 |
| |||||||
 InfoSpyware sortea una T-Shirts |
| Participa en el sorteo por una
"Camiseta Oficial de InfoSpyware" gracias al amigo
Enjuto Mojamuto |
| Foro de Virus y Spywares Ayuda con: Malwares - Virus - Spywares - Troyanos - Adwares - Worms - Hijackers - Dialers - Rootkits - Keylogger - etc.) Plantéanos tu problema en este sector. No ponga su log de HijackThis aquí !! |
 |
| | Herramientas |
 | 
27/01/08, 10:32:48
|  |
| |||
| GTGina.dll Reporte de Kaspersky y Problemas con Ewido Scanner Online Estimados, He vuelto a vuestro foro en busca de una solucion para mi GTGina.dll que parece ser quien no me permite administrar el modo de inicio de mis usuarios. Encontre la solucion propuesta en GTGina.dll,svmhost.exe , (solucionado) [Archivo] - Foro de Spywarey la segui al pie de la letra, dentro de mis limitaciones  , hasta llegar al siguiente punto:Al ejecutar hijackthis nunca encontre ni pude Fixear estas entradas: O4 - HKLM\..\RunServices: [Microsoft Windows Update] svmhost.exe O4 - HKCU\..\RunServices: [Window Monitor] winmon32.exe Tampoco pude hacerlo con KillBox Otro problema fue cuando quise correr los antivirus online en el mismo orden sugerido. El Ewido Anti Spyware me colgo el iExplorer cada vez que lo corri, con el Kaspersky, no tuve problemas solo las 2.40 hs que me llevo correrlo. Nota: Demas esta decir que el GTGina.dll sigue alli tan tranquilo como siempre y yo sin poder modificar el arranque de mis usuarios.  Aqui les dejo mi reporte de Kaspersky: ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Sunday, January 27, 2008 11:55:56 AM Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.98.0 Kaspersky Anti-Virus database last update: 27/01/2008 Kaspersky Anti-Virus database records: 533858 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: extended Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: A:\ C:\ D:\ E:\ F:\ G:\ H:\ Scan Statistics: Total number of scanned objects: 194208 Number of viruses found: 16 Number of infected objects: 62 Number of suspicious objects: 0 Duration of the scan process: 02:40:46 Infected Object Name / Virus Name / Last Action C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\8hw8rjv2.default\cer t8.db Object is locked skipped C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\8hw8rjv2.default\Goo gleToolbarData\googlesafebrowsing.db Object is locked skipped C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\8hw8rjv2.default\his tory.dat Object is locked skipped C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\8hw8rjv2.default\key 3.db Object is locked skipped C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\8hw8rjv2.default\par ent.lock Object is locked skipped C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\8hw8rjv2.default\sea rch.sqlite Object is locked skipped C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\8hw8rjv2.default\url classifier2.sqlite Object is locked skipped C:\Documents and Settings\Administrator\Cookies\index.dat Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\8hw8rjv2.default\Cac he\_CACHE_001_ Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\8hw8rjv2.default\Cac he\_CACHE_002_ Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\8hw8rjv2.default\Cac he\_CACHE_003_ Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\8hw8rjv2.default\Cac he\_CACHE_MAP_ Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\History\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\History\History.IE5\MSHist012008012720080 128\index.dat Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Temp\s208/stream/data0004 Infected: not-a-virus:AdWare.Win32.BHO.lr skipped C:\Documents and Settings\Administrator\Local Settings\Temp\s208/stream Infected: not-a-virus:AdWare.Win32.BHO.lr skipped C:\Documents and Settings\Administrator\Local Settings\Temp\s208 NSIS: infected - 2 skipped C:\Documents and Settings\Administrator\Local Settings\Temp\sjg/stream/data0004 Infected: not-a-virus:AdWare.Win32.NewWeb.ay skipped C:\Documents and Settings\Administrator\Local Settings\Temp\sjg/stream Infected: not-a-virus:AdWare.Win32.NewWeb.ay skipped C:\Documents and Settings\Administrator\Local Settings\Temp\sjg NSIS: infected - 2 skipped C:\Documents and Settings\Administrator\Local Settings\Temp\~DFB194.tmp Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\Administrator\NTUSER.DAT Object is locked skipped C:\Documents and Settings\Administrator\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp Object is locked skipped C:\Documents and Settings\All Users.WINDOWS\Application Data\Grisoft\Avg7Data\avg7log.log Object is locked skipped C:\Documents and Settings\All Users.WINDOWS\Application Data\Grisoft\Avg7Data\avg7log.log.lck Object is locked skipped C:\Documents and Settings\Gustavo\Desktop\Downloads\377.exe/WISE0014.BIN Infected: not-a-virus:AdTool.Win32.WhenU.a skipped C:\Documents and Settings\Gustavo\Desktop\Downloads\377.exe/WISE0015.BIN Infected: not-a-virus:AdWare.Win32.NewDotNet skipped C:\Documents and Settings\Gustavo\Desktop\Downloads\377.exe WiseSFX: infected - 2 skipped C:\Documents and Settings\Gustavo\Desktop\Downloads\377.exe WiseSFXDropper: infected - 2 skipped C:\Documents and Settings\Gustavo\Desktop\Downloads\53.exe/WISE0014.BIN Infected: not-a-virus:AdTool.Win32.WhenU.a skipped C:\Documents and Settings\Gustavo\Desktop\Downloads\53.exe/WISE0015.BIN Infected: not-a-virus:AdWare.Win32.NewDotNet skipped C:\Documents and Settings\Gustavo\Desktop\Downloads\53.exe WiseSFX: infected - 2 skipped C:\Documents and Settings\Gustavo\Desktop\Downloads\53.exe WiseSFXDropper: infected - 2 skipped C:\Documents and Settings\Gustavo\Desktop\Downloads\Iconos MSN\setup.exe/data0001 Infected: Trojan-Downloader.Win32.IstBar.lu skipped C:\Documents and Settings\Gustavo\Desktop\Downloads\Iconos MSN\setup.exe/data0003 Infected: Trojan-Downloader.Win32.IstBar.nn skipped C:\Documents and Settings\Gustavo\Desktop\Downloads\Iconos MSN\setup.exe NSIS: infected - 2 skipped C:\Documents and Settings\Gustavo\Desktop\Downloads\WATCH_FREE_PORN .exe/data0001 Infected: Trojan-Downloader.Win32.IstBar.ja skipped C:\Documents and Settings\Gustavo\Desktop\Downloads\WATCH_FREE_PORN .exe NSIS: infected - 1 skipped C:\Documents and Settings\LocalService.NT AUTHORITY\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\History\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService.NT AUTHORITY\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService.NT AUTHORITY\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService.NT AUTHORITY\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService.NT AUTHORITY\ntuser.dat.LOG Object is locked skipped C:\Program Files\Screensavers.com\Installer\bin\ScreensaversI nst.dll Infected: not-a-virus:AdWare.Win32.Comet.c skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped C:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP2\change.log Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\EventCache\{5A560F E3-C413-44D7-85F4-836F38F54426}.bin Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.lo g Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\default Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\Internet.evt Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\software Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\system Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MA P Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MA P Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DAT A Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped C:\WINDOWS\{00000005-00000000-00000003-00001102-00000004-20061102}.CDF Object is locked skipped G:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped G:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP2\change.log Object is locked skipped H:\BKP Outlook\BKP Outlook Express 24 Ene 06\Compras Internet.dbx/[From eBay <identdep_op8781@ebay.com>][Date Fri, 16 Dec 2005 22:09:33 +0500]/html Infected: Trojan-Spy.HTML.Bayfraud.hn skipped H:\BKP Outlook\BKP Outlook Express 24 Ene 06\Compras Internet.dbx Mail MS Outlook 5: infected - 1 skipped H:\BKP Outlook\BKP Outlook Express 5 Abr 06\Compras Internet.dbx/[From eBay <identdep_op8781@ebay.com>][Date Fri, 16 Dec 2005 22:09:33 +0500]/html Infected: Trojan-Spy.HTML.Bayfraud.hn skipped H:\BKP Outlook\BKP Outlook Express 5 Abr 06\Compras Internet.dbx Mail MS Outlook 5: infected - 1 skipped H:\BKP Outlook\BKP Outlook Express Post Perdida 7 Nov 05\Compras Internet.dbx/[From eBay Inc <support_refnum_5814599265@ebay.com>][Date Thu, 27 Oct 2005 22:02:00 -0400]/UNNAMED/html Infected: Trojan-Spy.HTML.Bayfraud.hn skipped H:\BKP Outlook\BKP Outlook Express Post Perdida 7 Nov 05\Compras Internet.dbx/[From eBay Inc <support_refnum_5814599265@ebay.com>][Date Thu, 27 Oct 2005 22:02:00 -0400]/UNNAMED Infected: Trojan-Spy.HTML.Bayfraud.hn skipped H:\BKP Outlook\BKP Outlook Express Post Perdida 7 Nov 05\Compras Internet.dbx Mail MS Outlook 5: infected - 2 skipped H:\BKP Outlook\BKP Outlook Express Post Perdida 7 Nov 05\Elementos eliminados.dbx/[From webmaster@meyerdirect.com.ar][Date Fri, 02 Dec 2005 13:16:54 GMT]/UNNAMED/reg_pass.zip/File-packed_dataInfo.exe Infected: Email-Worm.Win32.Sober.y skipped H:\BKP Outlook\BKP Outlook Express Post Perdida 7 Nov 05\Elementos eliminados.dbx/[From webmaster@meyerdirect.com.ar][Date Fri, 02 Dec 2005 13:16:54 GMT]/UNNAMED/reg_pass.zip Infected: Email-Worm.Win32.Sober.y skipped H:\BKP Outlook\BKP Outlook Express Post Perdida 7 Nov 05\Elementos eliminados.dbx/[From webmaster@meyerdirect.com.ar][Date Fri, 02 Dec 2005 13:16:54 GMT]/UNNAMED Infected: Email-Worm.Win32.Sober.y skipped H:\BKP Outlook\BKP Outlook Express Post Perdida 7 Nov 05\Elementos eliminados.dbx Mail MS Outlook 5: infected - 3 skipped H:\BKP Salvar LL\A Lopez\SpyFighterSetup.exe/data.rar/SpyFighter.msi/_92C4297F51B0F9D7BD66C268A8616FBE/_1A7D6E263FD4DD16C28FEB2421E3BD58 Infected: not-a-virus:FraudTool.Win32.UltimateDefender.e skipped H:\BKP Salvar LL\A Lopez\SpyFighterSetup.exe/data.rar/SpyFighter.msi/_92C4297F51B0F9D7BD66C268A8616FBE/_1F7B51334E3E2F6262F5DAD82EDE4B54 Infected: not-a-virus:FraudTool.Win32.UltimateDefender.e skipped H:\BKP Salvar LL\A Lopez\SpyFighterSetup.exe/data.rar/SpyFighter.msi/_92C4297F51B0F9D7BD66C268A8616FBE/_266538DEEAEC09C30F44C4CC3E0F22FC Infected: not-a-virus:FraudTool.Win32.UltimateDefender.e skipped H:\BKP Salvar LL\A Lopez\SpyFighterSetup.exe/data.rar/SpyFighter.msi/_92C4297F51B0F9D7BD66C268A8616FBE/_391E4B928945F47CB1194D801021E8FB Infected: not-a-virus:FraudTool.Win32.UltimateDefender.e skipped H:\BKP Salvar LL\A Lopez\SpyFighterSetup.exe/data.rar/SpyFighter.msi/_92C4297F51B0F9D7BD66C268A8616FBE/_42ADA5013DE567E19BEBF3B6A3480AEA Infected: not-a-virus:FraudTool.Win32.UltimateDefender.e skipped H:\BKP Salvar LL\A Lopez\SpyFighterSetup.exe/data.rar/SpyFighter.msi/_92C4297F51B0F9D7BD66C268A8616FBE/_7BB171F3005A978F8588CFD2CFB773D1 Infected: not-a-virus:FraudTool.Win32.UltimateDefender.e skipped H:\BKP Salvar LL\A Lopez\SpyFighterSetup.exe/data.rar/SpyFighter.msi/_92C4297F51B0F9D7BD66C268A8616FBE/_A3F105724AA6F67DB0E27B786E501AEE Infected: not-a-virus:FraudTool.Win32.UltimateDefender.e skipped H:\BKP Salvar LL\A Lopez\SpyFighterSetup.exe/data.rar/SpyFighter.msi/_92C4297F51B0F9D7BD66C268A8616FBE/_A64905E43F05E6F66E4435BD43ADB7E6 Infected: not-a-virus:FraudTool.Win32.UltimateDefender.e skipped H:\BKP Salvar LL\A Lopez\SpyFighterSetup.exe/data.rar/SpyFighter.msi/_92C4297F51B0F9D7BD66C268A8616FBE/_CEA87F054B53EC6BD9B695AE4A51F0B8 Infected: not-a-virus:FraudTool.Win32.UltimateDefender.e skipped H:\BKP Salvar LL\A Lopez\SpyFighterSetup.exe/data.rar/SpyFighter.msi/_92C4297F51B0F9D7BD66C268A8616FBE/_F0F3F603CC4D8DB4A1288AF43F6720AA Infected: not-a-virus:FraudTool.Win32.UltimateDefender.e skipped H:\BKP Salvar LL\A Lopez\SpyFighterSetup.exe/data.rar/SpyFighter.msi/_92C4297F51B0F9D7BD66C268A8616FBE Infected: not-a-virus:FraudTool.Win32.UltimateDefender.e skipped H:\BKP Salvar LL\A Lopez\SpyFighterSetup.exe/data.rar/SpyFighter.msi Infected: not-a-virus:FraudTool.Win32.UltimateDefender.e skipped H:\BKP Salvar LL\A Lopez\SpyFighterSetup.exe/data.rar Infected: not-a-virus:FraudTool.Win32.UltimateDefender.e skipped H:\BKP Salvar LL\A Lopez\SpyFighterSetup.exe RarSFX: infected - 13 skipped H:\BKP Salvar LL\Z Bruni\LIC. OSCAR BRUNI\babylon32.exe/cd_install_247.exe/cd_clint.dll Infected: not-a-virus:AdWare.Win32.Cydoor skipped H:\BKP Salvar LL\Z Bruni\LIC. OSCAR BRUNI\babylon32.exe/cd_install_247.exe/cd_htm.dll Infected: not-a-virus:AdWare.Win32.Cydoor.c skipped H:\BKP Salvar LL\Z Bruni\LIC. OSCAR BRUNI\babylon32.exe/cd_install_247.exe Infected: not-a-virus:AdWare.Win32.Cydoor.c skipped H:\BKP Salvar LL\Z Bruni\LIC. OSCAR BRUNI\babylon32.exe/SaveNowInst.exe/SaveNow.exe Infected: not-a-virus:AdWare.Win32.SaveNow.bf skipped H:\BKP Salvar LL\Z Bruni\LIC. OSCAR BRUNI\babylon32.exe/SaveNowInst.exe/Uninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.au skipped H:\BKP Salvar LL\Z Bruni\LIC. OSCAR BRUNI\babylon32.exe/SaveNowInst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.au skipped H:\BKP Salvar LL\Z Bruni\LIC. OSCAR BRUNI\babylon32.exe ZIP: infected - 6 skipped H:\BKP Salvar LL\Z Bruni\no usados\AGSetup0609.exe/fsg-ag.exe Infected: not-a-virus:AdWare.Win32.Gator.3102 skipped H:\BKP Salvar LL\Z Bruni\no usados\AGSetup0609.exe Vise: infected - 1 skipped H:\Descargas\extra extra miguel mateos.zip/setup.exe/data0001 Infected: Trojan-Downloader.Win32.IstBar.lu skipped H:\Descargas\extra extra miguel mateos.zip/setup.exe/data0003 Infected: Trojan-Downloader.Win32.IstBar.nn skipped H:\Descargas\extra extra miguel mateos.zip/setup.exe Infected: Trojan-Downloader.Win32.IstBar.nn skipped H:\Descargas\extra extra miguel mateos.zip ZIP: infected - 3 skipped H:\Descargas\iconos gestuales animados msn.zip/setup.exe/data0001 Infected: Trojan-Downloader.Win32.IstBar.lu skipped H:\Descargas\iconos gestuales animados msn.zip/setup.exe/data0003 Infected: Trojan-Downloader.Win32.IstBar.nn skipped H:\Descargas\iconos gestuales animados msn.zip/setup.exe Infected: Trojan-Downloader.Win32.IstBar.nn skipped H:\Descargas\iconos gestuales animados msn.zip ZIP: infected - 3 skipped H:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped H:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP2\change.log Object is locked skipped Scan process completed. Gracias por anticipado y quedo a la espera de vuestros comentarios. gus66      |
