Foro de Spyware - Ver Mensaje Individual

Tema: sistema estropeado??

Ver Mensaje Individual

post #1 (permalink)

01/07/06, 15:00:15

taisenbade taisenbade está offline

Usuario

Registrado: jun 2006

Ubicación: mexico

Mensajes: 5

sistema estropeado??

hace unoos dias me atacaron un monton de troyanos los pude eliminar con el avg pero con ayuda de esta pagina le doy las grasias...

pero ahora tengo unos problemillas desde que los elimine el primeo estoy escriviendo y se me reinisia el pc y nunca e podido terminar este mensaje jaja en serio el otro es que mi cusror del mause esta parapadeando todo el tiempo se pone la flechita junto con el relog de arena y parpadean el otron al iniciar me sale un mensage que dice el sistema se ha recuperado de un error grave pero siempre que inicio desde que lo elimine sale ese mensaje
le dare la informasion del antivir

ayudenme por favor

otra cosa mi cpu se calienta mucho pero eso no pasaba

AntiVir PersonalEdition Classic
Report file date: lunes, 26 de junio de 2006 23:48

Scanning for 415804 virus strains and unwanted programs.

Licensed to: AntiVir PersonalEdition Classic
Serial number: 0000149996-WURGE-0001
Platform: Windows XP
Windows version: (plain) [5.1.2600]
Username: Administrador
Computer name: ANA

Version informations:
AVSCAN.EXE : 7.0.0.42 557096 27/06/2006 05:40:46
AVSCAN.DLL : 7.0.0.42 53288 27/06/2006 05:40:46
LUKE.DLL : 7.0.0.42 118824 27/06/2006 05:40:50
LUKERES.DLL : 7.0.0.42 25640 27/06/2006 05:40:50
ANTIVIR0.VDF : 6.35.0.1 7371264 27/06/2006 05:40:38
ANTIVIR1.VDF : 6.35.0.5 2048 27/06/2006 05:40:41
ANTIVIR2.VDF : 6.35.0.75 267776 27/06/2006 05:40:41
ANTIVIR3.VDF : 6.35.0.82 17408 27/06/2006 05:40:41
AVEWIN32.DLL : 7.1.0.16 1540608 27/06/2006 05:40:42
AVPREF.DLL : 7.0.0.1 49192 27/06/2006 05:40:44
AVREP.DLL : 6.35.0.47 679976 27/06/2006 05:40:44
AVRPBASE.DLL : 7.0.0.0 2162728 27/06/2006 05:40:44
AVPACK32.DLL : 7.1.0.1 335912 27/06/2006 05:40:44
AVREG.DLL : 6.31.0.90 27688 27/06/2006 05:40:44
NETNT.DLL : 6.32.0.0 6696 27/06/2006 05:40:51
NETNW.DLL : 6.32.0.0 9768 27/06/2006 05:40:51
RCIMAGE.DLL : 7.0.0.71 1642536 27/06/2006 05:40:56
RCTEXT.DLL : 7.0.0.75 77864 27/06/2006 05:40:56

Configuration settings for the scan:
Jobname: '%s'.................: Local Drives
Configuration file............: C:\Archivos de programa\AntiVir PersonalEdition Classic\alldrives.avp
Boot sectors..................: C,A,D,E
Scan memory...................: 1
Process scan..................: 1
Scan all files................: 2
Scan archives.................: 1
Recursion depth...............: 20
Smart extensions..............: 1
Macro heuristic...............: 1
File heuristic................: -1
Primary action................: 1
Secondary action..............: 0

Start of the scan: lunes, 26 de junio de 2006 23:48

The scan over running processes will be started
23 Processes was scanned

Start scanning boot sectors:

Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'A:\'
[NOTE] In the drive 'A:\' no data medium is inserted!

Starting to scan the registry.
The registry was scanned ( 7 files ).

Starting the file scan:

