• Registrarse
  • Iniciar sesión


  • Página 4 de 4 PrimeroPrimero 1234
    Resultados 31 al 38 de 38

    computador infectado

    Originalmente publicado por M4RTYN Hola espero el reporte de malwarebytes (donde eliminas las amenazas) y el del Dr. WEB amigo como hago para recuperar mi c arpeta archivos de programa se me olvido los pasos ...

    1. #31
      eddiec46
      No Registrado Avatar de eddiec46

      Re: computador infectado

      Cita Originalmente publicado por M4RTYN Ver Mensaje
      Hola espero el reporte de malwarebytes (donde eliminas las amenazas) y el del Dr. WEB
      amigo como hago para recuperar mi c arpeta archivos de programa se me olvido los pasos y no los encuentro se que empezaba por ejecutar % algo asi gracias

    2. #32
      Usuario Avatar de M4RTYN
      Registrado
      jun 2012
      Ubicación
      Ecuador
      Mensajes
      5.520

      Re: computador infectado

      no entendi explicate bien porfavor amigo

    3. #33
      eddiec46
      No Registrado Avatar de eddiec46

      Re: computador infectado

      hola M4RTIN pase el usbfix y este estos son los informes gracias y espero las indicaciones de lo que debo hacer y cual es el estado actual de mi laptop muchas gracias

      ############################## | UsbFix V 7.096 | [Buscar]

      Usuario: usuario (Administrador) # USUARIO-PC
      Actualizado el 15/08/2012 por El Desaparecido
      Comenzó a 16:06:36 | 12/11/2012

      Sitio web: http://eldesaparecido.com
      Foro: SoSVirus • Portail
      Archivo sospechoso ? : http://eldesaparecido.com/upload.php
      Contacto: [email protected]

      PC: Hewlett-Packard (Compaq Presario CQ40 Notebook PC) (X86-based PC) # Notebook
      CPU: AMD Sempron(tm) SI-42 (2100)
      RAM -> [Total : 1790 | Free : 1379]
      BIOS: Default System BIOS
      BOOT: Fail-safe boot

      OS: Microsoft Windows 7 Home Basic (6.1.7601 32-Bit) # Service Pack 1
      WB: Windows Internet Explorer 9.0.8112.16421

      SC: Security Center Service [Enabled]
      WU: Windows Update Service [Enabled]
      AV: avast! Antivirus [Enabled | Updated]
      FW: Windows FireWall Service [(!) Disabled]

      C:\ (%systemdrive%) -> Disco fijo # 220 Gb (161 Mb libre(s) - 73%) [] # NTFS
      D:\ -> Disco fijo # 12 Gb (2 Mb libre(s) - 16%) [RECOVERY] # NTFS
      E:\ -> CD-ROM
      G:\ -> Disco extraíble # 4 Gb (1 Mb libre(s) - 41%) [KINGSTON] # FAT32

      ################## | Procesos Activos |

      C:\Windows\system32\csrss.exe (324)
      C:\Windows\system32\wininit.exe (360)
      C:\Windows\system32\csrss.exe (368)
      C:\Windows\system32\winlogon.exe (396)
      C:\Windows\system32\services.exe (452)
      C:\Windows\system32\lsass.exe (460)
      C:\Windows\system32\lsm.exe (468)
      C:\Windows\system32\svchost.exe (588)
      C:\Windows\system32\svchost.exe (660)
      C:\Windows\System32\svchost.exe (744)
      C:\Windows\system32\svchost.exe (792)
      C:\Windows\system32\svchost.exe (828)
      C:\Windows\system32\svchost.exe (868)
      C:\Windows\Explorer.EXE (1060)
      C:\Windows\system32\ctfmon.exe (1104)
      C:\UsbFix\Go.exe (1672)
      C:\Windows\system32\wbem\wmiprvse.exe (1788)
      C:\Windows\System32\svchost.exe (1892)
      C:\Windows\system32\wbem\wmiprvse.exe (1148)
      C:\Program Files\Alwil Software\Avast5\AvastUI.exe (932)

      ################## | Archivos # Carpetas infectadas |

      Encontrado ! C:\Windows\system32\secushr.dat

      ################## | Registro |


      ################## | Mountpoints2 |

      HKCU\.\.\.\.\Explorer\MountPoints2\F
      Shell\AutoRun\Command = F:\AutoRun.exe

      HKCU\.\.\.\.\Explorer\MountPoints2\{06b84ce1-3866-11e0-a4d4-705ab68a1a0a}
      Shell\AutoRun\Command = F:\AutoRun.exe

      HKCU\.\.\.\.\Explorer\MountPoints2\{06b84cf1-3866-11e0-a4d4-705ab68a1a0a}
      Shell\AutoRun\Command = F:\AutoRun.exe

      HKCU\.\.\.\.\Explorer\MountPoints2\{06b84d10-3866-11e0-a4d4-705ab68a1a0a}
      Shell\AutoRun\Command = G:\AutoRun.exe

      HKCU\.\.\.\.\Explorer\MountPoints2\{3af8402e-8d65-11e0-b2a1-705ab68a1a0a}
      Shell\AutoRun\Command = F:\AutoRun.exe

      HKCU\.\.\.\.\Explorer\MountPoints2\{f56fc3a0-3b6c-11e0-9836-705ab68a1a0a}
      Shell\AutoRun\Command = F:\AutoRun.exe



      ################## | Vaccin |

      C:\Autorun.inf -> Vacuna creada por UsbFix (El Desaparecido)
      D:\Autorun.inf -> Vacuna creada por UsbFix (El Desaparecido)

      ################## | E.O.F |

      ############################## | UsbFix V 7.096 | [Supresión]

      Usuario: usuario (Administrador) # USUARIO-PC
      Actualizado el 15/08/2012 por El Desaparecido
      Comenzó a 16:20:11 | 12/11/2012

