Ataque ADZGALORE - Foro de Spyware

Buscar

		Foro de Spyware » Spyware - Adware - Hijackers - Malwares » Foro de Virus y Spywares
Ataque ADZGALORE

Para evitar Virus, Spyware y ventanas emergentes, en InfoSpyware recomendamos navegar con: FIREFOX

Foro de Virus y Spywares Ayuda con: Malwares - Virus - Spywares - Troyanos - Adwares - Worms - Hijackers - Dialers - Rootkits - Keylogger - etc.) Plantéanos tu problema en este sector.
No ponga su log de HijackThis aquí !!

Página 1 de 2

Herramientas

post #1 (permalink)

30/06/08, 07:00:27

Bubba_BCN

Usuario

Registrado: jun 2008

Ubicación: Barcelona

Mensajes: 9

Ataque ADZGALORE

Hola, mi ordenador ha sido atacado por ADZGALORE y no encuentro manera de cargármelo, alguien me echa una mano? Gracias

post #2 (permalink)

30/06/08, 07:10:15

M@co

Colaborador

Registrado: dic 2007

Ubicación: Guayana - Venezuela

Mensajes: 3.665

Re: Ataque ADZGALORE

Hola Bubba_BCN. Bienvenid@ al foro de Infospyware.

Realiza lo siguiente:

Descarga CCleaner .
Descarga y actualiza Malwarebytes’ Anti-Malware.
Nota: Si después de instalarlo el lenguaje esta en Ingles ve a la pestaña "Settings" y lo cambias a Español.

Reinicia en Modo Seguro
1. Ejecuta Malwarebytes' Anti-Malware;
  - Realiza un examen completo del PC y elimina las infecciones que este detecte.
  - Esto es fundamental, mandalas a cuarentena y eliminalas desde allí; pegas el reporte generado después de la eliminación.
  - El reporte queda guardado en la pestaña "Logs" o "Registros" en español, abres el reporte y copias el contenido para pegarlo en este tema.
2. Ejecuta el CCleaner,
  - Usa la opción Limpiador para borrar cookies y temporales,
  - y la opción Registro para efectuar una limpieza del registro de Windows.
Reinicia en Modo Normal y pasa Kaspersky Antivirus online,

*Nota*
- Pega el reporte que genere Kaspersky, junto con el de Malwarebytes' Anti-Malware.

Salu2!

post #3 (permalink)

30/06/08, 17:23:08

Bubba_BCN

Usuario

Registrado: jun 2008

Ubicación: Barcelona

Mensajes: 9

Re: Ataque ADZGALORE

Despues de unas cuantas horas....

Malwarebytes' Anti-Malware 1.19
Versión de la Base de Datos: 907
Windows 5.1.2600 Service Pack 2

18

12 30/06/2008
mbam-log-6-30-2008 (18-10-12).txt

Tipo de examen : Examen Completo (C:\|I:\|)
Objetos examinados: 130747
Tiempo transcurrido: 54 minute(s), 30 second(s)

Procesos en Memoria Infectados: 0
Módulos en Memoria Infectados: 2
Claves del Registro Infectadas: 166
Valores del Registro Infectados: 13
Elementos de Datos del Registro Infectados: 2
Carpetas Infectadas: 25
Ficheros Infectados: 121

Procesos en Memoria Infectados:
(No se han detectado elementos maliciosos)

Módulos en Memoria Infectados:
C:\WINDOWS\system32\byXOIBTL.dll (Trojan.Vundo) -> Unloaded module successfully.
C:\WINDOWS\system32\iifffETk.dll (Trojan.Vundo) -> Unloaded module successfully.

