• Registrarse
  • Iniciar sesión


  • Página 2 de 3 PrimeroPrimero 123 ÚltimoÚltimo
    Resultados 11 al 20 de 25

    virus persistentes (Solucionado)

    Resumen del tema: virus persistentes (Solucionado) - Buenas noches anleg 30 te ofresco una disculpa por la tardanza. hice un nuevo scaneo con el panda Código: ;*********************************************************************************************************************************************************************************** ANALYSIS: 2008-11-27 13:42:01 PROTECTIONS: 1 MALWARE: 4 SUSPECTS: 0 ;*********************************************************************************************************************************************************************************** PROTECTIONS Description Version Active Updated ...

      
    1. #11
      Usuario Avatar de malu lara
      Registrado
      abr 2008
      Ubicación
      mexico
      Mensajes
      46

      re: virus persistentes (Solucionado)

      Buenas noches anleg 30 te ofresco una disculpa por la tardanza.
      hice un nuevo scaneo con el panda
      Código:
      ;***********************************************************************************************************************************************************************************
      ANALYSIS: 2008-11-27 13:42:01
      PROTECTIONS: 1
      MALWARE: 4
      SUSPECTS: 0
      ;***********************************************************************************************************************************************************************************
      PROTECTIONS
      Description                                  Version                       Active    Updated
      ;===================================================================================================================================================================================
      ESET Smart Security 3.0                      3.0                           Yes       Yes
      ;===================================================================================================================================================================================
      MALWARE
      Id        Description                        Type                Active    Severity  Disinfectable  Disinfected Location
      ;===================================================================================================================================================================================
      00442191  W32/Span.A                         Virus               Yes       0         Yes            No           C:\Documents and Settings\Owner\Desktop\atfcleaner.exe
      00442191  W32/Span.A                         Virus               Yes       0         Yes            No           C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
      00442191  W32/Span.A                         Virus               Yes       0         Yes            No           C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
      00442191  W32/Span.A                         Virus               Yes       0         Yes            No           C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
      00442191  W32/Span.A                         Virus               Yes       0         Yes            No           C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
      00442191  W32/Span.A                         Virus               Yes       0         Yes            No           C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
      00442191  W32/Span.A                         Virus               Yes       0         Yes            No           C:\Program Files\Nero\Nero8\Nero PhotoSnap\PhotoSnapViewer.exe
      00442191  W32/Span.A                         Virus               Yes       0         Yes            No           C:\Program Files\RegCure\RegCure.exe
      00442191  W32/Span.A                         Virus               Yes       0         Yes            No           C:\Program Files\WinRAR\WinRAR.exe
      00442191  W32/Span.A                         Virus               Yes       0         Yes            No           C:\Program Files\Windows Live\Messenger\msnmsgr.exe
      00442191  W32/Span.A                         Virus               Yes       0         Yes            No           C:\Program Files\Windows Live\Messenger\usnsvc.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Ares\chatServer.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Windows Live\installer\WLSetupSvc.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\2cf8a04c0d095ff25b62c7392a\DeleteTemp.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\2cf8a04c0d095ff25b62c7392a\DW20.EXE
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\2cf8a04c0d095ff25b62c7392a\RebootStub.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\2cf8a04c0d095ff25b62c7392a\runmsi.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\2cf8a04c0d095ff25b62c7392a\setup.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\All Users\Application Data\EmailNotifier\EmailNotifier.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\All Users\Application Data\Megaupload\Megauper.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\Accesos directos de escritorio no usados\parche.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\dr web cure it\drweb-cureit.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\governorofpoker.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\juegos\(gba)naruto_-_konoha_senki[chaos].exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\juegos\- pokemon esmeralda (español) gba.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\juegos\gba - 1469 - naruto saikyou ninja daikessyu 2.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\juegos\gba - kingdom hearts chain of memories.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\juegos\gba - lego bionicle.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\juegos\gba - x-men; reign of apocalypse (english).exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\juegos\GBA Emulador Español.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\juegos\gba final fantasy tactics advance eng fr ger ita esp(2).exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\juegos\gba men in black - the series (e).exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\juegos\gba pokemon mundo misterioso español - equipo de rescate rojo zip.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\juegos\gba roms - danny phantom - the ultimate enemy (u)(2).exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\juegos\gba-fire emblem the sacred stones.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\juegos\gba_tomb_raider_real (1).exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\juegos\harvest moon - more friends of mineral town # gba.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\juegos\inuyasha_gba.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\juegos\los sims toman la calle.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\juegos\megaman zero 5 (fr) rom gba 2006.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\juegos\monsters inc - gba.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\juegos\the lord of the rings - the fellowship of the ring - gba.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\juegos\yoshi's island - super mario advance 3 gba.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\juegos\[gba]lego star wars ii- la trilogía original[www juegos-degenerados net].exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\malu\everestultimate460.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\malu\New Folder (2)\BootSafe.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\malu\New Folder (2)\SSUpdate.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\malu\New Folder (2)\SUPERAntiSpyware.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\malu\New Folder (2)\tudomino_solitario(2)copiarloa disco.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\malu\tels reme videos\flvplayer_setup.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\msncleaner.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\musica\grabados en cd\big kahuna reef 2 chain reaction v2 0 55 keygen.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\musica\grabados en cd\bigfish games - age of japan + crack (reflexive).exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\musica\grabados en cd\bigfish games - mystery case files - ravenhearst + crack(2).exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\musica\grabados en cd\mahjongquest2-setup-hplaptop224.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\musica\grabados en cd\virtual villagers - the lost children + crack.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\musica\grabados en cd\virtual villagers - the lost children(2).exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\musica\grabados en cd\virtual villagers 3- the secret city.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\musica\grabados en cd\virtual villagers full.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\musica\grabados en cd\virtual_villagers_3_-_the_secret_city.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\musica\grabados en cd\[pc game] mahjong world v1 0 ya esta instalado.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\nero6\Empire Earth.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\nero6\mythxpak.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\nero6\mythxuha.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\nero6\rmvparse.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\nero6\Sierra Update\SierraUp.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\new anti\ccsetup213.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\new anti\cdbxp_setup_4.2.3.1110.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\new anti\mbam-setup.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\new anti\RegUnlocker.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\new anti\spywareblastersetup41.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\new anti\SUPERAntiSpyware.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\New Folder\anty malware\Malwarebytes' Anti-Malware\mbam-dor.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\New Folder\anty malware\Malwarebytes' Anti-Malware\mbam-setup.exe.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\New Folder\anty malware\Malwarebytes' Anti-Malware\mbam.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\New Folder\anty malware\Malwarebytes' Anti-Malware\mbamservice.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\New Folder\anty malware\Malwarebytes' Anti-Malware\mbamtrayctrl.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\New Folder\anty malware\Malwarebytes' Anti-Malware\new\Malwarebytes' Anti-Malware\mbam-dor.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\New Folder\anty malware\Malwarebytes' Anti-Malware\new\Malwarebytes' Anti-Malware\mbam.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\New Folder\anty malware\Malwarebytes' Anti-Malware\new\Malwarebytes' Anti-Malware\mbamgui.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\New Folder\anty malware\Malwarebytes' Anti-Malware\new\Malwarebytes' Anti-Malware\mbamservice.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\New Folder\anty malware\Malwarebytes' Anti-Malware\new\Malwarebytes' Anti-Malware\unins000.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\New Folder\anty malware\Malwarebytes' Anti-Malware\unins000.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\New Folder\AWCSetup.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\New Folder\AWCSetup2.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\New Folder\New Folder\CCleaner\CCleaner.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\New Folder\New Folder\CCleaner\uninst.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\New Folder\New Folder\ccsetup213.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\New Folder\regunlocker.