Ver la Versión Completa : como veo el log
gonzaro 06/04/08, 00:34:00 hola mi pregunta es super basica y sencilla
eh visto que muxos usuarios dejan su log y ke es informacion nesesaria pa solucionar los problemas. pero nose como sacar esa informacion ¿ que devo aser pa ver mi log? y asi poder pegarlo en el foro y ke me ayuden a solucionar mi problema.
les estaria muy agradesido ke me dijeran
por ke tengo varios problemas en el pc y nesesito solucionarlos
de antemano gracias
Hola gonzaro Bienvenido al Foro :manos:
Bueno lo primero que puedes hacer es comentarme cual es el problema que tienes en tu pc para yo tratar de ayudarte :Bien:
De todas manera supongo que tu te refieres a esto:
Foro Oficial de HijackThis en español (http://www.forospyware.com/foro-oficial-de-hijackthis-en-espanol/)
Descargar y sacar el log de HijackThis v2.0.2 (http://www.forospyware.com/292279-post2.html)
Salu2:adios:
gonzaro 06/04/08, 09:49:08 hola
muxas gracias,por la bienvenida
mira la verdad tengo masde un problema, para empezar ase como 6 meses tube ke crear otra sesion en mi pc po ke la ke tenia simplemente ya casi no se podia ingresar, bueno coneso solucione un poco el problema pero igual me kedo lento el pc, y cada dia se coloca mas lento especialmente
cuando ingreso a internet. tambien tengo otro problema, ke hay dos actualizaciones de seguridad ke windows update no puede instalar, lo tengo en modo de actualizacion automatica, y intenta de intalarlas todos los dias y no puede, ademas cada vez ke intenta de intalarlas el pc se pone aun mas lento.
Ojala me puedan ayudar a solusiornar estos problemas, por ke mi antivirus detecta troyanos todas las semanas, pero al parecer hay algun, virus, troyano, o no se lo ke sea ke aun no lo detecta, como antivirus uso el McAfee, y tambien lo tengo en actualizacion automatica.
bueno eso seria mi problema espero les kede claro y me puedan ayudar
de ante mano gracias
andresmix 06/04/08, 09:57:26 Hola gonzaro ;)
Realiza lo siguiente para determinar las infecciones y asi proceder a su eliminacion.
:1: Descarga las siguientes herramientas:
SUPERAntispyware [Manual] (http://www.forospyware.com/t102977.html)
Ccleaner + Manual (http://www.forospyware.com/t39511.html)
MalwareBytes Anti-Malware (http://www.infospyware.com/Anti-Malwares.htm)
:2: Ejecuta el SuperAntispyware y elimina todo lo que te encuentre
:3: Ejecuta Malware Bytes', (no olvides actualizarla antes de ejecutarla) y regresas con el reporte que te genere.Te diriges a la pestaña de Logs o Registros (según el idioma que estes trabajando), abres el reporte y copias el contenido para pegarlo en tu proxima respuesta.
:4:Usa el Ccleaner para limpiar el sistema,primero utilizá la opción de "Limpiador" para borrar cookies, temporales de Internet y todos los archivos que este te muestre como obsoletos.y luego usa su opción de "Registro" para limpiar todo el registro de Windows (haciendo copia de seguridad).
:4: Realiza un escaneo online con:
Panda Active Scan (http://www.forospyware.com/foro-de-virus-y-spywares/aviso-7.html) Manual (http://www.forospyware.com/t75446.html)
Kaspersky (http://www.forospyware.com/foro-de-virus-y-spywares/aviso-7.html) ---Manual (http://www.forospyware.com/t55793.html) (nos pegas el reporte completo para analizarlo)
Regresa y comentanos como te fue
:adios:
Andresmix
gonzaro 06/04/08, 15:20:31 tengo problemas para instalar el malwarebites' anti-malware me sale un herror a la hora de instalarlo.
sale un mensaje ke dice:
The setup are corrupted. Please obtain a new copy of the program.
por fa ayudenme
ke ago??:frown:
aver si alguien me dice otra pagina de donde descargarlo.