      Sitio web: http://eldesaparecido.com
      Foro: SoSVirus • Portail
      Archivo sospechoso ? : http://eldesaparecido.com/upload.php
      Contacto: [email protected]

      PC: Hewlett-Packard (Compaq Presario CQ40 Notebook PC) (X86-based PC) # Notebook
      CPU: AMD Sempron(tm) SI-42 (2100)
      RAM -> [Total : 1790 | Free : 1233]
      BIOS: Default System BIOS
      BOOT: Fail-safe boot

      OS: Microsoft Windows 7 Home Basic (6.1.7601 32-Bit) # Service Pack 1
      WB: Windows Internet Explorer 9.0.8112.16421

      SC: Security Center Service [Enabled]
      WU: Windows Update Service [Enabled]
      AV: avast! Antivirus [Enabled | Updated]
      FW: Windows FireWall Service [(!) Disabled]

      C:\ (%systemdrive%) -> Disco fijo # 220 Gb (161 Mb libre(s) - 73%) [] # NTFS
      D:\ -> Disco fijo # 12 Gb (2 Mb libre(s) - 16%) [RECOVERY] # NTFS
      E:\ -> CD-ROM
      G:\ -> Disco extraíble # 4 Gb (1 Mb libre(s) - 41%) [KINGSTON] # FAT32

      ################## | Procesos Activos |

      C:\Windows\system32\csrss.exe (324)
      C:\Windows\system32\wininit.exe (360)
      C:\Windows\system32\csrss.exe (368)
      C:\Windows\system32\winlogon.exe (396)
      C:\Windows\system32\services.exe (452)
      C:\Windows\system32\lsass.exe (460)
      C:\Windows\system32\lsm.exe (468)
      C:\Windows\system32\svchost.exe (588)
      C:\Windows\system32\svchost.exe (660)
      C:\Windows\System32\svchost.exe (744)
      C:\Windows\system32\svchost.exe (792)
      C:\Windows\system32\svchost.exe (828)
      C:\Windows\system32\svchost.exe (868)
      C:\Windows\Explorer.EXE (1060)
      C:\Windows\system32\ctfmon.exe (1104)
      C:\Windows\System32\svchost.exe (1892)
      C:\Program Files\Alwil Software\Avast5\AvastUI.exe (932)
      C:\UsbFix\Go.exe (1024)
      C:\Windows\system32\wbem\wmiprvse.exe (724)

      ################## | Procesos Parados |

      Parado! C:\Windows\Explorer.EXE (1060)
      Parado! C:\Windows\system32\ctfmon.exe (1104)
      Parado! C:\Program Files\Alwil Software\Avast5\AvastUI.exe (932)

      ################## | Archivos # Carpetas infectadas |

      Suprimido ! C:\Windows\system32\secushr.dat
      Suprimido ! C:\$RECYCLE.BIN\S-1-5-21-1566015511-699146705-4091246716-500
      Suprimido ! C:\$RECYCLE.BIN\S-1-5-21-3836215904-2481790394-1914173299-1000
      Suprimido ! C:\$RECYCLE.BIN\S-1-5-21-3836215904-2481790394-1914173299-500
      Suprimido ! D:\$RECYCLE.BIN\S-1-5-21-3836215904-2481790394-1914173299-1000
      Suprimido ! D:\$RECYCLE.BIN\S-1-5-21-3836215904-2481790394-1914173299-500

      (!) Archivos temporales suprimido.

      ################## | Registro |


      ################## | Mountpoints2 |

      Suprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\F
      Suprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{06b84ce1-3866-11e0-a4d4-705ab68a1a0a}
      Suprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{06b84d10-3866-11e0-a4d4-705ab68a1a0a}
      Suprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{3af8402e-8d65-11e0-b2a1-705ab68a1a0a}
      Suprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{f56fc3a0-3b6c-11e0-9836-705ab68a1a0a}

