 |
| |||||||
| Temas Solucionados Casos de HijackThis y Malwares resueltos. (Solo lectura) |
 |
| | Herramientas |
 | 
19/07/08, 16:06:43
|  |
| |||
 No puedo eliminar virus virtumonde (Solucionado) Hola, necesito ayuda para eliminar este virus "yayyarrq.dll". Tengo instalados nod32 y sin espias, ninguno de ellos detecta nada. Hice analisis con el Panda on line y dice q se trata de un Virtumonde, pero no me da la opcion para eliminarlo. Leyendo diversos foros, llegue a correr el programa "VundoFix" el cual me detecto 7 virus, pero solo pudo eliminar 6, cuando llega a el "yayyarrq.dll" me aparece el siguiente mje: C:\windows\system32\yayyarrq.dll could not be deleted Vundo Fix will load on reboot to attempt renoval. Please click remove Vundo once your machine has rebooted Luego la maquina se reinicia y antes de cargar el escritorio, el Vundo Fix intenta eliminarlo, no puede, aparece de nuevo el mismo mje y vuelve a reiniciar. Cada Vez q reinicio la pc el programa "Sin espias" libera el siguiente mje: Sin Espias permitio q la aplicacion (Explorer.exe) registre yayyarrq.dll como ActiveX Por favor, al q me pueda ayudar, estare muy agradecida. Saludos      |
|
19/07/08, 16:10:42
| |
| ||||
| Re: No puedo eliminar virus virtumonde Hola loresol26, Bienvenid@
A.-Descarga y actualiza Super antispyware<Leer_manual> B.-Descarga y actualiza Malwarebytes' Anti-Malware<Leer_manual> 1.-Desactiva restaurar sistemaC.-Descarga VundoFIX + Manual 2.-Entra en modo seguro Nota: Ejecuta en ese orden y reinicia el PC despues de ejecutar la ultima herramienta no antes
Descarga y ejecuta esta herramienta de Microsoft windows-kb890830-v2.0 descargala deacuerdo al idioma de tu sistema Dejame los reporte e indicame como esta tu PC porfavor Novedades del Foro | Antivirus Online | Eliminar Malwares | Políticas del Foro | Blog * Ayúdanos haciendo una DONACIÓN para poder seguir Ayudando. * Para evitar Virus y Spywares al navegar por internet, USE FIREFOX !! * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro. |
|
20/07/08, 04:34:14
| |
| |||
| Re: No puedo eliminar virus virtumonde hola anleg_30, antes q nada muchisimas gracias por la velocidad de tu respuesta. estuve haciendo lo q me dijiste y creo que obtube buenos resultados Reporte de Vundo Fix VundoFix V7.0.6 Scan started at 15:47:00 19/07/2008 Listing files found while scanning.... C:\Windows\system32\arauxf.dll C:\Windows\system32\bfclogtk.dll C:\Windows\system32\dpwqiecq.dll C:\Windows\system32\fcccbYpQ.dll C:\Windows\system32\heflqoxy.dll C:\Windows\system32\mmochobf.dll C:\Windows\system32\QpYbcccf.ini C:\Windows\system32\QpYbcccf.ini2 C:\Windows\system32\yayyArrq.dll C:\Windows\system32\yxoqlfeh.ini Beginning removal... Attempting to delete C:\Windows\system32\arauxf.dll C:\Windows\system32\arauxf.dll Has been deleted! Attempting to delete C:\Windows\system32\bfclogtk.dll C:\Windows\system32\bfclogtk.dll Has been deleted! Attempting to delete C:\Windows\system32\dpwqiecq.dll C:\Windows\system32\dpwqiecq.dll Has been deleted! Attempting to delete C:\Windows\system32\fcccbYpQ.dll C:\Windows\system32\fcccbYpQ.dll Has been deleted! Attempting to delete C:\Windows\system32\heflqoxy.dll C:\Windows\system32\heflqoxy.dll Has been deleted! Attempting to delete C:\Windows\system32\mmochobf.dll C:\Windows\system32\mmochobf.dll Has been deleted! Attempting to delete C:\Windows\system32\QpYbcccf.ini C:\Windows\system32\QpYbcccf.ini Has been deleted! Attempting to delete C:\Windows\system32\QpYbcccf.ini2 C:\Windows\system32\QpYbcccf.ini2 Has been deleted! Attempting to delete C:\Windows\system32\yayyArrq.dll C:\Windows\system32\yayyArrq.dll Could not be deleted. Attempting to delete C:\Windows\system32\yxoqlfeh.ini C:\Windows\system32\yxoqlfeh.ini Has been deleted! Performing Repairs to the registry. Done! Beginning