Blog Registrarse Temas de Hoy AntiSpywares AntiVirus Glosario

Regresar   Foro de Spyware » Spyware - Adware - Hijackers - Malwares » Temas Solucionados
Actualizar Infostealer! (Solucionado)
         
Para evitar Virus, Spyware y ventanas emergentes, en InfoSpyware recomendamos navegar con: FIREFOX

Temas Solucionados Casos de HijackThis y Malwares resueltos.
(Solo lectura)

Respuesta
Página 3 de 4 < 12 3 4 >
 
Herramientas
  post #21 (permalink)  
Antiguo 14/07/07, 19:37:04
Usuario
  
Registrado: jul 2007
Ubicación: argentina
Mensajes: 22
Re: Infostealer!
bueno, ahora salio bastante mejor! ahi va el reporte
KASPERSKY ONLINE SCANNER REPORT
Saturday, July 14, 2007 8:33:00 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.93.0
Kaspersky Anti-Virus database last update: 14/07/2007
Kaspersky Anti-Virus database records: 362331
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\

Scan Statistics:
Total number of scanned objects: 82659
Number of viruses found: 3
Number of infected objects: 14
Number of suspicious objects: 0
Duration of the scan process: 01:41:04

Infected Object Name / Virus Name / Last Action
C:\Archivos de programa\Kodak\Kodak EasyShare software\bin\Catalog\EasyShare.me Object is locked skipped
C:\Archivos de programa\Kodak\Kodak EasyShare software\bin\Catalog\EasyShare.mm Object is locked skipped
C:\Documents and Settings\All Users\Datos de programa\Symantec\Common Client\settings.dat Object is locked skipped
C:\Documents and Settings\All Users\Datos de programa\UploadBendBuildCreative\Bias Send.exe Infected: Trojan.Win32.Obfuscated.en skipped
C:\Documents and Settings\All Users\Datos de programa\UploadBendBuildCreative\fivepile.exe Infected: Trojan.Win32.Obfuscated.en skipped
C:\Documents and Settings\All Users\Datos de programa\UploadBendBuildCreative\jump poke.exe Infected: Trojan.Win32.Obfuscated.en skipped
C:\Documents and Settings\jazmin\Configuración local\Archivos temporales de Internet\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Datos de programa\Microsoft\Media Player\CurrentDatabase_360.wmdb Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Datos de programa\Microsoft\Messenger\jacis84@hotmail.com\S haringMetadata\Logs\Dfsr00005.log Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Datos de programa\Microsoft\Messenger\jacis84@hotmail.com\S haringMetadata\pending.dat Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Datos de programa\Microsoft\Messenger\jacis84@hotmail.com\S haringMetadata\Working\database_FAA0_12D5_A012_986 9\dfsr.db Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Datos de programa\Microsoft\Messenger\jacis84@hotmail.com\S haringMetadata\Working\database_FAA0_12D5_A012_986 9\fsr.log Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Datos de programa\Microsoft\Messenger\jacis84@hotmail.com\S haringMetadata\Working\database_FAA0_12D5_A012_986 9\fsrtmp.log Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Datos de programa\Microsoft\Messenger\jacis84@hotmail.com\S haringMetadata\Working\database_FAA0_12D5_A012_986 9\tmp.edb Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Datos de programa\Microsoft\Windows Live Contacts\jacis84@hotmail.com\real\members.stg Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Datos de programa\Microsoft\Windows Live Contacts\jacis84@hotmail.com\shadow\members.stg Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Datos de programa\Microsoft\Windows Media\11.0\WMSDKNSD.XML Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Historial\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Historial\History.IE5\MSHist0120070714200707 15\index.dat Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Temp\bis29F.exe Infected: Trojan.Win32.Obfuscated.en skipped
C:\Documents and Settings\jazmin\Configuración local\Temp\bis2FE.exe Infected: Trojan.Win32.Obfuscated.en skipped
C:\Documents and Settings\jazmin\Configuración local\Temp\bis379.exe Infected: Trojan.Win32.Obfuscated.en skipped
C:\Documents and Settings\jazmin\Configuración local\Temp\Cliprex_WhenUSave_InstallerInst.exe Infected: not-a-virus:AdTool.Win32.WhenU.a skipped
C:\Documents and Settings\jazmin\Configuración local\Temp\me_53MSdLnkBYgJCFu Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Temp\me_cjkSdLmHTLusnYY Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Temp\me_hnxse467ZriLa8d Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Temp\me_KleBjjI5ODpdE3w Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Temp\me_Qzg5v63RXntPd7C Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Temp\Perflib_Perfdata_600.dat Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Temp\Perflib_Perfdata_bc.dat Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Temp\~DF115.tmp Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Temp\~DF8972.tmp Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Temp\~DF8C4B.tmp Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Temp\~DFF1A1.tmp Object is locked skipped
