Hola a todos, os voy a contar un problemilla por si tuvieseis alguna solucio:
Quería ponerle contraseña a mi usb y me descargue un programilla del emule, al ejecutarlo ( y lo raro es que el antivirus no lo detectara ) no ocurrio nada pero vi como el icono del Kasperski 2006 desaparecio del escritorio, al ratito me salio el aviso de que era un virus, pero ya era tarde. Se cargó el antivirus.
Bueno pues dicho esto lo desinstalé y lo volvi a instalar pero me dice que no es una aplicacion apta para win 32, vale, pues he probado con otros 3 mas y los instalo pero me sigue diciendo lo mismo, y le he pasado un antivirus online y me dice que está limpio.
Que hago hay alguna solucion o me toca formatear mi maquina.
Gracias de antemano.
ME DESHABILITA EL ANTIVIRUS (SOLUCIONADO)
-
msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Cada día hay de promedio mas de 100 nuevas variantes de malwares ...
Posteanos log del HJT y lo analizaremos:
[b]
[color=yellow]HJT : (HiJackThis)[/color] [/b]
[i]¿Como utilizar el Hijackthis ?[/i]
Lo primero que debemos hacer es descargarlo en nuestro ordenador y ubicarlo en una carpeta propia C:\HijackThis\
Ejecútarlo y presionar el botón "[b]Do a system scan and save a logfile[/b]
Se abrirá el Bloc de Notas, copia todo el contenido y pégalo como respuesta de este Tema
·[url=http://www.zonavirus.com/descargas/trendmicro-hijackthis.asp][b]Descargar Hijackthis[/b] [/url]
Tras analizarlo, informaremos
saludos
ms, 26-1-2008
Posteanos log del HJT y lo analizaremos:
[i]¿Como utilizar el Hijackthis ?
Lo primero que debemos hacer es descargarlo en nuestro ordenador y ubicarlo en una carpeta propia C:\HijackThis\
Ejecútarlo y presionar el botón "
Se abrirá el Bloc de Notas, copia todo el contenido y pégalo como respuesta de este Tema
·
Tras analizarlo, informaremos
saludos
ms, 26-1-2008
msc hotline sat Virus Research Engineer Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
-
msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Mira si arrancando en modo segur0 puedes lanzar el ELITRIIP y el ELISTARA y nos informas:
[b] ELITRIIP: [/b]
http://www.zonavirus.com/descargas/elitriip.asp
[b] ELISTARA: [/b]
http://www.zonavirus.com/descargas/elistara.asp
Tras probarlo, reiniciar y postearnos el contenido de C:\infosat.txt para ver el resultado del proceso
saludos
ms, 26-1-2008
Tras probarlo, reiniciar y postearnos el contenido de C:\infosat.txt para ver el resultado del proceso
saludos
ms, 26-1-2008
msc hotline sat Virus Research Engineer Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
Buenas de nuevo, he hecho lo que me pusiste y ha pasdo lo siguiente:
1º Al iniciar windows en modo seguro me pega un pantallazo azul de error diciendo que windows se apaga por un problema noseque, solo queda reiniciar y en modo normal funciona todo bien.
2º el archivo elitriip no me deja ejecutarlo pues me dice que utilice la ultima version n disponible, pero es esa asi que no lo he podido ejecutar. El Elistara si.
3º He cosiguido pasarle el antivirus online de Kasperski y valla tela hay mas basura de la que me esperaba.
Te mando los archivos del kasperski en uno analicé todo el Pc y en otro las areas criticas, y en el otro es el Infosat.txt del elistara.
No se que puedo hacer con tanto bichito sería buena opcion eliminar los archivos uno a uno con el explorador?????
Gracias
1º Al iniciar windows en modo seguro me pega un pantallazo azul de error diciendo que windows se apaga por un problema noseque, solo queda reiniciar y en modo normal funciona todo bien.
2º el archivo elitriip no me deja ejecutarlo pues me dice que utilice la ultima version n disponible, pero es esa asi que no lo he podido ejecutar. El Elistara si.
3º He cosiguido pasarle el antivirus online de Kasperski y valla tela hay mas basura de la que me esperaba.
Te mando los archivos del kasperski en uno analicé todo el Pc y en otro las areas criticas, y en el otro es el Infosat.txt del elistara.
No se que puedo hacer con tanto bichito sería buena opcion eliminar los archivos uno a uno con el explorador?????
Gracias
- Adjuntos
-
- Todo.txt
- Archivo del analisis del Pc con el Kasperski online
- (38.71 KiB) Descargado 14 veces
-
- areas criticas.txt
- Archivo del analisis de las areas criticas con el Kasperski online
- (9.55 KiB) Descargado 11 veces
-
- InfoSat.txt
- registro del Elistara
- (769 Bytes) Descargado 13 veces
-
msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Se vislumbra un Bagle... Prueba el ELIBAGLA:
ELIBAGLA:
http://www.zonavirus.com/descargas/elibagla.asp
Tras probarlo, reiniciar y postearnos el contenido de C:\infosat.txt para ver el resultado del proceso (con un copiar y pegar)
saludos
ms, 27-1-2008
ELIBAGLA:
Tras probarlo, reiniciar y postearnos el contenido de C:\infosat.txt para ver el resultado del proceso (con un copiar y pegar)
saludos
ms, 27-1-2008
msc hotline sat Virus Research Engineer Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
Vale lo primero es que tengo Win Xp Sp2. pero aparece el vist* que me estoy descargando. y para que veais el estado de la maquina bien os voy a postear por partes los informes de los antivirus:
Este es el log del Elibagle:
Sun Jan 27 21:13:07 2008
EliBagle v10.92 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad I:\
Nº Total de Directorios: 5122
Nº Total de Ficheros: 62774
Nº de Ficheros Analizados: 12206
Nº de Ficheros Infectados: 1
Nº de Ficheros Limpiados: 0
Este es el log del Elibagle:
Sun Jan 27 21:13:07 2008
EliBagle v10.92 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad I:\
Nº Total de Directorios: 5122
Nº Total de Ficheros: 62774
Nº de Ficheros Analizados: 12206
Nº de Ficheros Infectados: 1
Nº de Ficheros Limpiados: 0
Ahora os pongo el informe del kasper despues de analizar las areas criticas:
KASPERSKY ONLINE SCANNER REPORT
Sunday, January 27, 2008 1:02:03 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 26/01/2008
Kaspersky Anti-Virus database records: 533629
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - Critical Areas:
I:\WINDOWS
I:\DOCUME~1\-CHIP-~1\CONFIG~1\Temp\
Scan Statistics:
Total number of scanned objects: 22313
Number of viruses found: 5
Number of infected objects: 9
Number of suspicious objects: 0
Duration of the scan process: 01:44:42
Infected Object Name / Virus Name / Last Action
I:\WINDOWS\$hf_mig$\KB890859\SP2GDR\ntkrnlpa.exe Object is locked skipped
I:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe Object is locked skipped
I:\WINDOWS\$hf_mig$\KB929338\SP2QFE\ntkrnlpa.exe Object is locked skipped
I:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntkrnlpa.exe Object is locked skipped
I:\WINDOWS\$NtServicePackUninstall$\ntkrnlpa.exe Object is locked skipped
I:\WINDOWS\$NtUninstallKB890859$\ntkrnlpa.exe Object is locked skipped
I:\WINDOWS\$NtUninstallKB890859_0$\ntkrnlpa.exe Object is locked skipped
I:\WINDOWS\$NtUninstallKB929338$\ntkrnlpa.exe Object is locked skipped
I:\WINDOWS\$NtUninstallKB931784$\ntkrnlpa.exe Object is locked skipped
I:\WINDOWS\AutoUpdateWin31.dll Infected: not-a-virus:AdWare.Win32.Agent.bm skipped
I:\WINDOWS\AutoUpdateWin32.exe Infected: not-a-virus:AdWare.Win32.Agent.ed skipped
