| Re: Solicito su ayuda sobre el "virusProtectPro"
__________________________________________________ __________________________________________________ ________
DelPSGuard v 4.6.2
by www.ForoSpyware.com
Escaneo a las: 16:04:51.35, 06/08/2007
SO: Microsoft Windows XP [Versi˘n 5.1.2600]
»»»»»»»»»»»» Carpetas y Archivos infectados »»»»»»»»»»»»
»»»»»»»»»»»» Programas Malwares »»»»»»»»»»»»
»»»»»»»»»»»» FIN »»»»»»»»»»»»
__________________________________________________ __________________________________________________ ________
SPYSWEEPER
05:38 p.m.: Traces Found: 1
05:38 p.m.: Full Sweep has completed. Elapsed time 00:15:34
05:38 p.m.: File Sweep Complete, Elapsed Time: 00:14:01
05:30 p.m.: Warning: SweepDirectories: Cannot find directory "d:". This directory was not added to the list of paths to be
scanned.
05:30 p.m.: Warning: Failed to open file "c:\documents and settings\networkservice\datos de programa\webroot\spy
sweeper\temp\ssms39785dc1-6eda-41d6-91c0-e21c1681888a.tmp". La operación se ha completado correctamente
05:30 p.m.: Warning: Failed to open file "c:\documents and settings\networkservice\datos de programa\webroot\spy
sweeper\temp\ssmsbf2b0132-4b00-4b1a-b4da-5c1488cd5f57.tmp". La operación se ha completado correctamente
05:30 p.m.: Warning: Failed to open file "c:\documents and settings\networkservice\datos de programa\webroot\spy
sweeper\temp\ssms095e5efd-4f1b-4b01-9907-4b841ed78740.tmp". La operación se ha completado correctamente
05:30 p.m.: Warning: Failed to open file "c:\documents and settings\networkservice\datos de programa\webroot\spy
sweeper\temp\ssms9af97d0f-801b-48ea-9622-6c65fbcba108.tmp". La operación se ha completado correctamente
05:30 p.m.: Warning: Failed to open file "c:\documents and settings\networkservice\datos de programa\webroot\spy
sweeper\temp\ssmsa24efa55-8627-4f35-8e8a-8481eef41075.tmp". La operación se ha completado correctamente
05:30 p.m.: Warning: Failed to open file "c:\documents and settings\networkservice\datos de programa\webroot\spy
sweeper\temp\ssmsa880dcdb-c6d2-4a1f-917b-4262f4aa689e.tmp". La operación se ha completado correctamente
05:30 p.m.: Warning: Failed to open file "c:\documents and settings\networkservice\datos de programa\webroot\spy
sweeper\temp\ssms27d2a045-897e-43cc-8152-6de33dfca7ff.tmp". La operación se ha completado correctamente
05:30 p.m.: Warning: Failed to open file "c:\documents and settings\networkservice\datos de programa\webroot\spy
sweeper\temp\ssmse6288370-894b-4908-b51b-286b83ec2f84.tmp". La operación se ha completado correctamente
05:30 p.m.: Warning: Failed to open file "c:\documents and settings\networkservice\datos de programa\webroot\spy
sweeper\temp\ssmsebe4dc44-0d0c-4288-b79a-c7ec4f55b058.tmp". La operación se ha completado correctamente
05:30 p.m.: Warning: Failed to open file "c:\documents and settings\networkservice\datos de programa\webroot\spy
sweeper\temp\ssms7bfba6ad-e8c1-4c86-8edc-4d9092c099f3.tmp". La operación se ha completado correctamente
05:30 p.m.: Warning: Failed to open file "c:\documents and settings\networkservice\datos de programa\webroot\spy
sweeper\temp\ssmse32ea058-245d-4f8f-8cf7-182a1ec0fb46.tmp". La operación se ha completado correctamente
05:30 p.m.: Warning: Failed to open file "c:\documents and settings\networkservice\datos de programa\webroot\spy
sweeper\temp\ssmsb865ab77-9f07-492b-a2ec-4833bec014e0.tmp". La operación se ha completado correctamente
05:24 p.m.: Starting File Sweep
05:24 p.m.: Warning: SweepDirectories: Cannot find directory "a:". This directory was not added to the list of paths to be
scanned.