C:\Documents and Settings\jazmin\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\FREEDATASUPPORT\ascncspe.exe Infected: Trojan.Win32.Obfuscated.en skipped
C:\Documents and Settings\jazmin\Datos de programa\FREEDATASUPPORT\gubuyscx.exe Infected: Trojan.Win32.Obfuscated.en skipped
C:\Documents and Settings\jazmin\Datos de programa\FREEDATASUPPORT\guxfqjhy.exe Infected: Trojan.Win32.Obfuscated.en skipped
C:\Documents and Settings\jazmin\Datos de programa\FREEDATASUPPORT\magscurbonceokay.exe Infected: Trojan.Win32.Obfuscated.en skipped
C:\Documents and Settings\jazmin\Datos de programa\FREEDATASUPPORT\Multi Amen Bits.exe Infected: Trojan.Win32.Obfuscated.en skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\call256.dbb Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\callmember25 6.dbb Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\chat1024.dbb Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\chat256.dbb Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\chat512.dbb Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\chatmember25 6.dbb Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\chatmsg1024. dbb Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\chatmsg256.d bb Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\chatmsg512.d bb Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\chatsync\39\ 397f027a23b19f2d.dat Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\chatsync\c4\ c4e7ccb421dd684f.dat Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\contactgroup 256.dbb Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\dyncontent\b undle.dat Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\index2.dat Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\profile4096. dbb Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\transfer256. dbb Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\transfer512. dbb Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\user1024.dbb Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\user16384.db b Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\user4096.dbb Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\voicemail256 .dbb Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\SUPERAntiSpyware.com\SUPERAntiSpyware\SUP ERANTISPYWARE.LOG Object is locked skipped
C:\Documents and Settings\jazmin\ntuser.dat Object is locked skipped
C:\Documents and Settings\jazmin\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Historial\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{2C8FB85A-6A11-4238-930A-52A0783FFDA8}\RP1\A0000045.exe Infected: Trojan.Win32.Obfuscated.en skipped
C:\System Volume Information\_restore{2C8FB85A-6A11-4238-930A-52A0783FFDA8}\RP1\change.log Object is locked skipped
C:\WINDOWS\2481812.exe Infected: Trojan-PSW.Win32.Delf.vz skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.lo g Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MA P Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MA P Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DAT A Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.
Add Post to del.icio.usBookmark Post in TechnoratiMeneame
Responder Con Cita
  post #22 (permalink)  
Antiguo 14/07/07, 21:54:16
Avatar de "El Dutche"
Usuario Habitual
  
Registrado: dic 2006
Ubicación: Buenos Aires, Argentina
Mensajes: 1.496
Re: Infostealer!
Haz esto:

1) Activa Ver Archivos Ocultos.

2) Elimina manualmente a esta entradas:

C:\Documents and Settings\All Users\Datos de programa\UploadBendBuildCreative\Bias Send.exe
C:\Documents and Settings\All Users\Datos de programa\UploadBendBuildCreative\fivepile.exe
C:\Documents and Settings\All Users\Datos de programa\UploadBendBuildCreative\jump poke.exe
C:\Documents and Settings\jazmin\Configuración local\Temp\bis29F.exe
C:\Documents and Settings\jazmin\Configuración local\Temp\bis2FE.exe
C:\Documents and Settings\jazmin\Configuración local\Temp\bis379.exe
C:\Documents and Settings\jazmin\Datos de programa\FREEDATASUPPORT\ascncspe.exe
C:\Documents and Settings\jazmin\Datos de programa\FREEDATASUPPORT\gubuyscx.exe
C:\Documents and Settings\jazmin\Datos de programa\FREEDATASUPPORT\guxfqjhy.exe
C:\Documents and Settings\jazmin\Datos de programa\FREEDATASUPPORT\magscurbonceokay.exe
C:\Documents and Settings\jazmin\Datos de programa\FREEDATASUPPORT\Multi Amen Bits.exe
C:\System Volume Information\_restore{2C8FB85A-6A11-4238-930A-52A0783FFDA8}\RP1\A0000045.exe
C:\WINDOWS\2481812.exe

Si no se dejan eliminar utiliza para hacerlo al FileASSASSIN y si no se dejan eliminar con el FileASSASSIN, eliminalos con el KillBox.

