| Re: problema con winhost y block.exe
hola de nuevo y perdon por la tardanza pero el antivirus online se tardo un poco, he hecho todo lo que me pediste y aca te dejo el informe del antivirus online. De antemano gracias.
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER INFORME
viernes, 16 de mayo de 2008 23:52:15
Sistema operativo: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner versión: 5.0.84.1
Ultima actualización: 17/05/2008
Registros en la base antivirus: 779690
-------------------------------------------------------------------------------
Configuración del análisis:
Analizar usando las siguientes bases: estendidas
Analizar archivos: verdadero
Analizar bases de correo: verdadero
Objetivo a analizar - Mi PC:
C:\
D:\
E:\
Estadísticas:
Número de objeros analizados: 198542
Virus encontrados: 8
Objetos infectados: 25 / 0
Objetos sospechosos: 0
Duración del análisis: 02:01:01
Bombre del objeto infectado / Nombre del virus / Última acción
C:\blok.exe Infectados: Trojan.Win32.Pakes.cvl saltado
C:\Documents and Settings\All Users\Application Data\Microsoft\eHome\logs\ehRecvr.log Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked saltado
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked saltado
C:\Documents and Settings\AYAX\Cookies\index.dat Object is locked saltado
C:\Documents and Settings\AYAX\History\History.IE5\index.dat Object is locked saltado
C:\Documents and Settings\AYAX\Local Settings\Application Data\ApplicationHistory\hpqimzone.exe.3204510e.ini .inuse Object is locked saltado
C:\Documents and Settings\AYAX\Local Settings\Application Data\HP\Digital Imaging\db\administrativeInfo.dbf Object is locked saltado
C:\Documents and Settings\AYAX\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.cdx Object is locked saltado
C:\Documents and Settings\AYAX\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.dbf Object is locked saltado
C:\Documents and Settings\AYAX\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.cdx Object is locked saltado
C:\Documents and Settings\AYAX\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.dbf Object is locked saltado
C:\Documents and Settings\AYAX\Local Settings\Application Data\HP\Digital Imaging\db\CB_Server_Errors.txt Object is locked saltado
C:\Documents and Settings\AYAX\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.cdx Object is locked saltado
C:\Documents and Settings\AYAX\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.dbf Object is locked saltado
C:\Documents and Settings\AYAX\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.cdx Object is locked saltado
C:\Documents and Settings\AYAX\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.dbf Object is locked saltado
C:\Documents and Settings\AYAX\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.fpt Object is locked saltado
C:\Documents and Settings\AYAX\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.cdx Object is locked saltado
C:\Documents and Settings\AYAX\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.dbf Object is locked saltado
C:\Documents and Settings\AYAX\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.cdx Object is locked saltado
C:\Documents and Settings\AYAX\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.dbf Object is locked saltado
C:\Documents and Settings\AYAX\Local Settings\Application Data\HP\Digital Imaging\db\managedFolderTable.dbf Object is locked saltado
C:\Documents and Settings\AYAX\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.cdx Object is locked saltado
C:\Documents and Settings\AYAX\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.dbf Object is locked saltado
C:\Documents and Settings\AYAX\Local Settings\Application Data\HP\Digital Imaging\db\propertiesTable.cdx Object is locked saltado
C:\Documents and Settings\AYAX\Local Settings\Application Data\HP\Digital Imaging\db\propertiesTable.dbf Object is locked saltado
C:\Documents and Settings\AYAX\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.cdx Object is locked saltado
C:\Documents and Settings\AYAX\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.dbf Object is locked saltado
C:\Documents and Settings\AYAX\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.cdx Object is locked saltado
C:\Documents and Settings\AYAX\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.dbf Object is locked saltado