I:\WINDOWS\AutoUpdateWin33.exe Infected: not-a-virus:AdWare.Win32.Agent.bm skipped
I:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
I:\WINDOWS\Driver Cache\i386\ntkrnlpa.exe Object is locked skipped
I:\WINDOWS\SchedLgU.Txt Object is locked skipped
I:\WINDOWS\ServicePackFiles\i386\ntkrnlpa.exe Object is locked skipped
I:\WINDOWS\Sti_Trace.log Object is locked skipped
I:\WINDOWS\system32\app_filter_ui.log Object is locked skipped
I:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
I:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
I:\WINDOWS\system32\closeapp.exe Infected: not-a-virus:RiskTool.Win32.CloseApp.a skipped
I:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
I:\WINDOWS\system32\config\default Object is locked skipped
I:\WINDOWS\system32\config\default.LOG Object is locked skipped
I:\WINDOWS\system32\config\Internet.evt Object is locked skipped
I:\WINDOWS\system32\config\SAM Object is locked skipped
I:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
I:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
I:\WINDOWS\system32\config\SECURITY Object is locked skipped
I:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
I:\WINDOWS\system32\config\software Object is locked skipped
I:\WINDOWS\system32\config\software.LOG Object is locked skipped
I:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
I:\WINDOWS\system32\config\system Object is locked skipped
I:\WINDOWS\system32\config\system.LOG Object is locked skipped
I:\WINDOWS\system32\drivers\atapi.sys Object is locked skipped
I:\WINDOWS\system32\drivers\hldrrr.exe Infected: Trojan-Downloader.Win32.Bagle.ir skipped
I:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped
I:\WINDOWS\system32\h323log.txt Object is locked skipped
I:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped
I:\WINDOWS\system32\mdelk.exe Infected: Email-Worm.Win32.Bagle.of skipped
I:\WINDOWS\system32\nmp.log Object is locked skipped
I:\WINDOWS\system32\vimc.exe/WISE0005.BIN Infected: not-a-virus:RiskTool.Win32.CloseApp.a skipped
I:\WINDOWS\system32\vimc.exe WiseSFX: infected - 1 skipped
I:\WINDOWS\system32\VITrans\ntkrnlpa.exe Object is locked skipped
I:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
I:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
I:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
I:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
I:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
I:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
I:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
I:\WINDOWS\system32\_nvidia_xxx_.log Object is locked skipped
I:\WINDOWS\wiadebug.log Object is locked skipped
I:\WINDOWS\wiaservc.log Object is locked skipped
I:\WINDOWS\WindowsUpdates.exe Infected: not-a-virus:AdWare.Win32.Agent.bm skipped
I:\DOCUME~1\-CHIP-~1\CONFIG~1\Temp\~DF9097.tmp Object is locked skipped
Scan process completed.
KASPERSKY ONLINE SCANNER REPORT
Sunday, January 27, 2008 1:02:03 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 26/01/2008
Kaspersky Anti-Virus database records: 533629
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - Critical Areas:
I:\WINDOWS
I:\DOCUME~1\-CHIP-~1\CONFIG~1\Temp\
Scan Statistics:
Total number of scanned objects: 22313
Number of viruses found: 5
Number of infected objects: 9
Number of suspicious objects: 0
Duration of the scan process: 01:44:42
Infected Object Name / Virus Name / Last Action
I:\WINDOWS\$hf_mig$\KB890859\SP2GDR\ntkrnlpa.exe Object is locked skipped
I:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe Object is locked skipped
I:\WINDOWS\$hf_mig$\KB929338\SP2QFE\ntkrnlpa.exe Object is locked skipped
I:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntkrnlpa.exe Object is locked skipped
I:\WINDOWS\$NtServicePackUninstall$\ntkrnlpa.exe Object is locked skipped
I:\WINDOWS\$NtUninstallKB890859$\ntkrnlpa.exe Object is locked skipped
I:\WINDOWS\$NtUninstallKB890859_0$\ntkrnlpa.exe Object is locked skipped
I:\WINDOWS\$NtUninstallKB929338$\ntkrnlpa.exe Object is locked skipped
I:\WINDOWS\$NtUninstallKB931784$\ntkrnlpa.exe Object is locked skipped
I:\WINDOWS\AutoUpdateWin31.dll Infected: not-a-virus:AdWare.Win32.Agent.bm skipped
I:\WINDOWS\AutoUpdateWin32.exe Infected: not-a-virus:AdWare.Win32.Agent.ed skipped
I:\WINDOWS\AutoUpdateWin33.exe Infected: not-a-virus:AdWare.Win32.Agent.bm skipped
I:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
I:\WINDOWS\Driver Cache\i386\ntkrnlpa.exe Object is locked skipped
I:\WINDOWS\SchedLgU.Txt Object is locked skipped
I:\WINDOWS\ServicePackFiles\i386\ntkrnlpa.exe Object is locked skipped
I:\WINDOWS\Sti_Trace.log Object is locked skipped
I:\WINDOWS\system32\app_filter_ui.log Object is locked skipped
I:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
I:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
I:\WINDOWS\system32\closeapp.exe Infected: not-a-virus:RiskTool.Win32.CloseApp.a skipped
I:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
I:\WINDOWS\system32\config\default Object is locked skipped
I:\WINDOWS\system32\config\default.LOG Object is locked skipped
I:\WINDOWS\system32\config\Internet.evt Object is locked skipped
I:\WINDOWS\system32\config\SAM Object is locked skipped
I:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
I:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
I:\WINDOWS\system32\config\SECURITY Object is locked skipped
I:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
I:\WINDOWS\system32\config\software Object is locked skipped
I:\WINDOWS\system32\config\software.LOG Object is locked skipped
I:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
I:\WINDOWS\system32\config\system Object is locked skipped
I:\WINDOWS\system32\config\system.LOG Object is locked skipped
I:\WINDOWS\system32\drivers\atapi.sys Object is locked skipped
I:\WINDOWS\system32\drivers\hldrrr.exe Infected: Trojan-Downloader.Win32.Bagle.ir skipped
I:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped
I:\WINDOWS\system32\h323log.txt Object is locked skipped
I:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped
I:\WINDOWS\system32\mdelk.exe Infected: Email-Worm.Win32.Bagle.of skipped
I:\WINDOWS\system32\nmp.log Object is locked skipped
I:\WINDOWS\system32\vimc.exe/WISE0005.BIN Infected: not-a-virus:RiskTool.Win32.CloseApp.a skipped
I:\WINDOWS\system32\vimc.exe WiseSFX: infected - 1 skipped
I:\WINDOWS\system32\VITrans\ntkrnlpa.exe Object is locked skipped
I:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
I:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
I:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
I:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
I:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
I:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
I:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
I:\WINDOWS\system32\_nvidia_xxx_.log Object is locked skipped
I:\WINDOWS\wiadebug.log Object is locked skipped
I:\WINDOWS\wiaservc.log Object is locked skipped
I:\WINDOWS\WindowsUpdates.exe Infected: not-a-virus:AdWare.Win32.Agent.bm skipped
I:\DOCUME~1\-CHIP-~1\CONFIG~1\Temp\~DF9097.tmp Object is locked skipped
Scan process completed.