3) Desactiva Ver Archivos Ocultos.

4) Haz de nuevo un escaneo con el Kaspersky y pégame el reporte aquí una vez más.
私はHijackThisの専門家でありたいと思う
Última edición por "El Dutche" fecha: 14/07/07 a las 21:58:45.
Add Post to del.icio.usBookmark Post in TechnoratiMeneame
Responder Con Cita
  post #23 (permalink)  
Antiguo 15/07/07, 02:36:30
Usuario
  
Registrado: jul 2007
Ubicación: argentina
Mensajes: 22
C:\System Volume Information\_restore{2C8FB85A-6A11-4238-930A-52A0783FFDA8}\RP1\A0000045.exe
este no puedo porq cuando quiero abrir la carpeta de system vol information me dive q no se puede abrir x acceso denegado...como hago?

sorry no dije nada, me tare, jaja, ya lo elimine usando el fileassassine

bueno aca va el nuevo reporte
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Sunday, July 15, 2007 9:42:08 AM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.93.0
Kaspersky Anti-Virus database last update: 15/07/2007
Kaspersky Anti-Virus database records: 362420
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\

Scan Statistics:
Total number of scanned objects: 82843
Number of viruses found: 3
Number of infected objects: 13
Number of suspicious objects: 0
Duration of the scan process: 01:21:52

