es una hp pavilion slimline pc 3620 disco
procesador intel core2 duo
disco 320
3 gb
gracias por contestarme
mastermind hice lo q me dijiste y analize 1 archivo me aparece esto
Análisis del archivo wlcomm.exe recibido el 2009.06.16 08:21:21 (UTC)
Estado actual: análisis terminado
Resultado:
0/39 (0.00%)
Compactar Imprimir resultados
Motor antivirus Versión Última actualización Resultado a-squared 4.5.0.18 2009.06.16 - AhnLab-V3 5.0.0.2 2009.06.16 - AntiVir 7.9.0.187 2009.06.16 - Antiy-AVL 2.0.3.1 2009.06.15 - Authentium 5.1.2.4 2009.06.15 - Avast 4.8.1335.0 2009.06.15 - AVG 8.5.0.339 2009.06.15 - BitDefender 7.2 2009.06.16 - CAT-QuickHeal 10.00 2009.06.16 - ClamAV 0.94.1 2009.06.16 - Comodo 1340 2009.06.16 - DrWeb 5.0.0.12182 2009.06.16 - eSafe 7.0.17.0 2009.06.15 - eTrust-Vet 31.6.6560 2009.06.15 - F-Prot 4.4.4.56 2009.06.15 - F-Secure 8.0.14470.0 2009.06.16 - Fortinet 3.117.0.0 2009.06.16 - GData 19 2009.06.16 - Ikarus T3.1.1.59.0 2009.06.16 - K7AntiVirus 7.10.762 2009.06.12 - Kaspersky 7.0.0.125 2009.06.16 - McAfee 5647 2009.06.15 - McAfee+Artemis 5647 2009.06.15 - McAfee-GW-Edition 6.7.6 2009.06.16 - Microsoft 1.4701 2009.06.16 - NOD32 4158 2009.06.16 - Norman 6.01.09 2009.06.15 - nProtect 2009.1.8.0 2009.06.16 - Panda 10.0.0.14 2009.06.15 - PCTools 4.4.2.0 2009.06.12 - Prevx 3.0 2009.06.16 - Rising 21.34.11.00 2009.06.16 - Sophos 4.42.0 2009.06.16 - Sunbelt 3.2.1858.2 2009.06.16 - Symantec 1.4.4.12 2009.06.16 - TheHacker 6.3.4.3.345 2009.06.15 - TrendMicro 8.950.0.1094 2009.06.16 - VBA32 3.12.10.7 2009.06.16 - ViRobot 2009.6.16.1788 2009.06.16 - Información adicional File size: 27512 bytes MD5 : 654480ea67078c7b4c6c8ba871b07d5d SHA1 : 4713fc40ed796df5a9e9f89badd68f7d761f137f SHA256: d4599e706d8a814cc0f8b92ed55d8035a6407fbb5a38575f74 6d3faaf394b533 PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x1772
timedatestamp.....: 0x498CDDF7 (Sat Feb 7 02:03:51 2009)
machinetype.......: 0x14C (Intel I386)
( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x3D47 0x3E00 6.21 8452d1a2f1e60dadbfa8124fa4cf2b8c
.data 0x5000 0x394 0x200 0.31 439a93bae072b1970f19a870a7d60f44
.rsrc 0x6000 0x6C0 0x800 3.91 b3b58bff246f0579d79e4595971ff9ed
.reloc 0x7000 0x390 0x400 6.18 2d2c3f262e184ec792262f3c796adb87
( 0 imports )
( 0 exports )
TrID : File type identification
Win64 Executable Generic (80.9%)
Win32 Executable Generic (8.0%)
Win32 Dynamic Link Library (generic) (7.1%)
Generic Win/DOS Executable (1.8%)
DOS Executable Generic (1.8%) ThreatExpert:
http://www.threatexpert.com/report.a...6c8ba871b07d5d ssdeep: 384:5RBB1nPRy5soMbhCytd1ZzgX2MXN8WUfGd6w0rswozWqh/+KdEL/ih/j0d:fBB1P0soMbEytlcX81OJwswohw/ih/j+ PEiD : - RDS : NSRL Reference Data Set
de
Análisis del archivo searchindexer.exe recibido el 2009.06.17 08:49:01 (UTC)
Estado actual: análisis terminado
Resultado:
1/40 (2.50%)
Compactar Imprimir resultados