Claves del Registro Infectadas:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{4c9847c0-6d75-4b94-afd7-e38ec09b632b} (Trojan.Vundo) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{4c9847c0-6d75-4b94-afd7-e38ec09b632b} (Trojan.Vundo) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{f30b1b0b-c305-414e-a4ff-ac93a08de0ac} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{f30b1b0b-c305-414e-a4ff-ac93a08de0ac} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\iifffetk (Trojan.Vundo) -> Delete on reboot.
HKEY_CLASSES_ROOT\Interface\{bd219b90-626b-40f4-bfdd-420240dfca2c} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{49bcc77a-79eb-4d50-a6db-04e8202921c4} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{994b5fb4-0103-44a6-b6b3-c73572b362bc} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{994b5fb4-0103-44a6-b6b3-c73572b362bc} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\adzgalore.optimizer (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\adzgalore.optimizer.1 (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{8d71eeb8-a1a7-4733-8fa2-1cac015c967d} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{ceb9c60d-f0ad-4b73-a3ab-4fc822e38d66} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{04a38f6b-006f-4247-ba4c-02a139d5531c} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{3c2d2a1e-031f-4397-9614-87c932a848e0} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2b96d5cc-c5b5-49a5-a69d-cc0a30f9028c} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransp orterx (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransp orterx.1 (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebutton (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{e343edfc-1e6c-4cb5-aa29-e9c922641c80} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{20ea9658-6bc3-4599-a87d-6371fe9295fc} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a16ad1e9-f69a-45af-9462-b1c286708842} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c9ccbb35-d123-4a31-affc-9b2933132116} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebutton.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbinfoband (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbinfoband.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebuttona (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebuttona.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbax (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbax.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.rprtctrl (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.rprtctrl.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{8ad9ad05-36be-4e40-ba62-5422eb0d02fb} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{aebf09e2-0c15-43c8-99bf-928c645d98a0} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d8560ac2-21b5-4c1a-bdd4-bd12bc83b082} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{cdca70d8-c6a6-49ee-9bed-7429d6c477a2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d136987f-e1c4-4ccc-a220-893df03ec5df} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugi n (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{07b18ea0-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07b18ea3-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{53ced2d0-5e9a-4761-9005-648404e6f7e5} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugi n.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{8ca01f0e-987c-49c3-b852-2f1ac4a7094c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0f8ecf4f-3646-4c3a-8881-8e138ffcaf70} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b813095c-81c0-4e40-aa14-67520372b987} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c9d7be3e-141a-4c85-8cd6-32461f3df2c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cff4ce82-3aa2-451f-9b77-7165605fb835} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager. 1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1e0de227-5ce4-4ea3-ab0c-8b03e1aa76bc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{c8cecde3-1ae1-4c4a-ad82-6d5b00212144} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{e47caee0-deea-464a-9326-3f2801535a4d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.2 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{3e720450-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin .1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswattersetting scontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{8e6f1830-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8e6f1832-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a9571378-68a1-443d-b082-284f960c6d17} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswattersetting scontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473d292-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{7473d290-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473d296-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplu gin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplu gin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutt on (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutt on.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{938aa51a-996c-4884-98ce-80dd16a5c9da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{29d67d3c-509a-4544-903f-c8c1b8236554} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\screensavercontrol.screensaverin staller (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\screensavercontrol.screensaverin staller.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.outlookaddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{adb01e81-3c79-4272-a0f1-7b2be7a782dc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.outlookaddin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager. 1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historykillersche duler (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historykillersche duler.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historyswattercon trolbar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historyswattercon trolbar.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d9fffb27-d62a-4d64-8cec-1ff006528805} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{0d26bc71-a633-4e71-ad31-eadc3a1b6a3a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{07b18eaa-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{07b18eac-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1093995a-ba37-41d2-836e-091067c4ad17} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{120927bf-1700-43bc-810f-fab92549b390} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{17de5e5e-bfe3-4e83-8e1f-8755795359ec} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1f52a5fa-a705-4415-b975-88503b291728} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{247a115f-06c2-4fb3-967d-2d62d3cf4f0a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e3537fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e1656ed-f60e-4597-b6aa-b6a58e171495} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e53e2cb-86db-4a4a-8bd9-ffeb7a64df82} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e720451-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e720453-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{63d0ed2b-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{63d0ed2d-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6e74766c-4d93-4cc0-96d1-47b8e07ff9ca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d291-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d293-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d295-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d297-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{90449521-d834-4703-bb4e-d3aa44042ff8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{991aac62-b100-47ce-8b75-253965244f69} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{bbabdc90-f3d5-4801-863a-ee6ae529862d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d6ff3684-ad3b-48eb-bbb4-b9e6c5a355c1} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{eb9e5c1c-b1f9-4c2b-be8a-27d6446fdaf8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{de38c398-b328-4f4c-a3ad-1b5e4ed93477} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{f42228fb-e84e-479e-b922-fbbd096e792c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninsta ll\adzgalore (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8cf33e4a-c048-4bfe-a38b-882c290f6cda} (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{8cf33e4a-c048-4bfe-a38b-882c290f6cda} (Trojan.Downloader) -> Quarantined and deleted successfully.
\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninsta ll\shoppingreport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\adzgalore (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\adzgalore (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\Sidebar.DLL (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videoe gg.com/Publisher,version=1.5 (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MozillaPlugins\@videoeg g.com/Publisher,version=1.5 (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\videoegg.activexloader (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\W MPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\MyWebSearch bar Uninstall (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlo ok\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\ Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\WUSN.1 (Adware.WhenUSave) -> Quarantined and deleted successfully.

Valores del Registro Infectados:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\60bdc08d (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\ShellExecuteHooks\{f30b1b0b-c305-414e-a4ff-ac93a08de0ac} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\SharedDLLs\C:\Program Files\Common Files\Real\WeatherBug\MiniBugTransporter.dll (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\BM638ef311 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Settings\bf (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Settings\bk (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Settings\iu (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Settings\mu (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3PopularScreensavers (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Internet Settings\User Agent\Post Platform\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Elementos de Datos del Registro Infectados:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\LSA\Notification Packages (Trojan.Vundo) -> Data: c:\windows\system32\byxoibtl -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\byxoibtl -> Delete on reboot.

Carpetas Infectadas:
C:\Program Files\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\Bin (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\Bin\2.0.25 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\cs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\DriveCleaner 2006 Free (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Game (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\SrchAstt (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\SrchAstt\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\PopSwatr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\PopSwatr\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Documents and Settings\Roberto.ARAUZ-D554VLIH9\Application Data\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Roberto.ARAUZ-D554VLIH9\Application Data\ShoppingReport\cs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Roberto.ARAUZ-D554VLIH9\Application Data\ShoppingReport\cs\db (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Roberto.ARAUZ-D554VLIH9\Application Data\ShoppingReport\cs\dwld (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Roberto.ARAUZ-D554VLIH9\Application Data\ShoppingReport\cs\report (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Roberto.ARAUZ-D554VLIH9\Application Data\ShoppingReport\cs\res1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.

