Saludos
Recurro a vosotros porque no consigo quitar algunos virus y se que me podeis sacar del apuro como alguna que otra vez.
He pasado el kaspersky online y tengo estos virus, y como antivirus personal que tengo es el NOD32 el cual me ha puesto algunos en cuarentena.
Como Los puedo quitar???
Posteo el análisis del Kaspersky:
C:\Documents and Settings\All Users\Datos de programa\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Datos de programa\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Historial\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Silmaril\Configuración local\Archivos temporales de Internet\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\Silmaril\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Silmaril\Configuración local\Datos de programa\Ahead\Nero Home\bl.db Object is locked skipped
C:\Documents and Settings\Silmaril\Configuración local\Datos de programa\Ahead\Nero Home\bl.db-journal Object is locked skipped
C:\Documents and Settings\Silmaril\Configuración local\Datos de programa\Ahead\Nero Home\is2.db Object is locked skipped
C:\Documents and Settings\Silmaril\Configuración local\Datos de programa\Ahead\Nero Home\is2.db-journal Object is locked skipped
C:\Documents and Settings\Silmaril\Configuración local\Datos de programa\Microsoft\CardSpace\CardSpace.db Object is locked skipped
C:\Documents and Settings\Silmaril\Configuración local\Datos de programa\Microsoft\CardSpace\CardSpace.db.shadow Object is locked skipped
C:\Documents and Settings\Silmaril\Configuración local\Datos de programa\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\Silmaril\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Silmaril\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Silmaril\Configuración local\Historial\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Silmaril\Configuración local\Historial\History.IE5\MSHist012007052920070530\index.dat Object is locked skipped
C:\Documents and Settings\Silmaril\Configuración local\Temp\~DF876A.tmp Object is locked skipped
C:\Documents and Settings\Silmaril\Configuración local\Temp\~DFB310.tmp Object is locked skipped
C:\Documents and Settings\Silmaril\Configuración local\Temp\~WRF0000.tmp Object is locked skipped
C:\Documents and Settings\Silmaril\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Silmaril\Datos de programa\Microsoft\Plantillas\Normal.dot Object is locked skipped
C:\Documents and Settings\Silmaril\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Silmaril\ntuser.dat.LOG Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{3CA19D28-AC3B-48D0-8107-7836799014A2}\RP163\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\drivers\dtscsi.sys Object is locked skipped
C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped
C:\WINDOWS\system32\drivers\sptd4189.sys Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
D:\Luis Manuel\Organizador\Movil 3100\Melodías, Logos y Juegos\Apps & Games Java Nokia 3100.3200.3300.6100.6610.7210.7250\Apps e games\Apps\ActiveViewer\vnc-3.3.7-x86_win32.zip/vnc-3.3.7-x86_win32.exe/data0002 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped
D:\Luis Manuel\Organizador\Movil 3100\Melodías, Logos y Juegos\Apps & Games Java Nokia 3100.3200.3300.6100.6610.7210.7250\Apps e games\Apps\ActiveViewer\vnc-3.3.7-x86_win32.zip/vnc-3.3.7-x86_win32.exe/data0003 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped
D:\Luis Manuel\Organizador\Movil 3100\Melodías, Logos y Juegos\Apps & Games Java Nokia 3100.3200.3300.6100.6610.7210.7250\Apps e games\Apps\ActiveViewer\vnc-3.3.7-x86_win32.zip/vnc-3.3.7-x86_win32.exe/data0004 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped
D:\Luis Manuel\Organizador\Movil 3100\Melodías, Logos y Juegos\Apps & Games Java Nokia 3100.3200.3300.6100.6610.7210.7250\Apps e games\Apps\ActiveViewer\vnc-3.3.7-x86_win32.zip/vnc-3.3.7-x86_win32.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped
D:\Luis Manuel\Organizador\Movil 3100\Melodías, Logos y Juegos\Apps & Games Java Nokia 3100.3200.3300.6100.6610.7210.7250\Apps e games\Apps\ActiveViewer\vnc-3.3.7-x86_win32.zip ZIP: infected - 4 skipped
D:\Luis Manuel\Organizador\Movil 3100\Melodías, Logos y Juegos\nokia_nokia 3100_(5000 logos_couleurs_300 apps&gams_java_pcsuite_ 100 sonneries_ringtones_by Murdock6\3100\applications java\Apps\ActiveViewer\vnc-3.3.7-x86_win32.zip/vnc-3.3.7-x86_win32.exe/data0002 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped
D:\Luis Manuel\Organizador\Movil 3100\Melodías, Logos y Juegos\nokia_nokia 3100_(5000 logos_couleurs_300 apps&gams_java_pcsuite_ 100 sonneries_ringtones_by Murdock6\3100\applications java\Apps\ActiveViewer\vnc-3.3.7-x86_win32.zip/vnc-3.3.7-x86_win32.exe/data0003 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped
D:\Luis Manuel\Organizador\Movil 3100\Melodías, Logos y Juegos\nokia_nokia 3100_(5000 logos_couleurs_300 apps&gams_java_pcsuite_ 100 sonneries_ringtones_by Murdock6\3100\applications java\Apps\ActiveViewer\vnc-3.3.7-x86_win32.zip/vnc-3.3.7-x86_win32.exe/data0004 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped
D:\Luis Manuel\Organizador\Movil 3100\Melodías, Logos y Juegos\nokia_nokia 3100_(5000 logos_couleurs_300 apps&gams_java_pcsuite_ 100 sonneries_ringtones_by Murdock6\3100\applications java\Apps\ActiveViewer\vnc-3.3.7-x86_win32.zip/vnc-3.3.7-x86_win32.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped
D:\Luis Manuel\Organizador\Movil 3100\Melodías, Logos y Juegos\nokia_nokia 3100_(5000 logos_couleurs_300 apps&gams_java_pcsuite_ 100 sonneries_ringtones_by Murdock6\3100\applications java\Apps\ActiveViewer\vnc-3.3.7-x86_win32.zip ZIP: infected - 4 skipped
D:\Luis Manuel\PENDRIVE\Nueva carpeta3\Superare il controllo WGA di Windows XP (V. 21-02-2007) KB905474.zip/Superare il controllo WGA di Windows XP (V. 21-02-2007) KB905474/Magical Jelly Bean Keyfinder.exe/data.rar/officekey.exe Infected: not-a-virus:PSWTool.Win32.RAS.a skipped
D:\Luis Manuel\PENDRIVE\Nueva carpeta3\Superare il controllo WGA di Windows XP (V. 21-02-2007) KB905474.zip/Superare il controllo WGA di Windows XP (V. 21-02-2007) KB905474/Magical Jelly Bean Keyfinder.exe/data.rar Infected: not-a-virus:PSWTool.Win32.RAS.a skipped
D:\Luis Manuel\PENDRIVE\Nueva carpeta3\Superare il controllo WGA di Windows XP (V. 21-02-2007) KB905474.zip/Superare il controllo WGA di Windows XP (V. 21-02-2007) KB905474/Magical Jelly Bean Keyfinder.exe Infected: not-a-virus:PSWTool.Win32.RAS.a skipped
D:\Luis Manuel\PENDRIVE\Nueva carpeta3\Superare il controllo WGA di Windows XP (V. 21-02-2007) KB905474.zip ZIP: infected - 3 skipped
D:\Luis Manuel\PENDRIVE\Nueva carpeta3\[Patch Xp Sp2-Vlk] Wga Microsoft Windows Genuine Advantage Crack Fix Full 1click Febr 2007 - Ottimo.zip/[PATCH XP SP2-VLK] WGA full crack.exe/mga.exe Suspicious: Backdoor.Win32.VB.gen skipped
D:\Luis Manuel\PENDRIVE\Nueva carpeta3\[Patch Xp Sp2-Vlk] Wga Microsoft Windows Genuine Advantage Crack Fix Full 1click Febr 2007 - Ottimo.zip/[PATCH XP SP2-VLK] WGA full crack.exe Suspicious: Backdoor.Win32.VB.gen skipped
D:\Luis Manuel\PENDRIVE\Nueva carpeta3\[Patch Xp Sp2-Vlk] Wga Microsoft Windows Genuine Advantage Crack Fix Full 1click Febr 2007 - Ottimo.zip ZIP: suspicious - 2 skipped
D:\Programas\Alcohol 120%\Alcohol 120\StarWind\logs\starwind.2007-05-29.08-37-49.log Object is locked skipped
D:\Programas\eMule v0.48a\Temp\001.part Object is locked skipped
D:\Programas\eMule v0.48a\Temp\002.part Object is locked skipped
