 |
| |||||||
| Foro de Virus y Spywares Ayuda con: Malwares - Virus - Spywares - Troyanos - Adwares - Worms - Hijackers - Dialers - Rootkits - Keylogger - etc.) Plantéanos tu problema en este sector. No ponga su log de HijackThis aquí !! |
 |
| | Herramientas |
 | 
03/06/08, 04:22:18
|  |
| |||
| infectado por un malware?? Ayer recibí un mail pensando que era alguien conocido. Ejecuté un archivo y empezó todo. Sistema inestable, cucarachas por el escritorio que luego desaparecen. La imagen del escritori azul con ventana de publicidad en el medio " infectado utiliza un antivi...". En la parte del reloj mensaje "infect virus" Se reinicia el sistema pues sale la típica pantalla azul de microsoft advirtiéndote de un error grave. Incluso después de reiniciar, entrar en modo de fallos, etc. ha quedado instalado dos o tres iconos de antivirus, antiespias, etc, publicidad de ellos, que no he abierto. Restaurar sistema no me deja, el ccleaner creo que lo ha anulado. Incluso desde Panda no veo la unidad c: para scanear. Así como el icono de "herramientas administrativas". En fin , he leído algo en la comunidad de como operar. Pero me gustaría que me lo confirmarais para saber seguir los pasos correctamente. Por otro lado quisiera preguntaros si con el scaneo de panda online, o si pudiera ejecutar el pando en modo local, se corrige el problema o si hay que seguir una serie de secuencias. GRacias y Salu2.      |
|
03/06/08, 05:59:56
| |
| ||||
| Re: infectado por un malware?? Hola aparicioso. Bienvenid@ al foro de Infospyware. Realiza lo siguiente:
- Pegas los reportes de DelPSGuard, Malwarebytes' Anti-Malware y Panda ActiveScan para revisarlos. - Para mayor comodidad imprime los pasos. Salu2. Novedades del Foro | Antivirus Online | Eliminar Malwares | Políticas del Foro | Blog * Ayúdanos haciendo una DONACIÓN para poder seguir Ayudando. * Para evitar Virus y Spywares al navegar por internet, USE FIREFOX !! * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro. |
|
03/06/08, 06:46:53
| |
| |||
| Re: infectado por un malware?? gracias por tan pronta contestación. Realizaré en casa todos estos pasos. Quería preguntarte algo: en el XP tengo instalado Panda actualizado a diario. ¿No valdría ejecutando este de poder hacerlo? En cualquier caso, a parte de tener instalado Panda qué software me aconsejas instalar independientemente que sea antiespías o antimalware, etc. instalado que sea de licencia libre.- O con Panda 2007 no hace falta más. Gracias y Salu2. Alberto V. |
|
03/06/08, 07:55:22
| |
| |||
| Re: infectado por un malware?? hay algo que quería comentaros creo que borré pensando que era uno de los archivos corruptos al archivo ctfmon.exe pues al ver que de fondo de pantalla llevaba dicho nombre fui a por él. De ahí que al arrancar el SO y momentos después de salir el escritorio sale un error típico de pantalla azul. Saludos. |
|
03/06/08, 11:52:09
| |
| |||
| Re: infectado por un malware?? Buenas me pasa lo mismo con mi pc, realice todos los pasos aqui estan los informes : DelPSGuard v 4.9.7 by www.ForoSpyware.com Reporte Creado: 10:16:09,15, 03/06/2008 SO: Microsoft Windows XP [Versi¢n 5.1.2600] Modo de Inicio: Seguro _________________________________________ »»»»»»»»»»»» Carpetas y Archivos infectados »»»»»»»»»»»» C:\WINDOWS\system32 \ctfmona.exe ...: ! Eliminado ! :... C:\WINDOWS\system32 \ntimage.gif Eliminado Malware.Bagle C:\WINDOWS\system32 \svshost.dll ...: ! Eliminado ! :... C:\WINDOWS\system32 \wininet.exe ...: ! Eliminado ! :... C:\WINDOWS\system32 \WLCtrl32.dll ...: ! Eliminado ! :... C:\WINDOWS\desktop.html ...: ! Eliminado ! :... C:\WINDOWS\xpupdate.exe ...: ! Eliminado ! :... C:\Documents and Settings\Administrador\Escritorio \BraveSentry.lnk ...: ! Eliminado ! :... »»»»»»»»»»»»»»»»»»» Programas Malwares »»»»»»»»»»»»»»»»» »»»»»»»»»»»»»»»»»»» FIN »»»»»»»»»»»»»»»»»»» mbam-log-6-3-2008 (10-27-09) Malwarebytes' Anti-Malware 1.14 Versión de la Base de Datos: 800 10:27:09 03/06/2008 mbam-log-6-3-2008 (10-27-09).txt Tipo de examen : Examen Rápido Objetos examinados: 36261 Tiempo transcurrido: 6 minute(s), 50 second(s) Procesos en Memoria Infectados: 0 Módulos en Memoria Infectados: 0 Claves del Registro Infectadas: 84 Valores del Registro Infectados: 11 Elementos de Datos del Registro Infectados: 0 Carpetas Infectadas: 13 Ficheros Infectados: 65 Procesos en Memoria Infectados: (No se han detectado elementos maliciosos) Módulos en Memoria Infectados: (No se han detectado elementos maliciosos) Claves del Registro Infectadas: HKEY_CLASSES_ROOT\CLSID\{ffffffff-bbbb-4146-86fd-a722e8ab3489} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{ffffffff-bbbb-4146-86fd-a722e8ab3489} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{28abc5c0-4fcb-11cf-aax5-81cx1c635612} (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{66186f05-bbbb-4a39-864f-72d84615c679} (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{66186f05-bbbb-4a39-864f-72d84615c679} (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager. 1 (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{0f8ecf4f-3646-4c3a-8881-8e138ffcaf70} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\funwebproducts.datacontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\funwebproducts.datacontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\funwebproducts.shellviewcontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\funwebproducts.shellviewcontrol. 