 |
| |||||||
| Temas Solucionados Casos de HijackThis y Malwares resueltos. (Solo lectura) |
 |
| | Enviar a: | Herramientas |
 | 
30/10/09, 13:14:03
|  |
| ||||
 Es un virus el rdvgchgr.exe ¿? (Solucionado) Hola a todos, el trojan remover me detectó éste archivo C:\WINDOWS\rdvgchgr.exe pero no me dejó muy claro si es un virus o que, por que no me pidió eliminarlo... si alguien sabe, agradecería la ayuda! ClauX  : :ups:: |
| InfoSpyware | ||
| |
|
30/10/09, 13:18:16
| |
| ||||
 Re: es un virus el rdvgchgr.exe ¿? Hola que tal ! Para salir de dudas.  Descarga, instala y ejecuta
Cuando finalice el Escaneo localiza el reporte en C:\Archivos de programa\ESET\ESET Online Scanner\log Cita:
|
|
30/10/09, 19:10:36
| |
| ||||
 Re: es un virus el rdvgchgr.exe ¿? Gracias por responder a mi pregunta  te dejo el reporte del malwarebytes: Código: Malwarebytes' Anti-Malware 1.41
Versión de la Base de Datos: 3062
Windows 5.1.2600 Service Pack 2
30/10/2009 03:47:49 p.m.
mbam-log-2009-10-30 (15-47-48).txt
Tipo de examen : Examen Completo (C:\|D:\|E:\|)
Objetos examinados: 272554
Tiempo transcurrido: 2 hour(s), 57 minute(s), 25 second(s)
Procesos en Memoria Infectados: 0
Módulos en Memoria Infectados: 0
Claves del Registro Infectadas: 0
Valores del Registro Infectados: 0
Elementos de Datos del Registro Infectados: 1
Carpetas Infectadas: 0
Ficheros Infectados: 43
Procesos en Memoria Infectados:
(No se han detectado elementos maliciosos)
Módulos en Memoria Infectados:
(No se han detectado elementos maliciosos)
Claves del Registro Infectadas:
(No se han detectado elementos maliciosos)
Valores del Registro Infectados:
(No se han detectado elementos maliciosos)
Elementos de Datos del Registro Infectados:
HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Internet Explorer\Control Panel\Homepage (Hijack.Homepage) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Carpetas Infectadas:
(No se han detectado elementos maliciosos)
Ficheros Infectados:
C:\Documents and Settings\Claudia\Mis documentos\ByPass + Dlls By Set\Dlls-By Set\AltoNak1.dll (Backdoor.Sdbot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Claudia\Mis documentos\ByPass + Dlls By Set\Dlls-By Set\GolemDefender.dll (Backdoor.Sdbot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Claudia\Mis documentos\ByPass + Dlls By Set\Dlls-By Set\Stage65seg.dll (Backdoor.Sdbot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{006B3241-FBDB-40F2-B806-D14E68D87694}\RP22\A0008457.dll (Backdoor.Sdbot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{006B3241-FBDB-40F2-B806-D14E68D87694}\RP22\A0008462.dll (Backdoor.Sdbot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{006B3241-FBDB-40F2-B806-D14E68D87694}\RP22\A0008503.dll (Backdoor.Sdbot) -> Quarantined and deleted successfully.
D:\RECYCLER\S-1-5-21-746137067-1177238915-1606980848-1003\Dd1603\$hf_mig$\KB953838-IE7\SP2QFE\iexplore.exe (Worm.Autorun.B) -> Quarantined and deleted successfully.
D:\RECYCLER\S-1-5-21-746137067-1177238915-1606980848-1003\Dd1603\$hf_mig$\KB956390-IE7\SP2QFE\iexplore.exe (Worm.Autorun.B) -> Quarantined and deleted successfully.
D:\RECYCLER\S-1-5-21-746137067-1177238915-1606980848-1003\Dd1603\$hf_mig$\KB956572\SP3QFE\services.exe (Worm.Autorun.B) -> Quarantined and deleted successfully.
D:\RECYCLER\S-1-5-21-746137067-1177238915-1606980848-1003\Dd1603\$hf_mig$\KB956572\SP3QFE\wmiprvse.exe (Worm.Autorun.B) -> Quarantined and deleted successfully.
D:\RECYCLER\S-1-5-21-746137067-1177238915-1606980848-1003\Dd1603\$hf_mig$\KB958215-IE7\SP2QFE\iexplore.exe (Worm.Autorun.B) -> Quarantined and deleted successfully.
D:\RECYCLER\S-1-5-21-746137067-1177238915-1606980848-1003\Dd1603\$hf_mig$\KB961260-IE7\SP2QFE\iexplore.exe (Worm.Autorun.B) -> Quarantined and deleted successfully.
D:\RECYCLER\S-1-5-21-746137067-1177238915-1606980848-1003\Dd1603\$hf_mig$\KB963027-IE7\SP3QFE\iexplore.exe (Worm.Autorun.B) -> Quarantined and deleted successfully.
D:\RECYCLER\S-1-5-21-746137067-1177238915-1606980848-1003\Dd1603\ie7\iexplore.exe (Worm.Autorun.B) -> Quarantined and deleted successfully.
D:\RECYCLER\S-1-5-21-746137067-1177238915-1606980848-1003\Dd1603\ie8\iexplore.exe (Worm.Autorun.B) -> Quarantined and deleted successfully.
D:\RECYCLER\S-1-5-21-746137067-1177238915-1606980848-1003\Dd1603\ie8\iexplore.exe.mui (Worm.Autorun.B) -> Quarantined and deleted successfully.
D:\RECYCLER\S-1-5-21-746137067-1177238915-1606980848-1003\Dd1603\$NtServicePackUninstall$\wmiprvse.exe (Worm.Autorun.B) -> Quarantined and deleted successfully.
D:\RECYCLER\S-1-5-21-746137067-1177238915-1606980848-1003\Dd1603\$NtServicePackUninstall$\svchost.exe (Worm.Autorun.B) -> Quarantined and deleted successfully.
D:\RECYCLER\S-1-5-21-746137067-1177238915-1606980848-1003\Dd1603\$NtServicePackUninstall$\services.exe (Worm.Autorun.B) -> Quarantined and deleted successfully.
D:\RECYCLER\S-1-5-21-746137067-1177238915-1606980848-1003\Dd1603\$NtServicePackUninstall$\lsass.exe (Worm.Autorun.B) -> Quarantined and deleted successfully.
D:\RECYCLER\S-1-5-21-746137067-1177238915-1606980848-1003\Dd1603\$NtServicePackUninstall$\dllhost.exe (Worm.Autorun.B) -> Quarantined and deleted successfully.
D:\RECYCLER\S-1-5-21-746137067-1177238915-1606980848-1003\Dd1603\$NtServicePackUninstall$\csrss.exe (Worm.Autorun.B) -> Quarantined and deleted successfully.
D:\RECYCLER\S-1-5-21-746137067-1177238915-1606980848-1003\Dd1603\$NtServicePackUninstall$\smss.exe (Worm.Autorun.B) -> Quarantined and deleted successfully.
D:\RECYCLER\S-1-5-21-746137067-1177238915-1606980848-1003\Dd1603\$NtServicePackUninstall$\explorer.exe (Worm.Autorun.B) -> Quarantined and deleted successfully.
D:\RECYCLER\S-1-5-21-746137067-1177238915-1606980848-1003\Dd1603\$NtServicePackUninstall$\rundll32.exe (Worm.Autorun.B) -> Quarantined and deleted successfully.
D:\RECYCLER\S-1-5-21-746137067-1177238915-1606980848-1003\Dd1603\$NtServicePackUninstall$\userinit.exe (Worm.Autorun.B) -> Quarantined and deleted successfully.
D:\RECYCLER\S-1-5-21-746137067-1177238915-1606980848-1003\Dd1603\$NtServicePackUninstall$\winlogon.exe (Worm.Autorun.B) -> Quarantined and deleted successfully.
D:\RECYCLER\S-1-5-21-746137067-1177238915-1606980848-1003\Dd1346\Download\23d526e52f06d5ed6556fd55ac7424b1\SP2GDR\iexplore.exe (Worm.Autorun.B) -> Quarantined and deleted successfully.
D:\RECYCLER\S-1-5-21-746137067-1177238915-1606980848-1003\Dd1346\Download\23d526e52f06d5ed6556fd55ac7424b1\SP2QFE\iexplore.exe (Worm.Autorun.B) -> Quarantined and deleted successfully.
D:\RECYCLER\S-1-5-21-746137067-1177238915-1606980848-1003\Dd1346\Download\3efaeec161777ea6b7412bb0a39f702d\SP2GDR\iexplore.exe (Worm.Autorun.B) -> Quarantined and deleted successfully.
D:\RECYCLER\S-1-5-21-746137067-1177238915-1606980848-1003\Dd1346\Download\3efaeec161777ea6b7412bb0a39f702d\SP2QFE\iexplore.exe (Worm.Autorun.B) -> Quarantined and deleted successfully.
D:\RECYCLER\S-1-5-21-746137067-1177238915-1606980848-1003\Dd1355\i386\smss.exe (Worm.Autorun.B) -> Quarantined and deleted successfully.