y es es el informe despues de pasarle el kasper a toda la maquina:
KASPERSKY ONLINE SCANNER REPORTKASPERSKY ONLINE SCANNER REPORT
Sunday, January 27, 2008 5:13:43 AM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build
2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 26/01/2008
Kaspersky Anti-Virus database records: 533629
Scan Settings
Scan using the following antivirus databaseextended
Scan Archivestrue
Scan Mail Basestrue
Scan TargetMy Computer
A:\
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\
Scan Statistics
Total number of scanned objects72370
Number of viruses found4
Number of infected objects19
Number of suspicious objects0
Duration of the scan process06:16:29
Infected Object NameVirus NameLast Action
I:\Archivos de programa\Azureus\plugins\advancedstatistics\stats.data
Object is locked skipped
I:\Archivos de programa\Azureus\plugins\advancedstatistics\stats.lck
Object is locked skipped
I:\Archivos de programa\Azureus\plugins\advancedstatistics\stats.log
Object is locked skipped
I:\Archivos de programa\Azureus\plugins\safepeer\safepeer.log Object is
locked skipped
I:\Archivos de programa\Azureus\plugins\SpeedScheduler\SpeedScheduler.log
Object is locked skipped
I:\Archivos de programa\Yahoo!\YPSR\Quarantine\ppq58.tmp Infected:
Email-Worm.Win32.Bagle.of skipped
I:\Documents and Settings\- CHIP -\Configuración local\Archivos temporales
de Internet\Content.IE5\B8RG2ZTV\b64_31[1].jpg Infected:
Email-Worm.Win32.Bagle.of skipped
I:\Documents and Settings\- CHIP -\Configuración local\Archivos temporales
de Internet\Content.IE5\index.dat Object is locked skipped
I:\Documents and Settings\- CHIP -\Configuración local\Archivos temporales
de Internet\Content.IE5\YLWKBIMM\b64_31[1].jpg Infected:
Email-Worm.Win32.Bagle.of skipped
I:\Documents and Settings\- CHIP -\Configuración local\Datos de
programa\Microsoft\Windows\UsrClass.dat Object is locked skipped
I:\Documents and Settings\- CHIP -\Configuración local\Datos de
programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
I:\Documents and Settings\- CHIP -\Configuración
local\Historial\History.IE5\index.dat Object is locked skipped
I:\Documents and Settings\- CHIP -\Configuración
local\Historial\History.IE5\MSHist012008012620080127\index.dat Object is
locked skipped
I:\Documents and Settings\- CHIP -\Configuración local\Temp\hsperfdata_-
CHIP -\2528 Object is locked skipped
I:\Documents and Settings\- CHIP -\Configuración local\Temp\~DF88C1.tmp
Object is locked skipped
I:\Documents and Settings\- CHIP -\Configuración local\Temp\~DF9097.tmp
Object is locked skipped
I:\Documents and Settings\- CHIP -\Configuración local\Temp\~DF947C.tmp
Object is locked skipped
I:\Documents and Settings\- CHIP -\Configuración local\Temp\~DF98F4.tmp
Object is locked skipped
I:\Documents and Settings\- CHIP -\Cookies\index.dat Object is locked
skipped
I:\Documents and Settings\- CHIP -\Datos de
programa\Azureus\ipfilter.cache Object is locked skipped
I:\Documents and Settings\- CHIP -\Datos de
programa\Azureus\tmp\AZU21071.tmp Object is locked skipped
I:\Documents and Settings\- CHIP -\Datos de
programa\Azureus\tmp\AZU21072.tmp Object is locked skipped
I:\Documents and Settings\- CHIP -\Datos de
programa\Azureus\tmp\AZU21073.tmp Object is locked skipped
I:\Documents and Settings\- CHIP -\Datos de
programa\Azureus\tmp\AZU21074.tmp Object is locked skipped
I:\Documents and Settings\- CHIP -\Datos de
programa\Azureus\tmp\AZU21075.tmp Object is locked skipped
I:\Documents and Settings\- CHIP -\Datos de
programa\Azureus\tmp\AZU21076.tmp Object is locked skipped
I:\Documents and Settings\- CHIP -\Datos de
programa\Azureus\tmp\AZU21077.tmp Object is locked skipped
I:\Documents and Settings\- CHIP -\Datos de
programa\Azureus\tmp\AZU21078.tmp Object is locked skipped
I:\Documents and Settings\- CHIP -\Datos de
programa\Azureus\tmp\AZU21079.tmp Object is locked skipped
I:\Documents and Settings\- CHIP -\Datos de
programa\Azureus\tmp\AZU21080.tmp Object is locked skipped
I:\Documents and Settings\- CHIP -\Datos de
programa\Azureus\tmp\AZU21081.tmp Object is locked skipped
I:\Documents and Settings\- CHIP -\Datos de
programa\Azureus\tmp\AZU21082.tmp Object is locked skipped
I:\Documents and Settings\- CHIP -\Datos de
programa\Azureus\tmp\AZU21083.tmp Object is locked skipped
I:\Documents and Settings\- CHIP -\Datos de
programa\Azureus\tmp\AZU21084.tmp Object is locked skipped
I:\Documents and Settings\- CHIP -\Datos de
programa\Azureus\tmp\AZU21085.tmp Object is locked skipped
I:\Documents and Settings\- CHIP -\Datos de
programa\Azureus\tmp\AZU21086.tmp Object is locked skipped
I:\Documents and Settings\- CHIP -\Datos de
programa\Azureus\tmp\AZU21087.tmp Object is locked skipped
I:\Documents and Settings\- CHIP -\Datos de
programa\Azureus\tmp\AZU21088.tmp Object is locked skipped
I:\Documents and Settings\- CHIP -\Datos de
programa\Azureus\tmp\AZU21089.tmp Object is locked skipped
I:\Documents and Settings\- CHIP -\Datos de
programa\Azureus\tmp\AZU21090.tmp Object is locked skipped
I:\Documents and Settings\- CHIP -\Datos de
programa\Azureus\tmp\AZU21091.tmp Object is locked skipped
I:\Documents and Settings\- CHIP -\Datos de
programa\Azureus\tmp\AZU21092.tmp Object is locked skipped
I:\Documents and Settings\- CHIP -\Datos de
programa\Azureus\tmp\AZU21093.tmp Object is locked skipped
I:\Documents and Settings\- CHIP -\Datos de