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\New Folder\set up superantispyware.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\New Folder\Spybot - Search & Destroy\spybot search and destroy.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\New Folder\Spybot - Search & Destroy\spybotsd160.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\New Folder\spywareblastersetup41.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\New Folder (2)\SSUpdate.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\New Folder (2)\SUPERAntiSpyware.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\OTMoveIt2.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\SDFix.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\spybotsd160.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Desktop\tudomino_solitario(2)copiarloa disco.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\DoctorWeb\Quarantine\casino lucky dragon mahjong - blackjack, poker, roulette, slot machines !.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\DoctorWeb\Quarantine\sdfi.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\DoctorWeb\Quarantine\SDFix.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Local Settings\Application Data\Ares\My Shared Folder\1013_-_donkey_kong_country_gba_(e).exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Local Settings\Application Data\Ares\My Shared Folder\antivirus 2007 mas de antivirus en uno avg,mcafee,norton, entre otros.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Local Settings\Application Data\Ares\My Shared Folder\bigfish games - magic academy + crack {danmaninsane}(2).exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Local Settings\Application Data\Ares\My Shared Folder\bigfish games - the rise of atlantis + crack {danmaninsane}(2).exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Local Settings\Application Data\Ares\My Shared Folder\dc15.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Local Settings\Application Data\Ares\My Shared Folder\gba - 1469 - naruto saikyou ninja daikessyu 2.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Local Settings\Application Data\Ares\My Shared Folder\gba - kingdom hearts chain of memories.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Local Settings\Application Data\Ares\My Shared Folder\gba - lego bionicle.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Local Settings\Application Data\Ares\My Shared Folder\gba - x-men; reign of apocalypse (english).exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Local Settings\Application Data\Ares\My Shared Folder\gba final fantasy tactics advance eng fr ger ita esp(2).exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Local Settings\Application Data\Ares\My Shared Folder\gba men in black - the series (e).exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Local Settings\Application Data\Ares\My Shared Folder\gba pokemon mundo misterioso español - equipo de rescate rojo zip.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Local Settings\Application Data\Ares\My Shared Folder\gba roms - danny phantom - the ultimate enemy (u)(2).exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Local Settings\Application Data\Ares\My Shared Folder\gba_tomb_raider_real (1).exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Local Settings\Application Data\Ares\My Shared Folder\harvest moon - more friends of mineral town # gba.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Local Settings\Application Data\Ares\My Shared Folder\inuyasha_gba.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Local Settings\Application Data\Ares\My Shared Folder\kirby - nightmare in dreamland gba(3).exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Local Settings\Application Data\Ares\My Shared Folder\megaman zero 5 (fr) rom gba 2006.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Local Settings\Application Data\Ares\My Shared Folder\monsters inc - gba.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Local Settings\Application Data\Ares\My Shared Folder\no$gba 2 4b con pokemon perla e diamante funzionano(com emulatore nds nintendo ds)(2).exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Local Settings\Application Data\Ares\My Shared Folder\panda titanium antivirus 2006 + antispyware + serial(2).exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Local Settings\Application Data\Ares\My Shared Folder\the lord of the rings - the fellowship of the ring - gba.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\Local Settings\Application Data\Ares\My Shared Folder\yoshi's island - super mario advance 3 gba.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\My Documents\(gba)naruto_-_konoha_senki[chaos].exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\My Documents\- pokemon esmeralda (español) gba.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\My Documents\gba - digimon battle spirit(2).exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\My Documents\gba - kingdom hearts chain of memories(2)(2).exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\My Documents\gba - kingdom hearts chain of memories.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\My Documents\gba - lego bionicle.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\My Documents\gba - x-men; reign of apocalypse (english).exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\My Documents\GBA Emulador Español.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\My Documents\gba final fantasy tactics advance eng fr ger ita esp(2).exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\My Documents\gba pokemon mundo misterioso español - equipo de rescate rojo zip.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\My Documents\gba-digimon rumble arena(e)(2).exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\My Documents\gba-fire emblem the sacred stones.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\My Documents\harvest moon - more friends of mineral town # gba.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\My Documents\inuyasha_gba.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\My Documents\kirby - nightmare in dreamland gba(3).exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\My Documents\los sims - permiso para salir - rom gba(2).exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\My Documents\los sims toman la calle.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\My Documents\megaman zero gba(3).exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\My Documents\metal slug advance gba.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\My Documents\WLinstaller.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\Owner\My Documents\[gba]lego star wars ii- la trilogía original[www juegos-degenerados net].exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\games\Virtual Villagers 3- The Secret City\Virtual Villagers - The Secret City.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32Info.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Adobe\Reader 8.0\Reader\AdobeUpdateCheck.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Adobe\Reader 8.0\Reader\PDFPrevHndlrShim.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Adobe\Reader 8.0\Setup Files\{AC76BA86-7AD7-1034-7B44-A81200000003}\Setup.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Adobe\Security Update\HotFix64.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Ares\CRACK\MahjongEscapeAJ.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Ares\Mahjong Escape Ancient Japan Installer.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Ares\Uninstall.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\CDBurnerXP\cdbxpcmd.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\CDBurnerXP\cdbxpp.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\CDBurnerXP\unins000.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdaterInstallMgr.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriver.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriver2.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Common Files\InstallShield\Driver\7\Intel 32\IDriver.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Common Files\Microsoft Shared\DW\DW20.EXE
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Common Files\Microsoft Shared\Equation\eqnedt32.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Common Files\Microsoft Shared\Works Shared\WksCal.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Common Files\Nero\Lib\NeroCmd.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Common Files\Nero\Lib\NeroScoutOptions.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Common Files\Nero\Lib\NeroSearchAdvanced.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Common Files\Nero\Lib\NeTsMan.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Common Files\Nero\Lib\NMBCWriter.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Common Files\Nero\Lib\NMCdRipServer.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Common Files\Nero\Lib\NMDllHost.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Common Files\Nero\Lib\NMFirstStart.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Common Files\Nero\Lib\NMSTranscoder.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Common Files\Nero\Lib\NMTVServer.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Common Files\Nero\Lib\NMTvWizard.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Common Files\Nero\Nero Web\SetupX.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Common Files\Nero\NeroSlideShow\SlideShw.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Common Files\Nero\Shared\NL3\NeroPatentActivation.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Common Files\Nero\Shared\NL3\NeroUpgrade.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Common Files\Oberon Media\OberonBroker\1.0.0.63\OberonBroker.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\CyberLink\Common\UpdateIPR.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\CyberLink\PowerDVD\cldma.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\CyberLink\PowerDVD\cltest.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\CyberLink\PowerDVD\ddtester.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\CyberLink\PowerDVD\dvdrgn.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\ESET\ESET Smart Security\callmsi.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\ESET\ESET Smart Security\ecls.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\ESET\ESET Smart Security\ecmd.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\eToro\AutoUpdater.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\eToro\eToro.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\eToro\extractor.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\System Volume Information\_restore{7E489C60-40B6-431E-AEE0-C18667D7FC39}\RP9\A0009323.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\eToro\Unwise.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\eToro\Update\clientupdt1123.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\eToro\Update\SDLupdt.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\System Volume Information\_restore{7E489C60-40B6-431E-AEE0-C18667D7FC39}\RP9\A0009322.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\FLV Player\FLVPlayer.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\FLV Player\uninst.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\goodsol\goodsol.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\goodsol\unins000.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\swg-3.1.807.1746\SearchWithGoogleUpdate.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\InstallShield Installation Information\{3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2}\setup.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\InstallShield Installation Information\{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}\setup.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\IObit\Advanced WindowsCare V2\AutoUpdate.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\IObit\Advanced WindowsCare V2\Awcl.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\IObit\Advanced WindowsCare V2\AwcTool.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\IObit\Advanced WindowsCare V2\DiskManager.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\IObit\Advanced WindowsCare V2\MemCleaner.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\IObit\Advanced WindowsCare V2\Restore.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\IObit\Advanced WindowsCare V2\unins000.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\IObit\Advanced WindowsCare V2\Wizard.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Mahjong World\Mahjong World.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Messenger\msmsgs.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Microsoft Office\PowerPoint Viewer\PPTVIEW.EXE
