Alguien me mira este log?

Estado
Cerrado para nuevas respuestas

diegocruz

Nuevo Miembro
Miembro
Ante la gran labor que realiza la caca del norton antivirus me dio por hacer un scaner online con el kapersky y este es el resultado

Bombre del objeto infectado Nombre del virus Última acción

C:\Documents and Settings\All Users\Application Data\Microsoft\eHome\logs\ehRecvr.log Object is locked saltado



C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked saltado



C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked saltado



C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat Object is locked saltado



C:\Documents and Settings\All Users\Application Data\Symantec\HPPAppActivity.log Object is locked saltado



C:\Documents and Settings\All Users\Application Data\Symantec\HPPHomePageActivity.log Object is locked saltado



C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\2007-12-20_Log.ALUSchedulerSvc.LiveUpdate Object is locked saltado



C:\Documents and Settings\All Users\Documents\Recorded TV\TempRec\TempSBE\MSDVRMM_482092674_42795008_62455 Object is locked saltado



C:\Documents and Settings\All Users\Documents\Recorded TV\TempRec\TempSBE\MSDVRMM_482092674_4521984_132818 Object is locked saltado



C:\Documents and Settings\All Users\Documents\Recorded TV\TempRec\TempSBE\SBE1.tmp Object is locked saltado



C:\Documents and Settings\All Users\Documents\Recorded TV\TempRec\TempSBE\SBE2.tmp Object is locked saltado



C:\Documents and Settings\All Users\Documents\Recorded TV\TempRec\{0741233C-D188-4051-89EB-B94E6ED4A295}.TmpSBE Object is locked saltado



C:\Documents and Settings\All Users\Documents\Recorded TV\TempRec\{E6739055-A703-496A-B8E0-C13917E93139}.TmpSBE Object is locked saltado



C:\Documents and Settings\All Users\DRM\drmstore.hds Object is locked saltado



C:\Documents and Settings\DEBORA\My Documents\desktop.ini Object is locked saltado



C:\Documents and Settings\DEBORA\My Documents\Mis archivos recibidos\Thumbs.db Object is locked saltado



C:\Documents and Settings\DEBORA\My Documents\Mis carpetas para compartir.lnk Object is locked saltado



C:\Documents and Settings\DEBORA\My Documents\Mis escaneos\deby y yo en el bus.JPG Object is locked saltado



C:\Documents and Settings\DEBORA\My Documents\Mis escaneos\fotikas\iker2.jpg Object is locked saltado



C:\Documents and Settings\DEBORA\My Documents\Mis escaneos\fotikas\ikerina.jpg Object is locked saltado



C:\Documents and Settings\DEBORA\My Documents\Mis escaneos\fotikas\ines y yo de peques.jpg Object is locked saltado



C:\Documents and Settings\DEBORA\My Documents\Mis escaneos\fotikas\mi tato.jpg Object is locked saltado



C:\Documents and Settings\DEBORA\My Documents\Mis escaneos\fotikas\Thumbs.db Object is locked saltado



C:\Documents and Settings\DEBORA\My Documents\Mis escaneos\fotikas\yo xiquinina.jpg Object is locked saltado



C:\Documents and Settings\DEBORA\My Documents\Mis escaneos\Thumbs.db Object is locked saltado



C:\Documents and Settings\DEBORA\My Documents\Mis Logs\dinybronxnorte@hotmail.com.txt Object is locked saltado



C:\Documents and Settings\DEBORA\My Documents\Mis Logs\jonatan_turon@hotmail.com.txt Object is locked saltado



C:\Documents and Settings\DEBORA\My Documents\Mis Logs\junio 2006\elrubito_01@hotmail.com.txt Object is locked saltado



C:\Documents and Settings\DEBORA\My Documents\Mis Logs\junio 2006\judy_rbk@hotmail.com.txt Object is locked saltado



C:\Documents and Settings\DEBORA\My Documents\Mis Logs\junio 2006\mary88almanza@hotmail.com.txt Object is locked saltado



C:\Documents and Settings\DEBORA\My Documents\Mis Logs\junio 2006\noebronxsur@hotmail.com.txt Object is locked saltado



C:\Documents and Settings\DEBORA\My Documents\Mis Logs\junio 2006\pitufo_chema@hotmail.com.txt Object is locked saltado



C:\Documents and Settings\DEBORA\My Documents\Mis Logs\junio 2006\romeo_11_87@hotmail.com.txt Object is locked saltado



C:\Documents and Settings\DEBORA\My Documents\Mis Logs\junio 2006\rubenk2@hotmail.com.txt Object is locked saltado



C:\Documents and Settings\DEBORA\My Documents\Mis Logs\junio 2006\tyri_jhon@hotmail.com.txt Object is locked saltado



C:\Documents and Settings\DEBORA\My Documents\Mis Logs\junio 2006\zulaycepeda23@hotmail.com.txt Object is locked saltado



C:\Documents and Settings\DEBORA\My Documents\Mis Logs\romeo_11_87@hotmail.com.txt Object is locked saltado



C:\Documents and Settings\DEBORA\My Documents\Mis Logs\tranchethebest@hotmail.com.txt Object is locked saltado



