Foro de Spyware - Ver Mensaje Individual - GTGina.dll Reporte de Kaspersky y Problemas con Ewido Scanner Online

Tema: GTGina.dll Reporte de Kaspersky y Problemas con Ewido Scanner Online

Ver Mensaje Individual

post #1 (permalink)

27/01/08, 10:32:48

gus66

Usuario

Registrado: abr 2006

Ubicación: Argentina

Mensajes: 10

GTGina.dll Reporte de Kaspersky y Problemas con Ewido Scanner Online

Estimados,

He vuelto a vuestro foro en busca de una solucion para mi GTGina.dll que parece ser quien no me permite administrar el modo de inicio de mis usuarios.

Encontre la solucion propuesta en GTGina.dll,svmhost.exe , (solucionado) [Archivo] - Foro de Spywarey la segui al pie de la letra, dentro de mis limitaciones

, hasta llegar al siguiente punto:
Al ejecutar hijackthis nunca encontre ni pude Fixear estas entradas:
O4 - HKLM\..\RunServices: [Microsoft Windows Update] svmhost.exe
O4 - HKCU\..\RunServices: [Window Monitor] winmon32.exe
Tampoco pude hacerlo con KillBox

Otro problema fue cuando quise correr los antivirus online en el mismo orden sugerido. El Ewido Anti Spyware me colgo el iExplorer cada vez que lo corri, con el Kaspersky, no tuve problemas solo las 2.40 hs que me llevo correrlo.

Nota: Demas esta decir que el GTGina.dll sigue alli tan tranquilo como siempre y yo sin poder modificar el arranque de mis usuarios.

Aqui les dejo mi reporte de Kaspersky:
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Sunday, January 27, 2008 11:55:56 AM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 27/01/2008
Kaspersky Anti-Virus database records: 533858
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
G:\
H:\

Scan Statistics:
Total number of scanned objects: 194208
Number of viruses found: 16
Number of infected objects: 62
Number of suspicious objects: 0
Duration of the scan process: 02:40:46