andresmix 06/04/08, 18:26:50 HOla
Intenta descargarlo desde----> AQUI (http://malwarebytes-anti-malware.softonic.com/)
Si el problema persiste, continua con los demas pasos
:adios:
gonzaro 06/04/08, 23:01:47 hola
acabo de terminar de analizar el pc con el Malware Bytes',y esto fu lo ke arrojo el analizis:
Malwarebytes' Anti-Malware 1.10
Versión de la Base de Datos: 597
Tipo de examen : Examen Completo (A:\|C:\|D:\|)
Objetos examinados: 172154
Tiempo transcurrido: 1 hour(s), 31 minute(s), 45 second(s)
Procesos en Memoria Infectados: 0
Módulos en Memoria Infectados: 0
Claves del Registro Infectadas: 23
Valores del Registro Infectados: 5
Elementos de Datos del Registro Infectados: 0
Carpetas Infectadas: 7
Ficheros Infectados: 136
Procesos en Memoria Infectados:
(No se han detectado elementos maliciosos)
Módulos en Memoria Infectados:
(No se han detectado elementos maliciosos)
Claves del Registro Infectadas:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Ext\PreApproved\{54a3f8b7-228e-4ed8-895b-de832b2c3959} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eddbb5ee-bb64-4bfc-9dbe-e7c85941335b} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\egcomservice2.egcomsvc2 (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\egcomservice2.egcomsvc2.1 (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2aeeac34-fd74-4142-b891-4b05c0c03c87} (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{469c7080-8ec8-43a6-ad97-45848113743c} (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{d7b59209-0ed9-4986-bd4a-527be836c6b2} (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{eeeca057-ad0f-44a7-8be5-8634cedbdbd1} (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f72bc3f0-6c20-4793-9dda-258589d8a907} (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{f72bc3f0-6c20-4793-9dda-258589d8a907} (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\jkwslist (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\aldd (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Juan (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\DriveCleaner Free (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\DriveCleaner Free (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DomainServic e (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\DomainService (Trojan.Agent) -> Quarantined and deleted successfully.
Valores del Registro Infectados:
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\host-domain-lookup.com (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\mysearchnow.com (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\www.host-domain-lookup.com (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\www.mysearchnow.com (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Internet Settings\User Agent\Post Platform\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Elementos de Datos del Registro Infectados:
(No se han detectado elementos maliciosos)
Carpetas Infectadas:
C:\Archivos de programa\Archivos comunes\DriveCleaner Free (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Documents and Settings\Invitado\Datos de programa\DriveCleaner Free (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Documents and Settings\Invitado\Datos de programa\DriveCleaner Free\Logs (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Documents and Settings\GON\Datos de programa\DriveCleaner Free (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Documents and Settings\GON\Datos de programa\DriveCleaner Free\Logs (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
Ficheros Infectados:
C:\WINDOWS\system32\duaxyexn.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nxeyxaud.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\erwbelfw.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wflebwre.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mcqmeqwa.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\awqemqcm.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pncrkftm.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mtfkrcnp.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tigxprku.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ukrpxgit.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tvdreyki.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ikyerdvt.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xdqrmcml.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lmcmrqdx.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Activate.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\atl71.dll (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\AV.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\bnlink.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\diagnosis.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\err.log (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\errors.log (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\lapv.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\license.rtf (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\manual.url (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\mfc71.dll (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\msvcp71.dll (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\msvcr71.dll (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\pv.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\readme.rtf (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\remnag.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\ResErrors.log (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\ScanReport.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Schedule.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\sr.log (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\support.url (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\UDC.dmp (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\UDC.xml (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\UDC6Y.url (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\unins000.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\unins000.exe (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\uninstall.ico (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\up.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\updater.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\vbpv.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\AE_CD_Cr.