D:\Programas\eMule v0.48a\Temp\003.part Object is locked skipped
D:\Programas\eMule v0.48a\Temp\004.part Object is locked skipped
D:\Programas\eMule v0.48a\Temp\005.part Object is locked skipped
D:\Programas\eMule v0.48a\Temp\006.part Object is locked skipped
D:\Programas\eMule v0.48a\Temp\007.part Object is locked skipped
D:\Programas\eMule v0.48a\Temp\008.part Object is locked skipped
D:\Programas\eMule v0.48a\Temp\009.part Object is locked skipped
D:\Programas\eMule v0.48a\Temp\010.part Object is locked skipped
D:\Programas\eMule v0.48a\Temp\011.part Object is locked skipped
D:\Programas\eMule v0.48a\Temp\012.part Object is locked skipped
D:\Programas\eMule v0.48a\Temp\013.part Object is locked skipped
D:\Programas\eMule v0.48a\Temp\014.part Object is locked skipped
D:\Programas\eMule v0.48a\Temp\015.part Object is locked skipped
D:\Programas\eMule v0.48a\Temp\016.part Object is locked skipped
D:\Programas\eMule v0.48a\Temp\017.part Object is locked skipped
D:\Programas\eMule v0.48a\Temp\018.part Object is locked skipped
D:\Programas\eMule v0.48a\Temp\019.part Object is locked skipped
D:\Programas\eMule v0.48a\Temp\020.part Object is locked skipped
D:\Programas\eMule v0.48a\Temp\021.part Object is locked skipped
D:\Programas\eMule v0.48a\Temp\022.part Object is locked skipped
D:\Programas\eMule v0.48a\Temp\023.part Object is locked skipped
D:\Programas\eMule v0.48a\Temp\024.part Object is locked skipped
D:\Programas\eMule v0.48a\Temp\025.part Object is locked skipped
D:\Programas\eMule v0.48a\Temp\026.part Object is locked skipped
D:\Programas\eMule v0.48a\Temp\027.part Object is locked skipped
D:\Programas\eMule v0.48a\Temp\028.part Object is locked skipped
D:\Programas\eMule v0.48a\Temp\029.part Object is locked skipped
D:\Programas\eMule v0.48a\Temp\030.part Object is locked skipped
D:\Programas\eMule v0.48a\Temp\031.part Object is locked skipped
D:\Programas\eMule v0.48a\Temp\032.part Object is locked skipped
D:\Programas\eMule v0.48a\Temp\033.part Object is locked skipped
D:\Programas\eMule v0.48a\Temp\035.part Object is locked skipped
D:\Programas\NOD32\cache\CACHE.NDB Object is locked skipped
D:\Programas\NOD32\infected\0Q2CFZBA.NQF Infected: not-a-virus:AdWare.Win32.Gator.4104 skipped
D:\Programas\NOD32\infected\ARIFHABA.NQF Infected: P2P-Worm.Win32.Kapucen.ac skipped
D:\Programas\NOD32\infected\ECNKF3BA.NQF/data.rar/officekey.exe Infected: not-a-virus:PSWTool.Win32.RAS.a skipped
D:\Programas\NOD32\infected\ECNKF3BA.NQF/data.rar Infected: not-a-virus:PSWTool.Win32.RAS.a skipped
D:\Programas\NOD32\infected\ECNKF3BA.NQF RarSFX: infected - 2 skipped
D:\Programas\NOD32\infected\ECNKF3BA.NQF PE-Crypt.XorPE: infected - 2 skipped
D:\Programas\NOD32\logs\virlog.dat Object is locked skipped
D:\Programas\NOD32\logs\warnlog.dat Object is locked skipped
D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
D:\System Volume Information\_restore{3CA19D28-AC3B-48D0-8107-7836799014A2}\RP165\change.log Object is locked skipped
Scan process completed.
Espero consejo; gracias
VIRUS MÚLTIPLES
-
msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Desactive la restauracion de sistema, arranque en modo seguro y lance su antivirus actualizado, que deberá detectar lo mismo y podrá con ello eliminarlos
saludos
ms, 29-05-2007
saludos
ms, 29-05-2007
msc hotline sat Virus Research Engineer Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
He hecho lo que me has dicho, pero sinceramente ya no se si considerar lo que me viene aquí como virus o no. Me cuesta saber si son virus o no, porque si no es un virus porque me dice: not a virus!!!
Los que están en la carpeta de NOD32 deduzco que son los que están en cuarentena, pero no se quitan? se quitan con el tiempo?