      ################## | Listing |

      [12/11/2012 - 16:20:57 | SHD ] C:\$Recycle.Bin
      [01/02/2010 - 14:38:49 | D ] C:\Archivos de programa
      [11/11/2012 - 23:22:48 | D ] C:\ATI
      [10/06/2009 - 16:42:20 | N | 24] C:\autoexec.bat
      [19/10/2012 - 17:07:07 | RASHD ] C:\Autorun.inf
      [06/11/2012 - 14:01:41 | SHD ] C:\boot
      [13/07/2009 - 20:38:58 | RASH | 383562] C:\bootmgr
      [12/11/2012 - 14:54:03 | D ] C:\clases english
      [12/11/2012 - 11:22:20 | D ] C:\Config.Msi
      [10/06/2009 - 16:42:20 | N | 10] C:\config.sys
      [22/10/2012 - 22:26:10 | N | 274] C:\CorelDRAW Graphics Suite X6.txt
      [13/07/2009 - 23:53:55 | SHD ] C:\Documents and Settings
      [12/11/2012 - 13:15:00 | D ] C:\Downloads
      [27/10/2012 - 19:19:06 | N | 3740] C:\DrWeb.csv
      [15/05/2010 - 20:17:31 | N | 363] C:\Equipo - Acceso directo.lnk
      [12/11/2012 - 15:58:07 | ASH | 1407574016] C:\hiberfil.sys
      [12/01/2010 - 09:12:21 | D ] C:\HP
      [20/06/2010 - 18:23:28 | N | 0] C:\IO.SYS
      [20/06/2010 - 18:23:28 | N | 0] C:\MSDOS.SYS
      [02/03/2010 - 00:04:00 | RHD ] C:\MSOCache
      [12/11/2012 - 15:58:10 | ASH | 1876766720] C:\pagefile.sys
      [13/07/2009 - 21:37:05 | D ] C:\PerfLogs
      [12/11/2012 - 00:19:12 | D ] C:\Program Files
      [12/11/2012 - 15:55:34 | HD ] C:\ProgramData
      [01/02/2010 - 14:41:08 | SHD ] C:\Recovery
      [13/06/2011 - 20:13:53 | N | 355] C:\Red - Acceso directo.lnk
      [11/11/2012 - 23:37:35 | D ] C:\SwSetup
      [12/11/2012 - 15:27:28 | SHD ] C:\System Volume Information
      [01/02/2010 - 14:41:18 | D ] C:\SYSTEM.SAV
      [12/11/2012 - 16:20:57 | D ] C:\UsbFix
      [12/11/2012 - 16:20:29 | A | 2135] C:\UsbFix.txt
      [01/02/2010 - 14:39:08 | D ] C:\Users
      [12/11/2012 - 15:58:08 | D ] C:\Windows
      [24/06/2011 - 13:08:11 | D ] C:\Zylom Games
      [12/11/2012 - 16:20:57 | SHD ] D:\$RECYCLE.BIN
      [19/10/2012 - 17:07:11 | RASHD ] D:\Autorun.inf
      [01/02/2010 - 15:09:04 | SHD ] D:\boot
      [14/07/2009 - 13:39:00 | ASH | 383562] D:\bootmgr
      [01/02/2010 - 15:09:04 | N | 0] D:\BT_COMPAQ.FLG
      [12/01/2010 - 08:49:03 | N | 432] D:\CSP.DAT
      [12/01/2010 - 08:59:38 | N | 11403] D:\DeployRp.log
      [22/10/2012 - 11:44:20 | D ] D:\Hoja de Vida
      [01/02/2010 - 15:09:04 | D ] D:\hp
      [01/02/2010 - 15:08:54 | N | 8] D:\HP_WSD.dat
      [01/02/2010 - 15:09:04 | N | 22] D:\language.ini
      [01/02/2010 - 15:09:04 | SHD ] D:\preload
      [01/02/2010 - 15:09:04 | SD ] D:\Recovery
      [12/01/2010 - 08:59:33 | N | 0] D:\RPCONFIG.LOG
      [02/03/2010 - 00:23:17 | SHD ] D:\System Volume Information
      [01/02/2010 - 15:09:05 | D ] D:\system.sav
      [26/08/2012 - 09:49:26 | N | 33571355] G:\Beljavsky & Karpov - La defensa Caro-Kann con blancas y negras.pdf
      [05/09/2012 - 19:06:02 | D ] G:\hoja de vida v.3_copy
      [12/10/2012 - 12:56:42 | D ] G:\soportes
      [16/10/2012 - 14:59:42 | N | 6810104] G:\PowerISO5.exe
      [12/10/2012 - 1022 | N | 2763599] G:\hoja de vida v.3_copy.pdf
      [15/10/2012 - 16:37:18 | N | 7921688] G:\RevoUninProSetup.exe
      [15/10/2012 - 17:24:36 | N | 6775934] G:\FlashGet___OrbitDownloader (1).rar
      [15/10/2012 - 19:39:20 | N | 373440] G:\SoftonicDownloader_para_dvd-shrink.exe
      [09/01/2012 - 03:38:28 | N | 8041792] G:\flashget3.7.0.1195en.exe
      [15/10/2012 - 23:14:38 | N | 5110212] G:\Gta San Andreas By EliteMaster.rar
      [19/10/2012 - 17:07:16 | RASHD ] G:\Autorun.inf
      [22/10/2012 - 08:57:40 | N | 84043] G:\colamerica2.jpg
      [22/10/2012 - 09:00:56 | N | 94767] G:\COL A 1.docx
      [22/10/2012 - 11:26:28 | N | 88261] G:\colamerica2.pdf
      [22/10/2012 - 13:40:56 | N | 2911321] G:\CV5.pdf
      [22/10/2012 - 19:01:44 | N | 1151121] G:\CV5.1..pdf
      [14/12/2011 - 16:20:56 | N | 23470] G:\INVT. ELEMT A.C.P.xlsx
      [22/10/2012 - 12:09:52 | D ] G:\Curiculum Vitae
      [12/10/2012 - 1022 | N | 2763599] G:\~$hoja de vida v.3_copy.pdf
      [22/10/2012 - 13:53:08 | N | 2179687] G:\CV5.1.1.pdf
      [01/11/2012 - 13:30:26 | N | 222803] G:\Scan0012.pdf
      [28/02/2012 - 13:02:26 | D ] G:\eder2
      [13/06/2012 - 12:27:12 | D ] G:\cursos sena
      [28/06/2012 - 11:34:26 | D ] G:\CHESS
      [17/02/2003 - 18:04:48 | N | 24576] G:\Install.exe
      [20/10/2012 - 17:08:42 | N | 2191] G:\KasparovChess.dat
      [03/06/2003 - 18:13:14 | N | 712704] G:\KasparovChess.exe
      [03/06/2003 - 1820 | N | 9436044] G:\KasparovChess.RB
      [19/09/2010 - 08:21:20 | D ] G:\historic games
      [19/09/2010 - 08:21:20 | D ] G:\music
      [19/09/2010 - 08:19:14 | D ] G:\ReflexiveArcade
      [07/01/2007 - 23:14:48 | N | 42] G:\##Attributes.ini
      [26/06/2001 - 11:22:50 | N | 41043] G:\ceutil.dll
      [15/05/2003 - 13:17:46 | N | 206336] G:\dsetup32.dll
      [15/05/2003 - 13:17:44 | N | 35328] G:\DSETUP.dll
      [15/05/2003 - 15:18:50 | N | 130560] G:\fmod.dll
      [19/09/2010 - 11:38:28 | N | 504] G:\Hexacto.reg
      [03/09/2004 - 18:44:12 | D ] G:\replays
      [03/09/2004 - 18:45:08 | D ] G:\savegames
      [30/07/2012 - 16:17:58 | D ] G:\motores
      [26/08/2012 - 09:57:58 | N | 516139] G:\AT-Destroyer.exe
      [26/08/2012 - 10:42:04 | N | 18808429] G:\Dangerous weapons The Pirc & Modern.pdf

