Search Settings 1.2.2 ,no se lo que es (Solucionado) - Página 2

Buscar

		Foro de Spyware » Spyware - Adware - Hijackers - Malwares » Temas Solucionados
Search Settings 1.2.2 ,no se lo que es (Solucionado)

Para evitar Virus, Spyware y otros Malwares, te recomendamos mantenerte informado en: InfoSpyware Blog

Temas Solucionados Casos de HijackThis y Malwares resueltos.
(Solo lectura)

Página 2 de 4

Enviar a:

Herramientas

post #11

04/11/09, 13:32:14

dadena

Usuario

Registrado: nov 2009

Ubicación: Casas Ibañez

Mensajes: 23

Re: Search Settings 1.2.2 ,no se lo que es

Este el nuevo reporte sigue saliendo el mensaje estoy ya.... inclao le voy a pasar el panda online a ver que tal, pero lo mas seguro es que me toke formatear no puedo estar asi 8 horas con el virus dichoso y gracias por todo

Malwarebytes' Anti-Malware 1.41
Versión de la Base de Datos: 3099
Windows 5.1.2600 Service Pack 3 (Safe Mode)

04/11/2009 17:56:47
mbam-log-2009-11-04 (17-56-47).txt

Tipo de examen : Examen Completo (C:\|D:\|E:\|)
Objetos examinados: 318970
Tiempo transcurrido: 1 hour(s), 0 minute(s), 43 second(s)

Procesos en Memoria Infectados: 0
Módulos en Memoria Infectados: 0
Claves del Registro Infectadas: 0
Valores del Registro Infectados: 0
Elementos de Datos del Registro Infectados: 0
Carpetas Infectadas: 0
Ficheros Infectados: 12

Procesos en Memoria Infectados:
(No se han detectado elementos maliciosos)

Módulos en Memoria Infectados:
(No se han detectado elementos maliciosos)

Claves del Registro Infectadas:
(No se han detectado elementos maliciosos)

Valores del Registro Infectados:
(No se han detectado elementos maliciosos)

Elementos de Datos del Registro Infectados:
(No se han detectado elementos maliciosos)

Carpetas Infectadas:
(No se han detectado elementos maliciosos)

Ficheros Infectados:
D:\Mis documentos\Programas\WINDOWS\TEMAS Vista para XP\BUENO VISTA xp\Thoosje Sidebar 2.3 Installer.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\RECYCLER\S-1-5-21-507921405-1606980848-1060284298-1003\Dk62\csrss.exe (Worm.Autorun.B) -> Quarantined and deleted successfully.
D:\RECYCLER\S-1-5-21-507921405-1606980848-1060284298-1003\Dk62\dllhost.exe (Worm.Autorun.B) -> Quarantined and deleted successfully.
D:\RECYCLER\S-1-5-21-507921405-1606980848-1060284298-1003\Dk62\lsass.exe (Worm.Autorun.B) -> Quarantined and deleted successfully.
D:\RECYCLER\S-1-5-21-507921405-1606980848-1060284298-1003\Dk62\rundll32.exe (Worm.Autorun.B) -> Quarantined and deleted successfully.
D:\RECYCLER\S-1-5-21-507921405-1606980848-1060284298-1003\Dk62\services.exe (Worm.Autorun.B) -> Quarantined and deleted successfully.
D:\RECYCLER\S-1-5-21-507921405-1606980848-1060284298-1003\Dk62\smss.exe (Worm.Autorun.B) -> Quarantined and deleted successfully.
D:\RECYCLER\S-1-5-21-507921405-1606980848-1060284298-1003\Dk62\svchost.exe (Worm.Autorun.B) -> Quarantined and deleted successfully.
D:\RECYCLER\S-1-5-21-507921405-1606980848-1060284298-1003\Dk62\userinit.exe (Worm.Autorun.B) -> Quarantined and deleted successfully.
D:\RECYCLER\S-1-5-21-507921405-1606980848-1060284298-1003\Dk62\winlogon.exe (Worm.Autorun.B) -> Quarantined and deleted successfully.
D:\RECYCLER\S-1-5-21-507921405-1606980848-1060284298-1003\Dk62\wbem\wmiprvse.exe (Worm.Autorun.B) -> Quarantined and deleted successfully.
D:\RECYCLER\S-1-5-21-507921405-1606980848-1060284298-1003\Dk7\Internet Explorer\IEXPLORE.EXE (Worm.Autorun.B) -> Quarantined and deleted successfully.

InfoSpyware

post #12

04/11/09, 19:13:38

Fer21021

Usuario Habitual

Registrado: abr 2008

Ubicación: Argentina

Mensajes: 2.742

Re: Search Settings 1.2.2 ,no se lo que es

Cita:

inclao le voy a pasar el panda online a ver que tal, pero lo mas seguro es que me toke formatear no puedo estar asi 8 horas con el virus dichoso y gracias por todo

Hola, acá espero ese reporte.

El formateo, muchas veces es la solución más rápida y definitiva.

Si recurres al foro, nosotros tratamos de evitar que formatees, pero lleva su tiempo.
(siempre recuerda que los virus siempre ingresan al Pc, por que el que usa la PC los dejá entrar), ya sea no protegiéndose bien o navegando y descargando cosas poco seguras.

Saludos, y acá espero ese reporte.

»» »» »».......Persevera y triunfarás........«« «« ««

post #13

05/11/09, 04:22:09

dadena

Usuario

Registrado: nov 2009

Ubicación: Casas Ibañez

Mensajes: 23

Re: Search Settings 1.2.2 ,no se lo que es

Hola aqui te envio el reporte del panda online

Código:

;***********************************************************************************************************************************************************************************
ANALYSIS: 2009-11-05 09:20:23
PROTECTIONS: 1
MALWARE: 18
SUSPECTS: 20
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description                                  Version                       Active    Updated
;===================================================================================================================================================================================
Kaspersky Anti-Virus                         9.0.0.463                     No        Yes
;===================================================================================================================================================================================
MALWARE
Id        Description                        Type                Active    Severity  Disinfectable  Disinfected Location
;===================================================================================================================================================================================
00118347  Application/ToolWget               HackTools           No        0         No             No           d:\mis documentos\programas\decodoficadores digital plus\tboston-4600\auto usb 4600\bsautorun.rar[wget.exe]
00118347  Application/ToolWget               HackTools           No        0         Yes            No           d:\mis documentos\programas\decodoficadores digital plus\tboston-4600\auto usb 4600\archivos\wget.exe
00139061  Cookie/Doubleclick                 TrackingCookie      No        0         Yes            No           c:\documents and settings\compaq_propietario\cookies\compaq_propietario@doubleclick[1].txt
00139064  Cookie/Atlas DMT                   TrackingCookie      No        0         Yes            No           c:\documents and settings\compaq_propietario\cookies\compaq_propietario@atdmt[2].txt
00487810  HackTool/Aircrack                  HackTools           No        0         Yes            No           d:\mis documentos\programas\wifi\programas\aircrack-ng-0.9.3-win\bin\airodump-ng.exe
00537027  HackTool/Aircrack                  HackTools           No        0         Yes            No           d:\mis documentos\programas\wifi\desencriptar\erw-2.2 ronaldinho34\aircrack.exe
00537027  HackTool/Aircrack                  HackTools           No        0         Yes            No           d:\mis documentos\programas\wifi\programas\desencriptar wifi\aircrack.exe
03073998  Generic Trojan                     Virus/Trojan        No        0         Yes            No           d:\mis documentos\programas\windows\windows original\keygen para toda la familia windows\microsoft windows media center edition 2005 -activator-\crack.exe
03255161  Trj/Lineage.BZE                    Virus/Trojan        No        1         No             No           d:\mis documentos\programas\copia de seguridad del pc\norton ghost 14\norton.ghost.v14.0.keygen.only-edge.rar[norton.ghost.v14.0.keygen.only-edge\edatgb01.zip][edge.rar][edge\keygen.exe]
03641943  Generic Trojan                     Virus/Trojan        No        0         No             No           d:\mis documentos\programas\pasar a.....a\pasar de pdf a word\solid converter pdf v4.0.560.rar[keygen & patch\patch.exe]
03697117  Trj/Lineage.BZE                    Virus/Trojan        No        1         No             No           d:\mis documentos\programas\creador de gif\activegifcreator3.1.rar[activegifcreator3.1\patch\patch.exe]
03755552  Generic Malware                    Virus/Trojan        No        0         Yes            No           d:\mis documentos\programas\windows\windows original\keygen para toda la familia windows\microsoft keygen 2000\keygen.exe
03800473  Adware/AccesMembre                 Adware              No        0         No             No           d:\mis documentos\programas\drivers\portatil lg r510\setup.zip[data3.cab][data\gilautouc.exe]
03819869  Generic Malware                    Virus/Trojan        No        0         No             No           d:\mis documentos\programas\mesa de mezclas\mj studio + crack.exe[d:\mis documentos\programas\mesa de mezclas\mj studio + crack.exe][mjstudio110.exe]
03819869  Generic Malware                    Virus/Trojan        No        0         Yes            No           d:\mis documentos\programas\mesa de mezclas\mjstudio110.exe
03861559  Generic Malware                    Virus/Trojan        No        0         Yes            No           d:\mis documentos\programas\buscador\kazaa\kmd202gu_es.exe
03861559  Generic Malware                    Virus/Trojan        No        0         Yes            No           d:\mis documentos\programas\buscador\kazaa\kmd202gu_es (1).exe
03861559  Generic Malware                    Virus/Trojan        No        0         Yes            No           d:\mis documentos\programas\buscador\kazaa\kmd202gu_es (2).exe
03867482  Generic Trojan                     Virus/Trojan        No        0         Yes            No           d:\mis documentos\programas\wifi\programas\desencriptar wifi\etherw\plugins\0.10.12\opsi.dll
03867482  Generic Trojan                     Virus/Trojan        No        0         Yes            No           d:\mis documentos\programas\wifi\desencriptar\erw-2.2 ronaldinho34\etherw\plugins\0.10.12\opsi.dll
03881121  HackTool/MSNpass.G                 HackTools           No        1         Yes            No           d:\mis documentos\programas\wifi\programas\desencriptar wifi\wirelesskeyview.exe
03881121  HackTool/MSNpass.G                 HackTools           No        1         Yes            No           d:\mis documentos\programas\wifi\desencriptar\erw-2.2 ronaldinho34\wirelesskeyview.exe
03899051  Generic Malware                    Virus/Trojan        No        0         Yes            No           d:\mis documentos\programas\salvapantallas\serene screen aquarium 1.1 keygen.exe
03939264  Generic Malware                    Virus/Trojan        No        0         Yes            No           d:\mis documentos\programas\windows\windows original\keygen para toda la familia windows\crack for lh, xp and .net\tweaknt.exe
04024741  Generic Trojan                     Virus/Trojan        No        0         Yes            No           d:\mis documentos\programas\buscador\kazaa\kmd.exe
;===================================================================================================================================================================================
SUSPECTS
Sent      Location
;===================================================================================================================================================================================
No        c:\windows\downloaded installations\{427ee93c-8ac1-4276-bb6a-5339eb81e05b}\esteticanet.msi[unk_0068][tiendas.exe]
No        d:\mis documentos\programas\cosas de winzip\ayudasms.zip[ezupdate.exe]
No        d:\mis documentos\programas\grabador de dvd\clonedvd 1.3.1\crack\tmgnfo.exe
No        d:\mis documentos\programas\liberar moviles\liberar  movil\nokiafree calculator 3.20.03.exe[nokiafree_calc.exe]
No        d:\mis documentos\programas\reproductores dvd\cine povwer\cyberlink power cinema 4 + crack\crack\keygen.exe
No        d:\mis documentos\programas\reproductores dvd\cine povwer\cyberlink power cinema 4 + crack.rar[cyberlink power cinema 4 + crack\crack\keygen.exe]
No        d:\mis documentos\programas\wifi\desencriptar\erw-2.2 ronaldinho34\airdecap-ng.exe
No        d:\mis documentos\programas\wifi\desencriptar\erw-2.2 ronaldinho34\aireplay-ng.exe
No        d:\mis documentos\programas\wifi\desencriptar\erw-2.2 ronaldinho34\airodump-ng.exe
No        d:\mis documentos\programas\wifi\desencriptar\erw-2.2 ronaldinho34\makeivs-ng.exe
No        d:\mis documentos\programas\wifi\desencriptar\erw-2.2 ronaldinho34\packetforge-ng.exe
No        d:\mis documentos\programas\wifi\desencriptar\winaircrackpack\winaircrack.exe
No        d:\mis documentos\programas\wifi\programas\desencriptar wifi\airdecap-ng.exe
No        d:\mis documentos\programas\wifi\programas\desencriptar wifi\aireplay-ng.exe
No        d:\mis documentos\programas\wifi\programas\desencriptar wifi\airodump-ng.exe
No        d:\mis documentos\programas\wifi\programas\desencriptar wifi\makeivs-ng.exe
No        d:\mis documentos\programas\wifi\programas\desencriptar wifi\packetforge-ng.exe
No        d:\mis documentos\programas\windows\windows original\keygen para toda la familia windows\microsoft office communicator 2005 v1.0.559 -keygen-\keygen.exe
No        d:\mis documentos\programas\windows\windows original\keygen para toda la familia windows\microsoft operations manager 2005 -keygen-\keygen.exe
No        d:\mis documentos\programas\windows\windows original\keygen para toda la familia windows\microsoft visual foxpro v9.0 -keygen-\keygen.exe
;===================================================================================================================================================================================
VULNERABILITIES
Id        Severity       Description
;===================================================================================================================================================================================
;===================================================================================================================================================================================