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\8hw8rjv2.default\cer t8.db Object is locked skipped
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\8hw8rjv2.default\Goo gleToolbarData\googlesafebrowsing.db Object is locked skipped
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\8hw8rjv2.default\his tory.dat Object is locked skipped
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\8hw8rjv2.default\key 3.db Object is locked skipped
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\8hw8rjv2.default\par ent.lock Object is locked skipped
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\8hw8rjv2.default\sea rch.sqlite Object is locked skipped
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\8hw8rjv2.default\url classifier2.sqlite Object is locked skipped
C:\Documents and Settings\Administrator\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\8hw8rjv2.default\Cac he\_CACHE_001_ Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\8hw8rjv2.default\Cac he\_CACHE_002_ Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\8hw8rjv2.default\Cac he\_CACHE_003_ Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\8hw8rjv2.default\Cac he\_CACHE_MAP_ Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5\MSHist012008012720080 128\index.dat Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Temp\s208/stream/data0004 Infected: not-a-virus:AdWare.Win32.BHO.lr skipped
C:\Documents and Settings\Administrator\Local Settings\Temp\s208/stream Infected: not-a-virus:AdWare.Win32.BHO.lr skipped
C:\Documents and Settings\Administrator\Local Settings\Temp\s208 NSIS: infected - 2 skipped
C:\Documents and Settings\Administrator\Local Settings\Temp\sjg/stream/data0004 Infected: not-a-virus:AdWare.Win32.NewWeb.ay skipped
C:\Documents and Settings\Administrator\Local Settings\Temp\sjg/stream Infected: not-a-virus:AdWare.Win32.NewWeb.ay skipped
C:\Documents and Settings\Administrator\Local Settings\Temp\sjg NSIS: infected - 2 skipped
C:\Documents and Settings\Administrator\Local Settings\Temp\~DFB194.tmp Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Administrator\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Administrator\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp Object is locked skipped
C:\Documents and Settings\All Users.WINDOWS\Application Data\Grisoft\Avg7Data\avg7log.log Object is locked skipped
C:\Documents and Settings\All Users.WINDOWS\Application Data\Grisoft\Avg7Data\avg7log.log.lck Object is locked skipped
C:\Documents and Settings\Gustavo\Desktop\Downloads\377.exe/WISE0014.BIN Infected: not-a-virus:AdTool.Win32.WhenU.a skipped
C:\Documents and Settings\Gustavo\Desktop\Downloads\377.exe/WISE0015.BIN Infected: not-a-virus:AdWare.Win32.NewDotNet skipped
C:\Documents and Settings\Gustavo\Desktop\Downloads\377.exe WiseSFX: infected - 2 skipped
C:\Documents and Settings\Gustavo\Desktop\Downloads\377.exe WiseSFXDropper: infected - 2 skipped
C:\Documents and Settings\Gustavo\Desktop\Downloads\53.exe/WISE0014.BIN Infected: not-a-virus:AdTool.Win32.WhenU.a skipped
C:\Documents and Settings\Gustavo\Desktop\Downloads\53.exe/WISE0015.BIN Infected: not-a-virus:AdWare.Win32.NewDotNet skipped
C:\Documents and Settings\Gustavo\Desktop\Downloads\53.exe WiseSFX: infected - 2 skipped
C:\Documents and Settings\Gustavo\Desktop\Downloads\53.exe WiseSFXDropper: infected - 2 skipped
C:\Documents and Settings\Gustavo\Desktop\Downloads\Iconos MSN\setup.exe/data0001 Infected: Trojan-Downloader.Win32.IstBar.lu skipped
C:\Documents and Settings\Gustavo\Desktop\Downloads\Iconos MSN\setup.exe/data0003 Infected: Trojan-Downloader.Win32.IstBar.nn skipped
C:\Documents and Settings\Gustavo\Desktop\Downloads\Iconos MSN\setup.exe NSIS: infected - 2 skipped
C:\Documents and Settings\Gustavo\Desktop\Downloads\WATCH_FREE_PORN .exe/data0001 Infected: Trojan-Downloader.Win32.IstBar.ja skipped
