troyano not-a-virus:FraudTool.Win32.WinAntiVirus.bb segun kaspersky online - Página 2

Buscar

		Foro de Spyware » Spyware - Adware - Hijackers - Malwares » Foro Oficial de HijackThis en español
troyano not-a-virus:FraudTool.Win32.WinAntiVirus.bb segun kaspersky online

Para evitar Virus, Spyware y otros Malwares, te recomendamos mantenerte informado en: InfoSpyware Blog

Foro Oficial de HijackThis en español Analizamos tu log de HijackThis para eliminar Hijackers, Spyware, Adware, ToolBars, Virus, Troyanos y Malwares en gral. Antes lea las Políticas del Foro de HijackThis.

Página 2 de 2

Enviar a:

Herramientas

post #11

27/08/08, 22:16:31

Vituperio Viole Vituperio Viole está offline

Usuario

Registrado: feb 2006

Ubicación: Argentina

Mensajes: 37

Re: troyano not-a-virus:FraudTool.Win32.WinAntiVirus.bb segun kaspersky online

ok!

aca va
disculpas por la tardanza es que estuve de viaje por mis pagos!

ComboFix 08-08-19.06 - Los Dávola 2008-08-23 0:00:21.2 - NTFSx86
Se ejecuta desde: C:\Users\Los Dávola\Desktop\Emilio\Soft\ComboFix.exe
.

(((((((((((((((((( Archivos creados desde 2008-07-23 - 2008-08-23 )))))))))))))))))))))))))))))))))
.

2008-08-22 01:30 . 2008-08-22 01:30 0 --ah----- C:\WINDOWS\System32\drivers\Msft_User_WpdFs_01_00_ 00.Wdf
2008-08-22 00:58 . 2008-06-25 07:49 4,244,744 --a------ C:\WINDOWS\System32\qtp-mt334.dll
2008-08-22 00:58 . 2008-06-25 07:49 247,560 --a------ C:\WINDOWS\System32\prgiso.dll
2008-08-22 00:58 . 2008-06-25 07:49 40,368 --a------ C:\WINDOWS\System32\drivers\hotcore3.sys
2008-08-22 00:57 . 2008-08-22 00:59 <DIR> d-------- C:\Program Files\Paragon Software
2008-08-21 23:31 . 2008-08-21 23:31 <DIR> d-------- C:\PerfLogs
2008-08-21 07:25 . 2008-01-19 04:38 4,595,712 --a------ C:\WINDOWS\System32\AuthFWSnapin.dll
2008-08-21 07:24 . 2008-01-19 04:33 8,139,264 --a------ C:\WINDOWS\System32\ssBranded.scr
2008-08-21 07:23 . 2008-01-19 04:34 6,103,040 --a------ C:\WINDOWS\System32\chtbrkr.dll
2008-08-21 07:22 . 2008-01-19 03:06 8,147,456 --a------ C:\WINDOWS\System32\wmploc.DLL
2008-08-21 07:21 . 2008-01-19 04:36 704,512 --a------ C:\WINDOWS\System32\SmiEngine.dll
2008-08-21 07:21 . 2008-01-19 04:36 357,888 --a------ C:\WINDOWS\System32\wbemcomn.dll
2008-08-21 07:21 . 2008-01-19 04:34 305,152 --a------ C:\WINDOWS\System32\msdelta.dll
2008-08-21 07:21 . 2008-01-19 04:34 258,560 --a------ C:\WINDOWS\System32\dpx.dll
2008-08-21 07:21 . 2008-01-19 04:34 246,784 --a------ C:\WINDOWS\System32\drvstore.dll
2008-08-21 07:21 . 2008-01-19 04:36 218,624 --a------ C:\WINDOWS\System32\wdscore.dll
2008-08-21 07:21 . 2008-01-19 04:36 139,264 --a------ C:\WINDOWS\System32\SmiInstaller.dll
2008-08-21 07:21 . 2008-01-19 04:33 130,560 --a------ C:\WINDOWS\System32\PkgMgr.exe
2008-08-21 07:21 . 2008-01-19 04:35 35,328 --a------ C:\WINDOWS\System32\mspatcha.dll
2008-08-21 01:51 . 2008-08-21 01:51 269,312 --a------ C:\WINDOWS\System32\es.dll
2008-08-21 01:41 . 2008-08-21 01:41 1,811,656 --a------ C:\WINDOWS\System32\wuaueng.dll
2008-08-21 01:41 . 2008-08-21 01:41 1,524,736 --a------ C:\WINDOWS\System32\wucltux.dll
2008-08-21 01:41 . 2008-08-21 01:41 53,448 --a------ C:\WINDOWS\System32\wuauclt.exe
2008-08-21 01:41 . 2008-08-21 01:41 45,768 --a------ C:\WINDOWS\System32\wups2.dll
2008-08-21 01:40 . 2008-08-21 01:40 563,912 --a------ C:\WINDOWS\System32\wuapi.dll
2008-08-21 01:40 . 2008-08-21 01:40 163,904 --a------ C:\WINDOWS\System32\wuwebv.dll
2008-08-21 01:40 . 2008-08-21 01:40 83,456 --a------ C:\WINDOWS\System32\wudriver.dll
2008-08-21 01:40 . 2008-08-21 01:40 36,552 --a------ C:\WINDOWS\System32\wups.dll
2008-08-21 01:40 . 2008-08-21 01:40 31,232 --a------ C:\WINDOWS\System32\wuapp.exe
2008-08-21 01:09 . 2008-08-21 01:09 9,892,864 --a------ C:\WINDOWS\System32\NlsLexicons000a.dll
2008-08-21 01:00 . 2008-08-21 01:00 <DIR> d-------- C:\Program Files\Microsoft Silverlight
2008-08-20 23:28 . 2008-08-20 23:28 361,984 --a------ C:\WINDOWS\System32\IPSECSVC.DLL
2008-08-20 23:28 . 2008-08-20 23:28 272,896 --a------ C:\WINDOWS\System32\polstore.dll
2008-08-20 23:28 . 2008-08-20 23:28 61,440 --a------ C:\WINDOWS\System32\winipsec.dll
2008-08-20 23:28 . 2008-08-20 23:28 28,672 --a------ C:\WINDOWS\System32\FwRemoteSvr.dll
2008-08-20 23:22 . 2008-08-20 23:22 2,048 --a------ C:\WINDOWS\System32\tzres.dll
2008-08-20 23:13 . 2008-08-20 23:13 1,383,424 --a------ C:\WINDOWS\System32\mshtml.tlb
2008-08-20 23:13 . 2008-08-20 23:13 827,392 --a------ C:\WINDOWS\System32\wininet.dll
2008-08-20 23:10 . 2008-08-20 23:10 988,216 --a------ C:\WINDOWS\System32\winload.exe
2008-08-20 23:10 . 2008-08-20 23:10 927,288 --a------ C:\WINDOWS\System32\winresume.exe
2008-08-20 23:10 . 2008-08-20 23:10 615,992 --a------ C:\WINDOWS\System32\ci.dll