Total number of scanned objects 86778
Number of viruses found 5
Number of infected objects 20
Number of suspicious objects 3
Duration of the scan process 01:22:51
Infected Object Name Virus Name Last Action
C:\Documents and Settings\All Users\Datos de programa\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Datos de programa\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Historial\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Silmaril\Configuración local\Archivos temporales de Internet\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\Silmaril\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Silmaril\Configuración local\Datos de programa\Ahead\Nero Home\bl.db Object is locked skipped
C:\Documents and Settings\Silmaril\Configuración local\Datos de programa\Ahead\Nero Home\bl.db-journal Object is locked skipped
C:\Documents and Settings\Silmaril\Configuración local\Datos de programa\Ahead\Nero Home\is2.db Object is locked skipped
C:\Documents and Settings\Silmaril\Configuración local\Datos de programa\Ahead\Nero Home\is2.db-journal Object is locked skipped
C:\Documents and Settings\Silmaril\Configuración local\Datos de programa\Microsoft\CardSpace\CardSpace.db Object is locked skipped
C:\Documents and Settings\Silmaril\Configuración local\Datos de programa\Microsoft\CardSpace\CardSpace.db.shadow Object is locked skipped
C:\Documents and Settings\Silmaril\Configuración local\Datos de programa\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\Silmaril\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Silmaril\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Silmaril\Configuración local\Historial\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Silmaril\Configuración local\Historial\History.IE5\MSHist012007052920070530\index.dat Object is locked skipped
C:\Documents and Settings\Silmaril\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Silmaril\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Silmaril\ntuser.dat.LOG Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{3CA19D28-AC3B-48D0-8107-7836799014A2}\RP165\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\drivers\dtscsi.sys Object is locked skipped
C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped
C:\WINDOWS\system32\drivers\sptd4189.sys Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
D:\Luis Manuel\Organizador\Movil 3100\Melodías, Logos y Juegos\Apps & Games Java Nokia 3100.3200.3300.6100.6610.7210.7250\Apps e games\Apps\ActiveViewer\vnc-3.3.7-x86_win32.zip/vnc-3.3.7-x86_win32.exe/data0002 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped
D:\Luis Manuel\Organizador\Movil 3100\Melodías, Logos y Juegos\Apps & Games Java Nokia 3100.3200.3300.6100.6610.7210.7250\Apps e games\Apps\ActiveViewer\vnc-3.3.7-x86_win32.zip/vnc-3.3.7-x86_win32.exe/data0003 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped
D:\Luis Manuel\Organizador\Movil 3100\Melodías, Logos y Juegos\Apps & Games Java Nokia 3100.3200.3300.6100.6610.7210.7250\Apps e games\Apps\ActiveViewer\vnc-3.3.7-x86_win32.zip/vnc-3.3.7-x86_win32.exe/data0004 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped
D:\Luis Manuel\Organizador\Movil 3100\Melodías, Logos y Juegos\Apps & Games Java Nokia 3100.3200.3300.6100.6610.7210.7250\Apps e games\Apps\ActiveViewer\vnc-3.3.7-x86_win32.zip/vnc-3.3.7-x86_win32.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped
D:\Luis Manuel\Organizador\Movil 3100\Melodías, Logos y Juegos\Apps & Games Java Nokia 3100.3200.3300.6100.6610.7210.7250\Apps e games\Apps\ActiveViewer\vnc-3.3.7-x86_win32.zip ZIP: infected - 4 skipped
D:\Luis Manuel\Organizador\Movil 3100\Melodías, Logos y Juegos\nokia_nokia 3100_(5000 logos_couleurs_300 apps&gams_java_pcsuite_ 100 sonneries_ringtones_by Murdock6\3100\applications java\Apps\ActiveViewer\vnc-3.3.7-x86_win32.zip/vnc-3.3.7-x86_win32.exe/data0002 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped
D:\Luis Manuel\Organizador\Movil 3100\Melodías, Logos y Juegos\nokia_nokia 3100_(5000 logos_couleurs_300 apps&gams_java_pcsuite_ 100 sonneries_ringtones_by Murdock6\3100\applications java\Apps\ActiveViewer\vnc-3.3.7-x86_win32.zip/vnc-3.3.7-x86_win32.exe/data0003 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped
D:\Luis Manuel\Organizador\Movil 3100\Melodías, Logos y Juegos\nokia_nokia 3100_(5000 logos_couleurs_300 apps&gams_java_pcsuite_ 100 sonneries_ringtones_by Murdock6\3100\applications java\Apps\ActiveViewer\vnc-3.3.7-x86_win32.zip/vnc-3.3.7-x86_win32.exe/data0004 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped
D:\Luis Manuel\Organizador\Movil 3100\Melodías, Logos y Juegos\nokia_nokia 3100_(5000 logos_couleurs_300 apps&gams_java_pcsuite_ 100 sonneries_ringtones_by Murdock6\3100\applications java\Apps\ActiveViewer\vnc-3.3.7-x86_win32.zip/vnc-3.3.7-x86_win32.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped
D:\Luis Manuel\Organizador\Movil 3100\Melodías, Logos y Juegos\nokia_nokia 3100_(5000 logos_couleurs_300 apps&gams_java_pcsuite_ 100 sonneries_ringtones_by Murdock6\3100\applications java\Apps\ActiveViewer\vnc-3.3.7-x86_win32.zip ZIP: infected - 4 skipped
D:\Luis Manuel\PENDRIVE\Nueva carpeta3\Superare il controllo WGA di Windows XP (V. 21-02-2007) KB905474.zip/Superare il controllo WGA di Windows XP (V. 21-02-2007) KB905474/Magical Jelly Bean Keyfinder.exe/data.rar/officekey.exe Infected: not-a-virus:PSWTool.Win32.RAS.a skipped
D:\Luis Manuel\PENDRIVE\Nueva carpeta3\Superare il controllo WGA di Windows XP (V. 21-02-2007) KB905474.zip/Superare il controllo WGA di Windows XP (V. 21-02-2007) KB905474/Magical Jelly Bean Keyfinder.exe/data.rar Infected: not-a-virus:PSWTool.Win32.RAS.a skipped
D:\Luis Manuel\PENDRIVE\Nueva carpeta3\Superare il controllo WGA di Windows XP (V. 21-02-2007) KB905474.zip/Superare il controllo WGA di Windows XP (V. 21-02-2007) KB905474/Magical Jelly Bean Keyfinder.exe Infected: not-a-virus:PSWTool.Win32.RAS.a skipped
D:\Luis Manuel\PENDRIVE\Nueva carpeta3\Superare il controllo WGA di Windows XP (V. 21-02-2007) KB905474.zip ZIP: infected - 3 skipped
D:\Luis Manuel\PENDRIVE\Nueva carpeta3\[Patch Xp Sp2-Vlk] Wga Microsoft Windows Genuine Advantage Crack Fix Full 1click Febr 2007 - Ottimo.zip/[PATCH XP SP2-VLK] WGA full crack.exe/mga.exe Suspicious: Backdoor.Win32.VB.gen skipped
D:\Luis Manuel\PENDRIVE\Nueva carpeta3\[Patch Xp Sp2-Vlk] Wga Microsoft Windows Genuine Advantage Crack Fix Full 1click Febr 2007 - Ottimo.zip/[PATCH XP SP2-VLK] WGA full crack.exe Suspicious: Backdoor.Win32.VB.gen skipped
D:\Luis Manuel\PENDRIVE\Nueva carpeta3\[Patch Xp Sp2-Vlk] Wga Microsoft Windows Genuine Advantage Crack Fix Full 1click Febr 2007 - Ottimo.zip ZIP: suspicious - 2 skipped
D:\Programas\Alcohol 120%\Alcohol 120\StarWind\logs\starwind.2007-05-29.17-57-45.log Object is locked skipped
D:\Programas\NOD32\cache\CACHE.NDB Object is locked skipped
D:\Programas\NOD32\infected\0Q2CFZBA.NQF Infected: not-a-virus:AdWare.Win32.Gator.4104 skipped
D:\Programas\NOD32\infected\ARIFHABA.NQF Infected: P2P-Worm.Win32.Kapucen.ac skipped
D:\Programas\NOD32\infected\ECNKF3BA.NQF/data.rar/officekey.exe Infected: not-a-virus:PSWTool.Win32.RAS.a skipped
D:\Programas\NOD32\infected\ECNKF3BA.NQF/data.rar Infected: not-a-virus:PSWTool.Win32.RAS.a skipped
D:\Programas\NOD32\infected\ECNKF3BA.NQF RarSFX: infected - 2 skipped
D:\Programas\NOD32\infected\ECNKF3BA.NQF PE-Crypt.XorPE: infected - 2 skipped
D:\Programas\NOD32\logs\virlog.dat Object is locked skipped
D:\Programas\NOD32\logs\warnlog.dat Object is locked skipped
D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
D:\System Volume Information\_restore{3CA19D28-AC3B-48D0-8107-7836799014A2}\RP165\change.log Object is locked skipped
Scan process completed
Los que están en la carpeta de NOD32 deduzco que son los que están en cuarentena, pero no se quitan? se quitan con el tiempo?