Infected Object Name / Virus Name / Last Action
C:\Archivos de programa\Kodak\Kodak EasyShare software\bin\Catalog\EasyShare.me Object is locked skipped
C:\Archivos de programa\Kodak\Kodak EasyShare software\bin\Catalog\EasyShare.mm Object is locked skipped
C:\Documents and Settings\All Users\Datos de programa\Symantec\Common Client\settings.dat Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Archivos temporales de Internet\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Datos de programa\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Datos de programa\Microsoft\Messenger\jacis84@hotmail.com\S haringMetadata\Logs\Dfsr00005.log Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Datos de programa\Microsoft\Messenger\jacis84@hotmail.com\S haringMetadata\pending.dat Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Datos de programa\Microsoft\Messenger\jacis84@hotmail.com\S haringMetadata\Working\database_FAA0_12D5_A012_986 9\dfsr.db Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Datos de programa\Microsoft\Messenger\jacis84@hotmail.com\S haringMetadata\Working\database_FAA0_12D5_A012_986 9\fsr.log Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Datos de programa\Microsoft\Messenger\jacis84@hotmail.com\S haringMetadata\Working\database_FAA0_12D5_A012_986 9\fsrtmp.log Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Datos de programa\Microsoft\Messenger\jacis84@hotmail.com\S haringMetadata\Working\database_FAA0_12D5_A012_986 9\tmp.edb Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Datos de programa\Microsoft\Windows Live Contacts\jacis84@hotmail.com\real\members.stg Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Datos de programa\Microsoft\Windows Live Contacts\jacis84@hotmail.com\shadow\members.stg Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Historial\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Historial\History.IE5\MSHist0120070715200707 16\index.dat Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Temp\Cliprex_WhenUSave_InstallerInst.exe Infected: not-a-virus:AdTool.Win32.WhenU.a skipped
C:\Documents and Settings\jazmin\Configuración local\Temp\me_53MSdLnkBYgJCFu Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Temp\me_cjkSdLmHTLusnYY Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Temp\me_hnxse467ZriLa8d Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Temp\me_KleBjjI5ODpdE3w Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Temp\me_Qzg5v63RXntPd7C Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Temp\Perflib_Perfdata_600.dat Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Temp\Perflib_Perfdata_bc.dat Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Temp\~DF9924.tmp Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Temp\~DF9930.tmp Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Temp\~DFA306.tmp Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Temp\~DFA312.tmp Object is locked skipped
C:\Documents and Settings\jazmin\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\call256.dbb Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\callmember25 6.dbb Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\chat1024.dbb Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\chat256.dbb Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\chat512.dbb Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\chatmember25 6.dbb Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\chatmsg1024. dbb Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\chatmsg256.d bb Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\chatmsg512.d bb Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\chatsync\39\ 397f027a23b19f2d.dat Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\chatsync\c4\ c4e7ccb421dd684f.dat Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\contactgroup 256.dbb Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\dyncontent\b undle.dat Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\index2.dat Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\profile4096. dbb Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\transfer256. dbb Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\transfer512. dbb Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\user1024.dbb Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\user16384.db b Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\user4096.dbb Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\voicemail256 .dbb Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\SUPERAntiSpyware.com\SUPERAntiSpyware\SUP ERANTISPYWARE.LOG Object is locked skipped
C:\Documents and Settings\jazmin\ntuser.dat Object is locked skipped
C:\Documents and Settings\jazmin\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Historial\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\RECYCLER\S-1-5-21-796845957-1547161642-682003330-1003\Dc31.exe Infected: Trojan.Win32.Obfuscated.en skipped
C:\RECYCLER\S-1-5-21-796845957-1547161642-682003330-1003\Dc32.exe Infected: Trojan.Win32.Obfuscated.en skipped
C:\RECYCLER\S-1-5-21-796845957-1547161642-682003330-1003\Dc33.exe Infected: Trojan.Win32.Obfuscated.en skipped
C:\RECYCLER\S-1-5-21-796845957-1547161642-682003330-1003\Dc34.exe Infected: Trojan.Win32.Obfuscated.en skipped
C:\RECYCLER\S-1-5-21-796845957-1547161642-682003330-1003\Dc35.exe Infected: Trojan.Win32.Obfuscated.en skipped
C:\RECYCLER\S-1-5-21-796845957-1547161642-682003330-1003\Dc36.exe Infected: Trojan.Win32.Obfuscated.en skipped
C:\RECYCLER\S-1-5-21-796845957-1547161642-682003330-1003\Dc37.exe Infected: Trojan.Win32.Obfuscated.en skipped
C:\RECYCLER\S-1-5-21-796845957-1547161642-682003330-1003\Dc38.exe Infected: Trojan.Win32.Obfuscated.en skipped
C:\RECYCLER\S-1-5-21-796845957-1547161642-682003330-1003\Dc39.exe Infected: Trojan.Win32.Obfuscated.en skipped
C:\RECYCLER\S-1-5-21-796845957-1547161642-682003330-1003\Dc40.exe Infected: Trojan.Win32.Obfuscated.en skipped
C:\RECYCLER\S-1-5-21-796845957-1547161642-682003330-1003\Dc41.exe Infected: Trojan.Win32.Obfuscated.en skipped
C:\RECYCLER\S-1-5-21-796845957-1547161642-682003330-1003\Dc42.exe Infected: Trojan-PSW.Win32.Delf.vz skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{2C8FB85A-6A11-4238-930A-52A0783FFDA8}\RP1\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.lo g Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MA P Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MA P Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DAT A Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.
Última edición por AntonioG fecha: 16/07/07 a las 20:54:28.
Add Post to del.icio.usBookmark Post in TechnoratiMeneame
Responder Con Cita
  post #24 (permalink)  
Antiguo 15/07/07, 10:20:19
Avatar de "El Dutche"
Usuario Habitual
  
Registrado: dic 2006
Ubicación: Buenos Aires, Argentina
Mensajes: 1.496
Re: Infostealer!
Hola !

Hacé esto:

1) Vacia tu papelera de reciclaje.

2) Descarga y hace un escaneo a tu pc con estas 2 herramientas:

- Disk Cleaner
- CCleaner, y usa la opción "Registro", para limpiar toda basura q haya en el registro de Windows (antes, realiza una copia de seguridad).

