| |||||||
| Foro Oficial de HijackThis en español Analizamos tu log de HijackThis para eliminar Hijackers, Spyware, Adware, ToolBars, Virus, Troyanos y Malwares en gral. Antes lea las Políticas del Foro de HijackThis. |
 |
| | Enviar a: | Herramientas |
 | 
27/11/06, 14:27:53
|  |
| ||||
| Re: Smitfraud - Procesador saturado y pop-ups de falso Messenger indicando fallas Hola ya que algunos problemas parecen directamente de tu equipo mas aya de que sea un malware, yo te recomendaria primeramente Formatear. Si los problemas continuan despues de esto ya puede que tengas algun problema en el Hardware y te lo este haciendo resestear. Salu2 Ausente hasta el 15 de Oct. En viaje al EISI 2009 (Colombia) Novedades del Foro | Antivirus Online | Eliminar Malwares | Políticas del Foro | Blog * Ayúdanos haciendo una DONACIÓN para poder seguir Ayudando. * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro. |
| InfoSpyware | ||
| |
|
28/11/06, 12:54:26
| |
| |||
| Re: Smitfraud - Procesador saturado y pop-ups de falso Messenger indicando fallas Hola. Te agradezco el link a las FAQ's sobre Windows. Me ayudó a aclarar algunas dudas sobre los procesos internos en los SO's. Con respecto a la sugerencia de FORMATEAR, te digo que ya estaba pensando en esa última posibilidad, pero como no tengo el control de la grabadora de CD para hacer un back up de lo más importante, todavía quiero rescatar el disco venciendo al malware. (Tozudez u obstinación, pero quiero derrotarlo). Y YA CASI LO TENGO!!!  Usé la última carta que me quedaba: Pasar el F-Prot y el McAfee que conseguí en un DVD. Debía hacerlo en DOS y previamente cargar las últimas definiciones bajadas a un archivo a crear en C:\VDEFS. Tuve que arrancar en Modo Seguro y al invocar el F-Prot y el McAfee sucesivamente, se abrió una ventana de cmd. para operar en DOS. La ejecución de F-Prot me llevó mucho tiempo porque le pedí confirmación, y fueron 200 casos descubiertos! Pero para colmo de males no consiguió eliminar el W32/Sality.t que encontró. Cuando corrí el McAfee, éste salió en automático, y en aprox. 1 hora me liquidó prácticamente todo el malware que veníamos detectando con el AdAware, el SpyBot S&D y el Spy sweeper. Éste encontró más de 350 casos!!! Verás que estaba efectivamente el Vundo, además de otros troyanos, como el QDial-46 y el DollarRevenue. También el W32Sdbot.bat, el W32/Sdbot.worm.gen.I; el Adware-Isearch; el W32/Sdbot.worm!ftp; el W32/Sdbot.worm.gen.ax y ...gen.ca; el W32/Generic.b.worm. Pero el 99% de las apariciones fueron del W32/Sality.t virus. Todavía no puedo cantar victoria total, porque verás al final del reporte que el W32/Sality.t.dll NO LO BORRÓ, tal vez por estar en memoria, en el C:\WiNDOWS\SYSTEM32\wdmfmc32.dll (esa famosa dll que se resiste a ser borrada.) Sí la borró en 2 apariciones más en otros archivos en otras ubicaciones. Te pego el Reporte del F-Prot primero, para que veas las diferencias con el McAfee, que detectó el mismo virus en tantas más ubicaciones, y encima lo eliminó: Virus scanning report - 28 November 2006 @ 1:17 F-PROT ANTIVIRUS Program version: 3.16f Engine version: 3.16.13 VIRUS SIGNATURE FILES SIGN.DEF created 28 July 2006 SIGN2.DEF created 28 July 2006 MACRO.DEF created 28 July 2006 Search: Local hard disks Action: Disinfect/Query Files: Attempt to identify files Switches: /ARCHIVE /PACKED /BEEP /NOFLOPPY No viruses found in memory. Hard disk boot sectors were not scanned. Scanning C: C:\!KILLBOX\CSRS.EXE is a security risk named W32/Poebot.BC@bd File deleted. C:\!KILLBOX\SPOOLSV.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\!KILLBOX\WDMFMC32.DLL Infection: W32/Sality.W File deleted. C:\!KILLBOX\WDMFMC~1.DLL Infection: W32/Sality.W File deleted. C:\!KILLBOX\WDMFMC~2.DLL Infection: W32/Sality.W File deleted. C:\!KILLBOX\WINLOGON.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\ADOBE\ACROBA~1.0\READER\ACRORD32.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\ALWILS~1\AVAST4\ASHSKPCC.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\ALWILS~1\AVAST4\ASHSKPCK.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\ALWILS~1\AVAST4\ASWREG~1.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\ARCHIV~1\INSTAL~1\ENGINE\6\INTEL3~1\IK ERNEL.