agustyn14
24/01/08, 14:49:43
wenas soy Agustin y necesito saber como eliminar este feo virus k aparece y el Avast lo elimina y al cabo de un momento vuelve a aparecer.
La ruta k me marka el antivirus es la sigte.:
"C:docum &Setting/Gaby/configuracion local/temp/12354687.exe/(SFG)contiene rastros de "win32:agent-bsu (trj)"!
no kiero formatear la pc por q pierdo muchos datos muy importantes.
realice un escaneo con el "kavwebscan" y me ha dado este informe:
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Thursday, January 24, 2008 5:36:10 PM
Operating System: Microsoft Windows XP Professional, (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 24/01/2008
Kaspersky Anti-Virus database records: 531323
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
Scan Statistics:
Total number of scanned objects: 97468
Number of viruses found: 4
Number of infected objects: 4
Number of suspicious objects: 0
Duration of the scan process: 01:51:49
Infected Object Name / Virus Name / Last Action
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped
C:\WINDOWS\system32\config\SYSTEM Object is locked skipped
C:\WINDOWS\system32\config\DEFAULT Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DAT A Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\__delete_on_reboot__H_f_k_r_4_ g_._d_l_l_ Infected: Trojan-Downloader.Win32.Small.hko skipped
C:\WINDOWS\inf\svchost.exe Infected: not-a-virus:RemoteAdmin.Win32.RAdmin.21 skipped
C:\WINDOWS\Temp\Perflib_Perfdata_57c.dat Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\Debug\oakley.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Historial\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Archivos temporales de Internet\Content.IE5\JWMBZN0W\severa[1].exe Infected: Trojan-Downloader.Win32.Agent.bkw skipped
C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat Object is locked skipped
C:\Documents and Settings\Gaby\NTUSER.DAT.LOG Object is locked skipped
C:\Documents and Settings\Gaby\Configuración local\Temp\INMEM000.REM Object is locked skipped
C:\Documents and Settings\Gaby\Configuración local\Temp\JET442A.tmp Object is locked skipped
C:\Documents and Settings\Gaby\Configuración local\Temp\~DF71B0.tmp Object is locked skipped
C:\Documents and Settings\Gaby\Configuración local\Historial\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Gaby\Configuración local\Historial\History.IE5\MSHist0120080124200801 25\index.dat Object is locked skipped
C:\Documents and Settings\Gaby\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Gaby\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Gaby\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Gaby\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Gaby\ntuser.dat Object is locked skipped
C:\Archivos de programa\Mozilla Firefox\plugins\NPMyWebS.dll Infected: not-a-virus:AdTool.Win32.MyWebSearch.i skipped
C:\Archivos de programa\Alwil Software\Avast4\DATA\report\Protección residente.txt Object is locked skipped
C:\Archivos de programa\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped
C:\Archivos de programa\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped
C:\Archivos de programa\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped
C:\Archivos de programa\Alwil Software\Avast4\DATA\integ\avast.int Object is locked skipped
C:\Archivos de programa\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped
C:\Archivos de programa\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped
C:\Archivos de programa\Telphos\log\telphos.log Object is locked skipped
C:\Locutorio\Tablas\ADTICKTMP.DB Object is locked skipped
C:\Locutorio\Tablas\LLTICKTMP.DB Object is locked skipped
C:\Locutorio\Tablas\Totalcabi.DB Object is locked skipped
C:\Locutorio\Tablas\Totalcabi.PX Object is locked skipped
C:\Locutorio\Tablas\Transaccion.DB Object is locked skipped
C:\Locutorio\Tablas\Transaccion.PX Object is locked skipped
C:\Locutorio\Tablas\Auditoria.DB Object is locked skipped
C:\Locutorio\Tablas\Auditoria.PX Object is locked skipped
C:\Locutorio\Tablas\Auditoria.XG0 Object is locked skipped
C:\Locutorio\Tablas\Auditoria.XG1 Object is locked skipped
C:\Locutorio\Tablas\Auditoria.XG2 Object is locked skipped
