Foro de Spyware - Ver Mensaje Individual - tengo trojanos pueden chercar mi log

Tema: tengo trojanos pueden chercar mi log

Ver Mensaje Individual

post #12 (permalink)

15/12/07, 10:34:38

dbzaf

Usuario

Registrado: dic 2007

Ubicación: estados unidos

Mensajes: 40

Re: tengo trojanos pueden chercar mi log

DESCARGE EL CF Y TERMINO EL PROCESO DEWSPUES RESETIE LA MAQUINA Y EL ZONEALARM EMPESO EL SCANEO Y DETECTO EL VIRUS TODAVIA SIGUE AHI NO SE QUE PASA CON ESTA MAQUINA ESPERO ME PUEDAS AYUDAR GRACIAS ESTE ES EL REPORTE DEL CF.

ComboFix 07-12-15.5 - winxp 2007-12-15 10:07:58.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.617 [GMT -5:00]
Running from: C:\Documents and Settings\winxp\Local Settings\Temporary Internet Files\Content.IE5\HJRDL70A\ComboFix[2].exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\winxp\Application Data\FunWebProducts
C:\Documents and Settings\winxp\Application Data\inst.exe
C:\Program Files\internet explorer\msimg32.dll
C:\WINDOWS\b129.exe.bin
C:\WINDOWS\pack.epk
C:\WINDOWS\system32\dqtujssbwr.dat
C:\WINDOWS\system32\dqtujssbwr_nav.dat
C:\WINDOWS\system32\dqtujssbwr_navps.dat
C:\WINDOWS\system32\nsgB35.dll
C:\WINDOWS\wr.txt

.
((((((((((((((((((((((((( Files Created from 2007-11-15 to 2007-12-15 )))))))))))))))))))))))))))))))
.

