Foro de Spyware - Ver Mensaje Individual - como elimino trojano y virus win32

Tema: como elimino trojano y virus win32

Ver Mensaje Individual

post #1 (permalink)

01/05/08, 17:05:46

poloza

Usuario

Registrado: abr 2008

Ubicación: bs as

Mensajes: 3

como elimino trojano y virus win32

hola aca esta el log de KASPERSKY ONLINE y de SUPERAntiSpyware como me indico un compañero que hiciera, ahora necesitaria que me guien para eliminarlo
el trojan downloader agent y el virus win32 creo que es lo q aun no se pudo eliminar! graaaacia. (el sonido esta infectado y no me funciona..)

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 04/29/2008 at 11:36 PM

Application Version : 4.0.1154

Core Rules Database Version : 3450
Trace Rules Database Version: 1442

Scan type : Quick Scan
Total Scan Time : 00:03:40

Memory items scanned : 367
Memory threats detected : 0
Registry items scanned : 296
Registry threats detected : 0
File items scanned : 3931
File threats detected : 95

Adware.Tracking Cookie
C:\Documents and Settings\POL\Cookies\pol@questionmarket[2].txt
C:\Documents and Settings\POL\Cookies\pol@m1.webstats.motigo[2].txt
C:\Documents and Settings\POL\Cookies\pol@www.galeriaspornoxxx[2].txt
C:\Documents and Settings\POL\Cookies\pol@ads.e-planning[1].txt
C:\Documents and Settings\POL\Cookies\pol@weborama[1].txt
C:\Documents and Settings\POL\Cookies\pol@adtech[1].txt
C:\Documents and Settings\POL\Cookies\pol@mtv-esp[1].txt
C:\Documents and Settings\POL\Cookies\pol@atdmt[2].txt
C:\Documents and Settings\POL\Cookies\pol@cjultra21[2].txt
C:\Documents and Settings\POL\Cookies\pol@banner.32vegas[1].txt
C:\Documents and Settings\POL\Cookies\pol@www.bluporn[1].txt
C:\Documents and Settings\POL\Cookies\pol@iberporno[2].txt
C:\Documents and Settings\POL\Cookies\pol@account.fotolog[1].txt
C:\Documents and Settings\POL\Cookies\pol@winreanimator[2].txt
C:\Documents and Settings\POL\Cookies\pol@adservingml[1].txt
C:\Documents and Settings\POL\Cookies\pol@microsoftwlsearchcrm.112. 2o7[1].txt
C:\Documents and Settings\POL\Cookies\pol@serving-sys[2].txt
C:\Documents and Settings\POL\Cookies\pol@bs.serving-sys[2].txt
C:\Documents and Settings\POL\Cookies\pol@adbrite[1].txt
C:\Documents and Settings\POL\Cookies\pol@cgi-bin[1].txt
C:\Documents and Settings\POL\Cookies\pol@sexlist[1].txt
C:\Documents and Settings\POL\Cookies\pol@oas.adservingml[1].txt
C:\Documents and Settings\POL\Cookies\pol@peterpaulxxx[1].txt
C:\Documents and Settings\POL\Cookies\pol@ads.adgoto[1].txt
C:\Documents and Settings\POL\Cookies\pol@exoclick[2].txt
C:\Documents and Settings\POL\Cookies\pol@1066493726[2].txt
C:\Documents and Settings\POL\Cookies\pol@load[2].txt
C:\Documents and Settings\POL\Cookies\pol@ads.us.e-planning[2].txt
C:\Documents and Settings\POL\Cookies\pol@statcounter[2].txt
C:\Documents and Settings\POL\Cookies\pol@AdRotator[2].txt
C:\Documents and Settings\POL\Cookies\pol@image.masterstats[1].txt
C:\Documents and Settings\POL\Cookies\pol@1071565987[1].txt
C:\Documents and Settings\POL\Cookies\pol@media.adrevolver[2].txt
C:\Documents and Settings\POL\Cookies\pol@adultadworld[1].txt
C:\Documents and Settings\POL\Cookies\pol@2o7[1].txt
C:\Documents and Settings\POL\Cookies\pol@ubbi.sexyono[1].txt