Total number of scanned objects 86778
Number of viruses found 5
Number of infected objects 20
Number of suspicious objects 3
Duration of the scan process 01:22:51
Infected Object Name Virus Name Last Action
C:\Documents and Settings\All Users\Datos de programa\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Datos de programa\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Historial\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Silmaril\Configuración local\Archivos temporales de Internet\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\Silmaril\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Silmaril\Configuración local\Datos de programa\Ahead\Nero Home\bl.db Object is locked skipped
C:\Documents and Settings\Silmaril\Configuración local\Datos de programa\Ahead\Nero Home\bl.db-journal Object is locked skipped
C:\Documents and Settings\Silmaril\Configuración local\Datos de programa\Ahead\Nero Home\is2.db Object is locked skipped
C:\Documents and Settings\Silmaril\Configuración local\Datos de programa\Ahead\Nero Home\is2.db-journal Object is locked skipped
C:\Documents and Settings\Silmaril\Configuración local\Datos de programa\Microsoft\CardSpace\CardSpace.db Object is locked skipped
C:\Documents and Settings\Silmaril\Configuración local\Datos de programa\Microsoft\CardSpace\CardSpace.db.shadow Object is locked skipped
C:\Documents and Settings\Silmaril\Configuración local\Datos de programa\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\Silmaril\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Silmaril\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Silmaril\Configuración local\Historial\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Silmaril\Configuración local\Historial\History.IE5\MSHist012007052920070530\index.dat Object is locked skipped
C:\Documents and Settings\Silmaril\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Silmaril\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Silmaril\ntuser.dat.LOG Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{3CA19D28-AC3B-48D0-8107-7836799014A2}\RP165\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\drivers\dtscsi.sys Object is locked skipped
C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped
C:\WINDOWS\system32\drivers\sptd4189.sys Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
D:\Luis Manuel\Organizador\Movil 3100\Melodías, Logos y Juegos\Apps & Games Java Nokia 3100.3200.3300.6100.6610.7210.7250\Apps e games\Apps\ActiveViewer\vnc-3.3.7-x86_win32.zip/vnc-3.3.7-x86_win32.exe/data0002 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped
D:\Luis Manuel\Organizador\Movil 3100\Melodías, Logos y Juegos\Apps & Games Java Nokia 3100.3200.3300.6100.6610.7210.7250\Apps e games\Apps\ActiveViewer\vnc-3.3.7-x86_win32.zip/vnc-3.3.7-x86_win32.exe/data0003 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped
D:\Luis Manuel\Organizador\Movil 3100\Melodías, Logos y Juegos\Apps & Games Java Nokia 3100.3200.3300.6100.6610.7210.7250\Apps e games\Apps\ActiveViewer\vnc-3.3.7-x86_win32.zip/vnc-3.3.7-x86_win32.exe/data0004 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped
D:\Luis Manuel\Organizador\Movil 3100\Melodías, Logos y Juegos\Apps & Games Java Nokia 3100.3200.3300.6100.6610.7210.7250\Apps e games\Apps\ActiveViewer\vnc-3.3.7-x86_win32.zip/vnc-3.3.7-x86_win32.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped
D:\Luis Manuel\Organizador\Movil 3100\Melodías, Logos y Juegos\Apps & Games Java Nokia 3100.3200.3300.6100.6610.7210.7250\Apps e games\Apps\ActiveViewer\vnc-3.3.7-x86_win32.zip ZIP: infected - 4 skipped
D:\Luis Manuel\Organizador\Movil 3100\Melodías, Logos y Juegos\nokia_nokia 3100_(5000 logos_couleurs_300 apps&gams_java_pcsuite_ 100 sonneries_ringtones_by Murdock6\3100\applications java\Apps\ActiveViewer\vnc-3.3.7-x86_win32.zip/vnc-3.3.7-x86_win32.exe/data0002 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped
D:\Luis Manuel\Organizador\Movil 3100\Melodías, Logos y Juegos\nokia_nokia 3100_(5000 logos_couleurs_300 apps&gams_java_pcsuite_ 100 sonneries_ringtones_by Murdock6\3100\applications java\Apps\ActiveViewer\vnc-3.3.7-x86_win32.zip/vnc-3.3.7-x86_win32.exe/data0003 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped
D:\Luis Manuel\Organizador\Movil 3100\Melodías, Logos y Juegos\nokia_nokia 3100_(5000 logos_couleurs_300 apps&gams_java_pcsuite_ 100 sonneries_ringtones_by Murdock6\3100\applications java\Apps\ActiveViewer\vnc-3.3.7-x86_win32.zip/vnc-3.3.7-x86_win32.exe/data0004 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped
D:\Luis Manuel\Organizador\Movil 3100\Melodías, Logos y Juegos\nokia_nokia 3100_(5000 logos_couleurs_300 apps&gams_java_pcsuite_ 100 sonneries_ringtones_by Murdock6\3100\applications java\Apps\ActiveViewer\vnc-3.3.7-x86_win32.zip/vnc-3.3.7-x86_win32.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped
D:\Luis Manuel\Organizador\Movil 3100\Melodías, Logos y Juegos\nokia_nokia 3100_(5000 logos_couleurs_300 apps&gams_java_pcsuite_ 100 sonneries_ringtones_by Murdock6\3100\applications java\Apps\ActiveViewer\vnc-3.3.7-x86_win32.zip ZIP: infected - 4 skipped
D:\Luis Manuel\PENDRIVE\Nueva carpeta3\Superare il controllo WGA di Windows XP (V. 21-02-2007) KB905474.zip/Superare il controllo WGA di Windows XP (V. 21-02-2007) KB905474/Magical Jelly Bean Keyfinder.exe/data.rar/officekey.exe Infected: not-a-virus:PSWTool.Win32.RAS.a skipped
D:\Luis Manuel\PENDRIVE\Nueva carpeta3\Superare il controllo WGA di Windows XP (V. 21-02-2007) KB905474.zip/Superare il controllo WGA di Windows XP (V. 21-02-2007) KB905474/Magical Jelly Bean Keyfinder.exe/data.rar Infected: not-a-virus:PSWTool.Win32.RAS.a skipped
D:\Luis Manuel\PENDRIVE\Nueva carpeta3\Superare il controllo WGA di Windows XP (V. 21-02-2007) KB905474.zip/Superare il controllo WGA di Windows XP (V. 21-02-2007) KB905474/Magical Jelly Bean Keyfinder.exe Infected: not-a-virus:PSWTool.Win32.RAS.a skipped
D:\Luis Manuel\PENDRIVE\Nueva carpeta3\Superare il controllo WGA di Windows XP (V. 21-02-2007) KB905474.zip ZIP: infected - 3 skipped
D:\Luis Manuel\PENDRIVE\Nueva carpeta3\[Patch Xp Sp2-Vlk] Wga Microsoft Windows Genuine Advantage Crack Fix Full 1click Febr 2007 - Ottimo.zip/[PATCH XP SP2-VLK] WGA full crack.exe/mga.exe Suspicious: Backdoor.Win32.VB.gen skipped
D:\Luis Manuel\PENDRIVE\Nueva carpeta3\[Patch Xp Sp2-Vlk] Wga Microsoft Windows Genuine Advantage Crack Fix Full 1click Febr 2007 - Ottimo.zip/[PATCH XP SP2-VLK] WGA full crack.exe Suspicious: Backdoor.Win32.VB.gen skipped
D:\Luis Manuel\PENDRIVE\Nueva carpeta3\[Patch Xp Sp2-Vlk] Wga Microsoft Windows Genuine Advantage Crack Fix Full 1click Febr 2007 - Ottimo.zip ZIP: suspicious - 2 skipped
D:\Programas\Alcohol 120%\Alcohol 120\StarWind\logs\starwind.2007-05-29.17-57-45.log Object is locked skipped
D:\Programas\NOD32\cache\CACHE.NDB Object is locked skipped
D:\Programas\NOD32\infected\0Q2CFZBA.NQF Infected: not-a-virus:AdWare.Win32.Gator.4104 skipped
D:\Programas\NOD32\infected\ARIFHABA.NQF Infected: P2P-Worm.Win32.Kapucen.ac skipped
D:\Programas\NOD32\infected\ECNKF3BA.NQF/data.rar/officekey.exe Infected: not-a-virus:PSWTool.Win32.RAS.a skipped
D:\Programas\NOD32\infected\ECNKF3BA.NQF/data.rar Infected: not-a-virus:PSWTool.Win32.RAS.a skipped
D:\Programas\NOD32\infected\ECNKF3BA.NQF RarSFX: infected - 2 skipped
D:\Programas\NOD32\infected\ECNKF3BA.NQF PE-Crypt.XorPE: infected - 2 skipped
D:\Programas\NOD32\logs\virlog.dat Object is locked skipped
D:\Programas\NOD32\logs\warnlog.dat Object is locked skipped
D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
D:\System Volume Information\_restore{3CA19D28-AC3B-48D0-8107-7836799014A2}\RP165\change.log Object is locked skipped
Scan process completed
He pasado el Hijack por si sirve de algo.