espero tu ayuda

GRACIAS

post #14

05/11/09, 13:55:04

Fer21021

Usuario Habitual

Registrado: abr 2008

Ubicación: Argentina

Mensajes: 2.742

Re: Search Settings 1.2.2 ,no se lo que es

Hola,
Tienes varias infecciones. Muchos son crack, algunos te los mando a eliminar, son muchos, otro los subirás a esta virus total haber si están infectados.

Paso 1 :

Realize lo siguiente:

Descarga OTM en el escritorio.
Haz doble clic sobre el icono OTM.exe para ejecutarlo
Asegúrate que esté marcada la casilla "Unregister Dll´s and Ocx´s".
Pega el siguiente script, que se encuentra dentro del recuadro de abajo, en el area "Paste Instructions for items to be Moved"

Código:

:files
d:\mis documentos\programas\buscador\kazaa\kmd.exe
d:\mis documentos\programas\buscador\kazaa\kmd202gu_es (1).exe
d:\mis documentos\programas\buscador\kazaa\kmd202gu_es (2).exe
d:\mis documentos\programas\buscador\kazaa\kmd202gu_es.exe
d:\mis documentos\programas\copia de seguridad del pc\norton ghost 14\norton.ghost.v14.0.keygen.only-edge.rar
d:\mis documentos\programas\creador de gif\activegifcreator3.1.rar
d:\mis documentos\programas\decodoficadores digital plus\tboston-4600\auto usb 4600\archivos\wget.exe
d:\mis documentos\programas\decodoficadores digital plus\tboston-4600\auto usb 4600\bsautorun.rar
d:\mis documentos\programas\drivers\portatil lg r510\setup.zip
d:\mis documentos\programas\mesa de mezclas\mj studio + crack.exe
d:\mis documentos\programas\mesa de mezclas\mjstudio110.exe
d:\mis documentos\programas\pasar a.....a\pasar de pdf a word\solid converter pdf v4.0.560.rar
d:\mis documentos\programas\salvapantallas\serene screen aquarium 1.1 keygen.exe
d:\mis documentos\programas\wifi\desencriptar\erw-2.2 ronaldinho34\aircrack.exe
d:\mis documentos\programas\wifi\desencriptar\erw-2.2 ronaldinho34\etherw\plugins\0.10.12\opsi.dll
d:\mis documentos\programas\wifi\desencriptar\erw-2.2 ronaldinho34\wirelesskeyview.exe
d:\mis documentos\programas\wifi\programas\aircrack-ng-0.9.3-win\bin\airodump-ng.exe
d:\mis documentos\programas\wifi\programas\desencriptar wifi\aircrack.exe
d:\mis documentos\programas\wifi\programas\desencriptar wifi\etherw\plugins\0.10.12\opsi.dll
d:\mis documentos\programas\wifi\programas\desencriptar wifi\wirelesskeyview.exe
d:\mis documentos\programas\windows\windows original\keygen para toda la familia windows\crack for lh, xp and .net\tweaknt.exe
d:\mis documentos\programas\windows\windows original\keygen para toda la familia windows\microsoft keygen 2000\keygen.exe
d:\mis documentos\programas\windows\windows original\keygen para toda la familia windows\microsoft windows media center edition 2005 -activator-\crack.exe
d:\mis documentos\programas\wifi\desencriptar\erw-2.2 ronaldinho34\airdecap-ng.exe
d:\mis documentos\programas\wifi\desencriptar\erw-2.2 ronaldinho34\aireplay-ng.exe
d:\mis documentos\programas\wifi\desencriptar\erw-2.2 ronaldinho34\airodump-ng.exe
d:\mis documentos\programas\wifi\desencriptar\erw-2.2 ronaldinho34\makeivs-ng.exe
d:\mis documentos\programas\wifi\desencriptar\erw-2.2 ronaldinho34\packetforge-ng.exe
d:\mis documentos\programas\wifi\desencriptar\winaircrackpack\winaircrack.exe
d:\mis documentos\programas\wifi\programas\desencriptar wifi\airdecap-ng.exe
d:\mis documentos\programas\wifi\programas\desencriptar wifi\aireplay-ng.exe
d:\mis documentos\programas\wifi\programas\desencriptar wifi\airodump-ng.exe
d:\mis documentos\programas\wifi\programas\desencriptar wifi\makeivs-ng.exe
d:\mis documentos\programas\reproductores dvd\cine povwer\cyberlink power cinema 4 + crack\crack\keygen.exe
d:\mis documentos\programas\reproductores dvd\cine povwer\cyberlink power cinema 4 + crack.rar
c:\windows\downloaded installations\{427ee93c-8ac1-4276-bb6a-5339eb81e05b}\esteticanet.msi
d:\mis documentos\programas\cosas de winzip\ayudasms.zip
d:\mis documentos\programas\grabador de dvd\clonedvd 1.3.1\crack\tmgnfo.exe



:commands
[emptytemp]
[purity]
[Reboot]

dar clic sobre el boton MoveIt!
Espere hasta cuando el resultado aparezca en el marco Results.
Simultáneamente se abrirá un aviso preguntando si deseamos reiniciar el PC, pulse sobre Yes para reiniciar.si no sale ese aviso lo reinicias manualmente,>>> Este reinicio es importante
En su proximo mensaje envie reporte de OTM situado sobre C: \ _ OTM\MovedFiles\***_***.log

regresas con el reporte de OTM

Paso 2:

Sube los siguiente archivos, a virus total, me dices que resultado te dio cada uno.

d:\mis documentos\programas\windows\windows original\keygen para toda la familia windows\microsoft office communicator 2005 v1.0.559 -keygen-\keygen.exe
d:\mis documentos\programas\windows\windows original\keygen para toda la familia windows\microsoft operations manager 2005 -keygen-\keygen.exe
d:\mis documentos\programas\windows\windows original\keygen para toda la familia windows\microsoft visual foxpro v9.0 -keygen-\keygen.exe
d:\mis documentos\programas\liberar moviles\liberar movil\nokiafree calculator 3.20.03.exe

Paso 3 :

Descarga:
»
DR WEB CURE-IT -Manual
Ejecuta en modo seguro :
»
DR WEB,
Realiza 1ero un chequeo express y luego un EXAMEN COMPLETO, eliminando todo lo que encuentre.