C:\Documents and Settings\DEBORA\My Documents\Mis Logs\tyri_jhon@hotmail.com.txt Object is locked saltado



C:\Documents and Settings\DEBORA\My Documents\Mis Logs\uria_break@hotmail.com.txt Object is locked saltado



C:\Documents and Settings\DEBORA\My Documents\Mis Logs\zulaycepeda23@hotmail.com.txt Object is locked saltado



C:\Documents and Settings\DEBORA\My Documents\My Music\Desktop.ini Object is locked saltado



C:\Documents and Settings\DEBORA\My Documents\My Pictures\Desktop.ini Object is locked saltado



C:\Documents and Settings\DEBORA\My Documents\My Pictures\IMG1.jpg Object is locked saltado



C:\Documents and Settings\DEBORA\My Documents\My Pictures\IMG10.jpg Object is locked saltado



C:\Documents and Settings\DEBORA\My Documents\My Pictures\IMG11.jpg Object is locked saltado



C:\Documents and Settings\DEBORA\My Documents\My Pictures\IMG12.jpg Object is locked saltado



C:\Documents and Settings\DEBORA\My Documents\My Pictures\IMG13.jpg Object is locked saltado



C:\Documents and Settings\DEBORA\My Documents\My Pictures\IMG2.JPG Object is locked saltado



C:\Documents and Settings\DEBORA\My Documents\My Pictures\IMG3.JPG Object is locked saltado



C:\Documents and Settings\DEBORA\My Documents\My Pictures\IMG4.JPG Object is locked saltado



C:\Documents and Settings\DEBORA\My Documents\My Pictures\IMG5.jpg Object is locked saltado



C:\Documents and Settings\DEBORA\My Documents\My Pictures\IMG6.jpg Object is locked saltado



C:\Documents and Settings\DEBORA\My Documents\My Pictures\IMG7.jpg Object is locked saltado



C:\Documents and Settings\DEBORA\My Documents\My Pictures\IMG8.JPG Object is locked saltado



C:\Documents and Settings\DEBORA\My Documents\My Pictures\IMG9.JPG Object is locked saltado



C:\Documents and Settings\DEBORA\My Documents\My Pictures\Sample Pictures.lnk Object is locked saltado



C:\Documents and Settings\DEBORA\My Documents\My Pictures\Thumbs.db Object is locked saltado



C:\Documents and Settings\DEBORA\My Documents\My Videos\Desktop.ini Object is locked saltado



C:\Documents and Settings\HP_Administrator\Application Data\Symantec\PendingAlertsQueue.log Object is locked saltado



C:\Documents and Settings\HP_Administrator\Cookies\index.dat Object is locked saltado



C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked saltado



C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked saltado



C:\Documents and Settings\HP_Administrator\Local Settings\History\History.IE5\index.dat Object is locked saltado



C:\Documents and Settings\HP_Administrator\Local Settings\History\History.IE5\MSHist012007122020071221\index.dat Object is locked saltado



C:\Documents and Settings\HP_Administrator\Local Settings\Temp\hpodvd09.log Object is locked saltado



C:\Documents and Settings\HP_Administrator\Local Settings\Temp\_hphtra07.log Object is locked saltado



C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked saltado



C:\Documents and Settings\HP_Administrator\ntuser.dat Object is locked saltado



C:\Documents and Settings\HP_Administrator\ntuser.dat.LOG Object is locked saltado



C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked saltado



C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked saltado



C:\Documents and Settings\LocalService\Local Settings\Temp\Archivos temporales de Internet\Content.IE5\index.dat Object is locked saltado



C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat Object is locked saltado



C:\Documents and Settings\LocalService\Local Settings\Temp\Historial\History.IE5\index.dat Object is locked saltado



C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked saltado



C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked saltado



C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked saltado



C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked saltado



C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked saltado



C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked saltado



C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcrst.dll Object is locked saltado



C:\Program Files\Common Files\Symantec Shared\eengine\EPERSIST.DAT Object is locked saltado



C:\Program Files\Common Files\Symantec Shared\SNDALRT.log Object is locked saltado



C:\Program Files\Common Files\Symantec Shared\SNDCON.log Object is locked saltado



C:\Program Files\Common Files\Symantec Shared\SNDDBG.log Object is locked saltado



C:\Program Files\Common Files\Symantec Shared\SNDFW.log Object is locked saltado



C:\Program Files\Common Files\Symantec Shared\SNDIDS.log Object is locked saltado



C:\Program Files\Common Files\Symantec Shared\SNDSYS.log Object is locked saltado



C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBConfig.log Object is locked saltado



C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBDebug.log Object is locked saltado



C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBDetect.log Object is locked saltado



C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBNotify.log Object is locked saltado



C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBRefr.log Object is locked saltado



C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetCfg.log Object is locked saltado



C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetCfg2.log Object is locked saltado



C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetDev.log Object is locked saltado



C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetLoc.log Object is locked saltado



C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetUsr.log Object is locked saltado



C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSMNot.log Object is locked saltado



C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSMReg.log Object is locked saltado