C:\Documents and Settings\POL\Cookies\pol@videospornoxxxsms[1].txt
C:\Documents and Settings\POL\Cookies\pol@porndirt[1].txt
C:\Documents and Settings\POL\Cookies\pol@eas.apm.emediate[1].txt
C:\Documents and Settings\POL\Cookies\pol@bluporn[1].txt
C:\Documents and Settings\POL\Cookies\pol@bravenet[1].txt
C:\Documents and Settings\POL\Cookies\pol@apmebf[1].txt
C:\Documents and Settings\POL\Cookies\pol@st[2].txt
C:\Documents and Settings\POL\Cookies\pol@cgi-bin[4].txt
C:\Documents and Settings\POL\Cookies\pol@tacoda[1].txt
C:\Documents and Settings\POL\Cookies\pol@adultfriendfinder[2].txt
C:\Documents and Settings\POL\Cookies\pol@mediaplex[1].txt
C:\Documents and Settings\POL\Cookies\pol@ds.clickexperts[1].txt
C:\Documents and Settings\POL\Cookies\pol@advertising[1].txt
C:\Documents and Settings\POL\Cookies\pol@atwola[2].txt
C:\Documents and Settings\POL\Cookies\pol@casalemedia[1].txt
C:\Documents and Settings\POL\Cookies\pol@msnportal.112.2o7[1].txt
C:\Documents and Settings\POL\Cookies\pol@1070847646[1].txt
C:\Documents and Settings\POL\Cookies\pol@fastclick[1].txt
C:\Documents and Settings\POL\Cookies\pol@tribalfusion[1].txt
C:\Documents and Settings\POL\Cookies\pol@server.cpmstar[2].txt
C:\Documents and Settings\POL\Cookies\pol@nickelodeon[1].txt
C:\Documents and Settings\POL\Cookies\pol@adopt.specificclick[1].txt
C:\Documents and Settings\POL\Cookies\pol@zedo[1].txt
C:\Documents and Settings\POL\Cookies\pol@tradedoubler[1].txt
C:\Documents and Settings\POL\Cookies\pol@sexobot[1].txt
C:\Documents and Settings\POL\Cookies\pol@tbslatinamerica.112.2o7[1].txt
C:\Documents and Settings\POL\Cookies\pol@cgi-bin[3].txt
C:\Documents and Settings\POL\Cookies\pol@overture[1].txt
C:\Documents and Settings\POL\Cookies\pol@www.porno234[2].txt
C:\Documents and Settings\POL\Cookies\pol@banners2.chollonet[2].txt
C:\Documents and Settings\POL\Cookies\pol@ad1.trucoteca[2].txt
C:\Documents and Settings\POL\Cookies\pol@specificclick[1].txt
C:\Documents and Settings\POL\Cookies\pol@partner2profit[1].txt
C:\Documents and Settings\POL\Cookies\pol@ads.cdcovered[1].txt
C:\Documents and Settings\POL\Cookies\pol@ad.abum[2].txt
C:\Documents and Settings\POL\Cookies\pol@1057657856[1].txt
C:\Documents and Settings\POL\Cookies\pol@ad.yieldmanager[1].txt
C:\Documents and Settings\POL\Cookies\pol@adrevolver[3].txt
C:\Documents and Settings\POL\Cookies\pol@www.sexo19[2].txt
C:\Documents and Settings\POL\Cookies\pol@xiti[1].txt
C:\Documents and Settings\POL\Cookies\pol@doubleclick[2].txt
C:\Documents and Settings\POL\Cookies\pol@ads.adbrite[1].txt
C:\Documents and Settings\POL\Cookies\pol@ads.cartoonnetwork[1].txt
C:\Documents and Settings\POL\Cookies\pol@1061141155[1].txt
C:\Documents and Settings\POL\Cookies\pol@www.sexobot[1].txt
C:\Documents and Settings\POL\Cookies\pol@ads.3dgames.com[1].txt
C:\Documents and Settings\POL\Cookies\pol@1071308306[1].txt
C:\Documents and Settings\POL\Cookies\pol@www.el-sexo[2].txt
C:\Documents and Settings\POL\Cookies\pol@cgi-bin[2].txt
C:\Documents and Settings\POL\Cookies\pol@adrevolver[2].txt
C:\Documents and Settings\POL\Cookies\pol@ads.linkara[1].txt
C:\Documents and Settings\POL\Cookies\pol@ads.daleclick.com[1].txt

