Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 05:59:56 p.m., on 22/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\ARCHIV~1\AVG\AVG8\avgwdsvc.exe
C:\ARCHIV~1\AVG\AVG8\avgfws8.exe
C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\ARCHIV~1\AVG\AVG8\avgam.exe
C:\ARCHIV~1\AVG\AVG8\avgrsx.exe
C:\ARCHIV~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\Explorer.exe
C:\Archivos de programa\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Archivos de programa\TopDesk\topdesk.exe
C:\Archivos de programa\iTunes\iTunesHelper.exe
C:\ARCHIV~1\AVG\AVG8\avgtray.exe
C:\Archivos de programa\Windows Live\Messenger\MsnMsgr.Exe
C:\Archivos de programa\RocketDock\RocketDock.exe
C:\Archivos de programa\iPod\bin\iPodService.exe
C:\Archivos de programa\Trend Micro\HijackThis\HijackThis.exe
C:\Archivos de programa\Mozilla Firefox\firefox.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com.mx
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
F2 - REG:system.ini: Shell=Explorer.exe "C:\WINDOWS\eksplorasi.exe"
O1 - Hosts: <HTML><HEAD><TITLE>Yahoo!</TITLE>
O1 - Hosts: </HEAD><BODY BGCOLOR=white vlink=blue>
O1 - Hosts: <!-- following code added by server. PLEASE REMOVE -->
O1 - Hosts: <!-- preceding code added by server. PLEASE REMOVE --><center>
O1 - Hosts: <table width=675 cellpadding=0 cellspacing=2 border=0>
O1 - Hosts: <tr>
O1 - Hosts: <td width=1% valign=top><a rel="nofollow" href="http://www.yahoo.com"><img src=http://us.i1.yimg.com/us.yimg.com/i/yahoo.gif width=147 height=31 border=0 alt="Yahoo"></a></td>
O1 - Hosts: <td align=right><font face=arial size=-1><a rel="nofollow" href="/404/*http://www.yahoo.com">Yahoo!</a> - <a rel="nofollow" href="http://help.yahoo.com">Help</a></font><hr size=1 noshade></td>
O1 - Hosts: </tr>
O1 - Hosts: </table>
O1 - Hosts: <br>
O1 - Hosts: <table border=0 width=675 cellspacing=0 cellpadding=3>
O1 - Hosts: <tr>
O1 - Hosts: <td bgcolor=003399 colspan=2>
O1 - Hosts: <font face=Arial size=+1 color=white><b>Sorry, the page you requested was not found.</b></font>
O1 - Hosts: </td>
O1 - Hosts: </tr></table>
O1 - Hosts: <br>
O1 - Hosts: <table border=0 width=675 cellspacing=0 cellpadding=1>
O1 - Hosts: <tr>
O1 - Hosts: <td valign=top width=229 bgcolor=ffffff>
O1 - Hosts: <table width="100%" cellpadding=1 cellspacing=0 border=0 bgcolor=dcdcdc><tr>
O1 - Hosts: <td valign=top align=center><table width="100%" cellpadding=3 cellspacing=0 border=0 bgcolor=ffffff>
O1 - Hosts: <tr bgcolor=dcdcdc><td><font face=arial><b>Search Yahoo!</b></font></td></tr>
O1 - Hosts: <tr bgcolor=white><td valign=top align=center>
O1 - Hosts: <form action="http://search.yahoo.com/search">
O1 - Hosts: <input size="14" name="p" value="">
O1 - Hosts: <input type="SUBMIT" value="Search">
O1 - Hosts: <font face=arial size=-2>• <a rel="nofollow" href="http://search.yahoo.com/search/options?p=">advanced search</a> • <a rel="nofollow" href="http://buzz.yahoo.com">most popular</a></font>
O1 - Hosts: </form></td></tr></table>
O1 - Hosts: <table width=100% border=0 cellspacing=0 cellpadding=3 bgcolor=ffffff>
O1 - Hosts: <tr bgcolor=ccccff><td>
O1 - Hosts: <FONT face=arial size=+1>Yahoo! Web Hosting</font>
O1 - Hosts: </td></tr>
O1 - Hosts: <tr><td>
O1 - Hosts: <a rel="nofollow" href=http://webhosting.yahoo.com/ps/wh/prod/><img align=left src=http://us.i1.yimg.com/us.yimg.com/i/us/wh/gr/j_advan48.gif width=48 height=48 border=0 alt="Yahoo! Web Hosting"></a>
O1 - Hosts: <font face=arial size=-1>Yahoo! Web Hosting has <a rel="nofollow" href="http://webhosting.yahoo.com/ps/wh/prod/">three affordable plans</a> to meet your needs - starting at just $11.95.
