• Registrarse
  • Iniciar sesión


  • Página 1 de 2 12 ÚltimoÚltimo
    Resultados 1 al 10 de 13

    Ya se me pego el brontok. (Solucionado)

    Resumen del tema: Ya se me pego el brontok. (Solucionado) - Que tal aqui molestandolos pues resulta que tengo el brontok les comento que tengo tres usuarios registrados, el que uso de manera normal, otra donde tengo escondidos todos mis archivos nonsantos :D y la de ...

      
    1. #1
      Usuario Avatar de not me
      Registrado
      dic 2006
      Ubicación
      mexico
      Mensajes
      12

      Ya se me pego el brontok. (Solucionado)

      Que tal
      aqui molestandolos
      pues resulta que tengo el brontok
      les comento que tengo tres usuarios registrados, el que uso de manera normal, otra donde tengo escondidos todos mis archivos nonsantos :D y la de invitado
      por el momento pareciera ser que unicamente esta corriendo en la segunda sesion que mencione, lo que pude observar es que al intentar descargar el elistara automaticamente me reinicio mi equipo (lo cual coincide con la descripcion del virus en cuanto a detectar un archivo .exe) tambien pude encontrar la carpeta loc.mail.bron.tok
      mi sistema es windows vista, ya le elimine los temporales usando el programa recomendado en los recomendaciones basicas, ya desactive restaurar sistema, y ocultar archivos, en este momento voy a pasarle el kapersky online, el ewido ya no pude encontrarlo :(
      por cierto en el modo a prueba de fallos la conexion solo me aparece con acceso local, por lo que de momento lo voy a correr en una sesion normal y de ahi espero sus instrucciones :)

      en cuanto tenga los reportes de kapersky los posteo a ver como me pueden apoyar
      saludos

    2. #2
      Moderador Gral.
      Avatar de Damianl_77
      Registrado
      ene 2008
      Ubicación
      Argentina
      Mensajes
      23.072

      Re: ya se me pego el brontok

      Hola not me:

      Descarga el ESET Smart Installer
      1. Lo ejecutas y marcas las casillas de Eliminar las amenazas detectadas y analizar archivos.
      2. Haces clic en Configuración adicional y ahi marcas las casillas de Analizar en busca de aplicaciones potencialmente indeseables, Analizar en busca de aplicaciones potencialmente peligrosas y Activar la tecnoligía Anti-Stealth.
      3. Pulsas en Iniciar para que empiece a descargar la base firmas de virus y posteriormente empiece a analizar tu sistema.
      4. Cuando acabe haz clic en Finalizar y el reporte lo puedes localizar en C:\Archivos de programa\ESET\ESET Online Scanner\log


      pega todos los informes que tengas, o que hayas usado para esta infeccion.


      Blog | Antivirus Online | Eliminar Malwares | Antivirus Gratis


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de not me
      Registrado
      dic 2006
      Ubicación
      mexico
      Mensajes
      12

      Re: ya se me pego el brontok

      damianl_77 muchas gracias por responder
      te comento como voy.
      en modo a prueba de fallos no me puedo conectar a internet, hace la coneccion al modem, pero solo me da accesso local, por lo que no he podido correr ningun escaneo en linea, en modo normal intente correr el ESET, pero al llegar al 86% se quedo atorado analizando un archivo txt, asi que despues de una hora de estar sin avanzar me desespere y detuve el analisis, tambien le pase el antivurus online de panda, que si me completo el test (me marco solo algunas cosas) y me pidio registrarme, asi lo hice y entonces intento actualizar la pagina donde estaba el escaner y no conecto por lo que perdi la info (ya cheque la carpeta del programa pero no encuentro ningun archivo que paresca ser el log, para postearlo) tambien he intentado pasarle el kapersky (en español e ingles) y me falla la actualizacion, dando me un error que me dice, que las bases del antivirus han sido actualizzada despues de que expirara la llave.

      de momento ya elimine el archivo txt donde el ESET de quedo trabado, pero por la duracion del analisis voy intentar hacerlo durante la noche.
      mientras que salgo de la oficina aprovechare para pasarle el malwaresbites y el spybot... en cuanto tenga algo lo posteo
      saludos

    4. #4
      Usuario Avatar de not me
      Registrado
      dic 2006
      Ubicación
      mexico
      Mensajes
      12

      Re: ya se me pego el brontok

      por la tarde alcanze a pasarle el malware bytes, aqui te pego el log, ya en la noche le dejare corriendo el ESET, gracias

      Malwarebytes' Anti-Malware 1.40
      Database version: 2551
      Windows 6.0.6001 Service Pack 1

      12/08/2009 10:05:35 p.m.
      mbam-log-2009-08-12 (22-05-35).txt

      Scan type: Full Scan (C:\|)
      Objects scanned: 304804
      Time elapsed: 1 hour(s), 25 minute(s), 49 second(s)