Trojan.Downloader-Gen/BossDoggy
C:\DOCUMENTS AND SETTINGS\POL\CONFIGURACIóN LOCAL\TEMPMBROIT.EXE

Trojan.Downloader-FuP/TMP
C:\CE.TMP
C:\CF.TMP

Trojan.Downloader-Gen
C:\WINDOWS\SYSTEM32\BRAVIAX.EXE

Trojan.Unclassified/User32DAT
C:\WINDOWS\SYSTEM32\UNIVRS32.DAT

Trojan.Unclassified/Users32
C:\WINDOWS\SYSTEM32\USERS32.DAT

Trojan.SoftCashier-Installer/A
C:\WINDOWS\SYSTEM32\WINIVSTR.EXE

KASPERSKY ONLINE SCANNER INFORME:

Estadísticas
Número de objeros analizados 65196
Virus encontrados 1
Objetos infectados 1 / 0
Objetos sospechosos 0
Duración del análisis 01:32:16

Bombre del objeto infectado Nombre del virus Última acción
C:\Archivos de programa\Microsoft Office\Office10\Macros\EUROTOOL.XLA Object is locked saltado
C:\Documents and Settings\All Users\Datos de programa\Grisoft\Avg7Data\avg7log.log Object is locked saltado
C:\Documents and Settings\All Users\Datos de programa\Grisoft\Avg7Data\avg7log.log.lck Object is locked saltado
C:\Documents and Settings\All Users\Datos de programa\Microsoft\Network\Downloader\qmgr0.dat Object is locked saltado
C:\Documents and Settings\All Users\Datos de programa\Microsoft\Network\Downloader\qmgr1.dat Object is locked saltado
C:\Documents and Settings\LocalService\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat Object is locked saltado
C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked saltado
C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked saltado
C:\Documents and Settings\LocalService\Configuración local\Historial\History.IE5\index.dat Object is locked saltado
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked saltado
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked saltado
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked saltado
C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked saltado
C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked saltado
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked saltado
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked saltado
C:\Documents and Settings\POL\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat Object is locked saltado
C:\Documents and Settings\POL\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked saltado
C:\Documents and Settings\POL\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked saltado
C:\Documents and Settings\POL\Configuración local\Historial\History.IE5\index.dat Object is locked saltado
C:\Documents and Settings\POL\Configuración local\Historial\History.IE5\MSHist0120080430200805 01\index.dat Object is locked saltado
C:\Documents and Settings\POL\Configuración local\Temp\AVPCE9.tmp Object is locked saltado
C:\Documents and Settings\POL\Configuración local\Temp\AVPCEA.tmp Object is locked saltado
C:\Documents and Settings\POL\Configuración local\Temp\mtf11.tmp Object is locked saltado
C:\Documents and Settings\POL\Configuración local\Temp\mtfE.tmp Object is locked saltado
C:\Documents and Settings\POL\Configuración local\Temp\mtfF.tmp Object is locked saltado
C:\Documents and Settings\POL\Configuración local\Temp\~DF8B73.tmp Object is locked saltado
C:\Documents and Settings\POL\Configuración local\Temp\~DFAEA3.tmp Object is locked saltado
C:\Documents and Settings\POL\Cookies\index.dat Object is locked saltado
C:\Documents and Settings\POL\Datos de programa\CD-LabelPrint\1.0\ImageCache.ic Object is locked saltado
C:\Documents and Settings\POL\Datos de programa\SUPERAntiSpyware.com\SUPERAntiSpyware\App Logs\SUPERANTISPYWARE-4-30-2008( 19-22-5 ).LOG Object is locked saltado