|
27/01/08, 12:56:58
| |
| ||||
| Re: GTGina.dll Reporte de Kaspersky y Problemas con Ewido Scanner Online Hola gus66, realiza lo siguiente:  Descargate OTMoveIt lo guardas en el Escritorio.> Haz un doble clic sobre OTMoveIt.exe para ejecutarlo. > Asegurate que este marcado "Unregister Dll's and Ocx's". > Copia el texto que se encuentra en el cuadrado más abajo, y pega el texto en el marco de izquierdo de OTMoveIt nombrado Paste List of Filas / Folders to be moved. Cita:
> Cuando el resultado aparece en el marco Results, haz clic enExit. > Reinicia el PC (Este paso es muy importante) Envía el informe (reporte) de OTMoveIt situado sobre C: \ _ OTMoveIt\MovedFiles.  Realiza una limpieza a tu pc con Ccleaner primero con la opción Limpiador para eliminar cookies y temporales, después con la opción Registro para hacer limpieza del registro de windows (recuerda hacer copia de seguridad). Realiza un scan con Superantispyware y elimina todo lo que detecte. Realiza un nuevo scan con kaspersky y pega el reporte que te genere.Nos comentas... Salu2!!  Novedades del Foro | Antivirus Online | Eliminar Malwares | Políticas del Foro | Blog * Ayúdanos haciendo una DONACIÓN para poder seguir Ayudando. * Para evitar Virus y Spywares al navegar por internet, USE FIREFOX !! * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro. |
|
28/01/08, 01:34:50
| |
| |||
| Re: GTGina.dll Reporte de Kaspersky y Problemas con Ewido Scanner Online Estimado Sveshnikov, Gracias por tu pronta respuesta. Te cuento que segui los pasos que me indicaste asi que aqui adjunto los reportes: OTMoveIt: C:\Documents and Settings\Administrator\Local Settings\Temp\s208 C:\Documents and Settings\Administrator\Local Settings\Temp\sjg C:\Documents and Settings\Gustavo\Desktop\Downloads\377.exe C:\Documents and Settings\Gustavo\Desktop\Downloads\53.exe C:\Documents and Settings\Gustavo\Desktop\Downloads\Iconos MSN\setup.exe C:\Documents and Settings\Gustavo\Desktop\Downloads\WATCH_FREE_PORN .exe C:\Program Files\Screensavers.com\Installer\bin\ScreensaversI nst.dll H:\BKP Salvar LL\A Lopez\SpyFighterSetup.exe H:\BKP Salvar LL\Z Bruni\LIC. OSCAR BRUNI\babylon32.exe H:\BKP Salvar LL\Z Bruni\no usados\AGSetup0609.exe H:\Descargas\extra extra miguel mateos.zip H:\Descargas\iconos gestuales animados msn.zip kaspersky : KASPERSKY ONLINE SCANNER REPORT Monday, January 28, 2008 1:12:39 AM Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.98.0 Kaspersky Anti-Virus database last update: 27/01/2008 Kaspersky Anti-Virus database records: 534257 Scan Settings Scan using the following antivirus database extended Scan Archives true Scan Mail Bases true Scan Target My Computer A:\ C:\ D:\ E:\ G:\ H:\ Scan Statistics Total number of scanned objects 194345 Number of viruses found 16 Number of infected objects 85 Number of suspicious objects 0 Duration of the scan process 02:18:15 Infected Object Name Virus Name Last Action C:\Documents and Settings\Administrator\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SUPERAN TISPYWARE.LOG Object is locked skipped C:\Documents and Settings\Administrator\Cookies\index.dat Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\History\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\History\History.IE5\MSHist012008012720080 128\index.dat Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Temp\~DF30F5.tmp Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\Administrator\NTUSER.DAT Object is locked skipped C:\Documents and Settings\Administrator\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp Object is locked skipped C:\Documents and Settings\All Users.WINDOWS\Application Data\Grisoft\Avg7Data\avg7log.log Object is locked skipped C:\Documents and Settings\All Users.WINDOWS\Application Data\Grisoft\Avg7Data\avg7log.log.lck Object is locked skipped C:\Documents and Settings\Gustavo\Desktop\Downloads\WATCH_FREE_PORN .exe/data0001 Infected: Trojan-Downloader.Win32.IstBar.ja skipped C:\Documents and Settings\Gustavo\Desktop\Downloads\WATCH_FREE_PORN .exe NSIS: infected - 1 skipped C:\Documents and Settings\LocalService.NT AUTHORITY\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\History\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService.NT AUTHORITY\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService.NT AUTHORITY\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService.NT AUTHORITY\Cookies\index.dat Object is locked skipped C:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\History\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\NetworkService.NT AUTHORITY\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService.NT AUTHORITY\ntuser.dat.LOG Object is locked skipped C:\Program Files\Screensavers.com\Installer\bin\ScreensaversI nst.dll Infected: not-a-virus:AdWare.Win32.Comet.c skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped C:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP2\A0000367.exe/data.rar/SpyFighter.msi/_92C4297F51B0F9D7BD66C268A8616FBE/_1A7D6E263FD4DD16C28FEB2421E3BD58 Infected: not-a-virus:FraudTool.Win32.UltimateDefender.e skipped C:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP2\A0000367.exe/data.rar/SpyFighter.msi/_92C4297F51B0F9D7BD66C268A8616FBE/_1F7B51334E3E2F6262F5DAD82EDE4B54 Infected: not-a-virus:FraudTool.Win32.UltimateDefender.e skipped C:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP2\A0000367.exe/data.rar/SpyFighter.msi/_92C4297F51B0F9D7BD66C268A8616FBE/_266538DEEAEC09C30F44C4CC3E0F22FC Infected: not-a-virus:FraudTool.Win32.UltimateDefender.e skipped C:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP2\A0000367.exe/data.rar/SpyFighter.msi/_92C4297F51B0F9D7BD66C268A8616FBE/_391E4B928945F47CB1194D801021E8FB Infected: not-a-virus:FraudTool.Win32.UltimateDefender.e skipped C:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP2\A0000367.exe/data.rar/SpyFighter.msi/_92C4297F51B0F9D7BD66C268A8616FBE/_42ADA5013DE567E19BEBF3B6A3480AEA Infected: not-a-virus:FraudTool.Win32.UltimateDefender.e skipped C:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP2\A0000367.exe/data.rar/SpyFighter.msi/_92C4297F51B0F9D7BD66C268A8616FBE/_7BB171F3005A978F8588CFD2CFB773D1 Infected: not-a-virus:FraudTool.Win32.UltimateDefender.e skipped C:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP2\A0000367.exe/data.rar/SpyFighter.msi/_92C4297F51B0F9D7BD66C268A8616FBE/_A3F105724AA6F67DB0E27B786E501AEE Infected: not-a-virus:FraudTool.Win32.UltimateDefender.e skipped C:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP2\A0000367.exe/data.rar/SpyFighter.msi/_92C4297F51B0F9D7BD66C268A8616FBE/_A64905E43F05E6F66E4435BD43ADB7E6 Infected: not-a-virus:FraudTool.Win32.UltimateDefender.e