programa\Azureus\tmp\AZU21094.tmp Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Chupo.Mucho.Y.Trago.Todo.[Spanish].DVD.XviD.MP3.XXX.-.[WwW.TorrentesX.CoM ]\Chupo.Mucho.Y.Trago.Todo.DVD.XviD.MP3.XXX.-.[WwW.TorrentesX.CoM ]-CD2.avi
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Chupo.Mucho.Y.Trago.Todo.[Spanish].DVD.XviD.MP3.XXX.-.[WwW.TorrentesX.CoM ]\Chupo.Mucho.Y.Trago.Todo.DVD.XviD.MP3.XXX.-[WwW.TorrentesX.CoM ]-CD1.avi
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Heroes.Del.Silencio.[Tour.2007].DVD.[DivxTotaL.com].rar
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Microsoft.Windows.Vista.Ultimate.x64.Integrated.January.2008.OEM.DVD-BIE\bievst64_18.r01
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Microsoft.Windows.Vista.Ultimate.x64.Integrated.January.2008.OEM.DVD-BIE\bievst64_18.r03
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Microsoft.Windows.Vista.Ultimate.x64.Integrated.January.2008.OEM.DVD-BIE\bievst64_18.r09
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Microsoft.Windows.Vista.Ultimate.x64.Integrated.January.2008.OEM.DVD-BIE\bievst64_18.r15
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Microsoft.Windows.Vista.Ultimate.x64.Integrated.January.2008.OEM.DVD-BIE\bievst64_18.r27
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Microsoft.Windows.Vista.Ultimate.x64.Integrated.January.2008.OEM.DVD-BIE\bievst64_18.r28
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Microsoft.Windows.Vista.Ultimate.x64.Integrated.January.2008.OEM.DVD-BIE\bievst64_18.r31
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Microsoft.Windows.Vista.Ultimate.x64.Integrated.January.2008.OEM.DVD-BIE\bievst64_18.r37
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Microsoft.Windows.Vista.Ultimate.x64.Integrated.January.2008.OEM.DVD-BIE\bievst64_18.r48
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Microsoft.Windows.Vista.Ultimate.x64.Integrated.January.2008.OEM.DVD-BIE\bievst64_18.r50
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Microsoft.Windows.Vista.Ultimate.x64.Integrated.January.2008.OEM.DVD-BIE\bievst64_18.r55
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Microsoft.Windows.Vista.Ultimate.x64.Integrated.January.2008.OEM.DVD-BIE\bievst64_18.r64
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Microsoft.Windows.Vista.Ultimate.x64.Integrated.January.2008.OEM.DVD-BIE\bievst64_18.r66
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Microsoft.Windows.Vista.Ultimate.x64.Integrated.January.2008.OEM.DVD-BIE\bievst64_18.r68
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Microsoft.Windows.Vista.Ultimate.x64.Integrated.January.2008.OEM.DVD-BIE\bievst64_18.r73
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Microsoft.Windows.Vista.Ultimate.x64.Integrated.January.2008.OEM.DVD-BIE\bievst64_18.r77
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Microsoft.Windows.Vista.Ultimate.x64.Integrated.January.2008.OEM.DVD-BIE\bievst64_18.r87
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Todo.En.Uno.V-7.[www.TodoCVCD.com ].iso Object
is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Windows.Vista.Total.ES.[www.TodoCVCD.com ]\Vistatotal.r00
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Windows.Vista.Total.ES.[www.TodoCVCD.com ]\Vistatotal.r13
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Windows.Vista.Total.ES.[www.TodoCVCD.com ]\Vistatotal.r15
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Windows.Vista.Total.ES.[www.TodoCVCD.com ]\Vistatotal.r29
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Windows.Vista.Total.ES.[www.TodoCVCD.com ]\Vistatotal.r42
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Windows.Vista.Total.ES.[www.TodoCVCD.com ]\Vistatotal.r46
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Windows.Vista.Total.ES.[www.TodoCVCD.com ]\Vistatotal.r52
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Windows.Vista.Total.ES.[www.TodoCVCD.com ]\Vistatotal.r69
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Windows.Vista.Total.ES.[www.TodoCVCD.com ]\Vistatotal.r78
Object is locked skipped
I:\Documents and Settings\- CHIP -\NTUSER.DAT Object is locked skipped
I:\Documents and Settings\- CHIP -\ntuser.dat.LOG Object is locked skipped
I:\Documents and Settings\All Users\Datos de
programa\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
I:\Documents and Settings\All Users\Datos de
programa\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
I:\Documents and Settings\LocalService\Configuración local\Archivos
temporales de Internet\Content.IE5\index.dat Object is locked skipped
I:\Documents and Settings\LocalService\Configuración local\Datos de
programa\Microsoft\Windows\UsrClass.dat Object is locked skipped
I:\Documents and Settings\LocalService\Configuración local\Datos de
programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
I:\Documents and Settings\LocalService\Configuración
local\Historial\History.IE5\index.dat Object is locked skipped
I:\Documents and Settings\LocalService\Cookies\index.dat Object is locked
skipped
I:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
I:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked
skipped
I:\Documents and Settings\NetworkService\Configuración local\Datos de
programa\Microsoft\Windows\UsrClass.dat Object is locked skipped
I:\Documents and Settings\NetworkService\Configuración local\Datos de
programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
I:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked
skipped
I:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked
skipped
I:\Program Files\ASUS\Asus Probe\AsusProb.exe Infected:
Trojan-Downloader.Win32.Bagle.ir skipped
I:\System Volume Information\MountPointManagerRemoteDatabase Object is
locked skipped
I:\System Volume
Information\_restore{C0A168FE-4623-4935-A579-ABA691CCFDA8}\RP319\A0043669.exe
Infected: Trojan-Downloader.Win32.Bagle.ir skipped
I:\System Volume
Information\_restore{C0A168FE-4623-4935-A579-ABA691CCFDA8}\RP319\A0043673.exe
Infected: Email-Worm.Win32.Bagle.of skipped
I:\System Volume
Information\_restore{C0A168FE-4623-4935-A579-ABA691CCFDA8}\RP319\A0043674.exe
Infected: Email-Worm.Win32.Bagle.of skipped
I:\System Volume
Information\_restore{C0A168FE-4623-4935-A579-ABA691CCFDA8}\RP320\A0043804.exe
Infected: Email-Worm.Win32.Bagle.of skipped
I:\System Volume
Information\_restore{C0A168FE-4623-4935-A579-ABA691CCFDA8}\RP320\A0043805.exe
Infected: Email-Worm.Win32.Bagle.of skipped
I:\System Volume
Information\_restore{C0A168FE-4623-4935-A579-ABA691CCFDA8}\RP321\A0043810.exe
Infected: Trojan.Win32.Pakes.bwy skipped
I:\System Volume
Information\_restore{C0A168FE-4623-4935-A579-ABA691CCFDA8}\RP325\A0045311.exe
Infected: Email-Worm.Win32.Bagle.of skipped
I:\System Volume
Information\_restore{C0A168FE-4623-4935-A579-ABA691CCFDA8}\RP325\A0045312.exe
Infected: Email-Worm.Win32.Bagle.of skipped
I:\System Volume
Information\_restore{C0A168FE-4623-4935-A579-ABA691CCFDA8}\RP326\A0045465.exe
Infected: Email-Worm.Win32.Bagle.of skipped
I:\System Volume
Information\_restore{C0A168FE-4623-4935-A579-ABA691CCFDA8}\RP326\A0045466.exe
Infected: Email-Worm.Win32.Bagle.of skipped
I:\System Volume
Information\_restore{C0A168FE-4623-4935-A579-ABA691CCFDA8}\RP326\change.log
Object is locked skipped
I:\WINDOWS\$hf_mig$\KB890859\SP2GDR\ntkrnlpa.exe Object is locked skipped
I:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe Object is locked skipped
I:\WINDOWS\$hf_mig$\KB929338\SP2QFE\ntkrnlpa.exe Object is locked skipped
I:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntkrnlpa.exe Object is locked skipped
I:\WINDOWS\$NtServicePackUninstall$\ntkrnlpa.exe Object is locked skipped
I:\WINDOWS\$NtUninstallKB890859$\ntkrnlpa.exe Object is locked skipped
I:\WINDOWS\$NtUninstallKB890859_0$\ntkrnlpa.exe Object is locked skipped
I:\WINDOWS\$NtUninstallKB929338$\ntkrnlpa.exe Object is locked skipped
I:\WINDOWS\$NtUninstallKB931784$\ntkrnlpa.exe Object is locked skipped
I:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
I:\WINDOWS\Driver Cache\i386\ntkrnlpa.exe Object is locked skipped
I:\WINDOWS\SchedLgU.Txt Object is locked skipped
I:\WINDOWS\ServicePackFiles\i386\ntkrnlpa.exe Object is locked skipped
I:\WINDOWS\Sti_Trace.log Object is locked skipped
I:\WINDOWS\system32\app_filter_ui.log Object is locked skipped
I:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
I:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
I:\WINDOWS\system32\closeapp.exe Infected:
not-a-virus:RiskTool.Win32.CloseApp.a skipped
I:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
I:\WINDOWS\system32\config\default Object is locked skipped
I:\WINDOWS\system32\config\default.LOG Object is locked skipped
I:\WINDOWS\system32\config\Internet.evt Object is locked skipped
I:\WINDOWS\system32\config\SAM Object is locked skipped
I:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
I:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
I:\WINDOWS\system32\config\SECURITY Object is locked skipped
I:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
I:\WINDOWS\system32\config\software Object is locked skipped
I:\WINDOWS\system32\config\software.LOG Object is locked skipped
I:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
I:\WINDOWS\system32\config\system Object is locked skipped
I:\WINDOWS\system32\config\system.LOG Object is locked skipped
I:\WINDOWS\system32\drivers\atapi.sys Object is locked skipped
I:\WINDOWS\system32\drivers\hldrrr.exe Infected:
Trojan-Downloader.Win32.Bagle.ir skipped
I:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped
I:\WINDOWS\system32\h323log.txt Object is locked skipped
I:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped
I:\WINDOWS\system32\mdelk.exe Infected: Email-Worm.Win32.Bagle.of skipped
I:\WINDOWS\system32\nmp.log Object is locked skipped
I:\WINDOWS\system32\vimc.exe/WISE0005.BIN Infected:
not-a-virus:RiskTool.Win32.CloseApp.a skipped
I:\WINDOWS\system32\vimc.exe WiseSFX: infected - 1 skipped
I:\WINDOWS\system32\VITrans\ntkrnlpa.exe Object is locked skipped
I:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
I:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
I:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked
skipped
I:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked
skipped
I:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked
skipped
I:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked
skipped
I:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked
skipped
I:\WINDOWS\system32\_nvidia_xxx_.log Object is locked skipped
I:\WINDOWS\wiadebug.log Object is locked skipped
I:\WINDOWS\wiaservc.log Object is locked skipped
Scan process completed.
:?: :?: El caso es que el ordenador funciona bien pero no me deja instalar nada parecido a un antivirus. Me pregunto si puedo eliminar los archivos infectados con el explorer y todo voloverá a estar bien. Que puedo hacer???? la solucion es Format?????