Ficheros Infectados:
C:\WINDOWS\system32\byXOIBTL.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\sgsxehck.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kchexsgs.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\iifffETk.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\nsh27.dll (Adware.BHO) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\Real\WeatherBug\MiniBugTransporter.dll (Adware.Minibug) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\Bin\2.0.25\ShoppingReport.dll (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3HISTSW.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3DTACTL.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3HTML.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3POPSWT.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\LphantBar\tbLph1.dll (Adware.Shopper) -> Quarantined and deleted successfully.
C:\Program Files\MSN Messenger\riched20.dll (Adware.MyWeb.FunWeb) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL (Adware.MyWeb.FunWeb) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE (Adware.MyWeb.FunWeb) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3IDLE.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP939\A0310416.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP939\A0312381.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP939\A0312395.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP942\A0312436.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP943\A0312470.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP944\A0312485.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP944\A0312501.exe (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP944\A0312503.exe (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP944\A0312504.old (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP944\A0313003.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP944\A0313014.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP945\A0314055.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP950\A0316571.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP955\A0316800.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP955\A0316824.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP955\A0316851.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP956\A0316870.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP956\A0316880.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP956\A0316891.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP957\A0316973.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP961\A0318888.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP962\A0318920.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP964\A0319924.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP964\A0319986.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP964\A0320950.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP965\A0321991.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP966\A0322042.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP966\A0322053.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP967\A0322064.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0323138.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0324148.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0324152.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0324172.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\adzgalore-remove.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cnbjmo.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f3PSSavr.scr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\myss_sb_uninstall.exe (Adware.BHO) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\WhoisCL.exe (Adware.BHO) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\Uninst.exe (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\DriveCleaner 2006 Free\sdrmon.exe (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3BKGERR.JPG (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3CJPEG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3REPROX.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3SPACER.WMV (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3WALLPP.DAT (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3NTSTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\00018CF9 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\00043FE4 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\0005F98A (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\00070FFB (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\000BA9F6 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\0011A11F (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\001BB293.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\00390365 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\007478A6 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\00822216.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\008223BC.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\008230AC.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\0091494C (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\01AEE757 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\0A1FFB9B.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\0A1FFDCE.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\0A2000AC.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\0A205563.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\0A206419.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\0A2065A0.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\0A2066F7.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\files.ini (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Game\CHECKERS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Game\CHESS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Game\REVERSI.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\History\search (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\prevcfg.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\settings.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\settings.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\PopSwatr\History\allowed (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\PopSwatr\History\notallow (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\CursorManiaBtn.h tml (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\SmileyCentralBtn .html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Documents and Settings\Roberto.ARAUZ-D554VLIH9\Application Data\ShoppingReport\cs\Config.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Roberto.ARAUZ-D554VLIH9\Application Data\ShoppingReport\cs\db\Aliases.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Roberto.ARAUZ-D554VLIH9\Application Data\ShoppingReport\cs\db\Sites.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Roberto.ARAUZ-D554VLIH9\Application Data\ShoppingReport\cs\dwld\WhiteList.xip (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Roberto.ARAUZ-D554VLIH9\Application Data\ShoppingReport\cs\report\aggr_storage.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Roberto.ARAUZ-D554VLIH9\Application Data\ShoppingReport\cs\report\send_storage.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Roberto.ARAUZ-D554VLIH9\Application Data\ShoppingReport\cs\res1\WhiteList.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\enlqvjgn.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nvs2.inf (Adware.EGDAccess) -> Quarantined and deleted successfully.

post #4 (permalink)

30/06/08, 17:24:33

Bubba_BCN

Usuario

Registrado: jun 2008

Ubicación: Barcelona

Mensajes: 9

Re: Ataque ADZGALORE

y finalmente...

KASPERSKY ONLINE SCANNER INFORME
lunes, 30 de junio de 2008 23:13:38
Sistema operativo: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner versión: 5.0.84.1
Ultima actualización: 30/06/2008
Registros en la base antivirus: 898476

Configuración del análisis
Analizar usando las siguientes bases estendidas
Analizar archivos verdadero
Analizar bases de correo verdadero

Objetivo a analizar Mi PC
A:\
C:\
D:\
E:\
F:\
G:\
I:\

Estadísticas
Número de objeros analizados 87758
Virus encontrados 49
Objetos infectados 94 / 0
Objetos sospechosos 0
Duración del análisis 02:55:24

Bombre del objeto infectado Nombre del virus Última acción
C:\Documents and Settings\All Users.WINDOWS\Application Data\McAfee\SpamKiller\Logs\Filtering.log Object is locked saltado

C:\Documents and Settings\All Users.WINDOWS\Application Data\McAfee.com\Agent\Logs\TaskScheduler\McTskshd0 00.log Object is locked saltado

C:\Documents and Settings\All Users.WINDOWS\Application Data\McAfee.com\VSO\OASLogs\OAS.log Object is locked saltado

C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked saltado

C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked saltado

C:\Documents and Settings\LocalService.NT AUTHORITY\Cookies\index.dat Object is locked saltado

C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked saltado

C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked saltado

C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\History\History.IE5\index.dat Object is locked saltado

C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked saltado

C:\Documents and Settings\LocalService.NT AUTHORITY\NTUSER.DAT Object is locked saltado

C:\Documents and Settings\LocalService.NT AUTHORITY\ntuser.dat.LOG Object is locked saltado

C:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked saltado

C:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked saltado

C:\Documents and Settings\NetworkService.NT AUTHORITY\NTUSER.DAT Object is locked saltado

C:\Documents and Settings\NetworkService.NT AUTHORITY\ntuser.dat.LOG Object is locked saltado

C:\Documents and Settings\Roberto.ARAUZ-D554VLIH9\Application Data\$_hpcst$.hpc Object is locked saltado

C:\Documents and Settings\Roberto.ARAUZ-D554VLIH9\Cookies\index.dat Object is locked saltado

