Foro de Spyware - Ver Mensaje Individual - win32/trojanDownloader.Small.CYF

Tema: win32/trojanDownloader.Small.CYF

Ver Mensaje Individual

post #3 (permalink)

03/01/07, 19:27:11

IreneSPAZ

Usuario

Registrado: nov 2006

Ubicación: Sevilla

Mensajes: 11

Re: win32/trojanDownloader.Small.CYF

Pues el ewido si me eliminó algunos pero luego según Kaspersky tengo un montón y no me los puede eliminar.
Le pasé el antivirus q tengo en el inicio a modo a prueba de fallos y segun nod32 no tenía nada, pero lo dudo.Bueno os pego los report a ver si me podeis decir que hago.
gracias
__________________________________________________
ewido anti-spyware online scanner
http://www.ewido.net
__________________________________________________

Name: TrackingCookie.Doubleclick
Path: C:\Documents and Settings\Irene\Cookies\irene@doubleclick[1].txt
Risk: Medium

Name: TrackingCookie.Atdmt
Path: C:\Documents and Settings\Irene\Cookies\irene@atdmt[1].txt
Risk: Medium

Name: Adware.PestTrap
Path: HKU\S-1-5-21-4077229428-4026725927-1311325968-1005\Software\Microsoft\Windows\CurrentVersion\Run \\Windows installer
Risk: Medium

Name: Downloader.Small.ddx
Path: [1488] C:\WINDOWS\system32\zgCrypt.dll
Risk: High

Name: Trojan.Sinowal.bh
Path: [324] C:\WINDOWS\system32\msasvc.exe
Risk: High

Name: Trojan.Sinowal.bh
Path: C:\WINDOWS\system32\msasvc.exe
Risk: High

Name: Downloader.Small.ddx
Path: C:\WINDOWS\system32\zgCrypt.dll
Risk: High

Name: Hijacker.Agent.ii
Path: C:\Documents and Settings\Irene\Configuración local\Temp\1258169026.exe
Risk: High

Name: Hijacker.Agent.ii
Path: C:\Documents and Settings\Irene\Configuración local\Archivos temporales de Internet\Content.IE5\173C9558\file[1].htm
Risk: High

Name: Downloader.Busky
Path: C:\Documents and Settings\Irene\Configuración local\Datos de programa\czpeexk.dll
Risk: High

Name: TrackingCookie.Mediaplex
Path: :mozilla.18:C:\Documents and Settings\Irene\Datos de programa\Mozilla\Firefox\Profiles\s1ztm7dk.default \cookies.txt
Risk: Medium

Name: TrackingCookie.Atdmt
Path: :mozilla.20:C:\Documents and Settings\Irene\Datos de programa\Mozilla\Firefox\Profiles\s1ztm7dk.default \cookies.txt
Risk: Medium

Name: TrackingCookie.Googleadservices
Path: :mozilla.30:C:\Documents and Settings\Irene\Datos de programa\Mozilla\Firefox\Profiles\s1ztm7dk.default \cookies.txt
Risk: Medium

Name: TrackingCookie.Doubleclick
Path: :mozilla.36:C:\Documents and Settings\Irene\Datos de programa\Mozilla\Firefox\Profiles\s1ztm7dk.default \cookies.txt
Risk: Medium

---------------------------------------------------------
kaspersky:
Wednesday, January 03, 2007 10:47:50 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.84.0
Kaspersky Anti-Virus database last update: 3/01/2007
Kaspersky Anti-Virus database records: 241450

Scan Settings
Scan using the following antivirus database standard
Scan Archives true
Scan Mail Bases true

Scan Target My Computer
C:\
D:\
E:\

Scan Statistics
Total number of scanned objects 79464
Number of viruses found 4
Number of infected objects 30 / 0
Number of suspicious objects 0
Duration of the scan process 00:39:28

Infected Object Name Virus Name Last Action
C:\WINDOWS\system32\config\system.LOG Object is locked skipped