C:\Documents and Settings\POL\Mis documentos\jue\0 PEDIDOS.xls Object is locked saltado
C:\Documents and Settings\POL\NTUSER.DAT Object is locked saltado
C:\Documents and Settings\POL\ntuser.dat.LOG Object is locked saltado
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked saltado
C:\System Volume Information\_restore{1C7F684B-DD03-46F6-8FEC-BF866EBF09A5}\RP102\A0015030.exe Object is locked saltado
C:\System Volume Information\_restore{1C7F684B-DD03-46F6-8FEC-BF866EBF09A5}\RP102\A0015031.exe Infectados: not-virus:Hoax.Win32.Renos.bvz saltado
C:\System Volume Information\_restore{1C7F684B-DD03-46F6-8FEC-BF866EBF09A5}\RP102\A0017386.exe Object is locked saltado
C:\System Volume Information\_restore{1C7F684B-DD03-46F6-8FEC-BF866EBF09A5}\RP102\A0017387.exe Object is locked saltado
C:\System Volume Information\_restore{1C7F684B-DD03-46F6-8FEC-BF866EBF09A5}\RP102\A0017388.exe Object is locked saltado
C:\System Volume Information\_restore{1C7F684B-DD03-46F6-8FEC-BF866EBF09A5}\RP102\A0017389.exe Object is locked saltado
C:\System Volume Information\_restore{1C7F684B-DD03-46F6-8FEC-BF866EBF09A5}\RP102\A0017390.exe Object is locked saltado
C:\System Volume Information\_restore{1C7F684B-DD03-46F6-8FEC-BF866EBF09A5}\RP102\A0017391.exe Object is locked saltado
C:\System Volume Information\_restore{1C7F684B-DD03-46F6-8FEC-BF866EBF09A5}\RP102\A0017392.exe Object is locked saltado
C:\System Volume Information\_restore{1C7F684B-DD03-46F6-8FEC-BF866EBF09A5}\RP102\change.log Object is locked saltado
C:\WINDOWS\Debug\PASSWD.LOG Object is locked saltado
C:\WINDOWS\SchedLgU.Txt Object is locked saltado
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked saltado
C:\WINDOWS\system32\config\default Object is locked saltado
C:\WINDOWS\system32\config\default.LOG Object is locked saltado
C:\WINDOWS\system32\config\SAM Object is locked saltado
C:\WINDOWS\system32\config\SAM.LOG Object is locked saltado
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked saltado
C:\WINDOWS\system32\config\SECURITY Object is locked saltado
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked saltado
C:\WINDOWS\system32\config\software Object is locked saltado
C:\WINDOWS\system32\config\software.LOG Object is locked saltado
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked saltado
C:\WINDOWS\system32\config\system Object is locked saltado
C:\WINDOWS\system32\config\system.LOG Object is locked saltado
C:\WINDOWS\system32\h323log.txt Object is locked saltado
C:\WINDOWS\system32\spool\PRINTERS\FP00010.SHD Object is locked saltado
C:\WINDOWS\system32\spool\PRINTERS\FP00010.SPL Object is locked saltado
C:\WINDOWS\system32\spool\PRINTERS\FP00018.SHD Object is locked saltado
C:\WINDOWS\system32\spool\PRINTERS\FP00019.SHD Object is locked saltado
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked saltado
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked saltado
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked saltado
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MA P Object is locked saltado
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MA P Object is locked saltado
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DAT A Object is locked saltado
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked saltado
C:\WINDOWS\Temp\SPL2D74.tmp Object is locked saltado
C:\WINDOWS\TempFile Object is locked saltado
E:\System Volume Information\MountPointManagerRemoteDatabase Object is locked saltado
Análisis completado.