2007-12-14 18:30 . 2007-12-14 18:39 3,913,830,400 --a------ C:\THE REEF.ISO
2007-12-14 18:18 . 2007-12-14 18:21 1,439,426,560 --a------ C:\BEE MOVIE.ISO
2007-12-14 18:06 . 2007-12-14 18:16 4,464,152,576 --a------ C:\SURFS UP.ISO
2007-12-14 17:37 . 2007-12-14 17:46 4,082,771,968 --a------ C:\BROTHER BEAR 2.ISO
2007-12-12 18:00 . 2007-12-12 18:33 1,393 --a------ C:\WINDOWS\imsins.BAK
2007-12-08 23:54 . 2007-12-08 23:54 <DIR> d-------- C:\Program Files\DelPSGuard
2007-12-06 21:19 . 2007-12-13 21:42 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2007-12-06 21:19 . 2007-12-06 21:19 <DIR> d-------- C:\Documents and Settings\winxp\Application Data\SUPERAntiSpyware.com
2007-12-06 21:18 . 2007-12-06 21:18 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-12-06 20:40 . 2007-12-06 20:40 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2007-12-06 20:27 . 2007-12-06 20:27 <DIR> d-------- C:\Program Files\Yahoo!
2007-12-06 20:27 . 2007-12-06 20:27 <DIR> d-------- C:\Program Files\CCleaner
2007-12-04 16:36 . 2007-12-04 16:36 59,229 --a------ C:\WINDOWS\system32\dcads_sidebar_uninstall.exe
2007-12-03 12:13 . 2007-12-03 12:13 282,624 --a------ C:\WINDOWS\system32\dcads_sidebar.dll
2007-12-02 19:39 . 2007-12-02 19:39 <DIR> d-------- C:\Program Files\SlySoft
2007-12-02 19:15 . 2007-12-02 19:15 724,992 --a------ C:\WINDOWS\iun6002.exe
2007-12-02 13:16 . 2007-12-02 13:16 36 ---h----- C:\WINDOWS\system32\swk.ini
2007-12-02 10:40 . 2007-12-13 20:41 8,116 --a------ C:\WINDOWS\system32\d3d9caps.dat
2007-12-01 18:17 . 2007-12-01 18:17 <DIR> d-------- C:\Program Files\Trend Micro
2007-11-30 18:28 . 2007-11-30 18:30 <DIR> d-------- C:\Program Files\Windows Live
2007-11-30 18:28 . 2007-11-30 18:30 <DIR> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller
2007-11-30 18:27 . 2007-11-30 18:27 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2007-11-30 18:00 . 2007-11-30 18:00 <DIR> d-------- C:\Program Files\Windows Live Favorites
2007-11-28 17:42 . 2003-03-18 17:20 1,060,864 --a------ C:\WINDOWS\system32\MFC71.dll
2007-11-28 17:23 . 2007-11-28 17:29 2,550 --a------ C:\WINDOWS\system32\Uninstall.ico
2007-11-28 17:23 . 2007-11-28 17:29 1,406 --a------ C:\WINDOWS\system32\Help.ico
2007-11-27 18:32 . 2001-08-17 13:56 7,552 --a------ C:\WINDOWS\system32\drivers\SONYPVU1.SYS
2007-11-27 18:32 . 2001-08-17 13:56 7,552 --a--c--- C:\WINDOWS\system32\dllcache\sonypvu1.sys
2007-11-26 13:36 . 2007-12-06 17:04 194,372 --a------ C:\WINDOWS\system32\adssitesuggest_uninstall.exe
2007-11-26 10:51 . 2007-11-26 10:51 327,680 --a------ C:\WINDOWS\system32\adssitesuggest.dll
2007-11-25 01:31 . 2007-11-25 01:31 <DIR> d-------- C:\Program Files\Dcads Advanced Toolbar
2007-11-25 01:31 . 2007-11-25 14:09 <DIR> d-------- C:\Documents and Settings\winxp\Application Data\Dcads Advanced Toolbar
2007-11-25 01:31 . 2007-11-25 01:31 33,088 --a------ C:\WINDOWS\system32\dcadssuggest_uninstall.exe
2007-11-25 01:30 . 2007-11-30 22:43 80,118 --a------ C:\WINDOWS\system32\dcads-remove.exe
2007-11-25 01:30 . 2007-11-25 01:30 40,731 --a------ C:\WINDOWS\system32\superiorads-uninst.exe
2007-11-23 09:24 . 2007-11-23 09:24 327,680 --a------ C:\WINDOWS\system32\dcadssuggest.dll
2007-11-15 18:14 . 2007-11-15 18:14 <DIR> d-------- C:\Documents and Settings\winxp\Application Data\dvdcss