2008-08-20 23:10 . 2008-08-20 23:10 378,368 --a------ C:\WINDOWS\System32\srcore.dll
2008-08-20 23:10 . 2008-08-20 23:10 318,464 --a------ C:\WINDOWS\System32\rstrui.exe
2008-08-20 23:10 . 2008-08-20 23:10 46,592 --a------ C:\WINDOWS\System32\setbcdlocale.dll
2008-08-20 23:10 . 2008-08-20 23:10 40,960 --a------ C:\WINDOWS\System32\srclient.dll
2008-08-20 23:10 . 2008-08-20 23:10 19,000 --a------ C:\WINDOWS\System32\kd1394.dll
2008-08-20 23:10 . 2008-08-20 23:10 14,848 --a------ C:\WINDOWS\System32\srdelayed.exe
2008-08-20 23:10 . 2008-08-20 23:10 6,656 --a------ C:\WINDOWS\System32\kbd106n.dll
2008-08-20 22:56 . 2008-08-20 22:56 2,032,128 --a------ C:\WINDOWS\System32\win32k.sys
2008-08-20 22:56 . 2008-08-20 22:56 295,936 --a------ C:\WINDOWS\System32\gdi32.dll
2008-08-20 22:55 . 2008-08-20 22:55 113,664 --a------ C:\WINDOWS\System32\drivers\rmcast.sys
2008-08-20 22:55 . 2008-08-20 22:55 14,848 --a------ C:\WINDOWS\System32\wshrm.dll
2008-08-20 22:54 . 2008-08-20 22:54 4,240,384 --a------ C:\WINDOWS\System32\GameUXLegacyGDFs.dll
2008-08-20 22:54 . 2008-08-20 22:54 1,695,744 --a------ C:\WINDOWS\System32\gameux.dll
2008-08-20 22:29 . 2008-08-20 22:29 738,304 --a------ C:\WINDOWS\System32\inetcomm.dll
2008-08-20 22:29 . 2008-08-20 22:29 84,480 --a------ C:\WINDOWS\System32\INETRES.dll
2008-08-20 22:26 . 2008-08-20 22:26 1,314,816 --a------ C:\WINDOWS\System32\quartz.dll
2008-08-20 22:24 . 2008-08-20 22:24 <DIR> d-------- C:\Program Files\MSXML 4.0
2008-08-20 21:34 . 2008-08-20 21:34 <DIR> d-------- C:\Users\Los Dávola\AppData\Roaming\Malwarebytes
2008-08-20 21:34 . 2008-08-17 15:01 17,144 --a------ C:\WINDOWS\System32\drivers\mbam.sys
2008-08-20 21:33 . 2008-08-20 21:33 <DIR> d-------- C:\Users\All Users\Malwarebytes
2008-08-20 21:33 . 2008-08-20 21:34 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-08-20 21:33 . 2008-08-20 21:33 <DIR> d-------- C:\PROGRA~2\Malwarebytes
2008-08-20 21:33 . 2008-08-17 15:01 38,472 --a------ C:\WINDOWS\System32\drivers\mbamswissarmy.sys
2008-08-20 00:26 . 2008-08-20 02:42 <DIR> d-------- C:\Program Files\EsetOnlineScanner
2008-08-20 00:22 . 2008-08-20 00:22 <DIR> d-------- C:\!KillBox
2008-08-19 00:35 . 2008-08-19 00:35 <DIR> d-------- C:\WINDOWS\System32\Kaspersky Lab
2008-08-18 23:27 . 2008-08-18 23:30 <DIR> d-------- C:\Program Files\CCleaner
2008-08-18 19:59 . 2007-11-06 09:06 131,672 --a------ C:\WINDOWS\System32\drivers\Uim_IM.sys
2008-08-18 19:59 . 2007-11-06 09:06 32,080 --a------ C:\WINDOWS\System32\drivers\UimBus.sys
2008-08-18 19:59 . 2007-11-06 09:06 11,568 --a------ C:\WINDOWS\System32\drivers\UimFIO.sys
2008-08-18 19:57 . 2008-01-21 17:43 13,576 --a------ C:\WINDOWS\System32\wnaspi32.dll
2008-08-18 06:08 . 2008-08-18 06:08 <DIR> d-------- C:\Users\Los Dávola\Program Files
2008-08-18 06:08 . 2008-08-18 06:08 <DIR> d-------- C:\Users\Los Dávola\Program Files
2008-08-18 05:11 . 2008-08-18 05:14 <DIR> d-------- C:\Program Files\ISOpen
2008-08-18 05:00 . 2008-08-18 05:01 <DIR> d-------- C:\Program Files\DAEMON Tools Lite
2008-08-18 03:38 . 2008-08-18 03:38 <DIR> d-------- C:\Users\Los Dávola\AppData\Roaming\ESET
2008-08-18 03:33 . 2008-08-18 03:33 <DIR> d-------- C:\Users\All Users\ESET
2008-08-18 03:33 . 2008-08-18 03:33 <DIR> d-------- C:\Program Files\ESET
2008-08-18 03:33 . 2008-08-18 03:33 <DIR> d-------- C:\PROGRA~2\ESET
2008-08-18 02:55 . 2008-08-22 23:57 <DIR> d-------- C:\Users\Los Dávola\AppData\Roaming\DNA
2008-08-18 02:55 . 2008-08-22 01:23 <DIR> d-------- C:\Users\Los Dávola\AppData\Roaming\BitTorrent
2008-08-18 02:55 . 2008-08-18 02:55 <DIR> d-------- C:\Program Files\DNA