C:\WINDOWS\system32\config\software.LOG Object is locked skipped

C:\WINDOWS\system32\config\default.LOG Object is locked skipped

C:\WINDOWS\system32\config\SECURITY Object is locked skipped

C:\WINDOWS\system32\config\SAM Object is locked skipped

C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

C:\WINDOWS\system32\config\SYSTEM Object is locked skipped

C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped

C:\WINDOWS\system32\config\DEFAULT Object is locked skipped

C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\Internet.evt Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MA P Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MA P Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DAT A Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

C:\WINDOWS\system32\CatRoot2\edbtmp.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped

C:\WINDOWS\system32\h323log.txt Object is locked skipped

C:\WINDOWS\system32\__delete_on_reboot__z_g_C_r_y_ p_t_._d_l_l_ Infected: Trojan-Downloader.Win32.Small.ddx skipped

C:\WINDOWS\system32\__delete_on_reboot__m_s_a_s_v_ c_._e_x_e_ Infected: Trojan-PSW.Win32.Sinowal.bh skipped

C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

C:\WINDOWS\Sti_Trace.log Object is locked skipped

C:\WINDOWS\wiaservc.log Object is locked skipped

C:\WINDOWS\wiadebug.log Object is locked skipped

C:\WINDOWS\WindowsUpdate.log Object is locked skipped

C:\WINDOWS\SchedLgU.Txt Object is locked skipped

C:\WINDOWS\SoftwareDistribution\ReportingEvents.lo g Object is locked skipped

C:\WINDOWS\pfirewall.log Object is locked skipped

C:\Documents and Settings\All Users\Datos de programa\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped

C:\Documents and Settings\All Users\Datos de programa\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped

C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\LocalService\Configuración local\Historial\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\Irene\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\Irene\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\Irene\Configuración local\Temp\IH2D8E.tmp Infected: Trojan-Clicker.Win32.Agent.ii skipped

C:\Documents and Settings\Irene\Configuración local\Temp\IHBD22.tmp Infected: Trojan-Clicker.Win32.Agent.ii skipped

C:\Documents and Settings\Irene\Configuración local\Temp\IH3.tmp Infected: Trojan-Clicker.Win32.Agent.ii skipped

C:\Documents and Settings\Irene\Configuración local\Temp\IH43.tmp Infected: Trojan-Clicker.Win32.Agent.ii skipped

C:\Documents and Settings\Irene\Configuración local\Temp\IH3389.tmp Object is locked skipped

C:\Documents and Settings\Irene\Configuración local\Temp\Perflib_Perfdata_884.dat Object is locked skipped

C:\Documents and Settings\Irene\Configuración local\Historial\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Irene\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Irene\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\Irene\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\Irene\Configuración local\Datos de programa\__delete_on_reboot__c_z_p_e_e_x_k_._d_l_l _ Infected: Trojan-Downloader.Win32.Busky.gen skipped

C:\Documents and Settings\Irene\Cookies\index.dat Object is locked skipped

C:\Archivos de programa\ESET\logs\virlog.dat Object is locked skipped

C:\Archivos de programa\ESET\logs\warnlog.dat Object is locked skipped

C:\Archivos de programa\ESET\cache\CACHE.NDB Object is locked skipped

C:\Archivos de programa\ESET\infected\SXODCLBA.NQF Infected: Trojan-Clicker.Win32.Agent.ii skipped

C:\Archivos de programa\ESET\infected\MMZFXRBA.NQF Infected: Trojan-PSW.Win32.Sinowal.bh skipped

C:\Archivos de programa\ESET\infected\YQABMPBA.NQF Infected: Trojan-Clicker.Win32.Agent.ii skipped

C:\Archivos de programa\ESET\infected\YAUEJODA.NQF Infected: Trojan-Clicker.Win32.Agent.ii skipped

C:\Archivos de programa\ESET\infected\INFYMDBA.NQF Infected: Trojan-Clicker.Win32.Agent.ii skipped

C:\Archivos de programa\ESET\infected\KLT0CEDA.NQF Infected: Trojan-Clicker.Win32.Agent.ii skipped

