Hola, chicos,
A ver si me podeis echar un cable....
Hoy me ha dado por pasar el kaspersky on line, con la sorpresa de que me ha encontrado un troyano. A ver si alguien me podría decir como desacerme de el....
Os pego el resultado del scaner. Graciasss !!!!
KASPERSKY ONLINE SCANNER REPORT
Saturday, November 18, 2006 8:51:17 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 18/11/2006
Kaspersky Anti-Virus database records: 229067
Scan Settings
Scan using the following antivirus database standard
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\
K:\
Scan Statistics
Total number of scanned objects 70884
Number of viruses found 1
Number of infected objects 1 / 0
Number of suspicious objects 0
Duration of the scan process 00:47:40
Infected Object Name Virus Name Last Action
C:\Documents and Settings\All Users\Datos de programa\Grisoft\Avg7Data\avg7log.log Object is locked skipped
C:\Documents and Settings\All Users\Datos de programa\Grisoft\Avg7Data\avg7log.log.lck Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Historial\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LOLI Y FRANC\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LOLI Y FRANC\Configuración local\Datos de programa\Ahead\Nero Home\bl.db Object is locked skipped
C:\Documents and Settings\LOLI Y FRANC\Configuración local\Datos de programa\Ahead\Nero Home\bl.db-journal Object is locked skipped
C:\Documents and Settings\LOLI Y FRANC\Configuración local\Datos de programa\Ahead\Nero Home\is2.db Object is locked skipped
C:\Documents and Settings\LOLI Y FRANC\Configuración local\Datos de programa\Ahead\Nero Home\is2.db-journal Object is locked skipped
C:\Documents and Settings\LOLI Y FRANC\Configuración local\Datos de programa\ApplicationHistory\cli.exe.72313fbf.ini.inuse Object is locked skipped
C:\Documents and Settings\LOLI Y FRANC\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LOLI Y FRANC\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LOLI Y FRANC\Configuración local\Historial\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LOLI Y FRANC\Configuración local\Historial\History.IE5\MSHist012006111820061119\index.dat Object is locked skipped
C:\Documents and Settings\LOLI Y FRANC\Configuración local\Temp\Perflib_Perfdata_67c.dat Object is locked skipped
C:\Documents and Settings\LOLI Y FRANC\Configuración local\Temp\Perflib_Perfdata_dac.dat Object is locked skipped
C:\Documents and Settings\LOLI Y FRANC\Configuración local\Temp\Perflib_Perfdata_db8.dat Object is locked skipped
C:\Documents and Settings\LOLI Y FRANC\Configuración local\Temp\~DF8736.tmp Object is locked skipped
C:\Documents and Settings\LOLI Y FRANC\Configuración local\Temp\~DF8743.tmp Object is locked skipped
C:\Documents and Settings\LOLI Y FRANC\Configuración local\Temp\~DF92B0.tmp Object is locked skipped
C:\Documents and Settings\LOLI Y FRANC\Configuración local\Temp\~DF92CA.tmp Object is locked skipped
C:\Documents and Settings\LOLI Y FRANC\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LOLI Y FRANC\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LOLI Y FRANC\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Configuración local\Historial\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLML_MAIN\CLML.db Object is locked skipped
C:\sti.log Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{E44FE03E-757D-4554-AAD1-16373C3DCA44}\RP113\change.log Object is locked skipped
C:\System Volume Information\_restore{E44FE03E-757D-4554-AAD1-16373C3DCA44}\RP43\A0016027.exe Infected: Trojan.Win32.Pakes skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\ACEEvent.evt Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\CLML_AGENT_LOG1.txt Object is locked skipped
C:\WINDOWS\Temp\sqlite_VjclCnYTdytXGQv Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
K:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
Scan process completed.
trojan.win32.pakes
-
msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Sencillamente está en la carpeta del RESTORE:
C:\System Volume Information\_restore
y para acceder a ella debes desactivar la restauracion de sistema:
Boton derecho sobre MIPC -> PROPIEDADES -> RESTAURAR -> Desactivar restauracion de sistema
No olvidarse de volver a activarlo tras haber eliminado el malware
saludos
ms, 18-11-2006
C:\System Volume Information\_restore
y para acceder a ella debes desactivar la restauracion de sistema:
Boton derecho sobre MIPC -> PROPIEDADES -> RESTAURAR -> Desactivar restauracion de sistema
No olvidarse de volver a activarlo tras haber eliminado el malware
saludos
ms, 18-11-2006
msc hotline sat Virus Research Engineer Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online
-
msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Una vez desactivada la restauracion de sistema, arranque en modo seguro y lance su antivirus, que ya podrlá acceder a dicha zona y proceder en consecuencia
saludos
ms, 19-11-2006
saludos
ms, 19-11-2006
msc hotline sat Virus Research Engineer Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online