3) De nuevo, hace un escaneo con el Kaspersky y pégame el nuevo reporte aquí.
私はHijackThisの専門家でありたいと思う
Última edición por "El Dutche" fecha: 15/07/07 a las 10:22:51.
Add Post to del.icio.usBookmark Post in TechnoratiMeneame
Responder Con Cita
  post #25 (permalink)  
Antiguo 15/07/07, 10:37:45
Usuario
  
Registrado: jul 2007
Ubicación: argentina
Mensajes: 22
Re: Infostealer!
ok, preg, como hago una copia de seguridad?
Add Post to del.icio.usBookmark Post in TechnoratiMeneame
Responder Con Cita
  post #26 (permalink)  
Antiguo 15/07/07, 12:25:32
Avatar de "El Dutche"
Usuario Habitual
  
Registrado: dic 2006
Ubicación: Buenos Aires, Argentina
Mensajes: 1.496
Re: Infostealer!
Te dejo aquí el MANUAL.
私はHijackThisの専門家でありたいと思う
Add Post to del.icio.usBookmark Post in TechnoratiMeneame
Responder Con Cita
  post #27 (permalink)  
Antiguo 15/07/07, 14:12:42
Usuario
  
Registrado: jul 2007
Ubicación: argentina
Mensajes: 22
Re: Infostealer!
ultimo reporte..
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Sunday, July 15, 2007 2:56:01 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.93.0
Kaspersky Anti-Virus database last update: 15/07/2007
Kaspersky Anti-Virus database records: 362546
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\

Scan Statistics:
Total number of scanned objects: 57004
Number of viruses found: 2
Number of infected objects: 9
Number of suspicious objects: 0
Duration of the scan process: 01:14:46