C:\Locutorio\Tablas\Auditoria.YG0 Object is locked skipped
C:\Locutorio\Tablas\Auditoria.YG1 Object is locked skipped
C:\Locutorio\Tablas\Auditoria.YG2 Object is locked skipped
C:\Locutorio\Tablas\Destinos.DB Object is locked skipped
C:\Locutorio\Tablas\Destinos.PX Object is locked skipped
C:\Locutorio\Tablas\Destinos.XG1 Object is locked skipped
C:\Locutorio\Tablas\Destinos.YG1 Object is locked skipped
C:\Locutorio\Tablas\Tiposcom.PX Object is locked skipped
C:\Locutorio\Tablas\BufLlam.DB Object is locked skipped
C:\Locutorio\Tablas\BufLlam.PX Object is locked skipped
C:\Locutorio\Tablas\BufLlam.XG1 Object is locked skipped
C:\Locutorio\Tablas\BufLlam.YG1 Object is locked skipped
C:\Locutorio\Tablas\BufLlam.XG0 Object is locked skipped
C:\Locutorio\Tablas\BufLlam.YG0 Object is locked skipped
C:\Locutorio\Tablas\BufAdic.DB Object is locked skipped
C:\Locutorio\Tablas\BufAdic.PX Object is locked skipped
C:\Locutorio\Tablas\BufCostos.db Object is locked skipped
C:\Locutorio\Tablas\BufCostos.PX Object is locked skipped
C:\Locutorio\Tablas\BufArti.DB Object is locked skipped
C:\Locutorio\Tablas\BufArti.PX Object is locked skipped
C:\Locutorio\Tablas\BufArti.XG0 Object is locked skipped
C:\Locutorio\Tablas\BufArti.YG0 Object is locked skipped
C:\Locutorio\Tablas\TempLlam.DB Object is locked skipped
C:\Locutorio\Tablas\TempLlam.PX Object is locked skipped
C:\Locutorio\Tablas\LL20080124.DB Object is locked skipped
C:\Locutorio\Tablas\LL20080124.PX Object is locked skipped
C:\Locutorio\Tablas\LL20080124.XG0 Object is locked skipped
C:\Locutorio\Tablas\LL20080124.XG1 Object is locked skipped
C:\Locutorio\Tablas\LL20080124.YG0 Object is locked skipped
C:\Locutorio\Tablas\LL20080124.YG1 Object is locked skipped
C:\Locutorio\Tablas\CO20080124.DB Object is locked skipped
C:\Locutorio\Tablas\CO20080124.PX Object is locked skipped
C:\CiberControl 4.0 PRO\database\ciber.mdb Object is locked skipped
C:\CiberControl 4.0 PRO\database\ciber.ldb Object is locked skipped
C:\PDOXUSRS.NET Object is locked skipped
E:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
Scan process completed.
si pudieran darme la solución muy agradecido estaré.
desde ya muchas gracias
salu2:smile:
La ruta k me marka el antivirus es la sigte.:
"C:docum &Setting/Gaby/configuracion local/temp/12354687.exe/(SFG)contiene rastros de "win32:agent-bsu (trj)"!
no kiero formatear la pc por q pierdo muchos datos muy importantes.
realice un escaneo con el "kavwebscan" y me ha dado este informe:
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Thursday, January 24, 2008 5:36:10 PM
Operating System: Microsoft Windows XP Professional, (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 24/01/2008
Kaspersky Anti-Virus database records: 531323
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
Scan Statistics:
Total number of scanned objects: 97468
Number of viruses found: 4
Number of infected objects: 4
Number of suspicious objects: 0
Duration of the scan process: 01:51:49
Infected Object Name / Virus Name / Last Action
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped
C:\WINDOWS\system32\config\SYSTEM Object is locked skipped
C:\WINDOWS\system32\config\DEFAULT Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DAT A Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\__delete_on_reboot__H_f_k_r_4_ g_._d_l_l_ Infected: Trojan-Downloader.Win32.Small.hko skipped
C:\WINDOWS\inf\svchost.exe Infected: not-a-virus:RemoteAdmin.Win32.RAdmin.21 skipped
C:\WINDOWS\Temp\Perflib_Perfdata_57c.dat Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\Debug\oakley.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Historial\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Archivos temporales de Internet\Content.IE5\JWMBZN0W\severa[1].exe Infected: Trojan-Downloader.Win32.Agent.bkw skipped
C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat Object is locked skipped
C:\Documents and Settings\Gaby\NTUSER.DAT.LOG Object is locked skipped
C:\Documents and Settings\Gaby\Configuración local\Temp\INMEM000.REM Object is locked skipped
C:\Documents and Settings\Gaby\Configuración local\Temp\JET442A.tmp Object is locked skipped
C:\Documents and Settings\Gaby\Configuración local\Temp\~DF71B0.tmp Object is locked skipped