      Memory Processes Infected: 0
      Memory Modules Infected: 0
      Registry Keys Infected: 0
      Registry Values Infected: 0
      Registry Data Items Infected: 0
      Folders Infected: 0
      Files Infected: 138

      Memory Processes Infected:
      (No malicious items detected)

      Memory Modules Infected:
      (No malicious items detected)

      Registry Keys Infected:
      (No malicious items detected)

      Registry Values Infected:
      (No malicious items detected)

      Registry Data Items Infected:
      (No malicious items detected)

      Folders Infected:
      (No malicious items detected)

      Files Infected:
      C:\Users\Public\Respaldo toshiba\toshiba\invitado\documentos\Mis imágenes\Mi música\iTunes\iTunes.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\Public\Respaldo toshiba\toshiba\invitado\documentos\Mis imágenes\Mi música\iTunes\iTunes Music\David Byrne\Look Into The Eyeball\Look Into The Eyeball.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\Public\Respaldo toshiba\toshiba\invitado\documentos\Mis imágenes\Mi música\iTunes\iTunes Music\Ludwig van Beethoven, composer. Seattle\Álbum desconocido\Álbum desconocido.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\Public\Respaldo toshiba\toshiba\invitado\documentos\Mis imágenes\Mi música\iTunes\iTunes Music\Maná; Santana\Supernatural\Supernatural.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\Public\Respaldo toshiba\toshiba\invitado\documentos\Mis imágenes\Mi música\iTunes\iTunes Music\Marc Seales, composer. New Stories. Erni\Speakin' Out\Speakin' Out.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\Public\Respaldo toshiba\toshiba\invitado\documentos\Mis imágenes\Mi música\iTunes\iTunes Music\Recopilaciones\Fiebre De Reggaeton\Fiebre De Reggaeton.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\Public\Respaldo toshiba\toshiba\invitado\documentos\Mis Webs\Mis Webs.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\Public\Respaldo toshiba\toshiba\invitado\documentos\Mis Webs\_vti_pvt\_vti_pvt.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\Public\Respaldo toshiba\toshiba\invitado\documentos\tecra\baterias\baterias.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\Public\Respaldo toshiba\toshiba\invitado\documentos\tecra\Free Online Games www_luxormagic_com_archivos\Free Online Games www_luxormagic_com_archivos.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\Public\Respaldo toshiba\toshiba\invitado\documentos\tecra\MercadoLibre TOSHIBA TECRA - $ desde 1_00_archivos\MercadoLibre TOSHIBA TECRA - $ desde 1_00_archivos.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\Public\Respaldo toshiba\toshiba\invitado\documentos\tecra\PHP Tutorial Order Form_archivos\PHP Tutorial Order Form_archivos.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\AppData\Local\inetinfo.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\AppData\Local\csrss.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\AppData\Local\lsass.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\AppData\Local\services.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\AppData\Local\winlogon.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\AppData\Roaming\Microsoft\Windows\Templates\Brengkolang.com (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\Documents.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\forospy\forospy.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\jdownloader_v0.3668`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\.junique\.junique`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\backup\backup.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\captchas\megaupload.com\megaupload.com`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\config\config.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\downloads\downloads.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\downloads\1Shinkai\1Shinkai.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\downloads\Behind_Moon\Behind_Moon.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\downloads\Semen Sprinkler J\Semen Sprinkler J.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\downloads\RBD_Ferox_chilewarez.org\RBD_Ferox_chilewarez.org`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\downloads\Secret_of_Your_Heart_ENG\Secret_of_Your_Heart_ENG.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\downloads\Futarani\Futarani.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\downloads\GlassFire\GlassFire.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\downloads\Gura Nyuuto - Ojou-sama (English)\Gura Nyuuto - Ojou-sama (English).exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\downloads\Cenzu Futanarikko High!\Cenzu Futanarikko High!.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\downloads\Marsh Brothers - Forced Into Shadow By Love Potion (English)\Marsh Brothers - Forced Into Shadow By Love Potion (English).exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\jd\jd.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\jd\captcha\methods\methods.