Infected Object Name / Virus Name / Last Action
C:\Archivos de programa\Kodak\Kodak EasyShare software\bin\Catalog\EasyShare.me Object is locked skipped
C:\Archivos de programa\Kodak\Kodak EasyShare software\bin\Catalog\EasyShare.mm Object is locked skipped
C:\Documents and Settings\All Users\Datos de programa\Symantec\Common Client\settings.dat Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Archivos temporales de Internet\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Datos de programa\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Datos de programa\Microsoft\Messenger\jacis84@hotmail.com\S haringMetadata\Logs\Dfsr00005.log Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Datos de programa\Microsoft\Messenger\jacis84@hotmail.com\S haringMetadata\pending.dat Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Datos de programa\Microsoft\Messenger\jacis84@hotmail.com\S haringMetadata\Working\database_FAA0_12D5_A012_986 9\dfsr.db Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Datos de programa\Microsoft\Messenger\jacis84@hotmail.com\S haringMetadata\Working\database_FAA0_12D5_A012_986 9\fsr.log Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Datos de programa\Microsoft\Messenger\jacis84@hotmail.com\S haringMetadata\Working\database_FAA0_12D5_A012_986 9\fsrtmp.log Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Datos de programa\Microsoft\Messenger\jacis84@hotmail.com\S haringMetadata\Working\database_FAA0_12D5_A012_986 9\tmp.edb Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Datos de programa\Microsoft\Windows Live Contacts\jacis84@hotmail.com\real\members.stg Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Datos de programa\Microsoft\Windows Live Contacts\jacis84@hotmail.com\shadow\members.stg Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Historial\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Historial\History.IE5\MSHist0120070715200707 16\index.dat Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Temp\me_53MSdLnkBYgJCFu Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Temp\me_cjkSdLmHTLusnYY Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Temp\me_hnxse467ZriLa8d Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Temp\me_KleBjjI5ODpdE3w Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Temp\me_Qzg5v63RXntPd7C Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Temp\Perflib_Perfdata_600.dat Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Temp\Perflib_Perfdata_bc.dat Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Temp\~DF178.tmp Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Temp\~DF183.tmp Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Temp\~DFB48.tmp Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Temp\~DFB64.tmp Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Temp\~DFD4FB.tmp Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Temp\~DFFF88.tmp Object is locked skipped
C:\Documents and Settings\jazmin\Configuración local\Temp\~DFFFA3.tmp Object is locked skipped
C:\Documents and Settings\jazmin\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\call256.dbb Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\callmember25 6.dbb Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\chat1024.dbb Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\chat256.dbb Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\chat512.dbb Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\chatmember25 6.dbb Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\chatmsg1024. dbb Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\chatmsg256.d bb Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\chatmsg512.d bb Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\chatsync\39\ 397f027a23b19f2d.dat Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\chatsync\b7\ b758c4296dc99098.dat Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\contactgroup 256.dbb Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\dyncontent\b undle.dat Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\index2.dat Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\profile4096. dbb Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\transfer256. dbb Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\transfer512. dbb Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\user1024.dbb Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\user16384.db b Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\user4096.dbb Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\Skype\maria.jazmin.tarruella\voicemail256 .dbb Object is locked skipped
C:\Documents and Settings\jazmin\Datos de programa\SUPERAntiSpyware.com\SUPERAntiSpyware\SUP ERANTISPYWARE.LOG Object is locked skipped
C:\Documents and Settings\jazmin\ntuser.dat Object is locked skipped
C:\Documents and Settings\jazmin\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Historial\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{2C8FB85A-6A11-4238-930A-52A0783FFDA8}\RP1\A0000056.exe Infected: Trojan.Win32.Obfuscated.en skipped
C:\System Volume Information\_restore{2C8FB85A-6A11-4238-930A-52A0783FFDA8}\RP1\A0000057.exe Infected: Trojan.Win32.Obfuscated.en skipped
C:\System Volume Information\_restore{2C8FB85A-6A11-4238-930A-52A0783FFDA8}\RP1\A0000058.exe Infected: Trojan.Win32.Obfuscated.en skipped
C:\System Volume Information\_restore{2C8FB85A-6A11-4238-930A-52A0783FFDA8}\RP1\A0000059.exe Infected: Trojan.Win32.Obfuscated.en skipped
C:\System Volume Information\_restore{2C8FB85A-6A11-4238-930A-52A0783FFDA8}\RP1\A0000060.exe Infected: Trojan.Win32.Obfuscated.en skipped
C:\System Volume Information\_restore{2C8FB85A-6A11-4238-930A-52A0783FFDA8}\RP1\A0000061.exe Infected: Trojan.Win32.Obfuscated.en skipped
C:\System Volume Information\_restore{2C8FB85A-6A11-4238-930A-52A0783FFDA8}\RP1\A0000062.exe Infected: Trojan.Win32.Obfuscated.en skipped
C:\System Volume Information\_restore{2C8FB85A-6A11-4238-930A-52A0783FFDA8}\RP1\A0000063.exe Infected: Trojan.Win32.Obfuscated.en skipped
C:\System Volume Information\_restore{2C8FB85A-6A11-4238-930A-52A0783FFDA8}\RP1\A0000064.exe Infected: Trojan-PSW.Win32.Delf.vz skipped
C:\System Volume Information\_restore{2C8FB85A-6A11-4238-930A-52A0783FFDA8}\RP2\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.lo g Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MA P Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MA P Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DAT A Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.
Add Post to del.icio.usBookmark Post in TechnoratiMeneame
Responder Con Cita
  post #28 (permalink)  
Antiguo 15/07/07, 15:22:04
Avatar de "El Dutche"
Usuario Habitual
  
Registrado: dic 2006
Ubicación: Buenos Aires, Argentina
Mensajes: 1.496
Re: Infostealer!
Bueno, hay q ser perseverante....

Hace esto ahora:

1) Apaga Restaurar Sistema y activa Ver Archivos Ocultos.

2) Elimina manualmente con el FileASSASSIN, o sino se dejan, con el KillBox a estos archivos:

C:\System Volume Information\_restore{2C8FB85A-6A11-4238-930A-52A0783FFDA8}\RP1\A0000056.exe
C:\System Volume Information\_restore{2C8FB85A-6A11-4238-930A-52A0783FFDA8}\RP1\A0000057.exe
C:\System Volume Information\_restore{2C8FB85A-6A11-4238-930A-52A0783FFDA8}\RP1\A0000058.exe
C:\System Volume Information\_restore{2C8FB85A-6A11-4238-930A-52A0783FFDA8}\RP1\A0000059.exe
C:\System Volume Information\_restore{2C8FB85A-6A11-4238-930A-52A0783FFDA8}\RP1\A0000060.exe
C:\System Volume Information\_restore{2C8FB85A-6A11-4238-930A-52A0783FFDA8}\RP1\A0000061.exe
C:\System Volume Information\_restore{2C8FB85A-6A11-4238-930A-52A0783FFDA8}\RP1\A0000062.exe
C:\System Volume Information\_restore{2C8FB85A-6A11-4238-930A-52A0783FFDA8}\RP1\A0000063.exe
C:\System Volume Information\_restore{2C8FB85A-6A11-4238-930A-52A0783FFDA8}\RP1\A0000064.exe

3) Pasa de nuevo de la misma manera q te dije antes, primero al Disk Cleaner, y luego al CCleaner usando la opción "Registro" y pasalos a ambos hasta q no encuentren más nada.