      ################## | Vaccin |

      C:\Autorun.inf -> Vacuna creada por UsbFix (El Desaparecido)
      D:\Autorun.inf -> Vacuna creada por UsbFix (El Desaparecido)
      G:\Autorun.inf -> Vacuna creada por UsbFix (El Desaparecido)

      ################## | E.O.F |


      ############################## | UsbFix V 7.096 | [Listing]

      Usuario: usuario (Administrador) # USUARIO-PC
      Actualizado el 15/08/2012 por El Desaparecido
      Comenzó a 16:44:32 | 12/11/2012

      Sitio web: http://eldesaparecido.com
      Foro: SoSVirus • Portail
      Archivo sospechoso ? : http://eldesaparecido.com/upload.php
      Contacto: [email protected]

      PC: Hewlett-Packard (Compaq Presario CQ40 Notebook PC) (X86-based PC) # Notebook
      CPU: AMD Sempron(tm) SI-42 (2100)
      RAM -> [Total : 1790 | Free : 1321]
      BIOS: Default System BIOS
      BOOT: Fail-safe boot

      OS: Microsoft Windows 7 Home Basic (6.1.7601 32-Bit) # Service Pack 1
      WB: Windows Internet Explorer 9.0.8112.16421

      SC: Security Center Service [Enabled]
      WU: Windows Update Service [Enabled]
      AV: avast! Antivirus [Enabled | Updated]
      FW: Windows FireWall Service [(!) Disabled]

      C:\ (%systemdrive%) -> Disco fijo # 220 Gb (160 Mb libre(s) - 73%) [] # NTFS
      D:\ -> Disco fijo # 12 Gb (2 Mb libre(s) - 16%) [RECOVERY] # NTFS
      E:\ -> CD-ROM
      G:\ -> Disco extraíble # 4 Gb (1 Mb libre(s) - 41%) [KINGSTON] # FAT32