C:\Documents and Settings\Roberto.ARAUZ-D554VLIH9\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked saltado

C:\Documents and Settings\Roberto.ARAUZ-D554VLIH9\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked saltado

C:\Documents and Settings\Roberto.ARAUZ-D554VLIH9\Local Settings\History\History.IE5\index.dat Object is locked saltado

C:\Documents and Settings\Roberto.ARAUZ-D554VLIH9\Local Settings\Temp\Component Update 244/stream/data0003 Infectados: Trojan.Win32.BHO.dwu saltado

C:\Documents and Settings\Roberto.ARAUZ-D554VLIH9\Local Settings\Temp\Component Update 244/stream Infectados: Trojan.Win32.BHO.dwu saltado

C:\Documents and Settings\Roberto.ARAUZ-D554VLIH9\Local Settings\Temp\Component Update 244 NSIS: infectado - 2 saltado

C:\Documents and Settings\Roberto.ARAUZ-D554VLIH9\Local Settings\Temp\Component Update 369/stream/data0003 Infectados: Trojan.Win32.BHO.cwq saltado

C:\Documents and Settings\Roberto.ARAUZ-D554VLIH9\Local Settings\Temp\Component Update 369/stream Infectados: Trojan.Win32.BHO.cwq saltado

C:\Documents and Settings\Roberto.ARAUZ-D554VLIH9\Local Settings\Temp\Component Update 369 NSIS: infectado - 2 saltado

C:\Documents and Settings\Roberto.ARAUZ-D554VLIH9\Local Settings\Temp\Installer.exe/data0005 Infectados: not-a-virus:AdWare.Win32.Shopper.q saltado

C:\Documents and Settings\Roberto.ARAUZ-D554VLIH9\Local Settings\Temp\Installer.exe NSIS: infectado - 1 saltado

C:\Documents and Settings\Roberto.ARAUZ-D554VLIH9\Local Settings\Temp\Perflib_Perfdata_d58.dat Object is locked saltado

C:\Documents and Settings\Roberto.ARAUZ-D554VLIH9\Local Settings\Temp\WCESLog.log Object is locked saltado

C:\Documents and Settings\Roberto.ARAUZ-D554VLIH9\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked saltado

C:\Documents and Settings\Roberto.ARAUZ-D554VLIH9\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked saltado

C:\Documents and Settings\Roberto.ARAUZ-D554VLIH9\NTUSER.DAT Object is locked saltado

C:\Documents and Settings\Roberto.ARAUZ-D554VLIH9\ntuser.dat.LOG Object is locked saltado

C:\Program Files\eMule\Incoming\Ares Regular 1.9.1 + codigo activacion by markitoswayne updated-fixed 01-2007.zip/Setup.exe Infectados: P2P-Worm.Win32.Kapucen.b saltado

C:\Program Files\eMule\Incoming\Ares Regular 1.9.1 + codigo activacion by markitoswayne updated-fixed 01-2007.zip ZIP: infectado - 1 saltado

C:\Program Files\Secured IE\Secured IE - Installer.exe/data0016/data0005 Infectados: not-a-virus:AdWare.Win32.Shopper.q saltado

C:\Program Files\Secured IE\Secured IE - Installer.exe/data0016 Infectados: not-a-virus:AdWare.Win32.Shopper.q saltado

C:\Program Files\Secured IE\Secured IE - Installer.exe NSIS: infectado - 2 saltado

C:\Program Files\Secured IE\SecuredIE_new.exe Infectados: not-a-virus:AdWare.Win32.Shopper.r saltado

C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked saltado

C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP939\A0311380.dll Infectados: not-a-virus:AdWare.Win32.TrafficSol.ah saltado

C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP939\A0311387.exe Infectados: not-a-virus:AdWare.Win32.RK.n saltado

C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP939\A0312380.dll Infectados: not-a-virus:AdWare.Win32.RK.z saltado

C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP941\A0312413.dll Infectados: not-a-virus:AdWare.Win32.RK.s saltado

C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP944\A0312594.dll Infectados: not-a-virus:AdWare.Win32.BHO.th saltado

C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP944\A0312595.dll Infectados: not-a-virus:AdWare.Win32.RK.ab saltado

C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP944\A0312596.exe Infectados: not-a-virus:AdWare.Win32.RK.aa saltado

C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP944\A0313002.dll Infectados: Trojan.Win32.BHO.cgf saltado

C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP945\A0314054.dll Infectados: Trojan.Win32.BHO.che saltado

C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP955\A0316799.dll Infectados: Trojan.Win32.BHO.dse saltado

C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP955\A0316823.dll Infectados: Trojan.Win32.BHO.dza saltado

C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP956\A0316890.dll Infectados: Trojan.Win32.BHO.cwl saltado

C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP961\A0318887.dll Infectados: Trojan.Win32.BHO.dlh saltado

C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP962\A0318919.dll Infectados: Trojan.Win32.BHO.efz saltado

C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP964\A0319923.dll Infectados: Trojan.Win32.BHO.dlh saltado

C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP966\A0322041.dll Infectados: Trojan.Win32.BHO.cpi saltado

C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP966\A0322052.dll Infectados: Trojan.Win32.BHO.cpx saltado

C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP967\A0322063.dll Infectados: Trojan.Win32.BHO.dpl saltado

C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0323137.dll Infectados: Trojan.Win32.BHO.cwq saltado

C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0324147.dll Infectados: Trojan.Win32.BHO.cve saltado

C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0324171.dll Infectados: Trojan.Win32.BHO.dwu saltado

