C:\WINDOWS\system32\sxpmkrds.exe
C:\WINDOWS\system32\syghiyqw.exe
C:\WINDOWS\system32\syhobjil.exe
C:\WINDOWS\system32\toxnvpns.exe
C:\WINDOWS\system32\ueltytnb.exe
C:\WINDOWS\system32\uiyvkvya.dll
C:\WINDOWS\system32\uroncxsf.exe
C:\WINDOWS\system32\usdjjnca.dll
C:\WINDOWS\system32\vcdbacul.exe
C:\WINDOWS\system32\vgguulnh.exe
C:\WINDOWS\system32\vgvnrvma.exe
C:\WINDOWS\system32\vimbrtbw.exe
C:\WINDOWS\system32\vkhaarhc.exe
C:\WINDOWS\system32\vrtgdand.exe
C:\WINDOWS\system32\vsegppyk.exe
C:\WINDOWS\system32\wgcojeui.exe
C:\WINDOWS\system32\wgfbnbds.exe
C:\WINDOWS\system32\wgxnybhc.exe
C:\WINDOWS\system32\whjgwsmd.exe
C:\WINDOWS\system32\wtvnmjqd.exe
C:\WINDOWS\system32\wxjjcbtp.exe
C:\WINDOWS\system32\wyhvfaem.exe
C:\WINDOWS\system32\xgjmtmll.exe
C:\WINDOWS\system32\xhbwdfnq.exe
C:\WINDOWS\system32\xkuurhml.exe
C:\WINDOWS\system32\xnjdgyvq.exe
C:\WINDOWS\system32\xpuakbgc.exe
C:\WINDOWS\system32\xxdoseau.exe
C:\WINDOWS\system32\yfppwmwy.exe
C:\WINDOWS\system32\yqdetqfi.dll
C:\WINDOWS\system32\yueagexs.exe

C:\Documents and Settings\Administrador\Configuración local\Temp <--- Elimina todo el contenido de esta carpeta
C:\Archivos de programa\VSAdd-in <--- Elimina esta carpeta y todo el contenido

6.- Limpia la carpeta de memoria caché de java

7.- Ejecuta el Ewido y elimina los archivos en cuarentena

8.- Analiza el sistema con SpyBot Search & Destroy y con el AVG Anti-spyware - Manual

9.- Reinicia, entra en modo normal y analiza el sistema con VundoFix.exe

10.- Utiliza el Ccleaner - Manual para eliminar las cookies y temporales

11.- Utiliza el Regseeker - Manual para limpiar el registro

12.- Analiza el sistema con Kaspersky online - Manual

Nota* Al terminar vuelve a activar restaurar sistema y esconde los archivos ocultos

Me cuentas los resultados y pegas un nuevo log de HijackThis

salu2

Buenos días,

Aquí pongo el log de HJT.
He seguido uno a uno los pasos que me indicaste. De momento no me aparece nada.

Logfile of HijackThis v1.99.1
Scan saved at 9:41:19, on 12/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Archivos de programa\Avast\aswUpdSv.exe
C:\Archivos de programa\Avast\ashServ.exe
C:\Archivos de programa\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Archivos de programa\HP\HP Software Update\HPWuSchd2.exe
C:\Archivos de programa\Archivos comunes\Real\Update_OB\realsched.exe
C:\ARCHIV~1\Avast\ashDisp.exe
C:\Archivos de programa\AVG Anti-Spyware 7.5\avgas.exe
C:\Archivos de programa\Java\jre1.5.0\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Archivos de programa\Combinación inalámbrica Labtec\MagicKey.exe
C:\Archivos de programa\HP\Digital Imaging\bin\hpqtra08.exe
C:\Archivos de programa\Combinación inalámbrica Labtec\MulMouse.exe
C:\Archivos de programa\Archivos comunes\Sonic Shared\CineTray.exe
C:\Archivos de programa\Avast\ashMaiSv.exe
C:\Archivos de programa\Avast\ashWebSv.exe
C:\Archivos de programa\Combinación inalámbrica Labtec\OSD.EXE
C:\Archivos de programa\HP\Digital Imaging\bin\hpqgalry.exe
C:\Archivos de programa\Mozilla Firefox\firefox.exe
C:\Archivos de programa\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
O1 - Hosts: 169.254.101.202 HP000D9D28DCDA
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Archivos de programa\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {0DE1C3B1-A0B0-410D-BFE1-0B46489A175F} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARCHIV~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7DA39570-5FD2-4f18-94B4-20730CB3F727} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Archivos de programa\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Acceso directo a la página de propiedades de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [PTHOSTTR] C:\Archivos de programa\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [SetRefresh] C:\Archivos de programa\Compaq\SetRefresh\SetRefresh.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Archivos de programa\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Archivos de programa\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Archivos de programa\Archivos comunes\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Archivos de programa\Archivos comunes\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [avast!] C:\ARCHIV~1\Avast\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Archivos de programa\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Archivos de programa\Java\jre1.5.0\bin\jusched.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Activar combinación inalámbrica Labtec.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Archivos de programa\Archivos comunes\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Archivos de programa\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Inicio rápido de Adobe Reader.lnk = C:\Archivos de programa\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Inicio rápido de HP Image Zone.lnk = C:\Archivos de programa\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Archivos de programa\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Sonic CinePlayer Quick Launch.lnk = C:\Archivos de programa\Archivos comunes\Sonic Shared\CineTray.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O15 - Trusted Zone: http://locator.cdn.imageservr.com
O15 - Trusted Zone: http://www.realeonline.com
O15 - Trusted Zone: www.realeonline.net
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {CAFECAFE-0013-0001-0022-ABCDEFABCDEF} (JInitiator 1.3.1.22) -
O17 - HKLM\System\CCS\Services\Tcpip\..\{DD3A8E0D-B365-4532-8CBB-294A7D008F7D}: NameServer = 194.224.52.4,194.224.52.6
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARCHIV~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARCHIV~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: wintuh32 - wintuh32.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Archivos de programa\Avast\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Archivos de programa\Avast\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Archivos de programa\Avast\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Archivos de programa\Avast\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Archivos de programa\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Archivos de programa\HPQ\Shared\hpqwmi.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Archivos de programa\Archivos comunes\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe


Espero tu opinión.

Sobre todo...muchísimas gracias por tu tiempo.

Hola Aeet

El log no muestra mayores problemas, luego me cuentas como va el problema

1.- Desactiva Restaurar Sistema

2.- Reinicia el pc en Modo a Prueba de Fallos

3.- Cierra todos los programas, luego ejecuta el HijackThis, marca y les das "Fix Checked" a las siguientes entradas:

O2 - BHO: (no name) - {0DE1C3B1-A0B0-410D-BFE1-0B46489A175F} - (no file)

O2 - BHO: (no name) - {7DA39570-5FD2-4f18-94B4-20730CB3F727} - (no file)

O20 - Winlogon Notify: wintuh32 - wintuh32.dll (file missing)

4.- Utiliza el Ccleaner - Manual para eliminar las cookies y temporales

5.- Utiliza el Regseeker - Manual para limpiar el registro

6.- Reinicia, entra en modo normal y analiza el sistema con Kaspersky online - Manual

Nota* Al terminar vuelve a activar restaurar sistema

Me cuentas los resultados y pegas un nuevo log de HijackThis

salu2

Hola nextspy,

Aquí te pongo el reporte de hjt:

Logfile of HijackThis v1.99.1
Scan saved at 18:20:50, on 18/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Archivos de programa\Avast\aswUpdSv.exe
C:\Archivos de programa\Avast\ashServ.exe
C:\Archivos de programa\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Archivos de programa\HP\HP Software Update\HPWuSchd2.exe
C:\Archivos de programa\Archivos comunes\Real\Update_OB\realsched.exe
C:\ARCHIV~1\Avast\ashDisp.exe
C:\Archivos de programa\AVG Anti-Spyware 7.5\avgas.exe
C:\Archivos de programa\Java\jre1.5.0\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Archivos de programa\Combinación inalámbrica Labtec\MagicKey.exe
C:\Archivos de programa\HP\Digital Imaging\bin\hpqtra08.exe
C:\Archivos de programa\Combinación inalámbrica Labtec\MulMouse.exe
C:\Archivos de programa\Avast\ashMaiSv.exe
C:\Archivos de programa\Archivos comunes\Sonic Shared\CineTray.exe
C:\Archivos de programa\Avast\ashWebSv.exe
C:\Archivos de programa\Combinación inalámbrica Labtec\OSD.EXE
C:\Archivos de programa\HP\Digital Imaging\bin\hpqgalry.exe
C:\Archivos de programa\Mozilla Firefox\firefox.exe
C:\Archivos de programa\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
O1 - Hosts: 169.254.101.202 HP000D9D28DCDA
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Archivos de programa\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARCHIV~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Archivos de programa\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Acceso directo a la página de propiedades de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [PTHOSTTR] C:\Archivos de programa\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [SetRefresh] C:\Archivos de programa\Compaq\SetRefresh\SetRefresh.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Archivos de programa\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Archivos de programa\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Archivos de programa\Archivos comunes\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Archivos de programa\Archivos comunes\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [avast!] C:\ARCHIV~1\Avast\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Archivos de programa\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Archivos de programa\Java\jre1.5.0\bin\jusched.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Activar combinación inalámbrica Labtec.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Archivos de programa\Archivos comunes\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Archivos de programa\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Inicio rápido de Adobe Reader.lnk = C:\Archivos de programa\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Inicio rápido de HP Image Zone.lnk = C:\Archivos de programa\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Archivos de programa\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Sonic CinePlayer Quick Launch.lnk = C:\Archivos de programa\Archivos comunes\Sonic Shared\CineTray.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O15 - Trusted Zone: http://locator.cdn.imageservr.com
O15 - Trusted Zone: http://www.realeonline.com
O15 - Trusted Zone: www.realeonline.net
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/spanish/kavwebscan_unicode.cab
O16 - DPF: {CAFECAFE-0013-0001-0022-ABCDEFABCDEF} (JInitiator 1.3.1.22) -
O17 - HKLM\System\CCS\Services\Tcpip\..\{DD3A8E0D-B365-4532-8CBB-294A7D008F7D}: NameServer = 194.224.52.4,194.224.52.6
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARCHIV~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARCHIV~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Archivos de programa\Avast\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Archivos de programa\Avast\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Archivos de programa\Avast\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Archivos de programa\Avast\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Archivos de programa\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Archivos de programa\HPQ\Shared\hpqwmi.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Archivos de programa\Archivos comunes\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe



Y aquí el reporte de kaspersky:

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER INFORME
jueves, 18 de enero de 2007 18:20:22
Sistema operativo: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner versión: 5.0.84.0
Ultima actualización: 18/01/2007
Registros en la base antivirus: 259522
-------------------------------------------------------------------------------

Configuración del análisis:
Analizar usando las siguientes bases: estendidas
Analizar archivos: verdadero
Analizar bases de correo: verdadero

Objetivo a analizar - Mi PC:
A:\
C:\
D:\
F:\

Estadísticas:
Número de objeros analizados: 41476
Virus encontrados: 4
Objetos infectados: 6 / 0
Objetos sospechosos: 0
Duración del análisis: 00:36:19