C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\Administrador\NTUSER.DAT
[WARNING] The file could not be opened!
C:\Documents and Settings\Administrador\ntuser.dat.LOG
[WARNING] The file could not be opened!
C:\Documents and Settings\Administrador\Configuración local\Archivos temporales de Internet\Content.IE5\3AJO5WGT\1004[1].exe
[DETECTION] Is the Trojan horse TR/Spy.Agent.MN.4
[INFO] The file was deleted!
C:\Documents and Settings\Administrador\Configuración local\Archivos temporales de Internet\Content.IE5\3AJO5WGT\sploit[1].anr
[DETECTION] Contains signature of the exploits EXP/MS05-002.Ani.A
[INFO] The file was deleted!
C:\Documents and Settings\Administrador\Configuración local\Archivos temporales de Internet\Content.IE5\A7C5E107\ipod[1].raw
[DETECTION] Is the Trojan horse TR/Crypt.F.Gen
[INFO] The file was deleted!
C:\Documents and Settings\Administrador\Configuración local\Archivos temporales de Internet\Content.IE5\A7C5E107\mx[1].exe
[DETECTION] Is the Trojan horse TR/Drop.Agent.OL.1
[INFO] The file was deleted!
C:\Documents and Settings\Administrador\Configuración local\Archivos temporales de Internet\Content.IE5\A7C5E107\win32[1].exe
[DETECTION] Is the Trojan horse TR/Crypt.F.Gen
[INFO] The file was deleted!
C:\Documents and Settings\Administrador\Configuración local\Archivos temporales de Internet\Content.IE5\MXUTS5KZ\ppiigg[1].exe
[DETECTION] Contains signature of the dropper DR/Mahayou.A
[INFO] The file was deleted!
C:\Documents and Settings\Administrador\Configuración local\Archivos temporales de Internet\Content.IE5\U24MY9HK\scane[1].exe
[DETECTION] Is the Trojan horse TR/Crypt.F.Gen
[INFO] The file was deleted!
C:\Documents and Settings\Administrador\Configuración local\Archivos temporales de Internet\Content.IE5\U24MY9HK\win32[1].exe
[DETECTION] Is the Trojan horse TR/Crypt.F.Gen
[INFO] The file was deleted!
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\5ff6e968.exe
[DETECTION] Is the Trojan horse TR/Small.ADK
[INFO] The file was deleted!
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat
[WARNING] The file could not be opened!
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG
[WARNING] The file could not be opened!
C:\Documents and Settings\Administrador\Configuración local\Temp\2.dlb
[DETECTION] Is the Trojan horse TR/Crypt.F.Gen
[INFO] The file was deleted!
C:\Documents and Settings\Administrador\Configuración local\Temp\2.tmp
[DETECTION] Is the Trojan horse TR/Spy.Agent.MN.4
[INFO] The file was deleted!
C:\Documents and Settings\Administrador\Configuración local\Temp\5.dlb
[DETECTION] Is the Trojan horse TR/Crypt.F.Gen
[INFO] The file was deleted!
C:\Documents and Settings\Administrador\Configuración local\Temp\5.tmp
[DETECTION] Is the Trojan horse TR/Spy.Agent.MN.4
[INFO] The file was deleted!
C:\Documents and Settings\Administrador\Configuración local\Temp\6.dlb
[DETECTION] Is the Trojan horse TR/Crypt.F.Gen
[INFO] The file was deleted!
C:\Documents and Settings\Administrador\Configuración local\Temp\7.dlb
[DETECTION] Is the Trojan horse TR/Crypt.F.Gen
[INFO] The file was deleted!
C:\Documents and Settings\Administrador\Configuración local\Temp\h91746.exe
[DETECTION] Is the Trojan horse TR/Small.ADK
[INFO] The file was deleted!
C:\Documents and Settings\Administrador\Configuración local\Temp\maxdd1.game
[DETECTION] Is the Trojan horse TR/Dialer.PW
[INFO] The file was deleted!
C:\Documents and Settings\Administrador\Configuración local\Temp\qvxt2.game
[DETECTION] Is the Trojan horse TR/Dldr.Small.agq.4
[INFO] The file was deleted!
C:\Documents and Settings\Administrador\Configuración local\Temp\qvxt3.game
[DETECTION] Is the Trojan horse TR/Dldr.Small.agq.4
[INFO] The file was deleted!
C:\Documents and Settings\Administrador\Configuración local\Temp\qvxt4.game
[DETECTION] Is the Trojan horse TR/Dldr.Small.soa.3
[INFO] The file was deleted!
C:\Documents and Settings\Administrador\Configuración local\Temp\vx2.game
[DETECTION] Is the Trojan horse TR/Proxy.Small.BO.21
[INFO] The file was deleted!