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2007-12-14 23:49 --------- d-----w C:\Documents and Settings\winxp\Application Data\Vso
2007-12-14 23:30 --------- d-----w C:\Documents and Settings\All Users\Application Data\DVD Shrink
2007-12-14 22:19 --------- d-----w C:\Program Files\eMule
2007-12-12 12:56 --------- d-----w C:\Documents and Settings\winxp\Application Data\LimeWire
2007-12-03 00:44 --------- d-----w C:\Documents and Settings\All Users\Application Data\SlySoft
2007-12-03 00:42 99,904 ----a-w C:\WINDOWS\system32\drivers\AnyDVD.sys.bak
2007-12-03 00:42 99,904 ----a-w C:\WINDOWS\system32\drivers\AnyDVD.sys
2007-12-03 00:40 34,308 ----a-w C:\WINDOWS\system32\Chip.dll
2007-12-01 22:19 69,974 ----a-w C:\WINDOWS\Internet Logs\zlclient_2nd_2007_12_01_17_04_50_small.dmp.zi p
2007-12-01 22:19 68,194 ----a-w C:\WINDOWS\Internet Logs\zlclient_2nd_2007_12_01_17_04_45_small.dmp.zi p
2007-12-01 04:24 --------- d-----w C:\Program Files\LimeWire
2007-11-30 23:31 --------- d-----w C:\Program Files\MSN Messenger
2007-11-30 23:01 --------- d-----w C:\Program Files\Windows Live Toolbar
2007-11-21 15:19 6,820,024 ----a-w C:\WINDOWS\Internet Logs\tvDebug.zip
2007-11-21 15:19 144,288 ----a-w C:\WINDOWS\Internet Logs\vsmon_2nd_2007_11_19_14_16_20_small.dmp.zip
2007-11-15 23:36 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-11-10 03:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\DFX
2007-11-03 18:43 --------- d-----w C:\Program Files\Java
2007-10-29 22:43 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-27 22:40 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
2007-10-22 00:10 92,672 ----a-w C:\WINDOWS\system32\KillBox.exe
2007-10-18 16:31 51,224 ----a-w C:\WINDOWS\system32\sirenacm.dll
2007-10-17 17:23 10,752 ----a-w C:\WINDOWS\system32\WhoisCL.exe
2007-10-12 11:07 24,450,662 ----a-w C:\WINDOWS\Internet Logs\vsmon_on_demand_2007_10_11_23_36_26_full.dmp. zip
2007-09-24 22:41 20,693,280 ----a-w C:\WINDOWS\Internet Logs\vsmon_on_demand_2007_09_24_08_31_15_full.dmp. zip
2007-08-08 22:07 56,105 ----a-w C:\WINDOWS\Internet Logs\vsmon_2nd_2007_08_08_18_07_36_small.dmp.zip
2007-08-07 12:21 42,970 ----a-w C:\WINDOWS\Internet Logs\zlclient_2nd_2007_08_07_08_18_05_small.dmp.zi p
2007-07-18 13:56 550,912 ----a-w C:\WINDOWS\inf\DVD.BIN
2007-07-08 01:39 21,233,976 ----a-w C:\WINDOWS\Internet Logs\vsmon_on_demand_2007_07_07_20_33_57_full.dmp. zip
2007-07-08 01:39 21,188,507 ----a-w C:\WINDOWS\Internet Logs\vsmon_on_demand_2007_07_07_20_33_49_full.dmp. zip
2007-07-08 01:38 21,126,132 ----a-w C:\WINDOWS\Internet Logs\vsmon_on_demand_2007_07_07_20_33_35_full.dmp. zip
2007-04-28 18:43 47,360 ----a-w C:\Documents and Settings\winxp\Application Data\pcouffin.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"DW4"="C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe" [2007-03-16 06:51]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe" [2007-08-06 17:35]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 07:00]
"AnyDVD"="C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe" [2007-12-02 19:42]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-06-21 14:06]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"Smapp"="C:\Program Files\Analog Devices\SoundMAX\SMTray.exe" [2003-05-05 07:57]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2007-04-28 13:45]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-01-08 13:29]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.e xe" [2006-01-12 15:40]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-26 13:42]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 05:24]

[hkey_local_machine\software\microsoft\windows\curr entversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

R3 MusCDriverV32;MusCDriverV32;C:\WINDOWS\system32\dr ivers\MusCDriverV32.sys
S3 ess;ESS Audio Driver (WDM);C:\WINDOWS\system32\drivers\ess.sys
S3 USBAAPL;Apple Mobile USB Driver;C:\WINDOWS\system32\Drivers\usbaapl.sys
S4 FreezeScreenSaver;FreezeScreenSaver;C:\WINDOWS\sys tem32\FreezeScreenSaver.exe

.
Contents of the 'Scheduled Tasks' folder
"2007-12-14 22:15:00 C:\WINDOWS\Tasks\1-Click Maintenance.job"
- C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
"2007-12-11 19:55:06 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2007-12-15 15:11:01 C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
.
************************************************** ************************

catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-15 10:11:04
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

************************************************** ************************
.
Completion time: 2007-12-15 10:11:40
.
2007-12-12 23:35:47 --- E O F ---