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Microsoft Silverlight\2.0.31005.0\Silverlight.Configuration.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Microsoft Works\lnchtour.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Microsoft Works\MSWorks.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Microsoft Works\WkDStore.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Microsoft Works\wkgdcach.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Microsoft Works\wklnckml.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Microsoft Works\wkplmstp.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Microsoft Works\wksab.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Microsoft Works\wksdb.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Microsoft Works\WksSb.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Microsoft Works\wksss.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Microsoft Works\WksWP.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Microsoft Works\wkwcestp.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\MSN\MSNCoreFiles\Install\MSN9Components\Digcore.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\MSN\MSNCoreFiles\Install\MSN9Components\Msncli.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\MSN\MSNCoreFiles\Install\msnsusii.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\MSN\MSNIA\msniasvc.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\MSN\MSNIA\prestp.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\MSN\MsnInstaller\msninst.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Nero\Nero8\Nero\Uninstall\UNNERO.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Nero\Nero8\Nero BackItUp\BackItUp.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Nero\Nero8\Nero BackItUp\NBSFtp.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Nero\Nero8\Nero Burning Rom\NeDwFileHelper.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Nero\Nero8\Nero Burning Rom\nero.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Nero\Nero8\Nero Burning Rom\SecurDisc\discinfo.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Nero\Nero8\Nero CoverDesigner\CoverDes.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Nero\Nero8\Nero Home\NeroHome.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Nero\Nero8\Nero ImageDrive\ImageDrive.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Nero\Nero8\Nero MediaHome\NeroMediaHome.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Nero\Nero8\Nero MediaHome\NMMediaServer.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Nero\Nero8\Nero PhotoSnap\PhotoSnap.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Nero\Nero8\Nero Recode\Recode.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Nero\Nero8\Nero ShowTime\ShowTime.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Nero\Nero8\Nero SoundTrax\SoundTrax.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Nero\Nero8\Nero StartSmart\NeroInFDiscCopy.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Nero\Nero8\Nero StartSmart\NeroStartSmart.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Nero\Nero8\Nero Toolkit\DiscSpeed.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Nero\Nero8\Nero Toolkit\DriveSpeed.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Nero\Nero8\Nero Toolkit\InfoTool.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Nero\Nero8\Nero Toolkit\NeroBurnRights.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Nero\Nero8\Nero Toolkit\RescueAgent\NeroRescueAgent.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Nero\Nero8\Nero Vision\NeroVision.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Nero\Nero8\Nero WaveEditor\DXEnum.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Nero\Nero8\Nero WaveEditor\waveedit.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Norton Security Scan\Nss.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Panda Security\ActiveScan 2.0\scremlsp.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\RegCure\uninst.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Secured eMule\UNWISE.EXE
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Spybot - Search & Destroy\blindman.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Spybot - Search & Destroy\SDFiles.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Spybot - Search & Destroy\SDMain.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Spybot - Search & Destroy\SDShred.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Spybot - Search & Destroy\unins000.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Spybot - Search & Destroy\Update.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Spybot - Search & Destroy\Updates\advcheck162.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Spybot - Search & Destroy\Updates\sdhelper161.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Spybot - Search & Destroy\Updates\teatimer162.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Spybot - Search & Destroy\Updates\tools216.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\SpywareBlaster\sbautoupdate.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\SpywareBlaster\spywareblaster.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\SpywareBlaster\unins000.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\The Rise of Atlantis\the rise of atlantis.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\The Rise of Atlantis\Uninstall.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Virtual Villagers - The Lost Children\Uninstall.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Virtual Villagers - The Lost Children\Virtual Villagers - The Lost Children.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Virtual Villagers - The Lost Children\VirtualVillagers2.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Visualboy Advance\unins000.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Windows Live\installer\Dashboard.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Windows Live\Messenger\Device Manager\dpinst.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Windows Live\Messenger\Device Manager\dpinst64.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Windows Live\Messenger\Device Manager\msgrdvmn.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Windows Live\Messenger\livecall.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Windows Live\Messenger\msvs.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Windows Live Safety Center\wlscUploader.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Windows Media Player\wmsetsdk.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Windows NT\hypertrm.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\WinRAR\Rar.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\WinRAR\RarExtLoader.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\WinRAR\Uninstall.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\WinRAR\UnRAR.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Xvid\AviC.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Xvid\MiniCalc.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Xvid\OGMCalc.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Xvid\StatsReader.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Xvid\unins000.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Program Files\Xvid\vidccleaner.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\System Volume Information\_restore{7E489C60-40B6-431E-AEE0-C18667D7FC39}\RP9\A0009321.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\System Volume Information\_restore{7E489C60-40B6-431E-AEE0-C18667D7FC39}\RP9\A0009320.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\System Volume Information\_restore{7E489C60-40B6-431E-AEE0-C18667D7FC39}\RP9\A0009305.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\System Volume Information\_restore{7E489C60-40B6-431E-AEE0-C18667D7FC39}\RP9\A0009312.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\System Volume Information\_restore{7E489C60-40B6-431E-AEE0-C18667D7FC39}\RP9\A0009313.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\System Volume Information\_restore{7E489C60-40B6-431E-AEE0-C18667D7FC39}\RP9\A0009314.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\System Volume Information\_restore{7E489C60-40B6-431E-AEE0-C18667D7FC39}\RP9\A0009315.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\System Volume Information\_restore{7E489C60-40B6-431E-AEE0-C18667D7FC39}\RP9\A0009316.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\System Volume Information\_restore{7E489C60-40B6-431E-AEE0-C18667D7FC39}\RP9\A0009317.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\System Volume Information\_restore{7E489C60-40B6-431E-AEE0-C18667D7FC39}\RP9\A0009319.exe
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\System Volume Information\_restore{7E489C60-40B6-431E-AEE0-C18667D7FC39}\RP9\A0009324.exe
      03738686  Generic Malware                    Virus/Trojan        No        0         Yes            No           C:\sdfix\apps\Cghtme.exe
      03738686  Generic Malware                    Virus/Trojan        No        0         Yes            No           C:\sdfix\catchme.exe
      03898841  Generic Malware                    Virus/Trojan        No        0         Yes            No           C:\Program Files\eToro\Utils\ExtractZip.dll
      03899001  Generic Malware                    Virus/Trojan        No        0         Yes            No           C:\Program Files\eToro\SoundDrv.dll
      ;===================================================================================================================================================================================
      SUSPECTS
      Sent      Location                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
      ;===================================================================================================================================================================================
      ;===================================================================================================================================================================================
      VULNERABILITIES
      Id        Severity   Description                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
      ;===================================================================================================================================================================================
        184379  MEDIUM     MS08-001                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   
        182048  HIGH       MS07-069                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   
        182043  HIGH       MS07-064                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   
      ;===================================================================================================================================================================================
      Espero instrucciones para proceder. Saludos desde Mexico