skipped C:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP2\A0000367.exe/data.rar/SpyFighter.msi/_92C4297F51B0F9D7BD66C268A8616FBE/_CEA87F054B53EC6BD9B695AE4A51F0B8 Infected: not-a-virus:FraudTool.Win32.UltimateDefender.e skipped C:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP2\A0000367.exe/data.rar/SpyFighter.msi/_92C4297F51B0F9D7BD66C268A8616FBE/_F0F3F603CC4D8DB4A1288AF43F6720AA Infected: not-a-virus:FraudTool.Win32.UltimateDefender.e skipped C:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP2\A0000367.exe/data.rar/SpyFighter.msi/_92C4297F51B0F9D7BD66C268A8616FBE Infected: not-a-virus:FraudTool.Win32.UltimateDefender.e skipped C:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP2\A0000367.exe/data.rar/SpyFighter.msi Infected: not-a-virus:FraudTool.Win32.UltimateDefender.e skipped C:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP2\A0000367.exe/data.rar Infected: not-a-virus:FraudTool.Win32.UltimateDefender.e skipped C:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP2\A0000367.exe RarSFX: infected - 13 skipped C:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP2\A0000368.exe/data0001 Infected: Trojan-Downloader.Win32.IstBar.lu skipped C:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP2\A0000368.exe/data0003 Infected: Trojan-Downloader.Win32.IstBar.nn skipped C:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP2\A0000368.exe NSIS: infected - 2 skipped C:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP2\change.log Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.lo g Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\default Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\Internet.evt Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\software Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\system Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MA P Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MA P Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DAT A Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped C:\WINDOWS\{00000005-00000000-00000003-00001102-00000004-20061102}.CDF Object is locked skipped C:\_OTMoveIt\MovedFiles\BKP Salvar LL\Z Bruni\LIC. OSCAR BRUNI\babylon32.exe/cd_install_247.exe/cd_clint.dll Infected: not-a-virus:AdWare.Win32.Cydoor skipped C:\_OTMoveIt\MovedFiles\BKP Salvar LL\Z Bruni\LIC. OSCAR BRUNI\babylon32.exe/cd_install_247.exe/cd_htm.dll Infected: not-a-virus:AdWare.Win32.Cydoor.c skipped C:\_OTMoveIt\MovedFiles\BKP Salvar LL\Z Bruni\LIC. OSCAR BRUNI\babylon32.exe/cd_install_247.exe Infected: not-a-virus:AdWare.Win32.Cydoor.c skipped C:\_OTMoveIt\MovedFiles\BKP Salvar LL\Z Bruni\LIC. OSCAR BRUNI\babylon32.exe/SaveNowInst.exe/SaveNow.exe Infected: not-a-virus:AdWare.Win32.SaveNow.bf skipped C:\_OTMoveIt\MovedFiles\BKP Salvar LL\Z Bruni\LIC. OSCAR BRUNI\babylon32.exe/SaveNowInst.exe/Uninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.au skipped C:\_OTMoveIt\MovedFiles\BKP Salvar LL\Z Bruni\LIC. OSCAR BRUNI\babylon32.exe/SaveNowInst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.au skipped C:\_OTMoveIt\MovedFiles\BKP Salvar LL\Z Bruni\LIC. OSCAR BRUNI\babylon32.exe ZIP: infected - 6 skipped C:\_OTMoveIt\MovedFiles\BKP Salvar LL\Z Bruni\no usados\AGSetup0609.exe/fsg-ag.exe Infected: not-a-virus:AdWare.Win32.Gator.3102 skipped C:\_OTMoveIt\MovedFiles\BKP Salvar LL\Z Bruni\no usados\AGSetup0609.exe Vise: infected - 1 skipped C:\_OTMoveIt\MovedFiles\Descargas\extra extra miguel mateos.zip/setup.exe/data0001 Infected: Trojan-Downloader.Win32.IstBar.lu skipped C:\_OTMoveIt\MovedFiles\Descargas\extra extra miguel mateos.zip/setup.exe/data0003 Infected: Trojan-Downloader.Win32.IstBar.nn skipped C:\_OTMoveIt\MovedFiles\Descargas\extra extra miguel mateos.zip/setup.exe Infected: Trojan-Downloader.Win32.IstBar.nn skipped C:\_OTMoveIt\MovedFiles\Descargas\extra extra miguel mateos.zip ZIP: infected - 3 skipped C:\_OTMoveIt\MovedFiles\Descargas\iconos gestuales animados msn.zip/setup.exe/data0001 Infected: Trojan-Downloader.Win32.IstBar.lu skipped C:\_OTMoveIt\MovedFiles\Descargas\iconos gestuales animados msn.zip/setup.exe/data0003 Infected: Trojan-Downloader.Win32.IstBar.nn skipped C:\_OTMoveIt\MovedFiles\Descargas\iconos gestuales animados msn.zip/setup.exe Infected: Trojan-Downloader.Win32.IstBar.nn skipped C:\_OTMoveIt\MovedFiles\Descargas\iconos gestuales animados msn.zip ZIP: infected - 3 skipped C:\_OTMoveIt\MovedFiles\Documents and Settings\Administrator\Local Settings\Temp\s208/stream/data0004 Infected: not-a-virus:AdWare.Win32.BHO.lr skipped C:\_OTMoveIt\MovedFiles\Documents and Settings\Administrator\Local Settings\Temp\s208/stream Infected: not-a-virus:AdWare.Win32.BHO.lr skipped C:\_OTMoveIt\MovedFiles\Documents and Settings\Administrator\Local Settings\Temp\s208 NSIS: infected - 2 skipped C:\_OTMoveIt\MovedFiles\Documents and Settings\Administrator\Local Settings\Temp\sjg/stream/data0004 Infected: not-a-virus:AdWare.Win32.NewWeb.ay skipped C:\_OTMoveIt\MovedFiles\Documents and Settings\Administrator\Local Settings\Temp\sjg/stream Infected: not-a-virus:AdWare.Win32.NewWeb.ay skipped C:\_OTMoveIt\MovedFiles\Documents and Settings\Administrator\Local Settings\Temp\sjg NSIS: infected - 2 skipped C:\_OTMoveIt\MovedFiles\Documents and Settings\Gustavo\Desktop\Downloads\377.exe/WISE0014.BIN Infected: not-a-virus:AdTool.Win32.WhenU.a skipped C:\_OTMoveIt\MovedFiles\Documents and Settings\Gustavo\Desktop\Downloads\377.exe/WISE0015.BIN Infected: not-a-virus:AdWare.Win32.NewDotNet skipped C:\_OTMoveIt\MovedFiles\Documents and Settings\Gustavo\Desktop\Downloads\377.exe WiseSFX: infected - 2 skipped C:\_OTMoveIt\MovedFiles\Documents and Settings\Gustavo\Desktop\Downloads\377.exe WiseSFXDropper: infected - 2 skipped C:\_OTMoveIt\MovedFiles\Documents and Settings\Gustavo\Desktop\Downloads\53.exe/WISE0014.BIN Infected: not-a-virus:AdTool.Win32.WhenU.a skipped C:\_OTMoveIt\MovedFiles\Documents and Settings\Gustavo\Desktop\Downloads\53.exe/WISE0015.BIN Infected: not-a-virus:AdWare.Win32.NewDotNet skipped C:\_OTMoveIt\MovedFiles\Documents and Settings\Gustavo\Desktop\Downloads\53.exe WiseSFX: infected - 2 skipped C:\_OTMoveIt\MovedFiles\Documents and Settings\Gustavo\Desktop\Downloads\53.exe WiseSFXDropper: infected - 2 skipped G:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped H:\BKP Outlook\BKP Outlook Express 24 Ene 06\Compras Internet.dbx/[From eBay ][Date Fri, 16 Dec 2005 22:09:33 +0500]/html Infected: Trojan-Spy.HTML.Bayfraud.hn skipped H:\BKP Outlook\BKP Outlook Express 24 Ene 06\Compras Internet.dbx Mail MS Outlook 5: infected - 1 skipped H:\BKP Outlook\BKP Outlook Express 5 Abr 06\Compras Internet.dbx/[From eBay ][Date Fri, 16 Dec 2005 22:09:33 +0500]/html Infected: Trojan-Spy.HTML.Bayfraud.hn skipped H:\BKP Outlook\BKP Outlook Express 5 Abr 06\Compras Internet.dbx Mail MS Outlook 5: infected - 1 skipped H:\BKP Outlook\BKP Outlook Express Post Perdida 7 Nov 05\Compras Internet.dbx/[From eBay Inc ][Date Thu, 27 Oct 2005 22:02:00 -0400]/UNNAMED/html Infected: Trojan-Spy.HTML.Bayfraud.hn skipped H:\BKP Outlook\BKP Outlook Express Post Perdida 7 Nov 05\Compras Internet.dbx/[From eBay Inc ][Date Thu, 27 Oct 2005 22:02:00 -0400]/UNNAMED Infected: Trojan-Spy.HTML.Bayfraud.hn skipped H:\BKP Outlook\BKP Outlook Express Post Perdida 7 Nov 05\Compras Internet.dbx Mail MS Outlook 5: infected - 2 skipped H:\BKP Outlook\BKP Outlook Express Post Perdida 7 Nov 05\Elementos eliminados.dbx/[From webmaster@meyerdirect.com.ar][Date Fri, 02 Dec 2005 13:16:54 GMT]/UNNAMED/reg_pass.zip/File-packed_dataInfo.exe Infected: Email-Worm.Win32.Sober.y skipped H:\BKP Outlook\BKP Outlook Express Post Perdida 7 Nov 05\Elementos eliminados.dbx/[From webmaster@meyerdirect.com.ar][Date Fri, 02 Dec 2005 13:16:54 GMT]/UNNAMED/reg_pass.zip Infected: Email-Worm.Win32.Sober.y skipped H:\BKP Outlook\BKP Outlook Express Post Perdida 7 Nov 05\Elementos eliminados.dbx/[From webmaster@meyerdirect.com.ar][Date Fri, 02 Dec 2005 13:16:54 GMT]/UNNAMED Infected: Email-Worm.Win32.Sober.y skipped H:\BKP Outlook\BKP Outlook Express Post Perdida 7 Nov 05\Elementos eliminados.dbx Mail MS Outlook 5: infected - 3 skipped H:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped H:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP1\A0000287.exe/data.rar/SpyFighter.msi/_92C4297F51B0F9D7BD66C268A8616FBE/_1A7D6E263FD4DD16C28FEB2421E3BD58 Infected: not-a-virus:FraudTool.Win32.UltimateDefender.e skipped H:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP1\A0000287.exe/data.rar/SpyFighter.msi/_92C4297F51B0F9D7BD66C268A8616FBE/_1F7B51334E3E2F6262F5DAD82EDE4B54 Infected: not-a-virus:FraudTool.Win32.UltimateDefender.e skipped H:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP1\A0000287.exe/data.rar/SpyFighter.msi/_92C4297F51B0F9D7BD66C268A8616FBE/_266538DEEAEC09C30F44C4CC3E0F22FC Infected: not-a-virus:FraudTool.Win32.UltimateDefender.e skipped H:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP1\A0000287.exe/data.rar/SpyFighter.msi/_92C4297F51B0F9D7BD66C268A8616FBE/_391E4B928945F47CB1194D801021E8FB Infected: not-a-virus:FraudTool.Win32.UltimateDefender.e skipped H:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP1\A0000287.exe/data.rar/SpyFighter.msi/_92C4297F51B0F9D7BD66C268A8616FBE/_42ADA5013DE567E19BEBF3B6A3480AEA Infected: not-a-virus:FraudTool.Win32.UltimateDefender.e skipped H:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP1\A0000287.exe/data.rar/SpyFighter.msi/_92C4297F51B0F9D7BD66C268A8616FBE/_7BB171F3005A978F8588CFD2CFB773D1 Infected: not-a-virus:FraudTool.Win32.UltimateDefender.e skipped H:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP1\A0000287.exe/data.rar/SpyFighter.msi/_92C4297F51B0F9D7BD66C268A8616FBE/_A3F105724AA6F67DB0E27B786E501AEE Infected: not-a-virus:FraudTool.Win32.UltimateDefender.e skipped H:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP1\A0000287.exe/data.rar/SpyFighter.msi/_92C4297F51B0F9D7BD66C268A8616FBE/_A64905E43F05E6F66E4435BD43ADB7E6 Infected: not-a-virus:FraudTool.Win32.UltimateDefender.e skipped H:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP1\A0000287.exe/data.rar/SpyFighter.msi/_92C4297F51B0F9D7BD66C268A8616FBE/_CEA87F054B53EC6BD9B695AE4A51F0B8 Infected: not-a-virus:FraudTool.Win32.UltimateDefender.e skipped H:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP1\A0000287.exe/data.rar/SpyFighter.msi/_92C4297F51B0F9D7BD66C268A8616FBE/_F0F3F603CC4D8DB4A1288AF43F6720AA Infected: not-a-virus:FraudTool.Win32.UltimateDefender.e skipped H:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP1\A0000287.exe/data.rar/SpyFighter.msi/_92C4297F51B0F9D7BD66C268A8616FBE Infected: not-a-virus:FraudTool.Win32.UltimateDefender.e skipped H:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP1\A0000287.exe/data.rar/SpyFighter.msi Infected: not-a-virus:FraudTool.Win32.UltimateDefender.e skipped H:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP1\A0000287.exe/data.rar Infected: not-a-virus:FraudTool.Win32.UltimateDefender.e skipped H:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP1\A0000287.exe RarSFX: infected - 13 skipped H:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP1\A0000288.exe/cd_install_247.exe/cd_clint.dll Infected: not-a-virus:AdWare.Win32.Cydoor skipped H:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP1\A0000288.exe/cd_install_247.exe/cd_htm.dll Infected: not-a-virus:AdWare.Win32.Cydoor.c skipped H:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP1\A0000288.exe/cd_install_247.exe Infected: not-a-virus:AdWare.Win32.Cydoor.c skipped H:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP1\A0000288.exe/SaveNowInst.exe/SaveNow.exe Infected: not-a-virus:AdWare.Win32.SaveNow.bf skipped H:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP1\A0000288.exe/SaveNowInst.exe/Uninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.au skipped H:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP1\A0000288.exe/SaveNowInst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.au skipped H:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP1\A0000288.exe ZIP: infected - 6 skipped H:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP1\A0000289.exe/fsg-ag.exe Infected: not-a-virus:AdWare.Win32.Gator.3102 skipped H:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP1\A0000289.exe Vise: infected - 1 skipped Scan process completed. No tengo dudas de que mi maquina esta en su maximo nivel de purificacion y desinfeccion jamas soñado, pero el GTGina.dll aun sigue ahi! y yo sin poder manejar el modo de inicio de mis usuarios Lo mas triste es que es mi maquina 100% original (hardware y Software  ) y peor aun, no se conecta a internet ya que es para trabajos de musica, solo lo hago para actualizaciones de Windows XP Pro o en los casos sugeridos por ustedes por los antivirus online.Gracias nuevamente y quedo a vuestra espera. Cordiales saludos .G. |
|
28/01/08, 11:50:32
| |
| ||||
| Re: GTGina.dll Reporte de Kaspersky y Problemas con Ewido Scanner Online Hola gus66, realiza lo siguiente: Apaga Restaurar sistema Elimina los siguientes archivos siguiendo la ruta de su ubicación (te los marco en rojo) en caso de no poder hacerlo manualmente usa Fileassassin:C:\Documents and Settings\Gustavo\Desktop\Downloads\WATCH_FREE_PORN .exe C:\Program Files\Screensavers.com\Installer\bin\ScreensaversI nst.dll Elimina todos los correos que tengas guardados en outlook. Deshaz el paso # 1 Realiza un nuevo scan con Kaspersky y pega el reporte.Nos comentas... Salu2!! Novedades del Foro | Antivirus Online | Eliminar Malwares | Políticas del Foro | Blog * Ayúdanos haciendo una DONACIÓN para poder seguir Ayudando. * Para evitar Virus y Spywares al navegar por internet, USE FIREFOX !! * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro. |
|
28/01/08, 21:34:04
| |
| |||