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\ARCHIV~1\JAVA\UPDATE\BASEIM~1\JRE150~1 .B64\PATCH-~1.B05\LAUNCHER.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\ARCHIV~1\JAVA\UPDATE\BASEIM~1\JRE150~1 .B64\PATCH-~1.B05\ZIPPER.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\ARCHIV~1\MICROS~1\ARTGALRY\ARTGALRY.EX E Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\ARCHIV~1\MICROS~1\ARTGALRY\CAG.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\ARCHIV~1\MICROS~1\MSINFO\MSINFO32.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\ARCHIV~1\MICROS~1\MSINFO\OFFPROV.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\ARCHIV~1\MICROS~1\PHOTOED\PHOTOED.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\ARCHIV~1\MICROS~1\WEBSER~1\40\BIN\CFGW IZ.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\ARCHIV~1\MICROS~1\WEBSER~1\40\BIN\FPRE MADM.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\ARCHIV~1\MICROS~1\WEBSER~1\40\BIN\FPSE RVER.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\ARCHIV~1\MICROS~1\WEBSER~1\40\BIN\FPSR VADM.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\ARCHIV~1\MICROS~1\WEBSER~1\40\BIN\HTIM AGE.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\ARCHIV~1\MICROS~1\WEBSER~1\40\BIN\IMAG EMAP.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\ARCHIV~1\MICROS~1\WEBSER~1\40\BIN\TCPT EST.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\ARCHIV~1\MICROS~1\WEBSER~1\40\ISAPI\FP COUNT.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\ARCHIV~1\MICROS~1\WEBSER~1\40\_VTI_BIN \FPCOUNT.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\ARCHIV~1\MICROS~1\WEBSER~1\40\_VTI_BIN \SHTML.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\ARCHIV~1\MICROS~1\WEBSER~1\40\_VTI_BIN \_VTI_ADM\ADMIN.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\ARCHIV~1\MICROS~1\WEBSER~1\40\_VTI_BIN \_VTI_AUT\AUTHOR.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\CA-85UR\ADSL\CNXADSLL.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\CA-85UR\ADSL\CNXDSLTB.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\CA-85UR\ADSL\CNXUNIST.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\EQUIS\METAST~1\FORMORG.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\EQUIS\METAST~1\MSWIN.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\EQUIS\METAST~1\STARTQS.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\EQUIS\METAST~1\SERVERS\EQDATSRV.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\EQUIS\METAST~1\SERVERS\EQDDESRV.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\EQUIS\METAST~1\SERVERS\EQFILSRV.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\EQUIS\METAST~1\SERVERS\EQRTCNFG.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\EQUIS\OPTION~1\OSCOPE.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\EQUIS\THEDOW~1\DLWIN.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\EQUIS\THEDOW~1\QCENTER.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\HJT\ANALYSE.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\INSTAL~1\{9806B~1\SETUP.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\INTERN~1\DW15.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\INTERN~1\IEXPLORE.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\INTERN~1\CONNEC~1\ICWCONN1.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\INTERN~1\CONNEC~1\ICWCONN2.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\INTERN~1\CONNEC~1\ICWRMIND.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\INTERN~1\CONNEC~1\ICWTUTOR.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\INTERN~1\CONNEC~1\INETWIZ.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\INTERN~1\CONNEC~1\ISIGNUP.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\INTERN~1\DESINS~1\W2KEXCP.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\INTERN~1\SETUP\IEBATCH.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\INTERN~1\SETUP\SETUP.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\INTERN~1\W2K\EXPINST.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\JAVA\JRE15~1.0_0\BIN\JAVA.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\JAVA\JRE15~1.0_0\BIN\JAVACPL.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\JAVA\JRE15~1.0_0\BIN\JAVAW.