    2. #12
      Ex-Colaborador Avatar de Anleg_30
      Registrado
      dic 2007
      Ubicación
      Bna-Venezuela
      Mensajes
      10.546

      re: virus persistentes (Solucionado)

      Hola de nuevo,

      El panda te coloco todo como infección, asi que descartemos.
      Sube el winrrar y el otro archivo que te coloco a Virus Total <Leer Manual> y dejame los reportes que te genere.

      C:\Program Files\WinRAR\Rar.exe
      C:\Program Files\Windows Media Player\wmsetsdk.exe

      .



      Blog | Antivirus Online | Eliminar Malwares | Antivirus Gratis

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #13
      Usuario Avatar de malu lara
      Registrado
      abr 2008
      Ubicación
      mexico
      Mensajes
      46

      Alegria re: virus persistentes (Solucionado)

      Gracias anleg 30 por si sirve de algo te comento que todos los accesos directos o utilidades que se muestran en el reporte los tengo en el escritorio y cuando les doy doble click la maquina dice que desconoce con que se abre algo curioso es que al revisar descubri que tienen .vir al final del nombre del archivo o aplicacion.

      Espero tu respuesta para proceder.

      este es el del winrar

      CAT-QuickHeal;10.00;2008.11.29;(Suspicious) - DNAScan
      ClamAV;0.94.1;2008.11.28;W32.Span
      DrWeb;4.44.0.09170;2008.11.29;Win32.HLLP.Zyanq.1
      eSafe;7.0.17.0;2008.11.27;-
      eTrust-Vet;31.6.6234;2008.11.28;-
      Ewido;4.0;2008.11.28;-
      F-Prot;4.4.4.56;2008.11.28;W32/Span.A.gen!Eldorado
      F-Secure;8.0.14332.0;2008.11.29;-
      Fortinet;3.117.0.0;2008.11.29;W32/Span.B
      GData;19;2008.11.29;Win32.Span.A
      Ikarus;T3.1.1.45.0;2008.11.29;BehavesLikeWin32.FileInfector
      K7AntiVirus;7.10.537;2008.11.28;-
      Kaspersky;7.0.0.125;2008.11.29;-
      McAfee;5448;2008.11.28;W32/Span.a
      McAfee+Artemis;5448;2008.11.28;W32/Span.a
      Microsoft;1.4104;2008.11.29;Virus:Win32/Span.A
      NOD32;3650;2008.11.28;-
      Norman;5.80.02;2008.11.28;-
      Panda;9.0.0.4;2008.11.29;W32/Span.A
      PCTools;4.4.2.0;2008.11.28;-
      Prevx1;V2;2008.11.29;-
      Rising;21.05.42.00;2008.11.28;-
      SecureWeb-Gateway;6.7.6;2008.11.28;-
      Sophos;4.36.0;2008.11.29;-
      Sunbelt;3.1.1832.2;2008.11.27;-
      Symantec;10;2008.11.29;Downloader
      TheHacker;6.3.1.1.166;2008.11.28;-
      TrendMicro;8.700.0.1004;2008.11.28;-
      VBA32;3.12.8.9;2008.11.28;-
      ViRobot;2008.11.28.1491;2008.11.28;-
      VirusBuster;4.5.11.0;2008.11.28;Win32.Span.A

      Información adicional
      Tamano archivo: 971800 bytes
      MD5...: eeee30772baac5c727d62393bafe685d
      SHA1..: d0508b7c9a87b5debaff9dd764254228e6727335
      SHA256: b2fb77bd2c9c697178346065af3b6fd9adb4ed9d9b2762e26f37a896d14a3604
      SHA512: 7abd0d7b3d5fd9f696f950d6a7accdab93b85dffc026b196b9dbcd5ed97d2640<BR>d959f6e865292a40c08d83e198a68ed8e4fe27e8a242f6fc5420eece4881bcd4<BR>
      ssdeep: 24576:XMMMMMMwm6W1rcD4NdGc0lWIFzyKkKpnDMMMMMM:XMMMMMMwm6WFcMN90y<BR>KTpDMMMMMM<BR>
      PEiD..: -
      TrID..: File type identification<BR>Win32 Executable MS Visual C++ (generic) (44.9%)<BR>Windows Screen Saver (15.6%)<BR>DOS Executable Borland C++ (15.4%)<BR>Win32 Executable Generic (10.1%)<BR>Win32 Dynamic Link Library (generic) (9.0%)
      PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x402c88<BR>timedatestamp.....: 0x4874f8c7 (Wed Jul 09 17:43:35 2008)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 2 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.data 0x1000 0x28b0 0x2a00 6.00 738df4519b1c96af33d8d1930922e04f<BR>.rsrc 0x4000 0x58c0 0x5a00 4.64 b152085761ef942226f73aecd579dab9<BR><BR>( 9 imports ) <BR>&gt; KERNEL32.dll: GetCurrentThread, GetCurrentProcess, SetPriorityClass, lstrcatA, lstrcpyA, GetEnvironmentVariableA, GetShortPathNameA, GetModuleFileNameA, lstrlenA, SizeofResource, LockResource, LoadResource, FindResourceA, FreeLibrary, EnumResourceNamesA, LoadLibraryA, EndUpdateResourceA, UpdateResourceA, BeginUpdateResourceA, CloseHandle, GlobalFree, ReadFile, VirtualAlloc, GetFileSize, CreateFileA, SetThreadPriority, WriteFile, VirtualFree, DeleteFileA, WaitForSingleObject, CreateProcessA, GetCommandLineA, GetTempFileNameA, GetTempPathA, GetFileAttributesA, GetVersionExA, Process32Next, Process32First, CreateToolhelp32Snapshot, lstrcmpiA, OpenProcess, FindClose, FindNextFileA, FindFirstFileA, GetWindowsDirectoryA, GetSystemTime, GetVolumeInformationA, GetSystemDefaultLangID, GetComputerNameA, GetDriveTypeA, GetLogicalDrives, SetFilePointer, ExitProcess<BR>&gt; USER32.dll: wsprintfA<BR>&gt; PSAPI.DLL: EnumProcessModules, EnumProcesses, GetModuleFileNameExA<BR>&gt; SHELL32.dll: SHChangeNotify, ShellExecuteExA<BR>&gt; DDRAW.dll: DirectDrawCreate<BR>&gt; WININET.dll: HttpSendRequestA, InternetSetOptionA, HttpQueryInfoA, InternetReadFile, InternetCloseHandle, HttpOpenRequestA, InternetOpenUrlA, InternetOpenA, InternetConnectA<BR>&gt; urlmon.dll: ObtainUserAgentString<BR>&gt; MPR.dll: WNetEnumResourceA, WNetOpenEnumA, WNetCloseEnum<BR>&gt; MSVCRT.dll: _beginthreadex, __2@YAPAXI@Z, memset, _endthreadex, memcmp, free, realloc, malloc, memcpy<BR><BR>( 0 exports ) <BR>

      Ahora el del reproductor

      Motor antivirus;Versión;Última actualización;Resultado
      AhnLab-V3;2008.11.28.2;2008.11.28;-
      AntiVir;7.9.0.36;2008.11.28;-
      Authentium;5.1.0.4;2008.11.28;W32/Span.A.gen!Eldorado
      Avast;4.8.1281.0;2008.11.28;Win32:SpanInfector
      AVG;8.0.0.199;2008.11.29;-
      BitDefender;7.2;2008.11.29;Win32.Span.A
      CAT-QuickHeal;10.00;2008.11.29;(Suspicious) - DNAScan
      ClamAV;0.94.1;2008.11.28;W32.Span
      DrWeb;4.44.0.09170;2008.11.29;Win32.HLLP.Zyanq.1
      eSafe;7.0.17.0;2008.11.27;-
      eTrust-Vet;31.6.6234;2008.11.28;-
      Ewido;4.0;2008.11.28;-
      F-Prot;4.4.4.56;2008.11.28;W32/Span.A.gen!Eldorado
      F-Secure;8.0.14332.0;2008.11.29;Suspicious:W32/Malware!Gemini
      Fortinet;3.117.0.0;2008.11.29;W32/Span.B
      GData;19;2008.11.29;Win32.Span.A
      Ikarus;T3.1.1.45.0;2008.11.29;BehavesLikeWin32.FileInfector
      K7AntiVirus;7.10.537;2008.11.28;-
      Kaspersky;7.0.0.125;2008.11.29;-
      McAfee;5448;2008.11.28;W32/Span.a
      McAfee+Artemis;5448;2008.11.28;W32/Span.a
      Microsoft;1.4104;2008.11.29;Virus:Win32/Span.A
      NOD32;3650;2008.11.28;-
      Norman;5.80.02;2008.11.28;-
      Panda;9.0.0.4;2008.11.29;W32/Span.A
      PCTools;4.4.2.0;2008.11.28;-
      Prevx1;V2;2008.11.29;-
      Rising;21.05.42.00;2008.11.28;-
      SecureWeb-Gateway;6.7.6;2008.11.28;-
      Sophos;4.36.0;2008.11.29;-
      Sunbelt;3.1.1832.2;2008.11.27;-
      Symantec;10;2008.11.29;Downloader
      TheHacker;6.3.1.1.166;2008.11.28;-
      TrendMicro;8.700.0.1004;2008.11.28;-
      VBA32;3.12.8.9;2008.11.28;-
      ViRobot;2008.11.28.1491;2008.11.28;-
      VirusBuster;4.5.11.0;2008.11.28;Win32.Span.A