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\jd\captcha\methods\filer.net\filer.net`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\jd\captcha\methods\odsiebie.com\odsiebie.com`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\jd\captcha\methods\6giga.com\6giga.com`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\jd\captcha\methods\crypt-me.com.Calc\crypt-me.com.Calc`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\jd\captcha\methods\cryptlink.ws\cryptlink.ws`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\jd\captcha\methods\czshare.com\czshare.com`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\jd\captcha\methods\egoshare.com\egoshare.com`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\jd\captcha\methods\filebase.to\filebase.to`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\jd\captcha\methods\rapidshare.de\rapidshare.de`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\jd\captcha\methods\raubkopierer.ws\raubkopierer.ws`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\jd\captcha\methods\rs-layer.com\rs-layer.com`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\jd\captcha\methods\secured.in\secured.in`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\jd\captcha\methods\share.gulli.com\share.gulli.com`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\jd\captcha\methods\underground.cms\underground.cms`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\jd\captcha\methods\urlshield.net\urlshield.net`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\jd\captcha\methods\uu.canna.to\uu.canna.to`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\jd\captcha\methods\wii-reloaded.ath.cx\wii-reloaded.ath.cx`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\jd\captcha\methods\ziddu.com\ziddu.com`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\jd\captcha\methods\gigasize.com\gigasize.com`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\jd\captcha\methods\ifile.it\ifile.it`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\jd\captcha\methods\letitbit.net\letitbit.net`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\jd\captcha\methods\linkcrypt.com\linkcrypt.com`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\jd\captcha\methods\megashares.com\megashares.com`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\jd\captcha\methods\megaupload.com\megaupload.com`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\jd\captcha\methods\megaupload.com2\megaupload.com2`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\jd\captcha\methods\mooshare.net\mooshare.net`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\jd\captcha\methods\netload.in\netload.in`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\jd\dynamics\dynamics.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\jd\img\img.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\jd\img\default\default.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\jd\img\default\cursor\cursor.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\jd\img\default\mime\mime.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\jd\img\default\screenshots\screenshots.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\jd\img\hosterlogos\hosterlogos.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\jd\img\logo\logo.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\jd\languages\languages.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\jd\osx\osx.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\jd\plugins\decrypt\decrypt.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\jd\plugins\host\host.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\jd\router\router.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\jd\snd\default\default.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\jd\themes\themes.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\libs\libs.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\plugins\plugins.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\plugins\jdchat\jdchat.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\plugins\jdshutdown\windows\windows.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\tmp\tmp.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\tools\tools.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\tools\windows\windows.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\tools\windows\kikin\kikin.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\jdownloader_v0.3668\tools\windows\unrarw32\unrarw32.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\Mi Google Gadgets\Mi Google Gadgets.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\Mis archivos recibidos\Mis archivos recibidos.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\sitiospass\sitiospass.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\sitiospass\Nueva carpeta\Nueva carpeta.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\Stan\Stan.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\tutoriales_y_programas_by_Kingu_para_chwrz.org\tutoriales_y_programas_by_Kingu_para_chwrz.org`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\tutoriales_y_programas_by_Kingu_para_chwrz.org\AthenaII\AthenaII.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\tutoriales_y_programas_by_Kingu_para_chwrz.org\CFV100in\CFV100in.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\tutoriales_y_programas_by_Kingu_para_chwrz.org\Charon\Charon.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\tutoriales_y_programas_by_Kingu_para_chwrz.org\Charon\filterfiles\filterfiles.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\tutoriales_y_programas_by_Kingu_para_chwrz.org\Charon\proxies\proxies.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\tutoriales_y_programas_by_Kingu_para_chwrz.org\Debug\Debug.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\tutoriales_y_programas_by_Kingu_para_chwrz.org\firep118\firep118.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\tutoriales_y_programas_by_Kingu_para_chwrz.org\firep118\bin\bin.