Tema: Infectado: RavMonE.exe, v.exe sys.exe y mas. No veo Archivos ocultos (Solucionado)
Ver Mensaje Individual
  post #10 (permalink)  
Antiguo 11/05/08, 02:42:05
shockman007 shockman007 está offline
Usuario
  
Registrado: sep 2006
Ubicación: Venezuela
Mensajes: 13
Re: Infectado de Virus: RavMonE.exe, v.exe sys.exe y mas. No veo Archivos ocultos!!
Cita:
Originalmente publicado por anleg_30 Ver Mensaje
Bueno realiza los pasos en modo normal y mandas los reportes que te pedi, menos el del ccleaner..ok suerte........
Hola Hermanito!

Bueno luego de horas esperando por los análisis en modo Normal y es que de veras se demora!! es por el disco que es de 250GB, y son 4 particiones, me imagino. Aqui estan los reportes (log's) de los 3 programas que me pediste:

EL PRIMERO:

Malwarebytes' Anti-Malware 1.12
Versión de la Base de Datos: 737

Tipo de examen : Examen Completo (C:\|D:\|E:\|F:\|J:\|)
Objetos examinados: 494316
Tiempo transcurrido: 1 hour(s), 36 minute(s), 1 second(s)

Procesos en Memoria Infectados: 0
Módulos en Memoria Infectados: 0
Claves del Registro Infectadas: 28
Valores del Registro Infectados: 2
Elementos de Datos del Registro Infectados: 0
Carpetas Infectadas: 9
Ficheros Infectados: 12

Procesos en Memoria Infectados:
(No se han detectado elementos maliciosos)

Módulos en Memoria Infectados:
(No se han detectado elementos maliciosos)

Claves del Registro Infectadas:
HKEY_CLASSES_ROOT\shoppingreport.iebutton (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{20ea9658-6bc3-4599-a87d-6371fe9295fc} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a16ad1e9-f69a-45af-9462-b1c286708842} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c9ccbb35-d123-4a31-affc-9b2933132116} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebutton.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbinfoband (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbinfoband.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebuttona (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebuttona.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbax (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbax.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.rprtctrl (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.rprtctrl.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{8ad9ad05-36be-4e40-ba62-5422eb0d02fb} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{aebf09e2-0c15-43c8-99bf-928c645d98a0} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d8560ac2-21b5-4c1a-bdd4-bd12bc83b082} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{cdca70d8-c6a6-49ee-9bed-7429d6c477a2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d136987f-e1c4-4ccc-a220-893df03ec5df} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{e343edfc-1e6c-4cb5-aa29-e9c922641c80} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\shoppingreport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.

Valores del Registro Infectados:
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> Quarantined and deleted successfully.

Elementos de Datos del Registro Infectados:
(No se han detectado elementos maliciosos)

Carpetas Infectadas:
C:\Documents and Settings\Administrador\Datos de programa\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrador\Datos de programa\ShoppingReport\cs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrador\Datos de programa\ShoppingReport\cs\db (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrador\Datos de programa\ShoppingReport\cs\dwld (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrador\Datos de programa\ShoppingReport\cs\report (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrador\Datos de programa\ShoppingReport\cs\res1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Archivos de programa\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Archivos de programa\ShoppingReport\Bin (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Archivos de programa\ShoppingReport\Bin\2.5.0 (Adware.Shopping.Report) -> Quarantined and deleted successfully.

Ficheros Infectados:
C:\Archivos de programa\ShoppingReport\Bin\2.5.0\ShoppingReport.d ll (Adware.Shopping.Report) -> Quarantined and deleted successfully.
E:\DESCARGAS\GAMES\Archivos de programa\Valve\Condition Zero\czero\overviews\cs_italy_cz.bmp (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\DVD KIT DE DISEÑO BY HANS\PROGRAMAS EXCELENTES DE EDICION DE WEBS!! DE LA MICROSOFT Y +\Web X5 Designer v5.7.7\Keygens\Keygen-CORE\CORE10k.EXE (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrador\Datos de programa\ShoppingReport\cs\Config.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrador\Datos de programa\ShoppingReport\cs\db\Aliases.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrador\Datos de programa\ShoppingReport\cs\db\Sites.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrador\Datos de programa\ShoppingReport\cs\dwld\WhiteList.xip (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrador\Datos de programa\ShoppingReport\cs\report\aggr_storage.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrador\Datos de programa\ShoppingReport\cs\report\send_storage.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrador\Datos de programa\ShoppingReport\cs\res1\WhiteList.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Archivos de programa\ShoppingReport\Uninst.exe (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\amvo0.dll (Trojan.Agent) -> Quarantined and deleted successfully.