C:\Documents and Settings\Gustavo\Desktop\Downloads\WATCH_FREE_PORN .exe NSIS: infected - 1 skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService.NT AUTHORITY\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService.NT AUTHORITY\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Screensavers.com\Installer\bin\ScreensaversI nst.dll Infected: not-a-virus:AdWare.Win32.Comet.c skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP2\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{5A560F E3-C413-44D7-85F4-836F38F54426}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.lo g Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MA P Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MA P Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DAT A Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
C:\WINDOWS\{00000005-00000000-00000003-00001102-00000004-20061102}.CDF Object is locked skipped
G:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
G:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP2\change.log Object is locked skipped
H:\BKP Outlook\BKP Outlook Express 24 Ene 06\Compras Internet.dbx/[From eBay <identdep_op8781@ebay.com>][Date Fri, 16 Dec 2005 22:09:33 +0500]/html Infected: Trojan-Spy.HTML.Bayfraud.hn skipped
H:\BKP Outlook\BKP Outlook Express 24 Ene 06\Compras Internet.dbx Mail MS Outlook 5: infected - 1 skipped
H:\BKP Outlook\BKP Outlook Express 5 Abr 06\Compras Internet.dbx/[From eBay <identdep_op8781@ebay.com>][Date Fri, 16 Dec 2005 22:09:33 +0500]/html Infected: Trojan-Spy.HTML.Bayfraud.hn skipped
H:\BKP Outlook\BKP Outlook Express 5 Abr 06\Compras Internet.dbx Mail MS Outlook 5: infected - 1 skipped
H:\BKP Outlook\BKP Outlook Express Post Perdida 7 Nov 05\Compras Internet.dbx/[From eBay Inc <support_refnum_5814599265@ebay.com>][Date Thu, 27 Oct 2005 22:02:00 -0400]/UNNAMED/html Infected: Trojan-Spy.HTML.Bayfraud.hn skipped
H:\BKP Outlook\BKP Outlook Express Post Perdida 7 Nov 05\Compras Internet.dbx/[From eBay Inc <support_refnum_5814599265@ebay.com>][Date Thu, 27 Oct 2005 22:02:00 -0400]/UNNAMED Infected: Trojan-Spy.HTML.Bayfraud.hn skipped
H:\BKP Outlook\BKP Outlook Express Post Perdida 7 Nov 05\Compras Internet.dbx Mail MS Outlook 5: infected - 2 skipped
H:\BKP Outlook\BKP Outlook Express Post Perdida 7 Nov 05\Elementos eliminados.dbx/[From webmaster@meyerdirect.com.ar][Date Fri, 02 Dec 2005 13:16:54 GMT]/UNNAMED/reg_pass.zip/File-packed_dataInfo.exe Infected: Email-Worm.Win32.Sober.y skipped
H:\BKP Outlook\BKP Outlook Express Post Perdida 7 Nov 05\Elementos eliminados.dbx/[From webmaster@meyerdirect.com.ar][Date Fri, 02 Dec 2005 13:16:54 GMT]/UNNAMED/reg_pass.zip Infected: Email-Worm.Win32.Sober.y skipped
H:\BKP Outlook\BKP Outlook Express Post Perdida 7 Nov 05\Elementos eliminados.dbx/[From webmaster@meyerdirect.com.ar][Date Fri, 02 Dec 2005 13:16:54 GMT]/UNNAMED Infected: Email-Worm.Win32.Sober.y skipped
H:\BKP Outlook\BKP Outlook Express Post Perdida 7 Nov 05\Elementos eliminados.dbx Mail MS Outlook 5: infected - 3 skipped
H:\BKP Salvar LL\A Lopez\SpyFighterSetup.exe/data.rar/SpyFighter.msi/_92C4297F51B0F9D7BD66C268A8616FBE/_1A7D6E263FD4DD16C28FEB2421E3BD58 Infected: not-a-virus:FraudTool.Win32.UltimateDefender.e skipped
H:\BKP Salvar LL\A Lopez\SpyFighterSetup.exe/data.rar/SpyFighter.msi/_92C4297F51B0F9D7BD66C268A8616FBE/_1F7B51334E3E2F6262F5DAD82EDE4B54 Infected: not-a-virus:FraudTool.Win32.UltimateDefender.e skipped
H:\BKP Salvar LL\A Lopez\SpyFighterSetup.exe/data.rar/SpyFighter.msi/_92C4297F51B0F9D7BD66C268A8616FBE/_266538DEEAEC09C30F44C4CC3E0F22FC Infected: not-a-virus:FraudTool.Win32.UltimateDefender.e skipped
H:\BKP Salvar LL\A Lopez\SpyFighterSetup.exe/data.rar/SpyFighter.msi/_92C4297F51B0F9D7BD66C268A8616FBE/_391E4B928945F47CB1194D801021E8FB Infected: not-a-virus:FraudTool.Win32.UltimateDefender.e skipped