C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327193.dll Infectados: not-a-virus:Downloader.Win32.AdLoad.b saltado

C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327195.dll Infectados: not-a-virus:AdWare.Win32.Shopper.q saltado

C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327196.DLL Infectados: not-a-virus:AdTool.Win32.MyWebSearch.l saltado

C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327197.DLL Infectados: not-a-virus:AdTool.Win32.MyWebSearch.p saltado

C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327198.DLL Infectados: not-a-virus:AdTool.Win32.MyWebSearch saltado

C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327199.DLL Infectados: not-a-virus:AdTool.Win32.MyWebSearch.z saltado

C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327200.DLL Infectados: not-a-virus:AdTool.Win32.MyWebSearch saltado

C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327201.DLL Infectados: not-a-virus:AdTool.Win32.MyWebSearch.f saltado

C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327202.DLL Infectados: not-a-virus:AdTool.Win32.MyWebSearch.af saltado

C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327203.DLL Infectados: not-a-virus:AdTool.Win32.MyWebSearch.ad saltado

C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327204.DLL Infectados: not-a-virus:AdTool.Win32.MyWebSearch.l saltado

C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327205.DLL Infectados: not-a-virus:AdTool.Win32.MyWebSearch saltado

C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327206.DLL Infectados: not-a-virus:AdTool.Win32.MyWebSearch.af saltado

C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327207.DLL Infectados: not-a-virus:AdTool.Win32.MyWebSearch.ab saltado

C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327209.dll Infectados: not-a-virus:AdTool.Win32.MyWebSearch saltado

C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327210.SCR Infectados: not-a-virus:AdTool.Win32.MyWebSearch saltado

C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327211.DLL Infectados: not-a-virus:AdTool.Win32.MyWebSearch saltado

C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327212.EXE Infectados: not-a-virus:AdTool.Win32.MyWebSearch.a saltado

C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327213.DLL Infectados: not-a-virus:AdTool.Win32.MyWebSearch.bh saltado

C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327214.DLL Infectados: not-a-virus:AdTool.Win32.MyWebSearch.ax saltado

C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327218.scr Infectados: not-a-virus:AdTool.Win32.MyWebSearch saltado

C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327222.exe Infectados: not-a-virus:Downloader.Win32.WinFixer.l saltado

C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327223.DLL Infectados: not-a-virus:AdWare.Win32.FunWeb.d saltado

C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327224.DLL Infectados: not-a-virus:AdTool.Win32.MyWebSearch.v saltado

C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327225.DLL Infectados: not-a-virus:AdTool.Win32.MyWebSearch.l saltado

C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327226.EXE Infectados: not-a-virus:AdTool.Win32.MyWebSearch saltado

C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327227.DLL Infectados: not-a-virus:AdTool.Win32.MyWebSearch saltado

C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327228.DLL Infectados: not-a-virus:AdTool.Win32.MyWebSearch.i saltado

C:\WINDOWS\Debug\PASSWD.LOG Object is locked saltado

C:\WINDOWS\SchedLgU.Txt Object is locked saltado

C:\WINDOWS\Sti_Trace.log Object is locked saltado

C:\WINDOWS\system32\byXOIBTL.dll Infectados: Trojan.Win32.Monder.wi saltado

C:\WINDOWS\system32\CatRoot2\edb.log Object is locked saltado

C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked saltado

C:\WINDOWS\system32\config\ACEEvent.evt Object is locked saltado

C:\WINDOWS\system32\config\AppEvent.Evt Object is locked saltado

C:\WINDOWS\system32\config\default Object is locked saltado

C:\WINDOWS\system32\config\default.LOG Object is locked saltado

C:\WINDOWS\system32\config\Internet.evt Object is locked saltado

C:\WINDOWS\system32\config\SAM Object is locked saltado

C:\WINDOWS\system32\config\SAM.LOG Object is locked saltado

C:\WINDOWS\system32\config\SecEvent.Evt Object is locked saltado

C:\WINDOWS\system32\config\SECURITY Object is locked saltado

C:\WINDOWS\system32\config\SECURITY.LOG Object is locked saltado

C:\WINDOWS\system32\config\software Object is locked saltado

C:\WINDOWS\system32\config\software.LOG Object is locked saltado

C:\WINDOWS\system32\config\SysEvent.Evt Object is locked saltado

C:\WINDOWS\system32\config\system Object is locked saltado

C:\WINDOWS\system32\config\system.LOG Object is locked saltado

C:\WINDOWS\system32\drivers\sptd.sys Object is locked saltado

C:\WINDOWS\system32\h323log.txt Object is locked saltado

C:\WINDOWS\system32\iifffETk.dll Infectados: Backdoor.Win32.Hupigon.cmrx saltado

C:\WINDOWS\system32\nsj3D.dll Infectados: Trojan.Win32.BHO.dwu saltado

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked saltado

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked saltado

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked saltado

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MA P Object is locked saltado

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MA P Object is locked saltado

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DAT A Object is locked saltado

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked saltado

C:\WINDOWS\system32\xterm\dll32.exe Infectados: Backdoor.Win32.Iroffer.13b11 saltado

C:\WINDOWS\system32\xterm\firedaemon.exe Infectados: not-a-virus:RemoteAdmin.Win32.RA.3826 saltado

C:\WINDOWS\system32\xterm\smcss.exe Infectados: not-a-virus:Server-FTP.Win32.Serv-U.gen saltado