      Información adicional
      Tamano archivo: 887320 bytes
      MD5...: ca9d692549d3d0665288253ff9d441d5
      SHA1..: 645b65a0f4351a69fe713d55850cddda4834ed39
      SHA256: b96207c0ca2a82bc6d97210aced471d4ff4fee38853450b629afc74412854c8d
      SHA512: a4ccfca9594a5b4c606da06eca2ecc5e47f2837647a7a0f87d4b5d3f7688b024<BR>d5617c081fd2ea79e11bd9d99302767e545e7d06d9dcf1713bc9a83686627180<BR>
      ssdeep: 12288:8bybQn1cI2njcScZqFkWpSebQbpIpYVwj8xVV:sGoKdY1ZkMyQpIpYVwEV<BR>V<BR>
      PEiD..: -
      TrID..: File type identification<BR>Win32 Executable MS Visual C++ (generic) (65.2%)<BR>Win32 Executable Generic (14.7%)<BR>Win32 Dynamic Link Library (generic) (13.1%)<BR>Generic Win/DOS Executable (3.4%)<BR>DOS Executable Generic (3.4%)
      PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x402c88<BR>timedatestamp.....: 0x4874f8c7 (Wed Jul 09 17:43:35 2008)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 2 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.data 0x1000 0x28b0 0x2a00 6.00 738df4519b1c96af33d8d1930922e04f<BR>.rsrc 0x4000 0xdacc 0xdc00 6.17 a9871c59ece92118f1ddf1b27ff37dc6<BR><BR>( 9 imports ) <BR>&gt; KERNEL32.dll: GetCurrentThread, GetCurrentProcess, SetPriorityClass, lstrcatA, lstrcpyA, GetEnvironmentVariableA, GetShortPathNameA, GetModuleFileNameA, lstrlenA, SizeofResource, LockResource, LoadResource, FindResourceA, FreeLibrary, EnumResourceNamesA, LoadLibraryA, EndUpdateResourceA, UpdateResourceA, BeginUpdateResourceA, CloseHandle, GlobalFree, ReadFile, VirtualAlloc, GetFileSize, CreateFileA, SetThreadPriority, WriteFile, VirtualFree, DeleteFileA, WaitForSingleObject, CreateProcessA, GetCommandLineA, GetTempFileNameA, GetTempPathA, GetFileAttributesA, GetVersionExA, Process32Next, Process32First, CreateToolhelp32Snapshot, lstrcmpiA, OpenProcess, FindClose, FindNextFileA, FindFirstFileA, GetWindowsDirectoryA, GetSystemTime, GetVolumeInformationA, GetSystemDefaultLangID, GetComputerNameA, GetDriveTypeA, GetLogicalDrives, SetFilePointer, ExitProcess<BR>&gt; USER32.dll: wsprintfA<BR>&gt; PSAPI.DLL: EnumProcessModules, EnumProcesses, GetModuleFileNameExA<BR>&gt; SHELL32.dll: SHChangeNotify, ShellExecuteExA<BR>&gt; DDRAW.dll: DirectDrawCreate<BR>&gt; WININET.dll: HttpSendRequestA, InternetSetOptionA, HttpQueryInfoA, InternetReadFile, InternetCloseHandle, HttpOpenRequestA, InternetOpenUrlA, InternetOpenA, InternetConnectA<BR>&gt; urlmon.dll: ObtainUserAgentString<BR>&gt; MPR.dll: WNetEnumResourceA, WNetOpenEnumA, WNetCloseEnum<BR>&gt; MSVCRT.dll: _beginthreadex, __2@YAPAXI@Z, memset, _endthreadex, memcmp, free, realloc, malloc, memcpy<BR><BR>( 0 exports ) <BR>

      ¿Que sigue?
      Última edición por malu lara fecha: 28/11/08 a las 23:07:03

    4. #14
      Ex-Colaborador Avatar de Anleg_30
      Registrado
      dic 2007
      Ubicación
      Bna-Venezuela
      Mensajes
      10.546

      re: virus persistentes (Solucionado)

      Hola,

      Las aplicasiones estan infectadas , estan renombradas con la extensión ".vir" para que no las puedas ejecutar y se propague la infección.

      Realiza un nuevo Scan con el Panda y esta vez registrate como indica el manual para que este te pueda desinfectar todas las aplicasiones, mientras sea virus la desinfección es gratuita



      Blog | Antivirus Online | Eliminar Malwares | Antivirus Gratis

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #15
      Usuario Avatar de malu lara
      Registrado
      abr 2008
      Ubicación
      mexico
      Mensajes
      46

      re: virus persistentes (Solucionado)

      Buenas tardes anleg 30 aca estoy de nuevo dando molestias

      mira en vista de que hemos batallado con este virus hice el escaneo del panda en modo seguro con conexion a la red y desactive restaurar sistema porque el anterior lo habia hecho normal todo y me aviso que no se podia desinfectar despues de este reporte que te pongo desinfecte, busque manualmente y elimine y volvi a escanear me salieron ocho archivos infectados y no los pudo desinfectar y me dice que revise los permisos de estos archivos.

      Código:
      ;***********************************************************************************************************************************************************************************
      ANALYSIS: 2008-11-30 12:11:13
      PROTECTIONS: 1
      MALWARE: 1
      SUSPECTS: 0
      ;***********************************************************************************************************************************************************************************
      PROTECTIONS
      Description                                  Version                       Active    Updated
      ;===================================================================================================================================================================================
      ESET Smart Security 3.0                      3.0                           Yes       Yes
      ;===================================================================================================================================================================================
      MALWARE
      Id        Description                        Type                Active    Severity  Disinfectable  Disinfected Location
      ;===================================================================================================================================================================================
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\All Users\Application Data\EmailNotifier\EmailNotifier_exe.vir0
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup_exe.vir
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup_exe.vir0
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\All Users\Application Data\Megaupload\Megauper_exe.vir
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\All Users\Application Data\Megaupload\Megauper_exe.vir0
      00442191  W32/Span.A                         Virus               No        0         Yes            Yes          C:\Program Files\Messenger\msmsgs_exe.vir
      00442191  W32/Span.A                         Virus               No        0         Yes            Yes          C:\Program Files\Messenger\msmsgs_exe.vir0
      00442191  W32/Span.A                         Virus               No        0         Yes            No           C:\Documents and Settings\All Users\Application Data\EmailNotifier\EmailNotifier_exe.vir
      ;===================================================================================================================================================================================
      SUSPECTS
      Sent      Location                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              D
      ;===================================================================================================================================================================================
      ;===================================================================================================================================================================================
      VULNERABILITIES
      Id        Severity   Description                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                D
      ;===================================================================================================================================================================================
        184379  MEDIUM     MS08-001                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   D
        182048  HIGH       MS07-069                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   D
        182043  HIGH       MS07-064                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   D
      ;===================================================================================================================================================================================
      me pone como ves que hay algunas vulnerabilidades, como podria solucionarlas? Saludos mexicanisimos

    6. #16
      Ex-Colaborador Avatar de Anleg_30
      Registrado
      dic 2007
      Ubicación
      Bna-Venezuela
      Mensajes
      10.546

      re: virus persistentes (Solucionado)

      Hola no hay molestia alguna,

      Desinstala MalwareBytes y quita la Barra de Megaupload que estan contaminadas.

      .-Descarga y descomprime The Avenger + Manual


      1. Abre the Avenger
      2. Debajo de "Input script here" pegas el siguiente código

        Código HTML:
        Folders to delete:
        C:\Documents and Settings\All Users\Application Data\Malwarebytes
        
        
        Files to delete:
        C:\Documents and Settings\All Users\Application Data\EmailNotifier\EmailNotifier_exe.vir0
        C:\Documents and Settings\All Users\Application Data\Megaupload\Megauper_exe.vir
        C:\Documents and Settings\All Users\Application Data\Megaupload\Megauper_exe.vir0
        C:\Documents and Settings\All Users\Application Data\EmailNotifier\EmailNotifier_exe.vir
      3. Para comenzar la supresión pulsa sobre "Execute"
      4. Te pedirá confirmacion para la eliminación, dices que si
      5. Luego confirma para reiniciar tu PC


      Luego del reinicio dejame el reporte que se guradará en C:\Avenger.txt


      Las Vulenerabilidades son solo actualizaciones que aun no llegan o le faltan a tu sistema. Solo pasate por Microfoft Update o descargarlas manualmente desde el mismo sitio de Microsoft buscandolas por su boletin de seguridad:(MS08-001,MS07-069 ,MS07-064) que son la sque detecta el Panda.