1 (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{2eff3cf7-99c1-4c29-bc2b-68e057e22340} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Ext\PreApproved\{2eff3cf7-99c1-4c29-bc2b-68e057e22340} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{84da4fdf-a1cf-4195-8688-3e961f505983} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\funwebproducts.browseroverlayemb ed (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\funwebproducts.browseroverlayemb ed.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{a6573479-9075-4a65-98a6-19fd29cf7374} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Ext\PreApproved\{a6573479-9075-4a65-98a6-19fd29cf7374} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager. 1 (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{b813095c-81c0-4e40-aa14-67520372b987} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\funwebproducts.historykillersche duler (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\funwebproducts.historykillersche duler.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{c9d7be3e-141a-4c85-8cd6-32461f3df2c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\funwebproducts.historyswattercon trolbar (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\funwebproducts.historyswattercon trolbar.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{cff4ce82-3aa2-451f-9b77-7165605fb835} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\funwebproducts.browseroverlaybar button (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\funwebproducts.browseroverlaybar button.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{d778513b-1c40-4819-b0c5-49e40b39afd0} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{d9fffb27-d62a-4d64-8cec-1ff006528805} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Ext\PreApproved\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{0d26bc71-a633-4e71-ad31-eadc3a1b6a3a} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{1093995a-ba37-41d2-836e-091067c4ad17} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{120927bf-1700-43bc-810f-fab92549b390} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{17de5e5e-bfe3-4e83-8e1f-8755795359ec} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{1f52a5fa-a705-4415-b975-88503b291728} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{247a115f-06c2-4fb3-967d-2d62d3cf4f0a} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{2763e333-b168-41a0-a112-d35f96f410c0} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{38a7c9da-8db7-4d0f-a7b1-c4b1a305bddb} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{3e53e2cb-86db-4a4a-8bd9-ffeb7a64df82} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{621feacd-8857-43a6-ae26-451d670d5370} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{72ee7f04-15bd-4845-a005-d6711144d86a} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{90449521-d834-4703-bb4e-d3aa44042ff8} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{991aac62-b100-47ce-8b75-253965244f69} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{bbabdc90-f3d5-4801-863a-ee6ae529862d} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{d6ff3684-ad3b-48eb-bbb4-b9e6c5a355c1} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{eb9e5c1c-b1f9-4c2b-be8a-27d6446fdaf8} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{8ca01f0e-987c-49c3-b852-2f1ac4a7094c} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{8d292ec0-6792-4a38-82ed-73a087e41ba6} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{98635087-3f5d-418f-990c-b1efe0797a3b} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{a626cdbd-3d13-4f78-b819-440a28d7e8fc} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{c8cecde3-1ae1-4c4a-ad82-6d5b00212144} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{e79dfbc9-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{e79dfbcb-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{e79dfbc0-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\AXPFixer (Rogue.AdvancedXPFixer) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\AXPFixer (Rogue.AdvancedXPFixer) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\winctrl32 (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\ICF (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\tcpsr (Rootkit.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\asc3550p (Rootkit.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\m supdate (Rootkit.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\m supdate (Rootkit.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\msupdate (Rootkit.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\i cf (Rootkit.ADS) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\i cf (Rootkit.ADS) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ICF (Rootkit.