 Re: GTGina.dll Reporte de Kaspersky y Problemas con Ewido Scanner Online Nuevamente gracias por la respuesta Ningun problema al borrar estos archivos: C:\Documents and Settings\Gustavo\Desktop\Downloads\WATCH_FREE_PORN .exe C:\Program Files\Screensavers.com\Installer\bin\ScreensaversI nst.dll Luego pase el Kaspersky asi que aqui va el repo: ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Monday, January 28, 2008 11:37:50 PM Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.98.0 Kaspersky Anti-Virus database last update: 28/01/2008 Kaspersky Anti-Virus database records: 534986 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: extended Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: A:\ C:\ D:\ E:\ G:\ H:\ Scan Statistics: Total number of scanned objects: 194774 Number of viruses found: 13 Number of infected objects: 42 Number of suspicious objects: 0 Duration of the scan process: 02:24:15 Infected Object Name / Virus Name / Last Action C:\Documents and Settings\Administrator\Cookies\index.dat Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\History\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\History\History.IE5\MSHist012008012820080 129\index.dat Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\Administrator\NTUSER.DAT Object is locked skipped C:\Documents and Settings\Administrator\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp Object is locked skipped C:\Documents and Settings\All Users.WINDOWS\Application Data\Grisoft\Avg7Data\avg7log.log Object is locked skipped C:\Documents and Settings\All Users.WINDOWS\Application Data\Grisoft\Avg7Data\avg7log.log.lck Object is locked skipped C:\Documents and Settings\LocalService.NT AUTHORITY\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\History\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService.NT AUTHORITY\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService.NT AUTHORITY\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService.NT AUTHORITY\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService.NT AUTHORITY\ntuser.dat.LOG Object is locked skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped C:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP4\change.log Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.lo g Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\default Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\Internet.evt Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\software Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\system Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MA P Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MA P Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DAT A Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped C:\WINDOWS\{00000005-00000000-00000003-00001102-00000004-20061102}.CDF Object is locked skipped C:\_OTMoveIt\MovedFiles\BKP Salvar LL\Z Bruni\LIC. OSCAR BRUNI\babylon32.exe/cd_install_247.exe/cd_clint.dll Infected: not-a-virus:AdWare.Win32.Cydoor skipped C:\_OTMoveIt\MovedFiles\BKP Salvar LL\Z Bruni\LIC. OSCAR BRUNI\babylon32.exe/cd_install_247.exe/cd_htm.dll Infected: not-a-virus:AdWare.Win32.Cydoor.c skipped C:\_OTMoveIt\MovedFiles\BKP Salvar LL\Z Bruni\LIC. OSCAR BRUNI\babylon32.exe/cd_install_247.exe Infected: not-a-virus:AdWare.Win32.Cydoor.c skipped C:\_OTMoveIt\MovedFiles\BKP Salvar LL\Z Bruni\LIC. OSCAR BRUNI\babylon32.exe/SaveNowInst.exe/SaveNow.exe Infected: not-a-virus:AdWare.Win32.SaveNow.bf skipped C:\_OTMoveIt\MovedFiles\BKP Salvar LL\Z Bruni\LIC. OSCAR BRUNI\babylon32.exe/SaveNowInst.exe/Uninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.au skipped C:\_OTMoveIt\MovedFiles\BKP Salvar LL\Z Bruni\LIC. OSCAR BRUNI\babylon32.exe/SaveNowInst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.au skipped C:\_OTMoveIt\MovedFiles\BKP Salvar LL\Z Bruni\LIC. OSCAR BRUNI\babylon32.exe ZIP: infected - 6 skipped C:\_OTMoveIt\MovedFiles\BKP Salvar LL\Z Bruni\no usados\AGSetup0609.exe/fsg-ag.exe Infected: not-a-virus:AdWare.Win32.Gator.3102 skipped C:\_OTMoveIt\MovedFiles\BKP Salvar LL\Z Bruni\no usados\AGSetup0609.exe Vise: infected - 1 skipped C:\_OTMoveIt\MovedFiles\Descargas\extra extra miguel mateos.zip/setup.exe/data0001 Infected: Trojan-Downloader.Win32.IstBar.lu skipped C:\_OTMoveIt\MovedFiles\Descargas\extra extra miguel mateos.zip/setup.exe/data0003 Infected: Trojan-Downloader.Win32.IstBar.nn skipped C:\_OTMoveIt\MovedFiles\Descargas\extra extra miguel mateos.zip/setup.exe Infected: Trojan-Downloader.Win32.IstBar.nn skipped C:\_OTMoveIt\MovedFiles\Descargas\extra extra miguel mateos.zip ZIP: infected - 3 skipped C:\_OTMoveIt\MovedFiles\Descargas\iconos gestuales animados msn.zip/setup.exe/data0001 Infected: Trojan-Downloader.Win32.IstBar.lu skipped C:\_OTMoveIt\MovedFiles\Descargas\iconos gestuales animados msn.zip/setup.exe/data0003 Infected: Trojan-Downloader.Win32.IstBar.nn skipped C:\_OTMoveIt\MovedFiles\Descargas\iconos gestuales animados msn.zip/setup.exe Infected: Trojan-Downloader.Win32.IstBar.nn skipped C:\_OTMoveIt\MovedFiles\Descargas\iconos gestuales animados msn.zip ZIP: infected - 3 skipped C:\_OTMoveIt\MovedFiles\Documents and Settings\Administrator\Local Settings\Temp\s208/stream/data0004 Infected: not-a-virus:AdWare.Win32.BHO.lr skipped C:\_OTMoveIt\MovedFiles\Documents and Settings\Administrator\Local Settings\Temp\s208/stream Infected: not-a-virus:AdWare.Win32.BHO.lr skipped C:\_OTMoveIt\MovedFiles\Documents and Settings\Administrator\Local Settings\Temp\s208 NSIS: infected - 2 skipped C:\_OTMoveIt\MovedFiles\Documents and Settings\Administrator\Local Settings\Temp\sjg/stream/data0004 Infected: not-a-virus:AdWare.Win32.NewWeb.ay skipped C:\_OTMoveIt\MovedFiles\Documents and Settings\Administrator\Local Settings\Temp\sjg/stream Infected: not-a-virus:AdWare.Win32.NewWeb.ay skipped C:\_OTMoveIt\MovedFiles\Documents and Settings\Administrator\Local Settings\Temp\sjg NSIS: infected - 2 skipped C:\_OTMoveIt\MovedFiles\Documents and Settings\Gustavo\Desktop\Downloads\377.exe/WISE0014.BIN Infected: not-a-virus:AdTool.Win32.WhenU.a skipped C:\_OTMoveIt\MovedFiles\Documents and Settings\Gustavo\Desktop\Downloads\377.exe/WISE0015.BIN Infected: not-a-virus:AdWare.Win32.NewDotNet skipped C:\_OTMoveIt\MovedFiles\Documents and Settings\Gustavo\Desktop\Downloads\377.exe WiseSFX: infected - 2 skipped C:\_OTMoveIt\MovedFiles\Documents and Settings\Gustavo\Desktop\Downloads\377.exe WiseSFXDropper: infected - 2 skipped C:\_OTMoveIt\MovedFiles\Documents and Settings\Gustavo\Desktop\Downloads\53.exe/WISE0014.BIN Infected: not-a-virus:AdTool.Win32.WhenU.a skipped C:\_OTMoveIt\MovedFiles\Documents and Settings\Gustavo\Desktop\Downloads\53.exe/WISE0015.BIN Infected: not-a-virus:AdWare.Win32.NewDotNet skipped C:\_OTMoveIt\MovedFiles\Documents and Settings\Gustavo\Desktop\Downloads\53.exe WiseSFX: infected - 2 skipped C:\_OTMoveIt\MovedFiles\Documents and Settings\Gustavo\Desktop\Downloads\53.exe WiseSFXDropper: infected - 2 skipped G:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped H:\BKP Outlook\BKP Outlook Express 24 Ene 06\Compras Internet.dbx/[From eBay <identdep_op8781@ebay.com>][Date Fri, 16 Dec 2005 22:09:33 +0500]/html Infected: Trojan-Spy.HTML.Bayfraud.hn skipped H:\BKP Outlook\BKP Outlook Express 24 Ene 06\Compras Internet.dbx