removal... Attempting to delete C:\Windows\system32\yayyArrq.dll C:\Windows\system32\yayyArrq.dll Could not be deleted. Performing Repairs to the registry. Done! VundoFix V7.0.6 Scan started at 16:00:40 19/07/2008 Listing files found while scanning.... C:\Windows\system32\yayyArrq.dll Beginning removal... Attempting to delete C:\Windows\system32\yayyArrq.dll C:\Windows\system32\yayyArrq.dll Could not be deleted. Performing Repairs to the registry. Done! Beginning removal... Attempting to delete C:\Windows\system32\yayyArrq.dll C:\Windows\system32\yayyArrq.dll Could not be deleted. Performing Repairs to the registry. Done! VundoFix V7.0.6 Scan started at 16:17:02 19/07/2008 Listing files found while scanning.... VundoFix V7.0.6 Scan started at 17:36:30 19/07/2008 Listing files found while scanning.... C:\Windows\system32\iifcbAss.dll C:\Windows\system32\qaoqvbbl.dll C:\Windows\system32\qecrioum.dll C:\Windows\system32\ssAbcfii.ini C:\Windows\system32\ssAbcfii.ini2 C:\Windows\system32\xvirnlmh.dll C:\Windows\system32\yayyArrq.dll Beginning removal... Attempting to delete C:\Windows\system32\iifcbAss.dll C:\Windows\system32\iifcbAss.dll Has been deleted! Attempting to delete C:\Windows\system32\qaoqvbbl.dll C:\Windows\system32\qaoqvbbl.dll Has been deleted! Attempting to delete C:\Windows\system32\qecrioum.dll C:\Windows\system32\qecrioum.dll Has been deleted! Attempting to delete C:\Windows\system32\ssAbcfii.ini C:\Windows\system32\ssAbcfii.ini Has been deleted! Attempting to delete C:\Windows\system32\ssAbcfii.ini2 C:\Windows\system32\ssAbcfii.ini2 Has been deleted! Attempting to delete C:\Windows\system32\xvirnlmh.dll C:\Windows\system32\xvirnlmh.dll Has been deleted! Attempting to delete C:\Windows\system32\yayyArrq.dll C:\Windows\system32\yayyArrq.dll Could not be deleted. Performing Repairs to the registry. Done! Beginning removal... Attempting to delete C:\Windows\system32\yayyArrq.dll C:\Windows\system32\yayyArrq.dll Could not be deleted. Performing Repairs to the registry. Done! VundoFix V7.0.6 Scan started at 17:53:37 19/07/2008 Listing files found while scanning.... C:\Windows\system32\yayyArrq.dll Beginning removal... VundoFix V7.0.6 Scan started at 20:18:51 19/07/2008 Listing files found while scanning.... No infected files were found. Reporte Malwarebytes' Anti-Malware Malwarebytes' Anti-Malware 1.21 Versión de la Base de Datos: 966 Windows 5.1.2600 Service Pack 2 20:01:13 19/07/2008 mbam-log-7-19-2008 (20-01-13).txt Tipo de examen : Examen Completo (C:\|) Objetos examinados: 115071 Tiempo transcurrido: 1 hour(s), 52 minute(s), 7 second(s) Procesos en Memoria Infectados: 0 Módulos en Memoria Infectados: 1 Claves del Registro Infectadas: 22 Valores del Registro Infectados: 1 Elementos de Datos del Registro Infectados: 3 Carpetas Infectadas: 0 Ficheros Infectados: 10 Procesos en Memoria Infectados: (No se han detectado elementos maliciosos) Módulos en Memoria Infectados: C:\WINDOWS\system32\yayyArrq.dll (Trojan.Vundo) -> Unloaded module successfully. Claves del Registro Infectadas: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{5158622e-4780-4164-be90-700f5fb902cc} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{5158622e-4780-4164-be90-700f5fb902cc} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{3713f9ee-c059-4540-b697-987ef263a088} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3713f9ee-c059-4540-b697-987ef263a088} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\WR (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\W MPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully. Valores del Registro Infectados: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\ShellExecuteHooks\{3713f9ee-c059-4540-b697-987ef263a088} (Trojan.Vundo) -> Quarantined and deleted successfully. Elementos de Datos del Registro Infectados: HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Inte rnet Explorer\Control Panel\Homepage (Hijack.Homepage) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Explorer\Advanced\Start_ShowRun (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Explorer\Advanced\Start_ShowHelp (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully. Carpetas Infectadas: (No se han detectado elementos maliciosos) Ficheros Infectados: C:\WINDOWS\system32\arauxf.