Your name
2009-03-11 09:21:09 UTC
He estado esperando a ver si los otros archivos que salían volvían a
salir, pero no.
He enviado logon.scr a Virustotal y este es el informe que me dan:
Entiendo que el antivirus "SecureWeb-Gateway" lo detecta como virus, ¿es
así?. Consejos por favor.
Análisis del archivo logon.scr recibido el 11.03.2009 10:05:28 (CET)
Estado actual: Cargando ... en cola en espera en proceso análisis
terminado
Resultado: 1/39 (2.57%)
Motor antivirus Versión Última actualización Resultado
a-squared 4.0.0.101 2009.03.11 -
AhnLab-V3 5.0.0.2 2009.03.11 -
AntiVir 7.9.0.109 2009.03.11 -
Authentium 5.1.0.4 2009.03.10 -
Avast 4.8.1335.0 2009.03.10 -
AVG 8.0.0.237 2009.03.10 -
BitDefender 7.2 2009.03.11 -
CAT-QuickHeal 10.00 2009.03.11 -
ClamAV 0.94.1 2009.03.11 -
Comodo 1046 2009.03.10 -
DrWeb 4.44.0.09170 2009.03.11 -
eSafe 7.0.17.0 2009.03.09 -
eTrust-Vet None 2009.03.09 -
F-Prot 4.4.4.56 2009.03.10 -
F-Secure 8.0.14470.0 2009.03.11 -
Fortinet 3.117.0.0 2009.03.11 -
GData 19 2009.03.11 -
Ikarus T3.1.1.45.0 2009.03.11 -
K7AntiVirus 7.10.665 2009.03.10 -
Kaspersky 7.0.0.125 2009.03.11 -
McAfee 5549 2009.03.10 -
McAfee+Artemis 5549 2009.03.10 -
Microsoft 1.4405 2009.03.11 -
NOD32 3925 2009.03.11 -
Norman 6.00.06 2009.03.10 -
nProtect 2009.1.8.0 2009.03.11 -
Panda 10.0.0.10 2009.03.10 -
PCTools 4.4.2.0 2009.03.10 -
Prevx1 V2 2009.03.11 -
Rising 21.20.21.00 2009.03.11 -
SecureWeb-Gateway 6.7.6 2009.03.11 Win32.LooksLike.Virut
Sophos 4.39.0 2009.03.11 -
Sunbelt 3.2.1858.2 2009.03.10 -
Symantec 1.4.4.12 2009.03.11 -
TheHacker 6.3.3.0.278 2009.03.11 -
TrendMicro 8.700.0.1004 2009.03.11 -
VBA32 3.12.10.1 2009.03.11 -
ViRobot 2009.3.11.1644 2009.03.11 -
VirusBuster 4.5.11.0 2009.03.10 -
Información adicional
Tamano archivo: 220672 bytes
MD5...: de3a63a0f7153a36c9156963d0de546b
SHA1..: 7409ec715901350f024b523866dcbc612542573b
SHA256:
512fed2b74f0c84d80efb8151163699e9ae86d9cbab59d2e38982b407672a36c
SHA512:
7bfd48676ff763624c910f67cc483c6df8fc78ce837c9283b962713edf8da561
4973c262e5fe536f4d084b90e75e42ede279e8a108f3d7b3d90df22861691c55
ssdeep:
3072:tlXpaJC/jdelKE90KmIJQ3FKrKOYHhph3Z0ojWPTKGloGjHlJ7gB968Z7/C
ZTHcj:tlXp99z4T14KuS2D
PEiD..: -
TrID..: File type identification
Win64 Executable Generic (63.0%)
Win32 Executable MS Visual C++ (generic) (27.7%)
Win32 Executable Generic (6.2%)
Generic Win/DOS Executable (1.4%)
DOS Executable Generic (1.4%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x2807
timedatestamp.....: 0x41107d44 (Wed Aug 04 06:08:04 2004)
machinetype.......: 0x14c (I386)
( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x22c2 0x2400 6.16 e18a71dcfc6b36ed8cd11925fb06cc08
.data 0x4000 0x164 0x200 1.71 8d472953159e65abcb5db5a8a15e4f4e
.rsrc 0x5000 0x33330 0x33400 3.91 c015f59fa2c7c37d46ae4ebf93ca580b
( 7 imports )
IsWindow, SetCursor, GetForegroundWindow, TranslateMessage, GetMessageW,
SetForegroundWindow, FindWindowW, GetClientRect, CharNextW, ReleaseDC,
DispatchMessageW, LoadStringW, MessageBoxW, EndDialog, DefWindowProcW,