Mail MS Outlook 5: infected - 1 skipped H:\BKP Outlook\BKP Outlook Express 5 Abr 06\Compras Internet.dbx/[From eBay <identdep_op8781@ebay.com>][Date Fri, 16 Dec 2005 22:09:33 +0500]/html Infected: Trojan-Spy.HTML.Bayfraud.hn skipped H:\BKP Outlook\BKP Outlook Express 5 Abr 06\Compras Internet.dbx Mail MS Outlook 5: infected - 1 skipped H:\BKP Outlook\BKP Outlook Express Post Perdida 7 Nov 05\Compras Internet.dbx/[From eBay Inc <support_refnum_5814599265@ebay.com>][Date Thu, 27 Oct 2005 22:02:00 -0400]/UNNAMED/html Infected: Trojan-Spy.HTML.Bayfraud.hn skipped H:\BKP Outlook\BKP Outlook Express Post Perdida 7 Nov 05\Compras Internet.dbx/[From eBay Inc <support_refnum_5814599265@ebay.com>][Date Thu, 27 Oct 2005 22:02:00 -0400]/UNNAMED Infected: Trojan-Spy.HTML.Bayfraud.hn skipped H:\BKP Outlook\BKP Outlook Express Post Perdida 7 Nov 05\Compras Internet.dbx Mail MS Outlook 5: infected - 2 skipped H:\BKP Outlook\BKP Outlook Express Post Perdida 7 Nov 05\Elementos eliminados.dbx/[From webmaster@meyerdirect.com.ar][Date Fri, 02 Dec 2005 13:16:54 GMT]/UNNAMED/reg_pass.zip/File-packed_dataInfo.exe Infected: Email-Worm.Win32.Sober.y skipped H:\BKP Outlook\BKP Outlook Express Post Perdida 7 Nov 05\Elementos eliminados.dbx/[From webmaster@meyerdirect.com.ar][Date Fri, 02 Dec 2005 13:16:54 GMT]/UNNAMED/reg_pass.zip Infected: Email-Worm.Win32.Sober.y skipped H:\BKP Outlook\BKP Outlook Express Post Perdida 7 Nov 05\Elementos eliminados.dbx/[From webmaster@meyerdirect.com.ar][Date Fri, 02 Dec 2005 13:16:54 GMT]/UNNAMED Infected: Email-Worm.Win32.Sober.y skipped H:\BKP Outlook\BKP Outlook Express Post Perdida 7 Nov 05\Elementos eliminados.dbx Mail MS Outlook 5: infected - 3 skipped H:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped Scan process completed. Dicho sea de paso el GTGina.dll es tipo highlander  , es inmortal pues ahi sigue  y aun impidiendo el manejo de mis cuentas. espero darle duro   Gracias anticipadas. G. |
|
31/01/08, 17:00:48
| |
| ||||
| Re: GTGina.dll Reporte de Kaspersky y Problemas con Ewido Scanner Online Hola gus66: Con OTMoveIt elimina lo siguiente: Cita:
Nos comentas... Salu2!! Novedades del Foro | Antivirus Online | Eliminar Malwares | Políticas del Foro | Blog * Ayúdanos haciendo una DONACIÓN para poder seguir Ayudando. * Para evitar Virus y Spywares al navegar por internet, USE FIREFOX !! * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro. |
|
01/02/08, 17:21:03
| |
| |||
 Re: GTGina.dll Reporte de Kaspersky y Problemas con Ewido Scanner Online OK Gracias nuevamente. Sin problemas para borrar los archivos referidos con OTMoveit Aqui va el Reporte Kaspersky: ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER INFORME viernes, 01 de febrero de 2008 18:45:26 Sistema operativo: Microsoft Windows XP Professional, Service Pack 2 (Build 2600) Kaspersky Online Scanner versión: 5.0.98.0 Ultima actualización: 1/02/2008 Registros en la base antivirus: 545342 ------------------------------------------------------------------------------- Configuración del análisis: Analizar usando las siguientes bases: estendidas Analizar archivos: verdadero Analizar bases de correo: verdadero Objetivo a analizar - Mi PC: A:\ C:\ D:\ E:\ G:\ H:\ Estadísticas: Número de objeros analizados: 195129 Virus encontrados: 9 Objetos infectados: 28 Objetos sospechosos: 0 Duración del análisis: 02:17:51 Bombre del objeto infectado / Nombre del virus / Última acción C:\Documents and Settings\Administrator\Cookies\index.dat Object is locked saltado C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked saltado C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked saltado C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked saltado C:\Documents and Settings\Administrator\Local Settings\History\History.IE5\index.dat Object is locked saltado C:\Documents and Settings\Administrator\Local Settings\History\History.IE5\MSHist012008020120080 202\index.dat Object is locked saltado C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked saltado C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked saltado C:\Documents and Settings\Administrator\NTUSER.DAT Object is locked saltado C:\Documents and Settings\Administrator\ntuser.dat.LOG Object is locked saltado C:\Documents and Settings\Administrator\UserData\index.dat Object is locked saltado C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp Object is locked saltado C:\Documents and Settings\All Users.WINDOWS\Application Data\Grisoft\Avg7Data\avg7log.log Object is locked saltado C:\Documents and Settings\All Users.WINDOWS\Application Data\Grisoft\Avg7Data\avg7log.log.lck Object is locked saltado C:\Documents and Settings\LocalService.NT AUTHORITY\Cookies\index.dat Object is locked saltado C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked saltado C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked saltado C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\History\History.IE5\index.dat Object is locked saltado C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked saltado C:\Documents and Settings\LocalService.NT AUTHORITY\NTUSER.DAT Object is locked saltado C:\Documents and Settings\LocalService.NT AUTHORITY\ntuser.dat.LOG Object is locked saltado C:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked saltado C:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked saltado C:\Documents and Settings\NetworkService.NT AUTHORITY\NTUSER.DAT Object is locked saltado C:\Documents and Settings\NetworkService.NT AUTHORITY\ntuser.dat.LOG Object is locked saltado C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked saltado C:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP4\A0000578.exe/WISE0014.BIN Infectados: not-a-virus:AdTool.Win32.WhenU.a saltado C:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP4\A0000578.exe/WISE0015.BIN Infectados: not-a-virus:AdWare.Win32.NewDotNet saltado C:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP4\A0000578.exe WiseSFX: infectado - 2 saltado C:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP4\A0000578.exe WiseSFXDropper: infectado - 2 saltado C:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP4\A0000579.exe/WISE0014.BIN Infectados: not-a-virus:AdTool.Win32.WhenU.a saltado C:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP4\A0000579.exe/WISE0015.BIN Infectados: not-a-virus:AdWare.Win32.NewDotNet saltado C:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP4\A0000579.exe WiseSFX: infectado - 2 saltado C:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP4\A0000579.exe WiseSFXDropper: infectado - 2 saltado C:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP4\A0000580.exe/fsg-ag.exe Infectados: not-a-virus:AdWare.Win32.Gator.3102 saltado C:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP4\A0000580.exe Vise: infectado - 1 saltado C:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP4\A0000581.exe/cd_install_247.exe/cd_clint.dll Infectados: not-a-virus:AdWare.Win32.Cydoor saltado C:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP4\A0000581.exe/cd_install_247.exe/cd_htm.dll