El SEGUNDO:
__________________________________________________
ewido anti-spyware online scanner
http://www.ewido.net
__________________________________________________


Name: TrackingCookie.Netflame
Path: C:\Documents and Settings\Administrador\Cookies\hansell@ssl-hints.netflame[2].txt
Risk: Medium

Name: TrackingCookie.Tribalfusion
Path: :mozilla.84:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\mkm1vgnx.default \cookies.txt
Risk: Medium

Name: TrackingCookie.2o7
Path: :mozilla.99:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\mkm1vgnx.default \cookies.txt
Risk: Medium

Name: TrackingCookie.Pointroll
Path: :mozilla.100:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\mkm1vgnx.default \cookies.txt
Risk: Medium

Name: TrackingCookie.Pointroll
Path: :mozilla.101:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\mkm1vgnx.default \cookies.txt
Risk: Medium

Name: TrackingCookie.Pointroll
Path: :mozilla.102:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\mkm1vgnx.default \cookies.txt
Risk: Medium

Name: TrackingCookie.Pointroll
Path: :mozilla.103:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\mkm1vgnx.default \cookies.txt
Risk: Medium

Name: TrackingCookie.Pointroll
Path: :mozilla.104:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\mkm1vgnx.default \cookies.txt
Risk: Medium

Name: TrackingCookie.Pointroll
Path: :mozilla.105:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\mkm1vgnx.default \cookies.txt
Risk: Medium

Name: TrackingCookie.Pointroll
Path: :mozilla.106:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\mkm1vgnx.default \cookies.txt
Risk: Medium

Name: TrackingCookie.Netflame
Path: :mozilla.129:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\mkm1vgnx.default \cookies.txt
Risk: Medium

Name: TrackingCookie.Serving-sys
Path: :mozilla.130:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\mkm1vgnx.default \cookies.txt
Risk: Medium

Name: TrackingCookie.Serving-sys
Path: :mozilla.131:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\mkm1vgnx.default \cookies.txt
Risk: Medium

Name: TrackingCookie.Serving-sys
Path: :mozilla.132:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\mkm1vgnx.default \cookies.txt
Risk: Medium

Name: TrackingCookie.Serving-sys
Path: :mozilla.133:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\mkm1vgnx.default \cookies.txt
Risk: Medium

Name: TrackingCookie.Serving-sys
Path: :mozilla.134:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\mkm1vgnx.default \cookies.txt
Risk: Medium

Name: TrackingCookie.Serving-sys
Path: :mozilla.135:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\mkm1vgnx.default \cookies.txt
Risk: Medium

Name: TrackingCookie.Serving-sys
Path: :mozilla.136:C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\mkm1vgnx.default \cookies.txt
Risk: Medium

Name: Trojan.Agent.cj
Path: E:\Archivos de programa\Adobe\1.3 Photoshop + Crack y KeyGen\kgen - adobe photoshop cs3 excelente!!!! (spanish, español).rar/keygen.exe
Risk: High

Name: Backdoor.IRCBot
Path: E:\Archivos de programa\Adobe\1.4 Flash Professional\CRACK By Hans\Keygen\Keygen.exe
Risk: High

Name: Backdoor.Hupigon.kg
Path: E:\DESCARGAS\GAMES\Archivos de programa\Rockstar Games\GTA San Andreas\hlm-intro.exe
Risk: High

Name: Hijacker.Agent.aaj
Path: E:\DESCARGAS\PROGRAMAS\Bux.to_Autoclicker.zip/Bux.to Autoclicker/Bux.to Autoclicker.exe
Risk: High