ShowWindow, SetRect, FillRect, DrawIcon, LoadImageW, RegisterClassW,
CreateWindowExW, SetTimer, PostMessageW, GetSystemMetrics, LoadIconW,
InvalidateRect, SetWindowPos, BeginPaint, EndPaint, GetDC,
RegisterWindowMessageW, SystemParametersInfoW, GetCursorPos,
PostQuitMessage
GetObjectW, CreateCompatibleDC, SelectObject, GetDIBColorTable,
CreatePalette, DeleteObject, GetClipBox
_adjust_fdiv, __setusermatherr, _initterm, __getmainargs, __initenv,
exit,
_cexit, _XcptFilter, _exit, _c_exit, _except_handler3
ExitProcess, GetCurrentThreadId, GetCurrentProcessId,
GetSystemTimeAsFileTime, TerminateProcess, GetCurrentProcess,
UnhandledExceptionFilter, SetUnhandledExceptionFilter, Sleep,
GetProcAddress, GetModuleHandleW, LoadLibraryW, GlobalAlloc, GlobalLock,
GetSystemPowerStatus, GetVersionExW, GlobalUnlock, GlobalFree,
GetStartupInfoW, GetCommandLineW, GetModuleHandleA, GetTickCount
ThreatExpert info: <a
href='http://www.threatexpert.com/report.aspx?md5
=de3a63a0f7153a36c9156963d0de546b'
target='_blank'>http://www.threatexpert.com/report.aspx?md5
=de3a63a0f7153a36c9156963d0de546b</a>
CWSandbox info: <a
href='http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5
=de3a63a0f7153a36c9156963d0de546b'
target='_blank'>http://research.sunbelt-
software.com/partnerresource/MD5.aspx?md5
=de3a63a0f7153a36c9156963d0de546b</a>
salir, pero no.
He enviado logon.scr a Virustotal y este es el informe que me dan:
Entiendo que el antivirus "SecureWeb-Gateway" lo detecta como virus, ¿es
así?. Consejos por favor.
Análisis del archivo logon.scr recibido el 11.03.2009 10:05:28 (CET)
Estado actual: Cargando ... en cola en espera en proceso análisis
terminado
Resultado: 1/39 (2.57%)
Motor antivirus Versión Última actualización Resultado
a-squared 4.0.0.101 2009.03.11 -
AhnLab-V3 5.0.0.2 2009.03.11 -
AntiVir 7.9.0.109 2009.03.11 -
Authentium 5.1.0.4 2009.03.10 -
Avast 4.8.1335.0 2009.03.10 -
AVG 8.0.0.237 2009.03.10 -
BitDefender 7.2 2009.03.11 -
CAT-QuickHeal 10.00 2009.03.11 -
ClamAV 0.94.1 2009.03.11 -
Comodo 1046 2009.03.10 -
DrWeb 4.44.0.09170 2009.03.11 -
eSafe 7.0.17.0 2009.03.09 -
eTrust-Vet None 2009.03.09 -
F-Prot 4.4.4.56 2009.03.10 -
F-Secure 8.0.14470.0 2009.03.11 -
Fortinet 3.117.0.0 2009.03.11 -
GData 19 2009.03.11 -
Ikarus T3.1.1.45.0 2009.03.11 -
K7AntiVirus 7.10.665 2009.03.10 -
Kaspersky 7.0.0.125 2009.03.11 -
McAfee 5549 2009.03.10 -
McAfee+Artemis 5549 2009.03.10 -
Microsoft 1.4405 2009.03.11 -
NOD32 3925 2009.03.11 -
Norman 6.00.06 2009.03.10 -
nProtect 2009.1.8.0 2009.03.11 -
Panda 10.0.0.10 2009.03.10 -
PCTools 4.4.2.0 2009.03.10 -
Prevx1 V2 2009.03.11 -
Rising 21.20.21.00 2009.03.11 -
SecureWeb-Gateway 6.7.6 2009.03.11 Win32.LooksLike.Virut
Sophos 4.39.0 2009.03.11 -
Sunbelt 3.2.1858.2 2009.03.10 -
Symantec 1.4.4.12 2009.03.11 -
TheHacker 6.3.3.0.278 2009.03.11 -
TrendMicro 8.700.0.1004 2009.03.11 -
VBA32 3.12.10.1 2009.03.11 -
ViRobot 2009.3.11.1644 2009.03.11 -
VirusBuster 4.5.11.0 2009.03.10 -
Información adicional
Tamano archivo: 220672 bytes
MD5...: de3a63a0f7153a36c9156963d0de546b