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\JAVA\JRE15~1.0_0\BIN\JAVAWS.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\JAVA\JRE15~1.0_0\BIN\JUCHECK.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\JAVA\JRE15~1.0_0\BIN\JUSCHED.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\JAVA\JRE15~1.0_0\BIN\KEYTOOL.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\JAVA\JRE15~1.0_0\BIN\KINIT.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\JAVA\JRE15~1.0_0\BIN\KLIST.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\JAVA\JRE15~1.0_0\BIN\KTAB.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\JAVA\JRE15~1.0_0\BIN\ORBD.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\JAVA\JRE15~1.0_0\BIN\PACK200.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\JAVA\JRE15~1.0_0\BIN\POLICY~1.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\JAVA\JRE15~1.0_0\BIN\RMID.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\JAVA\JRE15~1.0_0\BIN\RMIREG~1.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\JAVA\JRE15~1.0_0\BIN\SERVER~1.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\JAVA\JRE15~1.0_0\BIN\TNAMES~1.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\JAVA\JRE15~1.0_0\BIN\UNPACK~1.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\LAVASOFT\AD-AWA~1\AD-AWARE.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\LAVASOFT\AD-AWA~1\UNREGAAW.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\LAVASOFT\AD-AWA~1\UNWISE.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\MICROH~1.5\MHSPLAT.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\MICROH~1.5\MONITOR.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\MICROH~1.5\REGISTER.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\MICROH~1.5\REGRMDR.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\MICROH~1.5\REMIND32.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\MICROH~1.5\REMUNI32.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\MICROH~1.5\UNINSTAL.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\MICROS~1\OFFICE\EXCEL.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\MICROS~1\OFFICE\FINDER.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\MICROS~1\OFFICE\FRONTPG.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\MICROS~1\OFFICE\GRAPH9.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\MICROS~1\OFFICE\MSACCESS.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\MICROS~1\OFFICE\MSIMPORT.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\MICROS~1\OFFICE\MSOHTMED.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\MICROS~1\OFFICE\OSA9.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\MICROS~1\OFFICE\OTUNEUP.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\MICROS~1\OFFICE\OUTLOOK.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\MICROS~1\OFFICE\POWERPNT.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\MICROS~1\OFFICE\VTIDISC.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\MICROS~1\OFFICE\VTIFORM.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\MICROS~1\OFFICE\VTIPRES.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\MICROS~1\OFFICE\WAVTOASF.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\MICROS~1\OFFICE\WINWORD.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\MICROS~1\OFFICE\3082\MSOHELP.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\MICROS~1\OFFICE\3082\OLFMOD32.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\MICROS~1\OFFICE\3082\PROJWIZ.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\MICROS~1\OFFICE\3082\WRKGADM.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\MICROS~2\VERSION3.0\BIN\FPSRVADM.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\MICROS~2\VERSION3.0\BIN\FPSRVWIN.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\MICROS~4\MSSCRDBG.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\MSNMES~1\MSMSGS.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\MSNMES~1\MSNMSGR.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\NETMEE~1\CB32.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\NETMEE~1\CONF.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\NETMEE~1\WB32.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\OUTLOO~1\MSIMN.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\OUTLOO~1\OEMIG50.