O1 - Hosts: </td></tr>
O1 - Hosts: <tr><td align=right>
O1 - Hosts: <b><font face=arial size=-1><a rel="nofollow" href=http://webhosting.yahoo.com/ps/wh/prod/>Learn more...</a></font></b>
O1 - Hosts: </td></tr>
O1 - Hosts: </table>
O1 - Hosts: </td></tr></table>
O1 - Hosts: </td>
O1 - Hosts: <td width=1> </td>
O1 - Hosts: <td valign=top align=center width=445>
O1 - Hosts: <script language="JavaScript" type="text/javascript"
O1 - Hosts: src="http://adserver.yahoo.com/a?f=76001284&p=geocities&l=MON&c=sr">
O1 - Hosts: </script>
O1 - Hosts: <noscript>
O1 - Hosts: <iframe
O1 - Hosts: src="http://adserver.yahoo.com/a?f=76001284&p=geocities&l=MON&c=sh&bg=ffffff"
O1 - Hosts: width=470 height=580 marginwidth=0 marginheight=0 hspace=0
O1 - Hosts: vspace=0 frameborder=0 scrolling=no>
O1 - Hosts: </iframe>
O1 - Hosts: </noscript>
O1 - Hosts: </td>
O1 - Hosts: </tr>
O1 - Hosts: </table>
O1 - Hosts: <br>
O1 - Hosts: <table cellpadding=0 cellspacing=0 border=0 width=675><tr><td bgcolor=a0b8c8>
O1 - Hosts: <table cellpadding=1 cellspacing=1 border=0 width="100%">
O1 - Hosts: <tr valign=top bgcolor=ffffff><td align=center>
O1 - Hosts: <font face=arial size=-2><A
O1 - Hosts: rel="nofollow" href="http://rd.yahoo.com/footer/?http://address.yahoo.com/">Address Book</A> · <A
O1 - Hosts: rel="nofollow" href="http://rd.yahoo.com/footer/?http://alerts.yahoo.com/">Alerts</A> · <A
O1 - Hosts: rel="nofollow" href="http://rd.yahoo.com/footer/?http://auctions.yahoo.com/">Auctions</A> · <A
O1 - Hosts: rel="nofollow" href="http://rd.yahoo.com/footer/?http://billpay.yahoo.com/">Bill Pay</A> · <A
O1 - Hosts: rel="nofollow" href="http://rd.yahoo.com/footer/?http://bookmarks.yahoo.com/">Bookmarks</A> · <A
O1 - Hosts: rel="nofollow" href="http://rd.yahoo.com/footer/?http://briefcase.yahoo.com/">Briefcase</A> · <A
O1 - Hosts: rel="nofollow" href="http://rd.yahoo.com/footer/?http://broadcast.yahoo.com/">Broadcast</A> · <A
O1 - Hosts: rel="nofollow" href="http://rd.yahoo.com/footer/?http://calendar.yahoo.com/">Calendar</A> · <A
O1 - Hosts: rel="nofollow" href="http://rd.yahoo.com/footer/?http://chat.yahoo.com/">Chat</A> · <A
O1 - Hosts: rel="nofollow" href="http://rd.yahoo.com/footer/?http://classifieds.yahoo.com/">Classifieds</A> · <A
O1 - Hosts: rel="nofollow" href="http://rd.yahoo.com/footer/?http://clubs.yahoo.com/">Clubs</A> · <A
O1 - Hosts: rel="nofollow" href="http://rd.yahoo.com/footer/?http://companion.yahoo.com/">Companion</A> · <A
O1 - Hosts: rel="nofollow" href="http://rd.yahoo.com/footer/?http://experts.yahoo.com/">Experts</A> · <A
O1 - Hosts: rel="nofollow" href="http://rd.yahoo.com/footer/?http://games.yahoo.com/">Games</A> · <A
O1 - Hosts: rel="nofollow" href="http://rd.yahoo.com/footer/?http://greetings.yahoo.com/">Greetings</A> · <A
O1 - Hosts: rel="nofollow" href="http://rd.yahoo.com/footer/?http://geocities.yahoo.com/">Home Pages</A> · <A
O1 - Hosts: rel="nofollow" href="http://rd.yahoo.com/footer/?http://invites.yahoo.com/">Invites</A> · <A
O1 - Hosts: rel="nofollow" href="http://rd.yahoo.com/footer/?http://mail.yahoo.com/">Mail</A> · <A
O1 - Hosts: rel="nofollow" href="http://rd.yahoo.com/footer/?http://maps.yahoo.com/">Maps</A> · <A