Motor antivirus Versión Última actualización Resultado a-squared 4.5.0.18 2009.06.17 - AhnLab-V3 5.0.0.2 2009.06.17 - AntiVir 7.9.0.187 2009.06.17 - Antiy-AVL 2.0.3.1 2009.06.17 - Authentium 5.1.2.4 2009.06.16 - Avast 4.8.1335.0 2009.06.16 - AVG 8.5.0.339 2009.06.17 - BitDefender 7.2 2009.06.17 - CAT-QuickHeal 10.00 2009.06.17 - ClamAV 0.94.1 2009.06.17 - Comodo 1349 2009.06.17 - DrWeb 5.0.0.12182 2009.06.17 - eSafe 7.0.17.0 2009.06.16 - eTrust-Vet 31.6.6564 2009.06.17 - F-Prot 4.4.4.56 2009.06.16 - F-Secure 8.0.14470.0 2009.06.17 - Fortinet 3.117.0.0 2009.06.17 - GData 19 2009.06.17 - Ikarus T3.1.1.59.0 2009.06.17 - Jiangmin 11.0.706 2009.06.17 - K7AntiVirus 7.10.765 2009.06.16 - Kaspersky 7.0.0.125 2009.06.17 - McAfee 5648 2009.06.16 - McAfee+Artemis 5648 2009.06.16 - McAfee-GW-Edition 6.7.6 2009.06.17 Win32.LooksLike.Virut Microsoft 1.4701 2009.06.17 - NOD32 4160 2009.06.16 - Norman 6.01.09 2009.06.16 - nProtect 2009.1.8.0 2009.06.17 - Panda 10.0.0.14 2009.06.16 - PCTools 4.4.2.0 2009.06.12 - Prevx 3.0 2009.06.17 - Rising 21.34.21.00 2009.06.17 - Sophos 4.42.0 2009.06.17 - Sunbelt 3.2.1858.2 2009.06.17 - Symantec 1.4.4.12 2009.06.17 - TheHacker 6.3.4.3.347 2009.06.17 - TrendMicro 8.950.0.1094 2009.06.17 - VBA32 3.12.10.7 2009.06.17 - ViRobot 2009.6.17.1791 2009.06.17 - Información adicional File size: 439808 bytes MD5 : 7778bdfa3f6f6fba0e75b9594098f737 SHA1 : ed3a478772bddf65d413479f61812d981fefb655 SHA256: 50992333a9d31cf69c13573c24455422791199bd7c63c3fc7c 3f0e4cc1bc6fa4 PEInfo: PE Structure information
( base data )
entrypointaddress.: 0xE504
timedatestamp.....: 0x483B99AF (Tue May 27 07:18:39 2008)
machinetype.......: 0x14C (Intel I386)
( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x4B52E 0x4B600 6.29 aa92f12631cd6026fe0fc967b87b15b8
.data 0x4D000 0x3F6C 0x3E00 0.61 ac463a8c78c0922c8426263b7d1a8d91
.rsrc 0x51000 0x17628 0x17800 4.39 c0e18ba42acd28ab385387cd5b063398
.reloc 0x69000 0x45FC 0x4600 6.67 e0558200b9225229c16695039fe1c2d5
( 0 imports )
( 0 exports )
TrID : File type identification
Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%) ssdeep: 6144:s3jJYfwynmxpY2jGPqkWDZnsZenhO31dRXdtOADVOGx7H Ndc5h8TQ81BXAwQ:uYo0mxpxfpOBjDOGJTc5h8Tb1AwQ PEiD : - RDS : NSRL Reference Data Set
Análisis del archivo M3SRCHMN.EXE recibido el 2009.06.12 02:39:28 (UTC)
Estado actual: análisis terminado
Resultado:
9/39 (23.08%)
Compactar Imprimir resultados
Motor antivirus Versión Última actualización Resultado a-squared 4.5.0.18 2009.06.12 Riskware.AdWare.Mywebsearch!IK AhnLab-V3 5.0.0.2 2009.06.11 - AntiVir 7.9.0.187 2009.06.12 - Antiy-AVL 2.0.3.1 2009.06.11 - Authentium 5.1.2.4 2009.06.12 - Avast 4.8.1335.0 2009.06.11 - AVG 8.5.0.339 2009.06.11 - BitDefender 7.2 2009.06.12 - CAT-QuickHeal 10.00 2009.06.11 - ClamAV 0.94.1 2009.06.12 - Comodo 1318 2009.06.12 Unclassified Malware DrWeb 5.0.0.12182 2009.06.12 - eSafe 7.0.17.0 2009.06.11 Win32.MiscMywebsearc eTrust-Vet 31.6.6554 2009.06.11 - F-Prot 4.4.4.56 2009.06.12 - F-Secure 8.0.14470.0 2009.06.12 - Fortinet 3.117.0.0 2009.06.11 Misc/Mywebsearch GData 19 2009.06.12 - Ikarus T3.1.1.59.0 2009.06.12 not-a-virus:AdWare.Mywebsearch K7AntiVirus 7.10.760 2009.06.10 - Kaspersky 7.0.0.125 2009.06.12 - McAfee 5643 2009.06.11 potentially unwanted program MWS McAfee+Artemis 5643 2009.06.11 potentially unwanted program MWS McAfee-GW-Edition 6.7.6 2009.06.12 - Microsoft 1.4701 2009.06.12 - NOD32 4149 2009.06.11 - Norman 6.01.09 2009.06.11 - nProtect 2009.1.8.0 2009.06.11 - Panda 