      Comentame como esta tu PC ¿?



      Blog | Antivirus Online | Eliminar Malwares | Antivirus Gratis

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    7. #17
      Usuario Avatar de malu lara
      Registrado
      abr 2008
      Ubicación
      mexico
      Mensajes
      46

      re: virus persistentes (Solucionado)

      Buenas noches anleg30.

      Segui tus instrucciones y por si acaso active la casilla de desactivar rootkits este es el reporte:

      Código:
      //////////////////////////////////////////
        Avenger Pre-Processor log
      //////////////////////////////////////////
      
      Platform: Windows XP (build 2600, Service Pack 2)
      Tue Dec 02 17:56:27 2008
      
      17:56:27: Error: Invalid script.  A valid script must begin with a command directive.
      Aborting execution!
      
      
      //////////////////////////////////////////
      
      
      Logfile of The Avenger Version 2.0, (c) by Swandog46
      http://swandog46.geekstogo.com
      
      Platform:  Windows XP
      
      *******************
      
      Script file opened successfully.
      Script file read successfully.
      
      Backups directory opened successfully at C:\Avenger
      
      *******************
      
      Beginning to process script file:
      
      Rootkit scan active.
      No rootkits found!
      
      
      Error:  folder "C:\Documents and Settings\All Users\Application Data\Malwarebytes" not found!
      Deletion of folder "C:\Documents and Settings\All Users\Application Data\Malwarebytes" failed!
      Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
        --> the object does not exist
      
      
      Error:  file "C:\Documents and Settings\All Users\Application Data\EmailNotifier\EmailNotifier_exe.vir0" not found!
      Deletion of file "C:\Documents and Settings\All Users\Application Data\EmailNotifier\EmailNotifier_exe.vir0" failed!
      Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
        --> the object does not exist
      
      
      Error:  could not open file "C:\Documents and Settings\All Users\Application Data\Megaupload\Megauper_exe.vir"
      Deletion of file "C:\Documents and Settings\All Users\Application Data\Megaupload\Megauper_exe.vir" failed!
      Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
        --> bad path / the parent directory does not exist
      
      
      Error:  could not open file "C:\Documents and Settings\All Users\Application Data\Megaupload\Megauper_exe.vir0"
      Deletion of file "C:\Documents and Settings\All Users\Application Data\Megaupload\Megauper_exe.vir0" failed!
      Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
        --> bad path / the parent directory does not exist
      
      
      Error:  file "C:\Documents and Settings\All Users\Application Data\EmailNotifier\EmailNotifier_exe.vir" not found!
      Deletion of file "C:\Documents and Settings\All Users\Application Data\EmailNotifier\EmailNotifier_exe.vir" failed!
      Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
        --> the object does not exist
      
      
      Completed script processing.
      
      *******************
      
      Finished!  Terminate.



      La carpeta que se abre sola que es donde tenia un Malwarebytes viejo no se deja eliminar sale un aviso que dice en ingles que no se puede borrar nbamext.dll acceso denegado. Asegurese que el disco no esta lleno o protegido contra escritura y que el archivo no este usandose.
      No esta de màs decir que el malware no lo tengo instalado. La compu esta agil, hasta el momento el detalle de la carpeta es lo unico que le noto, ya te comentare si descubro algo raro. Tengo otra computadora enfermita con problemas diferentes quisiera saber si tengo que terminar primero con un tema o puedo abrir otro para atender mi otro problema. Te agradesco tu tiempo y tus atenciones. Estare al pendiente. Gracias.

    8. #18
      Ex-Colaborador Avatar de Anleg_30
      Registrado
      dic 2007
      Ubicación
      Bna-Venezuela
      Mensajes
      10.546

      re: virus persistentes (Solucionado)

      Descarga el SilentRunner para hacerlo (dale click con el boton derecho del mouse al enlace y luego en Guardar enlace cómo/ guardar destino) creas una carpeta en el escritorio y ally lo guardas.

      Nota: Si usas Firefox por protección añadirá al archivo la extensión ".txt" deberas quitarla para que quede con extensión ".vbs"
      Ejecuta el script (archivo), te hará unas preguntas, responde a las preguntas: 'No' y 'Si' (en ese orden) y luego pulsa Ok para comenzar.

      Ten paciencia hasta que termine el proceso (son 5m aprox.) y no abras el archivo de texto llamado "Startup Programs" que aparecerá en la carpeta hasta que salga una ventana como la siguiente:


      (si lo abres o envías antes de ver la imagen , no estará completo)


      Al terminar aceptas, abres el archivo "Startup Programs" copias el contenido y lo colocas aca.



      Blog | Antivirus Online | Eliminar Malwares | Antivirus Gratis

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    9. #19
      Usuario Avatar de malu lara
      Registrado
      abr 2008
      Ubicación
      mexico
      Mensajes
      46

      re: virus persistentes (Solucionado)

      Bien, seguimos dando la batalla gracias por ayudarme.

      Código:
      "Silent Runners.vbs", revision 58, http://www.silentrunners.org/
      Operating System: Windows XP SP2
      Output limited to non-default values, except where indicated by "{++}"
      
      
      Startup items buried in registry:
      ---------------------------------
      
      HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
      "CTFMON.EXE" = "C:\WINDOWS\system32\ctfmon.exe" [MS]
      "SpybotSD TeaTimer" = "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" ["Safer Networking Limited"]
      "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" = ""C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"" ["Nero AG"]
      
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
      "SoundMan" = "SOUNDMAN.EXE" ["Realtek Semiconductor Corp."]
      "RemoteControl" = ""C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"" ["Cyberlink Corp."]
      "SiSPower" = "Rundll32.exe SiSPower.dll,ModeAgent" [MS]
      
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
      {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided)
        -> {HKLM...CLSID} = "Aplicación auxiliar de vínculos de Adobe PDF Reader"
                         \InProcServer32\(Default) = "C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"]
      {53707962-6F74-2D53-2644-206D7942484F}\(Default) = (no title provided)
        -> {HKLM...CLSID} = "Spybot-S&D IE Protection"
                         \InProcServer32\(Default) = "C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll" ["Safer Networking Limited"]
      {9030D464-4C02-4ABF-8ECC-5164760863C6}\(Default) = (no title provided)
        -> {HKLM...CLSID} = "Windows Live Aplicación auxiliar de inicio de sesión"
                         \InProcServer32\(Default) = "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll" [MS]
      
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
      "{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Display Panning CPL Extension"
        -> {HKLM...CLSID} = "Display Panning CPL Extension"
                         \InProcServer32\(Default) = "deskpan.dll" [file not found]
      "{88895560-9AA2-1069-930E-00AA0030EBC8}" = "HyperTerminal Icon Ext"
        -> {HKLM...CLSID} = "HyperTerminal Icon Ext"
                         \InProcServer32\(Default) = "C:\WINDOWS\system32\hticons.dll" ["Hilgraeve, Inc."]
      "{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D}" = "Messenger Sharing Folders"
        -> {HKLM...CLSID} = "Mis carpetas para compartir"
                         \InProcServer32\(Default) = "C:\Program Files\Windows Live\Messenger\fsshext.8.5.1302.1018.dll" [MS]
      "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"
        -> {HKLM...CLSID} = "WinRAR"
                         \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
      "{B327765E-D724-4347-8B16-78AE18552FC3}" = "NeroDigitalIconHandler"
        -> {HKLM...CLSID} = "NeroDigitalIconHandler Class"
                         \InProcServer32\(Default) = "C:\Program Files\Common Files\Nero\Lib\NeroDigitalExt.dll" ["Nero AG"]
      "{7F1CF152-04F8-453A-B34C-E609530A9DC8}" = "NeroDigitalPropSheetHandler"
        -> {HKLM...CLSID} = "NeroDigitalPropSheetHandler Class"
                         \InProcServer32\(Default) = "C:\Program Files\Common Files\Nero\Lib\NeroDigitalExt.dll" ["Nero AG"]
      
      HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\
      {7D4D6379-F301-4311-BEBA-E26EB0561882}\(Default) = "NeroDigitalExt.NeroDigitalColumnHandler"
        -> {HKLM...CLSID} = "NeroDigitalColumnHandler Class"
                         \InProcServer32\(Default) = "C:\Program Files\Common Files\Nero\Lib\NeroDigitalExt.dll" ["Nero AG"]
      {F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = "PDF Column Info"
        -> {HKLM...CLSID} = "PDF Shell Extension"
                         \InProcServer32\(Default) = "C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll" ["Adobe Systems, Inc."]
      
      HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\
      WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
        -> {HKLM...CLSID} = "WinRAR"
                         \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
      
      HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\
      WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
        -> {HKLM...CLSID} = "WinRAR"
                         \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
      
      HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\
      MBAMShlExt\(Default) = "{57CE581A-0CB6-4266-9CA0-19364C90A0B3}"
        -> {HKLM...CLSID} = "MBAMShlExt Class"
                         \InProcServer32\(Default) = "C:\Documents and Settings\Owner\Desktop\New Folder\anty malware\Malwarebytes' Anti-Malware\new\Malwarebytes' Anti-Malware\mbamext.dll" ["Malwarebytes Corporation"]
      WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
        -> {HKLM...CLSID} = "WinRAR"
                         \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
      
      HKLM\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\
      MBAMShlExt\(Default) = "{57CE581A-0CB6-4266-9CA0-19364C90A0B3}"
        -> {HKLM...CLSID} = "MBAMShlExt Class"
                         \InProcServer32\(Default) = "C:\Documents and Settings\Owner\Desktop\New Folder\anty malware\Malwarebytes' Anti-Malware\new\Malwarebytes' Anti-Malware\mbamext.dll" ["Malwarebytes Corporation"]
      
      
      Group Policies {policy setting}:
      --------------------------------
      
      Note: detected settings may not have any effect.
      
      HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\
      
      "DisablePersonalDirChange" = (REG_DWORD) dword:0x00000001
      {unrecognized setting}
      
      "Intellimenus" = (REG_DWORD) dword:0x00000001
      {unrecognized setting}
      
      "LockTaskbar" = (REG_DWORD) dword:0x00000001
      {unrecognized setting}
      
      "NoChangeAnimation" = (REG_DWORD) dword:0x00000001
      {unrecognized setting}
      
      "NoComputersNearMe" = (REG_DWORD) dword:0x00000001
      {unrecognized setting}
      
      "NoDFSTab" = (REG_DWORD) dword:0x00000001
      {unrecognized setting}
      
      "NoManageMyComputerVerb" = (REG_DWORD) dword:0x00000001
      {unrecognized setting}
      
      "NoMovingBands" = (REG_DWORD) dword:0x00000001
      {unrecognized setting}
      
      "NoNetConnectDisconnect" = (REG_DWORD) dword:0x00000001
      {unrecognized setting}
      
      "NoNetHood" = (REG_DWORD) dword:0x00000001
      {unrecognized setting}
      
      "NoNetworkConnections" = (REG_DWORD) dword:0x00000001
      {Remove Network Connections from Start Menu}
      
      "NoRecentDocsNetHood" = (REG_DWORD) dword:0x00000001
      {unrecognized setting}
      
      "NoSecurityTab" = (REG_DWORD) dword:0x00000001
      {Remove Security tab}
      
      "NoSharedDocuments" = (REG_DWORD) dword:0x00000001
      {Remove Shared Documents from My Computer}
      
      "NoStartMenuNetworkPlaces" = (REG_DWORD) dword:0x00000001
      {unrecognized setting}
      
      "NoTaskGrouping" = (REG_DWORD) dword:0x00000000
      {unrecognized setting}
      
      "DisallowCpl" = (REG_DWORD) dword:0x00000001
      {Hide specified control panel applets / items}
      
      "NoRecentDocsHistory" = (REG_DWORD) dword:0x00000001
      {unrecognized setting}
      
      "NoRecentDocsMenu" = (REG_DWORD) dword:0x00000001
      {unrecognized setting}
      
      "NoSimpleStartMenu" = (REG_DWORD) dword:0x00000000
      {unrecognized setting}
      
      "NoStartMenuPinnedList" = (REG_DWORD) dword:0x00000000
      {unrecognized setting}
      
      "NoOnlinePrintsWizard" = (REG_DWORD) dword:0x00000001
      {unrecognized setting}
      
      "NoWebServices" = (REG_DWORD) dword:0x00000001
      {unrecognized setting}
      
      "NoWebView" = (REG_DWORD) dword:0x00000000
      {unrecognized setting}
      
      "NoEnumEntireNetwork" = (REG_DWORD) dword:0x00000001
      {unrecognized setting}
      
      "HideRunAsVerb" = (REG_DWORD) dword:0x00000001
      {unrecognized setting}
      
      "NoThumbnailCache" = (REG_DWORD) dword:0x00000001
      {unrecognized setting}
      
      "ForceClassicControlPanel" = (REG_DWORD) dword:0x00000000
      {unrecognized setting}
      
      "LinkResolveIgnoreLinkInfo" = (REG_DWORD) dword:0x00000000
      {unrecognized setting}
      
      "NoSaveSettings" = (REG_DWORD) dword:0x00000000
      {Don't save settings at exit}
      
      "NoActiveDesktop" = (REG_DWORD) dword:0x00000000
      {Disable Active Desktop}
      
      "StartMenuLogOff" = (REG_DWORD) dword:0x00000001
      {unrecognized setting}
      
      "ForceActiveDesktopOn" = (REG_DWORD) dword:0x00000000
      {Enable Active Desktop}
      
      "ClassicShell" = (REG_DWORD) dword:0x00000000
      {Enable Classic Shell / Turn on Classic Shell}
      
      "NoLogoff" = (REG_DWORD) dword:0x00000001
      {Disable Logoff}
      
      "NoChangeStartMenu" = (REG_DWORD) dword:0x00000001
      {unrecognized setting}
      
      "NoCloseDragDropBands" = (REG_DWORD) dword:0x00000001
      {unrecognized setting}
      
      "NoSetTaskbar" = (REG_DWORD) dword:0x00000001
      {Prevent changes to Taskbar and Start Menu Settings}
      
      "NoActiveDesktopChanges" = (REG_DWORD) dword:0x00000001
      {Prohibit changes}
      
      "NoTrayContextMenu" = (REG_DWORD) dword:0x00000001
      {unrecognized setting}
      
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\
      
      "LinkResolveIgnoreLinkInfo" = (REG_DWORD) dword:0x00000000
      {unrecognized setting}
      
      "NoResolveSearch" = (REG_DWORD) dword:0x00000001
      {unrecognized setting}
      
      HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowCpl\
      
      "1" = (REG_SZ) Taskbar and Start Menu
      {unrecognized setting}
      
      "2" = (REG_SZ) nusrmgr.cpl
      {unrecognized setting}
      
      "3" = (REG_SZ) netsetup.cpl
      {unrecognized setting}
      
      HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\
      
      "DisableChangePassword" = (REG_DWORD) dword:0x00000001
      {unrecognized setting}
      
      "DisableLockWorkstation" = (REG_DWORD) dword:0x00000001
      {unrecognized setting}
      
      "NoColorChoice" = (REG_DWORD) dword:0x00000001
      {unrecognized setting}
      
      "NoVisualStyleChoice" = (REG_DWORD) dword:0x00000001
      {unrecognized setting}
      
      "NoDispAppearancePage" = (REG_DWORD) dword:0x00000001
      {unrecognized setting}
      
      HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions\
      
      "NoUpdateCheck" = (REG_DWORD) dword:0x00000001
      {unrecognized setting}
      
      
      Active Desktop and Wallpaper:
      -----------------------------
      
      Active Desktop may be disabled at this entry:
      HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState
      
      Displayed if Active Desktop enabled and wallpaper not set by Group Policy:
      HKCU\Software\Microsoft\Internet Explorer\Desktop\General\
      "Wallpaper" = "C:\WINDOWS\Web\Wallpaper\SE_neutral_wallpaper.bmp"
      
      Displayed if Active Desktop disabled and wallpaper not set by Group Policy:
      HKCU\Control Panel\Desktop\
      "Wallpaper" = "C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp"
      
      
      Enabled Screen Saver:
      ---------------------
      
      HKCU\Control Panel\Desktop\
      "SCRNSAVE.EXE" = "C:\WINDOWS\system32\ssspiral.scr" [null data]
      
      
      Enabled Scheduled Tasks:
      ------------------------
      
      "Norton Security Scan" -> launches: "C:\Program Files\Norton Security Scan\Nss.exe /scan-full /scheduled" [file not found]
      "RegCure Program Check" -> launches: "C:\Program Files\RegCure\RegCure.exe ShowReminders" [file not found]
      "RegCure" -> launches: "C:\Program Files\RegCure\RegCure.exe -t" [file not found]
      
      
      Winsock2 Service Provider DLLs:
      -------------------------------
      
      Namespace Service Providers
      
      HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
      000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
      000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
      000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
      
      Transport Service Providers
      
      HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
      0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
      %SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 13
      %SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05
      
      
      Toolbars, Explorer Bars, Extensions:
      ------------------------------------
      
      Extensions (Tools menu items, main toolbar menu buttons)
      
      HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\
      {DFB852A3-47F8-48C4-A200-58CAB36FD2A2}\
      "MenuText" = "Spybot - Search & Destroy Configuration"
      "CLSIDExtension" = "{53707962-6F74-2D53-2644-206D7942484F}"
        -> {HKLM...CLSID} = "Spybot-S&D IE Protection"
                         \InProcServer32\(Default) = "C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll" ["Safer Networking Limited"]
      
      {FB5F1910-F110-11D2-BB9E-00C04F795683}\
      "ButtonText" = "Messenger"
      "MenuText" = "Windows Messenger"
      "Exec" = "C:\Program Files\Messenger\msmsgs.exe" [file not found]
      
      
      Miscellaneous IE Hijack Points
      ------------------------------
      
      HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\
      <<H>> "Tabs" = "res://ieframe.dll/tabswelcome.htm" [file not found]
      
      
      Running Services (Display Name, Service Name, Path {Service DLL}):
      ------------------------------------------------------------------
      
      NMSAccessU, NMSAccessU, "C:\Program Files\CDBurnerXP\NMSAccessU.exe" [null data]
      Windows User Mode Driver Framework, UMWdf, "C:\WINDOWS\system32\wdfmgr.exe" [MS]
      
      
      ---------- (launch time: 2008-12-02 21:55:47)
      <<H>>: Suspicious data at a browser hijack point.
      
      + This report excludes default entries except where indicated.
      + To see *everywhere* the script checks and *everything* it finds,
        launch it from a command prompt or a shortcut with the -all parameter.
      + The search for DESKTOP.INI DLL launch points on all local fixed drives
        took 118 seconds.
      ---------- (total run time: 197 seconds)
      ::ups::


      Disculpa la insistencia, podria abrir otro tema con un problema de otra pc o tengo que terminar primero con este?


      P.D Anduve trasteando y veo que en el menu inicio aparece el megaupload y el malwarebytes. Quise iniciar sesion para revisar mi correo y no encontre el icono por ningun lado, entre por la pagina de windows live pero no tengo la opcion de messenger asi que hice otro escaneo con el norton security scan y adivina..... ¡¡¡mas porquerìa!!! Ay Anlegsito porfa no me pierdas la paciencia esta pc quiero limpiarla porque es de mi tia y la inocente no sabe que se la llené de basura la otra que mencione es mia asi que puede esperar.

      Casi me da pena poner el reporte del norton... bueno c a s i:

      Estado del análisis:

      Análisis: 1

      Iniciar análisis: 12/02/08 23:30:37

      Objetivos del análisis: Procesos en ejecución; Puntos de entrada;C:\

      Definiciones de virus: 12/02/08

      Recuento del análisis: 139950

      Riesgos detectados: 3

      Riesgos resueltos: 0

      Riesgos sin resolver: 3

      Hora del análisis: 1941 s

      Análisis completo: 12/03/08 00:02:59



      Amenazas resueltas:



      Amenazas sin resolver:

      Tracking Cookie

      ID del virus: 4294909925

      Riesgo: Bajo

      Categorías: Cookie

      Estado: No controlado

      -----------

      Cookie:

      Cookie:[email protected]/

      Cookie:[email protected]/





      Downloader

      ID del virus: 26637

      Riesgo: Alto

      Categorías: Virus

      Estado: No controlado

      -----------

      Infección:

      c:\program files\messenger\msmsgs_exe.vir





      Downloader

      ID del virus: 26637

      Riesgo: Alto

      Categorías: Virus

      Estado: No controlado

      -----------

      Infección:

      c:\program files\messenger\msmsgs_exe.vir0








      --------------------------------------------------------------------------
      Última edición por malu lara fecha: 03/12/08 a las 02:36:20

    10. #20
      Ex-Colaborador Avatar de Anleg_30
      Registrado
      dic 2007
      Ubicación
      Bna-Venezuela
      Mensajes
      10.546

      re: virus persistentes (Solucionado)

      P.D Anduve trasteando y veo que en el menu inicio aparece el megaupload y el malwarebytes.
      En el reporte del SilentRunner no estan asi que solo deben estar en el menú inicio como accesos anclados.
      Quise iniciar sesion para revisar mi correo y no encontre el icono por ningun lado, entre por la pagina de windows live pero no tengo la opcion de messenger asi que hice otro escaneo con el norton security scan y adivina..... ¡¡¡mas porquerìa
      Lo que pasa es que ese archivo también esta contaminado y se me paso mandarlo a eliminar por eso es que no te puedes conectar y eso es lo que muestra el reporte que me dejastes.

      Por lo demás no hay nada dañino en tu PC, asi que desinstala el Messenger y elimina su carpeta: C:\Program Files\Messenger, pasa el CCleaner y vuelve a instalarlo.

      Descarga OTMoveit3 + MANUAL

      Ejecuta la Herramienta OTMoveIt:

      • Haz doble clic sobre OTMoveIt.exe para ejecutarlo.
      • Asegurate que esté marcado "Unregister Dll's and Ocx's".
      • Copia el texto que te dejo en el recuadrado de abajo, y
        pega el texto en el marco izquierdo de OTMoveIt2 llamado "Paste Standard List of Files / Folders to be Moved"

      Código HTML:
      :Reg
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID]
      "{57CE581A-0CB6-4266-9CA0-19364C90A0B3}"=-
      
      :Files
      c:\program files\messenger\msmsgs_exe.vir
      c:\program files\messenger\msmsgs_exe.vir0
      C:\Documents and Settings\Owner\Desktop\New Folder\anty malware\Malwarebytes' Anti-Malware
      
      :Commands
      [emptytemp]
      [Reboot]
      • Pulsa sobre MoveIt!para lanzar la supresión.
      • Cuando el resultado aparezca en el marco Results, pulsa en Exit
      • Si no reinicia automáticamente, entonces debes Reiniciar (muy importante para eliminar todo)
      • Se creará un reporte en C: \ _ OTMoveIt\MovedFiles con la extensión ".log" lo
        buscas y lo dejas en tu siguiente Post.



      Despues de eso verifica si se vuelve a abrir la carpeta al inicio. y para abrir otro tema solo debes dar por terminado o solventado este, lo que suceda primero



      Blog | Antivirus Online | Eliminar Malwares | Antivirus Gratis

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.