KASPERSKY ONLINE SCANNER REPORTKASPERSKY ONLINE SCANNER REPORT
Sunday, January 27, 2008 5:13:43 AM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build
2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 26/01/2008
Kaspersky Anti-Virus database records: 533629
Scan Settings
Scan using the following antivirus databaseextended
Scan Archivestrue
Scan Mail Basestrue
Scan TargetMy Computer
A:\
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\
Scan Statistics
Total number of scanned objects72370
Number of viruses found4
Number of infected objects19
Number of suspicious objects0
Duration of the scan process06:16:29
Infected Object NameVirus NameLast Action
I:\Archivos de programa\Azureus\plugins\advancedstatistics\stats.data
Object is locked skipped
I:\Archivos de programa\Azureus\plugins\advancedstatistics\stats.lck
Object is locked skipped
I:\Archivos de programa\Azureus\plugins\advancedstatistics\stats.log
Object is locked skipped
I:\Archivos de programa\Azureus\plugins\safepeer\safepeer.log Object is
locked skipped
I:\Archivos de programa\Azureus\plugins\SpeedScheduler\SpeedScheduler.log
Object is locked skipped
I:\Archivos de programa\Yahoo!\YPSR\Quarantine\ppq58.tmp Infected:
Email-Worm.Win32.Bagle.of skipped
I:\Documents and Settings\- CHIP -\Configuración local\Archivos temporales
de Internet\Content.IE5\B8RG2ZTV\b64_31[1].jpg Infected:
Email-Worm.Win32.Bagle.of skipped
I:\Documents and Settings\- CHIP -\Configuración local\Archivos temporales
de Internet\Content.IE5\index.dat Object is locked skipped
I:\Documents and Settings\- CHIP -\Configuración local\Archivos temporales
de Internet\Content.IE5\YLWKBIMM\b64_31[1].jpg Infected:
Email-Worm.Win32.Bagle.of skipped
I:\Documents and Settings\- CHIP -\Configuración local\Datos de
programa\Microsoft\Windows\UsrClass.dat Object is locked skipped
I:\Documents and Settings\- CHIP -\Configuración local\Datos de
programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
I:\Documents and Settings\- CHIP -\Configuración
local\Historial\History.IE5\index.dat Object is locked skipped
I:\Documents and Settings\- CHIP -\Configuración
local\Historial\History.IE5\MSHist012008012620080127\index.dat Object is
locked skipped
I:\Documents and Settings\- CHIP -\Configuración local\Temp\hsperfdata_-
CHIP -\2528 Object is locked skipped
I:\Documents and Settings\- CHIP -\Configuración local\Temp\~DF88C1.tmp
Object is locked skipped
I:\Documents and Settings\- CHIP -\Configuración local\Temp\~DF9097.tmp
Object is locked skipped
I:\Documents and Settings\- CHIP -\Configuración local\Temp\~DF947C.tmp
Object is locked skipped
I:\Documents and Settings\- CHIP -\Configuración local\Temp\~DF98F4.tmp
Object is locked skipped
I:\Documents and Settings\- CHIP -\Cookies\index.dat Object is locked
skipped
I:\Documents and Settings\- CHIP -\Datos de
programa\Azureus\ipfilter.cache Object is locked skipped
I:\Documents and Settings\- CHIP -\Datos de
programa\Azureus\tmp\AZU21071.tmp Object is locked skipped
I:\Documents and Settings\- CHIP -\Datos de
programa\Azureus\tmp\AZU21072.tmp Object is locked skipped
I:\Documents and Settings\- CHIP -\Datos de
programa\Azureus\tmp\AZU21073.tmp Object is locked skipped
I:\Documents and Settings\- CHIP -\Datos de
programa\Azureus\tmp\AZU21074.tmp Object is locked skipped
I:\Documents and Settings\- CHIP -\Datos de
programa\Azureus\tmp\AZU21075.tmp Object is locked skipped
I:\Documents and Settings\- CHIP -\Datos de
programa\Azureus\tmp\AZU21076.tmp Object is locked skipped
I:\Documents and Settings\- CHIP -\Datos de
programa\Azureus\tmp\AZU21077.tmp Object is locked skipped
I:\Documents and Settings\- CHIP -\Datos de
programa\Azureus\tmp\AZU21078.tmp Object is locked skipped
I:\Documents and Settings\- CHIP -\Datos de
programa\Azureus\tmp\AZU21079.tmp Object is locked skipped
I:\Documents and Settings\- CHIP -\Datos de
programa\Azureus\tmp\AZU21080.tmp Object is locked skipped
I:\Documents and Settings\- CHIP -\Datos de
programa\Azureus\tmp\AZU21081.tmp Object is locked skipped
I:\Documents and Settings\- CHIP -\Datos de
programa\Azureus\tmp\AZU21082.tmp Object is locked skipped
I:\Documents and Settings\- CHIP -\Datos de
programa\Azureus\tmp\AZU21083.tmp Object is locked skipped
I:\Documents and Settings\- CHIP -\Datos de
programa\Azureus\tmp\AZU21084.tmp Object is locked skipped
I:\Documents and Settings\- CHIP -\Datos de
programa\Azureus\tmp\AZU21085.tmp Object is locked skipped
I:\Documents and Settings\- CHIP -\Datos de
programa\Azureus\tmp\AZU21086.tmp Object is locked skipped
I:\Documents and Settings\- CHIP -\Datos de
programa\Azureus\tmp\AZU21087.tmp Object is locked skipped
I:\Documents and Settings\- CHIP -\Datos de
programa\Azureus\tmp\AZU21088.tmp Object is locked skipped
I:\Documents and Settings\- CHIP -\Datos de
programa\Azureus\tmp\AZU21089.tmp Object is locked skipped
I:\Documents and Settings\- CHIP -\Datos de
programa\Azureus\tmp\AZU21090.tmp Object is locked skipped
I:\Documents and Settings\- CHIP -\Datos de
programa\Azureus\tmp\AZU21091.tmp Object is locked skipped
I:\Documents and Settings\- CHIP -\Datos de
programa\Azureus\tmp\AZU21092.tmp Object is locked skipped
I:\Documents and Settings\- CHIP -\Datos de
programa\Azureus\tmp\AZU21093.tmp Object is locked skipped
I:\Documents and Settings\- CHIP -\Datos de
programa\Azureus\tmp\AZU21094.tmp Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Chupo.Mucho.Y.Trago.Todo.[Spanish].DVD.XviD.MP3.XXX.-.[
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Chupo.Mucho.Y.Trago.Todo.[Spanish].DVD.XviD.MP3.XXX.-.[
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Heroes.Del.Silencio.[Tour.2007].DVD.[DivxTotaL.com].rar
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Microsoft.Windows.Vista.Ultimate.x64.Integrated.January.2008.OEM.DVD-BIE\bievst64_18.r01
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Microsoft.Windows.Vista.Ultimate.x64.Integrated.January.2008.OEM.DVD-BIE\bievst64_18.r03
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Microsoft.Windows.Vista.Ultimate.x64.Integrated.January.2008.OEM.DVD-BIE\bievst64_18.r09
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Microsoft.Windows.Vista.Ultimate.x64.Integrated.January.2008.OEM.DVD-BIE\bievst64_18.r15
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Microsoft.Windows.Vista.Ultimate.x64.Integrated.January.2008.OEM.DVD-BIE\bievst64_18.r27
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Microsoft.Windows.Vista.Ultimate.x64.Integrated.January.2008.OEM.DVD-BIE\bievst64_18.r28
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Microsoft.Windows.Vista.Ultimate.x64.Integrated.January.2008.OEM.DVD-BIE\bievst64_18.r31
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Microsoft.Windows.Vista.Ultimate.x64.Integrated.January.2008.OEM.DVD-BIE\bievst64_18.r37
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Microsoft.Windows.Vista.Ultimate.x64.Integrated.January.2008.OEM.DVD-BIE\bievst64_18.r48
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Microsoft.Windows.Vista.Ultimate.x64.Integrated.January.2008.OEM.DVD-BIE\bievst64_18.r50
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Microsoft.Windows.Vista.Ultimate.x64.Integrated.January.2008.OEM.DVD-BIE\bievst64_18.r55
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Microsoft.Windows.Vista.Ultimate.x64.Integrated.January.2008.OEM.DVD-BIE\bievst64_18.r64
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Microsoft.Windows.Vista.Ultimate.x64.Integrated.January.2008.OEM.DVD-BIE\bievst64_18.r66
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Microsoft.Windows.Vista.Ultimate.x64.Integrated.January.2008.OEM.DVD-BIE\bievst64_18.r68
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Microsoft.Windows.Vista.Ultimate.x64.Integrated.January.2008.OEM.DVD-BIE\bievst64_18.r73
