Foro de Spyware - Ver Mensaje Individual - Archivo .DLL está infectado con aplicación Win32/Toolbar.MyWebSearch. (Solucionado)

Tema: Archivo .DLL está infectado con aplicación Win32/Toolbar.MyWebSearch. (Solucionado)

Ver Mensaje Individual

post #5 (permalink)

17/05/08, 00:39:32

agor_exs

Usuario

Registrado: ene 2006

Ubicación: chile

Mensajes: 4

Re: Archivo .DLL está infectado con aplicación Win32/Toolbar.MyWebSearch.

Hola, gracias por responder, te cuento;

al realizar los pasos mencionados creo que se soluciono a medias, ya que al pasar nuevamente el Nod32, ya no arroja la infeccion (la que trataba el tema), ahora arroja una nueva infeccion "El archivo C:\System Volume information\_restore{5D46A917-B2E4-402C-BC39-DE2FF8A3379F}\RP72\A0025443.DLL está infectado con aplicación Win32/Toolbar.MyWebSearch."

de todas maneras describo los pasos seguidos, y que me ayudes nuevamente a eliminar este vicho.

gracias

1.- Elimine lo que estaba dentro de la carpeta C:\Archivos de programa\ESET\infected

MHZIA0BA.NQF

MHZIA0BA.NQI

2.- Elimine como mencionaste

C:\Archivos de programa\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
C:\Documents and Settings\hUgO_rAP\Configuración Local\Temp\NERO14808\Toolbar.exe

3.-Ejecute ATF-Cleaner

4.- Por ultimo, el Report de kaspersky online

KASPERSKY ONLINE SCANNER REPORT
Saturday, May 17, 2008 12:14:15 AM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 17/05/2008
Kaspersky Anti-Virus database records: 779690
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
E:\
F:\
G:\

Scan Statistics:
Total number of scanned objects: 34947
Number of viruses found: 1
Number of infected objects: 1
Number of suspicious objects: 0
Duration of the scan process: 01:47:32

Infected Object Name / Virus Name / Last Action
C:\Archivos de programa\ESET\cache\CACHE.NDB Object is locked skipped
C:\Archivos de programa\ESET\logs\virlog.dat Object is locked skipped
C:\Archivos de programa\ESET\logs\warnlog.dat Object is locked skipped
C:\Documents and Settings\All Users\Datos de programa\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Datos de programa\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\hUgO_rAP\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\hUgO_rAP\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\hUgO_rAP\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\hUgO_rAP\Configuración local\Historial\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\hUgO_rAP\Configuración local\Historial\History.IE5\MSHist0120080516200805 17\index.dat Object is locked skipped
C:\Documents and Settings\hUgO_rAP\Configuración local\Temp\hpodvd09.log Object is locked skipped
C:\Documents and Settings\hUgO_rAP\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\hUgO_rAP\Datos de programa\SUPERAntiSpyware.com\SUPERAntiSpyware\App Logs\SUPERANTISPYWARE-5-16-2008( 20-15-31 ).LOG Object is locked skipped
C:\Documents and Settings\hUgO_rAP\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\hUgO_rAP\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Temp\Archivos temporales de Internet\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Temp\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Temp\Historial\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{5D46A917-B2E4-402C-BC39-DE2FF8A3379F}\RP72\A0025443.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.az skipped
C:\System Volume Information\_restore{5D46A917-B2E4-402C-BC39-DE2FF8A3379F}\RP72\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.lo g Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MA P Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MA P Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DAT A Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.