Tema: Infectado por Msn
Ver Mensaje Individual
  post #15 (permalink)  
Antiguo 09/08/08, 00:04:47
Mosva Mosva está offline
Usuario
  
Registrado: mar 2008
Ubicación: Argentina
Mensajes: 23
Re: Infectado por Msn
te paso, Virus Total:

Análisis del archivo Upload_Me.zip recibido el 09.08.2008 04:57:50 (CET)Motor antivirus Versión Última actualización Resultado
AhnLab-V3 2008.8.9.0 2008.08.08 -
AntiVir 7.8.1.19 2008.08.08 -
Authentium 5.1.0.4 2008.08.09 -
Avast 4.8.1195.0 2008.08.08 -
AVG 8.0.0.156 2008.08.08 -
BitDefender 7.2 2008.08.09 -
CAT-QuickHeal 9.50 2008.08.08 -
ClamAV 0.93.1 2008.08.09 -
DrWeb 4.44.0.09170 2008.08.08 -
eSafe 7.0.17.0 2008.08.07 -
eTrust-Vet 31.6.6021 2008.08.08 -
Ewido 4.0 2008.08.08 -
F-Prot 4.4.4.56 2008.08.08 -
F-Secure 7.60.13501.0 2008.08.09 -
Fortinet 3.14.0.0 2008.08.08 -
GData 2.0.7306.1023 2008.08.09 -
Ikarus T3.1.1.34.0 2008.08.09 -
K7AntiVirus 7.10.408 2008.08.08 -
Kaspersky 7.0.0.125 2008.08.09 -
McAfee 5357 2008.08.08 -
Microsoft 1.3807 2008.08.09 -
NOD32v2 3341 2008.08.08 -
Norman 5.80.02 2008.08.08 -
Panda 9.0.0.4 2008.08.08 -
PCTools 4.4.2.0 2008.08.08 -
Prevx1 V2 2008.08.09 -
Rising 20.56.41.00 2008.08.08 -
Sophos 4.32.0 2008.08.09 -
Sunbelt 3.1.1537.1 2008.08.08 -
Symantec 10 2008.08.09 -
TheHacker 6.2.96.395 2008.08.08 -
TrendMicro 8.700.0.1004 2008.08.08 -
VBA32 3.12.8.3 2008.08.08 -
ViRobot 2008.8.8.1329 2008.08.08 -
VirusBuster 4.5.11.0 2008.08.08 -
Webwasher-Gateway 6.6.2 2008.08.09 -