O1 - Hosts: rel="nofollow" href="http://rd.yahoo.com/footer/?http://members.yahoo.com/">Member Directory</A> · <A
O1 - Hosts: rel="nofollow" href="http://rd.yahoo.com/footer/?http://messenger.yahoo.com/">Messenger</A> · <A
O1 - Hosts: rel="nofollow" href="http://rd.yahoo.com/footer/?http://my.yahoo.com/">My Yahoo!</A> · <A
O1 - Hosts: rel="nofollow" href="http://rd.yahoo.com/footer/?http://news.yahoo.com/">News</A> · <A
O1 - Hosts: rel="nofollow" href="http://rd.yahoo.com/footer/?http://paydirect.yahoo.com/">PayDirect</A> · <A
O1 - Hosts: rel="nofollow" href="http://rd.yahoo.com/footer/?http://people.yahoo.com/">People Search</A> · <A
O1 - Hosts: rel="nofollow" href="http://rd.yahoo.com/footer/?http://personals.yahoo.com/">Personals</A> · <A
O1 - Hosts: rel="nofollow" href="http://rd.yahoo.com/footer/?http://photos.yahoo.com/">Photos</A> · <A
O1 - Hosts: rel="nofollow" href="http://rd.yahoo.com/footer/?http://shopping.yahoo.com/">Shopping</A> · <A
O1 - Hosts: rel="nofollow" href="http://rd.yahoo.com/footer/?http://sports.yahoo.com/">Sports</A> · <A
O1 - Hosts: rel="nofollow" href="http://rd.yahoo.com/footer/?http://finance.yahoo.com/">Stock Quotes</A> · <A
O1 - Hosts: rel="nofollow" href="http://rd.yahoo.com/footer/?http://tv.yahoo.com/">TV</A> · <A
O1 - Hosts: rel="nofollow" href="http://rd.yahoo.com/footer/?http://travel.yahoo.com/">Travel</A> · <A
O1 - Hosts: rel="nofollow" href="http://rd.yahoo.com/footer/?http://weather.yahoo.com/">Weather</A> · <A
O1 - Hosts: rel="nofollow" href="http://rd.yahoo.com/footer/?http://www.yahooligans.com/">Yahooligans</A> · <A
O1 - Hosts: rel="nofollow" href="http://rd.yahoo.com/footer/?http://yp.yahoo.com/">Yellow Pages</A> · <A
O1 - Hosts: rel="nofollow" href="http://rd.yahoo.com/footer/?http://docs.yahoo.com/docs/family/more.html">more...</A>
O1 - Hosts: </font></td></tr></table></td></tr></table>
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Archivos de programa\AVG\AVG8\avgssie.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\ARCHIV~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\ARCHIV~1\MEGAUP~1\MEGAUP~1.DLL
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Archivos de programa\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [AsioReg] REGSVR32 /S CTASIO.DLL
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [DevconDefaultDB] C:\WINDOWS\READREG /S /PSCONV={NO}
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [VisualTooltip] C:\Archivos de programa\VisualTooltip\VisualToolTip.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [TopDesk] C:\Archivos de programa\TopDesk\topdesk.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Archivos de programa\QuickTime Alternative\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Archivos de programa\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\ARCHIV~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Archivos de programa\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Archivos de programa\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Pando] "C:\Archivos de programa\Pando Networks\Pando\Pando.exe" /Minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-1644491937-861567501-725345543-1003\..\Run: [MsnMsgr] "C:\Archivos de programa\Windows Live\Messenger\MsnMsgr.Exe" /background (User '?')