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\yayyArrq.dll (Trojan.BHO) -> Delete on reboot. C:\Documents and Settings\Administrador\Configuración local\Archivos temporales de Internet\Content.IE5\DJ70ZJBQ\3x0gj[1].dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrador\Configuración local\Archivos temporales de Internet\Content.IE5\DJ70ZJBQ\AV2009Install_770522 01[1].exe (Rogue.Installer) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrador\Mis documentos\AV2009Install_77052201.exe (Rogue.Installer) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrador\Mis documentos\Softaware Importante\nero vision express 3 0 1 18+esp+serial\Nero Vision Express 3.0.1.18\Ahead.NeroVision.Express.v3.0.1.18.Incl.K eygen-ORiON\Keygen.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\VundoFix Backups\qecrioum.dll.bad (Trojan.Vundo) -> Quarantined and deleted successfully. C:\VundoFix Backups\xvirnlmh.dll.bad (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\BM83a3787f.xml (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\BM83a3787f.txt (Trojan.Vundo) -> Quarantined and deleted successfully. Creo q todo volvio a la normalidad! Muchisimas gracias. saludos |
|
20/07/08, 12:24:32
| |
| ||||
| Re: No puedo eliminar virus virtumonde Bién loresol26, Al final se eliminaron todos los archivos encontrados, dime si tienes otra duda o se puede dar por solucionado el tema..¿? Novedades del Foro | Antivirus Online | Eliminar Malwares | Políticas del Foro | Blog * Ayúdanos haciendo una DONACIÓN para poder seguir Ayudando. * Para evitar Virus y Spywares al navegar por internet, USE FIREFOX !! * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro. |
|
20/07/08, 12:53:19
| |
| |||
| Re: No puedo eliminar virus virtumonde Con respecto al virus virtumonde, lo damos por solucionado. Pero te hago una consulta de pasada, el scaneo en Panda on line, me da q tengo 29 "vulnerabilidades" y por cada una, me da la opcion de bajar una actualizacion, supuestamente. Me conbiene o no, bajarme todos esos achivos? |
|
20/07/08, 13:06:09
| |
| ||||
| Re: No puedo eliminar virus virtumonde La vulnerabilidaes que detecta el panda son simplemente actualizaciones que le faltan a tu sistema, siempre es convenuiente tener el sistema con todas sus actualizaciones, también las puede descargar desde la pagina de micrsoft update  Novedades del Foro | Antivirus Online | Eliminar Malwares | Políticas del Foro | Blog * Ayúdanos haciendo una DONACIÓN para poder seguir Ayudando. * Para evitar Virus y Spywares al navegar por internet, USE FIREFOX !! * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro. |
|
« Tema Anterior
|
Próximo Tema »
| Herramientas | |
|
|
| 
Temas Similares | |
| Tema | Autor | Foro | Respuestas | Último mensaje |
| no puedo instalar antivirus ni restaurar, ni modo de prueba | gabriela balkey | Foro de Virus y Spywares | 4 | 24/05/07 02:25:56 |
| No puedo eliminar por completo Active Virus Shield (Solucionado) | rafaguilarsol | AntiVirus | 7 | 17/05/07 19:38:38 |
| Nuevo Usuario con Varios Virus | Hiei | Foro de Virus y Spywares | 8 | 21/04/07 05:35:43 |
| Zlob.PornMagPass en Drivers ATI | toros | Foro de Virus y Spywares | 3 | 15/02/07 17:30:01 |
| No puedo eliminar un virus! (solucionado) | juancile | Temas Solucionados | 2 | 05/02/07 13:51:37 |
Todas las horas son GMT -4. La hora es 08:53:34.