Name: Dropper.Agent.beu
Path: E:\DESCARGAS\PROGRAMAS\Pack_Personalizar_PC\Pack_P ersonaliz_Pc[uspelex]\cursor Xp\Stardock Cursor XP Plus 1.31 Keygen.exe
Risk: High

Name: Hijacker.Agent.aaj
Path: E:\DESCARGAS\PROGRAMAS\SURF ADS PROGRAMAS AUTOCLIKERS\bux.to_y_getref_autoclicker_bydavit.ra r/bux.to\Bux.to Autoclicker.exe
Risk: High

Name: Backdoor.Agent.duj
Path: E:\DRIVERS VARIADOS NVIDIA\installer-48231-3-Driver-Nvidia-nForce-Audio-Spanish-Castellano.exe
Risk: High

Name: Downloader.Small
Path: E:\DVD KIT DE DISEÑO BY HANS\PROGRAMAS VARIOS\--A4-Desk\a4desk 5 45 full+multilang(2).zip/a4install.exe/InstallShield.exe
Risk: High

Name: Downloader.Small
Path: E:\DVD KIT DE DISEÑO BY HANS\PROGRAMAS VARIOS\--A4-Desk\a4desk 5 45 full+multilang(2).zip/a4install.exe/InstallShield.exe
Risk: High

Name: Downloader.Small
Path: E:\DVD KIT DE DISEÑO BY HANS\PROGRAMAS VARIOS\--A4-Desk\a4install.exe/InstallShield.exe
Risk: High

Name: Downloader.Small
Path: E:\DVD KIT DE DISEÑO BY HANS\PROGRAMAS VARIOS\--A4-Desk\a4install.exe/InstallShield.exe
Risk: High

Name: Downloader.Agent.a
Path: E:\DVD KIT DE DISEÑO BY HANS\PROGRAMAS VARIOS\Webdesign.Appz\Xara.3D.v6.0.FULL.-.DVT.rar/crack.exe
Risk: High

Name: Downloader.Agent.a
Path: E:\DVD KIT DE DISEÑO BY HANS\PROGRAMAS VARIOS\Webdesign.Appz\Xara.3D.v6.0.FULL.-.DVT.rar/deu\crack.exe
Risk: High

Name: Trojan.Agent
Path: E:\ORDENAR DE ASROCK\HJR\Mis_animaciones_3DCTACKS ADOBE.rar/Adobe All Software With Crack Direct Link November 2007\AGAiN\RoboHelp6KEYGEN+ACTIVATION.EXE
Risk: High

Name: Backdoor.IRCBot
Path: E:\ORDENAR DE ASROCK\HJR\Mis_animaciones_3DCTACKS ADOBE.rar/Adobe All Software With Crack Direct Link November 2007\CAM\DreamWeaver CS3 Keygen + Activation.exe
Risk: High

Name: Backdoor.IRCBot
Path: E:\ORDENAR DE ASROCK\HJR\Mis_animaciones_3DCTACKS ADOBE.rar/Adobe All Software With Crack Direct Link November 2007\CAM\FireWorks CS3 Keygen + Activation.exe
Risk: High

Name: Backdoor.IRCBot
Path: E:\ORDENAR DE ASROCK\HJR\Mis_animaciones_3DCTACKS ADOBE.rar/Adobe All Software With Crack Direct Link November 2007\CAM\Flash CS3 Keygen + Activation.exe
Risk: High

Name: Backdoor.IRCBot
Path: E:\ORDENAR DE ASROCK\HJR\Mis_animaciones_3DCTACKS ADOBE.rar/Adobe All Software With Crack Direct Link November 2007\CAM\PhotoShop CS3 Extended Keygen + Activation.exe
Risk: High

Name: Trojan.Agent.cj
Path: E:\ORDENAR DE ASROCK\HJR\Mis_animaciones_3DCTACKS ADOBE.rar/Adobe All Software With Crack Direct Link November 2007\OLD\Adobe All CS2 Premium Keygen.exe
Risk: High

Name: Trojan.Agent.cj
Path: E:\ORDENAR DE ASROCK\HJR\Mis_animaciones_3DCTACKS ADOBE.rar/Adobe All Software With Crack Direct Link November 2007\OLD\Adobe Audition 2.0 Keygen.exe
Risk: High