2008-08-18 02:55 . 2008-08-18 03:30 <DIR> d-------- C:\Program Files\BitTorrent
2008-08-18 02:34 . 2008-08-18 02:34 <DIR> d-------- C:\Users\Los Dávola\AppData\Roaming\WinRAR
2008-08-18 02:08 . 2008-08-18 02:08 <DIR> d-------- C:\Program Files\Skype
2008-08-18 02:08 . 2008-08-18 02:08 <DIR> d-------- C:\Program Files\Common Files\Skype
2008-08-18 02:07 . 2008-08-18 02:08 <DIR> d-------- C:\Users\All Users\Skype
2008-08-18 02:07 . 2008-08-18 02:08 <DIR> d-------- C:\PROGRA~2\Skype
2008-08-18 01:18 . 2008-08-21 22:37 <DIR> d-------- C:\Users\All Users\Spybot - Search & Destroy
2008-08-18 01:18 . 2008-08-18 01:18 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-08-18 01:18 . 2008-08-21 22:37 <DIR> d-------- C:\PROGRA~2\Spybot - Search & Destroy
2008-08-18 01:13 . 2006-10-04 23:42 2,560 --------- C:\WINDOWS\System32\drivers\cdralw2k.sys
2008-08-18 01:13 . 2006-10-04 23:42 2,432 --------- C:\WINDOWS\System32\drivers\cdr4_xp.sys
2008-08-18 01:12 . 2008-08-18 01:13 <DIR> d-------- C:\Program Files\Picasa2
2008-08-18 01:12 . 2008-08-18 01:12 <DIR> d-------- C:\Program Files\Google
2008-08-18 00:33 . 2008-08-18 02:45 <DIR> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller
2008-08-18 00:32 . 2008-08-18 02:45 <DIR> d-------- C:\Program Files\Windows Live
2008-08-18 00:31 . 2008-08-18 00:31 <DIR> d-------- C:\Users\Los Dávola\AppData\Roaming\Macromedia
2008-08-18 00:31 . 2008-08-18 02:31 <DIR> d-------- C:\Users\Los Dávola\AppData\Roaming\Adobe
2008-08-18 00:30 . 2008-08-18 00:30 <DIR> d-------- C:\Users\Los Dávola\Application Data
2008-08-18 00:30 . 2008-08-18 00:30 <DIR> d-------- C:\Users\Los Dávola\Application Data
2008-08-18 00:28 . 2008-08-18 02:35 <DIR> d-------- C:\Users\All Users\WLInstaller
2008-08-18 00:28 . 2008-08-18 02:35 <DIR> d-------- C:\PROGRA~2\WLInstaller
2008-08-18 00:26 . 2006-10-26 19:58 30,512 --a------ C:\WINDOWS\System32\mdimon.dll
2008-08-18 00:19 . 2008-08-18 00:19 <DIR> d-------- C:\Users\Los Dávola\AppData\Roaming\Mozilla
2008-08-18 00:15 . 2008-08-18 00:15 <DIR> d-------- C:\WINDOWS\PCHEALTH
2008-08-18 00:15 . 2008-08-18 00:15 <DIR> d-------- C:\Program Files\Microsoft.NET
2008-08-18 00:07 . 2008-08-18 00:07 <DIR> d-------- C:\Program Files\Microsoft Visual Studio 8
2008-08-18 00:07 . 2008-08-18 00:07 <DIR> d-------- C:\IDE
2008-08-18 00:06 . 2008-08-18 00:16 <DIR> d-------- C:\WINDOWS\SHELLNEW
2008-08-18 00:05 . 2008-08-18 00:05 <DIR> dr-h----- C:\MSOCache
2008-08-17 23:56 . 2008-08-17 23:56 <DIR> d-------- C:\WINDOWS\System32\ShellExt
2008-08-17 23:54 . 2008-08-17 23:59 <DIR> d-------- C:\Program Files\SysinternalsSuite
2008-08-17 23:53 . 2008-08-17 23:53 <DIR> d-------- C:\Program Files\Trend Micro
2008-08-17 23:45 . 2008-08-17 23:45 <DIR> d-------- C:\Users\Los Dávola\AppData\Roaming\TuneUp Software
2008-08-17 23:44 . 2008-08-17 23:44 <DIR> d-------- C:\Users\All Users\TuneUp Software
2008-08-17 23:44 . 2008-08-17 23:44 <DIR> d-------- C:\Program Files\TuneUp Utilities 2008
2008-08-17 23:44 . 2008-08-17 23:44 <DIR> d-------- C:\PROGRA~2\TuneUp Software
2008-08-17 23:44 . 2008-08-17 23:44 306,432 --a------ C:\WINDOWS\System32\TuneUpDefragService.exe
2008-08-17 23:44 . 2007-12-20 10:41 29,440 --a------ C:\WINDOWS\System32\uxtuneup.dll
2008-08-17 23:44 . 2007-12-20 10:44 16,640 --a------ C:\WINDOWS\System32\authuitu.dll
2008-08-17 23:42 . 2008-08-17 23:42 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-08-17 23:42 . 2008-08-17 23:42 717,296 --a------ C:\WINDOWS\System32\drivers\sptd.sys
2008-08-17 23:41 . 2008-08-17 23:41 <DIR> d-------- C:\Users\Los Dávola\AppData\Roaming\DAEMON Tools