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\OUTLOO~1\SETUP50.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\OUTLOO~1\WAB.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\OUTLOO~1\WABMIG.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\PD\PD.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\SPYWAR~1\SBAUTO~1.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\SPYWAR~1\SPYWAR~1.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\SUPPOR~1\ACLDIAG.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\SUPPOR~1\APCOMPAT.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\SUPPOR~1\APMSTAT.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\SUPPOR~1\BROWSTAT.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\SUPPOR~1\DCDIAG.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\SUPPOR~1\DEPENDS.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\SUPPOR~1\DFSUTIL.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\SUPPOR~1\DNSCMD.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\SUPPOR~1\DSACLS.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\SUPPOR~1\DSASTAT.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\SUPPOR~1\DSKPROBE.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\SUPPOR~1\DUMPCHK.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\SUPPOR~1\FILEVER.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\SUPPOR~1\GFLAGS.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\SUPPOR~1\KILL.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\SUPPOR~1\KSETUP.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\SUPPOR~1\KTPASS.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\SUPPOR~1\LDP.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\SUPPOR~1\MEMSNAP.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\SUPPOR~1\MOVETREE.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\SUPPOR~1\MSICUU.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\SUPPOR~1\MSIZAP.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\SUPPOR~1\NETDIAG.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\SUPPOR~1\NETDOM.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\SUPPOR~1\NLTEST.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\SUPPOR~1\PMON.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\SUPPOR~1\POOLMON.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\SUPPOR~1\PPTPCLNT.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\SUPPOR~1\PPTPSRV.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\SUPPOR~1\PVIEWER.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\SUPPOR~1\REG.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\SUPPOR~1\REMOTE.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\SUPPOR~1\REPADMIN.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\SUPPOR~1\REPLMON.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\SUPPOR~1\RSDIAG.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\SUPPOR~1\RSDIR.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\SUPPOR~1\SDCHECK.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\SUPPOR~1\SHOWACCS.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\SUPPOR~1\SIDWALK.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\SUPPOR~1\SNMPUT~1.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\SUPPOR~1\TLIST.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\SUPPOR~1\WINDIFF.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\SUPPOR~1\WSREMOTE.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\WEATHE~1\UNINST~1.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\WEATHE~1\WEATHE~1.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\WEBROOT\SPYSWE~1\SAFESW~1.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\WEBROOT\SPYSWE~1\SETTINGS.DAT Not scanned (in use by another application) C:\ARCHIV~1\WEBROOT\SPYSWE~1\SPYSWE~1.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\WEBROOT\SPYSWE~1\SSU.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\WEBROOT\SPYSWE~1\WRSSHP.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\WINAMP\WINAMP.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\WINAMP\WINAMPA.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\WINDOW~2\LOGAGENT.