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Microsoft.Windows.Vista.Ultimate.x64.Integrated.January.2008.OEM.DVD-BIE\bievst64_18.r77
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Microsoft.Windows.Vista.Ultimate.x64.Integrated.January.2008.OEM.DVD-BIE\bievst64_18.r87
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Todo.En.Uno.V-7.[
is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Windows.Vista.Total.ES.[
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Windows.Vista.Total.ES.[
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Windows.Vista.Total.ES.[
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Windows.Vista.Total.ES.[
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Windows.Vista.Total.ES.[
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Windows.Vista.Total.ES.[
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Windows.Vista.Total.ES.[
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Windows.Vista.Total.ES.[
Object is locked skipped
I:\Documents and Settings\- CHIP -\Mis
documentos\Downloads\Torrent\Windows.Vista.Total.ES.[
Object is locked skipped
I:\Documents and Settings\- CHIP -\NTUSER.DAT Object is locked skipped
I:\Documents and Settings\- CHIP -\ntuser.dat.LOG Object is locked skipped
I:\Documents and Settings\All Users\Datos de
programa\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
I:\Documents and Settings\All Users\Datos de
programa\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
I:\Documents and Settings\LocalService\Configuración local\Archivos
temporales de Internet\Content.IE5\index.dat Object is locked skipped
I:\Documents and Settings\LocalService\Configuración local\Datos de
programa\Microsoft\Windows\UsrClass.dat Object is locked skipped
I:\Documents and Settings\LocalService\Configuración local\Datos de
programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
I:\Documents and Settings\LocalService\Configuración
local\Historial\History.IE5\index.dat Object is locked skipped
I:\Documents and Settings\LocalService\Cookies\index.dat Object is locked
skipped
I:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
I:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked
skipped
I:\Documents and Settings\NetworkService\Configuración local\Datos de
programa\Microsoft\Windows\UsrClass.dat Object is locked skipped
I:\Documents and Settings\NetworkService\Configuración local\Datos de
programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
I:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked
skipped
I:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked
skipped
I:\Program Files\ASUS\Asus Probe\AsusProb.exe Infected:
Trojan-Downloader.Win32.Bagle.ir skipped
I:\System Volume Information\MountPointManagerRemoteDatabase Object is
locked skipped
I:\System Volume
Information\_restore{C0A168FE-4623-4935-A579-ABA691CCFDA8}\RP319\A0043669.exe
Infected: Trojan-Downloader.Win32.Bagle.ir skipped
I:\System Volume
Information\_restore{C0A168FE-4623-4935-A579-ABA691CCFDA8}\RP319\A0043673.exe
Infected: Email-Worm.Win32.Bagle.of skipped
I:\System Volume
Information\_restore{C0A168FE-4623-4935-A579-ABA691CCFDA8}\RP319\A0043674.exe
Infected: Email-Worm.Win32.Bagle.of skipped
I:\System Volume
Information\_restore{C0A168FE-4623-4935-A579-ABA691CCFDA8}\RP320\A0043804.exe
Infected: Email-Worm.Win32.Bagle.of skipped
I:\System Volume
Information\_restore{C0A168FE-4623-4935-A579-ABA691CCFDA8}\RP320\A0043805.exe
Infected: Email-Worm.Win32.Bagle.of skipped
I:\System Volume
Information\_restore{C0A168FE-4623-4935-A579-ABA691CCFDA8}\RP321\A0043810.exe
Infected: Trojan.Win32.Pakes.bwy skipped
I:\System Volume
Information\_restore{C0A168FE-4623-4935-A579-ABA691CCFDA8}\RP325\A0045311.exe
Infected: Email-Worm.Win32.Bagle.of skipped
I:\System Volume
Information\_restore{C0A168FE-4623-4935-A579-ABA691CCFDA8}\RP325\A0045312.exe
Infected: Email-Worm.Win32.Bagle.of skipped
I:\System Volume
Information\_restore{C0A168FE-4623-4935-A579-ABA691CCFDA8}\RP326\A0045465.exe
Infected: Email-Worm.Win32.Bagle.of skipped
I:\System Volume
Information\_restore{C0A168FE-4623-4935-A579-ABA691CCFDA8}\RP326\A0045466.exe
Infected: Email-Worm.Win32.Bagle.of skipped
I:\System Volume
Information\_restore{C0A168FE-4623-4935-A579-ABA691CCFDA8}\RP326\change.log
Object is locked skipped
I:\WINDOWS\$hf_mig$\KB890859\SP2GDR\ntkrnlpa.exe Object is locked skipped
I:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe Object is locked skipped
I:\WINDOWS\$hf_mig$\KB929338\SP2QFE\ntkrnlpa.exe Object is locked skipped
I:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntkrnlpa.exe Object is locked skipped
I:\WINDOWS\$NtServicePackUninstall$\ntkrnlpa.exe Object is locked skipped
I:\WINDOWS\$NtUninstallKB890859$\ntkrnlpa.exe Object is locked skipped
I:\WINDOWS\$NtUninstallKB890859_0$\ntkrnlpa.exe Object is locked skipped
I:\WINDOWS\$NtUninstallKB929338$\ntkrnlpa.exe Object is locked skipped
I:\WINDOWS\$NtUninstallKB931784$\ntkrnlpa.exe Object is locked skipped
I:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
I:\WINDOWS\Driver Cache\i386\ntkrnlpa.exe Object is locked skipped
I:\WINDOWS\SchedLgU.Txt Object is locked skipped
I:\WINDOWS\ServicePackFiles\i386\ntkrnlpa.exe Object is locked skipped
I:\WINDOWS\Sti_Trace.log Object is locked skipped
I:\WINDOWS\system32\app_filter_ui.log Object is locked skipped
I:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
I:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
I:\WINDOWS\system32\closeapp.exe Infected:
not-a-virus:RiskTool.Win32.CloseApp.a skipped
I:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
I:\WINDOWS\system32\config\default Object is locked skipped
I:\WINDOWS\system32\config\default.LOG Object is locked skipped
I:\WINDOWS\system32\config\Internet.evt Object is locked skipped
I:\WINDOWS\system32\config\SAM Object is locked skipped
I:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
I:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
I:\WINDOWS\system32\config\SECURITY Object is locked skipped
I:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
I:\WINDOWS\system32\config\software Object is locked skipped
I:\WINDOWS\system32\config\software.LOG Object is locked skipped
I:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
I:\WINDOWS\system32\config\system Object is locked skipped
I:\WINDOWS\system32\config\system.LOG Object is locked skipped
I:\WINDOWS\system32\drivers\atapi.sys Object is locked skipped
I:\WINDOWS\system32\drivers\hldrrr.exe Infected:
Trojan-Downloader.Win32.Bagle.ir skipped
I:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped
I:\WINDOWS\system32\h323log.txt Object is locked skipped
I:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped
I:\WINDOWS\system32\mdelk.exe Infected: Email-Worm.Win32.Bagle.of skipped
I:\WINDOWS\system32\nmp.log Object is locked skipped
I:\WINDOWS\system32\vimc.exe/WISE0005.BIN Infected:
not-a-virus:RiskTool.Win32.CloseApp.a skipped
I:\WINDOWS\system32\vimc.exe WiseSFX: infected - 1 skipped
I:\WINDOWS\system32\VITrans\ntkrnlpa.exe Object is locked skipped
I:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
I:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
I:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked
skipped
I:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked
skipped
I:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked
skipped
I:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked
skipped
I:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked
skipped
I:\WINDOWS\system32\_nvidia_xxx_.log Object is locked skipped
I:\WINDOWS\wiadebug.log Object is locked skipped
I:\WINDOWS\wiaservc.log Object is locked skipped
Scan process completed.