Name: Trojan.Agent.cj
Path: E:\ORDENAR DE ASROCK\HJR\Mis_animaciones_3DCTACKS ADOBE.rar/Adobe All Software With Crack Direct Link November 2007\OLD\Adobe FrameMaker 7.1 Keygen.exe
Risk: High

Name: Trojan.Agent.cj
Path: E:\ORDENAR DE ASROCK\HJR\Mis_animaciones_3DCTACKS ADOBE.rar/Adobe All Software With Crack Direct Link November 2007\SSG\Contribute CS3 Keygen VLK.exe
Risk: High

Name: Trojan.Agent.cj
Path: E:\ORDENAR DE ASROCK\HJR\Mis_animaciones_3DCTACKS ADOBE.rar/Adobe All Software With Crack Direct Link November 2007\SSG\Dreamweaver CS3 Keygen VLK.exe
Risk: High

Name: Trojan.Agent.cj
Path: E:\ORDENAR DE ASROCK\HJR\Mis_animaciones_3DCTACKS ADOBE.rar/Adobe All Software With Crack Direct Link November 2007\SSG\Fireworks CS3 Keygen VLK.exe
Risk: High

Name: Trojan.Agent.cj
Path: E:\ORDENAR DE ASROCK\HJR\Mis_animaciones_3DCTACKS ADOBE.rar/Adobe All Software With Crack Direct Link November 2007\SSG\InCopy CS3 Keygen VLK.exe
Risk: High

Name: Trojan.Agent.cj
Path: E:\ORDENAR DE ASROCK\HJR\Mis_animaciones_3DCTACKS ADOBE.rar/Adobe All Software With Crack Direct Link November 2007\SSG\InDesign CS3 Keygen VLK.exe
Risk: High

Name: Trojan.Agent.cj
Path: E:\ORDENAR DE ASROCK\HJR\Mis_animaciones_3DCTACKS ADOBE.rar/Adobe All Software With Crack Direct Link November 2007\SSG\Photoshop CS3 Extended Keygen VLK.exe
Risk: High

Name: Backdoor.IRCBot
Path: E:\ORDENAR DE ASROCK\HJR\Mis_animaciones_3DCTACKS ADOBE.rar/Adobe All Software With Crack Direct Link November 2007\ZWT\Dreamweaver CS3 Keygen + Activation ZWT.exe
Risk: High

Name: Backdoor.IRCBot
Path: E:\ORDENAR DE ASROCK\HJR\Mis_animaciones_3DCTACKS ADOBE.rar/Adobe All Software With Crack Direct Link November 2007\ZWT\Fireworks CS3 keygen + Activation ZWT.exe
Risk: High

Name: Backdoor.IRCBot
Path: E:\ORDENAR DE ASROCK\HJR\Mis_animaciones_3DCTACKS ADOBE.rar/Adobe All Software With Crack Direct Link November 2007\ZWT\Flash Pro CS3 Keygen + Activation ZWT.exe
Risk: High

Name: Backdoor.IRCBot
Path: E:\ORDENAR DE ASROCK\HJR\Mis_animaciones_3DCTACKS ADOBE.rar/Adobe All Software With Crack Direct Link November 2007\ZWT\Photoshop CS3 Extended Keygen + Activation ZWT.exe
Risk: High

Name: Backdoor.IRCBot
Path: E:\ORDENAR DE ASROCK\HJR\Mis_animaciones_3DCTACKS ADOBE.rar/Adobe All Software With Crack Direct Link November 2007\ZWT\Photoshop CS3 keygen + Activation ZWT.exe
Risk: High

Name: Backdoor.Agent.duj
Path: E:\ORDENAR DE ASROCK\PORTAFOLIO COMPUTECH\DRIVERS VARIADOS NVIDIA\installer-48231-3-Driver-Nvidia-nForce-Audio-Spanish-Castellano.exe
Risk: High

Name: Backdoor.IRCBot
Path: E:\ORDENAR DE ASROCK\RESPALDITO\RESPALDO TOTAL HANSELL\DESCARGAS NEW\EJEMPLOS\p\Suite CS3 By Hans\Flash Professional\CRACK By Hans\Keygen\Keygen.exe
Risk: High