.
(((((((((((((((((((((((((((((((((((((( Reporte Find3M )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
2008-08-23 03:06 4,456,448 --sha-w C:\Users\Los Dávola\NTUSER.DAT
2008-08-23 03:06 4,456,448 --sha-w C:\Users\Los Dávola\NTUSER.DAT
2008-08-23 02:57 --------- d-----w C:\Users\Los Dávola\AppData\Roaming\DNA
2008-08-22 04:34 --------- d-s---w C:\Users\Los Dávola\AppData\Roaming\Microsoft
2008-08-22 04:23 --------- d-----w C:\Users\Los Dávola\AppData\Roaming\BitTorrent
2008-08-22 02:54 --------- d-----w C:\PROGRA~2\NVIDIA
2008-08-22 02:49 174 --sha-w C:\Program Files\desktop.ini
2008-08-22 02:38 --------- d-----w C:\Program Files\Windows Sidebar
2008-08-22 02:38 --------- d-----w C:\Program Files\Windows Photo Gallery
2008-08-22 02:38 --------- d-----w C:\Program Files\Windows Mail
2008-08-22 02:38 --------- d-----w C:\Program Files\Windows Defender
2008-08-22 02:38 --------- d-----w C:\Program Files\Windows Calendar
2008-08-21 01:54 540,672 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-08-21 01:54 458,752 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-08-21 01:54 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
2008-08-21 01:54 2,153,984 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-08-21 01:54 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-08-21 00:34 --------- d-----w C:\Users\Los Dávola\AppData\Roaming\Malwarebytes
2008-08-19 00:50 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-08-19 00:38 --------- d-----w C:\Program Files\Microsoft Works
2008-08-18 06:38 --------- d-----w C:\Users\Los Dávola\AppData\Roaming\ESET
2008-08-18 05:34 --------- d-----w C:\Users\Los Dávola\AppData\Roaming\WinRAR
2008-08-18 05:31 --------- d-----w C:\Users\Los Dávola\AppData\Roaming\Adobe
2008-08-18 04:56 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-08-18 04:03 --------- d-----w C:\PROGRA~2\Symantec
2008-08-18 03:31 --------- d-----w C:\Users\Los Dávola\AppData\Roaming\Macromedia
2008-08-18 03:19 --------- d-----w C:\Users\Los Dávola\AppData\Roaming\Mozilla
2008-08-18 03:17 --------- d-----w C:\Program Files\MSBuild
2008-08-18 02:45 --------- d-----w C:\Users\Los Dávola\AppData\Roaming\TuneUp Software
2008-08-18 02:41 --------- d-----w C:\Users\Los Dávola\AppData\Roaming\DAEMON Tools
2008-08-18 02:18 --------- d-----w C:\PROGRA~2\HP
2008-08-18 02:07 --------- d-----w C:\PROGRA~2\Hewlett-Packard
2008-08-18 01:21 --------- d-----w C:\Users\Los Dávola\AppData\Roaming\Symantec
2008-08-18 01:19 --------- d-----w C:\Users\Los Dávola\AppData\Roaming\Identities
2008-08-18 01:17 --------- d-----w C:\Users\Los Dávola\AppData\Roaming\Hewlett-Packard
2008-08-18 01:10 --------- d-sh--w C:\Program Files\Archivos comunes
2008-08-18 01:10 --------- d-sh--w C:\PROGRA~2\Plantillas
2008-08-18 01:10 --------- d-sh--w C:\PROGRA~2\Menú Inicio
2008-08-18 01:10 --------- d-sh--w C:\PROGRA~2\Favoritos
2008-08-18 01:10 --------- d-sh--w C:\PROGRA~2\Escritorio
2008-08-18 01:10 --------- d-sh--w C:\PROGRA~2\Documentos
2008-08-18 01:10 --------- d-sh--w C:\PROGRA~2\Datos de programa
2008-07-01 12:04 71,688 ----a-w C:\Windows\system32\drivers\epfw.sys
2008-07-01 12:04 54,280 ----a-w C:\Windows\system32\drivers\epfwtdi.sys
2008-07-01 12:04 30,728 ----a-w C:\Windows\system32\drivers\epfwndis.sys
2008-07-01 11:57 53,256 ----a-w C:\Windows\system32\drivers\easdrv.sys
2008-07-01 11:56 39,944 ----a-w C:\Windows\system32\drivers\eamon.sys
.