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\tutoriales_y_programas_by_Kingu_para_chwrz.org\firep118\help\help.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\tutoriales_y_programas_by_Kingu_para_chwrz.org\firep118\ICU\ICU.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\tutoriales_y_programas_by_Kingu_para_chwrz.org\firep118\lists\lists.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\tutoriales_y_programas_by_Kingu_para_chwrz.org\firep118\lists\check\check.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\tutoriales_y_programas_by_Kingu_para_chwrz.org\firep118\lists\country\country.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\tutoriales_y_programas_by_Kingu_para_chwrz.org\firep118\lists\uniq\uniq.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\tutoriales_y_programas_by_Kingu_para_chwrz.org\firep118\tmp\tmp.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\tutoriales_y_programas_by_Kingu_para_chwrz.org\History\History.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\tutoriales_y_programas_by_Kingu_para_chwrz.org\Mainfiles\Mainfiles.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\tutoriales_y_programas_by_Kingu_para_chwrz.org\Mainfiles\firep118\firep118.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\tutoriales_y_programas_by_Kingu_para_chwrz.org\Mainfiles\firep118\bin\bin.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\tutoriales_y_programas_by_Kingu_para_chwrz.org\Mainfiles\firep118\help\help.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\tutoriales_y_programas_by_Kingu_para_chwrz.org\Mainfiles\firep118\ICU\ICU.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\tutoriales_y_programas_by_Kingu_para_chwrz.org\Mainfiles\firep118\lists\check\check.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\tutoriales_y_programas_by_Kingu_para_chwrz.org\Mainfiles\firep118\lists\country\country.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\tutoriales_y_programas_by_Kingu_para_chwrz.org\Mainfiles\firep118\lists\uniq\uniq.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\tutoriales_y_programas_by_Kingu_para_chwrz.org\Mainfiles\firep118\tmp\tmp.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\tutoriales_y_programas_by_Kingu_para_chwrz.org\Proxies\Proxies.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\tutoriales_y_programas_by_Kingu_para_chwrz.org\tutoriales y programas by Kingu para chwrz.org\CFV100\CFV100.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\tutoriales_y_programas_by_Kingu_para_chwrz.org\tutoriales y programas by Kingu para chwrz.org\CFV100\History\History.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\tutoriales_y_programas_by_Kingu_para_chwrz.org\tutoriales y programas by Kingu para chwrz.org\CFV100\Mainfiles\Mainfiles.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\tutoriales_y_programas_by_Kingu_para_chwrz.org\tutoriales y programas by Kingu para chwrz.org\CFV100\Proxies\Proxies.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\tutoriales_y_programas_by_Kingu_para_chwrz.org\tutoriales y programas by Kingu para chwrz.org\CFV100\Wordlists\Wordlists.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\tutoriales_y_programas_by_Kingu_para_chwrz.org\tutoriales y programas by Kingu para chwrz.org\CFV100\Wordlists\Debug\Debug.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\tutoriales_y_programas_by_Kingu_para_chwrz.org\tutoriales y programas by Kingu para chwrz.org\Charon\Charon.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\tutoriales_y_programas_by_Kingu_para_chwrz.org\tutoriales y programas by Kingu para chwrz.org\Charon\filterfiles\filterfiles.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\tutoriales_y_programas_by_Kingu_para_chwrz.org\tutoriales y programas by Kingu para chwrz.org\programas, raptor,z-leecher y upxtractor + lista de judges\programas, raptor,z-leecher y upxtractor + lista de judges.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\tutoriales_y_programas_by_Kingu_para_chwrz.org\tutoriales y programas by Kingu para chwrz.org\programas, raptor,z-leecher y upxtractor + lista de judges\Nueva carpeta\Nueva carpeta.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\tutoriales_y_programas_by_Kingu_para_chwrz.org\tutoriales y programas by Kingu para chwrz.org\programas, raptor,z-leecher y upxtractor + lista de judges\raptor\raptor.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\tutoriales_y_programas_by_Kingu_para_chwrz.org\tutoriales y programas by Kingu para chwrz.org\programas, raptor,z-leecher y upxtractor + lista de judges\UPextractor\UPExtractor.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\tutoriales_y_programas_by_Kingu_para_chwrz.org\tutoriales y programas by Kingu para chwrz.org\programas, raptor,z-leecher y upxtractor + lista de judges\Z-leecher\Z-Leecher.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\tutoriales_y_programas_by_Kingu_para_chwrz.org\tutoriales y programas by Kingu para chwrz.org\tutoriales\tutoriales.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\tutoriales_y_programas_by_Kingu_para_chwrz.org\tutoriales y programas by Kingu para chwrz.org\tutoriales\nivel 1\nivel 1.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\tutoriales_y_programas_by_Kingu_para_chwrz.org\tutoriales y programas by Kingu para chwrz.org\tutoriales\nivel 2\nivel 2.exe (Worm.Brontok) -> Quarantined and deleted successfully.
      C:\Users\test1\Documents\tutoriales_y_programas_by_Kingu_para_chwrz.org\Wordlists\Wordlists.exe (Worm.Brontok) -> Quarantined and deleted successfully.