H:\BKP Salvar LL\A Lopez\SpyFighterSetup.exe/data.rar/SpyFighter.msi/_92C4297F51B0F9D7BD66C268A8616FBE/_42ADA5013DE567E19BEBF3B6A3480AEA Infected: not-a-virus:FraudTool.Win32.UltimateDefender.e skipped
H:\BKP Salvar LL\A Lopez\SpyFighterSetup.exe/data.rar/SpyFighter.msi/_92C4297F51B0F9D7BD66C268A8616FBE/_7BB171F3005A978F8588CFD2CFB773D1 Infected: not-a-virus:FraudTool.Win32.UltimateDefender.e skipped
H:\BKP Salvar LL\A Lopez\SpyFighterSetup.exe/data.rar/SpyFighter.msi/_92C4297F51B0F9D7BD66C268A8616FBE/_A3F105724AA6F67DB0E27B786E501AEE Infected: not-a-virus:FraudTool.Win32.UltimateDefender.e skipped
H:\BKP Salvar LL\A Lopez\SpyFighterSetup.exe/data.rar/SpyFighter.msi/_92C4297F51B0F9D7BD66C268A8616FBE/_A64905E43F05E6F66E4435BD43ADB7E6 Infected: not-a-virus:FraudTool.Win32.UltimateDefender.e skipped
H:\BKP Salvar LL\A Lopez\SpyFighterSetup.exe/data.rar/SpyFighter.msi/_92C4297F51B0F9D7BD66C268A8616FBE/_CEA87F054B53EC6BD9B695AE4A51F0B8 Infected: not-a-virus:FraudTool.Win32.UltimateDefender.e skipped
H:\BKP Salvar LL\A Lopez\SpyFighterSetup.exe/data.rar/SpyFighter.msi/_92C4297F51B0F9D7BD66C268A8616FBE/_F0F3F603CC4D8DB4A1288AF43F6720AA Infected: not-a-virus:FraudTool.Win32.UltimateDefender.e skipped
H:\BKP Salvar LL\A Lopez\SpyFighterSetup.exe/data.rar/SpyFighter.msi/_92C4297F51B0F9D7BD66C268A8616FBE Infected: not-a-virus:FraudTool.Win32.UltimateDefender.e skipped
H:\BKP Salvar LL\A Lopez\SpyFighterSetup.exe/data.rar/SpyFighter.msi Infected: not-a-virus:FraudTool.Win32.UltimateDefender.e skipped
H:\BKP Salvar LL\A Lopez\SpyFighterSetup.exe/data.rar Infected: not-a-virus:FraudTool.Win32.UltimateDefender.e skipped
H:\BKP Salvar LL\A Lopez\SpyFighterSetup.exe RarSFX: infected - 13 skipped
H:\BKP Salvar LL\Z Bruni\LIC. OSCAR BRUNI\babylon32.exe/cd_install_247.exe/cd_clint.dll Infected: not-a-virus:AdWare.Win32.Cydoor skipped
H:\BKP Salvar LL\Z Bruni\LIC. OSCAR BRUNI\babylon32.exe/cd_install_247.exe/cd_htm.dll Infected: not-a-virus:AdWare.Win32.Cydoor.c skipped
H:\BKP Salvar LL\Z Bruni\LIC. OSCAR BRUNI\babylon32.exe/cd_install_247.exe Infected: not-a-virus:AdWare.Win32.Cydoor.c skipped
H:\BKP Salvar LL\Z Bruni\LIC. OSCAR BRUNI\babylon32.exe/SaveNowInst.exe/SaveNow.exe Infected: not-a-virus:AdWare.Win32.SaveNow.bf skipped
H:\BKP Salvar LL\Z Bruni\LIC. OSCAR BRUNI\babylon32.exe/SaveNowInst.exe/Uninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.au skipped
H:\BKP Salvar LL\Z Bruni\LIC. OSCAR BRUNI\babylon32.exe/SaveNowInst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.au skipped
H:\BKP Salvar LL\Z Bruni\LIC. OSCAR BRUNI\babylon32.exe ZIP: infected - 6 skipped
H:\BKP Salvar LL\Z Bruni\no usados\AGSetup0609.exe/fsg-ag.exe Infected: not-a-virus:AdWare.Win32.Gator.3102 skipped
H:\BKP Salvar LL\Z Bruni\no usados\AGSetup0609.exe Vise: infected - 1 skipped
H:\Descargas\extra extra miguel mateos.zip/setup.exe/data0001 Infected: Trojan-Downloader.Win32.IstBar.lu skipped
H:\Descargas\extra extra miguel mateos.zip/setup.exe/data0003 Infected: Trojan-Downloader.Win32.IstBar.nn skipped
H:\Descargas\extra extra miguel mateos.zip/setup.exe Infected: Trojan-Downloader.Win32.IstBar.nn skipped
H:\Descargas\extra extra miguel mateos.zip ZIP: infected - 3 skipped
H:\Descargas\iconos gestuales animados msn.zip/setup.exe/data0001 Infected: Trojan-Downloader.Win32.IstBar.lu skipped
H:\Descargas\iconos gestuales animados msn.zip/setup.exe/data0003 Infected: Trojan-Downloader.Win32.IstBar.nn skipped
H:\Descargas\iconos gestuales animados msn.zip/setup.exe Infected: Trojan-Downloader.Win32.IstBar.nn skipped
H:\Descargas\iconos gestuales animados msn.zip ZIP: infected - 3 skipped
H:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
H:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP2\change.log Object is locked skipped

Scan process completed.

Gracias por anticipado y quedo a la espera de vuestros comentarios.
gus66