.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Cargando Puntos Reg ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vacías & entradas legítimas predeterminadas no son mostradas
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-07-07 09:42 2156368]
"BitTorrent DNA"="C:\Users\Los Dávola\Program Files\DNA\btdna.exe" [2008-08-18 06:08 342336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"DPService"="C:\Program Files\HP\DVDPlay\DPService.exe" [2007-10-09 07:07 90112]
"SunJavaUpdateReg"="C:\Windows\system32\jureg. exe" [2007-04-06 22:56 54936]
"egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe" [2008-07-01 09:01 1447168]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2008-05-22 21:49 13539872]
"NvMediaCenter"="C:\Windows\system32\NvMcTray. dll" [2008-05-22 21:49 92704]
"RtHDVCpl"="RtHDVCpl.exe" [2007-10-25 10:52 4702208 C:\WINDOWS\RtHDVCpl.exe]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\explorer]
"NoDFSTab"= 1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\cur rentversion\policies\explorer]
"NoDFSTab"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3codecp"= l3codecp.acm

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\run-]
"RtHDVCpl"=RtHDVCpl.exe
"KBD"=C:\HP\KBD\KbdStub.EXE
"hpsysdrv"=c:\hp\support\hpsysdrv.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\FirewallRules]
"{8B080A29-3930-4CD7-93C6-492614CB282C}"= C:\Program Files\HP\DVDPlay\DVDPlay.exe:DVD Play
"{3A74838C-B9DF-4576-A0F6-6BAC22A06117}"= C:\Program Files\HP\DVDPlay\DPService.exe:DVD Play Resident Program
"{1B162528-E983-4E4E-B49A-5F0366D1B591}"= c:\Program Files\Cyberlink\PowerDirector\PDR.EXE:CyberLink PowerDirector
"{4CF6CBB6-C4C2-40E9-BCDC-74B956E9E6F7}"= UDP:C:\Program Files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{FF26B67E-E36A-433B-A9A3-81449942C1B5}"= TCP:C:\Program Files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{BF97D38D-ECD7-4C8B-9518-4DAD366584E9}"= UDP:C:\Program Files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{2740F04E-541F-4E5F-A284-D15A9D1542C5}"= TCP:C:\Program Files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{34E2B27D-FEF5-4299-8AFC-C73794CC219F}"= UDP:C:\Program Files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{93EF6454-C47D-40E3-8F85-5FDB5BE52002}"= TCP:C:\Program Files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{DAC2E681-BB50-4FD9-9BA6-AA2ADD0D9159}"= UDP:C:\WINDOWS\System32\mqsvc.exe:Message Queuing
"{4A1CF2D4-CBCD-4DA9-A934-1469E9DB3D44}"= TCP:C:\WINDOWS\System32\mqsvc.exe:Message Queuing
"{55E9515B-2AEB-4FD8-A3E2-002EDC658E03}"= UDP:C:\WINDOWS\System32\mqsvc.exe:Message Queuing
"{09F6DC23-F5D4-4E9A-AAEA-7E7A082650FF}"= TCP:C:\WINDOWS\System32\mqsvc.exe:Message Queuing
"{A530994D-0EE0-4AB2-8713-33B72A279EE7}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{01541B36-4A6C-4BD8-A27D-A35C2E4CF15F}"= UDP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{83829050-F889-4769-8A3E-15369C094010}"= TCP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{F6473581-8CC9-4B9B-8620-403E4102DC18}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{F0A64986-91FA-4032-A812-CA675CF3377D}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{CB75FBD9-59E7-4B7F-A262-356CB4AD002C}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{C7CF0EEE-E6CB-4847-A0A8-A4226FEC8342}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{131D1C12-DEEF-4F43-8FB1-B59B1226B3A0}"= UDP:C:\Program Files\DNA\btdna.exe:DNA (TCP-In)
"{C05A0308-F300-4E44-9E3A-D644D4317C46}"= TCP:C:\Program Files\DNA\btdna.exe:DNA (UDP-In)
"TCP Query User{2BAA3AF5-4387-42A8-9929-6EF48FBBD228}C:\\program files\\bittorrent\\bittorrent.exe"= UDP:C:\program files\bittorrent\bittorrent.exe:bittorrent
"UDP Query User{89382A04-3F74-4BFB-AD63-A335CA574408}C:\\program files\\bittorrent\\bittorrent.exe"= TCP:C:\program files\bittorrent\bittorrent.exe:bittorrent
"TCP Query User{7A7F7E9F-D647-4BF9-BDC6-E492E6AF7F57}C:\\users\\los dávola\\program files\\dna\\btdna.exe"= UDP:C:\users\los dávola\program files\dna\btdna.exe:btdna.exe
"UDP Query User{CF4BA493-EF32-41E1-BB08-3B1C7786EA2A}C:\\users\\los dávola\\program files\\dna\\btdna.exe"= TCP:C:\users\los dávola\program files\dna\btdna.exe:btdna.exe