C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSMRSt.log Object is locked saltado



C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBStHash.log Object is locked saltado



C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBStMSI.log Object is locked saltado



C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBValid.log Object is locked saltado



C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\SPPolicy.log Object is locked saltado



C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\SPStart.log Object is locked saltado



C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\SPStop.log Object is locked saltado



C:\Program Files\Norton AntiVirus\AVApp.log Object is locked saltado



C:\Program Files\Norton AntiVirus\AVError.log Object is locked saltado



C:\Program Files\Norton AntiVirus\AVVirus.log Object is locked saltado



C:\Program Files\Norton AntiVirus\Savrt\0250NAV~.TMP Object is locked saltado



C:\Program Files\Norton AntiVirus\Savrt\0773NAV~.TMP Object is locked saltado



C:\Program Files\SlySoft\CloneCD\RegCloneCD.exe Infectados: Packed.Win32.Tibs.ez saltado



C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked saltado



C:\System Volume Information\_restore{B9823275-D858-498B-A4DC-C4EEDA322F67}\RP212\change.log Object is locked saltado



C:\WINDOWS\Debug\PASSWD.LOG Object is locked saltado



C:\WINDOWS\Registration\{02D4B3F1-FD88-11D1-960D-00805FC79235}.{C02E67A3-C4BC-4063-85B9-F480713B50A0}.crmlog Object is locked saltado



C:\WINDOWS\SchedLgU.Txt Object is locked saltado



C:\WINDOWS\SoftwareDistribution\EventCache\{86CABD9E-1204-4558-9D73-7EC52D34178D}.bin Object is locked saltado



C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked saltado



C:\WINDOWS\Sti_Trace.log Object is locked saltado



C:\WINDOWS\system32\CatRoot2\edb.log Object is locked saltado



C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked saltado



C:\WINDOWS\system32\config\AppEvent.Evt Object is locked saltado



C:\WINDOWS\system32\config\default Object is locked saltado



C:\WINDOWS\system32\config\default.LOG Object is locked saltado



C:\WINDOWS\system32\config\Media Ce.evt Object is locked saltado



C:\WINDOWS\system32\config\SAM Object is locked saltado



C:\WINDOWS\system32\config\SAM.LOG Object is locked saltado



C:\WINDOWS\system32\config\SecEvent.Evt Object is locked saltado



C:\WINDOWS\system32\config\SECURITY Object is locked saltado



C:\WINDOWS\system32\config\SECURITY.LOG Object is locked saltado



C:\WINDOWS\system32\config\software Object is locked saltado



C:\WINDOWS\system32\config\software.LOG Object is locked saltado



C:\WINDOWS\system32\config\SysEvent.Evt Object is locked saltado



C:\WINDOWS\system32\config\system Object is locked saltado



C:\WINDOWS\system32\config\system.LOG Object is locked saltado



C:\WINDOWS\system32\drivers\atapi.sys Object is locked saltado



C:\WINDOWS\system32\h323log.txt Object is locked saltado



C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked saltado



C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked saltado



C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked saltado



C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked saltado



C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked saltado



C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked saltado



C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked saltado



C:\WINDOWS\wiadebug.log Object is locked saltado



C:\WINDOWS\wiaservc.log Object is locked saltado



C:\WINDOWS\WindowsUpdate.log Object is locked saltado



D:\System Volume Information\_restore{B9823275-D858-498B-A4DC-C4EEDA322F67}\RP212\change.log Object is locked saltado



Análisis completado.

Me he estado informando y al parecer es un trollano alguien me hecha un cable?Estaria eternamente agradecido

Ante mi gran asombro por ver que el norton ni se inmuta cuando me intenta meter mano al ordenador os pido que me aconsejeis cual seria un buen antivirus y como tener el pc lo mas completo en cuanto a la seguridad se refiere,firewall,spyware etc...

saludos y mil gracias de antemano
 

Caito

Ex- Mod
Miembro
Descarga el programa HijackThis HijackThis 2.0.2

y colócalo en una carpeta propia para el HijackThis (por ejemplo una carpeta C:\HijackThis\). Ejecútalo y presiona el botón "Do a system scan and save a logfile"; el programa realizará el escaneo e inmediatamente generará el Log, sólo te pedira el nombre del archivo y su ubicación, puedes simplemente guardarlo así como está. Se abrirá el Bloc de Notas, copia todo el contenido y pégalo como respuesta a este tema.

Una vez descargado, da doble click en el icono del HijackThis.exe.

Primero da click en el botón "Config", y aparecerán 7 opciones . Fíjate que no estén tildadas la primera ( “Mark everything found for fixing alter scan”) y la última (“Run Hijack This scan at startup and show it ítems are fond”).Luego presiona "Back"

Para empezar el escaneo de posibles hijackers, clickea en el botón "Scan". Se te presentará una lista con todos los elementos encontrados por el programa .

Baja el HijackThis de aquí:

HijackThis

Comienza un nuevo post y pega el log acá:

Logs HijackThis

Saludos

Caito
 
Estado
Cerrado para nuevas respuestas
Arriba Pie