Logfile of HijackThis v1.99.1
Scan saved at 16:22:15, on 30/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\sstray.exe
D:\Programas\NOD32\nod32kui.exe
D:\Programas\CyberLink\PowerDVD\PDVDServ.exe
C:\Archivos de programa\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Archivos de programa\Java\jre1.5.0_11\bin\jusched.exe
D:\Programas\Adobe\Distillr\Acrotray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Archivos de programa\Archivos comunes\Ahead\Lib\NMBgMonitor.exe
D:\Programas\Mini20\Mini20.exe
C:\Archivos de programa\Archivos comunes\Ahead\Lib\NMIndexStoreSvr.exe
D:\Programas\NOD32\nod32krn.exe
D:\Programas\Alcohol 120%\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Archivos de programa\Java\jre1.5.0_11\bin\jucheck.exe
D:\Programas\eMule v0.48a\emule.exe
C:\Archivos de programa\MSN Messenger\msnmsgr.exe
C:\Archivos de programa\MSN Messenger\usnsvc.exe
C:\ARCHIV~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Archivos de programa\Internet Explorer\iexplore.exe
D:\Programas\WinRar 3.41\WinRAR.exe
C:\DOCUME~1\Silmaril\CONFIG~1\Temp\Rar$EX00.266\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =http://www.google.es/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programas\Adobe\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Programas\Adobe\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Programas\Adobe\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [nod32kui] "D:\Programas\NOD32\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Archivos de programa\Archivos comunes\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] D:\Programas\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Archivos de programa\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Archivos de programa\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "D:\Programas\Adobe\Distillr\Acrotray.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Archivos de programa\Archivos comunes\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Mini20] "D:\Programas\Mini20\Mini20.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\ARCHIV~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Convert link target to Adobe PDF - res://D:\Programas\Adobe\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://D:\Programas\Adobe\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://D:\Programas\Adobe\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://D:\Programas\Adobe\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://D:\Programas\Adobe\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://D:\Programas\Adobe\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://D:\Programas\Adobe\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://D:\Programas\Adobe\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://D:\PROGRA~1\OFFICE~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\OFFICE~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) -http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) -http://www.ca.com/us/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {8436FE12-31DB-48BF-83BF-FE682F9160B4} (NanoInstaller Class) -https://www.pandasecurity.com/spain/homeusers/solutions/online-antivirus//cabs/nanoinst.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) -https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARCHIV~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARCHIV~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Archivos de programa\Archivos comunes\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Archivos de programa\Archivos comunes\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - D:\Programas\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - D:\Programas\NOD32\nod32krn.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Archivos de programa\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - D:\Programas\Alcohol 120%\Alcohol 120\StarWind\StarWindService.exe
Logfile of HijackThis v1.99.1
Scan saved at 16:22:15, on 30/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\sstray.exe
D:\Programas\NOD32\nod32kui.exe
D:\Programas\CyberLink\PowerDVD\PDVDServ.exe
C:\Archivos de programa\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Archivos de programa\Java\jre1.5.0_11\bin\jusched.exe
D:\Programas\Adobe\Distillr\Acrotray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Archivos de programa\Archivos comunes\Ahead\Lib\NMBgMonitor.exe
D:\Programas\Mini20\Mini20.exe
C:\Archivos de programa\Archivos comunes\Ahead\Lib\NMIndexStoreSvr.exe
D:\Programas\NOD32\nod32krn.exe
D:\Programas\Alcohol 120%\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Archivos de programa\Java\jre1.5.0_11\bin\jucheck.exe
D:\Programas\eMule v0.48a\emule.exe
C:\Archivos de programa\MSN Messenger\msnmsgr.exe
C:\Archivos de programa\MSN Messenger\usnsvc.exe
C:\ARCHIV~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Archivos de programa\Internet Explorer\iexplore.exe
D:\Programas\WinRar 3.41\WinRAR.exe
C:\DOCUME~1\Silmaril\CONFIG~1\Temp\Rar$EX00.266\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programas\Adobe\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Programas\Adobe\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Programas\Adobe\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [nod32kui] "D:\Programas\NOD32\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Archivos de programa\Archivos comunes\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] D:\Programas\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Archivos de programa\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Archivos de programa\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "D:\Programas\Adobe\Distillr\Acrotray.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Archivos de programa\Archivos comunes\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Mini20] "D:\Programas\Mini20\Mini20.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\ARCHIV~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Convert link target to Adobe PDF - res://D:\Programas\Adobe\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://D:\Programas\Adobe\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://D:\Programas\Adobe\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://D:\Programas\Adobe\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://D:\Programas\Adobe\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://D:\Programas\Adobe\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://D:\Programas\Adobe\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://D:\Programas\Adobe\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://D:\PROGRA~1\OFFICE~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\OFFICE~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) -
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) -
O16 - DPF: {8436FE12-31DB-48BF-83BF-FE682F9160B4} (NanoInstaller Class) -
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARCHIV~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARCHIV~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Archivos de programa\Archivos comunes\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Archivos de programa\Archivos comunes\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - D:\Programas\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - D:\Programas\NOD32\nod32krn.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Archivos de programa\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - D:\Programas\Alcohol 120%\Alcohol 120\StarWind\StarWindService.exe
-
msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
log limpio
y de los ficheros que le indican NOT-A-VIRUS pueden ser aplicaciones potencialmente peligrosas. Si quiere envienos muestra para analizar y saldremos de dudas:
->[b] Para ello recordar[/b] https://foros.zonavirus.com/viewtopic.php?f=2&t=45334
saludos
ms, 30-05-2007
y de los ficheros que le indican NOT-A-VIRUS pueden ser aplicaciones potencialmente peligrosas. Si quiere envienos muestra para analizar y saldremos de dudas:
->
saludos
ms, 30-05-2007
msc hotline sat Virus Research Engineer Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online