Bombre del objeto infectado / Nombre del virus / Última acción
C:\!KillBox\ahrdldl.dll Infectados: not-a-virus:AdWare.Win32.Virtumonde.fl saltado
C:\!KillBox\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\ahrdldl.dll Infectados: not-a-virus:AdWare.Win32.Virtumonde.fl saltado
C:\Archivos de programa\Avast\DATA\aswResp.dat Object is locked saltado
C:\Archivos de programa\Avast\DATA\Avast4.db Object is locked saltado
C:\Archivos de programa\Avast\DATA\log\AshWebSv.ws Object is locked saltado
C:\Archivos de programa\Avast\DATA\log\aswMaiSv.log Object is locked saltado
C:\Archivos de programa\Avast\DATA\log\nshield.log Object is locked saltado
C:\Archivos de programa\Avast\DATA\report\Protección residente.txt Object is locked saltado
C:\Documents and Settings\Administrador\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat Object is locked saltado
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\ApplicationHistory\hpqgalry.exe.733f6a55. ini.inuse Object is locked saltado
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\HP\Digital Imaging\db\administrativeInfo.dbf Object is locked saltado
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\HP\Digital Imaging\db\albumImagesTable.cdx Object is locked saltado
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\HP\Digital Imaging\db\albumImagesTable.dbf Object is locked saltado
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\HP\Digital Imaging\db\albumTable.cdx Object is locked saltado
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\HP\Digital Imaging\db\albumTable.dbf Object is locked saltado
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\HP\Digital Imaging\db\CB_Server_Errors.txt Object is locked saltado
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\HP\Digital Imaging\db\EXIFTable.cdx Object is locked saltado
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\HP\Digital Imaging\db\EXIFTable.dbf Object is locked saltado
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\HP\Digital Imaging\db\imageTable.cdx Object is locked saltado
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\HP\Digital Imaging\db\imageTable.dbf Object is locked saltado
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\HP\Digital Imaging\db\imageTable.fpt Object is locked saltado
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\HP\Digital Imaging\db\keywordImagesTable.cdx Object is locked saltado
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\HP\Digital Imaging\db\keywordImagesTable.dbf Object is locked saltado
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\HP\Digital Imaging\db\keywordTable.cdx Object is locked saltado
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\HP\Digital Imaging\db\keywordTable.dbf Object is locked saltado
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\HP\Digital Imaging\db\managedFolderTable.dbf Object is locked saltado
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\HP\Digital Imaging\db\pathnameTable.cdx Object is locked saltado
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\HP\Digital Imaging\db\pathnameTable.dbf Object is locked saltado
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\HP\Digital Imaging\db\ROFImagesTable.cdx Object is locked saltado
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\HP\Digital Imaging\db\ROFImagesTable.dbf Object is locked saltado
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\HP\Digital Imaging\db\ROFTable.cdx Object is locked saltado
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\HP\Digital Imaging\db\ROFTable.dbf Object is locked saltado
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked saltado
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked saltado
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \Cache\_CACHE_001_ Object is locked saltado
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \Cache\_CACHE_002_ Object is locked saltado
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \Cache\_CACHE_003_ Object is locked saltado
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \Cache\_CACHE_MAP_ Object is locked saltado
C:\Documents and Settings\Administrador\Configuración local\Historial\History.IE5\index.dat Object is locked saltado
C:\Documents and Settings\Administrador\Configuración local\Historial\History.IE5\MSHist0120070118200701 19\index.dat Object is locked saltado
C:\Documents and Settings\Administrador\Configuración local\Temp\hpodvd09.log Object is locked saltado
C:\Documents and Settings\Administrador\Configuración local\Temp\hsperfdata_Administrador\1144 Object is locked saltado
C:\Documents and Settings\Administrador\Configuración local\Temp\Photoshop Temp44685 Object is locked saltado
C:\Documents and Settings\Administrador\Configuración local\Temp\~DF71E2.tmp Object is locked saltado
C:\Documents and Settings\Administrador\Cookies\index.dat Object is locked saltado
C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \cert8.db Object is locked saltado
C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \formhistory.dat Object is locked saltado
C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \history.dat Object is locked saltado
C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \key3.db Object is locked saltado
C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\wprgqjpe.default \parent.lock Object is locked saltado
C:\Documents and Settings\Administrador\Datos de programa\Sun\Java\Deployment\log\plugin150.trace Object is locked saltado
C:\Documents and Settings\Administrador\NTUSER.DAT Object is locked saltado
C:\Documents and Settings\Administrador\ntuser.dat.LOG Object is locked saltado
C:\Documents and Settings\LocalService\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat Object is locked saltado
C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked saltado
C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked saltado
C:\Documents and Settings\LocalService\Configuración local\Historial\History.IE5\index.dat Object is locked saltado
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked saltado
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked saltado
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked saltado
C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked saltado
C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked saltado
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked saltado
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked saltado
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked saltado
C:\System Volume Information\tracking.log Object is locked saltado
C:\VundoFix Backups\ahrdldl.dll.bad Infectados: not-a-virus:AdWare.Win32.Virtumonde.fl saltado
C:\WINDOWS\Debug\PASSWD.LOG Object is locked saltado
C:\WINDOWS\SoftwareDistribution\ReportingEvents.lo g Object is locked saltado
C:\WINDOWS\Sti_Trace.log Object is locked saltado
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked saltado
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked saltado
C:\WINDOWS\system32\config\Antivirus.Evt Object is locked saltado
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked saltado
C:\WINDOWS\system32\config\default Object is locked saltado
C:\WINDOWS\system32\config\default.LOG Object is locked saltado
C:\WINDOWS\system32\config\Internet.evt Object is locked saltado
C:\WINDOWS\system32\config\SAM Object is locked saltado
C:\WINDOWS\system32\config\SAM.LOG Object is locked saltado
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked saltado
C:\WINDOWS\system32\config\SECURITY Object is locked saltado
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked saltado
C:\WINDOWS\system32\config\software Object is locked saltado
C:\WINDOWS\system32\config\software.LOG Object is locked saltado
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked saltado
C:\WINDOWS\system32\config\system Object is locked saltado
C:\WINDOWS\system32\config\system.LOG Object is locked saltado
C:\WINDOWS\system32\h323log.txt Object is locked saltado
C:\WINDOWS\system32\hpfgvjju.dll Infectados: Trojan-Spy.Win32.VBStat.j saltado
C:\WINDOWS\system32\uobddllb.exe Infectados: not-a-virus:AdWare.Win32.Agent.at saltado
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked saltado
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked saltado
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked saltado
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MA P Object is locked saltado
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MA P Object is locked saltado
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DAT A Object is locked saltado
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked saltado
C:\WINDOWS\Tasks\SCHEDLGU.TXT Object is locked saltado
C:\WINDOWS\Temp\Perflib_Perfdata_6f0.dat Object is locked saltado
C:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked saltado
C:\WINDOWS\wiadebug.log Object is locked saltado
C:\WINDOWS\wiaservc.log Object is locked saltado
C:\WINDOWS\WindowsUpdate.log Object is locked saltado
F:\Auxibanc.dat Object is locked saltado
F:\auxicamp.dat Object is locked saltado
F:\Auxiclie.dat Object is locked saltado
F:\Auxicoco.dat Object is locked saltado
F:\Auxicodi.dat Object is locked saltado
F:\Auxicomp.dat Object is locked saltado
F:\Auxicosu.dat Object is locked saltado
F:\auxicove.dat Object is locked saltado
F:\AUXIENL2.DAT Object is locked saltado
F:\Auxiprof.dat Object is locked saltado
F:\Auxiramo.dat Object is locked saltado
F:\Auxisuba.dat Object is locked saltado
F:\Contatra.dat Object is locked saltado
F:\gtconfig.dat Object is locked saltado
F:\gttareas.dat Object is locked saltado
F:\HISTCLIE.DAT Object is locked saltado
F:\Histexto.dat Object is locked saltado
F:\histpoli.dat Object is locked saltado
F:\Histreci.dat Object is locked saltado
F:\histsini.dat Object is locked saltado
F:\Princlie.dat Object is locked saltado
F:\Prindomi.dat Object is locked saltado
F:\Prinentr.dat Object is locked saltado
F:\Prinexto.dat Object is locked saltado
F:\PRINFACT.DAT Object is locked saltado
F:\PRINMAS2.DAT Object is locked saltado
F:\prinpoli.dat Object is locked saltado
F:\Prinpope.dat Object is locked saltado
F:\Prinpopo.dat Object is locked saltado
F:\Prinposu.dat Object is locked saltado
F:\Prinprop.dat Object is locked saltado
F:\Prinreci.dat Object is locked saltado
F:\prinries.dat Object is locked saltado
F:\Prinsiam.dat Object is locked saltado
F:\Prinsian.dat Object is locked saltado
F:\prinsini.dat Object is locked saltado
F:\prinsipa.dat Object is locked saltado
F:\Prinsipe.dat Object is locked saltado
F:\Prinvenc.dat Object is locked saltado
F:\Quialarm.dat Object is locked saltado
F:\Quiclave.dat Object is locked saltado
F:\QUIDOCUM.DAT Object is locked saltado
F:\quienlac.tra Object is locked saltado
F:\Quilista.dat Object is locked saltado
F:\Quilocal.dat Object is locked saltado
F:\Quimasc2.dat Object is locked saltado
F:\Quisonid.dat Object is locked saltado
F:\Quistatu.tra Object is locked saltado
F:\winvnc.exe Infectados: not-a-virus:RemoteAdmin.Win32.WinVNC.109 saltado

Análisis completado.



Espero tu opinion.

Nuevamente un millon de gracias.

Hola de nuevo,

Hace días que pegue el log de hjt y no me habéis comentado nada al respecto.

Espero vuestra opinión al respecto, aunque el ordenador va viento en popa con vuestras recomendaciones.

Es más que nada para que cerreis el hilo como solucionado.

Gracias y un saludo.

Hola Aeet, también tenemos nuestra vida fuera del foro y a veces se nos complica para responder todos los temas

Por favor elimina los siguientes archivos o carpetas:
C:\!KillBox
C:\VundoFix Backups
C:\WINDOWS\system32\hpfgvjju.dll
C:\WINDOWS\system32\uobddllb.exe

Si no utilizas el winvnc, desde el Panel de Control desinstalar dicha aplicación y luego asegurate que F:\winvnc.exe haya desaparecido o sino lo eliminas manualmente.

Mientras doy aviso para que un moderador autorizado analice tu log de HJT.

Saludos,
Dilbert.