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\WINDOW~2\MIGRATE.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\WINDOW~2\MPLAYER2.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\WINDOW~2\SETUP_WM.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\WINDOW~2\WMPLAYER.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\WINDOW~2\ROXIO\WMBURN.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\WINDOW~3\HYPERTRM.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\WINDOW~3\ACCESO~1\WORDPAD.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\WINDOW~3\ACCESO~1\IMAGEVUE\KODAKIMG.EX E Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\WINDOW~3\ACCESO~1\IMAGEVUE\KODAKPRV.EX E Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\WINDOW~3\PINBALL\PINBALL.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\WINPOET\REMOTE1.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\WINPOET\REMOTE2.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\WINPOET\REMOTE3.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\WINPOET\WINPPP~1.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\ARCHIV~1\WINZIP\WINZIP32.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\DOCUME~1\DEFAUL~1\CONFIG~1\ARCHIV~1\CONTENT.IE5 \4ZERELI5\BROWSE~1.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\DOCUME~1\DEFAUL~1\CONFIG~1\ARCHIV~1\CONTENT.IE5 \4ZERELI5\DFNDRF~1.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\DOCUME~1\DEFAUL~1\CONFIG~1\ARCHIV~1\CONTENT.IE5 \6P2RIVUR\BROWSE~1.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\DOCUME~1\DEFAUL~1\CONFIG~1\ARCHIV~1\CONTENT.IE5 \6P2RIVUR\KYBRDF~1.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\DOCUME~1\DEFAUL~1\CONFIG~1\ARCHIV~1\CONTENT.IE5 \6P2RIVUR\NWNMFF~1.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\DOCUME~1\DEFAUL~1\CONFIG~1\ARCHIV~1\CONTENT.IE5 \CL2N8XQJ\BROWSE~1.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\DOCUME~1\DEFAUL~1\CONFIG~1\ARCHIV~1\CONTENT.IE5 \CL2N8XQJ\BROWSE~2.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\DOCUME~1\DEFAUL~1\CONFIG~1\ARCHIV~1\CONTENT.IE5 \CL2N8XQJ\BROWSE~4.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\DOCUME~1\DEFAUL~1\CONFIG~1\ARCHIV~1\CONTENT.IE5 \OPE3CH6F\BROWSE~1.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\DOCUME~1\DEFAUL~1\CONFIG~1\ARCHIV~1\CONTENT.IE5 \OPE3CH6F\BROWSE~2.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\DOCUME~1\DEFAUL~1\CONFIG~1\ARCHIV~1\CONTENT.IE5 \OPE3CH6F\BROWSE~3.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\DOCUME~1\DEFAUL~1\CONFIG~1\ARCHIV~1\CONTENT.IE5 \OPE3CH6F\BROWSE~4.EXE Infection: W32/Sality.AB Unable to remove the virus. C:\DOCUME~1\GUSTAVO\NTUSER.DAT Not scanned (in use by another application) C:\DOCUME~1\GUSTAVO\NTUSER~1.LOG Not scanned (in use by another application) C:\DOCUME~1\GUSTAVO\CONFIG~1\TEMP\WINLJGDD.EXE Infection: W32/Sality.AB Unable to remove the virus. Results of virus scanning: Files: 4254 MBRs: 0 Boot sectors: 0 Objects scanned: 40148 Infected: 200 Suspicious: 1 Disinfected: 0 Deleted: 4 Renamed: 0 Time: 117:51 Lo que es evidente es que el virus se metió en archivos de cada programa que bajé a la PC, o que instalé u operé mientras estaba dentro. Así se contaminaron no sólo el W2K sino también los antivirus que bajé de los links de Uds., entre ellos el Killbox, el VundoFix, y varios otros, como verás en el detalle. Después te paso el del McAfee para ver todo lo más que detectó. Gracias hasta ahora! |
|
« Tema Anterior
|
Próximo Tema »
| Herramientas | |
| |
| 
Temas Similares | |
| Tema | Autor | Foro | Respuestas | Último mensaje |
| Muy Buenas tardes. Trojan DomCom ayuda ¿Podrían revisar mi log?. Gracias. | faeton | Foro de Software | 12 | 29/09/06 11:20:37 |
| Necesito ayuda..Paginas Web Abren y cierran solas en menos de 1 seg. (Solucionado) | ARCV | Temas Solucionados | 5 | 26/08/06 08:01:47 |
| "Doce boletines de seguridad de Microsoft en agosto" | kontainer | Últimas Noticias | 2 | 20/08/06 01:40:57 |
| Dialer.PZ; winhdn32.dll; inject.exe y vsnpmi03.exe(Solucionado) | Carlos Franco | Temas Solucionados | 9 | 04/08/06 23:29:34 |
| cozumel les saluda, SpySpotter3, (solucionado) | cozumel | Temas Solucionados | 4 | 09/07/06 21:21:31 |
Todas las horas son GMT -4. La hora es 00:52:33.