    5. #5
      Usuario Avatar de not me
      Registrado
      dic 2006
      Ubicación
      mexico
      Mensajes
      12

      Re: ya se me pego el brontok

      Que tal, bueno despues de pasar el malwarebytes ya me pude conectar a internet en modo a prueba de fallos, por lo que ya pude correr el ESET desde ahi

      aqui te pongo una copia del log

      ESETSmartInstaller@High as downloader log:
      all ok
      # version=6
      # OnlineScannerApp.exe=1.0.0.1
      # OnlineScanner.ocx=1.0.0.6048
      # api_version=3.0.2
      # EOSSerial=cccf6f2c7ac4f542a72b58bbf2437fad
      # end=stopped
      # remove_checked=true
      # archives_checked=true
      # unwanted_checked=true
      # unsafe_checked=true
      # antistealth_checked=true
      # utc_time=2009-08-12 07:50:39
      # local_time=2009-08-12 02:50:39 (-0600, Hora de verano central (México))
      # country="Mexico"
      # lang=3082
      # osver=6.0.6001 NT Service Pack 1
      # compatibility_mode=5889 61 66 100 492244262048594
      # scanned=74367
      # found=12
      # cleaned=12
      # scan_time=9491
      C:\Downloads\Total_Video_converter_3.12_full_Reg\Total_Video_converter_3.12_full_Reg_AliveWarez\CrackCopyMeToInstallDirAndRun.exe una variante de Win32/HackTool.Patcher.A aplicación (no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena) 00000000000000000000000000000000 C
      C:\Downloads\Total_Video_converter_3.12_full_Reg\Total_Video_converter_3.12_full_Reg_AliveWarez\tvc.exe Win32/Adware.Virtumonde aplicación (eliminado - puesto en Cuarentena) 00000000000000000000000000000000 C
      C:\Program Files\Total Video Converter\CrackCopyMeToInstallDirAndRun.exe múltiples amenazas (eliminado - puesto en Cuarentena) 00000000000000000000000000000000 C
      C:\Users\Invitado\AppData\Local\Temp\5970 Win32/TrojanDownloader.Delf.YEG Troyano (no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena) 00000000000000000000000000000000 C
      C:\Users\Javier\AppData\Roaming\Microsoft\Windows\Templates\Brengkolang.com Win32/Brontok.AQ gusano (no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena) 00000000000000000000000000000000 C
      C:\Users\Javier\Desktop\Nueva carpeta\U88 para bloqueos de internet.rar Win32/WinterLove.CY Troyano (eliminado - puesto en Cuarentena) 00000000000000000000000000000000 C
      C:\Users\Javier\Downloads\U88 para bloqueos de internet.rar Win32/WinterLove.CY Troyano (eliminado - puesto en Cuarentena) 00000000000000000000000000000000 C
      C:\Users\Javier\Downloads\U89.rar probablemente una variante de Win32/Agent Troyano (eliminado - puesto en Cuarentena) 00000000000000000000000000000000 C
      C:\Users\Public\Downloads\eCDVD911.rar probablemente una variante de Win32/TrojanDownloader.Agent Troyano (eliminado - puesto en Cuarentena) 00000000000000000000000000000000 C
      C:\Users\Public\Downloads\IceXP.ReloJoshISO.3.01.part1.rar Win32/HackTool.Delf.NAA Troyano (eliminado - puesto en Cuarentena) 00000000000000000000000000000000 C
      C:\Users\Public\Downloads\Total_Video_converter_3.12_full_Reg\Total Video converter 3.12 full Reg\CrackCopyMeToInstallDirAndRun.exe múltiples amenazas (eliminado - puesto en Cuarentena) 00000000000000000000000000000000 C
      C:\Users\Public\Downloads\Total_Video_converter_3.12_full_Reg\Total Video converter 3.12 full Reg\tvc.exe Win32/TrojanDownloader.Delf.YEG Troyano (eliminado - puesto en Cuarentena) 00000000000000000000000000000000 C
      esets_scanner_update returned -1 esets_gle=53251
      # version=6
      # iexplore.exe=7.00.6000.16386 (vista_rtm.061101-2205)
      # OnlineScanner.ocx=1.0.0.6048
      # api_version=3.0.2
      # EOSSerial=cccf6f2c7ac4f542a72b58bbf2437fad
      # end=finished
      # remove_checked=true
      # archives_checked=true
      # unwanted_checked=true
      # unsafe_checked=true
      # antistealth_checked=true
      # utc_time=2009-08-13 09:46:47
      # local_time=2009-08-13 04:46:47 (-0600, Hora de verano central (México))
      # country="Mexico"
      # lang=1033
      # osver=6.0.6001 NT Service Pack 1
      # compatibility_mode=5889 61 66 100 492745948880116
      # scanned=195648
      # found=12
      # cleaned=12
      # scan_time=6332
      C:\Users\Public\Respaldo papa HP\juan michel\Mis documentos\princessbabieswall.exe multiple threats (deleted - quarantined) 00000000000000000000000000000000 C
      C:\Users\Public\Respaldo papa HP\juan michel\Mis documentos\bt\hbtools.exe multiple threats (deleted - quarantined) 00000000000000000000000000000000 C
      C:\Users\Public\Respaldo papa HP\juan michel\Mis documentos\bt\juegostv_1.exe probably a variant of Win32/Genetik trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
      C:\Users\Public\Respaldo papa HP\juan michel\Mis documentos\Mis archivos recibidos\picts-6033.zip Win32/IRCBot.ZL trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
      C:\Users\Public\Respaldo toshiba\toshiba\documentos travis\toolbarganabuscando.exe Win32/Adware.Softomate application (deleted - quarantined) 00000000000000000000000000000000 C
      C:\Users\Public\Respaldo toshiba\toshiba\invitado\documentos\Mis archivos recibidos\fotoparamyspace.com.zip Win32/IRCBot trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
      C:\Users\Public\Respaldo toshiba\toshiba\invitado\documentos\Mis archivos recibidos\pic59o91.zip Win32/Agent.NIC trojan (deleted - quarantined) 00000000000000000000000000000000 C
      C:\Users\Public\Respaldo toshiba\toshiba\invitado\documentos\Mis archivos recibidos\picts-5479.zip Win32/IRCBot.ZL trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
      C:\Users\Public\Respaldo toshiba\toshiba\invitado\documentos\Mis archivos recibidos\picture_524_JPG.zip Win32/Agent.NIC trojan (deleted - quarantined) 00000000000000000000000000000000 C
      C:\Users\test1\Saved Games\lib.dll\saporesp\jij\EvID4226Patch211a-en.zip Win32/Tool.EvID4226 application (deleted - quarantined) 00000000000000000000000000000000 C
      C:\Users\test1\Saved Games\lib.dll\saporesp\jij\Expoiter.exe probably a variant of Win32/Agent trojan (deleted - quarantined) 00000000000000000000000000000000 C
      C:\Users\test1\Saved Games\lib.dll\saporesp\jij\formfinal\form.exe Win32/HackTool.WebHack application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