Trae los reportes de OTM, DR.web, (y guarda los reportes de virus total, me dices la cantidad de antivirus que detectaron cada archivo).

Saludos.

»» »» »».......Persevera y triunfarás........«« «« ««

Última edición por Fer21021 fecha: 05/11/09 a las 14:36:09.

post #15

05/11/09, 14:25:58

dadena

Usuario

Registrado: nov 2009

Ubicación: Casas Ibañez

Mensajes: 23

Re: Search Settings 1.2.2 ,no se lo que es

este es el reporte de OTM

Código:

All processes killed
========== FILES ==========
File/Folder d:\mis documentos\programas\buscador\kazaa\kmd.exe not found.
File/Folder d:\mis documentos\programas\buscador\kazaa\kmd202gu_es (1).exe not found.
File/Folder d:\mis documentos\programas\buscador\kazaa\kmd202gu_es (2).exe not found.
File/Folder d:\mis documentos\programas\buscador\kazaa\kmd202gu_es.exe not found.
d:\mis documentos\programas\copia de seguridad del pc\norton ghost 14\Norton.Ghost.v14.0.Keygen.Only-EDGE.rar moved successfully.
d:\mis documentos\programas\creador de gif\ActiveGIFCreator3.1.rar moved successfully.
d:\mis documentos\programas\decodoficadores digital plus\tboston-4600\auto usb 4600\archivos\wget.exe moved successfully.
d:\mis documentos\programas\decodoficadores digital plus\tboston-4600\auto usb 4600\BSAutoRun.rar moved successfully.
d:\mis documentos\programas\drivers\portatil lg r510\Setup.zip moved successfully.
d:\mis documentos\programas\mesa de mezclas\MJ Studio + crack.exe moved successfully.
d:\mis documentos\programas\mesa de mezclas\MJSTUDIO110.EXE moved successfully.
d:\mis documentos\programas\pasar a.....a\pasar de pdf a word\Solid Converter PDF v4.0.560.rar moved successfully.
File/Folder d:\mis documentos\programas\salvapantallas\serene screen aquarium 1.1 keygen.exe not found.
d:\mis documentos\programas\wifi\desencriptar\erw-2.2 ronaldinho34\aircrack.exe moved successfully.
File/Folder d:\mis documentos\programas\wifi\desencriptar\erw-2.2 ronaldinho34\etherw\plugins\0.10.12\opsi.dll not found.
d:\mis documentos\programas\wifi\desencriptar\erw-2.2 ronaldinho34\WirelessKeyView.exe moved successfully.
d:\mis documentos\programas\wifi\programas\aircrack-ng-0.9.3-win\bin\airodump-ng.exe moved successfully.
d:\mis documentos\programas\wifi\programas\desencriptar wifi\aircrack.exe moved successfully.
File/Folder d:\mis documentos\programas\wifi\programas\desencriptar wifi\etherw\plugins\0.10.12\opsi.dll not found.
d:\mis documentos\programas\wifi\programas\desencriptar wifi\WirelessKeyView.exe moved successfully.
File/Folder d:\mis documentos\programas\windows\windows original\keygen para toda la familia windows\crack for lh, xp and .net\tweaknt.exe not found.
File/Folder d:\mis documentos\programas\windows\windows original\keygen para toda la familia windows\microsoft keygen 2000\keygen.exe not found.
File/Folder d:\mis documentos\programas\windows\windows original\keygen para toda la familia windows\microsoft windows media center edition 2005 -activator-\crack.exe not found.
d:\mis documentos\programas\wifi\desencriptar\erw-2.2 ronaldinho34\airdecap-ng.exe moved successfully.
d:\mis documentos\programas\wifi\desencriptar\erw-2.2 ronaldinho34\aireplay-ng.exe moved successfully.
d:\mis documentos\programas\wifi\desencriptar\erw-2.2 ronaldinho34\airodump-ng.exe moved successfully.
d:\mis documentos\programas\wifi\desencriptar\erw-2.2 ronaldinho34\makeivs-ng.exe moved successfully.
d:\mis documentos\programas\wifi\desencriptar\erw-2.2 ronaldinho34\packetforge-ng.exe moved successfully.
d:\mis documentos\programas\wifi\desencriptar\winaircrackpack\WinAircrack.exe moved successfully.
d:\mis documentos\programas\wifi\programas\desencriptar wifi\airdecap-ng.exe moved successfully.
d:\mis documentos\programas\wifi\programas\desencriptar wifi\aireplay-ng.exe moved successfully.
d:\mis documentos\programas\wifi\programas\desencriptar wifi\airodump-ng.exe moved successfully.
d:\mis documentos\programas\wifi\programas\desencriptar wifi\makeivs-ng.exe moved successfully.
d:\mis documentos\programas\reproductores dvd\cine povwer\cyberlink power cinema 4 + crack\crack\keygen.exe moved successfully.
d:\mis documentos\programas\reproductores dvd\cine povwer\Cyberlink Power Cinema 4 + Crack.rar moved successfully.
c:\windows\downloaded installations\{427ee93c-8ac1-4276-bb6a-5339eb81e05b}\EsteticaNet.msi moved successfully.
d:\mis documentos\programas\cosas de winzip\AYUDASMS.ZIP moved successfully.
d:\mis documentos\programas\grabador de dvd\clonedvd 1.3.1\crack\TMGNfo.exe moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: Administrador
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: All Users
 
User: Compaq_Propietario
->Temp folder emptied: 13800662 bytes
File delete failed. C:\Documents and Settings\Compaq_Propietario\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 27339499 bytes
->Java cache emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Invitado
->Temp folder emptied: 52536 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: LocalService
->Temp folder emptied: 115616 bytes
File delete failed. C:\Documents and Settings\LocalService\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 33170 bytes
 
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33237 bytes
 
C:\USMT.TMP\USMT2.HN folder deleted successfully.
C:\USMT.TMP\DIR0000.TMP folder deleted successfully.
C:\USMT.TMP folder deleted successfully.
%systemdrive% .tmp files removed: 21016843 bytes
%systemroot% .tmp files removed: 19569 bytes
%systemroot%\System32 .tmp files removed: 3433309 bytes
File delete failed. C:\WINDOWS\temp\cchF3A.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\cchF3B.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\cchF3D.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\cchF3E.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_1448.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_eb8.dat scheduled to be deleted on reboot.
Windows Temp folder emptied: 253900 bytes
RecycleBin emptied: 136240880 bytes
 
Total Files Cleaned = 193,06 mb
 
 
OTM by OldTimer - Version 3.0.0.6 log created on 11052009_190047

post #16

05/11/09, 14:29:53

dadena

Usuario

Registrado: nov 2009

Ubicación: Casas Ibañez

Mensajes: 23

Re: Search Settings 1.2.2 ,no se lo que es

Que es virus total y como subo los archivos?

Gracias

post #17

05/11/09, 14:35:49

Fer21021

Usuario Habitual

Registrado: abr 2008

Ubicación: Argentina

Mensajes: 2.742

Re: Search Settings 1.2.2 ,no se lo que es

Huy, me omiti, explicarte eso.

VirusTotal - Free Online Virus and Malware Scan (es una pagina que te escanean archivos, 41 companias antivirus, y te dicen cuales lo encuentran al archivo infectado).

Manual de Virustotal

Si alguno de los archivos, que tienes que subir a virustotal, no lo necesitas, lo eliminas directamente y listo.

Espero tu respuesta.

Saludos.

»» »» »».......Persevera y triunfarás........«« «« ««

post #18

06/11/09, 05:04:25

dadena

Usuario

Registrado: nov 2009

Ubicación: Casas Ibañez

Mensajes: 23

Re: Search Settings 1.2.2 ,no se lo que es

Hola, antes de nada darte las gracias por tu atencion, los archivos que me dices que suba a virustotal, no me sirven, ¿los elimino? o te mando el reporte de cada uno de ellos, y si los elimino ya no tendre que hacer este paso no??

