| Re: Virus (ADVERTENCIA: Si su PC esta infectada podria funcionar erraticamente...)
Bueno aqui pongo el log de Malwarebytes Anti-Malwarebytes
Malwarebytes' Anti-Malware 1.12
Versión de la Base de Datos: 753
Tipo de examen : Examen Rápido
Objetos examinados: 32490
Tiempo transcurrido: 3 minute(s), 14 second(s)
Procesos en Memoria Infectados: 0
Módulos en Memoria Infectados: 3
Claves del Registro Infectadas: 12
Valores del Registro Infectados: 3
Elementos de Datos del Registro Infectados: 2
Carpetas Infectadas: 0
Ficheros Infectados: 9
Procesos en Memoria Infectados:
(No se han detectado elementos maliciosos)
Módulos en Memoria Infectados:
C:\WINDOWS\system32\cbXOGVoO.dll (Trojan.Vundo) -> Unloaded module successfully.
C:\WINDOWS\system32\xixguhli.dll (Trojan.Vundo) -> Unloaded module successfully.
C:\WINDOWS\system32\fccDvSJa.dll (Trojan.Vundo) -> Unloaded module successfully.
Claves del Registro Infectadas:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{0aa158b7-aaf2-4351-aae1-8a0add38bcf4} (Trojan.Vundo) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{0aa158b7-aaf2-4351-aae1-8a0add38bcf4} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{14370f76-7676-44a2-ad11-93a31c5fc9fc} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{14370f76-7676-44a2-ad11-93a31c5fc9fc} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\fccdvsja (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
Valores del Registro Infectados:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\a0b249e6 (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\BMa3817a7a (Trojan.Agent) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\ShellExecuteHooks\{14370f76-7676-44a2-ad11-93a31c5fc9fc} (Trojan.Vundo) -> Delete on reboot.
Elementos de Datos del Registro Infectados:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\cbxogvoo -> Delete on reboot.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\Lsa\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\cbxogvoo -> Delete on reboot.
Carpetas Infectadas:
(No se han detectado elementos maliciosos)
Ficheros Infectados:
C:\WINDOWS\system32\cbXOGVoO.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\OoVGOXbc.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\OoVGOXbc.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fhafydpd.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dpdyfahf.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xixguhli.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\ilhugxix.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wghkgbbq.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\fccDvSJa.dll (Trojan.Vundo) -> Delete on reboot.  |