O4 - HKUS\S-1-5-21-1644491937-861567501-725345543-1003\..\Run: [Pando] "C:\Archivos de programa\Pando Networks\Pando\Pando.exe" /Minimized (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARCHIV~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O15 - Trusted Zone:
http://www.msi.com.twO16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
http://www.kaspersky.com/kos/spanish/kavwebscan_unicode.cabO16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://www.update.microsoft.com/microsoftu...b?1192544328359O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cabO18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Archivos de programa\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: wbsys.dll,avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\ARCHIV~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\ARCHIV~1\AVG\AVG8\avgfws8.exe
O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Archivos de programa\iPod\bin\iPodService.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Archivos de programa\Archivos comunes\Ahead\Lib\NMIndexingService.exe (file missing)
--
End of file - 14278 bytes
AVG ReporteEl análisis "Analizar todo el equipo" ha finalizado.
Infecciones detectadas:;"0"
Objetos infectados eliminados o reparados:;"0"
No eliminados o reparados:;"0"
Spyware encontrado:;"0"
Spyware eliminado:;"0"
No eliminado:;"0"
Recuento de advertencias:;"3"
Recuento de información:;"0"
Análisis iniciado:;"Martes, 22 de Julio de 2008, 12:26:35 p.m."
Ha finalizado el análisis:;"Martes, 22 de Julio de 2008, 01:38:52 p.m. (1 hora(s) 12 minuto(s) 17 segundo(s))"
Total de objetos analizados:;"477687"
Usuario que inició el análisis:;"Manuel"
Advertencias
Archivo;"Infección";"Resultado"
C:\Documents and Settings\Manuel\Cookies\manuel[arroba]atdmt[1].txt;"Encontrado Tracking cookie.Atdmt";"Mover a la bóveda de virus"
C:\Documents and Settings\Manuel\Cookies\manuel[arroba]atdmt[1].txt:\atdmt.com.b3e33b5f;"Encontrado Tracking cookie.Atdmt";"Mover a la bóveda de virus"
HKLM\SOFTWARE\webhancer;"Encontrado Adware.WebHancer";"Mover a la bóveda de virus"
SCAN ONLINEmartes, 22 de julio de 2008 17:55:15
Sistema operativo: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner versión: 5.0.84.1
Ultima actualización: 22/07/2008
Registros en la base antivirus: 878062
Configuración del análisis
Analizar usando las siguientes bases standard
Analizar archivos verdadero
Analizar bases de correo verdadero
Objetivo a analizar Mi PC
A:\
C:\
D:\
Estadísticas
Número de objeros analizados 44219
Virus encontrados 1
Objetos infectados 1 / 0
Objetos sospechosos 0
Duración del análisis 02:07:19
Bombre del objeto infectado Nombre del virus Última acción
C:\Documents and Settings\All Users\Datos de programa\avg8\AvgAm\avgam.lck Object is locked saltado
C:\Documents and Settings\All Users\Datos de programa\avg8\Log\avgam.log Object is locked saltado
C:\Documents and Settings\All Users\Datos de programa\avg8\Log\avgcore.log Object is locked saltado
C:\Documents and Settings\All Users\Datos de programa\avg8\Log\avgcore.log.1 Object is locked saltado
C:\Documents and Settings\All Users\Datos de programa\avg8\Log\avgfw8u.log Object is locked saltado
C:\Documents and Settings\All Users\Datos de programa\avg8\Log\avglng.log Object is locked saltado
C:\Documents and Settings\All Users\Datos de programa\avg8\Log\avgns.log Object is locked saltado
C:\Documents and Settings\All Users\Datos de programa\avg8\Log\avgrs.log Object is locked saltado
C:\Documents and Settings\All Users\Datos de programa\avg8\Log\avgsched.log Object is locked saltado
C:\Documents and Settings\All Users\Datos de programa\avg8\Log\avgui.log Object is locked saltado
C:\Documents and Settings\All Users\Datos de programa\avg8\Log\avgwd.log Object is locked saltado
C:\Documents and Settings\All Users\Datos de programa\avg8\Log\commonpriv.log Object is locked saltado
C:\Documents and Settings\All Users\Datos de programa\avg8\Log\commonpub.log Object is locked saltado
C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked saltado
C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked saltado
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked saltado
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked saltado