Un saludo

post #19

06/11/09, 05:21:02

dadena

Usuario

Registrado: nov 2009

Ubicación: Casas Ibañez

Mensajes: 23

Re: Search Settings 1.2.2 ,no se lo que es

BUENO para asegurarme te envio el reporte de cada uno y ya me dices algo hay van:

Código:

Análisis del archivo kEyGeN.exe recibido el 2009.11.06 08:57:47 (UTC)Motor antivirus Versión Última actualización Resultado 
a-squared 4.5.0.41 2009.11.06 Trojan-PWS.65536!IK 
AhnLab-V3 5.0.0.2 2009.11.06 Win-Trojan/Xema.variant 
AntiVir 7.9.1.59 2009.11.05 TR/PWS.65536.3 
Antiy-AVL 2.0.3.7 2009.11.05 - 
Authentium 5.2.0.5 2009.11.06 - 
Avast 4.8.1351.0 2009.11.06 Win32:Trojan-gen 
AVG 8.5.0.423 2009.11.05 Crypt.EZT 
BitDefender 7.2 2009.11.06 - 
CAT-QuickHeal 10.00 2009.11.06 Trojan.Agent.ATV 
ClamAV 0.94.1 2009.11.06 - 
Comodo 2856 2009.11.06 Heur.Packed.Unknown 
DrWeb 5.0.0.12182 2009.11.06 - 
eTrust-Vet 35.1.7106 2009.11.05 - 
F-Prot 4.5.1.85 2009.11.05 - 
F-Secure 9.0.15370.0 2009.11.04 Suspicious:W32/Malware!Gemini 
Fortinet 3.120.0.0 2009.11.05 - 
GData 19 2009.11.06 Win32:Trojan-gen 
Ikarus T3.1.1.74.0 2009.11.06 Trojan-PWS.65536 
Jiangmin 11.0.800 2009.11.06 - 
K7AntiVirus 7.10.889 2009.11.05 Trojan.Win32.Malware.1 
Kaspersky 7.0.0.125 2009.11.06 - 
McAfee 5793 2009.11.05 - 
McAfee+Artemis 5793 2009.11.05 - 
McAfee-GW-Edition 6.8.5 2009.11.06 Heuristic.LooksLike.Win32.SuspiciousPE.A 
Microsoft 1.5202 2009.11.05 - 
NOD32 4577 2009.11.05 probably a variant of Win32/Agent 
Norman 6.03.02 2009.11.05 W32/Suspicious_Gen.CHUE 
nProtect 2009.1.8.0 2009.11.06 Trojan/W32.Agent.64512.CD 
Panda 10.0.2.2 2009.11.05 Suspicious file 
PCTools 7.0.3.5 2009.11.06 Trojan.Generic 
Prevx 3.0 2009.11.06 - 
Rising 21.54.42.00 2009.11.06 - 
Sophos 4.47.0 2009.11.06 - 
Sunbelt 3.2.1858.2 2009.11.06 - 
Symantec 1.4.4.12 2009.11.06 Trojan Horse 
TheHacker 6.5.0.2.062 2009.11.05 - 
TrendMicro 9.0.0.1003 2009.11.06 TROJ_Generic.DIT 
VBA32 3.12.10.11 2009.11.06 - 
ViRobot 2009.11.6.2025 2009.11.06 - 
VirusBuster 4.6.5.0 2009.11.05 - 
 
Información adicional 
Tamano archivo: 64512 bytes 
MD5...: 0467f874c01f305663c8643e0409c187 
SHA1..: 78be2d7414602e2cdd3dd8b543de2611ff240acc 
SHA256: d69fa58241150e0ab489747e0e2ad1d702401aaa8d3932dea0904c81f9566c18 
ssdeep: 1536:odVM3EGMoM6/r2HW2JBZF+ekoaBX+yS79hfMe:YM36Y/YW2bX+eko2XbS79<BR>f<BR> 
PEiD..: - 
PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x1505c<BR>timedatestamp.....: 0x0 (Thu Jan 01 00:00:00 1970)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 4 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.textbss 0x1000 0x11000 0x9200 7.91 3e20b8bd8a756a929a4be18bc55ed9b4<BR>.textbss 0x12000 0x2000 0x400 6.58 188557fac2cae50418ea4442bd349578<BR>.rsrc 0x14000 0x1000 0x200 3.56 6d86f67c98bd463a0aefe24615ec9cf9<BR>.textbss 0x15000 0x7000 0x6200 7.97 47f6995ca3f1984c0137c1d8297300d1<BR><BR>( 1 imports ) <BR>&gt; KERNEL32.dll: LoadLibraryA, VirtualAlloc<BR><BR>( 0 exports ) <BR> 
RDS...: NSRL Reference Data Set<BR>- 
pdfid.: - 
trid..: Generic Win/DOS Executable (49.8%)<BR>DOS Executable Generic (49.8%)<BR>Targa bitmap (Original TGA Format) (0.1%)<BR>MS Flight Simulator Aircraft Performance Info (0.0%) 
packers (Kaspersky): PELock 
sigcheck:<BR>publisher....: n/a<BR>copyright....: n/a<BR>product......: n/a<BR>description..: n/a<BR>original name: n/a<BR>internal name: n/a<BR>file version.: n/a<BR>comments.....: n/a<BR>signers......: -<BR>signing date.: -<BR>verified.....: Unsigned<BR> 
packers (F-Prot): PELock 
 
Motor antivirus;Versión;Última actualización;Resultado
a-squared;4.5.0.41;2009.11.06;Trojan-PWS.65536!IK
AhnLab-V3;5.0.0.2;2009.11.06;Win-Trojan/Xema.variant
AntiVir;7.9.1.59;2009.11.05;TR/PWS.65536.3
Antiy-AVL;2.0.3.7;2009.11.05;-
Authentium;5.2.0.5;2009.11.06;-
Avast;4.8.1351.0;2009.11.06;Win32:Trojan-gen
AVG;8.5.0.423;2009.11.05;Crypt.EZT
BitDefender;7.2;2009.11.06;-
CAT-QuickHeal;10.00;2009.11.06;Trojan.Agent.ATV
ClamAV;0.94.1;2009.11.06;-
Comodo;2856;2009.11.06;Heur.Packed.Unknown
DrWeb;5.0.0.12182;2009.11.06;-
eTrust-Vet;35.1.7106;2009.11.05;-
F-Prot;4.5.1.85;2009.11.05;-
F-Secure;9.0.15370.0;2009.11.04;Suspicious:W32/Malware!Gemini
Fortinet;3.120.0.0;2009.11.05;-
GData;19;2009.11.06;Win32:Trojan-gen
Ikarus;T3.1.1.74.0;2009.11.06;Trojan-PWS.65536
Jiangmin;11.0.800;2009.11.06;-
K7AntiVirus;7.10.889;2009.11.05;Trojan.Win32.Malware.1
Kaspersky;7.0.0.125;2009.11.06;-
McAfee;5793;2009.11.05;-
McAfee+Artemis;5793;2009.11.05;-
McAfee-GW-Edition;6.8.5;2009.11.06;Heuristic.LooksLike.Win32.SuspiciousPE.A
Microsoft;1.5202;2009.11.05;-
NOD32;4577;2009.11.05;probably a variant of Win32/Agent
Norman;6.03.02;2009.11.05;W32/Suspicious_Gen.CHUE
nProtect;2009.1.8.0;2009.11.06;Trojan/W32.Agent.64512.CD
Panda;10.0.2.2;2009.11.05;Suspicious file
PCTools;7.0.3.5;2009.11.06;Trojan.Generic
Prevx;3.0;2009.11.06;-
Rising;21.54.42.00;2009.11.06;-
Sophos;4.47.0;2009.11.06;-
Sunbelt;3.2.1858.2;2009.11.06;-
Symantec;1.4.4.12;2009.11.06;Trojan Horse
TheHacker;6.5.0.2.062;2009.11.05;-
TrendMicro;9.0.0.1003;2009.11.06;TROJ_Generic.DIT
VBA32;3.12.10.11;2009.11.06;-
ViRobot;2009.11.6.2025;2009.11.06;-
VirusBuster;4.6.5.0;2009.11.05;-

Información adicional
Tamano archivo: 64512 bytes
MD5...: 0467f874c01f305663c8643e0409c187
SHA1..: 78be2d7414602e2cdd3dd8b543de2611ff240acc
SHA256: d69fa58241150e0ab489747e0e2ad1d702401aaa8d3932dea0904c81f9566c18
ssdeep: 1536:odVM3EGMoM6/r2HW2JBZF+ekoaBX+yS79hfMe:YM36Y/YW2bX+eko2XbS79<BR>f<BR>
PEiD..: -
PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x1505c<BR>timedatestamp.....: 0x0 (Thu Jan 01 00:00:00 1970)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 4 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.textbss 0x1000 0x11000 0x9200 7.91 3e20b8bd8a756a929a4be18bc55ed9b4<BR>.textbss 0x12000 0x2000 0x400 6.58 188557fac2cae50418ea4442bd349578<BR>.rsrc 0x14000 0x1000 0x200 3.56 6d86f67c98bd463a0aefe24615ec9cf9<BR>.textbss 0x15000 0x7000 0x6200 7.97 47f6995ca3f1984c0137c1d8297300d1<BR><BR>( 1 imports ) <BR>&gt; KERNEL32.dll: LoadLibraryA, VirtualAlloc<BR><BR>( 0 exports ) <BR>
RDS...: NSRL Reference Data Set<BR>-
pdfid.: -
trid..: Generic Win/DOS Executable (49.8%)<BR>DOS Executable Generic (49.8%)<BR>Targa bitmap (Original TGA Format) (0.1%)<BR>MS Flight Simulator Aircraft Performance Info (0.0%)
packers (Kaspersky): PELock
sigcheck:<BR>publisher....: n/a<BR>copyright....: n/a<BR>product......: n/a<BR>description..: n/a<BR>original name: n/a<BR>internal name: n/a<BR>file version.: n/a<BR>comments.....: n/a<BR>signers......: -<BR>signing date.: -<BR>verified.....: Unsigned<BR>
packers (F-Prot): PELock

2º ARCHIVO ANALIZADO

Código:

Análisis del archivo kEyGeN.exe recibido el 2009.11.06 09:07:10 (UTC)Motor antivirus Versión Última actualización Resultado 
a-squared 4.5.0.41 2009.11.06 Packed.Win32.Krap!IK 
AhnLab-V3 5.0.0.2 2009.11.06 Win-Trojan/Xema.variant 
AntiVir 7.9.1.59 2009.11.05 TR/PCK.Krap.G.34 
Antiy-AVL 2.0.3.7 2009.11.05 Packed/Win32.Krap 
Authentium 5.2.0.5 2009.11.06 - 
Avast 4.8.1351.0 2009.11.06 Win32:Trojan-gen 
AVG 8.5.0.423 2009.11.05 Generic12.AGHJ 
BitDefender 7.2 2009.11.06 - 
CAT-QuickHeal 10.00 2009.11.06 Trojan.Agent.ATV 
ClamAV 0.94.1 2009.11.06 - 
Comodo 2857 2009.11.06 Heur.Packed.Unknown 
DrWeb 5.0.0.12182 2009.11.06 - 
eTrust-Vet 35.1.7106 2009.11.05 - 
F-Prot 4.5.1.85 2009.11.05 - 
F-Secure 9.0.15370.0 2009.11.04 Suspicious:W32/Malware!Gemini 
Fortinet 3.120.0.0 2009.11.05 - 
GData 19 2009.11.06 Win32:Trojan-gen 
Ikarus T3.1.1.74.0 2009.11.06 Packed.Win32.Krap 
Jiangmin 11.0.800 2009.11.06 - 
K7AntiVirus 7.10.889 2009.11.05 Trojan.Win32.Malware.1 
Kaspersky 7.0.0.125 2009.11.06 - 
McAfee 5793 2009.11.05 - 
McAfee+Artemis 5793 2009.11.05 - 
McAfee-GW-Edition 6.8.5 2009.11.06 Heuristic.LooksLike.Win32.Suspicious.A 
Microsoft 1.5202 2009.11.05 - 
NOD32 4577 2009.11.05 probably a variant of Win32/Agent 
Norman 6.03.02 2009.11.05 - 
nProtect 2009.1.8.0 2009.11.06 Trojan/W32.Agent.64512.AS 
Panda 10.0.2.2 2009.11.05 Suspicious file 
PCTools 7.0.3.5 2009.11.06 Backdoor.Trojan 
Prevx 3.0 2009.11.06 High Risk Worm 
Rising 21.54.42.00 2009.11.06 - 
Sophos 4.47.0 2009.11.06 - 
Sunbelt 3.2.1858.2 2009.11.06 - 
Symantec 1.4.4.12 2009.11.06 Backdoor.Trojan 
TheHacker 6.5.0.2.062 2009.11.05 - 
TrendMicro 9.0.0.1003 2009.11.06 PAK_Generic.001 
VBA32 3.12.10.11 2009.11.06 - 
ViRobot 2009.11.6.2025 2009.11.06 - 
VirusBuster 4.6.5.0 2009.11.05 Trojan.PCK.A 
 
Información adicional 
Tamano archivo: 64512 bytes 
MD5...: 0a37279ff222b1dcf5ba9db94e69a6c5 
SHA1..: e0751169212b5186151b53e46d5c3d552a55b97a 
SHA256: 4d2c240cb5e2053cd14a3070f141230e6e0ae53711389b6c90d6b59edb09afa4 
ssdeep: 1536:k2AeEf9/EruDnpn3Hp3Os8N8tdfmmLWlyzDguHCGR5:dREf9MrInd3Hp+2t<BR>omhHPD<BR> 
PEiD..: - 
PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x1505c<BR>timedatestamp.....: 0x0 (Thu Jan 01 00:00:00 1970)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 4 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.petite 0x1000 0x11000 0x9200 7.90 e43961f4ceee2020e1ecc9a1815b930e<BR>.petite 0x12000 0x2000 0x400 6.13 e7e81b98418a8c429037916ab709e58c<BR>.rsrc 0x14000 0x1000 0x200 3.54 a1b938482f442dd72d631c64cf6f0f32<BR>.petite 0x15000 0x7000 0x6200 7.97 0d57aed18f1a604367509204ab54df65<BR><BR>( 1 imports ) <BR>&gt; KERNEL32.dll: LoadLibraryA, VirtualAlloc<BR><BR>( 0 exports ) <BR> 
RDS...: NSRL Reference Data Set<BR>- 
pdfid.: - 
trid..: Generic Win/DOS Executable (49.8%)<BR>DOS Executable Generic (49.8%)<BR>Targa bitmap (Original TGA Format) (0.1%)<BR>MS Flight Simulator Aircraft Performance Info (0.0%) 
packers (Kaspersky): PELock 
sigcheck:<BR>publisher....: n/a<BR>copyright....: n/a<BR>product......: n/a<BR>description..: n/a<BR>original name: n/a<BR>internal name: n/a<BR>file version.: n/a<BR>comments.....: n/a<BR>signers......: -<BR>signing date.: -<BR>verified.....: Unsigned<BR> 
packers (F-Prot): PELock 
&lt;a href='http://info.prevx.com/aboutprogramtext.asp?PX5=1D06D3DC00FF151CFCA5001FB001CC00F3ADDB32' target='_blank'&gt;http://info.prevx.com/aboutprogramtext.asp?PX5=1D06D3DC00FF151CFCA5001FB001CC00F3ADDB32&lt;/a&gt; 
 
Motor antivirus;Versión;Última actualización;Resultado
a-squared;4.5.0.41;2009.11.06;Packed.Win32.Krap!IK
AhnLab-V3;5.0.0.2;2009.11.06;Win-Trojan/Xema.variant
AntiVir;7.9.1.59;2009.11.05;TR/PCK.Krap.G.34
Antiy-AVL;2.0.3.7;2009.11.05;Packed/Win32.Krap
Authentium;5.2.0.5;2009.11.06;-
Avast;4.8.1351.0;2009.11.06;Win32:Trojan-gen
AVG;8.5.0.423;2009.11.05;Generic12.AGHJ
BitDefender;7.2;2009.11.06;-
CAT-QuickHeal;10.00;2009.11.06;Trojan.Agent.ATV
ClamAV;0.94.1;2009.11.06;-
Comodo;2857;2009.11.06;Heur.Packed.Unknown
DrWeb;5.0.0.12182;2009.11.06;-
eTrust-Vet;35.1.7106;2009.11.05;-
F-Prot;4.5.1.85;2009.11.05;-
F-Secure;9.0.15370.0;2009.11.04;Suspicious:W32/Malware!Gemini
Fortinet;3.120.0.0;2009.11.05;-
GData;19;2009.11.06;Win32:Trojan-gen
Ikarus;T3.1.1.74.0;2009.11.06;Packed.Win32.Krap
Jiangmin;11.0.800;2009.11.06;-
K7AntiVirus;7.10.889;2009.11.05;Trojan.Win32.Malware.1
Kaspersky;7.0.0.125;2009.11.06;-
McAfee;5793;2009.11.05;-
McAfee+Artemis;5793;2009.11.05;-
McAfee-GW-Edition;6.8.5;2009.11.06;Heuristic.LooksLike.Win32.Suspicious.A
Microsoft;1.5202;2009.11.05;-
NOD32;4577;2009.11.05;probably a variant of Win32/Agent
Norman;6.03.02;2009.11.05;-
nProtect;2009.1.8.0;2009.11.06;Trojan/W32.Agent.64512.AS
Panda;10.0.2.2;2009.11.05;Suspicious file
PCTools;7.0.3.5;2009.11.06;Backdoor.Trojan
Prevx;3.0;2009.11.06;High Risk Worm
Rising;21.54.42.00;2009.11.06;-
Sophos;4.47.0;2009.11.06;-
Sunbelt;3.2.1858.2;2009.11.06;-
Symantec;1.4.4.12;2009.11.06;Backdoor.Trojan
TheHacker;6.5.0.2.062;2009.11.05;-
TrendMicro;9.0.0.1003;2009.11.06;PAK_Generic.001
VBA32;3.12.10.11;2009.11.06;-
ViRobot;2009.11.6.2025;2009.11.06;-
VirusBuster;4.6.5.0;2009.11.05;Trojan.PCK.A

Información adicional
Tamano archivo: 64512 bytes
MD5...: 0a37279ff222b1dcf5ba9db94e69a6c5
SHA1..: e0751169212b5186151b53e46d5c3d552a55b97a
SHA256: 4d2c240cb5e2053cd14a3070f141230e6e0ae53711389b6c90d6b59edb09afa4
ssdeep: 1536:k2AeEf9/EruDnpn3Hp3Os8N8tdfmmLWlyzDguHCGR5:dREf9MrInd3Hp+2t<BR>omhHPD<BR>
PEiD..: -
PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x1505c<BR>timedatestamp.....: 0x0 (Thu Jan 01 00:00:00 1970)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 4 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.petite 0x1000 0x11000 0x9200 7.90 e43961f4ceee2020e1ecc9a1815b930e<BR>.petite 0x12000 0x2000 0x400 6.13 e7e81b98418a8c429037916ab709e58c<BR>.rsrc 0x14000 0x1000 0x200 3.54 a1b938482f442dd72d631c64cf6f0f32<BR>.petite 0x15000 0x7000 0x6200 7.97 0d57aed18f1a604367509204ab54df65<BR><BR>( 1 imports ) <BR>&gt; KERNEL32.dll: LoadLibraryA, VirtualAlloc<BR><BR>( 0 exports ) <BR>
RDS...: NSRL Reference Data Set<BR>-
pdfid.: -
trid..: Generic Win/DOS Executable (49.8%)<BR>DOS Executable Generic (49.8%)<BR>Targa bitmap (Original TGA Format) (0.1%)<BR>MS Flight Simulator Aircraft Performance Info (0.0%)
packers (Kaspersky): PELock
sigcheck:<BR>publisher....: n/a<BR>copyright....: n/a<BR>product......: n/a<BR>description..: n/a<BR>original name: n/a<BR>internal name: n/a<BR>file version.: n/a<BR>comments.....: n/a<BR>signers......: -<BR>signing date.: -<BR>verified.....: Unsigned<BR>
packers (F-Prot): PELock
&lt;a href='http://info.prevx.com/aboutprogramtext.asp?PX5=1D06D3DC00FF151CFCA5001FB001CC00F3ADDB32' target='_blank'&gt;http://info.prevx.com/aboutprogramtext.asp?PX5=1D06D3DC00FF151CFCA5001FB001CC00F3ADDB32&lt;/a&gt;

3º ARCHIVO ANALIZADO

Código:

Análisis del archivo kEyGeN.exe recibido el 2009.11.06 09:14:26 (UTC)Motor antivirus Versión Última actualización Resultado 
a-squared 4.5.0.41 2009.11.06 Virus.Win32.Trojan!IK 
AhnLab-V3 5.0.0.2 2009.11.06 Win-Trojan/Xema.variant 
AntiVir 7.9.1.59 2009.11.05 TR/PWS.65536 
Antiy-AVL 2.0.3.7 2009.11.05 - 
Authentium 5.2.0.5 2009.11.06 - 
Avast 4.8.1351.0 2009.11.06 - 
AVG 8.5.0.423 2009.11.05 Crypt.BSL 
BitDefender 7.2 2009.11.06 - 
CAT-QuickHeal 10.00 2009.11.06 Trojan.Agent.ATV 
ClamAV 0.94.1 2009.11.06 - 
Comodo 2857 2009.11.06 Heur.Packed.Unknown 
DrWeb 5.0.0.12182 2009.11.06 - 
eTrust-Vet 35.1.7106 2009.11.05 - 
F-Prot 4.5.1.85 2009.11.05 - 
F-Secure 9.0.15370.0 2009.11.04 Suspicious:W32/Malware!Gemini 
Fortinet 3.120.0.0 2009.11.05 - 
GData 19 2009.11.06 - 
Ikarus T3.1.1.74.0 2009.11.06 Virus.Win32.Trojan 
Jiangmin 11.0.800 2009.11.06 - 
K7AntiVirus 7.10.889 2009.11.05 Trojan.Win32.Malware.1 
Kaspersky 7.0.0.125 2009.11.06 - 
McAfee 5793 2009.11.05 - 
McAfee+Artemis 5793 2009.11.05 - 
McAfee-GW-Edition 6.8.5 2009.11.06 Heuristic.LooksLike.Win32.Suspicious.A 
Microsoft 1.5202 2009.11.05 - 
NOD32 4577 2009.11.05 probably a variant of Win32/Agent 
Norman 6.03.02 2009.11.05 W32/Suspicious_Gen.BJDE 
nProtect 2009.1.8.0 2009.11.06 Trojan/W32.Agent.64512.CB 
Panda 10.0.2.2 2009.11.05 Suspicious file 
PCTools 7.0.3.5 2009.11.06 Trojan.Generic 
Prevx 3.0 2009.11.06 - 
Rising 21.54.42.00 2009.11.06 - 
Sophos 4.47.0 2009.11.06 - 
Sunbelt 3.2.1858.2 2009.11.06 - 
Symantec 1.4.4.12 2009.11.06 Trojan Horse 
TheHacker 6.5.0.2.062 2009.11.05 - 
TrendMicro 9.0.0.1003 2009.11.06 TROJ_Generic.ADV 
VBA32 3.12.10.11 2009.11.06 - 
ViRobot 2009.11.6.2025 2009.11.06 - 
VirusBuster 4.6.5.0 2009.11.05 - 
 
Información adicional 
Tamano archivo: 64512 bytes 
MD5...: 8a10f3b76c13737544f459b0adeb5b4e 
SHA1..: c02e8bf2fde0f5039cedd0477689aa5206963518 
SHA256: cc0aaa4b65ad73eb5757906e6f082945b9817df44143da166aa810daf401a1a1 
ssdeep: 1536:xCfF3laI/RH8fPnwAHm5teIgAGav7jny6L0uvOAxEcW:W3la8SfPnK50IgA<BR>JXEgrC<BR> 
PEiD..: - 
PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x1505c<BR>timedatestamp.....: 0x0 (Thu Jan 01 00:00:00 1970)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 4 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.pelock 0x1000 0x11000 0x9200 7.90 5f81b831fa611d1f33bd6b5d1e0e96d6<BR>.pelock 0x12000 0x2000 0x400 6.53 21a0372d34a26b86f66fb899d093c2e0<BR>.rsrc 0x14000 0x1000 0x200 3.14 00009b0197208d5828cec9d4ea9a2d00<BR>.pelock 0x15000 0x7000 0x6200 7.97 c212c589b58726b9a28ee89bb9298c64<BR><BR>( 1 imports ) <BR>&gt; KERNEL32.dll: LoadLibraryA, VirtualAlloc<BR><BR>( 0 exports ) <BR> 
RDS...: NSRL Reference Data Set<BR>- 
pdfid.: - 
trid..: Generic Win/DOS Executable (49.8%)<BR>DOS Executable Generic (49.8%)<BR>Targa bitmap (Original TGA Format) (0.1%)<BR>MS Flight Simulator Aircraft Performance Info (0.0%) 
sigcheck:<BR>publisher....: n/a<BR>copyright....: n/a<BR>product......: n/a<BR>description..: n/a<BR>original name: n/a<BR>internal name: n/a<BR>file version.: n/a<BR>comments.....: n/a<BR>signers......: -<BR>signing date.: -<BR>verified.....: Unsigned<BR> 
packers (Kaspersky): PELock 
packers (F-Prot): PELock 
 
Motor antivirus;Versión;Última actualización;Resultado
a-squared;4.5.0.41;2009.11.06;Virus.Win32.Trojan!IK
AhnLab-V3;5.0.0.2;2009.11.06;Win-Trojan/Xema.variant
AntiVir;7.9.1.59;2009.11.05;TR/PWS.65536
Antiy-AVL;2.0.3.7;2009.11.05;-
Authentium;5.2.0.5;2009.11.06;-
Avast;4.8.1351.0;2009.11.06;-
AVG;8.5.0.423;2009.11.05;Crypt.BSL
BitDefender;7.2;2009.11.06;-
CAT-QuickHeal;10.00;2009.11.06;Trojan.Agent.ATV
ClamAV;0.94.1;2009.11.06;-
Comodo;2857;2009.11.06;Heur.Packed.Unknown
DrWeb;5.0.0.12182;2009.11.06;-
eTrust-Vet;35.1.7106;2009.11.05;-
F-Prot;4.5.1.85;2009.11.05;-
F-Secure;9.0.15370.0;2009.11.04;Suspicious:W32/Malware!Gemini
Fortinet;3.120.0.0;2009.11.05;-
GData;19;2009.11.06;-
Ikarus;T3.1.1.74.0;2009.11.06;Virus.Win32.Trojan
Jiangmin;11.0.800;2009.11.06;-
K7AntiVirus;7.10.889;2009.11.05;Trojan.Win32.Malware.1
Kaspersky;7.0.0.125;2009.11.06;-
McAfee;5793;2009.11.05;-
McAfee+Artemis;5793;2009.11.05;-
McAfee-GW-Edition;6.8.5;2009.11.06;Heuristic.LooksLike.Win32.Suspicious.A
Microsoft;1.5202;2009.11.05;-
NOD32;4577;2009.11.05;probably a variant of Win32/Agent
Norman;6.03.02;2009.11.05;W32/Suspicious_Gen.BJDE
nProtect;2009.1.8.0;2009.11.06;Trojan/W32.Agent.64512.CB
Panda;10.0.2.2;2009.11.05;Suspicious file
PCTools;7.0.3.5;2009.11.06;Trojan.Generic
Prevx;3.0;2009.11.06;-
Rising;21.54.42.00;2009.11.06;-
Sophos;4.47.0;2009.11.06;-
Sunbelt;3.2.1858.2;2009.11.06;-
Symantec;1.4.4.12;2009.11.06;Trojan Horse
TheHacker;6.5.0.2.062;2009.11.05;-
TrendMicro;9.0.0.1003;2009.11.06;TROJ_Generic.ADV
VBA32;3.12.10.11;2009.11.06;-
ViRobot;2009.11.6.2025;2009.11.06;-
VirusBuster;4.6.5.0;2009.11.05;-

Información adicional
Tamano archivo: 64512 bytes
MD5...: 8a10f3b76c13737544f459b0adeb5b4e
SHA1..: c02e8bf2fde0f5039cedd0477689aa5206963518
SHA256: cc0aaa4b65ad73eb5757906e6f082945b9817df44143da166aa810daf401a1a1
ssdeep: 1536:xCfF3laI/RH8fPnwAHm5teIgAGav7jny6L0uvOAxEcW:W3la8SfPnK50IgA<BR>JXEgrC<BR>
PEiD..: -
PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x1505c<BR>timedatestamp.....: 0x0 (Thu Jan 01 00:00:00 1970)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 4 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.pelock 0x1000 0x11000 0x9200 7.90 5f81b831fa611d1f33bd6b5d1e0e96d6<BR>.pelock 0x12000 0x2000 0x400 6.53 21a0372d34a26b86f66fb899d093c2e0<BR>.rsrc 0x14000 0x1000 0x200 3.14 00009b0197208d5828cec9d4ea9a2d00<BR>.pelock 0x15000 0x7000 0x6200 7.97 c212c589b58726b9a28ee89bb9298c64<BR><BR>( 1 imports ) <BR>&gt; KERNEL32.dll: LoadLibraryA, VirtualAlloc<BR><BR>( 0 exports ) <BR>
RDS...: NSRL Reference Data Set<BR>-
pdfid.: -
trid..: Generic Win/DOS Executable (49.8%)<BR>DOS Executable Generic (49.8%)<BR>Targa bitmap (Original TGA Format) (0.1%)<BR>MS Flight Simulator Aircraft Performance Info (0.0%)
sigcheck:<BR>publisher....: n/a<BR>copyright....: n/a<BR>product......: n/a<BR>description..: n/a<BR>original name: n/a<BR>internal name: n/a<BR>file version.: n/a<BR>comments.....: n/a<BR>signers......: -<BR>signing date.: -<BR>verified.....: Unsigned<BR>
packers (Kaspersky): PELock
packers (F-Prot): PELock

4º ARCHIVOS ANALIZADO

Código:

Análisis del archivo NokiaFREE_Calculator_3.20.03.exe recibido el 2009.11.06 09:17:46 (UTC)Motor antivirus Versión Última actualización Resultado 
a-squared 4.5.0.41 2009.11.06 - 
AhnLab-V3 5.0.0.2 2009.11.06 - 
AntiVir 7.9.1.59 2009.11.05 - 
Antiy-AVL 2.0.3.7 2009.11.05 Trojan/Win32.Genome.gen 
Authentium 5.2.0.5 2009.11.06 W32/Heuristic-210!Eldorado 
Avast 4.8.1351.0 2009.11.06 Win32:Trojan-gen 
AVG 8.5.0.423 2009.11.05 Obfustat.ZPW 
BitDefender 7.2 2009.11.06 - 
CAT-QuickHeal 10.00 2009.11.06 - 
ClamAV 0.94.1 2009.11.06 - 
Comodo 2857 2009.11.06 UnclassifiedMalware 
DrWeb 5.0.0.12182 2009.11.06 - 
eSafe 7.0.17.0 2009.11.05 - 
eTrust-Vet 35.1.7106 2009.11.05 - 
F-Prot 4.5.1.85 2009.11.05 W32/Heuristic-210!Eldorado 
F-Secure 9.0.15370.0 2009.11.04 - 
Fortinet 3.120.0.0 2009.11.05 - 
GData 19 2009.11.06 Win32:Trojan-gen 
Ikarus T3.1.1.74.0 2009.11.06 - 
Jiangmin 11.0.800 2009.11.06 Backdoor/Agent.bjng 
K7AntiVirus 7.10.889 2009.11.05 - 
Kaspersky 7.0.0.125 2009.11.06 - 
McAfee 5793 2009.11.05 - 
McAfee+Artemis 5793 2009.11.05 - 
McAfee-GW-Edition 6.8.5 2009.11.06 - 
Microsoft 1.5202 2009.11.05 - 
NOD32 4577 2009.11.05 probably a variant of Win32/Agent 
Norman 6.03.02 2009.11.05 Suspicious_F.gen.dropper 
nProtect 2009.1.8.0 2009.11.06 - 
Panda 10.0.2.2 2009.11.05 Suspicious file 
PCTools 7.0.3.5 2009.11.06 - 
Prevx 3.0 2009.11.06 Medium Risk Malware 
Rising 21.54.42.00 2009.11.06 - 
Sophos 4.47.0 2009.11.06 Mal/Generic-A 
Sunbelt 3.2.1858.2 2009.11.06 - 
Symantec 1.4.4.12 2009.11.06 - 
TheHacker 6.5.0.2.062 2009.11.05 - 
TrendMicro 9.0.0.1003 2009.11.06 PAK_Generic.008 
VBA32 3.12.10.11 2009.11.06 - 
ViRobot 2009.11.6.2025 2009.11.06 - 
VirusBuster 4.6.5.0 2009.11.05 Packed/FSG 
 
Información adicional 
Tamano archivo: 397019 bytes 
MD5...: 326ae37668c28db5943246fbc258fe48 
SHA1..: c45ed38347c16264b398035720f27ce52c9483b2 
SHA256: 0f2839724868be27ca28ccd6684019fb86b30ed7422b9c1278e09b8d71736b95 
ssdeep: 12288:8ig/Rm7jtT77FM0jV+ybyeuDLj9eJdO5NKn8OP:8fiZ35AeuD39eJdMNU<BR> 
PEiD..: - 
PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x3c53<BR>timedatestamp.....: 0x41b097a7 (Fri Dec 03 16:43:19 2004)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 5 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x1000 0x5a4a 0x5c00 6.37 11a984cfd0f682687859dbd0aad00009<BR>.rdata 0x7000 0x10b4 0x1200 4.99 3e805a35b825962484e84513e732e342<BR>.data 0x9000 0x1b3f4 0x400 5.12 05f31d9fa1507144f86829dc366a6daa<BR>.ndata 0x25000 0x8000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e<BR>.rsrc 0x2d000 0x1000 0xa00 3.03 6ef134257566d8e4dcf750a46222a3ce<BR><BR>( 8 imports ) <BR>&gt; COMCTL32.dll: -, ImageList_AddMasked, ImageList_Destroy, ImageList_Create<BR>&gt; KERNEL32.dll: ExpandEnvironmentStringsA, GetEnvironmentVariableA, lstrcmpiA, CloseHandle, SetFileTime, GetFileAttributesA, CompareFileTime, SearchPathA, GetShortPathNameA, GetFullPathNameA, MoveFileA, lstrcatA, SetCurrentDirectoryA, CreateDirectoryA, SetFileAttributesA, Sleep, CreateFileA, GetFileSize, GetModuleFileNameA, GetTickCount, GetCurrentProcess, CopyFileA, ExitProcess, WaitForSingleObject, GetCommandLineA, GetWindowsDirectoryA, GetTempPathA, GetUserDefaultLangID, GetDiskFreeSpaceA, GlobalUnlock, GlobalLock, GlobalAlloc, CreateThread, CreateProcessA, RemoveDirectoryA, GetTempFileNameA, SetEndOfFile, UnmapViewOfFile, MapViewOfFile, CreateFileMappingA, lstrcpyA, lstrlenA, GetSystemDirectoryA, GlobalFree, MulDiv, DeleteFileA, FindFirstFileA, FindNextFileA, FindClose, GetExitCodeProcess, SetErrorMode, GetModuleHandleA, SetFilePointer, LoadLibraryA, GetProcAddress, FreeLibrary, MultiByteToWideChar, WritePrivateProfileStringA, GetPrivateProfileStringA, WriteFile, ReadFile, lstrcpynA<BR>&gt; USER32.dll: ExitWindowsEx, CharNextA, DialogBoxParamA, GetClassInfoA, CreateWindowExA, SystemParametersInfoA, RegisterClassA, EndDialog, ScreenToClient, GetWindowRect, SetClassLongA, IsWindowEnabled, SetWindowPos, GetSysColor, GetWindowLongA, LoadCursorA, SetCursor, CheckDlgButton, GetMessagePos, LoadBitmapA, CallWindowProcA, IsWindowVisible, CloseClipboard, SetClipboardData, EmptyClipboard, OpenClipboard, TrackPopupMenu, AppendMenuA, CreatePopupMenu, GetSystemMetrics, SetDlgItemTextA, GetDlgItemTextA, MessageBoxA, CharPrevA, CreateDialogParamA, DestroyWindow, SetTimer, SetWindowTextA, PostQuitMessage, SetForegroundWindow, ShowWindow, wsprintfA, SendMessageTimeoutA, FindWindowExA, IsWindow, GetDlgItem, SetWindowLongA, LoadImageA, GetDC, EnableWindow, DispatchMessageA, InvalidateRect, SendMessageA, DefWindowProcA, BeginPaint, GetClientRect, FillRect, DrawTextA, EndPaint, PeekMessageA<BR>&gt; GDI32.dll: GetDeviceCaps, DeleteObject, CreateBrushIndirect, CreateFontIndirectA, SetBkMode, SetTextColor, SetBkColor, SelectObject<BR>&gt; ADVAPI32.dll: RegEnumValueA, RegQueryValueExA, RegSetValueExA, RegCreateKeyExA, RegOpenKeyExA, RegDeleteKeyA, RegDeleteValueA, RegCloseKey, RegEnumKeyA<BR>&gt; SHELL32.dll: ShellExecuteA, SHBrowseForFolderA, SHGetPathFromIDListA, SHGetMalloc, SHGetSpecialFolderLocation, SHFileOperationA<BR>&gt; ole32.dll: OleInitialize, OleUninitialize, CoCreateInstance<BR>&gt; VERSION.dll: GetFileVersionInfoSizeA, GetFileVersionInfoA, VerQueryValueA<BR><BR>( 0 exports ) <BR> 
RDS...: NSRL Reference Data Set<BR>- 
pdfid.: - 
trid..: Win32 Executable MS Visual C++ (generic) (65.2%)<BR>Win32 Executable Generic (14.7%)<BR>Win32 Dynamic Link Library (generic) (13.1%)<BR>Generic Win/DOS Executable (3.4%)<BR>DOS Executable Generic (3.4%) 
sigcheck:<BR>publisher....: n/a<BR>copyright....: n/a<BR>product......: n/a<BR>description..: n/a<BR>original name: n/a<BR>internal name: n/a<BR>file version.: n/a<BR>comments.....: n/a<BR>signers......: -<BR>signing date.: -<BR>verified.....: Unsigned<BR> 
&lt;a href='http://info.prevx.com/aboutprogramtext.asp?PX5=0D0D749ADBDFF2160E5606D43B0C47001536300E' target='_blank'&gt;http://info.prevx.com/aboutprogramtext.asp?PX5=0D0D749ADBDFF2160E5606D43B0C47001536300E&lt;/a&gt; 
packers (Kaspersky): FSG 
packers (F-Prot): NSIS, FSG 
packers (Authentium): NSIS, FSG 
 