10.0.0.14 2009.06.11 - PCTools 4.4.2.0 2009.06.12 - Prevx 3.0 2009.06.12 Low Risk Adware Rising 21.33.32.00 2009.06.11 - Sophos 4.42.0 2009.06.12 - Sunbelt 3.2.1858.2 2009.06.12 MyWebSearch Toolbar Symantec 1.4.4.12 2009.06.12 - TheHacker 6.3.4.3.344 2009.06.11 - TrendMicro 8.950.0.1092 2009.06.11 - VBA32 3.12.10.7 2009.06.11 - ViRobot 2009.6.11.1781 2009.06.11 - Información adicional File size: 24688 bytes MD5 : bb81ab56b5e457e1011e47d9b7fce610 SHA1 : 41850146384b147f1cbb5105f64e8dc82c9f3a1d SHA256: 86816e4a1fcf87dfbc9b4f4566b21a9167d9acd15f29eef1a6 b8af49b1ef1376 PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x1006
timedatestamp.....: 0x49EA1A32 (Sat Apr 18 20:21:38 2009)
machinetype.......: 0x14C (Intel I386)
( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x1D40 0x2000 6.02 5ec8b36eb33528ed04043138f20744ed
.rdata 0x3000 0x79C 0x1000 3.10 1b76421409e0e97c1c3fd413a93e4730
.data 0x4000 0x37E 0x1000 1.09 37b632ac7814f3f2ab17df697bd1649f
.rsrc 0x5000 0x3B0 0x1000 0.98 fe8eb0c52b95c23821cb4c64f9b7d3aa
( 3 imports )
> advapi32.dll: RegOpenKeyExA, RegQueryValueExA, RegFlushKey, RegSetValueExA, RegCreateKeyExA, RegDeleteValueA, RegDeleteKeyA, RegQueryInfoKeyA, RegEnumKeyExA, RegNotifyChangeKeyValue, RegCloseKey
> kernel32.dll: LeaveCriticalSection, EnterCriticalSection, LocalFree, GetProcAddress, lstrcatA, lstrcpyA, lstrcpynA, GetFileAttributesA, GetDriveTypeA, CloseHandle, CreateProcessA, FreeLibrary, ResetEvent, lstrlenA, GetModuleFileNameA, WaitForSingleObject, GetLastError, CreateEventA, SetLastError, CompareFileTime, GetSystemTimeAsFileTime, GetTickCount, SystemTimeToFileTime, GetSystemTime, lstrcmpiA, GetVersionExA, HeapFree, HeapReAlloc, GetProcessHeap, HeapAlloc, DebugBreak, DeleteCriticalSection, InitializeCriticalSection, GetModuleHandleA, GetCommandLineA, ExitProcess, LoadLibraryA, GetStartupInfoA
> user32.dll: wsprintfA, SetWindowsHookExA, MsgWaitForMultipleObjects, GetMessageA, TranslateMessage, DispatchMessageA, UnhookWindowsHookEx, CharNextA
( 0 exports )
TrID : File type identification
Win64 Executable Generic (59.6%)
Win32 Executable MS Visual C++ (generic) (26.2%)
Win32 Executable Generic (5.9%)
Win32 Dynamic Link Library (generic) (5.2%)
Generic Win/DOS Executable (1.3%) ThreatExpert:
http://www.threatexpert.com/report.a...1e47d9b7fce610 ssdeep: 384:ekDOTWwcADNohYnBhkBVhPffUcGoAuK7hU:WThDNohwhuV pcCAb7m Prevx Info:
http://info.prevx.com/aboutprogramte...16B400B32981A4 PEiD : - CWSandbox:
http://research.sunbelt-software.com...1e47d9b7fce610 RDS : NSRL Reference Data Set
-
Análisis del archivo M3SRCHMN.EXE recibido el 2009.06.12 02:39:28 (UTC)
Estado actual: análisis terminado
Resultado:
9/39 (23.08%)
Compactar Imprimir resultados
Motor antivirus Versión Última actualización Resultado a-squared 4.5.0.18 2009.06.12
Riskware.AdWare.Mywebsearch!IK AhnLab-V3 5.0.0.2 2009.06.11 - AntiVir 7.9.0.187 2009.06.12 - Antiy-AVL 2.0.3.1 2009.06.11 - Authentium 5.1.2.4 2009.06.12 - Avast 4.8.1335.0 2009.06.11 - AVG 8.5.0.339 2009.06.11 - BitDefender 7.2 2009.06.12 - CAT-QuickHeal 10.00 2009.06.11 - ClamAV 0.94.1 2009.06.12 - Comodo 1318 2009.06.12
Unclassified Malware DrWeb 5.0.0.12182 2009.06.12 - eSafe 7.0.17.0 2009.06.11