C:\WINDOWS\wiadebug.log Object is locked saltado

C:\WINDOWS\wiaservc.log Object is locked saltado

I:\Program Files II\Lphant-v3.00B5-Installer.exe/file55 Infectados: not-a-virus:AdTool.Win32.WhenU.a saltado

I:\Program Files II\Lphant-v3.00B5-Installer.exe Inno: infectado - 1 saltado

I:\Incoming III\Videos\Nero 7.8.5.0\Nero 7.8.5.0.exe/Toolbar.exe Infectados: not-a-virus:AdTool.Win32.MyWebSearch.bm saltado

I:\Incoming III\Videos\Nero 7.8.5.0\Nero 7.8.5.0.exe RAR: infectado - 1 saltado

I:\Incoming III\SOFTWARE\Codec Pack de ELISOFT v14.0.zip/CodecPackElisoft140.exe/divx511\fsg_4104.exe Infectados: not-a-virus:AdWare.Win32.Gator.4104 saltado

I:\Incoming III\SOFTWARE\Codec Pack de ELISOFT v14.0.zip/CodecPackElisoft140.exe Infectados: not-a-virus:AdWare.Win32.Gator.4104 saltado

I:\Incoming III\SOFTWARE\Codec Pack de ELISOFT v14.0.zip ZIP: infectado - 2 saltado

I:\Incoming III\SOFTWARE\Alcohol.120.v1.9.6.4719.Retail.WinALL .Cracked-BETAMASTER\Alcohol120_retail 196.4719.exe/data0000.cab/demonoid.com/data.rar/dll32.exe Infectados: Backdoor.Win32.Iroffer.13b11 saltado

I:\Incoming III\SOFTWARE\Alcohol.120.v1.9.6.4719.Retail.WinALL .Cracked-BETAMASTER\Alcohol120_retail 196.4719.exe/data0000.cab/demonoid.com/data.rar/firedaemon.exe Infectados: not-a-virus:RemoteAdmin.Win32.RA.3826 saltado

I:\Incoming III\SOFTWARE\Alcohol.120.v1.9.6.4719.Retail.WinALL .Cracked-BETAMASTER\Alcohol120_retail 196.4719.exe/data0000.cab/demonoid.com/data.rar/smcss.exe Infectados: not-a-virus:Server-FTP.Win32.Serv-U.gen saltado

I:\Incoming III\SOFTWARE\Alcohol.120.v1.9.6.4719.Retail.WinALL .Cracked-BETAMASTER\Alcohol120_retail 196.4719.exe/data0000.cab/demonoid.com/data.rar Infectados: not-a-virus:Server-FTP.Win32.Serv-U.gen saltado

I:\Incoming III\SOFTWARE\Alcohol.120.v1.9.6.4719.Retail.WinALL .Cracked-BETAMASTER\Alcohol120_retail 196.4719.exe/data0000.cab/demonoid.com Infectados: not-a-virus:Server-FTP.Win32.Serv-U.gen saltado

I:\Incoming III\SOFTWARE\Alcohol.120.v1.9.6.4719.Retail.WinALL .Cracked-BETAMASTER\Alcohol120_retail 196.4719.exe/data0000.cab Infectados: not-a-virus:Server-FTP.Win32.Serv-U.gen saltado

I:\Incoming III\SOFTWARE\Alcohol.120.v1.9.6.4719.Retail.WinALL .Cracked-BETAMASTER\Alcohol120_retail 196.4719.exe Rsrc-Package: infectado - 6 saltado

I:\Incoming III\SOFTWARE\DivX Pro (incl. DivX Player) 6.5 for Windows\keygen.exe Infectados: not-a-virus:PSWTool.Win32.GetPass.h saltado

I:\Incoming III\New downloads\Secured Downloading of spywarestop with new Secured Browser.zip/SecuredeIE_11_EN_SS_-1206954172.exe/WISE0011.BIN Infectados: not-a-virus:AdWare.Win32.Shopper.r saltado

I:\Incoming III\New downloads\Secured Downloading of spywarestop with new Secured Browser.zip/SecuredeIE_11_EN_SS_-1206954172.exe/WISE0013.BIN/data0016/data0005 Infectados: not-a-virus:AdWare.Win32.Shopper.q saltado

I:\Incoming III\New downloads\Secured Downloading of spywarestop with new Secured Browser.zip/SecuredeIE_11_EN_SS_-1206954172.exe/WISE0013.BIN/data0016 Infectados: not-a-virus:AdWare.Win32.Shopper.q saltado

I:\Incoming III\New downloads\Secured Downloading of spywarestop with new Secured Browser.zip/SecuredeIE_11_EN_SS_-1206954172.exe/WISE0013.BIN Infectados: not-a-virus:AdWare.Win32.Shopper.q saltado

I:\Incoming III\New downloads\Secured Downloading of spywarestop with new Secured Browser.zip/SecuredeIE_11_EN_SS_-1206954172.exe Infectados: not-a-virus:AdWare.Win32.Shopper.q saltado

I:\Incoming III\New downloads\Secured Downloading of spywarestop with new Secured Browser.zip ZIP: infectado - 5 saltado

I:\Incoming III\New downloads\Adware Spyware Be Gone.rar/Adware Spyware Be Gone/asbg.exe/data0000.cab/is156177.exe Infectados: Backdoor.Win32.Hupigon.cmsz saltado

I:\Incoming III\New downloads\Adware Spyware Be Gone.rar/Adware Spyware Be Gone/asbg.exe/data0000.cab Infectados: Backdoor.Win32.Hupigon.cmsz saltado

I:\Incoming III\New downloads\Adware Spyware Be Gone.rar/Adware Spyware Be Gone/asbg.exe Infectados: Backdoor.Win32.Hupigon.cmsz saltado

I:\Incoming III\New downloads\Adware Spyware Be Gone.rar RAR: infectado - 3 saltado

Análisis completado.

post #5 (permalink)

30/06/08, 19:09:10

M@co

Colaborador

Registrado: dic 2007

Ubicación: Guayana - Venezuela

Mensajes: 3.665

Re: Ataque ADZGALORE

Hola.