-
msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Falta la mitad del informe del ELIBAGLA en el infosat.txt. Primero viene el de Accion Directa, que posiblemente pida enviar muestra de un fichero, visto que el resumen indica :
Por favor, postee el log completo !!!
y si le pide que envie muestra para analizar, recuerde:
->[b] Para ello recordar[/b] https://foros.zonavirus.com/viewtopic.php?f=2&t=45334
saludos
ms, 27-1-2008
[quote]Nº de Ficheros Infectados: 1
Nº de Ficheros Limpiados: 0[/quote]
Por favor, postee el log completo !!!
y si le pide que envie muestra para analizar, recuerde:
->
saludos
ms, 27-1-2008
msc hotline sat Virus Research Engineer Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
-
msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Y aparte del que le diga el infosat.txt, envienos tambien del mismo modo, estos otros:
I:\Program Files\ASUS\Asus Probe\AsusProb.exe
I:\WINDOWS\system32\closeapp.exe
I:\WINDOWS\system32\drivers\hldrrr.exe[b][i]<--- suponemos que este es el que se le pedía tambien en el infosat[/i] [/b]
I:\WINDOWS\system32\mdelk.exe
I:\WINDOWS\system32\vimc.exe/WISE0005.BIN
I:\WINDOWS\system32\vimc.exe
Tras analizarlos implementaremos su control y eliminacion en nuestras utilidades, de lo cual ionformaremos.
saludos
ms, 27-1-2008
I:\Program Files\ASUS\Asus Probe\AsusProb.exe
I:\WINDOWS\system32\closeapp.exe
I:\WINDOWS\system32\drivers\hldrrr.exe
I:\WINDOWS\system32\mdelk.exe
I:\WINDOWS\system32\vimc.exe/WISE0005.BIN
I:\WINDOWS\system32\vimc.exe
Tras analizarlos implementaremos su control y eliminacion en nuestras utilidades, de lo cual ionformaremos.
saludos
ms, 27-1-2008
msc hotline sat Virus Research Engineer Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
aqui esta el informe del infosat:
Sun Jan 27 21:34:08 2008
EliBagle v10.92 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
I:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
Por favor, envienos una muestra del fichero
C:\Muestras\SROSA.SYS.Muestra EliBagle v10.92
a "virus@satinfo.es ". Gracias.
I:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle Acceso Denegado.
Por favor, envienos una muestra del fichero
C:\Muestras\HLDRRR.EXE.Muestra EliBagle v10.92
a "virus@satinfo.es ". Gracias.
I:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle Acceso Denegado.
Sun Jan 27 21:34:28 2008
EliBagle v10.92 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
Nº Total de Directorios: 337
Nº Total de Ficheros: 2613
Nº de Ficheros Analizados: 56
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0
Sun Jan 27 21:34:50 2008
EliBagle v10.92 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad I:\
Nº Total de Directorios: 5123
Nº Total de Ficheros: 62830
Nº de Ficheros Analizados: 12206
Nº de Ficheros Infectados: 1
Nº de Ficheros Limpiados: 0
Sun Jan 27 21:41:22 2008
EliBagle v10.92 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
I:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Eliminado Bagle
Por favor, envienos una muestra del fichero
C:\Muestras\SROSA.SYS.Muestra EliBagle v10.92
a "virus@satinfo.es ". Gracias.
I:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Eliminado Bagle
Por favor, envienos una muestra del fichero
C:\Muestras\HLDRRR.EXE.Muestra EliBagle v10.92
a "virus@satinfo.es ". Gracias.
I:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Eliminado Bagle
Los demas archivos los mando adjuntos en correo electronico, junto con las copias qie me pide el Elibagla.
Sun Jan 27 21:34:08 2008
EliBagle v10.92 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
I:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
Por favor, envienos una muestra del fichero
C:\Muestras\SROSA.SYS.Muestra EliBagle v10.92
a "
I:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle Acceso Denegado.
Por favor, envienos una muestra del fichero
C:\Muestras\HLDRRR.EXE.Muestra EliBagle v10.92
a "
I:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle Acceso Denegado.
Sun Jan 27 21:34:28 2008
EliBagle v10.92 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
Nº Total de Directorios: 337
Nº Total de Ficheros: 2613
Nº de Ficheros Analizados: 56
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0
Sun Jan 27 21:34:50 2008
EliBagle v10.92 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad I:\
Nº Total de Directorios: 5123
Nº Total de Ficheros: 62830
Nº de Ficheros Analizados: 12206
Nº de Ficheros Infectados: 1
Nº de Ficheros Limpiados: 0
Sun Jan 27 21:41:22 2008
EliBagle v10.92 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
I:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Eliminado Bagle
Por favor, envienos una muestra del fichero
C:\Muestras\SROSA.SYS.Muestra EliBagle v10.92
a "
I:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Eliminado Bagle
Por favor, envienos una muestra del fichero
C:\Muestras\HLDRRR.EXE.Muestra EliBagle v10.92
a "
I:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Eliminado Bagle
Los demas archivos los mando adjuntos en correo electronico, junto con las copias qie me pide el Elibagla.
-
msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Bueno, algun que otro Bagle ya lo eliminamos, y en un par de horasm cuando entremos a trabajar en SATINFO, analizaremos las muestras recibidas e informaremos
saludos
ms, 28-1-2008
saludos
ms, 28-1-2008
msc hotline sat Virus Research Engineer Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online