C:\Documents and Settings\Manuel\Configuración local\Archivos temporales de Internet\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked saltado
C:\Documents and Settings\Manuel\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat Object is locked saltado
C:\Documents and Settings\Manuel\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked saltado
C:\Documents and Settings\Manuel\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked saltado
C:\Documents and Settings\Manuel\Configuración local\Datos de programa\Mozilla\Firefox\Profiles\nnx0d52y.default\Cache\_CACHE_001_ Object is locked saltado
C:\Documents and Settings\Manuel\Configuración local\Datos de programa\Mozilla\Firefox\Profiles\nnx0d52y.default\Cache\_CACHE_002_ Object is locked saltado
C:\Documents and Settings\Manuel\Configuración local\Datos de programa\Mozilla\Firefox\Profiles\nnx0d52y.default\Cache\_CACHE_003_ Object is locked saltado
C:\Documents and Settings\Manuel\Configuración local\Datos de programa\Mozilla\Firefox\Profiles\nnx0d52y.default\Cache\_CACHE_MAP_ Object is locked saltado
C:\Documents and Settings\Manuel\Configuración local\Datos de programa\Mozilla\Firefox\Profiles\nnx0d52y.default\urlclassifier3.sqlite Object is locked saltado
C:\Documents and Settings\Manuel\Configuración local\Historial\History.IE5\index.dat Object is locked saltado
C:\Documents and Settings\Manuel\Cookies\index.dat Object is locked saltado
C:\Documents and Settings\Manuel\Datos de programa\Mozilla\Firefox\Profiles\nnx0d52y.default\cert8.db Object is locked saltado
C:\Documents and Settings\Manuel\Datos de programa\Mozilla\Firefox\Profiles\nnx0d52y.default\content-prefs.sqlite Object is locked saltado
C:\Documents and Settings\Manuel\Datos de programa\Mozilla\Firefox\Profiles\nnx0d52y.default\cookies.sqlite Object is locked saltado
C:\Documents and Settings\Manuel\Datos de programa\Mozilla\Firefox\Profiles\nnx0d52y.default\downloads.sqlite Object is locked saltado
C:\Documents and Settings\Manuel\Datos de programa\Mozilla\Firefox\Profiles\nnx0d52y.default\formhistory.sqlite Object is locked saltado
C:\Documents and Settings\Manuel\Datos de programa\Mozilla\Firefox\Profiles\nnx0d52y.default\key3.db Object is locked saltado
C:\Documents and Settings\Manuel\Datos de programa\Mozilla\Firefox\Profiles\nnx0d52y.default\parent.lock Object is locked saltado
C:\Documents and Settings\Manuel\Datos de programa\Mozilla\Firefox\Profiles\nnx0d52y.default\permissions.sqlite Object is locked saltado
C:\Documents and Settings\Manuel\Datos de programa\Mozilla\Firefox\Profiles\nnx0d52y.default\places.sqlite Object is locked saltado
C:\Documents and Settings\Manuel\Datos de programa\Mozilla\Firefox\Profiles\nnx0d52y.default\places.sqlite-journal Object is locked saltado
C:\Documents and Settings\Manuel\Datos de programa\Mozilla\Firefox\Profiles\nnx0d52y.default\places.sqlite-stmtjrnl Object is locked saltado
C:\Documents and Settings\Manuel\Datos de programa\Mozilla\Firefox\Profiles\nnx0d52y.default\search.sqlite Object is locked saltado
C:\Documents and Settings\Manuel\NTUSER.DAT Object is locked saltado
C:\Documents and Settings\Manuel\ntuser.dat.LOG Object is locked saltado
C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked saltado
C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked saltado
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked saltado
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked saltado
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP4\A0006394.exe Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP4\A0006592.EXE Infectados: Trojan-Downloader.Win32.IstBar.ta saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP5\A0011410.exe Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP5\A0011411.exe Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP5\A0011413.exe Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP5\A0011414.exe Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP5\A0011415.exe Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP5\A0011416.exe Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP5\A0011417.exe Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP5\A0011418.exe Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP5\A0011419.com Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP5\A0011420.scr Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP5\A0011450.exe Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP5\A0011452.exe Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP5\A0011458.exe Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP5\A0011459.exe Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP5\A0011460.exe Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP5\A0011462.exe Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP5\A0011463.exe Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP5\A0011464.exe Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP5\A0011465.pif Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP5\A0011466.com Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP5\A0011467.scr Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP5\A0011468.exe Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP5\A0011469.exe Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP5\A0011476.exe Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP5\A0011477.exe Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP5\A0011478.exe Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP5\A0011480.exe Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP5\A0011481.exe Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP5\A0011482.exe Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP5\A0011483.com Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP5\A0011484.scr Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP5\A0011485.exe Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP5\A0011488.exe Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP6\A0011501.exe Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP6\A0011502.exe Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP6\A0011503.exe Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP6\A0011504.exe Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP6\A0011505.exe Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP6\A0011513.exe Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP6\A0011514.exe Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP6\A0011515.exe Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP6\A0011516.exe Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP6\A0011518.exe Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP6\A0011519.exe Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP6\A0011520.exe Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP6\A0011525.pif Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP6\A0011535.exe Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP6\A0011536.exe Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP6\A0011537.exe Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP6\A0011538.exe Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP6\A0011539.exe Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP6\A0011540.com Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP6\A0011541.DLL Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP6\A0011542.scr Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP8\A0011694.exe Object is locked saltado
C:\System Volume Information\_restore{A415C5B6-1F89-44D7-9637-E2C5A9B812F8}\RP9\change.log Object is locked saltado
C:\WINDOWS\Debug\PASSWD.LOG Object is locked saltado
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked saltado
C:\WINDOWS\Sti_Trace.log Object is locked saltado
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked saltado
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked saltado
C:\WINDOWS\system32\config\default Object is locked saltado
C:\WINDOWS\system32\config\default.LOG Object is locked saltado
C:\WINDOWS\system32\config\SAM Object is locked saltado
C:\WINDOWS\system32\config\SAM.LOG Object is locked saltado
C:\WINDOWS\system32\config\SECURITY Object is locked saltado
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked saltado
C:\WINDOWS\system32\config\software Object is locked saltado
C:\WINDOWS\system32\config\software.LOG Object is locked saltado
C:\WINDOWS\system32\config\system Object is locked saltado
C:\WINDOWS\system32\config\system.LOG Object is locked saltado
C:\WINDOWS\system32\h323log.txt Object is locked saltado
C:\WINDOWS\wiadebug.log Object is locked saltado
C:\WINDOWS\wiaservc.log Object is locked saltado
C:\WINDOWS\WindowsUpdate.log Object is locked saltado
Deseo quitar virus Brontok, Aqui mi log
Jul 22 2008, 11:25 AM