Realiza lo siguiente:

Apaga el Restaurar Sistema (solo en Win Me/XP y Vista).

Descargate OTMoveIt2 lo guardas en el Escritorio.

Haz un doble clic sobre OTMoveIt.exe para ejecutarlo.
Asegurate que este marcado "Unregister Dll's and Ocx's".
Copia el texto que se encuentra en el cuadrado más abajo, y pega el texto en el marco de izquierdo de OTMoveIt nombrado Paste Standar List of Files / Folders to be moved.

Código HTML:

C:\Documents and Settings\Roberto.ARAUZ-D554VLIH9\Local Settings\Temp\Component Update 244 
C:\Documents and Settings\Roberto.ARAUZ-D554VLIH9\Local Settings\Temp\Component Update 369
C:\Documents and Settings\Roberto.ARAUZ-D554VLIH9\Local Settings\Temp\Installer.exe
C:\Program Files\eMule\Incoming\Ares Regular 1.9.1 + codigo activacion by markitoswayne updated-fixed 01-2007.zip
C:\Program Files\Secured IE\Secured IE - Installer.exe 
C:\Program Files\Secured IE\SecuredIE_new.exe 
C:\WINDOWS\system32\byXOIBTL.dll
C:\WINDOWS\system32\iifffETk.dll 
C:\WINDOWS\system32\nsj3D.dll 
C:\WINDOWS\system32\xterm\dll32.exe 
C:\WINDOWS\system32\xterm\firedaemon.exe 
C:\WINDOWS\system32\xterm\smcss.exe 
I:\Program Files II\Lphant-v3.00B5-Installer.exe 
I:\Incoming III\Videos\Nero 7.8.5.0\Nero 7.8.5.0.exe 
I:\Incoming III\SOFTWARE\Codec Pack de ELISOFT v14.0.zip
I:\Incoming III\SOFTWARE\Alcohol.120.v1.9.6.4719.Retail.WinALL .Cracked-BETAMASTER\Alcohol120_retail 196.4719.exe 
I:\Incoming III\SOFTWARE\DivX Pro (incl. DivX Player) 6.5 for Windows\keygen.exe 
I:\Incoming III\New downloads\Secured Downloading of spywarestop with new Secured Browser.zip 
I:\Incoming III\New downloads\Adware Spyware Be Gone.rar 
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP939\A0311380.dll 
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP939\A0311387.exe 
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP939\A0312380.dll 
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP941\A0312413.dll 
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP944\A0312594.dll 
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP944\A0312595.dll 
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP944\A0312596.exe 
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP944\A0313002.dll 
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP945\A0314054.dll 
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP955\A0316799.dll 
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP955\A0316823.dll 
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP956\A0316890.dll 
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP961\A0318887.dll 
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP962\A0318919.dll 
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP964\A0319923.dll 
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP966\A0322041.dll 
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP966\A0322052.dll 
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP967\A0322063.dll
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0323137.dll 
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0324147.dll 
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0324171.dll 
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327193.dll 
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327195.dll 
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327196.DLL 
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327197.DLL  
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327198.DLL 
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327199.DLL 
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327200.DLL 
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327201.DLL 
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327202.DLL 
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327203.DLL 
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327204.DLL 
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327205.DLL 
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327206.DLL  
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327207.DLL  
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327209.dll 
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327210.SCR 
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327211.DLL 
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327212.EXE 
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327213.DLL 
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327214.DLL 
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327218.scr 
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327222.exe 
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327223.DLL 
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327224.DLL 
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327225.DLL 
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327226.EXE 
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327227.DLL 
C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327228.DLL

Haz clic en MoveIt! Para lanzar la supresión.
Cuando el resultado aparece en el marco Results, haz clic en Exit.
Reinicia el PC (Este paso es muy importante)
Envía el informe (reporte) de OTMoveIt situado sobre C: \ _ OTMoveIt\MovedFiles.

Descarga, actualiza y ejecuta Ad-Aware Free:
- Para iniciar el analisis pulse en la opcion "Explorar". Realice un escaneo completo seleccionando "Explracion Completo" y luego presionando en "Exploracion".
- Una vez finalizado el análisis de nuestro sistema, nos indicara los resultados en una pantalla que mostrara la informacion detallada de los spywares encontrados.
- Elimine todo lo que Ad-Aware Free detecte seleccionando la opcion "Eliminar".
- Luego pulse en la opcion "Terminar" para finalizar el proceso.
Ejecuta el Ccleaner.
- Usando primero su opción de "Limpiador" para borrar cookies, temporales de Internet y todos los archivos que este te muestre como obsoletos.
- Despues usa su opción de "Registro" para limpiar todo el registro de Windows (haciendo copia de seguridad).

*Nota*
- Al terminar reactiva el "restaurar sistema".
- Pega el reporte de OTMoveIt2; luego borra esta carpeta: C:\_OtMoveIt.
- Comenta los resultados.

Salu2!.

post #6 (permalink)

01/07/08, 15:56:52

Bubba_BCN

Usuario

Registrado: jun 2008

Ubicación: Barcelona

Mensajes: 9

Re: Ataque ADZGALORE

Si que es complicado esto...