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\AReadr4.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\AReadr5.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\ASDSEEpv.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\ASPack.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\Babylon.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\BDelphi5.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\CatchUp.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\CBuildr5.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\CCGA.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\CManager.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\CuteFTP4.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\CuteHTML.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\DAcceler.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\DiscJug.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\ECDCreat4.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\Far.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\FFTsks.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\FlashFXP.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\FrntPage.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\FrontPEx.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\FtpEXP.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\FtpVoya.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\GetRight.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\GoZilla.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\GravMRU.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\HomeSite.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\HotDogPr.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\H_TxtPad.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\IconExtr.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\iMesh.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\ImgReady3.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\InsShExp.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\JASC_P_P.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\KaZaA.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\LView.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\MacDir.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\MacDrWea.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\MicAng.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\MicDes.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\MMUnDisk.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\MM_CON.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\Morpheus.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\MPaint.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\MPicPub.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\MPImaGal.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\MSExplorer.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\MSoffice.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\MSRegEdit.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\MSWMP.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\MSWordPad.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\Nero.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\NetShow.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\NTBackup.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\pfilelst.xda (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\PhotShel.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\PHPCoder.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\PowerZIP.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\RapidBr.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\RealAuPl.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\RealDown.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\SecurCRT.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\SL_BlWin.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\SmartClr.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\Sonique.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\StuffIt.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\TelepPro.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\UGifAnim.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\UltraEd.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\UMedStud.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\UPhImpV.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\UPhotoEx.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\UVidStud.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\VNC.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\WebFeret.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\WebReap.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\WinACE.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\WinGate.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\WinRAR.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\WinZIP.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\WiseInst.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\wordslst.xda (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\YahooPl.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Archivos de programa\DriveCleaner Free\Appbase\ZipMagic.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Documents and Settings\Invitado\Datos de programa\DriveCleaner Free\Logs\update.log (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Documents and Settings\GON\Datos de programa\DriveCleaner Free\Logs\update.log (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\acrsecB.fon (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\acrsecI.fon (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Downloaded Program Files\EGDAccess.inf (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\Downloaded Program Files\netslv32.inf (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nzmxuld_navps.dat (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nzmxuld_nav.dat (Adware.EGDAccess) -> Quarantined and deleted successfully.
ahora continuare con los siguiente pasos ke me faltan.
gonzaro 07/04/08, 23:38:49 discupen la demora
pero ayer no alcanse a terminar de analisar
y hoy el panda se demoro como 6 horas en analizar el pc
bueno aki le dejo lo ke arrojo el analicis del panda:
;************************************************* ************************************************** ************************************************** ******************************
ANALYSIS: 2008-04-07 23:27:44
PROTECTIONS: 1
MALWARE: 21
SUSPECTS: 0
;************************************************* ************************************************** ************************************************** ******************************
PROTECTIONS
Description Version Active Updated
;================================================= ================================================== ================================================== ==============================
McAfee VirusScan Yes Yes
;================================================= ================================================== ================================================== ==============================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;================================================= ================================================== ================================================== ==============================
00029258 application/altnet HackTools No 0 Yes No hkey_local_machine\software\classes\appid\altnet signing module.exe
00029258 application/altnet HackTools No 0 Yes No c:\program files\altnet
00032859 dialer.ix Dialers No 0 Yes No hkey_classes_root\iberodialerhtml.iberodialerhtml
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\GON\Cookies\gon@doubleclick[1].txt
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\GON\Cookies\gon@fastclick[2].txt
00167691 Cookie/ademails TrackingCookie No 0 Yes No C:\Documents and Settings\Gonzalo Soto\Cookies\gonzalo_soto@www.ademails[1].txt
00167738 Cookie/fe.lea.lycos TrackingCookie No 0 Yes No C:\Documents and Settings\Gonzalo Soto\Cookies\gonzalo soto@fe.lea.lycos[1].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\GON\Cookies\gon@apmebf[1].txt
00168095 Cookie/888 TrackingCookie No 0 Yes No C:\Documents and Settings\Gonzalo Soto\Cookies\gonzalo_soto@888[1].txt
00171819 Cookie/Systemdoctor TrackingCookie No 0 Yes No C:\Documents and Settings\Gonzalo Soto\Cookies\gonzalo_soto@es.systemdoctor[1].txt
00172483 Cookie/888 TrackingCookie No 0 Yes No C:\Documents and Settings\Gonzalo Soto\Cookies\gonzalo_soto@int.sitestat[1].txt
00172484 Cookie/Cassava TrackingCookie No 0 Yes No C:\Documents and Settings\Gonzalo Soto\Cookies\gonzalo_soto@int.sitestat[2].txt
00179686 HackTool/Poweroff HackTools No 0 Yes No C:\Herramientas PB\MARKS\PWROFF30.ZIP[poweroff.exe]
00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\Documents and Settings\Gonzalo Soto\Cookies\gonzalo_soto@searchportal.information[1].txt
00262024 Cookie/ErrorSafe TrackingCookie No 0 Yes No C:\Documents and Settings\Gonzalo Soto\Cookies\gonzalo_soto@www.errorsafe[1].txt
00262025 Cookie/ErrorSafe TrackingCookie No 0 Yes No C:\Documents and Settings\Gonzalo Soto\Cookies\gonzalo_soto@errorsafe[1].txt
00351416 Cookie/Systemdoctor TrackingCookie No 0 Yes No C:\Documents and Settings\Gonzalo Soto\Cookies\gonzalo_soto@systemdoctor[1].txt
01192461 Trj/Downloader.PCQ Virus/Trojan No 0 Yes No C:\Documents and Settings\GON\Configuración local\Temp\clkpxoqa.exe
01603794 Trj/Downloader.PYI Virus/Trojan No 0 Yes No C:\Documents and Settings\Gonzalo Soto\Mis documentos\Mi música\Mis archivos recibidos\IMG0024.zip[IMG033-JPG-www.photobucket.com]
01736788 Trj/Downloader.OZB Virus/Trojan No 0 Yes No C:\Documents and Settings\GON\Configuración local\Temp\lhesctkd.exe
01736788 Trj/Downloader.OZB Virus/Trojan No 0 Yes No C:\Documents and Settings\GON\Configuración local\Temp\mxqoodlp.exe
01736788 Trj/Downloader.OZB Virus/Trojan No 0 Yes No C:\Documents and Settings\Gonzalo Soto\Configuración local\Temp\ljtvukrk.exe
01736788 Trj/Downloader.OZB Virus/Trojan No 0 Yes No C:\Documents and Settings\Gonzalo Soto\Configuración local\Temp\rjflvsew.exe
01736788 Trj/Downloader.OZB Virus/Trojan No 0 Yes No C:\Documents and Settings\Gonzalo Soto\Configuración local\Temp\xtilkkoc.exe
01736788 Trj/Downloader.OZB Virus/Trojan No 0 Yes No C:\Documents and Settings\Gonzalo Soto\Configuración local\Temp\ppoojttp.exe
01954303 Spyware/Virtumonde Spyware No 1 Yes No C:\8493.exe
01954303 Spyware/Virtumonde Spyware No 1 Yes No C:\is429.exe
02642406 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\tprkxjqr.dll
;================================================= ================================================== ================================================== ==============================
SUSPECTS
Sent Location
;================================================= ================================================== ================================================== ==============================
;================================================= ================================================== ================================================== ==============================
VULNERABILITIES
Id Severity Description
;================================================= ================================================== ================================================== ==============================
184380 MEDIUM MS08-002
184379 MEDIUM MS08-001
182048 HIGH MS07-069
182046 HIGH MS07-067
182043 HIGH MS07-064
179553 HIGH MS07-061
176382 HIGH MS07-057
176383 HIGH MS07-058
120815 HIGH MS06-022
;================================================= ================================================== ================================================== ==============================
mañana realizare el ultimo anlaicis ke me falata con el ultimo programa
buenas noxes
andresmix 08/04/08, 18:37:36 Hola gonzaro ;)
Realiza lo siguiente por favor:
:1: Descarga las siguientes herramientas pero no las ejecutes aun:
VundoFix (http://www.infospyware.com/Anti-Malwares.htm)---> Manual (http://www.forospyware.com/t156920.html)
EliStarA (http://www.zonavirus.com/datos/descargas/78/EliStarA.asp)---> Esta al final del post
OTMoveIt (http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe) lo guardas en el Escritorio.
Luego de eso:
:2: Reinicia en Modo Seguro (http://www.forospyware.com/292284-post4.html)
:3: Usa OTMoveIt
Haz un doble clic sobre OTMoveIt.exe para ejecutarlo.
Asegurate que este marcado "Unregister Dll's and Ocx's".
Copia el texto que se encuentra en el cuadrado más abajo, y pega el texto en el marco de izquierdo de OTMoveIt nombrado Paste Standar List of Files / Folders to be moved.