Información adicional
Tamano archivo: 461157 bytes
MD5...: b29e09706a4495decd480791710f0474
SHA1..: f9771069db9e4ba3d37059ca7526d34495b285b8
SHA256: 37b658fefab76e431ab73bf110f17f9d366c412fbcbc5cac34 874545be720359
SHA512: 54f60f1d2cb22bdbf6caddabcbb3b8f804151056bc05325a63 8f7265b0999484<BR>53c09cdf4452ccbef745455aa0a18e9f 2359ed0840143280d71ac9c92578f29e
PEiD..: -
PEInfo: -
<table border="1"><tr><td colspan="4">Análisis del archivo Upload_Me.zip recibido el 09.08.2008 04:57:50 (CET)</td></tr><tr><td>Motor antivirus</td><td>Versión</td><td>Última actualización</td><td>Resultado</td</tr><tr><td>AhnLab-V3</td><td>2008.8.9.0</td><td>2008.08.08</td><td>-</td</tr><tr><td>AntiVir</td><td>7.8.1.19</td><td>2008.08.08</td><td>-</td</tr><tr><td>Authentium</td><td>5.1.0.4</td><td>2008.08.09</td><td>-</td</tr><tr><td>Avast</td><td>4.8.1195.0</td><td>2008.08.08</td><td>-</td</tr><tr><td>AVG</td><td>8.0.0.156</td><td>2008.08.08</td><td>-</td</tr><tr><td>BitDefender</td><td>7.2</td><td>2008.08.09</td><td>-</td</tr><tr><td>CAT-QuickHeal</td><td>9.50</td><td>2008.08.08</td><td>-</td</tr><tr><td>ClamAV</td><td>0.93.1</td><td>2008.08.09</td><td>-</td</tr><tr><td>DrWeb</td><td>4.44.0.09170</td><td>2008.08.08</td><td>-</td</tr><tr><td>eSafe</td><td>7.0.17.0</td><td>2008.08.07</td><td>-</td</tr><tr><td>eTrust-Vet</td><td>31.6.6021</td><td>2008.08.08</td><td>-</td</tr><tr><td>Ewido</td><td>4.0</td><td>2008.08.08</td><td>-</td</tr><tr><td>F-Prot</td><td>4.4.4.56</td><td>2008.08.08</td><td>-</td</tr><tr><td>F-Secure</td><td>7.60.13501.0</td><td>2008.08.09</td><td>-</td</tr><tr><td>Fortinet</td><td>3.14.0.0</td><td>2008.08.08</td><td>-</td</tr><tr><td>GData</td><td>2.0.7306.1023</td><td>2008.08.09</td><td>-</td</tr><tr><td>Ikarus</td><td>T3.1.1.34.0</td><td>2008.08.09</td><td>-</td</tr><tr><td>K7AntiVirus</td><td>7.10.408</td><td>2008.08.08</td><td>-</td</tr><tr><td>Kaspersky</td><td>7.0.0.125</td><td>2008.08.09</td><td>-</td</tr><tr><td>McAfee</td><td>5357</td><td>2008.08.08</td><td>-</td</tr><tr><td>Microsoft</td><td>1.3807</td><td>2008.08.09</td><td>-</td</tr><tr><td>NOD32v2</td><td>3341</td><td>2008.08.08</td><td>-</td</tr><tr><td>Norman</td><td>5.80.02</td><td>2008.08.08</td><td>-</td</tr><tr><td>Panda</td><td>9.0.0.4</td><td>2008.08.08</td><td>-</td</tr><tr><td>PCTools</td><td>4.4.2.0</td><td>2008.08.08</td><td>-</td</tr><tr><td>Prevx1</td><td>V2</td><td>2008.08.09</td><td>-</td</tr><tr><td>Rising</td><td>20.56.41.00</td><td>2008.08.08</td><td>-</td</tr><tr><td>Sophos</td><td>4.32.0</td><td>2008.08.09</td><td>-</td</tr><tr><td>Sunbelt</td><td>3.1.1537.1</td><td>2008.08.08</td><td>-</td</tr><tr><td>Symantec</td><td>10</td><td>2008.08.09</td><td>-</td</tr><tr><td>TheHacker</td><td>6.2.96.395</td><td>2008.08.08</td><td>-</td</tr><tr><td>TrendMicro</td><td>8.700.0.1004</td><td>2008.08.08</td><td>-</td</tr><tr><td>VBA32</td><td>3.12.8.3</td><td>2008.08.08</td><td>-</td</tr><tr><td>ViRobot</td><td>2008.8.8.1329</td><td>2008.08.08</td><td>-</td</tr><tr><td>VirusBuster</td><td>4.5.11.0</td><td>2008.08.08</td><td>-</td</tr><tr><td>Webwasher-Gateway</td><td>6.6.2</td><td>2008.08.09</td><td>-</td</tr><tr><td colspan="4">&nbsp;</td></tr><tr><td colspan="4">Información adicional</td></tr><tr><td colspan="4">Tamano archivo: 461157 bytes</td></tr><tr><td colspan="4">MD5...: b29e09706a4495decd480791710f0474</td></tr><tr><td colspan="4">SHA1..: f9771069db9e4ba3d37059ca7526d34495b285b8</td></tr><tr><td colspan="4">SHA256: 37b658fefab76e431ab73bf110f17f9d366c412fbcbc5cac34 874545be720359</td></tr><tr><td colspan="4">SHA512: 54f60f1d2cb22bdbf6caddabcbb3b8f804151056bc05325a63 8f7265b0999484<BR>53c09cdf4452ccbef745455aa0a18e9f 2359ed0840143280d71ac9c92578f29e</td></tr><tr><td colspan="4">PEiD..: -</td></tr><tr><td colspan="4">PEInfo: -</td></tr></table>
Motor antivirus;Versión;Última actualización;Resultado
AhnLab-V3;2008.8.9.0;2008.08.08;-
AntiVir;7.8.1.19;2008.08.08;-
Authentium;5.1.0.4;2008.08.09;-
Avast;4.8.1195.0;2008.08.08;-
AVG;8.0.0.156;2008.08.08;-
BitDefender;7.2;2008.08.09;-
CAT-QuickHeal;9.50;2008.08.08;-
ClamAV;0.93.1;2008.08.09;-
DrWeb;4.44.0.09170;2008.08.08;-
eSafe;7.0.17.0;2008.08.07;-
eTrust-Vet;31.6.6021;2008.08.08;-
Ewido;4.0;2008.08.08;-
F-Prot;4.4.4.56;2008.08.08;-
F-Secure;7.60.13501.0;2008.08.09;-
Fortinet;3.14.0.0;2008.08.08;-
GData;2.0.7306.1023;2008.08.09;-
Ikarus;T3.1.1.34.0;2008.08.09;-
K7AntiVirus;7.10.408;2008.08.08;-
Kaspersky;7.0.0.125;2008.08.09;-
McAfee;5357;2008.08.08;-
Microsoft;1.3807;2008.08.09;-
NOD32v2;3341;2008.08.08;-
Norman;5.80.02;2008.08.08;-
Panda;9.0.0.4;2008.08.08;-
PCTools;4.4.2.0;2008.08.08;-
Prevx1;V2;2008.08.09;-
Rising;20.56.41.00;2008.08.08;-
Sophos;4.32.0;2008.08.09;-
Sunbelt;3.1.1537.1;2008.08.08;-
Symantec;10;2008.08.09;-
TheHacker;6.2.96.395;2008.08.08;-
TrendMicro;8.700.0.1004;2008.08.08;-
VBA32;3.12.8.3;2008.08.08;-
ViRobot;2008.8.8.1329;2008.08.08;-
VirusBuster;4.5.11.0;2008.08.08;-
Webwasher-Gateway;6.6.2;2008.08.09;-