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\MIME\Database\Content Type\application/x-f3embed (Adware.MyWebSearch) -> Quarantined and deleted successfully. Valores del Registro Infectados: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\AXPFixer (Rogue.AdvancedXPFixer) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ShellServiceObjectDelayLoad\WebProxy (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Control Panel\Desktop\OriginalWallpaper (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Control Panel\Desktop\ConvertedWallpaper (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Control Panel\Desktop\SCRNSAVE.EXE (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\software\Microsoft\Windows\Curr entVersion\Run\DriveSystem (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\software\Microsoft\Windows\Curr entVersion\Run\SystemDrive (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\advap32 (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\kr_done1 (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run\Service Pack 1 (Heuristics.Malware) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\sysrest32.exe (Rootkit.Agent) -> Quarantined and deleted successfully. Elementos de Datos del Registro Infectados: (No se han detectado elementos maliciosos) Carpetas Infectadas: C:\Archivos de programa\AXPFixer (Rogue.AdvancedXPFixer) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrador\Datos de programa\AXPFixer (Rogue.AdvancedXPFixer) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrador\Datos de programa\AXPFixer\AXPFixer (Rogue.AdvancedXPFixer) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrador\Datos de programa\AXPFixer\AXPFixer\Quarantine (Rogue.AdvancedXPFixer) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrador\Datos de programa\AXPFixer\AXPFixer\Quarantine\Autorun (Rogue.AdvancedXPFixer) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrador\Datos de programa\AXPFixer\AXPFixer\Quarantine\BrowserObjec ts (Rogue.AdvancedXPFixer) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrador\Datos de programa\AXPFixer\AXPFixer\Quarantine\Packages (Rogue.AdvancedXPFixer) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrador\Datos de programa\AXPFixer\AXPFixer\Quarantine\Autorun\HKCU (Rogue.AdvancedXPFixer) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrador\Datos de programa\AXPFixer\AXPFixer\Quarantine\Autorun\HKLM (Rogue.AdvancedXPFixer) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrador\Datos de programa\AXPFixer\AXPFixer\Quarantine\Autorun\Star tMenuAllUsers (Rogue.AdvancedXPFixer) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrador\Datos de programa\AXPFixer\AXPFixer\Quarantine\Autorun\Star tMenuCurrentUser (Rogue.AdvancedXPFixer) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrador\Datos de programa\AXPFixer\AXPFixer\Quarantine\Autorun\HKCU \RunOnce (Rogue.AdvancedXPFixer) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrador\Datos de programa\AXPFixer\AXPFixer\Quarantine\Autorun\HKLM \RunOnce (Rogue.AdvancedXPFixer) -> Quarantined and deleted successfully. Ficheros Infectados: C:\Archivos de programa\AXPFixer\AXPFixer.exe (Rogue.AdvancedXPFixer) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrador\Configuración local\Temp\50.tmp (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrador\Configuración local\Temp\54.tmp (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrador\Configuración local\Temp\73.tmp (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrador\Configuración local\Temp\maxpaynowti.game (Dialer) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrador\Configuración local\Temp\mgnystta.exe (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Archivos de programa\Internet Explorer\msimg32.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\WINDOWS\system32\blackster.scr (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\ctfmonb.bmp (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\system32\maxpaynowti.exe (Dialer) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\7CF28762C38CA0D4.tmp (Trojan.Dropper) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\AE8AB41F91F72503.tmp (Malware.Trace) -> Quarantined and deleted successfully. C:\Archivos de programa\AXPFixer\AXPFixer.exe.local (Rogue.AdvancedXPFixer) -> Quarantined and deleted successfully. C:\Archivos de programa\AXPFixer\AXPFixerSkin.dll (Rogue.AdvancedXPFixer) -> Quarantined and deleted successfully. C:\Archivos de programa\AXPFixer\database.dat (Rogue.AdvancedXPFixer) -> Quarantined and deleted successfully. C:\Archivos de programa\AXPFixer\license.txt (Rogue.AdvancedXPFixer) -> Quarantined and deleted successfully. C:\Archivos de programa\AXPFixer\MFC71.dll (Rogue.AdvancedXPFixer) -> Quarantined and deleted successfully. C:\Archivos de programa\AXPFixer\MFC71ENU.DLL (Rogue.AdvancedXPFixer) -> Quarantined and deleted successfully. C:\Archivos de programa\AXPFixer\msvcp71.dll (Rogue.AdvancedXPFixer) -> Quarantined and deleted successfully. C:\Archivos de programa\AXPFixer\msvcr71.dll (Rogue.AdvancedXPFixer) -> Quarantined and deleted successfully. C:\Archivos de programa\AXPFixer\Uninstall.exe (Rogue.AdvancedXPFixer) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrador\Datos de programa\Microsoft\Internet Explorer\Quick Launch\AXPFixer.lnk (Rogue.AdvancedXPFixer) -> Quarantined and deleted successfully. C:\WINDOWS\system32\WinCtrl32.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\svcp.csv (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\system32\amvo1.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\WinNt32.dll (Trojan.Agent) -> Delete on reboot. C:\WINDOWS\system32\maxpaynowti1.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\maxpaynow1.