Foro de InfoSpyware - Foro de Hijackthis - Foro de Virus

Estimados
Ojala puedan ayudar en en este molestoso problema.
Al parecer, bajando Microsoft Office 2007 desde mininova.com mi computador se lleno de adware. He realizado los 11 pasos, sin exito.

Este es el reporte de hijackThis.

Debo eliminar el Ofiice 2007 que instalé que venia con los adwares?

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:41:04, on 01/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
NO poner Logs de HijackThis y/o ComboFIX en este sector del foro o seran eliminados.

Hola leuconostoc Bienvenido al Foro


Hazte lo siguiente:

Descarga, instala y actualiza las siguientes herramientas pero no las ejecutes aun

• VundoFix.exe
• SuperAntispyware
• Malwarebytes' Anti-Malware NOTA: Si después de instalarlo el lenguaje esta en Ingles ve a la pestaña "Settings" y lo cambias a Español.
• Ccleaner + Manual

Apaga Restaurar Sistema (Solo en Windows Me y XP)

Inicia en Modo a Prueba de Fallos

Ejecuta las herramientas del paso actualizadas y en este mismo orden y de a una

• VundoFix.exe
• SuperAntiSpyware
• Malwarebytes' Anti-Malware

Inicia en modo normal y ejecuta el Ccleaner como lo indica su manual y te pegas los reportes de dichas herramientas aquí menos lo del Ccleaner



Salu2 Recuerda Volver

Gracias por la rapida respuesta.

Este es el reporte del Malwarebytes. Necesitas el reporte de otro programa?

Saludos

Malwarebytes' Anti-Malware 1.30
Versión de la Base de Datos: 1357
Windows 5.1.2600 Service Pack 2

02/11/2008 12:55:39
mbam-log-2008-11-02 (12-55-39).txt

Tipo de examen : Examen Completo (C:\|D:\|)
Objetos examinados: 114138
Tiempo transcurrido: 47 minute(s), 13 second(s)

Procesos en Memoria Infectados: 0
Módulos en Memoria Infectados: 6
Claves del Registro Infectadas: 14
Valores del Registro Infectados: 2
Elementos de Datos del Registro Infectados: 0
Carpetas Infectadas: 0
Ficheros Infectados: 41

Procesos en Memoria Infectados:
(No se han detectado elementos maliciosos)

Módulos en Memoria Infectados:
C:\WINDOWS\system32\upunyk.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\nustzq.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\poglyq.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\cwgowc.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\scauzd.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\jryaox.dll (Trojan.Vundo) -> Delete on reboot.

Claves del Registro Infectadas:
HKEY_CLASSES_ROOT\CLSID\{c47cb053-94f8-462b-b288-d7b370a93514} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Stats\{c47cb053-94f8-462b-b288-d7b370a93514} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ca17707f-559e-4407-8b7c-ca75bd96dd30} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d7befa4a-0987-43ad-bea3-ba7fde5aee02} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{71c15fcf-e627-4022-9fff-d3bba08c5a21} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a0535372-647d-4529-b43b-7241d05e0cfd} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7ff64e37-f8a1-4ef9-8f33-bc14c4a8079d} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Stats\{7ff64e37-f8a1-4ef9-8f33-bc14c4a8079d} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{7ff64e37-f8a1-4ef9-8f33-bc14c4a8079d} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Stats\{ba50743b-6106-4445-96c6-401b307a2727} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{ba50743b-6106-4445-96c6-401b307a2727} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.

Valores del Registro Infectados:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\ShellExecuteHooks\{ba50743b-6106-4445-96c6-401b307a2727} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\IMJPMIG8.2 (Trojan.Agent) -> Quarantined and deleted successfully.

Elementos de Datos del Registro Infectados:
(No se han detectado elementos maliciosos)

Carpetas Infectadas:
(No se han detectado elementos maliciosos)

Ficheros Infectados:
C:\WINDOWS\system32\bftmtall.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\llatmtfb.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\djbukvcv.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vcvkubjd.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\miwpqnly.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ylnqpwim.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nahagfne.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\enfgahan.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pmhpbyan.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\naybphmp.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\shodwwqu.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\uqwwdohs.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vjixnfhc.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\chfnxijv.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yjabwhst.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tshwbajy.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\upunyk.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\nustzq.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\poglyq.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\cwgowc.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\scauzd.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\jryaox.dll (Trojan.Vundo) -> Delete on reboot.
C:\Documents and Settings\Juan Carlos Bozzo\Mis documentos\EvID4226Patch223d-en\EvID4226Patch.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\aekkplid.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cvyoze.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ddcyaxur.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fccbCssp.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gistvvac.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hgGXnopp.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\iifeeBRi.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\khgvnida.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kphigerv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ntiwtyng.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qzevhg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ryfvgpfo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ssqQiffF.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vrosimdp.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vxonixle.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xxuwas.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yfhdjhow.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully.

Hola,

Y pasaste los demás programas??

Y como sigue la pc?


Salu2

Hola Kirigi

Pasé los programas como me indicaste. Despues de 2 horas de uso, al parecer esta solucionado.

Muchas gracias!!!!!

Hola leuconostoc

Se dará tú tema por solucionado, pero si el problema vuelve puedes reportar el tema para que lo reabran dándole clic al botón del simbolito arriba del post: indicando el motivo por el cual deseas que reabran el tema


Salu2