    6. #6
      Moderador Gral.
      Avatar de Damianl_77
      Registrado
      ene 2008
      Ubicación
      Argentina
      Mensajes
      23.072

      Re: ya se me pego el brontok

      Y como esta funcionando la PC en estos momentos??

      realiza un escaneo online con panda para verificar si quedo algún malware en tu PC y pega el log que este te genere.



      Blog | Antivirus Online | Eliminar Malwares | Antivirus Gratis


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    7. #7
      Usuario Avatar de not me
      Registrado
      dic 2006
      Ubicación
      mexico
      Mensajes
      12

      Re: ya se me pego el brontok

      pues de momento parece estar funcionando bien, me quedo con la duda de que en ninguno de los programas que pase vi que eliminara nada del registro, ademas de que las carpetas que se crearon en appdata/local (bron.tok-12-12 , loc.mail.bron.tok y ok-sendmail-bron-tok) y un par de archivos de texto siguen ahi
      ademas de todas las direcciones que copio en loc.mail.bron.tok, no se si deba eliminarlos manualmente o si haya otros archivos que eliminar

      bueno le paso el panda y en cuanto tenga el log te lo posteo
      gracais

    8. #8
      Usuario Avatar de not me
      Registrado
      dic 2006
      Ubicación
      mexico
      Mensajes
      12

      Re: ya se me pego el brontok

      Bueno aqui te pego los resultados del panda, (no se si es mi imaginacion, pero me parece que mi disco duro ahora tiene un par de gigas extras )
      solamente me salio un archivo relacionado con brontok, de ahi los demas son cookies y otros programas que son de confianza pero por razones obvias son marcados (fom@, expoiter, c-force) el que se me hace raro que lo marque es el proxyrama