      ################## | Listing |

      [12/11/2012 - 16:20:57 | SHD ] C:\$Recycle.Bin
      [01/02/2010 - 14:38:49 | D ] C:\Archivos de programa
      [11/11/2012 - 23:22:48 | D ] C:\ATI
      [10/06/2009 - 16:42:20 | N | 24] C:\autoexec.bat
      [12/11/2012 - 16:22:09 | RASHD ] C:\Autorun.inf
      [06/11/2012 - 14:01:41 | SHD ] C:\boot
      [13/07/2009 - 20:38:58 | RASH | 383562] C:\bootmgr
      [12/11/2012 - 14:54:03 | D ] C:\clases english
      [12/11/2012 - 11:22:20 | D ] C:\Config.Msi
      [10/06/2009 - 16:42:20 | N | 10] C:\config.sys
      [22/10/2012 - 22:26:10 | N | 274] C:\CorelDRAW Graphics Suite X6.txt
      [13/07/2009 - 23:53:55 | SHD ] C:\Documents and Settings
      [12/11/2012 - 13:15:00 | D ] C:\Downloads
      [27/10/2012 - 19:19:06 | N | 3740] C:\DrWeb.csv
      [15/05/2010 - 20:17:31 | N | 363] C:\Equipo - Acceso directo.lnk
      [12/11/2012 - 15:58:07 | ASH | 1407574016] C:\hiberfil.sys
      [12/01/2010 - 09:12:21 | D ] C:\HP
      [20/06/2010 - 18:23:28 | N | 0] C:\IO.SYS
      [20/06/2010 - 18:23:28 | N | 0] C:\MSDOS.SYS
      [02/03/2010 - 00:04:00 | RHD ] C:\MSOCache
      [12/11/2012 - 15:58:10 | ASH | 1876766720] C:\pagefile.sys
      [13/07/2009 - 21:37:05 | D ] C:\PerfLogs
      [12/11/2012 - 00:19:12 | D ] C:\Program Files
      [12/11/2012 - 15:55:34 | HD ] C:\ProgramData
      [01/02/2010 - 14:41:08 | SHD ] C:\Recovery
      [13/06/2011 - 20:13:53 | N | 355] C:\Red - Acceso directo.lnk
      [11/11/2012 - 23:37:35 | D ] C:\SwSetup
      [12/11/2012 - 15:27:28 | SHD ] C:\System Volume Information
      [01/02/2010 - 14:41:18 | D ] C:\SYSTEM.SAV
      [12/11/2012 - 16:44:34 | D ] C:\UsbFix
      [12/11/2012 - 16:44:21 | A | 0] C:\UsbFix.txt
      [01/02/2010 - 14:39:08 | D ] C:\Users
      [12/11/2012 - 15:58:08 | D ] C:\Windows
      [24/06/2011 - 13:08:11 | D ] C:\Zylom Games
      [12/11/2012 - 16:20:57 | SHD ] D:\$RECYCLE.BIN
      [12/11/2012 - 16:22:09 | RASHD ] D:\Autorun.inf
      [01/02/2010 - 15:09:04 | SHD ] D:\boot
      [14/07/2009 - 13:39:00 | ASH | 383562] D:\bootmgr
      [01/02/2010 - 15:09:04 | N | 0] D:\BT_COMPAQ.FLG
      [12/01/2010 - 08:49:03 | N | 432] D:\CSP.DAT
      [12/01/2010 - 08:59:38 | N | 11403] D:\DeployRp.log
      [22/10/2012 - 11:44:20 | D ] D:\Hoja de Vida
      [01/02/2010 - 15:09:04 | D ] D:\hp
      [01/02/2010 - 15:08:54 | N | 8] D:\HP_WSD.dat
      [01/02/2010 - 15:09:04 | N | 22] D:\language.ini
      [01/02/2010 - 15:09:04 | SHD ] D:\preload
      [01/02/2010 - 15:09:04 | SD ] D:\Recovery
      [12/01/2010 - 08:59:33 | N | 0] D:\RPCONFIG.LOG
      [02/03/2010 - 00:23:17 | SHD ] D:\System Volume Information
      [01/02/2010 - 15:09:05 | D ] D:\system.sav
      [26/08/2012 - 09:49:26 | N | 33571355] G:\Beljavsky & Karpov - La defensa Caro-Kann con blancas y negras.pdf
      [05/09/2012 - 19:06:02 | D ] G:\hoja de vida v.3_copy
      [12/10/2012 - 12:56:42 | D ] G:\soportes
      [16/10/2012 - 14:59:42 | N | 6810104] G:\PowerISO5.exe
      [12/10/2012 - 1022 | N | 2763599] G:\hoja de vida v.3_copy.pdf
      [15/10/2012 - 16:37:18 | N | 7921688] G:\RevoUninProSetup.exe
      [15/10/2012 - 17:24:36 | N | 6775934] G:\FlashGet___OrbitDownloader (1).rar
      [15/10/2012 - 19:39:20 | N | 373440] G:\SoftonicDownloader_para_dvd-shrink.exe
      [09/01/2012 - 03:38:28 | N | 8041792] G:\flashget3.7.0.1195en.exe
      [15/10/2012 - 23:14:38 | N | 5110212] G:\Gta San Andreas By EliteMaster.rar
      [12/11/2012 - 16:22:14 | RASHD ] G:\Autorun.inf
      [22/10/2012 - 08:57:40 | N | 84043] G:\colamerica2.jpg
      [22/10/2012 - 09:00:56 | N | 94767] G:\COL A 1.docx
      [22/10/2012 - 11:26:28 | N | 88261] G:\colamerica2.pdf
      [22/10/2012 - 13:40:56 | N | 2911321] G:\CV5.pdf
      [22/10/2012 - 19:01:44 | N | 1151121] G:\CV5.1..pdf
      [14/12/2011 - 16:20:56 | N | 23470] G:\INVT. ELEMT A.C.P.xlsx
      [22/10/2012 - 12:09:52 | D ] G:\Curiculum Vitae
      [12/10/2012 - 1022 | N | 2763599] G:\~$hoja de vida v.3_copy.pdf
      [22/10/2012 - 13:53:08 | N | 2179687] G:\CV5.1.1.pdf
      [01/11/2012 - 13:30:26 | N | 222803] G:\Scan0012.pdf
      [28/02/2012 - 13:02:26 | D ] G:\eder2
      [13/06/2012 - 12:27:12 | D ] G:\cursos sena
      [28/06/2012 - 11:34:26 | D ] G:\CHESS
      [17/02/2003 - 18:04:48 | N | 24576] G:\Install.exe
      [20/10/2012 - 17:08:42 | N | 2191] G:\KasparovChess.dat
      [03/06/2003 - 18:13:14 | N | 712704] G:\KasparovChess.exe
      [03/06/2003 - 1820 | N | 9436044] G:\KasparovChess.RB
      [19/09/2010 - 08:21:20 | D ] G:\historic games
      [19/09/2010 - 08:21:20 | D ] G:\music
      [19/09/2010 - 08:19:14 | D ] G:\ReflexiveArcade
      [07/01/2007 - 23:14:48 | N | 42] G:\##Attributes.ini
      [26/06/2001 - 11:22:50 | N | 41043] G:\ceutil.dll
      [15/05/2003 - 13:17:46 | N | 206336] G:\dsetup32.dll
      [15/05/2003 - 13:17:44 | N | 35328] G:\DSETUP.dll
      [15/05/2003 - 15:18:50 | N | 130560] G:\fmod.dll
      [19/09/2010 - 11:38:28 | N | 504] G:\Hexacto.reg
      [03/09/2004 - 18:44:12 | D ] G:\replays
      [03/09/2004 - 18:45:08 | D ] G:\savegames
      [30/07/2012 - 16:17:58 | D ] G:\motores
      [26/08/2012 - 09:57:58 | N | 516139] G:\AT-Destroyer.exe
      [26/08/2012 - 10:42:04 | N | 18808429] G:\Dangerous weapons The Pirc & Modern.pdf

      ################## | E.O.F |
      amigo espero q me comentes las conclusiones de tu analisis gracias por todo buen dia

    4. #34
      eddiec46
      No Registrado Avatar de eddiec46

      Re: computador infectado

      ############################## | UsbFix V 7.096 | [Buscar]



      Usuario: usuario (Administrador) # USUARIO-PC
      Actualizado el 15/08/2012 por El Desaparecido
      Comenzó a 16:06:36 | 12/11/2012

      Sitio web: http://eldesaparecido.com
      Foro: SoSVirus • Portail
      Archivo sospechoso ? : http://eldesaparecido.com/upload.php
      Contacto: [email protected]

      PC: Hewlett-Packard (Compaq Presario CQ40 Notebook PC) (X86-based PC) # Notebook
      CPU: AMD Sempron(tm) SI-42 (2100)
      RAM -> [Total : 1790 | Free : 1379]
      BIOS: Default System BIOS
      BOOT: Fail-safe boot

      OS: Microsoft Windows 7 Home Basic (6.1.7601 32-Bit) # Service Pack 1
      WB: Windows Internet Explorer 9.0.8112.16421

      SC: Security Center Service [Enabled]
      WU: Windows Update Service [Enabled]
      AV: avast! Antivirus [Enabled | Updated]
      FW: Windows FireWall Service [(!) Disabled]

      C:\ (%systemdrive%) -> Disco fijo # 220 Gb (161 Mb libre(s) - 73%) [] # NTFS
      D:\ -> Disco fijo # 12 Gb (2 Mb libre(s) - 16%) [RECOVERY] # NTFS
      E:\ -> CD-ROM
      G:\ -> Disco extraíble # 4 Gb (1 Mb libre(s) - 41%) [KINGSTON] # FAT32