SHA1..: 7409ec715901350f024b523866dcbc612542573b
SHA256:
512fed2b74f0c84d80efb8151163699e9ae86d9cbab59d2e38982b407672a36c
SHA512:
7bfd48676ff763624c910f67cc483c6df8fc78ce837c9283b962713edf8da561
4973c262e5fe536f4d084b90e75e42ede279e8a108f3d7b3d90df22861691c55
ssdeep:
3072:tlXpaJC/jdelKE90KmIJQ3FKrKOYHhph3Z0ojWPTKGloGjHlJ7gB968Z7/C
ZTHcj:tlXp99z4T14KuS2D
PEiD..: -
TrID..: File type identification
Win64 Executable Generic (63.0%)
Win32 Executable MS Visual C++ (generic) (27.7%)
Win32 Executable Generic (6.2%)
Generic Win/DOS Executable (1.4%)
DOS Executable Generic (1.4%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x2807
timedatestamp.....: 0x41107d44 (Wed Aug 04 06:08:04 2004)
machinetype.......: 0x14c (I386)
( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x22c2 0x2400 6.16 e18a71dcfc6b36ed8cd11925fb06cc08
.data 0x4000 0x164 0x200 1.71 8d472953159e65abcb5db5a8a15e4f4e
.rsrc 0x5000 0x33330 0x33400 3.91 c015f59fa2c7c37d46ae4ebf93ca580b
( 7 imports )
USER32.dll: PeekMessageW, SendMessageW, DialogBoxParamW,
GetParent,IsWindow, SetCursor, GetForegroundWindow, TranslateMessage, GetMessageW,
SetForegroundWindow, FindWindowW, GetClientRect, CharNextW, ReleaseDC,
DispatchMessageW, LoadStringW, MessageBoxW, EndDialog, DefWindowProcW,
ShowWindow, SetRect, FillRect, DrawIcon, LoadImageW, RegisterClassW,
CreateWindowExW, SetTimer, PostMessageW, GetSystemMetrics, LoadIconW,
InvalidateRect, SetWindowPos, BeginPaint, EndPaint, GetDC,
RegisterWindowMessageW, SystemParametersInfoW, GetCursorPos,
PostQuitMessage
GDI32.dll: GetStockObject, SelectPalette, RealizePalette,
BitBlt,GetObjectW, CreateCompatibleDC, SelectObject, GetDIBColorTable,
CreatePalette, DeleteObject, GetClipBox
SHLWAPI.dll: -
msvcrt.dll: _controlfp, __set_app_type, __p__fmode,
__p__commode,msvcrt.dll: _controlfp, __set_app_type, __p__fmode,
_adjust_fdiv, __setusermatherr, _initterm, __getmainargs, __initenv,
exit,
_cexit, _XcptFilter, _exit, _c_exit, _except_handler3
ADVAPI32.dll: RegQueryValueExW, RegOpenKeyW, RegCloseKey
KERNEL32.dll: QueryPerformanceCounter, LoadLibraryExW,
FreeLibrary,KERNEL32.dll: QueryPerformanceCounter, LoadLibraryExW,
ExitProcess, GetCurrentThreadId, GetCurrentProcessId,
GetSystemTimeAsFileTime, TerminateProcess, GetCurrentProcess,
UnhandledExceptionFilter, SetUnhandledExceptionFilter, Sleep,
GetProcAddress, GetModuleHandleW, LoadLibraryW, GlobalAlloc, GlobalLock,
GetSystemPowerStatus, GetVersionExW, GlobalUnlock, GlobalFree,
GetStartupInfoW, GetCommandLineW, GetModuleHandleA, GetTickCount
COMCTL32.dll: InitCommonControlsEx
( 0 exports )ThreatExpert info: <a
href='http://www.threatexpert.com/report.aspx?md5
=de3a63a0f7153a36c9156963d0de546b'
target='_blank'>http://www.threatexpert.com/report.aspx?md5
=de3a63a0f7153a36c9156963d0de546b</a>
CWSandbox info: <a
href='http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5
=de3a63a0f7153a36c9156963d0de546b'
target='_blank'>http://research.sunbelt-
software.com/partnerresource/MD5.aspx?md5
=de3a63a0f7153a36c9156963d0de546b</a>