C:\Archivos de programa\ESET\infected\YT0PGJAA.NQF Infected: Trojan-Clicker.Win32.Agent.ii skipped

C:\Archivos de programa\ESET\infected\UKTEBWDA.NQF Infected: Trojan-Clicker.Win32.Agent.ii skipped

C:\Archivos de programa\ESET\infected\XNNV3PDA.NQF Infected: Trojan-Clicker.Win32.Agent.ii skipped

C:\Archivos de programa\ESET\infected\4ETLXUBA.NQF Infected: Trojan-Clicker.Win32.Agent.ii skipped

C:\Archivos de programa\ESET\infected\EACWSQCA.NQF Infected: Trojan-Clicker.Win32.Agent.ii skipped

C:\Archivos de programa\ESET\infected\VBNGTCCA.NQF Infected: Trojan-Clicker.Win32.Agent.ii skipped

C:\Archivos de programa\ESET\infected\AMMIWIBA.NQF Infected: Trojan-Clicker.Win32.Agent.ii skipped

C:\Archivos de programa\ESET\infected\Q0XQHGBA.NQF Infected: Trojan-Clicker.Win32.Agent.ii skipped

C:\Archivos de programa\ESET\infected\IKPPJIAA.NQF Infected: Trojan-Clicker.Win32.Agent.ii skipped

C:\Archivos de programa\ESET\infected\UL1HUEBA.NQF Infected: Trojan-Clicker.Win32.Agent.ii skipped

C:\Archivos de programa\ESET\infected\FPQRGKAA.NQF Infected: Trojan-Clicker.Win32.Agent.ii skipped

C:\Archivos de programa\ESET\infected\DBQ3PSDA.NQF Infected: Trojan-Clicker.Win32.Agent.ii skipped

C:\Archivos de programa\ESET\infected\KH4TPZBA.NQF Infected: Trojan-Clicker.Win32.Agent.ii skipped

C:\Archivos de programa\ESET\infected\E3DQXRBA.NQF Infected: Trojan-Clicker.Win32.Agent.ii skipped

C:\FOUND.007\FILE0000.CHK Infected: Trojan-Clicker.Win32.Agent.ii skipped

C:\FOUND.007\FILE0001.CHK Infected: Trojan-Clicker.Win32.Agent.ii skipped

C:\FOUND.007\FILE0003.CHK Infected: Trojan-Clicker.Win32.Agent.ii skipped

C:\ufpuc.exe Object is locked skipped

C:\tmlchrx.exe Object is locked skipped

D:\System Volume Information\catalog.wci\CiSP0000.000 Object is locked skipped

D:\System Volume Information\catalog.wci\INDEX.000 Object is locked skipped

D:\System Volume Information\catalog.wci\CiP10000.000 Object is locked skipped

D:\System Volume Information\catalog.wci\CiCL0001.000 Object is locked skipped

D:\System Volume Information\catalog.wci\CiSL0001.000 Object is locked skipped

D:\System Volume Information\catalog.wci\CiP20000.000 Object is locked skipped

D:\System Volume Information\catalog.wci\CiPT0000.000 Object is locked skipped

D:\System Volume Information\catalog.wci\CiST0000.000 Object is locked skipped

D:\System Volume Information\catalog.wci\00000002.ps2 Object is locked skipped

D:\System Volume Information\catalog.wci\cicat.hsh Object is locked skipped

D:\System Volume Information\catalog.wci\CiVP0000.000 Object is locked skipped

D:\System Volume Information\catalog.wci\cicat.fid Object is locked skipped

D:\System Volume Information\catalog.wci\propstor.bk1 Object is locked skipped

D:\System Volume Information\catalog.wci\propstor.bk2 Object is locked skipped

D:\System Volume Information\catalog.wci\00000002.ps1 Object is locked skipped

D:\System Volume Information\catalog.wci\CiFLfffc.000 Object is locked skipped

D:\System Volume Information\catalog.wci\CiFLfffc.002 Object is locked skipped

D:\System Volume Information\catalog.wci\0001000F.ci Object is locked skipped

Scan process completed.

a ver que opinais