      ################## | Procesos Activos |

      C:\Windows\system32\csrss.exe (324)
      C:\Windows\system32\wininit.exe (360)
      C:\Windows\system32\csrss.exe (368)
      C:\Windows\system32\winlogon.exe (396)
      C:\Windows\system32\services.exe (452)
      C:\Windows\system32\lsass.exe (460)
      C:\Windows\system32\lsm.exe (468)
      C:\Windows\system32\svchost.exe (588)
      C:\Windows\system32\svchost.exe (660)
      C:\Windows\System32\svchost.exe (744)
      C:\Windows\system32\svchost.exe (792)
      C:\Windows\system32\svchost.exe (828)
      C:\Windows\system32\svchost.exe (868)
      C:\Windows\Explorer.EXE (1060)
      C:\Windows\system32\ctfmon.exe (1104)
      C:\UsbFix\Go.exe (1672)
      C:\Windows\system32\wbem\wmiprvse.exe (1788)
      C:\Windows\System32\svchost.exe (1892)
      C:\Windows\system32\wbem\wmiprvse.exe (1148)
      C:\Program Files\Alwil Software\Avast5\AvastUI.exe (932)

      ################## | Archivos # Carpetas infectadas |

      Encontrado ! C:\Windows\system32\secushr.dat

      ################## | Registro |


      ################## | Mountpoints2 |

      HKCU\.\.\.\.\Explorer\MountPoints2\F
      Shell\AutoRun\Command = F:\AutoRun.exe

      HKCU\.\.\.\.\Explorer\MountPoints2\{06b84ce1-3866-11e0-a4d4-705ab68a1a0a}
      Shell\AutoRun\Command = F:\AutoRun.exe

      HKCU\.\.\.\.\Explorer\MountPoints2\{06b84cf1-3866-11e0-a4d4-705ab68a1a0a}
      Shell\AutoRun\Command = F:\AutoRun.exe

      HKCU\.\.\.\.\Explorer\MountPoints2\{06b84d10-3866-11e0-a4d4-705ab68a1a0a}
      Shell\AutoRun\Command = G:\AutoRun.exe

      HKCU\.\.\.\.\Explorer\MountPoints2\{3af8402e-8d65-11e0-b2a1-705ab68a1a0a}
      Shell\AutoRun\Command = F:\AutoRun.exe

      HKCU\.\.\.\.\Explorer\MountPoints2\{f56fc3a0-3b6c-11e0-9836-705ab68a1a0a}
      Shell\AutoRun\Command = F:\AutoRun.exe



      ################## | Vaccin |

      C:\Autorun.inf -> Vacuna creada por UsbFix (El Desaparecido)
      D:\Autorun.inf -> Vacuna creada por UsbFix (El Desaparecido)

      ################## | E.O.F |
      ############################## | UsbFix V 7.096 | [Buscar]

      Usuario: usuario (Administrador) # USUARIO-PC
      Actualizado el 15/08/2012 por El Desaparecido
      Comenzó a 16:06:36 | 12/11/2012

      Sitio web: http://eldesaparecido.com
      Foro: SoSVirus • Portail
      Archivo sospechoso ? : http://eldesaparecido.com/upload.php
      Contacto: [email protected]

      PC: Hewlett-Packard (Compaq Presario CQ40 Notebook PC) (X86-based PC) # Notebook
      CPU: AMD Sempron(tm) SI-42 (2100)
      RAM -> [Total : 1790 | Free : 1379]
      BIOS: Default System BIOS
      BOOT: Fail-safe boot

      OS: Microsoft Windows 7 Home Basic (6.1.7601 32-Bit) # Service Pack 1
      WB: Windows Internet Explorer 9.0.8112.16421

      SC: Security Center Service [Enabled]
      WU: Windows Update Service [Enabled]
      AV: avast! Antivirus [Enabled | Updated]
      FW: Windows FireWall Service [(!) Disabled]

      C:\ (%systemdrive%) -> Disco fijo # 220 Gb (161 Mb libre(s) - 73%) [] # NTFS
      D:\ -> Disco fijo # 12 Gb (2 Mb libre(s) - 16%) [RECOVERY] # NTFS
      E:\ -> CD-ROM
      G:\ -> Disco extraíble # 4 Gb (1 Mb libre(s) - 41%) [KINGSTON] # FAT32

      ################## | Procesos Activos |

      C:\Windows\system32\csrss.exe (324)
      C:\Windows\system32\wininit.exe (360)
      C:\Windows\system32\csrss.exe (368)
      C:\Windows\system32\winlogon.exe (396)
      C:\Windows\system32\services.exe (452)
      C:\Windows\system32\lsass.exe (460)
      C:\Windows\system32\lsm.exe (468)
      C:\Windows\system32\svchost.exe (588)
      C:\Windows\system32\svchost.exe (660)
      C:\Windows\System32\svchost.exe (744)
      C:\Windows\system32\svchost.exe (792)
      C:\Windows\system32\svchost.exe (828)
      C:\Windows\system32\svchost.exe (868)
      C:\Windows\Explorer.EXE (1060)
      C:\Windows\system32\ctfmon.exe (1104)
      C:\UsbFix\Go.exe (1672)
      C:\Windows\system32\wbem\wmiprvse.exe (1788)
      C:\Windows\System32\svchost.exe (1892)
      C:\Windows\system32\wbem\wmiprvse.exe (1148)
      C:\Program Files\Alwil Software\Avast5\AvastUI.exe (932)

      ################## | Archivos # Carpetas infectadas |

      Encontrado ! C:\Windows\system32\secushr.dat

      ################## | Registro |


      ################## | Mountpoints2 |

      HKCU\.\.\.\.\Explorer\MountPoints2\F
      Shell\AutoRun\Command = F:\AutoRun.exe

      HKCU\.\.\.\.\Explorer\MountPoints2\{06b84ce1-3866-11e0-a4d4-705ab68a1a0a}
      Shell\AutoRun\Command = F:\AutoRun.exe