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\StandardProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\StandardProfile\AuthorizedApplications\List]
"C:\\Program Files\\EarthLink TotalAccess\\TaskPanl.exe"= C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink
"C:\\Program Files\\BitTorrent\\bittorrent.exe"= C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorre nt

R0 hotcore3;hotcore3;C:\Windows\system32\drivers\hotc ore3.sys [2008-06-25 07:49]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\b57nd60x.sys [2006-11-02 04:30]
S3 GameConsoleService;GameConsoleService;C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe [2007-07-23 20:33]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08
rsmsvcs REG_MULTI_SZ ntmssvc

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Users\LOSDVO~1\AppData\Roaming\Mozilla\Firefox\ Profiles\1d8vrkel.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.com.ar/
FF -: plugin - C:\Program Files\DNA\plugins\npbtdna.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
FF -: plugin - C:\Users\Los DÃ¡vola\Program Files\DNA\plugins\npbtdna.dll
.

************************************************** ************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-23 00:06:15
Windows 6.0.6001 Service Pack 1 NTFS

escaneando procesos ocultos ...

escaneando entradas ocultas de autostart ...

escaneando archivos ocultos ...

el escaneo se completo con exito
archivos ocultos: 0

************************************************** ************************
.
Tiempo completado: 2008-08-23 0:09:34
ComboFix-quarantined-files.txt 2008-08-23 03:09:28
ComboFix2.txt 2008-08-21 02:44:53
ComboFix3.txt 2008-08-21 00:57:44

Pre-Run: 135,558,909,952 bytes libres
Post-Run: 135,526,187,008 bytes libres

8121 --- E O F --- 2008-08-23 01:13:41

InfoSpyware

Página 2 de 2

« Tema Anterior | Próximo Tema »

Herramientas
Mostrar Versión Imprimible Enviar por Correo

Reglas del foro
No puedes crear nuevos temas No puedes responder temas No puedes subir adjuntos No puedes editar tus mensajes BB code is activado Las caritas están activado Código [IMG] está activado Código HTML está desactivado Trackbacks are desactivado Pingbacks are activado Refbacks are activado Políticas del foro

Temas Similares

Tema	Autor	Foro	Respuestas	Último mensaje
18 Virus Con El Kaspersky Online En El Pc De Mi Novia	tekilazo	Foro de Virus y Spywares	1	03/10/07 23:40:18
Log de kaspersky online	elpraetoriano	Foro de Virus y Spywares	5	28/08/07 22:11:34
Manual de Kaspersky Online Scanner	Hardrive	Manuales de Informática en Gral.	0	15/10/06 17:09:57
Troyano que captura contraseñas de acceso a la banca online	Admin	Últimas Noticias	1	04/03/05 08:06:24

Todas las horas son GMT -4. La hora es 11:20:41.

InfoSpyware es miembro de ASAP - Alliance of Security Analysis Professionals

Foro de InfoSpyware - Foro de Hijackthis - Foro de Virus