Información adicional
Tamano archivo: 461157 bytes
MD5...: b29e09706a4495decd480791710f0474
SHA1..: f9771069db9e4ba3d37059ca7526d34495b285b8
SHA256: 37b658fefab76e431ab73bf110f17f9d366c412fbcbc5cac34 874545be720359
SHA512: 54f60f1d2cb22bdbf6caddabcbb3b8f804151056bc05325a63 8f7265b0999484<BR>53c09cdf4452ccbef745455aa0a18e9f 2359ed0840143280d71ac9c92578f29e
PEiD..: -
PEInfo: -

y el log de Panda:
;************************************************* ************************************************** ************************************************** ******************************
ANALYSIS: 2008-08-08 23:51:45
PROTECTIONS: 0
MALWARE: 5
SUSPECTS: 0
;************************************************* ************************************************** ************************************************** ******************************
PROTECTIONS
Description Version Active Updated
;================================================= ================================================== ================================================== ==============================
;================================================= ================================================== ================================================== ==============================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;================================================= ================================================== ================================================== ==============================
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Franco\Cookies\franco@atdmt[1].txt
00139535 Application/Processor HackTools No 0 Yes No C:\AntiVirus\MSNFix.zip[MSNFix/incl/Process.exe]
00139535 Application/Processor HackTools No 0 Yes No C:\AntiVirus\MSNFix\incl\Process.exe
00139535 Application/Processor HackTools No 0 Yes No C:\RECYCLER\S-1-5-21-1417001333-1563985344-1060284298-1000\Dc5\apps\Process.exe
00139535 Application/Processor HackTools No 0 No No C:\RECYCLER\S-1-5-21-1417001333-1563985344-1060284298-1000\Dc4.exe[C:\RECYCLER\S-1-5-21-1417001333-1563985344-1060284298-1000\Dc4.exe][SDFix\apps\Process.exe]
00139535 Application/Processor HackTools No 0 Yes No C:\RECYCLER\S-1-5-21-1417001333-1563985344-1060284298-1000\Dc5\SDFix\apps\Process.exe
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Osvaldo\Cookies\osvaldo@ad.yieldmanager[2].txt
00172448 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\Osvaldo1\Cookies\osvaldo1@ciudad.com[1].txt
00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\Franco\Cookies\franco@go[1].txt
00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\Macarena\Cookies\macarena@go[1].txt
;================================================= ================================================== ================================================== ==============================
SUSPECTS
Sent Location s5
;================================================= ================================================== ================================================== ==============================
;================================================= ================================================== ================================================== ==============================
VULNERABILITIES
Id Severity Description s5
;================================================= ================================================== ================================================== ==============================
;================================================= ================================================== ================================================== ==============================

abrazo
Responder Con Cita