Name: Downloader.Agent.a
Path: E:\ORDENAR DE ASROCK\RESPALDITO\RESPALDO TOTAL HANSELL\DESCARGAS NEW\POSIBLE TOL\para carlos\FUENTES\13.000.Fonts.Graffiti.Webdesign.Meg apack-BiTSOURCE\Webdesign.Appz\Xara.3D.v6.0.FULL.-.DVT.rar/crack.exe
Risk: High

Name: Downloader.Agent.a
Path: E:\ORDENAR DE ASROCK\RESPALDITO\RESPALDO TOTAL HANSELL\DESCARGAS NEW\POSIBLE TOL\para carlos\FUENTES\13.000.Fonts.Graffiti.Webdesign.Meg apack-BiTSOURCE\Webdesign.Appz\Xara.3D.v6.0.FULL.-.DVT.rar/deu\crack.exe
Risk: High

Name: Dropper.Delf.xo
Path: E:\ORDENAR DE ASROCK\RESPALDITO\RESPALDO TOTAL HANSELL\My Shared Folder\web scraper plus v5 5 1 incl keyfilemaker-embrace.zip/Web.Scraper.Plus.v5.5.1.Incl.Keyfilemaker-EMBRACE\keygen.exe
Risk: High



EL TERCERO:
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER INFORME
domingo, 11 de mayo de 2008 1:30:18
Sistema operativo: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner versión: 5.0.84.1
Ultima actualización: 10/05/2008
Registros en la base antivirus: 675205
-------------------------------------------------------------------------------

Configuración del análisis:
Analizar usando las siguientes bases: standard
Analizar archivos: verdadero
Analizar bases de correo: verdadero

Objetivo a analizar - Mi PC:
C:\
D:\
E:\
F:\
G:\
H:\
I:\

Estadísticas:
Número de objeros analizados: 477211
Virus encontrados: 22
Objetos infectados: 32 / 0
Objetos sospechosos: 3
Duración del análisis: 07:46:13