C:\Documents and Settings\GON\Configuración local\Temp\clkpxoqa.exe
C:\Herramientas PB\MARKS\PWROFF30.ZIP
C:\Documents and Settings\Gonzalo Soto\Mis documentos\Mi música\Mis archivos recibidos\IMG0024.zip
C:\Documents and Settings\GON\Configuración local\Temp\lhesctkd.exe
C:\Documents and Settings\GON\Configuración local\Temp\mxqoodlp.exe
C:\Documents and Settings\Gonzalo Soto\Configuración local\Temp\ljtvukrk.exe
C:\Documents and Settings\Gonzalo Soto\Configuración local\Temp\rjflvsew.exe
C:\Documents and Settings\Gonzalo Soto\Configuración local\Temp\xtilkkoc.exe
C:\Documents and Settings\Gonzalo Soto\Configuración local\Temp\ppoojttp.exe
C:\8493.exe
C:\is429.exe
C:\WINDOWS\system32\tprkxjqr.dll
Haz clic en MoveIt! Para lanzar la supresión.
Cuando el resultado aparece en el marco Results, haz clic enExit.
Reinicia el PC (Este paso es muy importante)
Envía el informe (reporte) de OTMoveIt situado sobre C: \ _ OTMoveIt\MovedFiles\********_******.txt (Donde sale "********_******" es el "date_time")
:4: Luego Ejecuta Vundofix
Para ejecutar la herramienta VundoFix.exe siga estos pasos: (cualquier duda lees su manual)
Hacer Doble-clic al archivo VundoFix.exe para activarlo.
Cuando VundoFix abre de nuevo, presionar el botón de "Scan for Vundo"
Una vez que haya hecho la exploración, presionar el botón de "Remove Vundo"
Recibirá un mensaje preguntado si desea quitar los archivos y ponerle YES
Una vez presionado YES el escritorio parpadeara en blanco y es porque esta quitando el Vundo.
Cuando termina presionar en OK para reiniciar el equipo en modo normal.
:5: En Modo Seguro Ejecutas EliStarA,y Cuando lo abras Dale todo a SI,y Espera a que termine,y Te saldra una ventana,en esa ventana escaneas todo el PC,y va encontrando los archivos infectados (Escanea Todas las unidades,C:\,D:\,A:\,F:\,E:\)Y fijate que este seleccionada la opcion Eliminar ficheros automaticamente..
- Inicias en modo normal y regresa con su reporte que esta en C:\InfoSat.txt,lo abres, copias y pegas ese reporte en tu proximo mensaje.
Finalmente:
Limpia el Pc de cookies, temporales, etc y el registro con :
DiskCleaner (http://www.infospyware.com/Herramientas.htm) >>> Manual (http://www.forospyware.com/t61924.html)
RegSeeker. (http://www.infospyware.com/Herramientas.htm) >>> Manual (http://www.forospyware.com/t713.html)
Luego Realiza un escaneo online con:
Kaspersky (http://www.forospyware.com/foro-de-virus-y-spywares/aviso-7.html) ---Manual (http://www.forospyware.com/t55793.html) (nos pegas el reporte completo para analizarlo)
Regresa y comentanos como te fue
Nota: Peganos el reporte del Delpsguard, y del Elistara junto a los escaneos online no lo olvides
:adios:
Andresmix
gonzaro 09/04/08, 21:32:09 el escaneo online
pego el mismo ke ya realice
o lo tengo ke aser de nuevo y pego los resultados nuevos ke me arroge??
andresmix 10/04/08, 18:15:02 Hola gonzaro
Debes de seguir los pasos que te indique. :afirmar:
Luego de eso el escaneo online, lo debes hacer de nuevo. porque necesitamos saber como sigue la Pc, pero en los pasos que te di esta el link para que puedas hacer el escaneo online con Kaspersky Online Scanner
Lee detalladamente todos los pasos. siguelos y vuelve para poderte ayudar
:adios:
Andresmix
gonzaro 10/04/08, 22:51:26 hola
mira entre los pasos ke tengo ke aser esta pegar el reporte del Delpsguard, pero no se de donde sacarlo, no se si fue un herror tuyo
o si de verdad lo tengo que pegar dime de donde lo saco por fa.
xao
andresmix 11/04/08, 21:54:32 Hola
La verdad sip, disculpame el reporte de delspguard no porque no recomende ese programa sigue con los demas pasos y pegas los reportes que te pedi a excepcion del delpsguard.
:adios:
| |