C:\Documents and Settings\Gaby\Configuración local\Historial\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Gaby\Configuración local\Historial\History.IE5\MSHist0120080124200801 25\index.dat Object is locked skipped
C:\Documents and Settings\Gaby\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Gaby\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Gaby\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Gaby\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Gaby\ntuser.dat Object is locked skipped
C:\Archivos de programa\Mozilla Firefox\plugins\NPMyWebS.dll Infected: not-a-virus:AdTool.Win32.MyWebSearch.i skipped
C:\Archivos de programa\Alwil Software\Avast4\DATA\report\Protección residente.txt Object is locked skipped
C:\Archivos de programa\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped
C:\Archivos de programa\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped
C:\Archivos de programa\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped
C:\Archivos de programa\Alwil Software\Avast4\DATA\integ\avast.int Object is locked skipped
C:\Archivos de programa\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped
C:\Archivos de programa\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped
C:\Archivos de programa\Telphos\log\telphos.log Object is locked skipped
C:\Locutorio\Tablas\ADTICKTMP.DB Object is locked skipped
C:\Locutorio\Tablas\LLTICKTMP.DB Object is locked skipped
C:\Locutorio\Tablas\Totalcabi.DB Object is locked skipped
C:\Locutorio\Tablas\Totalcabi.PX Object is locked skipped
C:\Locutorio\Tablas\Transaccion.DB Object is locked skipped
C:\Locutorio\Tablas\Transaccion.PX Object is locked skipped
C:\Locutorio\Tablas\Auditoria.DB Object is locked skipped
C:\Locutorio\Tablas\Auditoria.PX Object is locked skipped
C:\Locutorio\Tablas\Auditoria.XG0 Object is locked skipped
C:\Locutorio\Tablas\Auditoria.XG1 Object is locked skipped
C:\Locutorio\Tablas\Auditoria.XG2 Object is locked skipped
C:\Locutorio\Tablas\Auditoria.YG0 Object is locked skipped
C:\Locutorio\Tablas\Auditoria.YG1 Object is locked skipped
C:\Locutorio\Tablas\Auditoria.YG2 Object is locked skipped
C:\Locutorio\Tablas\Destinos.DB Object is locked skipped
C:\Locutorio\Tablas\Destinos.PX Object is locked skipped
C:\Locutorio\Tablas\Destinos.XG1 Object is locked skipped
C:\Locutorio\Tablas\Destinos.YG1 Object is locked skipped
C:\Locutorio\Tablas\Tiposcom.PX Object is locked skipped
C:\Locutorio\Tablas\BufLlam.DB Object is locked skipped
C:\Locutorio\Tablas\BufLlam.PX Object is locked skipped
C:\Locutorio\Tablas\BufLlam.XG1 Object is locked skipped
C:\Locutorio\Tablas\BufLlam.YG1 Object is locked skipped
C:\Locutorio\Tablas\BufLlam.XG0 Object is locked skipped
C:\Locutorio\Tablas\BufLlam.YG0 Object is locked skipped
C:\Locutorio\Tablas\BufAdic.DB Object is locked skipped
C:\Locutorio\Tablas\BufAdic.PX Object is locked skipped
C:\Locutorio\Tablas\BufCostos.db Object is locked skipped
C:\Locutorio\Tablas\BufCostos.PX Object is locked skipped
C:\Locutorio\Tablas\BufArti.DB Object is locked skipped
C:\Locutorio\Tablas\BufArti.PX Object is locked skipped
C:\Locutorio\Tablas\BufArti.XG0 Object is locked skipped
C:\Locutorio\Tablas\BufArti.YG0 Object is locked skipped
C:\Locutorio\Tablas\TempLlam.DB Object is locked skipped
C:\Locutorio\Tablas\TempLlam.PX Object is locked skipped
C:\Locutorio\Tablas\LL20080124.DB Object is locked skipped
C:\Locutorio\Tablas\LL20080124.PX Object is locked skipped
C:\Locutorio\Tablas\LL20080124.XG0 Object is locked skipped
C:\Locutorio\Tablas\LL20080124.XG1 Object is locked skipped
C:\Locutorio\Tablas\LL20080124.YG0 Object is locked skipped
C:\Locutorio\Tablas\LL20080124.YG1 Object is locked skipped
C:\Locutorio\Tablas\CO20080124.DB Object is locked skipped
C:\Locutorio\Tablas\CO20080124.PX Object is locked skipped
C:\CiberControl 4.0 PRO\database\ciber.mdb Object is locked skipped
C:\CiberControl 4.0 PRO\database\ciber.ldb Object is locked skipped
C:\PDOXUSRS.NET Object is locked skipped
E:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
Scan process completed.
si pudieran darme la solución muy agradecido estaré.
desde ya muchas gracias
salu2:smile: