adware/superspider, Iroffer.A, Cookie/Atlas DMT

Buscar

		Foro de InfoSpyware » Spyware - Adware - Hijackers - Malwares » Foro de Virus y Spywares
adware/superspider, Iroffer.A, Cookie/Atlas DMT

Para evitar Virus, Spyware y otros Malwares, te recomendamos mantenerte informado en: InfoSpyware Blog

Foro de Virus y Spywares Ayuda con: Malwares - Virus - Spywares - Troyanos - Adwares - Worms - Hijackers - Dialers - Rootkits - Keylogger - etc.) Plantéanos tu problema en este sector.
No ponga su log de HijackThis aquí !!

Página 1 de 2

Enviar a:

Herramientas

post #1

09/10/06, 20:05:44

lobo_x

Usuario

Registrado: sep 2006

Ubicación: Mexico

Mensajes: 15

adware/superspider, Iroffer.A, Cookie/Atlas DMT

Tengo problemas con los siguientes spywares y adware: adware/superspider, Iroffer.A, Cookie/Atlas DMT, he tratado de limpiarlos con las herramientas online y nada, siguen ahi. Que puedo Hacer?, pus conforme avanza el tiempo se alenta mi maquina y se caen los servicios, tengo NT

InfoSpyware

post #2

09/10/06, 20:13:34

AntonioG

Moderador

Registrado: may 2006

Ubicación: México

Mensajes: 3.805

Re: adware/superspider, Iroffer.A, Cookie/Atlas DMT

Hola lobo_x, bienvenido al foro.

Que antivirus te detectan eso que emncionas? puedes pegar el log que generan? (para ver la localizaciobn del archvio infectado y el tipo de infeccion de cada uno).

Para las cookies, solo pasa el DiskCleaner.

Tambien (si no esta entre los antivirus que has usado), pasa el kaspersky online y pegas su reporte.

Nos comentas...

Saludos

Novedades del Foro | Antivirus Online | Eliminar Malwares | Políticas del Foro | Blog

* Ayúdanos haciendo una DONACIÓN para poder seguir Ayudando.
* Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
* No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

post #3

09/10/06, 21:52:51

lobo_x

Usuario

Registrado: sep 2006

Ubicación: Mexico

Mensajes: 15

Re: adware/superspider, Iroffer.A, Cookie/Atlas DMT

le pase el panda on line y su log es el siguiente:

Incidencia Estado Elemento

Virus:W32/Sdbot.IFH.worm Desinfectado Sistema Operativo
Adware:adware/superspider No desinfectado c:\winnt.sbs\system32\a.exe
Virus:W32/Sdbot.IFH.worm Desinfectado C:\WINNT\TEMP\eraseme_22022.exe
Virus:W32/Sdbot.IFH.worm Desinfectado C:\WINNT\TEMP\eraseme_35556.exe
Herramienta potencialmente no deseada:Application/Iroffer.A No desinfectado C:\WINNT\TEMP\svchost
Virus:W32/Sdbot.IFH.worm Desinfectado C:\WINNT.SBS\Profiles\Default User\Local Settings\Temporary Internet Files\Content.IE5\WLAVWTY3\lo[1].jpg
Virus:W32/Sdbot.ftp.worm Desinfectado C:\WINNT.SBS\system32\i
Virus:W32/Sdbot.ftp.worm Desinfectado C:\WINNT.SBS\system32\n
Spyware:Cookie/Atlas DMT No desinfectado D:\Documents and Settings\Administrator\Cookies\administrator@atdmt[1].txt
Virus:W32/Sdbot.ftp.worm Desinfectado D:\WINNT\system32\i

post #4

09/10/06, 22:38:45

Hardrive

Ex-Colaborador

Registrado: abr 2006

Ubicación: N/A

Mensajes: 4.665

Re: adware/superspider, Iroffer.A, Cookie/Atlas DMT

Holas. Segui los siguientes pasos:
1. - Entra en Modo Seguro (Modo a Prueba de Fallos).
2. - Borra los siguientes archivos:

c:\winnt.sbs\system32\a.exe

C:\WINNT\TEMP\eraseme_22022.exe

C:\WINNT\TEMP\eraseme_35556.exe

C:\WINNT\TEMP\svchost

C:\WINNT.SBS\Profiles\Default User\Local Settings\Temporary Internet Files\Content.IE5\WLAVWTY3\lo[1].jpg

C:\WINNT.SBS\system32\i

C:\WINNT.SBS\system32\n

D:\WINNT\system32\i

3. - Escanea con:

F-SdBot
Tu antivirus actualizado (todos tus discos locales).
Spybot S&D 1.4 actualizado (opcion "Analizar problemas").
Ad-aware 1.06 SE Personal actualizado (Full Scan).

4. - No salgas del modo seguro. Has lo siguiente en cada cuenta de usuario:

Cierra todas las ventanas.
Pasa el Disk Cleaner.
Limpia el registro con RegSeeker (manual).

5. - Inicia en modo normal y escanea con Ewido y Kaspersky On-Line en ese orden y guardas los reportes de cada uno.
6. - Reactiva Restaurar Sistema.
7. - Peganos los reportes de los escanners on-line obtenidos en el punto 5 en este mismo tema para que los analizemos (pega los 2 juntos, no por separado).

Nos cuentas resultados.

Salu2

Linux User Registered #451400

post #5

13/10/06, 15:12:12

lobo_x

Usuario

Registrado: sep 2006

Ubicación: Mexico

Mensajes: 15

adware/superspider, Iroffer.A, Cookie/Atlas DMT

Gracias por la ayuda, de verdad.
Hice todo lo que me dijiste hardrive, sin embrago al pasar el antivirus online ewido, no se porque razon no se instalo el control ActiveX de ewido, por lo que no pude pasarselo, por lo que opte por pasarle el panda y kaspersky, aqui te pego los logs, que porcierto no importa las veces que se los pase, siempre sale un virus y un spyware.

PANDA:
Incident Status Location

Spyware:Cookie/Doubleclick Not disinfected D:\Documents and Settings\Administrator\Cookies\anyuser@doubleclick[1].txt
Virus:W32/Sdbot.IEX.worm Disinfected D:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\W4R0Y8WU\n[1].exe
kASPERSKY:
KASPERSKY ONLINE SCANNER REPORT
Friday, October 13, 2006 2:13:51 PM
Operating System: Microsoft Windows NT, Service Pack 6a (Build 1381)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 13/10/2006
Kaspersky Anti-Virus database records: 218052

Scan Settings
Scan using the following antivirus database standard
Scan Archives true
Scan Mail Bases true

Scan Target My Computer
A:\
C:\
D:\
E:\
F:\

Scan Statistics
Total number of scanned objects 71467
Number of viruses found 10
Number of infected objects 47 / 0
Number of suspicious objects 0
Duration of the scan process 01:52:37

Infected Object Name Virus Name Last Action
C:\ExchSrvr\DSADATA\DIR.EDB Object is locked skipped

C:\ExchSrvr\DSADATA\edb.log Object is locked skipped

C:\ExchSrvr\DSADATA\temp.edb Object is locked skipped

C:\ExchSrvr\imcdata\queue.dat Object is locked skipped

C:\ExchSrvr\mdbdata\edb.log Object is locked skipped

C:\ExchSrvr\mdbdata\PRIV.EDB Object is locked skipped

C:\ExchSrvr\mdbdata\PUB.EDB Object is locked skipped

C:\ExchSrvr\mdbdata\tmp.edb Object is locked skipped

C:\ExchSrvr\MTADATA\AP0.LOG Object is locked skipped

C:\ExchSrvr\MTADATA\BF0.LOG Object is locked skipped

C:\ExchSrvr\MTADATA\DB000003.DAT Object is locked skipped

C:\ExchSrvr\MTADATA\DB000030.DAT Object is locked skipped

C:\ExchSrvr\MTADATA\DBREFS Object is locked skipped

C:\ExchSrvr\MTADATA\EV0.LOG Object is locked skipped

C:\INetPub\Catalog.wci\00000002.prp Object is locked skipped

C:\INetPub\Catalog.wci\cicat.hsh Object is locked skipped

C:\INetPub\Catalog.wci\CiCL0001.000 Object is locked skipped

C:\INetPub\Catalog.wci\CiPS0000.000 Object is locked skipped

C:\INetPub\Catalog.wci\CiPT0000.000 Object is locked skipped

C:\INetPub\Catalog.wci\CiSL0001.000 Object is locked skipped

C:\INetPub\Catalog.wci\CiSP0000.000 Object is locked skipped

C:\INetPub\Catalog.wci\CiST0000.000 Object is locked skipped

C:\INetPub\Catalog.wci\CiVP0000.000 Object is locked skipped

C:\INetPub\Catalog.wci\INDEX.000 Object is locked skipped

C:\INetPub\Catalog.wci\propstor.bkp Object is locked skipped

C:\WINNT\TEMP\ESICS.DAT Object is locked skipped

C:\WINNT\TEMP\~DFEEEE.tmp Object is locked skipped

C:\WINNT.SBS\NETLOGON.CHG Object is locked skipped

C:\WINNT.SBS\Profiles\Administrator\Cookies\index. dat Object is locked skipped

C:\WINNT.SBS\Profiles\Administrator\History\Histor y.IE5\index.dat Object is locked skipped

C:\WINNT.SBS\Profiles\Administrator\History\Histor y.IE5\MSHist012006101220061013\index.dat Object is locked skipped

C:\WINNT.SBS\Profiles\Administrator\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\WINNT.SBS\Profiles\Administrator\NTUSER.DAT Object is locked skipped

C:\WINNT.SBS\Profiles\Administrator\ntuser.dat.LOG Object is locked skipped

C:\WINNT.SBS\Profiles\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\01080000.VBN Infected: Backdoor.Win32.SdBot.aqj skipped

C:\WINNT.SBS\Profiles\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\01080002.VBN Infected: Backdoor.Win32.SdBot.aad skipped

C:\WINNT.SBS\Profiles\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\01080004.VBN Infected: Backdoor.Win32.SdBot.aad skipped

C:\WINNT.SBS\Profiles\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\01080006.VBN Infected: Backdoor.Win32.SdBot.aad skipped

C:\WINNT.SBS\Profiles\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\02720000.VBN Infected: Rootkit.Win32.Agent.p skipped

C:\WINNT.SBS\Profiles\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\037C0000.VBN Infected: Backdoor.Win32.Agent.agw skipped

C:\WINNT.SBS\Profiles\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\037C0001.VBN Infected: Rootkit.Win32.Agent.p skipped

C:\WINNT.SBS\Profiles\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03BB0000.VBN Infected: Backdoor.Win32.Agent.agw skipped

C:\WINNT.SBS\Profiles\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03BB0001.VBN Infected: Backdoor.Win32.Rbot.gen skipped

C:\WINNT.SBS\Profiles\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03BB0003.VBN Infected: Backdoor.Win32.Rbot.gen skipped

C:\WINNT.SBS\Profiles\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03BB0004.VBN Infected: Rootkit.Win32.Agent.p skipped

C:\WINNT.SBS\Profiles\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\04340000.VBN Infected: Backdoor.Win32.Agent.agw skipped

C:\WINNT.SBS\Profiles\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\04340001.VBN Infected: Backdoor.Win32.Agent.agw skipped

C:\WINNT.SBS\Profiles\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\04340003.VBN Infected: Backdoor.Win32.Agent.agw skipped

C:\WINNT.SBS\Profiles\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\04340005.VBN Infected: Rootkit.Win32.Agent.p skipped

C:\WINNT.SBS\Profiles\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\04340006.VBN Infected: Backdoor.Win32.Agent.agw skipped

C:\WINNT.SBS\Profiles\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\04460000.VBN Infected: Rootkit.Win32.Agent.p skipped

C:\WINNT.SBS\Profiles\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\044C0000.VBN Infected: Rootkit.Win32.Agent.p skipped

C:\WINNT.SBS\Profiles\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\04EC0000.VBN Infected: Rootkit.Win32.Agent.p skipped

C:\WINNT.SBS\Profiles\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\05410000.VBN Infected: Rootkit.Win32.Agent.p skipped

C:\WINNT.SBS\Profiles\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\65770000.VBN Infected: Backdoor.Win32.Agent.agw skipped

C:\WINNT.SBS\Profiles\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\65770001.VBN Infected: Rootkit.Win32.Agent.p skipped

C:\WINNT.SBS\SchedLog.Txt Object is locked skipped

C:\WINNT.SBS\system32\config\AppEvent.Evt Object is locked skipped

C:\WINNT.SBS\system32\config\default Object is locked skipped

C:\WINNT.SBS\system32\config\default.LOG Object is locked skipped

C:\WINNT.SBS\system32\config\SAM Object is locked skipped

C:\WINNT.SBS\system32\config\SAM.LOG Object is locked skipped

C:\WINNT.SBS\system32\config\SecEvent.Evt Object is locked skipped

C:\WINNT.SBS\system32\config\SECURITY Object is locked skipped

C:\WINNT.SBS\system32\config\SECURITY.LOG Object is locked skipped

C:\WINNT.SBS\system32\config\software Object is locked skipped

C:\WINNT.SBS\system32\config\software.LOG Object is locked skipped

C:\WINNT.SBS\system32\config\SysEvent.Evt Object is locked skipped

C:\WINNT.SBS\system32\config\system Object is locked skipped

C:\WINNT.SBS\system32\config\SYSTEM.ALT Object is locked skipped

C:\WINNT.SBS\system32\dhcp\dhcp.mdb Object is locked skipped

C:\WINNT.SBS\system32\dhcp\Dhcp.tmp Object is locked skipped

C:\WINNT.SBS\system32\dhcp\DhcpSrvLog.Thu Object is locked skipped

C:\WINNT.SBS\system32\dhcp\j50.log Object is locked skipped

C:\WINNT.SBS\system32\DNS\dns.log Object is locked skipped

C:\WINNT.SBS\system32\DTCLog\DTCXATM.LOG Object is locked skipped

C:\WINNT.SBS\system32\DTCLog\msdtc.log Object is locked skipped

C:\WINNT.SBS\system32\LogFiles\W3SVC1\ex061013.log Object is locked skipped

C:\WINNT.SBS\system32\msplogs\W3061012.log Object is locked skipped

C:\WINNT.SBS\system32\msplogs\WS061012.log Object is locked skipped

C:\WINNT.SBS\system32\unaxa.exe Infected: Email-Worm.Win32.Magistr.c skipped

C:\WINNT.SBS\system32\wins\j50.log Object is locked skipped

C:\WINNT.SBS\system32\wins\wins.mdb Object is locked skipped

C:\WINNT.SBS\system32\wins\winstmp.mdb Object is locked skipped

C:\WINNT.SBS\system32\__MMtmp_ Object is locked skipped

D:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07A00000\47AECCEE.VBN Infected: Backdoor.Win32.SdBot.aya skipped

D:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0B2C0001.VBN/data.rar/sa.exe/data.rar/svchost Infected: Backdoor.Win32.Iroffer.b skipped

D:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0B2C0001.VBN/data.rar/sa.exe/data.rar/install.bat Infected: Trojan.BAT.Zapchast skipped

D:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0B2C0001.VBN/data.rar/sa.exe/data.rar/lsass Infected: Backdoor.Win32.ServU-based.gen skipped

D:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0B2C0001.VBN/data.rar/sa.exe/data.rar Infected: Backdoor.Win32.ServU-based.gen skipped

D:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0B2C0001.VBN/data.rar/sa.exe Infected: Backdoor.Win32.ServU-based.gen skipped

D:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0B2C0001.VBN/data.rar Infected: Backdoor.Win32.ServU-based.gen skipped

D:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0B2C0001.VBN RarSFX: infected - 6 skipped

D:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0B2C0001.VBN CryptZ: infected - 6 skipped

D:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0B2C0006.VBN/data.rar/sa.exe/data.rar/svchost Infected: Backdoor.Win32.Iroffer.b skipped

D:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0B2C0006.VBN/data.rar/sa.exe/data.rar/install.bat Infected: Trojan.BAT.Zapchast skipped

D:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0B2C0006.VBN/data.rar/sa.exe/data.rar/lsass Infected: Backdoor.Win32.ServU-based.gen skipped

D:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0B2C0006.VBN/data.rar/sa.exe/data.rar Infected: Backdoor.Win32.ServU-based.gen skipped

D:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0B2C0006.VBN/data.rar/sa.exe Infected: Backdoor.Win32.ServU-based.gen skipped

D:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0B2C0006.VBN/data.rar Infected: Backdoor.Win32.ServU-based.gen skipped

D:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0B2C0006.VBN RarSFX: infected - 6 skipped

D:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0B2C0006.VBN CryptZ: infected - 6 skipped

D:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0B2C0008.VBN/data.rar/svchost Infected: Backdoor.Win32.Iroffer.b skipped

D:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0B2C0008.VBN/data.rar/install.bat Infected: Trojan.BAT.Zapchast skipped

D:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0B2C0008.VBN/data.rar/lsass Infected: Backdoor.Win32.ServU-based.gen skipped

D:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0B2C0008.VBN/data.rar Infected: Backdoor.Win32.ServU-based.gen skipped

D:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0B2C0008.VBN RarSFX: infected - 4 skipped

D:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0B2C0008.VBN CryptZ: infected - 4 skipped

D:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\W4R0Y8WU\n[1].exe Infected: Backdoor.Win32.SdBot.aya skipped

Scan process completed.

post #6

13/10/06, 15:59:42

AntonioG

Moderador

Registrado: may 2006

Ubicación: México

Mensajes: 3.805

Re: adware/superspider, Iroffer.A, Cookie/Atlas DMT

Hola,

El kaspersky no elimina, tal vez por esa razon siempre aparecen los virus/spywares siempre

.

Bueno, antes que nada , vacia la cuarentena de tus antivirus , Norton y Symantec Antivirus (el kaspersky detecta que casi todo ahi).

Luego elimina estos archivos (en modo seguro-prueba de fallos):
C:\WINNT.SBS\system32\unaxa.ex
D:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\W4R0Y8WU\n[1].exe

Vuelve a pasar el kaspersky online y pega el reporte a ver si ya no aparece nada...

Saludos

post #7

19/10/06, 15:09:44

lobo_x

Usuario

Registrado: sep 2006

Ubicación: Mexico

Mensajes: 15

Re: adware/superspider, Iroffer.A, Cookie/Atlas DMT

Hola y gracias por la ayuda.

Intente todo lo que me dijeron, pero le agregue a esto, la instalación de un firewall (outpost) al parecer con buenos resultados, pues aisle el virus y el troyano, erradicandolo posterirmente, al termino de esto le pase el panda online y mi antivirus con ninguna infeccion, y en casi 72 hrs. despues de la de este proceso, solo se cayo mi servicio de IIS una vez, advirtiendome el Dr. Watson de una falla en el archivo inetinfo.exe, pero siento que fué dedido a alguna afectacion que me dejaron los virus y el troyano, por lo que estaba pensado en reinstalarle el ultimo service pack, uds. que opinan?

post #8

19/10/06, 15:15:23

Hardrive

Ex-Colaborador

Registrado: abr 2006

Ubicación: N/A

Mensajes: 4.665

Re: adware/superspider, Iroffer.A, Cookie/Atlas DMT

Por ahora, volve a escaner con Kaspersky Online y peganos el reporte para ver si tu PC esta infectada.

Salu2

Linux User Registered #451400

post #9

19/10/06, 21:17:22

lobo_x

Usuario

Registrado: sep 2006

Ubicación: Mexico

Mensajes: 15

Re: adware/superspider, Iroffer.A, Cookie/Atlas DMT

Ya le pase el Kaspersky, aqui esta el log, haber que me dices HardDrive

KASPERSKY ONLINE SCANNER REPORT
Friday, October 20, 2006 12:22:52 AM
Operating System: Microsoft Windows NT, Service Pack 6a (Build 1381)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 19/10/2006
Kaspersky Anti-Virus database records: 219602

Scan Settings
Scan using the following antivirus database standard
Scan Archives true
Scan Mail Bases true

Scan Target My Computer
A:\
C:\
D:\
E:\
F:\

Scan Statistics
Total number of scanned objects 73749
Number of viruses found 0
Number of infected objects 0 / 0
Number of suspicious objects 0
Duration of the scan process 03:06:00

Infected Object Name Virus Name Last Action
C:\ExchSrvr\DSADATA\DIR.EDB Object is locked skipped

C:\ExchSrvr\DSADATA\edb.log Object is locked skipped

C:\ExchSrvr\DSADATA\temp.edb Object is locked skipped

C:\ExchSrvr\imcdata\log\L0000000.LOG Object is locked skipped

C:\ExchSrvr\imcdata\log\L0000001.LOG Object is locked skipped

C:\ExchSrvr\imcdata\log\L0000002.LOG Object is locked skipped

C:\ExchSrvr\imcdata\log\L0000003.LOG Object is locked skipped

C:\ExchSrvr\imcdata\log\L0000004.LOG Object is locked skipped

C:\ExchSrvr\imcdata\log\L0000005.LOG Object is locked skipped

C:\ExchSrvr\imcdata\log\L0000006.LOG Object is locked skipped

C:\ExchSrvr\imcdata\log\L0000007.LOG Object is locked skipped

C:\ExchSrvr\imcdata\log\L0000008.LOG Object is locked skipped

C:\ExchSrvr\imcdata\log\L0000009.LOG Object is locked skipped

C:\ExchSrvr\imcdata\log\L000000A.LOG Object is locked skipped

C:\ExchSrvr\imcdata\log\L000000B.LOG Object is locked skipped

C:\ExchSrvr\imcdata\log\L000000C.LOG Object is locked skipped

C:\ExchSrvr\imcdata\queue.dat Object is locked skipped

C:\ExchSrvr\mdbdata\edb.log Object is locked skipped

C:\ExchSrvr\mdbdata\PRIV.EDB Object is locked skipped

C:\ExchSrvr\mdbdata\PUB.EDB Object is locked skipped

C:\ExchSrvr\mdbdata\tmp.edb Object is locked skipped

C:\ExchSrvr\MTADATA\AP0.LOG Object is locked skipped

C:\ExchSrvr\MTADATA\BF0.LOG Object is locked skipped

C:\ExchSrvr\MTADATA\DB000003.DAT Object is locked skipped

C:\ExchSrvr\MTADATA\DB000028.DAT Object is locked skipped

C:\ExchSrvr\MTADATA\DB00002F.DAT Object is locked skipped

C:\ExchSrvr\MTADATA\DB000030.DAT Object is locked skipped

C:\ExchSrvr\MTADATA\DB000031.DAT Object is locked skipped

C:\ExchSrvr\MTADATA\DB000032.DAT Object is locked skipped

C:\ExchSrvr\MTADATA\DB000033.DAT Object is locked skipped

C:\ExchSrvr\MTADATA\DBREFS Object is locked skipped

C:\ExchSrvr\MTADATA\EV0.LOG Object is locked skipped

C:\INetPub\Catalog.wci\00000002.prp Object is locked skipped

C:\INetPub\Catalog.wci\cicat.hsh Object is locked skipped

C:\INetPub\Catalog.wci\CiCL0001.000 Object is locked skipped

C:\INetPub\Catalog.wci\CiPS0000.000 Object is locked skipped

C:\INetPub\Catalog.wci\CiPT0000.000 Object is locked skipped

C:\INetPub\Catalog.wci\CiSL0001.000 Object is locked skipped

C:\INetPub\Catalog.wci\CiSP0000.000 Object is locked skipped

C:\INetPub\Catalog.wci\CiST0000.000 Object is locked skipped

C:\INetPub\Catalog.wci\CiVP0000.000 Object is locked skipped

C:\INetPub\Catalog.wci\INDEX.000 Object is locked skipped

C:\INetPub\Catalog.wci\propstor.bkp Object is locked skipped

C:\WINNT\TEMP\ESICS.DAT Object is locked skipped

C:\WINNT\TEMP\~DFEAAA.tmp Object is locked skipped

C:\WINNT.SBS\NETLOGON.CHG Object is locked skipped

C:\WINNT.SBS\Profiles\Administrator\Cookies\index. dat Object is locked skipped

C:\WINNT.SBS\Profiles\Administrator\History\Histor y.IE5\index.dat Object is locked skipped

C:\WINNT.SBS\Profiles\Administrator\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\WINNT.SBS\Profiles\Administrator\NTUSER.DAT Object is locked skipped

C:\WINNT.SBS\Profiles\Administrator\ntuser.dat.LOG Object is locked skipped

C:\WINNT.SBS\Profiles\Default User\Cookies\index.dat Object is locked skipped

C:\WINNT.SBS\Profiles\Default User\History\History.IE5\index.dat Object is locked skipped

C:\WINNT.SBS\Profiles\Default User\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\WINNT.SBS\SchedLog.Txt Object is locked skipped

C:\WINNT.SBS\system32\config\AppEvent.Evt Object is locked skipped

C:\WINNT.SBS\system32\config\default Object is locked skipped

C:\WINNT.SBS\system32\config\default.LOG Object is locked skipped

C:\WINNT.SBS\system32\config\SAM Object is locked skipped

C:\WINNT.SBS\system32\config\SAM.LOG Object is locked skipped

C:\WINNT.SBS\system32\config\SecEvent.Evt Object is locked skipped

C:\WINNT.SBS\system32\config\SECURITY Object is locked skipped

C:\WINNT.SBS\system32\config\SECURITY.LOG Object is locked skipped

C:\WINNT.SBS\system32\config\software Object is locked skipped

C:\WINNT.SBS\system32\config\software.LOG Object is locked skipped

C:\WINNT.SBS\system32\config\SysEvent.Evt Object is locked skipped

C:\WINNT.SBS\system32\config\system Object is locked skipped

C:\WINNT.SBS\system32\config\SYSTEM.ALT Object is locked skipped

C:\WINNT.SBS\system32\dhcp\dhcp.mdb Object is locked skipped

C:\WINNT.SBS\system32\dhcp\Dhcp.tmp Object is locked skipped

C:\WINNT.SBS\system32\dhcp\DhcpSrvLog.Thu Object is locked skipped

C:\WINNT.SBS\system32\dhcp\j50.log Object is locked skipped

C:\WINNT.SBS\system32\DNS\dns.log Object is locked skipped

C:\WINNT.SBS\system32\DTCLog\DTCXATM.LOG Object is locked skipped

C:\WINNT.SBS\system32\DTCLog\msdtc.log Object is locked skipped

C:\WINNT.SBS\system32\LogFiles\W3SVC1\ex061019.log Object is locked skipped

C:\WINNT.SBS\system32\msplogs\W3061019.log Object is locked skipped

C:\WINNT.SBS\system32\msplogs\WS061017.log Object is locked skipped

C:\WINNT.SBS\system32\wins\j50.log Object is locked skipped

C:\WINNT.SBS\system32\wins\wins.mdb Object is locked skipped

C:\WINNT.SBS\system32\wins\winstmp.mdb Object is locked skipped

C:\WINNT.SBS\system32\__MMtmp_ Object is locked skipped

Scan process completed.

post #10

19/10/06, 23:03:12

Fulgore

Ex-Colaborador

Registrado: jun 2006

Ubicación: Colombia (Medellin)

Mensajes: 1.415

Re: adware/superspider, Iroffer.A, Cookie/Atlas DMT

Hola (permisin Hard)

Bueno, el reporte del kaspersky esta limpio... Tienes aun problemas?

Intenta descargar e instalar la herramienta MWAV Lee bien su manual, (ahi mismo esta)
y pegas correctamente su log.

Estaremos atentos
Suerte

Novedades del Foro | Antivirus Online | Eliminar Malwares | Políticas del Foro | Blog

* Ayúdanos haciendo una DONACIÓN para poder seguir Ayudando.
* Para evitar Virus y Spywares al navegar por internet, USE FIREFOX !!
* No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

Página 1 de 2

« Tema Anterior | Próximo Tema »

Herramientas
Mostrar Versión Imprimible Enviar por Correo

Reglas del foro
No puedes crear nuevos temas No puedes responder temas No puedes subir adjuntos No puedes editar tus mensajes BB code is activado Las caritas están activado Código [IMG] está activado Código HTML está desactivado Trackbacks are desactivado Pingbacks are activado Refbacks are activado Políticas del foro

Temas Similares

Tema	Autor	Foro	Respuestas	Último mensaje
dialer italiano(otro mas) (Formateo)	pecho_lobo	Temas Solucionados	21	08/04/07 15:46:42
no puedo remover el atlas dmt cookie (Solucionado)	Alucardo	Temas Solucionados	2	25/07/06 14:33:26
.LOOK2ME, command, atlas dmt cookie, y muchos mas	zahrita	Foro Oficial de HijackThis en español	9	21/06/06 23:58:34
eliminar spyware cookie/atlas DMT	alvaroo	Foro de Virus y Spywares	1	08/01/06 12:52:21

Todas las horas son GMT -4. La hora es 00:48:02.

InfoSpyware es miembro de ASAP - Alliance of Security Analysis Professionals

Foro de InfoSpyware - Foro de Hijackthis - Foro de Virus