Bombre del objeto infectado / Nombre del virus / Última acción
C:\Archivos de programa\Eset\cache\CACHE.NDB Object is locked saltado
C:\Archivos de programa\Eset\infected\2FR5S1DA.NQF Infectados: Trojan-Spy.Win32.Delf.bhy saltado
C:\Archivos de programa\Eset\infected\2G0OW3DA.NQF Infectados: Trojan.Win32.Delf.aeb saltado
C:\Archivos de programa\Eset\infected\5DBI4SAA.NQF Infectados: Worm.Win32.RJump.a saltado
C:\Archivos de programa\Eset\infected\E1HXMZAA.NQF Infectados: Worm.Win32.VB.el saltado
C:\Archivos de programa\Eset\infected\GVIO4MAA.NQF Infectados: Worm.Win32.AutoRun.dpm saltado
C:\Archivos de programa\Eset\infected\MR41JXBA.NQF Infectados: Worm.Win32.AutoRun.bpc saltado
C:\Archivos de programa\Eset\infected\NNP0AVCA.NQF Infectados: Trojan-PSW.Win32.OnLineGames.ros saltado
C:\Archivos de programa\Eset\infected\SAO2TWAA.NQF Infectados: P2P-Worm.Win32.Kapucen.ac saltado
C:\Archivos de programa\Eset\infected\WEIWX4AA.NQF Infectados: Trojan-PSW.Win32.OnLineGames.rbj saltado
C:\Archivos de programa\Eset\infected\WQ4F04DA.NQF Infectados: Trojan-PSW.Win32.OnLineGames.scx saltado
C:\Archivos de programa\Eset\infected\XFHOBOBA.NQF Infectados: Trojan-PSW.Win32.OnLineGames.rke saltado
C:\Archivos de programa\Eset\logs\virlog.dat Object is locked saltado
C:\Archivos de programa\Eset\logs\warnlog.dat Object is locked saltado
C:\autorun.inf\lpt3.This folder was created by Flash_Disinfector Object is locked saltado
C:\Documents and Settings\Administrador\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat Object is locked saltado
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked saltado
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked saltado
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Mozilla\Firefox\Profiles\mkm1vgnx.default \Cache\_CACHE_001_ Object is locked saltado
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Mozilla\Firefox\Profiles\mkm1vgnx.default \Cache\_CACHE_002_ Object is locked saltado
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Mozilla\Firefox\Profiles\mkm1vgnx.default \Cache\_CACHE_003_ Object is locked saltado
C:\Documents and Settings\Administrador\Configuración local\Datos de programa\Mozilla\Firefox\Profiles\mkm1vgnx.default \Cache\_CACHE_MAP_ Object is locked saltado
C:\Documents and Settings\Administrador\Configuración local\Historial\History.IE5\index.dat Object is locked saltado
C:\Documents and Settings\Administrador\Configuración local\Historial\History.IE5\MSHist0120080510200805 11\index.dat Object is locked saltado
C:\Documents and Settings\Administrador\Configuración local\Temp\help.exe Infectados: Trojan-PSW.Win32.OnLineGames.aebn saltado
C:\Documents and Settings\Administrador\Configuración local\Temp\Perflib_Perfdata_f50.dat Object is locked saltado
C:\Documents and Settings\Administrador\Configuración local\Temp\tru6FC.tmp Infectados: Trojan-PSW.Win32.OnLineGames.adty saltado
C:\Documents and Settings\Administrador\Configuración local\Temp\~DF302E.tmp Object is locked saltado
C:\Documents and Settings\Administrador\Cookies\index.dat Object is locked saltado
C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\mkm1vgnx.default \cert8.db Object is locked saltado
C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\mkm1vgnx.default \extensions\{FCAB6FDD-5585-425b-95C1-5ED856F3FD08}\components\nsCatcher.dll Infectados: Trojan-PSW.Win32.LdPinch.tso saltado
C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\mkm1vgnx.default \formhistory.dat Object is locked saltado
C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\mkm1vgnx.default \history.dat Object is locked saltado
C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\mkm1vgnx.default \key3.db Object is locked saltado
C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\mkm1vgnx.default \parent.lock Object is locked saltado
C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\mkm1vgnx.default \search.sqlite Object is locked saltado
C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles\mkm1vgnx.default \urlclassifier2.sqlite Object is locked saltado
C:\Documents and Settings\Administrador\Datos de programa\SUPERAntiSpyware.com\SUPERAntiSpyware\App Logs\SUPERANTISPYWARE-5-10-2008( 4-16-30 ).LOG Object is locked saltado
C:\Documents and Settings\Administrador\NTUSER.DAT Object is locked saltado
C:\Documents and Settings\Administrador\NTUSER.DAT.LOG Object is locked saltado