C:\Documents and Settings\Administrador\Configuración local\Temp\vx3.game
[DETECTION] Is the Trojan horse TR/Dldr.Small.agq.4
[INFO] The file was deleted!
C:\Documents and Settings\Administrador\Configuración local\Temp\vx4.game
[DETECTION] Is the Trojan horse TR/Dldr.Small.ctk.2
[INFO] The file was deleted!
C:\Documents and Settings\Administrador\Configuración local\Temp\vx6.game
[DETECTION] Is the Trojan horse TR/Dldr.CWS.ARQ.4
[INFO] The file was deleted!
C:\Documents and Settings\Administrador\Configuración local\Temp\vxt1.game
[DETECTION] Is the Trojan horse TR/Dldr.Agent.aab
[INFO] The file was deleted!
C:\Documents and Settings\Administrador\Configuración local\Temp\vxt2.game
[DETECTION] Is the Trojan horse TR/Crypt.F.Gen
[INFO] The file was deleted!
C:\Documents and Settings\Administrador\Configuración local\Temp\vxt3.game
[DETECTION] Is the Trojan horse TR/Crypt.F.Gen
[INFO] The file was deleted!
C:\Documents and Settings\Administrador\Configuración local\Temp\vxt4.game
[DETECTION] Is the Trojan horse TR/Crypt.F.Gen
[INFO] The file was deleted!
C:\Documents and Settings\All Users\Datos de programa\AntiVir PersonalEdition classic\TEMP\AVSCAN-20060626-234842-7788A22C\AVSCAN-20060627-002642-A4796768
[WARNING] The file could not be opened!
C:\Documents and Settings\All Users\Documentos\Settings\artm_new.dll
[WARNING] The file could not be opened!
C:\Documents and Settings\All Users\Documentos\Settings\polymorph.dll
[WARNING] The file could not be opened!
C:\Documents and Settings\LocalService\NTUSER.DAT
[WARNING] The file could not be opened!
C:\Documents and Settings\LocalService\ntuser.dat.LOG
[WARNING] The file could not be opened!
C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat
[WARNING] The file could not be opened!
C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG
[WARNING] The file could not be opened!
C:\Documents and Settings\NetworkService\NTUSER.DAT
[WARNING] The file could not be opened!
C:\Documents and Settings\NetworkService\ntuser.dat.LOG
[WARNING] The file could not be opened!
C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat
[WARNING] The file could not be opened!
C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG
[WARNING] The file could not be opened!
C:\WINDOWS\comdlj32.dll
[DETECTION] Is the Trojan horse TR/Proxy.Agent.JI
[INFO] The file was deleted!
C:\WINDOWS\OEM.exe
[DETECTION] Is the Trojan horse TR/Proxy.Agent.JW.1
[INFO] The file was deleted!
C:\WINDOWS\OEM.exe.bak
[DETECTION] Is the Trojan horse TR/Proxy.Agent.JW.1
[INFO] The file was deleted!
C:\WINDOWS\inet20026\alg.exe
[DETECTION] Is the Trojan horse TR/CWS.C.2
[INFO] The file was deleted!
C:\WINDOWS\inet20026\Icq.exe
[DETECTION] Contains signature of the Windows virus W32/Bizex.A.DLL
[INFO] The file was deleted!
C:\WINDOWS\inet20026\Icq.exe.bak
[DETECTION] Contains signature of the Windows virus W32/Bizex.A.DLL
[INFO] The file was deleted!
C:\WINDOWS\inet20026\ICQ2003Decrypt.dll
[DETECTION] Contains signature of the Windows virus W32/Bizex.A.DLL
[INFO] The file was deleted!
C:\WINDOWS\inet20026\killer.exe
[DETECTION] Is the Trojan horse TR/Killer.A.1
[INFO] The file was deleted!
C:\WINDOWS\inet20026\killer.exe.bak
[DETECTION] Is the Trojan horse TR/Killer.A.1
[INFO] The file was deleted!
C:\WINDOWS\inet20026\select.exe
[DETECTION] Is the Trojan horse TR/Proxy.Small.EM.1
[INFO] The file was deleted!
C:\WINDOWS\inet20026\select.exe.bak
[DETECTION] Is the Trojan horse TR/Proxy.Small.EM.1
[INFO] The file was deleted!
C:\WINDOWS\inet20026\socks.exe.bak
[DETECTION] Is the Trojan horse TR/Proxy.Small.BT.11
[INFO] The file was deleted!
C:\WINDOWS\system32\5ff6e968.exe
[DETECTION] Is the Trojan horse TR/Small.ADK
[INFO] The file was deleted!
C:\WINDOWS\system32\dcom_21.dll
[DETECTION] Is the Trojan horse TR/Proxy.Xmiler.C
[INFO] The file was deleted!
C:\WINDOWS\system32\dlh9jkdq2.exe
[DETECTION] Is the Trojan horse TR/Crypt.F.Gen
[INFO] The file was deleted!
C:\WINDOWS\system32\dlh9jkdq5.exe
[DETECTION] Is the Trojan horse TR/Crypt.F.Gen