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\d.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\sft.res (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\system32\drivers\asc3550p.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\sysvytk.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrador\Datos de programa\Install.dat (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\mssrv32.exe (Rootkit.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\svchost.exe:exe.exe (Rootkit.ADS) -> Quarantined and deleted successfully. C:\WINDOWS\system32\dllgh8jkd1q1.exe (Heuristics.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\system32\dllgh8jkd1q2.exe (Heuristics.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\system32\dllgh8jkd1q5.exe (Heuristics.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\system32\dllgh8jkd1q6.exe (Heuristics.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\system32\dllgh8jkd1q7.exe (Heuristics.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\system32\dllgh8jkd1q8.exe (Heuristics.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\system32\vedxg4am1et2.exe (Heuristics.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\system32\vedxg6ame4.exe (Heuristics.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\system32\winsub.xml (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\system32\kr_done1 (Malware.Trace) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrador\Configuración local\Temp\1.dllb (Heuristics.Malware) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrador\Configuración local\Temp\2.dllb (Heuristics.Malware) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrador\Configuración local\Temp\5.dllb (Heuristics.Malware) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrador\Configuración local\Temp\6.dllb (Heuristics.Malware) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrador\Configuración local\Temp\7.dllb (Heuristics.Malware) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrador\Configuración local\Temp\vx1dt1.game (Heuristics.Malware) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrador\Configuración local\Temp\vx1dt3.game (Heuristics.Malware) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrador\Configuración local\Temp\vx3dt2.game (Heuristics.Malware) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrador\Configuración local\Temp\v3xd1.g22me (Heuristics.Malware) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrador\Configuración local\Temp\v5xd2.g3ame (Heuristics.Malware) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrador\Configuración local\Temp\v5xd4.ga2me (Heuristics.Malware) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrador\Configuración local\Temp\v4xd6.gam5e (Heuristics.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\system32\vedxga1me4t1.exe (Heuristics.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\system32\vedxga3me2.exe (Heuristics.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\system32\vedxga4me1.exe (Heuristics.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\system32\vedxga8me6.exe (Heuristics.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\system32\wind32.exe (Trojan.Dropper) -> Quarantined and deleted successfully. C:\WINDOWS\system32\vx.tll (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\system32\sysrest32.exe (Rootkit.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Escritorio\AXPFixer.lnk (Rogue.AdvancedXPFixer) -> Quarantined and deleted successfully. Dr.Web ple.exe c:\ Trojan.Packed.162 Eliminado. tbg27.sys c:\windows\system32\drivers BackDoor.Bulknet.207 Eliminado. spooisv.exe c:\windows\system32 Trojan.Packed.162 Eliminado. Por lo visto si me ha borrado varios virus pero todavia el sysmantec antivirus notification me muestra la siguiente nota: Scan type: Realtime Protection Scan Event: Virus Found! Virus name: Backdoor.Trojan File: C:\WINDOWS\system32\acleditq.dll Location: Quarantine Computer: SERVI01 User: SYSTEM Action taken: Quarantine succeeded : Access denied Date found: martes, 03 de junio de 2008 11:12:58 Que podria hacer al respecto ? muchas gracias |
|
03/06/08, 16:19:52
| |
| ||||
| Re: infectado por un malware?? Hola culnamo. Bienvenid@ al foro de Infospyware. - Debes abrir un tema para que se te pueda ayudar; este fue abierto por otro usuario: ¿Como crear un tema nuevo?. Salu2!. Novedades del Foro | Antivirus Online | Eliminar Malwares | Políticas del Foro | Blog * Ayúdanos haciendo una DONACIÓN para poder seguir Ayudando. * Para evitar Virus y Spywares al navegar por internet, USE FIREFOX !! * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro. |
|
« Tema Anterior
|
Próximo Tema »
| Herramientas | |
|
|
| 
Temas Similares | |
| Tema | Autor | Foro | Respuestas | Último mensaje |
| Problemon gordo | papapopo | Foro de Virus y Spywares | 19 | 03/06/08 11:46:00 |
| informe karspersky bagle, Pakes, Agent.. estoy perdido | teje00 | Foro de Virus y Spywares | 2 | 29/05/08 15:51:06 |
| AYUDADME CONTRA WIN32:tratBho, ¡¡ por favor !!..(Solucionado) | CHINOBOSS | Temas Solucionados | 33 | 18/02/08 21:21:46 |
| Gusano Del msn | guada_hp | Foro de Virus y Spywares | 2 | 29/10/07 18:34:05 |
| SpyBot S&D 1.4 6/6/2007 | ElPiedra | Actualización de AntiSpywares | 0 | 28/03/07 18:32:59 |
Todas las horas son GMT -4. La hora es 23:50:28.