Win32.MiscMywebsearc eTrust-Vet 31.6.6554 2009.06.11 - F-Prot 4.4.4.56 2009.06.12 - F-Secure 8.0.14470.0 2009.06.12 - Fortinet 3.117.0.0 2009.06.11
Misc/Mywebsearch GData 19 2009.06.12 - Ikarus T3.1.1.59.0 2009.06.12
not-a-virus:AdWare.Mywebsearch K7AntiVirus 7.10.760 2009.06.10 - Kaspersky 7.0.0.125 2009.06.12 - McAfee 5643 2009.06.11
potentially unwanted program MWS McAfee+Artemis 5643 2009.06.11
potentially unwanted program MWS McAfee-GW-Edition 6.7.6 2009.06.12 - Microsoft 1.4701 2009.06.12 - NOD32 4149 2009.06.11 - Norman 6.01.09 2009.06.11 - nProtect 2009.1.8.0 2009.06.11 - Panda 10.0.0.14 2009.06.11 - PCTools 4.4.2.0 2009.06.12 - Prevx 3.0 2009.06.12
Low Risk Adware Rising 21.33.32.00 2009.06.11 - Sophos 4.42.0 2009.06.12 - Sunbelt 3.2.1858.2 2009.06.12
MyWebSearch Toolbar Symantec 1.4.4.12 2009.06.12 - TheHacker 6.3.4.3.344 2009.06.11 - TrendMicro 8.950.0.1092 2009.06.11 - VBA32 3.12.10.7 2009.06.11 - ViRobot 2009.6.11.1781 2009.06.11 - Información adicional File size: 24688 bytes MD5 : bb81ab56b5e457e1011e47d9b7fce610 SHA1 : 41850146384b147f1cbb5105f64e8dc82c9f3a1d SHA256: 86816e4a1fcf87dfbc9b4f4566b21a9167d9acd15f29eef1a6 b8af49b1ef1376 PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x1006
timedatestamp.....: 0x49EA1A32 (Sat Apr 18 20:21:38 2009)
machinetype.......: 0x14C (Intel I386)
( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x1D40 0x2000 6.02 5ec8b36eb33528ed04043138f20744ed
.rdata 0x3000 0x79C 0x1000 3.10 1b76421409e0e97c1c3fd413a93e4730
.data 0x4000 0x37E 0x1000 1.09 37b632ac7814f3f2ab17df697bd1649f
.rsrc 0x5000 0x3B0 0x1000 0.98 fe8eb0c52b95c23821cb4c64f9b7d3aa
( 3 imports )
> advapi32.dll: RegOpenKeyExA, RegQueryValueExA, RegFlushKey, RegSetValueExA, RegCreateKeyExA, RegDeleteValueA, RegDeleteKeyA, RegQueryInfoKeyA, RegEnumKeyExA, RegNotifyChangeKeyValue, RegCloseKey
> kernel32.dll: LeaveCriticalSection, EnterCriticalSection, LocalFree, GetProcAddress, lstrcatA, lstrcpyA, lstrcpynA, GetFileAttributesA, GetDriveTypeA, CloseHandle, CreateProcessA, FreeLibrary, ResetEvent, lstrlenA, GetModuleFileNameA, WaitForSingleObject, GetLastError, CreateEventA, SetLastError, CompareFileTime, GetSystemTimeAsFileTime, GetTickCount, SystemTimeToFileTime, GetSystemTime, lstrcmpiA, GetVersionExA, HeapFree, HeapReAlloc, GetProcessHeap, HeapAlloc, DebugBreak, DeleteCriticalSection, InitializeCriticalSection, GetModuleHandleA, GetCommandLineA, ExitProcess, LoadLibraryA, GetStartupInfoA
> user32.dll: wsprintfA, SetWindowsHookExA, MsgWaitForMultipleObjects, GetMessageA, TranslateMessage, DispatchMessageA, UnhookWindowsHookEx, CharNextA
( 0 exports )
TrID : File type identification
Win64 Executable Generic (59.6%)
Win32 Executable MS Visual C++ (generic) (26.2%)
Win32 Executable Generic (5.9%)
Win32 Dynamic Link Library (generic) (5.2%)
Generic Win/DOS Executable (1.3%) ThreatExpert:
http://www.threatexpert.com/report.a...1e47d9b7fce610 ssdeep: 384:ekDOTWwcADNohYnBhkBVhPffUcGoAuK7hU:WThDNohwhuV pcCAb7m Prevx Info:
http://info.prevx.com/aboutprogramte...16B400B32981A4 PEiD : - CWSandbox:
http://research.sunbelt-software.com...1e47d9b7fce610 RDS : NSRL Reference Data Set
-