Infectados: not-a-virus:AdWare.Win32.Cydoor.c saltado C:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP4\A0000581.exe/cd_install_247.exe Infectados: not-a-virus:AdWare.Win32.Cydoor.c saltado C:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP4\A0000581.exe/SaveNowInst.exe/SaveNow.exe Infectados: not-a-virus:AdWare.Win32.SaveNow.bf saltado C:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP4\A0000581.exe/SaveNowInst.exe/Uninst.exe Infectados: not-a-virus:AdWare.Win32.SaveNow.au saltado C:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP4\A0000581.exe/SaveNowInst.exe Infectados: not-a-virus:AdWare.Win32.SaveNow.au saltado C:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP4\A0000581.exe ZIP: infectado - 6 saltado C:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP5\change.log Object is locked saltado C:\WINDOWS\Debug\PASSWD.LOG Object is locked saltado C:\WINDOWS\SchedLgU.Txt Object is locked saltado C:\WINDOWS\SoftwareDistribution\EventCache\{78C592 F5-93A3-4A21-A386-0D7F49D7DF62}.bin Object is locked saltado C:\WINDOWS\SoftwareDistribution\ReportingEvents.lo g Object is locked saltado C:\WINDOWS\Sti_Trace.log Object is locked saltado C:\WINDOWS\system32\config\AppEvent.Evt Object is locked saltado C:\WINDOWS\system32\config\default Object is locked saltado C:\WINDOWS\system32\config\default.LOG Object is locked saltado C:\WINDOWS\system32\config\Internet.evt Object is locked saltado C:\WINDOWS\system32\config\SAM Object is locked saltado C:\WINDOWS\system32\config\SAM.LOG Object is locked saltado C:\WINDOWS\system32\config\SecEvent.Evt Object is locked saltado C:\WINDOWS\system32\config\SECURITY Object is locked saltado C:\WINDOWS\system32\config\SECURITY.LOG Object is locked saltado C:\WINDOWS\system32\config\software Object is locked saltado C:\WINDOWS\system32\config\software.LOG Object is locked saltado C:\WINDOWS\system32\config\SysEvent.Evt Object is locked saltado C:\WINDOWS\system32\config\system Object is locked saltado C:\WINDOWS\system32\config\system.LOG Object is locked saltado C:\WINDOWS\system32\h323log.txt Object is locked saltado C:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl Object is locked saltado C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked saltado C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked saltado C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked saltado C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MA P Object is locked saltado C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MA P Object is locked saltado C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DAT A Object is locked saltado C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked saltado C:\WINDOWS\wiadebug.log Object is locked saltado C:\WINDOWS\wiaservc.log Object is locked saltado C:\WINDOWS\WindowsUpdate.log Object is locked saltado C:\WINDOWS\{00000005-00000000-00000003-00001102-00000004-20061102}.CDF Object is locked saltado G:\System Volume Information\MountPointManagerRemoteDatabase Object is locked saltado H:\BKP Outlook\BKP Outlook Express Post Perdida 7 Nov 05\Compras Internet.dbx/[From eBay Inc <support_refnum_5814599265@ebay.com>][Date Thu, 27 Oct 2005 22:02:00 -0400]/UNNAMED/html Infectados: Trojan-Spy.HTML.Bayfraud.hn saltado H:\BKP Outlook\BKP Outlook Express Post Perdida 7 Nov 05\Compras Internet.dbx/[From eBay Inc <support_refnum_5814599265@ebay.com>][Date Thu, 27 Oct 2005 22:02:00 -0400]/UNNAMED Infectados: Trojan-Spy.HTML.Bayfraud.hn saltado H:\BKP Outlook\BKP Outlook Express Post Perdida 7 Nov 05\Compras Internet.dbx Mail MS Outlook 5: infectado - 2 saltado H:\BKP Outlook\BKP Outlook Express Post Perdida 7 Nov 05\Elementos eliminados.dbx/[From webmaster@meyerdirect.com.ar][Date Fri, 02 Dec 2005 13:16:54 GMT]/UNNAMED/reg_pass.zip/File-packed_dataInfo.exe Infectados: Email-Worm.Win32.Sober.y saltado H:\BKP Outlook\BKP Outlook Express Post Perdida 7 Nov 05\Elementos eliminados.dbx/[From webmaster@meyerdirect.com.ar][Date Fri, 02 Dec 2005 13:16:54 GMT]/UNNAMED/reg_pass.zip Infectados: Email-Worm.Win32.Sober.y saltado H:\BKP Outlook\BKP Outlook Express Post Perdida 7 Nov 05\Elementos eliminados.dbx/[From webmaster@meyerdirect.com.ar][Date Fri, 02 Dec 2005 13:16:54 GMT]/UNNAMED Infectados: Email-Worm.Win32.Sober.y saltado H:\BKP Outlook\BKP Outlook Express Post Perdida 7 Nov 05\Elementos eliminados.dbx Mail MS Outlook 5: infectado - 3 saltado H:\System Volume Information\MountPointManagerRemoteDatabase Object is locked saltado H:\System Volume Information\_restore{C0F14DFC-AF75-4C7D-96E9-B97763171917}\RP5\change.log Object is locked saltado H:\_OTMoveIt\MovedFiles\BKP Outlook\BKP Outlook Express 24 Ene 06\Compras Internet.dbx/[From eBay <identdep_op8781@ebay.com>][Date Fri, 16 Dec 2005 22:09:33 +0500]/html Infectados: Trojan-Spy.HTML.Bayfraud.hn saltado H:\_OTMoveIt\MovedFiles\BKP Outlook\BKP Outlook Express 24 Ene 06\Compras Internet.dbx Mail MS Outlook 5: infectado - 1 saltado H:\_OTMoveIt\MovedFiles\BKP Outlook\BKP Outlook Express 5 Abr 06\Compras Internet.dbx/[From eBay <identdep_op8781@ebay.com>][Date Fri, 16 Dec 2005 22:09:33 +0500]/html Infectados: Trojan-Spy.HTML.Bayfraud.hn saltado H:\_OTMoveIt\MovedFiles\BKP Outlook\BKP Outlook Express 5 Abr 06\Compras Internet.dbx Mail MS Outlook 5: infectado - 1 saltado Análisis completado. PD.: Saben si algun dia podre remover este archivo GTGina.dll ?Gracias y saludos. gus66 |
|
01/02/08, 18:54:00
| |
| ||||
| Re: GTGina.dll Reporte de Kaspersky y Problemas con Ewido Scanner Online Hola gus66, realiza lo siguiente: 1. Realiza un scan con Superantispyware y elimina todo lo que encuentre. 2. Descarga e instala Killbox 3. Apaga Restaurar sistema y activa ver archivos ocultos 4. Reinicia el pc en Modo seguro y elimina los siguientes archivos y/o carpetas usando Killbox: -Ejecutar KillBox y seleccionar: * "Delete on reboot" (Eliminar al reiniciar) * "All Files" (Todos los archivos) Copiar todos los archivos que se van a eliminar: H:\BKP Outlook\BKP Outlook Express Post Perdida 7 Nov 05\Compras Internet.dbx H:\BKP Outlook\BKP Outlook Express Post Perdida 7 Nov 05\Elementos eliminados.dbx y pegarlo en el marco "Full Path of File to Delete" Ir a Menú "File" y seleccionar "Paste from Clipboard" para que se agreguen el resto de los archivos. Hacer clic en el botón con el círculo rojo y blanco X ( "Eliminar Archivo"), espera unos momentos y luego acepta el mensaje que aparecerá (Tu sistema será reiniciado) Después de reiniciar, se creará un archivo log.txt ubicado en C:\!KillBox\Logs, donde podrás comprobar los resultados. 5. Realiza de nuevo un scan con kaspersky y pega el reporte que te genere. Cita:
Nos comentas... Salu2!! **Créditos: GuillermoTell*** Novedades del Foro | Antivirus Online | Eliminar Malwares | Políticas del Foro | Blog * Ayúdanos haciendo una DONACIÓN para poder seguir Ayudando. * Para evitar Virus y Spywares al navegar por internet, USE FIREFOX !! * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro. |