      HKCU\.\.\.\.\Explorer\MountPoints2\{06b84cf1-3866-11e0-a4d4-705ab68a1a0a}
      Shell\AutoRun\Command = F:\AutoRun.exe

      HKCU\.\.\.\.\Explorer\MountPoints2\{06b84d10-3866-11e0-a4d4-705ab68a1a0a}
      Shell\AutoRun\Command = G:\AutoRun.exe

      HKCU\.\.\.\.\Explorer\MountPoints2\{3af8402e-8d65-11e0-b2a1-705ab68a1a0a}
      Shell\AutoRun\Command = F:\AutoRun.exe

      HKCU\.\.\.\.\Explorer\MountPoints2\{f56fc3a0-3b6c-11e0-9836-705ab68a1a0a}
      Shell\AutoRun\Command = F:\AutoRun.exe



      ################## | Vaccin |

      C:\Autorun.inf -> Vacuna creada por UsbFix (El Desaparecido)
      D:\Autorun.inf -> Vacuna creada por UsbFix (El Desaparecido)

      ################## | E.O.F |

      ############################## | UsbFix V 7.096 | [Listing]

      Usuario: usuario (Administrador) # USUARIO-PC
      Actualizado el 15/08/2012 por El Desaparecido
      Comenzó a 16:44:32 | 12/11/2012

      Sitio web: http://eldesaparecido.com
      Foro: SoSVirus • Portail
      Archivo sospechoso ? : http://eldesaparecido.com/upload.php
      Contacto: [email protected]

      PC: Hewlett-Packard (Compaq Presario CQ40 Notebook PC) (X86-based PC) # Notebook
      CPU: AMD Sempron(tm) SI-42 (2100)
      RAM -> [Total : 1790 | Free : 1321]
      BIOS: Default System BIOS
      BOOT: Fail-safe boot

      OS: Microsoft Windows 7 Home Basic (6.1.7601 32-Bit) # Service Pack 1
      WB: Windows Internet Explorer 9.0.8112.16421

      SC: Security Center Service [Enabled]
      WU: Windows Update Service [Enabled]
      AV: avast! Antivirus [Enabled | Updated]
      FW: Windows FireWall Service [(!) Disabled]

      C:\ (%systemdrive%) -> Disco fijo # 220 Gb (160 Mb libre(s) - 73%) [] # NTFS
      D:\ -> Disco fijo # 12 Gb (2 Mb libre(s) - 16%) [RECOVERY] # NTFS
      E:\ -> CD-ROM
      G:\ -> Disco extraíble # 4 Gb (1 Mb libre(s) - 41%) [KINGSTON] # FAT32