Este es el reporte de OTMoveit2...

C:\Documents and Settings\Roberto.ARAUZ-D554VLIH9\Local Settings\Temp\Component Update 244 moved successfully.
C:\Documents and Settings\Roberto.ARAUZ-D554VLIH9\Local Settings\Temp\Component Update 369 moved successfully.
C:\Documents and Settings\Roberto.ARAUZ-D554VLIH9\Local Settings\Temp\Installer.exe moved successfully.
C:\Program Files\eMule\Incoming\Ares Regular 1.9.1 + codigo activacion by markitoswayne updated-fixed 01-2007.zip moved successfully.
C:\Program Files\Secured IE\Secured IE - Installer.exe moved successfully.
C:\Program Files\Secured IE\SecuredIE_new.exe moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\byXOIBTL.dll
C:\WINDOWS\system32\byXOIBTL.dll NOT unregistered.
C:\WINDOWS\system32\byXOIBTL.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\iifffETk.dll
C:\WINDOWS\system32\iifffETk.dll NOT unregistered.
File move failed. C:\WINDOWS\system32\iifffETk.dll scheduled to be moved on reboot.
C:\WINDOWS\system32\nsj3D.dll unregistered successfully.
C:\WINDOWS\system32\nsj3D.dll moved successfully.
C:\WINDOWS\system32\xterm\dll32.exe moved successfully.
C:\WINDOWS\system32\xterm\firedaemon.exe moved successfully.
C:\WINDOWS\system32\xterm\smcss.exe moved successfully.
I:\Program Files II\Lphant-v3.00B5-Installer.exe moved successfully.
I:\Incoming III\Videos\Nero 7.8.5.0\Nero 7.8.5.0.exe moved successfully.
I:\Incoming III\SOFTWARE\Codec Pack de ELISOFT v14.0.zip moved successfully.
File/Folder I:\Incoming III\SOFTWARE\Alcohol.120.v1.9.6.4719.Retail.WinALL .Cracked-BETAMASTER\Alcohol120_retail 196.4719.exe not found.
I:\Incoming III\SOFTWARE\DivX Pro (incl. DivX Player) 6.5 for Windows\keygen.exe moved successfully.
I:\Incoming III\New downloads\Secured Downloading of spywarestop with new Secured Browser.zip moved successfully.
I:\Incoming III\New downloads\Adware Spyware Be Gone.rar moved successfully.
File/Folder C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP939\A0311380.dll not found.
File/Folder C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP939\A0311387.exe not found.
File/Folder C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP939\A0312380.dll not found.
File/Folder C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP941\A0312413.dll not found.
File/Folder C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP944\A0312594.dll not found.
File/Folder C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP944\A0312595.dll not found.
File/Folder C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP944\A0312596.exe not found.
File/Folder C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP944\A0313002.dll not found.
File/Folder C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP945\A0314054.dll not found.
File/Folder C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP955\A0316799.dll not found.
File/Folder C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP955\A0316823.dll not found.
File/Folder C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP956\A0316890.dll not found.
File/Folder C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP961\A0318887.dll not found.
File/Folder C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP962\A0318919.dll not found.
File/Folder C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP964\A0319923.dll not found.
File/Folder C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP966\A0322041.dll not found.
File/Folder C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP966\A0322052.dll not found.
File/Folder C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP967\A0322063.dll not found.
File/Folder C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0323137.dll not found.
File/Folder C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0324147.dll not found.
File/Folder C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0324171.dll not found.
File/Folder C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327193.dll not found.
File/Folder C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327195.dll not found.
File/Folder C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327196.DLL not found.
File/Folder C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327197.DLL not found.
File/Folder C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327198.DLL not found.
File/Folder C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327199.DLL not found.
File/Folder C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327200.DLL not found.
File/Folder C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327201.DLL not found.
File/Folder C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327202.DLL not found.
File/Folder C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327203.DLL not found.
File/Folder C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327204.DLL not found.
File/Folder C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327205.DLL not found.
File/Folder C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327206.DLL not found.
File/Folder C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327207.DLL not found.
File/Folder C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327209.dll not found.
File/Folder C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327210.SCR not found.
File/Folder C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327211.DLL not found.
File/Folder C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327212.EXE not found.
File/Folder C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327213.DLL not found.
File/Folder C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327214.DLL not found.
File/Folder C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327218.scr not found.
File/Folder C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327222.exe not found.
File/Folder C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327223.DLL not found.
File/Folder C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327224.DLL not found.
File/Folder C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327225.DLL not found.
File/Folder C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327226.EXE not found.
File/Folder C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327227.DLL not found.
File/Folder C:\System Volume Information\_restore{7C90AA25-00AB-47B7-ADA1-0C1FC322C4BA}\RP970\A0327228.DLL not found.

OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 07012008_214010

Files moved on Reboot...

"Ahora voy a probar el Ad-Aware free"

post #7 (permalink)

01/07/08, 17:46:14

Bubba_BCN

Usuario

Registrado: jun 2008

Ubicación: Barcelona

Mensajes: 9

Re: Ataque ADZGALORE

Hola, he terminado los procesos, pero sigo recibiendo ataques, además ahora no puedo entrar a yahoo mail que es la primera página a la que accedo cuando se abre el explorer.

A partir del Kaspersky ya no hice los análisis en modo seguro, tendrá algo que ver? O mejor me dedico a la mecánica automotriz?

post #8 (permalink)

01/07/08, 17:52:14

M@co

Colaborador