      ;***********************************************************************************************************************************************************************************
      ANALYSIS: 2009-08-13 13:13:31
      PROTECTIONS: 3
      MALWARE: 16
      SUSPECTS: 13
      ;***********************************************************************************************************************************************************************************
      PROTECTIONS
      Description Version Active Updated
      ;===================================================================================================================================================================================
      Spybot - Search and Destroy 1.0.0.5 No No
      Windows Defender 1.1.1505.0 No Yes
      SUPERAntiSpyware 4, 27, 0, 1002 No Yes
      ;===================================================================================================================================================================================
      MALWARE
      Id Description Type Active Severity Disinfectable Disinfected Location
      ;===================================================================================================================================================================================
      00117553 HackTool/CgiScan.A HackTools No 0 No No C:\Users\test1\Saved Games\lib.dll\saporesp\jij\Expoiter.exe[AutoPlay/Docs/cgiScanner.rar][cgiScanner\cgis4.exe]
      00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Users\test1\AppData\Roaming\Microsoft\Windows\Cookies\test1@doubleclick[1].txt
      00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Users\test1\AppData\Roaming\Microsoft\Windows\Cookies\Low\test1@doubleclick[2].txt
      00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Users\Javier\AppData\Roaming\Microsoft\Windows\Cookies\Low\javier@doubleclick[1].txt
      00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\test1\AppData\Roaming\Microsoft\Windows\Cookies\Low\test1@atdmt[3].txt
      00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\test1\AppData\Roaming\Microsoft\Windows\Cookies\Low\test1@atdmt[2].txt
      00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Javier\AppData\Roaming\Microsoft\Windows\Cookies\Low\javier@atdmt[2].txt
      00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Users\test1\AppData\Roaming\Microsoft\Windows\Cookies\Low\test1@mediaplex[1].txt
      00149035 Cookie/Casinodelrio TrackingCookie No 0 Yes No C:\Users\Invitado\AppData\Roaming\Microsoft\Windows\Cookies\Low\invitado@casinodelrio[1].txt
      00149046 Cookie/Casinotropez TrackingCookie No 0 Yes No C:\Users\Invitado\AppData\Roaming\Microsoft\Windows\Cookies\Low\invitado@casinotropez[1].txt
      00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Users\test1\AppData\Roaming\Microsoft\Windows\Cookies\Low\test1@apmebf[1].txt
      00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Users\Javier\AppData\Roaming\Microsoft\Windows\Cookies\Low\javier@go[2].txt
      00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Users\Invitado\AppData\Roaming\Microsoft\Windows\Cookies\Low\invitado@go[2].txt
      00235060 Hacktool/PatchTCPSP2 HackTools No 0 Yes No C:\Users\test1\Saved Games\lib.dll\saporesp\jij\EvID4226Patch211a-en.zip[EvID4226Patch.exe]
      00235881 HackTool/WebForcer HackTools No 0 Yes No C:\Users\test1\Saved Games\lib.dll\saporesp\jij\formfinal\form.exe
      00268381 W32/Brontok.H.worm Virus No 0 Yes Yes C:\Users\test1\Pictures\about.Brontok.A.html
      01048441 Generic Malware Virus/Trojan No 0 Yes Yes C:\Users\test1\Saved Games\lib.dll\saporesp\jij\ProxyramaSetup.exe
      02239962 Generic Trojan Virus/Trojan No 0 No No C:\Users\test1\Saved Games\lib.dll\saporesp\jij\Expoiter.exe[AutoPlay/Docs/Triton.rar][Triton\Triton.exe]
      03074964 Trj/CI.A Virus/Trojan No 0 Yes No C:\Users\Public\Respaldo toshiba\toshiba\invitado\documentos\Mis archivos recibidos\ELISTARA.3122007.EXE
      03074964 Trj/CI.A Virus/Trojan No 0 No No C:\Users\test1\Saved Games\lib.dll\saporesp\jij\Expoiter.exe[AutoPlay/Docs/cbexp.rar][cbexp\cbexp021.exe]
      03074964 Trj/CI.A Virus/Trojan No 0 Yes No C:\Users\test1\Saved Games\lib.dll\saporesp\jij\Expoiter.exe[AutoPlay/Docs/dcs21.exe]
      03074964 Trj/CI.A Virus/Trojan No 0 No No C:\Users\test1\Saved Games\lib.dll\saporesp\jij\Expoiter.exe[AutoPlay/Docs/wsf.rar][wsf\wsfdev.exe]
      03074964 Trj/CI.A Virus/Trojan No 0 Yes No C:\Users\Public\Downloads\ELISTARA.BH%D8BB%D8%D8I.EXE
      03074964 Trj/CI.A Virus/Trojan No 0 Yes No C:\Users\Javier\Desktop\Nueva carpeta\elistara.exe
      03074964 Trj/CI.A Virus/Trojan No 0 No No C:\Users\test1\Saved Games\lib.dll\saporesp\jij\Expoiter.exe[AutoPlay/Docs/wsfdev.rar][wsfdev\wsfdev.exe]
      03902947 Trj/Downloader.MDW Virus/Trojan No 0 No No C:\Users\test1\Saved Games\lib.dll\saporesp\jij\Expoiter.exe[AutoPlay/Docs/KSoze's_HTTP_Exploiter.rar][KSoze's_HTTP_Exploiter\Kshe\Kshe02.exe]
      03915626 Trj/Downloader.MDW Virus/Trojan No 0 No No C:\Users\test1\Saved Games\lib.dll\saporesp\jij\Expoiter.exe[AutoPlay/Docs/KSoze's_bnb_form_Exploiter.rar][KSoze's_bnb_form_Exploiter\Kbnbe.exe]
      ;===================================================================================================================================================================================
      SUSPECTS
      Sent Location �M#T@�e �9
      ;===================================================================================================================================================================================
      No C:\Downloads\exmxtr2008.zip[MaxiComercioERATrial.msi][unk_0016][_5634D1076D1C4000BF0A5918FCAC4154] �M#T@�e �9
      No C:\Downloads\Software\MoveMediaPlayer_07103010.exe �M#T@�e �9
      No C:\Program Files\MaxiComercio ERA Micro Empresa\CódiceFX\Bin\KewlButtonz.ocx �M#T@�e �9
      No C:\Users\Javier\Downloads\exmxerame1.4\exmxerame1.5.msi[unk_0016][_5634D1076D1C4000BF0A5918FCAC4154] �M#T@�e �9
      No C:\Users\Javier\Downloads\exmxerame1.4.zip[exmxerame1.5.msi][unk_0016][_5634D1076D1C4000BF0A5918FCAC4154]
      No C:\Users\Javier\Downloads\EliStarA.exe �M#T@�e �9
      No C:\Users\Public\Downloads\EliStarA.exe �M#T@�e �9
      No C:\Users\test1\Documents\EliStarA.exe �M#T@�e �9
      No C:\Users\test1\Documents\tutoriales_y_programas_by_Kingu_para_chwrz.org\CForce V1.00.exe �M#T@�e �9
      No C:\Users\test1\Documents\tutoriales_y_programas_by_Kingu_para_chwrz.org\CFV100in\CForce V1.00.CAB[CForce V1.00.exe]
      No C:\Users\test1\Documents\tutoriales_y_programas_by_Kingu_para_chwrz.org\CFV100in.zip[CForce V1.00.CAB][CForce V1.00.exe]
      No C:\Users\test1\Saved Games\lib.dll\saporesp\Nueva carpeta\zyrrox\CFV100in.zip[CForce V1.00.CAB][CForce V1.00.exe]
      No C:\Users\test1\Saved Games\lib.dll\saporesp\Nueva carpeta (2)\CFV100in.zip[CForce V1.00.CAB][CForce V1.00.exe]
      ;===================================================================================================================================================================================
      VULNERABILITIES
      Id Severity Description �M#T@�e �9
      ;===================================================================================================================================================================================
      ;===================================================================================================================================================================================


