Ante todo, gracias thecat_re por tu ayuda. He seguido los pasos que me has indicado y he obtenido los siguientes reportes:
Con Navipromo:
Código:
Search Navipromo version 3.5.5 began on 29/04/2008 at 15:12:33,15
!!! Warning, this report may include legitimate files/programs !!!
!!! Post this report on the forum you are being helped !!!
!!! Don't continue with removal unless instructed by an authorized helper !!!
Fix running from C:\Archivos de programa\navilog1
Actual User Account : "HP_Propietario"
Updated on 27.04.2008 at 10h00 by IL-MAFIOSO
Microsoft Windows XP [Versi¢n 5.1.2600]
Version Internet Explorer : 7.0.5730.11
Filesystem type : NTFS
Done in safe mode
*** Search folders in "C:\WINDOWS" ***
*** Search folders in "C:\Archivos de programa" ***
*** Search folders in "c:\docume~1\alluse~1\datosd~1" ***
*** Search folders in "c:\docume~1\alluse~1\menini~1\progra~1" ***
*** Search folders in "C:\Documents and Settings\HP_Propietario\datosd~1" ***
*** Search folders in "C:\DOCUME~1\ADMINI~1\datosd~1" ***
*** Search folders in "C:\DOCUME~1\ADMINI~1.COM\datosd~1" ***
*** Search folders in "C:\DOCUME~1\EMULE_~1\datosd~1" ***
*** Search folders in "C:\Documents and Settings\HP_Propietario\config~1\datosd~1" ***
*** Search folders in "C:\DOCUME~1\ADMINI~1\config~1\datosd~1" ***
*** Search folders in "C:\DOCUME~1\ADMINI~1.COM\config~1\datosd~1" ***
*** Search folders in "C:\DOCUME~1\EMULE_~1\config~1\datosd~1" ***
*** Search folders in "C:\Documents and Settings\HP_Propietario\menini~1\progra~1" ***
*** Search folders in "C:\DOCUME~1\ADMINI~1\menini~1\progra~1" ***
*** Search folders in "C:\DOCUME~1\ADMINI~1.COM\menini~1\progra~1" ***
*** Search folders in "C:\DOCUME~1\EMULE_~1\menini~1\progra~1" ***
*** Search with Catchme-rootkit/stealth malware detector by gmer ***
for more info : http://www.gmer.net
No file found
*** Search with GenericNaviSearch ***
!!! Possibility of legitimate files in the result !!!
!!! Must always be checked before manually deleting !!!
* Scan in "C:\WINDOWS\system32" *
* Scan in "C:\Documents and Settings\HP_Propietario\config~1\datosd~1" *
Files found :
omuywn.exe found !
omuywn.dat found !
omuywn_nav.dat found !
omuywn_navps.dat found !
* Scan in "C:\DOCUME~1\ADMINI~1\config~1\datosd~1" *
* Scan in "C:\DOCUME~1\ADMINI~1.COM\config~1\datosd~1" *
* Scan in "C:\DOCUME~1\EMULE_~1\config~1\datosd~1" *
*** Search files ***
C:\WINDOWS\system32\nvs2.inf found !
*** Search specific Registry keys ***
HKEY_CURRENT_USER\Software\Lanconfig found !
*** Complementary Search ***
(Search specific files)
1)Search new Instant Access files :
2)Heuristic Search :
* In "C:\WINDOWS\system32" :
* In "C:\Documents and Settings\HP_Propietario\config~1\datosd~1" :
omuywn.dat found !
omuywn_nav.dat found !
omuywn_navps.dat found !
* In "C:\DOCUME~1\ADMINI~1\config~1\datosd~1" :
* In "C:\DOCUME~1\ADMINI~1.COM\config~1\datosd~1" :
* In "C:\DOCUME~1\EMULE_~1\config~1\datosd~1" :
3)Certificates Search :
Egroup certificate found !
Electronic-Group certificate found !
OOO-Favorit certificate found !
Sunny-Day-Design-Ltd certificate not found !
4)Search known files :
*** Search completed on 29/04/2008 at 15:27:40,31 ***
Con Panda ActiveScan:
Código:
;***********************************************************************************************************************************************************************************
ANALYSIS: 2008-04-29 17:41:41
PROTECTIONS: 1
MALWARE: 12
SUSPECTS: 1
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
ESET NOD32 antivirus system 2.70 2.70 Yes Yes
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00101555 Application/KillApp.B HackTools No 0 Yes No C:\hp\bin\KillIt.exe
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\HP_Propietario\Datos de programa\Mozilla\Firefox\Profiles\famr3axg.default\cookies.txt[.doubleclick.net/]
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\HP_Propietario\Datos de programa\Mozilla\Firefox\Profiles\famr3axg.default\cookies.txt[.atdmt.com/]
00139535 Application/Processor HackTools No 0 Yes No C:\System Volume Information\_restore{F44B14ED-EFC2-4057-8E38-87DE15D8F89A}\RP66\A0018533.exe
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\HP_Propietario\Datos de programa\Mozilla\Firefox\Profiles\famr3axg.default\cookies.txt[.tradedoubler.com/]
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\HP_Propietario\Datos de programa\Mozilla\Firefox\Profiles\famr3axg.default\cookies.txt[.tradedoubler.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\HP_Propietario\Datos de programa\Mozilla\Firefox\Profiles\famr3axg.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\HP_Propietario\Datos de programa\Mozilla\Firefox\Profiles\famr3axg.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\HP_Propietario\Datos de programa\Mozilla\Firefox\Profiles\famr3axg.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\HP_Propietario\Datos de programa\Mozilla\Firefox\Profiles\famr3axg.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\HP_Propietario\Datos de programa\Mozilla\Firefox\Profiles\famr3axg.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\HP_Propietario\Datos de programa\Mozilla\Firefox\Profiles\famr3axg.default\cookies.txt[.serving-sys.com/]
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\HP_Propietario\Datos de programa\Mozilla\Firefox\Profiles\famr3axg.default\cookies.txt[.bs.serving-sys.com/]
02197130 Trj/Rebooter.J Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{F44B14ED-EFC2-4057-8E38-87DE15D8F89A}\RP66\A0018527.exe
02388619 Application/Webmediaplayer HackTools No 0 Yes No C:\System Volume Information\_restore{F44B14ED-EFC2-4057-8E38-87DE15D8F89A}\RP65\A0018394.exe
02893196 W32/P2PShared.C.worm Virus/Worm No 1 No No C:\Tostadora\Programas\Microsoft Office Home And Student Edition 2007 Full Versions With Working Activation Key.rar[Setup + Patch.exe]
02899228 W32/P2PShared.C.worm Virus/Worm No 1 Yes No C:\Tostadora\Programas\Microsoft Office Home And Student Edition 2007 Full Versions With Working Activation Key.rar
02919709 Generic Trojan Virus/Trojan No 0 Yes No C:\Archivos de programa\ABBYY FineReader 9.0\FineReader.exe
;===================================================================================================================================================================================
SUSPECTS
Sent Location ]
;===================================================================================================================================================================================
No C:\Archivos de programa\SpyBro\nospylauncher.exe ]
;===================================================================================================================================================================================
VULNERABILITIES
Id Severity Description ]
;===================================================================================================================================================================================
;===================================================================================================================================================================================
Espero impaciente tu ayuda sobre el tema.
Un saludo.