D:\RECYCLER\S-1-5-21-746137067-1177238915-1606980848-1003\Dd1355\i386\explorer.exe (Worm.Autorun.B) -> Quarantined and deleted successfully.
D:\RECYCLER\S-1-5-21-746137067-1177238915-1606980848-1003\Dd1355\i386\rundll32.exe (Worm.Autorun.B) -> Quarantined and deleted successfully.
D:\RECYCLER\S-1-5-21-746137067-1177238915-1606980848-1003\Dd1355\i386\lsass.exe (Worm.Autorun.B) -> Quarantined and deleted successfully.
D:\RECYCLER\S-1-5-21-746137067-1177238915-1606980848-1003\Dd1355\i386\csrss.exe (Worm.Autorun.B) -> Quarantined and deleted successfully.
D:\RECYCLER\S-1-5-21-746137067-1177238915-1606980848-1003\Dd1355\i386\services.exe (Worm.Autorun.B) -> Quarantined and deleted successfully.
D:\RECYCLER\S-1-5-21-746137067-1177238915-1606980848-1003\Dd1355\i386\wmiprvse.exe (Worm.Autorun.B) -> Quarantined and deleted successfully.
D:\RECYCLER\S-1-5-21-746137067-1177238915-1606980848-1003\Dd1355\i386\svchost.exe (Worm.Autorun.B) -> Quarantined and deleted successfully.
D:\RECYCLER\S-1-5-21-746137067-1177238915-1606980848-1003\Dd1355\i386\userinit.exe (Worm.Autorun.B) -> Quarantined and deleted successfully.
D:\RECYCLER\S-1-5-21-746137067-1177238915-1606980848-1003\Dd1355\i386\iexplore.exe (Worm.Autorun.B) -> Quarantined and deleted successfully.
D:\RECYCLER\S-1-5-21-746137067-1177238915-1606980848-1003\Dd1355\i386\winlogon.exe (Worm.Autorun.B) -> Quarantined and deleted successfully.
D:\RECYCLER\S-1-5-21-746137067-1177238915-1606980848-1003\Dd1355\i386\dllhost.exe (Worm.Autorun.B) -> Quarantined and deleted successfully.
y el reporte del eset no lo encontré donde pusiste tons saqué la información que muestra el eset: C:\WINDOWS\rdvgchgr.exe Win32/Injector.AEY Troyano No se ha podido desinfectar D:\unlocker1.8.7.exe una variante de Win32/Adware.AD.. Eliminado -puesto en cuarentena E:\PROGRAMAS\Everest Poker.exe una variante de Win32/Adware.Ca No se ha podido desinfectar E:\RECYCLERS\S-1-5-21-164449193... Win32/Toolbar.AskSBar Aplicación Puesto en cuarentena Aún no he terminado con el doctor web, pero al descargarlo el archivo venia con un troyano  me ha detectado un troyano llamado Trojan.fakealert.3962 el cual ha sido eliminado Gracias ClauX |
|
30/10/09, 20:23:28
| |
| ||||
| Re: es un virus el rdvgchgr.exe ¿? Luego de realizar los pasos que te indique anteriormente. Panda Active Scan. Cualquier duda consulta su manual (en este link) Cita:
|
|
13/11/09, 03:24:59
| |
| ||||
| Re: es un virus el rdvgchgr.exe ¿? Hola: A pedido del Usuario se da por Solucionado el tema. Cita:
Cita:
Novedades del Foro | Antivirus Online | Eliminar Malwares | Políticas del Foro | Blog * Ayúdanos haciendo una DONACIÓN para poder seguir Ayudando. * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro. |
|
« Tema Anterior
|
Próximo Tema »
| Herramientas | |
| |
| 
Temas Similares | |
| Tema | Autor | Foro | Respuestas | Último mensaje |
| ayuda con VBS/terrosist.ow (solucionado) | jonesss | Temas Solucionados | 14 | 21/06/09 01:03:05 |
| Teniendo problemas con troyanos | xXHaseoXx | Foro de Virus y Spywares | 17 | 23/05/09 00:57:37 |
| Procesos iexplore.exe, cmd.exe y services.exe duplicados | juanmmett | Foro de Virus y Spywares | 14 | 23/02/09 06:59:56 |
| Un gran problema con un virus me vuelve loco! | andresps240778 | Foro de Virus y Spywares | 16 | 30/01/09 18:56:29 |
| ¿Como desinfectó este? Resultados de Panda Online (Solucionado) | C_david | Temas Solucionados | 3 | 13/12/08 17:16:26 |
Todas las horas son GMT -4. La hora es 06:00:32.