      bueno, quedo a la espera de tu comentario de este log, y acerca de lo que te comente en el post anterior

      saludos y gracias por el apoyo

    9. #9
      Moderador Gral.
      Avatar de Damianl_77
      Registrado
      ene 2008
      Ubicación
      Argentina
      Mensajes
      23.072

      Re: ya se me pego el brontok

      Realiza lo siguiente:
      • Descarga OTM by OldTimer en el escritorio.
        • Haz doble clic sobre el icono OTM.exe para ejecutarlo
        • Asegúrate que esté marcada la casilla "Unregister Dll´s and Ocx´s".
        • Pega el siguiente script bajo el area "Paste Instructions for items to be Moved". (Se excluye la palabra "codigo").

          Código:
          :processes
          explorer.exe
          
          
          :files
          C:\Downloads\exmxtr2008.zip
          C:\Downloads\Software\MoveMediaPlayer_07103010.exe
          C:\Program Files\MaxiComercio ERA Micro Empresa\CodiceFX\Bin\KewlButtonz.ocx
          C:\Users\Javier\Desktop\Nueva carpeta\elistara.exe
          C:\Users\Javier\Downloads\EliStarA.exe
          C:\Users\Javier\Downloads\exmxerame1.4.zip
          C:\Users\Javier\Downloads\exmxerame1.4\exmxerame1. 5.msi
          C:\Users\Public\Downloads\EliStarA.exe\*.*
          C:\Users\Public\Respaldo toshiba\toshiba\invitado\documentos\Mis archivos recibidos\ELISTARA.3122007.EXE
          C:\Users\test1\Documents\EliStarA.exe
          C:\Users\test1\Documents\tutoriales_y_programas_by _Kingu_para_chwrz.org\CForce V1.00.exe
          C:\Users\test1\Documents\tutoriales_y_programas_by _Kingu_para_chwrz.org\CFV100in.zip
          C:\Users\test1\Documents\tutoriales_y_programas_by _Kingu_para_chwrz.org\CFV100in\CForce V1.00.CAB
          C:\Users\test1\Saved Games\lib.dll\saporesp\jij\*.*
          C:\Users\test1\Saved Games\lib.dll\saporesp\Nueva carpeta (2)\CFV100in.zip
          C:\Users\test1\Saved Games\lib.dll\saporesp\Nueva carpeta\zyrrox\CFV100in.zip
          
          
          :commands
          [emptytemp]
          [purity]
          [start explorer]
          [Reboot]
        • Presiona el boton rojo MoveIt!
        • Espera hasta cuando el resultado aparezca en el marco Results.
        • Permite que se reinicie el equipo, esto es importante.
        • Envía el reporte de OTM situado sobre C: \ _ OTM\MovedFiles\***_***.log

      Blog | Antivirus Online | Eliminar Malwares | Antivirus Gratis


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    10. #10
      Usuario Avatar de not me
      Registrado
      dic 2006
      Ubicación
      mexico
      Mensajes
      12

      Re: ya se me pego el brontok

      ok, solo pregutarte si esto es para eliminar esos archivos, por que si es asi te comento que la mayoria de esos archivos son de utilidad y de confianza para mi (conozco su procedencia y tengo la seguridad de que no se trata de algun malware perjudicial) incluyendo el contenido de la carpeta C:\Users\test1\Saved Games\lib.dll\saporesp\jij\*.* que en su gran mayoria son documentos txt que yo mismo cree


      el unico que no reconozco es C:\Downloads\Software\MoveMediaPlayer_07103010.exe

      y el elistara no me molesta eliminarlo

      gracias por tu atencion y apoyo

    Página 1 de 2 12 ÚltimoÚltimo