4) Deshace todo el paso paso 1.

5) Pégame aquí otra vez un nuevo reporte del Kaspersky.
私はHijackThisの専門家でありたいと思う
Última edición por "El Dutche" fecha: 15/07/07 a las 22:46:55.
Add Post to del.icio.usBookmark Post in TechnoratiMeneame
Responder Con Cita
  post #29 (permalink)  
Antiguo 15/07/07, 15:59:30
Usuario
  
Registrado: jul 2007
Ubicación: argentina
Mensajes: 22
Re: Infostealer!
persevero...ayer tenia 5000 objects infectados y 5 virus...ahora 2 virus y 9 objects jaja
pero mmm hay un problem...en el C no esta mas la carpeta de system vol information! aparecen solo las sig:
396283a0e802212c0cbb
Documents and Settings
My Downloads
Archivos de programa
KPCMS
Windows
Lo busque con el buscador de windows pero me dice q no se encontraron archivos o carpetas con ese nombre
Add Post to del.icio.usBookmark Post in TechnoratiMeneame
Responder Con Cita
  post #30 (permalink)  
Antiguo 15/07/07, 16:05:02
Avatar de thecat_re
Warrior
  
Registrado: ene 2007
Ubicación: Ciudad Bolivar, venezuela
Mensajes: 2.926
Re: Infostealer!
Hola jacis84

No la vas a encontrar ya que es una carpeta oculta y protejida por el sistema donde se guardan las restauraciones de windows.

Por ello, para eliminar dicha infeccion ubicada en esa carpeta, solo basta con apagar Restaurar Sistema (ya indicado) Reinicias tu Pc, y Prendes Nuevamente Restaurar Sistema

Saludos, envia un Nuevo scan Para Verificar
Toda nuestra ayuda es Gratuita, pero nunca estaria demas agradecer colaborando con una pequeña DONACIÓN

Novedades del Foro | Antivirus Online | Eliminar Malwares | Políticas del Foro | Blog

* Ayúdanos haciendo una DONACIÓN para poder seguir Ayudando.
* Para evitar Virus y Spywares al navegar por internet, USE FIREFOX !!
* No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.
Add Post to del.icio.usBookmark Post in TechnoratiMeneame
Responder Con Cita
Respuesta
Página 3 de 4 < 12 3 4 >

« Tema Anterior | Próximo Tema »
Herramientas

Reglas del foro
No puedes crear nuevos temas
No puedes responder temas
No puedes subir adjuntos
No puedes editar tus mensajes
BB code is activado
Las caritas están activado
Código [IMG] está activado
Código HTML está desactivado
Trackbacks are desactivado
Pingbacks are desactivado
Refbacks are desactivado
Ir a

Temas Similares
Tema Autor Foro Respuestas Último mensaje
Volvio el problema de un tema solucionado (Solucionado) ijpolivo Temas Solucionados 5 14/09/06 21:22:28
Quien me ayuda? esta solucionado esto??? (Solucionado) raychel Temas Solucionados 3 08/08/06 20:03:56
Solucionado problema con el dialer italiano (Solucionado) carlis8913 Temas Solucionados 3 02/08/06 17:54:29
mails masivos y icono de disco rigido cambiado - (Solucionado) Layne Temas Solucionados 2 24/07/06 22:34:04
vroomsearch, creo que solucionado (solucionado) Edgardo Temas Solucionados 4 23/02/05 19:46:18




Todas las horas son GMT -4. La hora es 04:06:34.

Contáctanos - Políticas del Foro - InfoSpyware - Archivo - Blog  

Powered by: vBulletin, Versión 3.7.2
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
© Copyright 2005 - 2008 InfoSpyware ® Todos los derechos reservados.
InfoSpyware es miembro de ASAP - Alliance of Security Analysis Professionals

 

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134