Motor antivirus;Versión;Última actualización;Resultado
a-squared;4.5.0.41;2009.11.06;-
AhnLab-V3;5.0.0.2;2009.11.06;-
AntiVir;7.9.1.59;2009.11.05;-
Antiy-AVL;2.0.3.7;2009.11.05;Trojan/Win32.Genome.gen
Authentium;5.2.0.5;2009.11.06;W32/Heuristic-210!Eldorado
Avast;4.8.1351.0;2009.11.06;Win32:Trojan-gen
AVG;8.5.0.423;2009.11.05;Obfustat.ZPW
BitDefender;7.2;2009.11.06;-
CAT-QuickHeal;10.00;2009.11.06;-
ClamAV;0.94.1;2009.11.06;-
Comodo;2857;2009.11.06;UnclassifiedMalware
DrWeb;5.0.0.12182;2009.11.06;-
eSafe;7.0.17.0;2009.11.05;-
eTrust-Vet;35.1.7106;2009.11.05;-
F-Prot;4.5.1.85;2009.11.05;W32/Heuristic-210!Eldorado
F-Secure;9.0.15370.0;2009.11.04;-
Fortinet;3.120.0.0;2009.11.05;-
GData;19;2009.11.06;Win32:Trojan-gen
Ikarus;T3.1.1.74.0;2009.11.06;-
Jiangmin;11.0.800;2009.11.06;Backdoor/Agent.bjng
K7AntiVirus;7.10.889;2009.11.05;-
Kaspersky;7.0.0.125;2009.11.06;-
McAfee;5793;2009.11.05;-
McAfee+Artemis;5793;2009.11.05;-
McAfee-GW-Edition;6.8.5;2009.11.06;-
Microsoft;1.5202;2009.11.05;-
NOD32;4577;2009.11.05;probably a variant of Win32/Agent
Norman;6.03.02;2009.11.05;Suspicious_F.gen.dropper
nProtect;2009.1.8.0;2009.11.06;-
Panda;10.0.2.2;2009.11.05;Suspicious file
PCTools;7.0.3.5;2009.11.06;-
Prevx;3.0;2009.11.06;Medium Risk Malware
Rising;21.54.42.00;2009.11.06;-
Sophos;4.47.0;2009.11.06;Mal/Generic-A
Sunbelt;3.2.1858.2;2009.11.06;-
Symantec;1.4.4.12;2009.11.06;-
TheHacker;6.5.0.2.062;2009.11.05;-
TrendMicro;9.0.0.1003;2009.11.06;PAK_Generic.008
VBA32;3.12.10.11;2009.11.06;-
ViRobot;2009.11.6.2025;2009.11.06;-
VirusBuster;4.6.5.0;2009.11.05;Packed/FSG

Información adicional
Tamano archivo: 397019 bytes
MD5...: 326ae37668c28db5943246fbc258fe48
SHA1..: c45ed38347c16264b398035720f27ce52c9483b2
SHA256: 0f2839724868be27ca28ccd6684019fb86b30ed7422b9c1278e09b8d71736b95
ssdeep: 12288:8ig/Rm7jtT77FM0jV+ybyeuDLj9eJdO5NKn8OP:8fiZ35AeuD39eJdMNU<BR>
PEiD..: -
PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x3c53<BR>timedatestamp.....: 0x41b097a7 (Fri Dec 03 16:43:19 2004)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 5 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x1000 0x5a4a 0x5c00 6.37 11a984cfd0f682687859dbd0aad00009<BR>.rdata 0x7000 0x10b4 0x1200 4.99 3e805a35b825962484e84513e732e342<BR>.data 0x9000 0x1b3f4 0x400 5.12 05f31d9fa1507144f86829dc366a6daa<BR>.ndata 0x25000 0x8000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e<BR>.rsrc 0x2d000 0x1000 0xa00 3.03 6ef134257566d8e4dcf750a46222a3ce<BR><BR>( 8 imports ) <BR>&gt; COMCTL32.dll: -, ImageList_AddMasked, ImageList_Destroy, ImageList_Create<BR>&gt; KERNEL32.dll: ExpandEnvironmentStringsA, GetEnvironmentVariableA, lstrcmpiA, CloseHandle, SetFileTime, GetFileAttributesA, CompareFileTime, SearchPathA, GetShortPathNameA, GetFullPathNameA, MoveFileA, lstrcatA, SetCurrentDirectoryA, CreateDirectoryA, SetFileAttributesA, Sleep, CreateFileA, GetFileSize, GetModuleFileNameA, GetTickCount, GetCurrentProcess, CopyFileA, ExitProcess, WaitForSingleObject, GetCommandLineA, GetWindowsDirectoryA, GetTempPathA, GetUserDefaultLangID, GetDiskFreeSpaceA, GlobalUnlock, GlobalLock, GlobalAlloc, CreateThread, CreateProcessA, RemoveDirectoryA, GetTempFileNameA, SetEndOfFile, UnmapViewOfFile, MapViewOfFile, CreateFileMappingA, lstrcpyA, lstrlenA, GetSystemDirectoryA, GlobalFree, MulDiv, DeleteFileA, FindFirstFileA, FindNextFileA, FindClose, GetExitCodeProcess, SetErrorMode, GetModuleHandleA, SetFilePointer, LoadLibraryA, GetProcAddress, FreeLibrary, MultiByteToWideChar, WritePrivateProfileStringA, GetPrivateProfileStringA, WriteFile, ReadFile, lstrcpynA<BR>&gt; USER32.dll: ExitWindowsEx, CharNextA, DialogBoxParamA, GetClassInfoA, CreateWindowExA, SystemParametersInfoA, RegisterClassA, EndDialog, ScreenToClient, GetWindowRect, SetClassLongA, IsWindowEnabled, SetWindowPos, GetSysColor, GetWindowLongA, LoadCursorA, SetCursor, CheckDlgButton, GetMessagePos, LoadBitmapA, CallWindowProcA, IsWindowVisible, CloseClipboard, SetClipboardData, EmptyClipboard, OpenClipboard, TrackPopupMenu, AppendMenuA, CreatePopupMenu, GetSystemMetrics, SetDlgItemTextA, GetDlgItemTextA, MessageBoxA, CharPrevA, CreateDialogParamA, DestroyWindow, SetTimer, SetWindowTextA, PostQuitMessage, SetForegroundWindow, ShowWindow, wsprintfA, SendMessageTimeoutA, FindWindowExA, IsWindow, GetDlgItem, SetWindowLongA, LoadImageA, GetDC, EnableWindow, DispatchMessageA, InvalidateRect, SendMessageA, DefWindowProcA, BeginPaint, GetClientRect, FillRect, DrawTextA, EndPaint, PeekMessageA<BR>&gt; GDI32.dll: GetDeviceCaps, DeleteObject, CreateBrushIndirect, CreateFontIndirectA, SetBkMode, SetTextColor, SetBkColor, SelectObject<BR>&gt; ADVAPI32.dll: RegEnumValueA, RegQueryValueExA, RegSetValueExA, RegCreateKeyExA, RegOpenKeyExA, RegDeleteKeyA, RegDeleteValueA, RegCloseKey, RegEnumKeyA<BR>&gt; SHELL32.dll: ShellExecuteA, SHBrowseForFolderA, SHGetPathFromIDListA, SHGetMalloc, SHGetSpecialFolderLocation, SHFileOperationA<BR>&gt; ole32.dll: OleInitialize, OleUninitialize, CoCreateInstance<BR>&gt; VERSION.dll: GetFileVersionInfoSizeA, GetFileVersionInfoA, VerQueryValueA<BR><BR>( 0 exports ) <BR>
RDS...: NSRL Reference Data Set<BR>-
pdfid.: -
trid..: Win32 Executable MS Visual C++ (generic) (65.2%)<BR>Win32 Executable Generic (14.7%)<BR>Win32 Dynamic Link Library (generic) (13.1%)<BR>Generic Win/DOS Executable (3.4%)<BR>DOS Executable Generic (3.4%)
sigcheck:<BR>publisher....: n/a<BR>copyright....: n/a<BR>product......: n/a<BR>description..: n/a<BR>original name: n/a<BR>internal name: n/a<BR>file version.: n/a<BR>comments.....: n/a<BR>signers......: -<BR>signing date.: -<BR>verified.....: Unsigned<BR>
&lt;a href='http://info.prevx.com/aboutprogramtext.asp?PX5=0D0D749ADBDFF2160E5606D43B0C47001536300E' target='_blank'&gt;http://info.prevx.com/aboutprogramtext.asp?PX5=0D0D749ADBDFF2160E5606D43B0C47001536300E&lt;/a&gt;
packers (Kaspersky): FSG
packers (F-Prot): NSIS, FSG
packers (Authentium): NSIS, FSG

Pues esto es todo, ya me dices algo un saludo y gracias

post #20

06/11/09, 08:24:52

dadena

Usuario

Registrado: nov 2009

Ubicación: Casas Ibañez

Mensajes: 23

Re: Search Settings 1.2.2 ,no se lo que es

Hola solo he podido realizar el proceso express el completo a medio me sale, se a producido un problema y debe cerrarse

te pego el reporte del analisis express

solo me sale una hoja de excel y pone:
inicom3.dll C:\WINDOWS\system32

espero tu respuesta

Página 2 de 4

« Tema Anterior | Próximo Tema »

Herramientas
Mostrar Versión Imprimible Enviar por Correo

Reglas del foro
No puedes crear nuevos temas No puedes responder temas No puedes subir adjuntos No puedes editar tus mensajes BB code is activado Las caritas están activado Código [IMG] está activado Código HTML está desactivado Trackbacks are desactivado Pingbacks are activado Refbacks are activado Políticas del foro

Temas Similares

Tema	Autor	Foro	Respuestas	Último mensaje
Mi Ordenador se reinicia solo	Nedir	Foro de Virus y Spywares	15	23/03/09 15:55:44
problema con un tal Search Settings al cargar windows (Solucionado)	jeanbernal	Temas Solucionados	2	27/01/08 22:47:33
Search Settings (solucionado)	ese_nelson	Temas Solucionados	3	16/01/08 12:28:43
Virus, trojans... etc auxilio	ivan_silver	Foro de Virus y Spywares	11	08/12/07 16:44:51
PROBLEMA CON VIRUSCAN ENTERPRISE 8.1i+ MODULO ANTIESPIA Y SVCHOST.EXE (Terminado)	tav	Temas Solucionados	6	27/04/06 11:11:11

Todas las horas son GMT -4. La hora es 03:25:42.

InfoSpyware es miembro de ASAP - Alliance of Security Analysis Professionals

Foro de InfoSpyware - Foro de Hijackthis - Foro de Virus