05:24 p.m.: Cookie Sweep Complete, Elapsed Time: 00:00:00
05:24 p.m.: Starting Cookie Sweep
05:24 p.m.: Registry Sweep Complete, Elapsed Time:00:01:20
05:24 p.m.: HKU\S-1-5-21-1644491937-1078081533-725345543-500\software\security tools\ (ID = 2221338)
05:24 p.m.: Found Trojan Horse: trojan-downloader-zlob
05:24 p.m.: Memory Sweep Complete, Elapsed Time: 00:00:00
05:24 p.m.: Starting Registry Sweep
05:22 p.m.: Starting Memory Sweep
05:22 p.m.: Sweep initiated using definitions version 962
05:22 p.m.: Spy Sweeper 5.5.7.48 started
05:22 p.m.: | Start of Session, Lunes, 06 de Agosto de 2007 |
***************
05:21 p.m.: Program Version 5.5.7.48 Using Spyware Definitions 962
05:21 p.m.: Spy Sweeper 5.5.7.48 started
05:21 p.m.: | Start of Session, Lunes, 06 de Agosto de 2007 |
***************
Keylogger: Off
05:16 p.m.: Informational: ShieldEmail: Start monitoring port 25 for mail activities
05:16 p.m.: Informational: ShieldEmail: Start monitoring port 110 for mail activities
E-mail Attachment: On
BHO Shield: On
IE Security Shield: On
Alternate Data Stream (ADS) Execution Shield: On
Startup Shield: On
Common Ad Sites: Off
Hosts File Shield: On
Internet Communication Shield: On
ActiveX Shield: On
Windows Messenger Service Shield: On
IE Favorites Shield: On
File System Shield: On
Execution Shield: On
System Services Shield: On
IE Hijack Shield: On
IE Tracking Cookies Shield: Off
05:16 p.m.: Shield States
05:16 p.m.: License Check Status (0): Success
05:16 p.m.: Spyware Definitions: 962
05:16 p.m.: Spy Sweeper 5.5.7.48 started
05:16 p.m.: Spy Sweeper 5.5.7.48 started
05:16 p.m.: | Start of Session, Lunes, 06 de Agosto de 2007 |
***************
__________________________________________________ __________________________________________________ ________
PANDA EN LINEA
Incidencia Estado Elemento
Spyware:Cookie/YieldManager No desinfectado C:\Documents
and Settings\Administrador\Cookies\administrador@ad.yi eldmanager[1].txt
__________________________________________________ __________________________________________________ ________
__________________________________________________
ewido anti-spyware online scanner
http://www.ewido.net
__________________________________________________
Name: TrackingCookie.Netflame
Path: C:\Documents and Settings\Administrador\Cookies\administrador@ssl-hints.netflame[2].txt
Risk: Medium
__________________________________________________ __________________________________________________ ________
KASPERSKY ONLINE SCANNER REPORT
Monday, August 06, 2007 3:57:12 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 6/08/2007
Kaspersky Anti-Virus database records: 376185
Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
A:\
C:\
D:\
Scan Statistics
Total number of scanned objects 18526
Number of viruses found 0
Number of infected objects 0 / 0
Number of suspicious objects 0
Duration of the scan process 00:25:41
Infected Object Name Virus Name Last Action
C:\$Persi0.sys Object is locked skipped
C:\Documents and Settings\Administrador\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat
Object is locked skipped
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is
locked skipped
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG
Object is locked skipped
C:\Documents and Settings\Administrador\Configuración local\Historial\History.IE5\index.dat Object is locked
skipped
C:\Documents and Settings\Administrador\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Administrador\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Administrador\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\All Users\Datos de programa\Microsoft\Network\Downloader\qmgr0.dat Object is locked
skipped
C:\Documents and Settings\All Users\Datos de programa\Microsoft\Network\Downloader\qmgr1.dat Object is locked
skipped
C:\Documents and Settings\LocalService\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat
Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is
locked skipped
C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG
Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Historial\History.IE5\index.dat Object is locked
skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is
locked skipped
C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG
Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{2889A636-DA59-4662-B5B6-07ACB7FD9FC5}\RP2\change.log Object is locked
skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.lo g Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MA P Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MA P Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DAT A Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
Scan process completed.
__________________________________________________ __________________________________________________ ________ |