C:\Documents and Settings\LocalService\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat Object is locked saltado
C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked saltado
C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked saltado
C:\Documents and Settings\LocalService\Configuración local\Historial\History.IE5\index.dat Object is locked saltado
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked saltado
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked saltado
C:\Documents and Settings\LocalService\NTUSER.DAT.LOG Object is locked saltado
C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked saltado
C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked saltado
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked saltado
C:\Documents and Settings\NetworkService\NTUSER.DAT.LOG Object is locked saltado
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked saltado
C:\WINDOWS\Debug\PASSWD.LOG Object is locked saltado
C:\WINDOWS\SchedLgU.Txt Object is locked saltado
C:\WINDOWS\SoftwareDistribution\ReportingEvents.lo g Object is locked saltado
C:\WINDOWS\Sti_Trace.log Object is locked saltado
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked saltado
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked saltado
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked saltado
C:\WINDOWS\system32\config\default Object is locked saltado
C:\WINDOWS\system32\config\default.LOG Object is locked saltado
C:\WINDOWS\system32\config\SAM Object is locked saltado
C:\WINDOWS\system32\config\SAM.LOG Object is locked saltado
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked saltado
C:\WINDOWS\system32\config\SECURITY Object is locked saltado
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked saltado
C:\WINDOWS\system32\config\software Object is locked saltado
C:\WINDOWS\system32\config\software.LOG Object is locked saltado
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked saltado
C:\WINDOWS\system32\config\system Object is locked saltado
C:\WINDOWS\system32\config\system.LOG Object is locked saltado
C:\WINDOWS\system32\drivers\sptd.sys Object is locked saltado
C:\WINDOWS\system32\h323log.txt Object is locked saltado
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked saltado
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked saltado
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked saltado
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MA P Object is locked saltado
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MA P Object is locked saltado
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DAT A Object is locked saltado
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked saltado
C:\WINDOWS\wiadebug.log Object is locked saltado
C:\WINDOWS\wiaservc.log Object is locked saltado
C:\WINDOWS\WindowsUpdate.log Object is locked saltado
D:\autorun.inf\lpt3.This folder was created by Flash_Disinfector Object is locked saltado
D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked saltado
E:\Archivos de programa\DESCARGAS DE ARES\saint enterprise crack.rar/setup.exe Infectados: P2P-Worm.Win32.Kapucen.b saltado
E:\Archivos de programa\DESCARGAS DE ARES\saint enterprise crack.rar RAR: infectado - 1 saltado
E:\Archivos de programa\JavaScript Vault\scripts\crazy-window.htm Infectados: not-virus:BadJoke.JS.RJump saltado
E:\Archivos de programa\JavaScript Vault\scripts\matrix.htm Infectados: Trojan.JS.Tsumi.b saltado
E:\autorun.inf\lpt3.This folder was created by Flash_Disinfector Object is locked saltado
E:\DESCARGAS\GoldenEye\Golden_Eye_4.50.rar/Golden Eye 4.50/gesetup.exe/file23 Infectados: Trojan.Win32.Hooker.j saltado
E:\DESCARGAS\GoldenEye\Golden_Eye_4.50.rar/Golden Eye 4.50/gesetup.exe Infectados: Trojan.Win32.Hooker.j saltado
E:\DESCARGAS\GoldenEye\Golden_Eye_4.50.rar RAR: infectado - 2 saltado
E:\DVD KIT DE DISEÑO BY HANS\PROGRAMAS VARIOS\Monica 8 -Sistema administrativo para negocios.rar/Monica_8.00_(Español).iso/Crack/GenerarClave01B.exe Infectados: Backdoor.Win32.Rbot.ifu saltado
E:\DVD KIT DE DISEÑO BY HANS\PROGRAMAS VARIOS\Monica 8 -Sistema administrativo para negocios.rar/Monica_8.00_(Español).iso Infectados: Backdoor.Win32.Rbot.ifu saltado
E:\DVD KIT DE DISEÑO BY HANS\PROGRAMAS VARIOS\Monica 8 -Sistema administrativo para negocios.rar RAR: infectado - 2 saltado