C:\Documents and Settings\AYAX\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked saltado
C:\Documents and Settings\AYAX\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked saltado
C:\Documents and Settings\AYAX\Local Settings\Temp\~DF46B1.tmp Object is locked saltado
C:\Documents and Settings\AYAX\Local Settings\Temp\~DFEC9E.tmp Object is locked saltado
C:\Documents and Settings\AYAX\My Documents\Programs\familykeylogger.zip/FamilyKeyLogger-setup.exe/stream/data0007 Infectados: not-a-virus:Monitor.Win32.FamilyKeyLogger.280 saltado
C:\Documents and Settings\AYAX\My Documents\Programs\familykeylogger.zip/FamilyKeyLogger-setup.exe/stream/data0009 Infectados: not-a-virus:Monitor.Win32.FamilyKeyLogger.280 saltado
C:\Documents and Settings\AYAX\My Documents\Programs\familykeylogger.zip/FamilyKeyLogger-setup.exe/stream/data0010 Infectados: not-a-virus:Monitor.Win32.FamilyKeyLogger.280 saltado
C:\Documents and Settings\AYAX\My Documents\Programs\familykeylogger.zip/FamilyKeyLogger-setup.exe/stream Infectados: not-a-virus:Monitor.Win32.FamilyKeyLogger.280 saltado
C:\Documents and Settings\AYAX\My Documents\Programs\familykeylogger.zip/FamilyKeyLogger-setup.exe Infectados: not-a-virus:Monitor.Win32.FamilyKeyLogger.280 saltado
C:\Documents and Settings\AYAX\My Documents\Programs\familykeylogger.zip ZIP: infectado - 5 saltado
C:\Documents and Settings\AYAX\My Documents\Programs\win xp sp2 ilegal a legal\Serial ORO XP SP2\Kit.de.Oro Keyfinder\Keyfinder.exe/data.rar/xpkey.exe Infectados: not-a-virus:PSWTool.Win32.RAS.g saltado
C:\Documents and Settings\AYAX\My Documents\Programs\win xp sp2 ilegal a legal\Serial ORO XP SP2\Kit.de.Oro Keyfinder\Keyfinder.exe/data.rar/officekey.exe Infectados: not-a-virus:PSWTool.Win32.RAS.a saltado
C:\Documents and Settings\AYAX\My Documents\Programs\win xp sp2 ilegal a legal\Serial ORO XP SP2\Kit.de.Oro Keyfinder\Keyfinder.exe/data.rar Infectados: not-a-virus:PSWTool.Win32.RAS.a saltado
C:\Documents and Settings\AYAX\My Documents\Programs\win xp sp2 ilegal a legal\Serial ORO XP SP2\Kit.de.Oro Keyfinder\Keyfinder.exe RarSFX: infectado - 3 saltado
C:\Documents and Settings\AYAX\My Documents\Programs\win xp sp2 ilegal a legal\Serial_ORO_XP_SP2 2.rar/Serial ORO XP SP2/Kit.de.Oro Keyfinder/Keyfinder.exe/data.rar/xpkey.exe Infectados: not-a-virus:PSWTool.Win32.RAS.g saltado
C:\Documents and Settings\AYAX\My Documents\Programs\win xp sp2 ilegal a legal\Serial_ORO_XP_SP2 2.rar/Serial ORO XP SP2/Kit.de.Oro Keyfinder/Keyfinder.exe/data.rar/officekey.exe Infectados: not-a-virus:PSWTool.Win32.RAS.a saltado
C:\Documents and Settings\AYAX\My Documents\Programs\win xp sp2 ilegal a legal\Serial_ORO_XP_SP2 2.rar/Serial ORO XP SP2/Kit.de.Oro Keyfinder/Keyfinder.exe/data.rar Infectados: not-a-virus:PSWTool.Win32.RAS.a saltado
C:\Documents and Settings\AYAX\My Documents\Programs\win xp sp2 ilegal a legal\Serial_ORO_XP_SP2 2.rar/Serial ORO XP SP2/Kit.de.Oro Keyfinder/Keyfinder.exe Infectados: not-a-virus:PSWTool.Win32.RAS.a saltado
C:\Documents and Settings\AYAX\My Documents\Programs\win xp sp2 ilegal a legal\Serial_ORO_XP_SP2 2.rar RAR: infectado - 4 saltado
C:\Documents and Settings\AYAX\NTUSER.DAT Object is locked saltado
C:\Documents and Settings\AYAX\ntuser.dat.LOG Object is locked saltado
C:\Documents and Settings\AYAX\Temporary Internet Files\Content.IE5\ICAA5L03\get_video[1] Object is locked saltado
C:\Documents and Settings\AYAX\Temporary Internet Files\Content.IE5\index.dat Object is locked saltado
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked saltado
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked saltado
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked saltado
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked saltado
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked saltado
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked saltado
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked saltado
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked saltado
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked saltado
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked saltado
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked saltado
C:\ec9098043cea2d1b662bab9605\update\update.exe Object is locked saltado
C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked saltado
C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked saltado