      ################## | Listing |

      [12/11/2012 - 16:20:57 | SHD ] C:\$Recycle.Bin
      [01/02/2010 - 14:38:49 | D ] C:\Archivos de programa
      [11/11/2012 - 23:22:48 | D ] C:\ATI
      [10/06/2009 - 16:42:20 | N | 24] C:\autoexec.bat
      [12/11/2012 - 16:22:09 | RASHD ] C:\Autorun.inf
      [06/11/2012 - 14:01:41 | SHD ] C:\boot
      [13/07/2009 - 20:38:58 | RASH | 383562] C:\bootmgr
      [12/11/2012 - 14:54:03 | D ] C:\clases english
      [12/11/2012 - 11:22:20 | D ] C:\Config.Msi
      [10/06/2009 - 16:42:20 | N | 10] C:\config.sys
      [22/10/2012 - 22:26:10 | N | 274] C:\CorelDRAW Graphics Suite X6.txt
      [13/07/2009 - 23:53:55 | SHD ] C:\Documents and Settings
      [12/11/2012 - 13:15:00 | D ] C:\Downloads
      [27/10/2012 - 19:19:06 | N | 3740] C:\DrWeb.csv
      [15/05/2010 - 20:17:31 | N | 363] C:\Equipo - Acceso directo.lnk
      [12/11/2012 - 15:58:07 | ASH | 1407574016] C:\hiberfil.sys
      [12/01/2010 - 09:12:21 | D ] C:\HP
      [20/06/2010 - 18:23:28 | N | 0] C:\IO.SYS
      [20/06/2010 - 18:23:28 | N | 0] C:\MSDOS.SYS
      [02/03/2010 - 00:04:00 | RHD ] C:\MSOCache
      [12/11/2012 - 15:58:10 | ASH | 1876766720] C:\pagefile.sys
      [13/07/2009 - 21:37:05 | D ] C:\PerfLogs
      [12/11/2012 - 00:19:12 | D ] C:\Program Files
      [12/11/2012 - 15:55:34 | HD ] C:\ProgramData
      [01/02/2010 - 14:41:08 | SHD ] C:\Recovery
      [13/06/2011 - 20:13:53 | N | 355] C:\Red - Acceso directo.lnk
      [11/11/2012 - 23:37:35 | D ] C:\SwSetup
      [12/11/2012 - 15:27:28 | SHD ] C:\System Volume Information
      [01/02/2010 - 14:41:18 | D ] C:\SYSTEM.SAV
      [12/11/2012 - 16:44:34 | D ] C:\UsbFix
      [12/11/2012 - 16:44:21 | A | 0] C:\UsbFix.txt
      [01/02/2010 - 14:39:08 | D ] C:\Users
      [12/11/2012 - 15:58:08 | D ] C:\Windows
      [24/06/2011 - 13:08:11 | D ] C:\Zylom Games
      [12/11/2012 - 16:20:57 | SHD ] D:\$RECYCLE.BIN
      [12/11/2012 - 16:22:09 | RASHD ] D:\Autorun.inf
      [01/02/2010 - 15:09:04 | SHD ] D:\boot
      [14/07/2009 - 13:39:00 | ASH | 383562] D:\bootmgr
      [01/02/2010 - 15:09:04 | N | 0] D:\BT_COMPAQ.FLG
      [12/01/2010 - 08:49:03 | N | 432] D:\CSP.DAT
      [12/01/2010 - 08:59:38 | N | 11403] D:\DeployRp.log
      [22/10/2012 - 11:44:20 | D ] D:\Hoja de Vida
      [01/02/2010 - 15:09:04 | D ] D:\hp
      [01/02/2010 - 15:08:54 | N | 8] D:\HP_WSD.dat
      [01/02/2010 - 15:09:04 | N | 22] D:\language.ini
      [01/02/2010 - 15:09:04 | SHD ] D:\preload
      [01/02/2010 - 15:09:04 | SD ] D:\Recovery
      [12/01/2010 - 08:59:33 | N | 0] D:\RPCONFIG.LOG
      [02/03/2010 - 00:23:17 | SHD ] D:\System Volume Information
      [01/02/2010 - 15:09:05 | D ] D:\system.sav
      [26/08/2012 - 09:49:26 | N | 33571355] G:\Beljavsky & Karpov - La defensa Caro-Kann con blancas y negras.pdf
      [05/09/2012 - 19:06:02 | D ] G:\hoja de vida v.3_copy
      [12/10/2012 - 12:56:42 | D ] G:\soportes
      [16/10/2012 - 14:59:42 | N | 6810104] G:\PowerISO5.exe
      [12/10/2012 - 1022 | N | 2763599] G:\hoja de vida v.3_copy.pdf
      [15/10/2012 - 16:37:18 | N | 7921688] G:\RevoUninProSetup.exe
      [15/10/2012 - 17:24:36 | N | 6775934] G:\FlashGet___OrbitDownloader (1).rar
      [15/10/2012 - 19:39:20 | N | 373440] G:\SoftonicDownloader_para_dvd-shrink.exe
      [09/01/2012 - 03:38:28 | N | 8041792] G:\flashget3.7.0.1195en.exe
      [15/10/2012 - 23:14:38 | N | 5110212] G:\Gta San Andreas By EliteMaster.rar
      [12/11/2012 - 16:22:14 | RASHD ] G:\Autorun.inf
      [22/10/2012 - 08:57:40 | N | 84043] G:\colamerica2.jpg
      [22/10/2012 - 09:00:56 | N | 94767] G:\COL A 1.docx
      [22/10/2012 - 11:26:28 | N | 88261] G:\colamerica2.pdf
      [22/10/2012 - 13:40:56 | N | 2911321] G:\CV5.pdf
      [22/10/2012 - 19:01:44 | N | 1151121] G:\CV5.1..pdf
      [14/12/2011 - 16:20:56 | N | 23470] G:\INVT. ELEMT A.C.P.xlsx
      [22/10/2012 - 12:09:52 | D ] G:\Curiculum Vitae
      [12/10/2012 - 1022 | N | 2763599] G:\~$hoja de vida v.3_copy.pdf
      [22/10/2012 - 13:53:08 | N | 2179687] G:\CV5.1.1.pdf
      [01/11/2012 - 13:30:26 | N | 222803] G:\Scan0012.pdf
      [28/02/2012 - 13:02:26 | D ] G:\eder2
      [13/06/2012 - 12:27:12 | D ] G:\cursos sena
      [28/06/2012 - 11:34:26 | D ] G:\CHESS
      [17/02/2003 - 18:04:48 | N | 24576] G:\Install.exe
      [20/10/2012 - 17:08:42 | N | 2191] G:\KasparovChess.dat
      [03/06/2003 - 18:13:14 | N | 712704] G:\KasparovChess.exe
      [03/06/2003 - 1820 | N | 9436044] G:\KasparovChess.RB
      [19/09/2010 - 08:21:20 | D ] G:\historic games
      [19/09/2010 - 08:21:20 | D ] G:\music
      [19/09/2010 - 08:19:14 | D ] G:\ReflexiveArcade
      [07/01/2007 - 23:14:48 | N | 42] G:\##Attributes.ini
      [26/06/2001 - 11:22:50 | N | 41043] G:\ceutil.dll
      [15/05/2003 - 13:17:46 | N | 206336] G:\dsetup32.dll
      [15/05/2003 - 13:17:44 | N | 35328] G:\DSETUP.dll
      [15/05/2003 - 15:18:50 | N | 130560] G:\fmod.dll
      [19/09/2010 - 11:38:28 | N | 504] G:\Hexacto.reg
      [03/09/2004 - 18:44:12 | D ] G:\replays
      [03/09/2004 - 18:45:08 | D ] G:\savegames
      [30/07/2012 - 16:17:58 | D ] G:\motores
      [26/08/2012 - 09:57:58 | N | 516139] G:\AT-Destroyer.exe
      [26/08/2012 - 10:42:04 | N | 18808429] G:\Dangerous weapons The Pirc & Modern.pdf

      ################## | E.O.F |

    5. #35
      Usuario Avatar de M4RTYN
      Registrado
      jun 2012
      Ubicación
      Ecuador
      Mensajes
      5.520

      Re: computador infectado

      listo la PC tenia algo pero ya esta desinfectada me comentas que hacemos con el tema

    6. #36
      eddiec46
      No Registrado Avatar de eddiec46

      Re: computador infectado

      Cita Originalmente publicado por M4RTYN Ver Mensaje
      listo la PC tenia algo pero ya esta desinfectada me comentas que hacemos con el tema
      listo gracias

    7. #37
      eddiec46
      No Registrado Avatar de eddiec46

      Re: computador infectado

      Cita Originalmente publicado por M4RTYN Ver Mensaje
      Cuentame como va la PC
      la pc va bien trabaja normal

    8. #38
      Usuario Avatar de M4RTYN
      Registrado
      jun 2012
      Ubicación
      Ecuador
      Mensajes
      5.520

      Re: computador infectado

      entonces esta solucionado el tema??

    Página 4 de 4 PrimeroPrimero 1234