E:\DVD KIT DE DISEÑO BY HANS\PROGRAMAS VARIOS\PAQUETE DE XARATeUXara.rar/TeUXara_by_Maxl/TeU_Xara_by_Maxl.exe/AutoPlay/Docs/Xara 3D/Fix.exe Infectados: Backdoor.Win32.Rbot.pbc saltado
E:\DVD KIT DE DISEÑO BY HANS\PROGRAMAS VARIOS\PAQUETE DE XARATeUXara.rar/TeUXara_by_Maxl/TeU_Xara_by_Maxl.exe Infectados: Backdoor.Win32.Rbot.pbc saltado
E:\DVD KIT DE DISEÑO BY HANS\PROGRAMAS VARIOS\PAQUETE DE XARATeUXara.rar RAR: infectado - 2 saltado
E:\ORDENAR DE ASROCK\RESPALDITO\RESPALDO TOTAL HANSELL\DESCARGAS NEW\Hans DESCARGADO CIBER\My Shared Folder\all to all ( mp3, ogg, wma 8, wav) converter+crack.exe/Audio_Conversion_Wizard_Crack.zip/acw.exe Sospechosos: Packed.Win32.PePatch.dk saltado
E:\ORDENAR DE ASROCK\RESPALDITO\RESPALDO TOTAL HANSELL\DESCARGAS NEW\Hans DESCARGADO CIBER\My Shared Folder\all to all ( mp3, ogg, wma 8, wav) converter+crack.exe/Audio_Conversion_Wizard_Crack.zip Sospechosos: Packed.Win32.PePatch.dk saltado
E:\ORDENAR DE ASROCK\RESPALDITO\RESPALDO TOTAL HANSELL\DESCARGAS NEW\Hans DESCARGADO CIBER\My Shared Folder\all to all ( mp3, ogg, wma 8, wav) converter+crack.exe ZIP: sospechoso - 2 saltado
E:\ORDENAR DE ASROCK\RESPALDITO\RESPALDO TOTAL HANSELL\DESCARGAS NEW\POSIBLE TOL\para carlos\PAQUETE DE XARATeUXara.rar/TeUXara_by_Maxl/TeU_Xara_by_Maxl.exe/AutoPlay/Docs/Xara 3D/Fix.exe Infectados: Backdoor.Win32.Rbot.pbc saltado
E:\ORDENAR DE ASROCK\RESPALDITO\RESPALDO TOTAL HANSELL\DESCARGAS NEW\POSIBLE TOL\para carlos\PAQUETE DE XARATeUXara.rar/TeUXara_by_Maxl/TeU_Xara_by_Maxl.exe Infectados: Backdoor.Win32.Rbot.pbc saltado
E:\ORDENAR DE ASROCK\RESPALDITO\RESPALDO TOTAL HANSELL\DESCARGAS NEW\POSIBLE TOL\para carlos\PAQUETE DE XARATeUXara.rar RAR: infectado - 2 saltado
E:\ORDENAR DE ASROCK\RESPALDITO\RESPALDO TOTAL HANSELL\My Shared Folder\proclarity web professional v6 3 129 200-dvt.rar/ProClarity.Web.Professional.v6.3.129.200-DVT/Setup/PROCLARITYCTRLS.EXE Infectados: Trojan-Dropper.Win32.Delf.xo saltado
E:\ORDENAR DE ASROCK\RESPALDITO\RESPALDO TOTAL HANSELL\My Shared Folder\proclarity web professional v6 3 129 200-dvt.rar RAR: infectado - 1 saltado
E:\System Volume Information\MountPointManagerRemoteDatabase Object is locked saltado
F:\autorun.inf\lpt3.This folder was created by Flash_Disinfector Object is locked saltado
F:\System Volume Information\Desktop.ini Object is locked saltado
F:\System Volume Information\Folder.htt Object is locked saltado
F:\System Volume Information\MountPointManagerRemoteDatabase Object is locked saltado
F:\System Volume Information\protect.chinese hong kong Object is locked saltado
F:\System Volume Information\protect.chinese simplified Object is locked saltado
F:\System Volume Information\protect.chinese traditional Object is locked saltado
F:\System Volume Information\protect.czech Object is locked saltado
F:\System Volume Information\protect.danish Object is locked saltado
F:\System Volume Information\protect.dutch Object is locked saltado
F:\System Volume Information\Protect.ed Object is locked saltado
F:\System Volume Information\protect.english Object is locked saltado
F:\System Volume Information\protect.finnish Object is locked saltado
F:\System Volume Information\protect.french Object is locked saltado
F:\System Volume Information\protect.german Object is locked saltado
F:\System Volume Information\protect.greek Object is locked saltado
F:\System Volume Information\protect.hebrew Object is locked saltado
F:\System Volume Information\protect.hungarian Object is locked saltado
F:\System Volume Information\protect.italian Object is locked saltado
F:\System Volume Information\protect.japanese Object is locked saltado
F:\System Volume Information\protect.korean Object is locked saltado
F:\System Volume Information\protect.norwegian Object is locked saltado
F:\System Volume Information\protect.polish Object is locked saltado
F:\System Volume Information\protect.portuguese Object is locked saltado
F:\System Volume Information\protect.portuguese brazilian Object is locked saltado
F:\System Volume Information\protect.russian Object is locked saltado
F:\System Volume Information\protect.spanish Object is locked saltado
F:\System Volume Information\protect.swedish Object is locked saltado
F:\System Volume Information\protect.turkish Object is locked saltado

Análisis completado.


Le Agradezco su atención!!! Son Grandes!
Responder Con Cita