C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked saltado
C:\Program Files\Alwil Software\Avast4\DATA\log\selfdef.log Object is locked saltado
C:\QooBox\Quarantine\C\WINDOWS\hosts.vir Infectados: Trojan.Win32.Qhost.aei saltado
C:\QooBox\Quarantine\F\autorun.inf.vir Infectados: Worm.Win32.AutoRun.dmh saltado
C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\sys32.exe Infectados: Worm.Win32.AutoRun.dsf saltado
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked saltado
C:\System Volume Information\_restore{3A579F61-82CF-4117-919A-DB7B394CD5BC}\RP81\A0013995.exe Infectados: Worm.Win32.AutoRun.dsf saltado
C:\System Volume Information\_restore{3A579F61-82CF-4117-919A-DB7B394CD5BC}\RP83\A0014242.exe Infectados: Trojan.Win32.Agent.mcj saltado
C:\System Volume Information\_restore{3A579F61-82CF-4117-919A-DB7B394CD5BC}\RP83\A0014491.exe Infectados: Worm.Win32.AutoRun.dsf saltado
C:\System Volume Information\_restore{3A579F61-82CF-4117-919A-DB7B394CD5BC}\RP84\change.log Object is locked saltado
C:\WINDOWS\Debug\PASSWD.LOG Object is locked saltado
C:\WINDOWS\ModemLog_HDAUDIO Soft Data Fax Modem with SmartCP.txt Object is locked saltado
C:\WINDOWS\Registration\{02D4B3F1-FD88-11D1-960D-00805FC79235}.{B5075033-B015-4699-95BE-4A55F6DC8021}.crmlog Object is locked saltado
C:\WINDOWS\SchedLgU.Txt Object is locked saltado
C:\WINDOWS\SoftwareDistribution\EventCache\{1C5DB1 AC-FCE1-48E3-B203-4A2E7F4EAE89}.bin Object is locked saltado
C:\WINDOWS\SoftwareDistribution\ReportingEvents.lo g Object is locked saltado
C:\WINDOWS\Sti_Trace.log Object is locked saltado
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked saltado
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked saltado
C:\WINDOWS\system32\config\Antivirus.Evt Object is locked saltado
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked saltado
C:\WINDOWS\system32\config\default Object is locked saltado
C:\WINDOWS\system32\config\default.LOG Object is locked saltado
C:\WINDOWS\system32\config\Internet.evt Object is locked saltado
C:\WINDOWS\system32\config\Media Ce.evt Object is locked saltado
C:\WINDOWS\system32\config\ODiag.evt Object is locked saltado
C:\WINDOWS\system32\config\OSession.evt Object is locked saltado
C:\WINDOWS\system32\config\SAM Object is locked saltado
C:\WINDOWS\system32\config\SAM.LOG Object is locked saltado
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked saltado
C:\WINDOWS\system32\config\SECURITY Object is locked saltado
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked saltado
C:\WINDOWS\system32\config\software Object is locked saltado
C:\WINDOWS\system32\config\software.LOG Object is locked saltado
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked saltado
C:\WINDOWS\system32\config\system Object is locked saltado
C:\WINDOWS\system32\config\system.LOG Object is locked saltado
C:\WINDOWS\system32\drivers\etc\hosts.20080510-130718.backup Infectados: Trojan.Win32.Qhost.aei saltado
C:\WINDOWS\system32\drivers\etc\hosts.20080510-130719.backup Infectados: Trojan.Win32.Qhost.aei saltado
C:\WINDOWS\system32\drivers\hosts Infectados: Trojan.Win32.Qhost.aei saltado
C:\WINDOWS\system32\h323log.txt Object is locked saltado
C:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl Object is locked saltado
C:\WINDOWS\system32\MsDtc\MSDTC.LOG Object is locked saltado
C:\WINDOWS\system32\MsDtc\Trace\dtctrace.log Object is locked saltado
C:\WINDOWS\system32\msmq\storage\QMLog Object is locked saltado
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked saltado
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked saltado
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked saltado
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MA P Object is locked saltado
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MA P Object is locked saltado
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DAT A Object is locked saltado
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked saltado
C:\WINDOWS\temp\Perflib_Perfdata_ec.dat Object is locked saltado
C:\WINDOWS\wiadebug.log Object is locked saltado
C:\WINDOWS\wiaservc.log Object is locked saltado
C:\WINDOWS\WindowsUpdate.log Object is locked saltado
D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked saltado
D:\System Volume Information\_restore{3A579F61-82CF-4117-919A-DB7B394CD5BC}\RP84\change.log Object is locked saltado
Análisis completado. |