[INFO] The file was deleted!
C:\WINDOWS\system32\dlh9jkdq6.exe
[DETECTION] Is the Trojan horse TR/Crypt.F.Gen
[INFO] The file was deleted!
C:\WINDOWS\system32\dlh9jkdq7.exe
[DETECTION] Is the Trojan horse TR/Crypt.F.Gen
[INFO] The file was deleted!
C:\WINDOWS\system32\fzubr.dll
[DETECTION] Is the Trojan horse TR/Proxy.Agen.df.15
[WARNING] The file could not be deleted!
C:\WINDOWS\system32\ipod.raw.exe
[DETECTION] Is the Trojan horse TR/Crypt.F.Gen
[INFO] The file was deleted!
C:\WINDOWS\system32\kernels8.exe
[DETECTION] Is the Trojan horse TR/Crypt.F.Gen
[INFO] The file was deleted!
C:\WINDOWS\system32\maxd641.exe
[DETECTION] Is the Trojan horse TR/Dialer.PW
[INFO] The file was deleted!
C:\WINDOWS\system32\qvxgamet2.exe
[DETECTION] Is the Trojan horse TR/Dldr.Small.agq.4
[INFO] The file was deleted!
C:\WINDOWS\system32\qvxgamet3.exe
[DETECTION] Is the Trojan horse TR/Dldr.Small.agq.4
[INFO] The file was deleted!
C:\WINDOWS\system32\slx.exeJ
[DETECTION] Is the Trojan horse TR/Crypt.F.Gen
[INFO] The file was deleted!
C:\WINDOWS\system32\taskdir~.exe
[DETECTION] Is the Trojan horse TR/Crypt.F.Gen
[INFO] The file was deleted!
C:\WINDOWS\system32\TheMatrixHasYou.exe
[DETECTION] Is the Trojan horse TR/Proxy.Small.BO.21
[INFO] The file was deleted!
C:\WINDOWS\system32\vdrvPK`W.exe
[DETECTION] Contains signature of the dropper DR/Mahayou.A
[INFO] The file was deleted!
C:\WINDOWS\system32\vdrvQC[J.exe
[DETECTION] Contains signature of the dropper DR/Mahayou.A
[INFO] The file was deleted!
C:\WINDOWS\system32\vxgame3.exe
[DETECTION] Is the Trojan horse TR/Dldr.Small.agq.4
[INFO] The file was deleted!
C:\WINDOWS\system32\vxgame4.exe
[DETECTION] Is the Trojan horse TR/Dldr.Small.ctk.2
[INFO] The file was deleted!
C:\WINDOWS\system32\vxgame6.exe
[DETECTION] Is the Trojan horse TR/Dldr.CWS.ARQ.4
[INFO] The file was deleted!
C:\WINDOWS\system32\vxgamet1.exe
[DETECTION] Is the Trojan horse TR/Dldr.Agent.aab
[INFO] The file was deleted!
C:\WINDOWS\system32\vxgamet2.exe
[DETECTION] Is the Trojan horse TR/Crypt.F.Gen
[INFO] The file was deleted!
C:\WINDOWS\system32\vxgamet3.exe
[DETECTION] Is the Trojan horse TR/Crypt.F.Gen
[INFO] The file was deleted!
C:\WINDOWS\system32\vxgamet4.exe
[DETECTION] Is the Trojan horse TR/Crypt.F.Gen
[INFO] The file was deleted!
C:\WINDOWS\system32\_zskwrkni05_DHZGJRAQGF]ZNQC.dll
[DETECTION] Is the Trojan horse TR/Proxy.Agent.KM
[INFO] The file was deleted!
C:\WINDOWS\system32\config\default
[WARNING] The file could not be opened!
C:\WINDOWS\system32\config\default.LOG
[WARNING] The file could not be opened!
C:\WINDOWS\system32\config\SAM
[WARNING] The file could not be opened!
C:\WINDOWS\system32\config\SAM.LOG
[WARNING] The file could not be opened!
C:\WINDOWS\system32\config\SECURITY
[WARNING] The file could not be opened!
C:\WINDOWS\system32\config\SECURITY.LOG
[WARNING] The file could not be opened!
C:\WINDOWS\system32\config\software
[WARNING] The file could not be opened!
C:\WINDOWS\system32\config\software.LOG
[WARNING] The file could not be opened!
C:\WINDOWS\system32\config\system
[WARNING] The file could not be opened!
C:\WINDOWS\system32\config\system.LOG
[WARNING] The file could not be opened!
C:\WINDOWS\system32\config\systemprofile\Configura ción local\Archivos temporales de Internet\Content.IE5\3VYF9B3A\kk[1].gif
[DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Padodor.v2 Backdoor server programs
[INFO] The file was deleted!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\sptd5453.sys
[WARNING] The file could not be opened!
The path A:\ could not be found!
El dispositivo no está listo.

The path D:\ could not be found!
El dispositivo no está listo.

The path E:\ could not be found!
El dispositivo no está listo.

End of the scan: martes, 27 de junio de 2006 00:38
Used time: 49:32 min

The scan has been done completely.

3513 Scanning directories
213105 Files were scanned
66 viruses and/or unwanted programs was found
65 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
3542 Archives were scanned
29 Warnings
3 Notes