Tema: win32/agenteNFH (troyano)...(Solucionado)
Ver Mensaje Individual
  post #4 (permalink)  
Antiguo 27/06/07, 23:16:54
cdomnanich cdomnanich está offline
Usuario
  
Registrado: may 2007
Ubicación: argentina
Mensajes: 146
Re: win32/agenteNFH (troyano)
Hola Claw;
desde luego, muchas gracias por la ayuda.
antes de pegar el reporte, te cuento que el ewido detecto un virus y lo eliminó.


-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Thursday, June 28, 2007 1218 AM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.93.0
Kaspersky Anti-Virus database last update: 28/06/2007
Kaspersky Anti-Virus database records: 354737
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
G:\
H:\
I:\

Scan Statistics:
Total number of scanned objects: 61733
Number of viruses found: 2
Number of infected objects: 6
Number of suspicious objects: 0
Duration of the scan process: 00:44:46

Infected Object Name / Virus Name / Last Action
C:\Archivos de programa\Eset\cache\CACHE.NDB Object is locked skipped
C:\Archivos de programa\Eset\infected\0TPCABAA.NQF/data0011 Infected: not-a-virus:AdTool.Win32.WhenU.a skipped
C:\Archivos de programa\Eset\infected\0TPCABAA.NQF NSIS: infected - 1 skipped
C:\Archivos de programa\Eset\infected\0TPCABAA.NQF PE-Crypt.XorPE: infected - 1 skipped
C:\Archivos de programa\Eset\infected\D34AATAA.NQF/Toolbar.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\Archivos de programa\Eset\infected\D34AATAA.NQF RAR: infected - 1 skipped
C:\Archivos de programa\Eset\infected\D34AATAA.NQF PE-Crypt.XorPE: infected - 1 skipped
C:\Archivos de programa\Eset\logs\virlog.dat Object is locked skipped
C:\Archivos de programa\Eset\logs\warnlog.dat Object is locked skipped
C:\Archivos de programa\Microsoft Office\OFFICE11\STARTUP\Power Translator.dot Object is locked skipped
C:\Documents and Settings\fg\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\fg\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\fg\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\fg\Configuración local\Historial\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\fg\Configuración local\Temp\Perflib_Perfdata_7b0.dat Object is locked skipped
C:\Documents and Settings\fg\Configuración local\Temp\~DF5F7A.tmp Object is locked skipped
C:\Documents and Settings\fg\Configuración local\Temp\~DF5F91.tmp Object is locked skipped
C:\Documents and Settings\fg\Configuración local\Temp\~DFE240.tmp Object is locked skipped
C:\Documents and Settings\fg\Configuración local\Temp\~DFE31E.tmp Object is locked skipped
C:\Documents and Settings\fg\Configuración local\Temp\~WRF0000.tmp Object is locked skipped
C:\Documents and Settings\fg\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\fg\Datos de programa\Microsoft\Plantillas\Normal.dot Object is locked skipped
C:\Documents and Settings\fg\Escritorio\win32.doc Object is locked skipped
C:\Documents and Settings\fg\Escritorio\~WRL0005.tmp Object is locked skipped
C:\Documents and Settings\fg\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\fg\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Historial\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{886940C5-5FD9-4851-B4BF-A91A3FFAF9BA}\RP38\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.lo g Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MA P Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MA P Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DAT A Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
E:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
E:\System Volume Information\_restore{886940C5-5FD9-4851-B4BF-A91A3FFAF9BA}\RP38\change.log Object is locked skipped

Scan process completed.


SALUDOS Y GRACIAS NUEVAMENTE.
Responder Con Cita