Foro de InfoSpyware - Foro de Hijackthis - Foro de Virus

Hola abro es tema luego de haber leido y leido por varias horas y tratar pero nada. lo q pasa es que al rato de iniciar windows pierdo el sonido y me dice q no hay ningun dispositivo mezclador disponible y la apariencia de la barra de inicio se vuelve la clasica de windows pero al riniciar vuelve todo a la normalidad por un tiempo. los driver no son y ya formatee e instale todo 2 veces y no se q hacer . lo ultimo q hice fue:

*pase el nod32
*entre en modo seguro
*pase ccleaner archivos y registro
*pase el Malwarebytes' Anti-Malware elimine unos archivos q me detecto y reinicie
*volvi a pasar ccleaner y todo igual de mal
*volvi a pasar Malwarebytes' Anti-Malware y encontro otros problemas, reinicie pase ccleaner y todo igual
*despues me anime con combofix luego reinicie pase ccleaner y sigue igual .
Ahora estoy por pasar el Kapersky online y vere que pasa.

Bue mientras escribia el largo msj realize otro analisis con nod32 y no encontro ninguna amenaza esta vez.

Estos son los registros del Malwarebytes' Anti-Malware:

-El 1º

Malwarebytes' Anti-Malware 1.41
Versión de la Base de Datos: 3090
Windows 5.1.2600 Service Pack 2

02/11/2009 10:40:07 p.m.
mbam-log-2009-11-02 (22-40-07).txt

Tipo de examen : Examen Completo (C:\|D:\|)
Objetos examinados: 161966
Tiempo transcurrido: 18 minute(s), 0 second(s)

Procesos en Memoria Infectados: 0
Módulos en Memoria Infectados: 0
Claves del Registro Infectadas: 0
Valores del Registro Infectados: 1
Elementos de Datos del Registro Infectados: 1
Carpetas Infectadas: 0
Ficheros Infectados: 6

Procesos en Memoria Infectados:
(No se han detectado elementos maliciosos)

Módulos en Memoria Infectados:
(No se han detectado elementos maliciosos)

Claves del Registro Infectadas:
(No se han detectado elementos maliciosos)

Valores del Registro Infectados:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Policies\Explorer\ForceClassicControlPan el (Hijack.ControlPanelStyle) -> Quarantined and deleted successfully.

Elementos de Datos del Registro Infectados:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Policies\Explorer\NoSMHelp (Hijack.Help) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Carpetas Infectadas:
(No se han detectado elementos maliciosos)

Ficheros Infectados:
D:\Mis Documentos\ChArLo\laboratorio w200\no se\flash cel\setool2lite\setool2lt.exe (Malware.Packer.T) -> Quarantined and deleted successfully.
D:\Mis Documentos\ChArLo\laboratorio w200\no se\Todo_lo_necesario\Todo_lo_necesario\SETool 2 Lite\setool2lt.exe (Malware.Packer.T) -> Quarantined and deleted successfully.
D:\RECYCLER\S-1-5-21-1004336348-854245398-682003330-500\Dd25\ILLUSION_V1.EXE (Trojan.Hijacker) -> Quarantined and deleted successfully.
D:\RECYCLER\S-1-5-21-1004336348-854245398-682003330-500\Dd25\I386\SYSTEM32\SMSS.EXE (Worm.Autorun.B) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{3C69AAE7-5712-4E4A-9480-C2B92EBB7B58}\RP11\A0002699.exe (Malware.Tool) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{3C69AAE7-5712-4E4A-9480-C2B92EBB7B58}\RP11\A0002701.exe (Malware.Tool) -> Quarantined and deleted successfully.


-El 2º

Malwarebytes' Anti-Malware 1.41
Versión de la Base de Datos: 3090
Windows 5.1.2600 Service Pack 2 (Safe Mode)

02/11/2009 11:16:37 p.m.
mbam-log-2009-11-02 (23-16-37).txt

Tipo de examen : Examen Completo (C:\|D:\|)
Objetos examinados: 161534
Tiempo transcurrido: 12 minute(s), 25 second(s)

Procesos en Memoria Infectados: 0
Módulos en Memoria Infectados: 0
Claves del Registro Infectadas: 0
Valores del Registro Infectados: 2
Elementos de Datos del Registro Infectados: 0
Carpetas Infectadas: 0
Ficheros Infectados: 1

Procesos en Memoria Infectados:
(No se han detectado elementos maliciosos)

Módulos en Memoria Infectados:
(No se han detectado elementos maliciosos)

Claves del Registro Infectadas:
(No se han detectado elementos maliciosos)

Valores del Registro Infectados:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Policies\Explorer\Run\Microsoft Driver Setup (Worm.Palevo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\Microsoft Driver Setup (Worm.Palevo) -> Quarantined and deleted successfully.

Elementos de Datos del Registro Infectados:
(No se han detectado elementos maliciosos)

Carpetas Infectadas:
(No se han detectado elementos maliciosos)

Ficheros Infectados:
C:\WINDOWS\system32\drivers\BStBT.exe (Worm.Palevo) -> Delete on reboot.

Bueno espero qu me puedan dar una mano xp yo . Desde ya gracias

Hola charloq bienvenido al foro

Recuerda leer:
Políticas del Foro de InfoSpyware
Consejos para antes de publicar un nuevo mensaje
__________________________________________________ _________________

Pasa Kaspersky Online y cuando tengas su reporte lo pones en este tema para ver que podemos hacer.

Saludos.

aca dejo el reporte del kaspersky online:

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0: scan report
Tuesday, November 3, 2009
Operating system: Microsoft Windows XP Professional Service Pack 2 (build 2600)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Tuesday, November 03, 2009 03:46:15
Records in database: 3116132
--------------------------------------------------------------------------------

Scan settings:
scan using the following database: extended
Scan archives: yes
Scan e-mail databases: yes

Scan area - My Computer:
A:\
C:\
D:\
E:\

Scan statistics:
Objects scanned: 68958
Threats found: 5
Infected objects found: 8
Suspicious objects found: 0
Scan duration: 03:08:41


File name / Threat / Threats count
C:\WINDOWS\system32\04.scr Infected: Trojan.Win32.Kreeper.gd 1
C:\WINDOWS\system32\13.scr Infected: Trojan.Win32.Kreeper.gd 1
C:\WINDOWS\system32\45.scr Infected: Trojan.Win32.Kreeper.gd 1
C:\WINDOWS\system32\cmdow.exe Infected: not-a-virus:RiskTool.Win32.HideWindows 1
D:\PROGRAMAS\utiles\apariencia\issopack-4.6-setup.zip Infected: not-a-virus:RiskTool.Win32.WFPDisabler.a 1
D:\PROGRAMAS\utiles\apariencia\themes\Blissta\Blis sta\Logoff\LSPatch.zip Infected: not-a-virus:RiskTool.Win32.CloseApp.e 1
D:\PROGRAMAS\utiles\apariencia\themes\Blissta.rar Infected: not-a-virus:RiskTool.Win32.CloseApp.e 1
D:\PROGRAMAS\utiles\apariencia\themes\Blissta.rar Infected: Trojan.Win32.Genome.jff 1

Selected area has been scanned.

Hola

Realiza lo siguiente:
Descarga OTM, su manual en el Escritorio.

• Doble clic sobre "OTM.exe" para ejecutarlo.
• NOTA: Asegúrate que esté marcado "Unregister Dll's and Ocx's".
• Copia el texto que se encuentra en el recuadrado de abajo, y pegar el texto en el marco izquierdo de OTM llamado "Paste Instrsuctions for items to Moved".

• Da clic en MoveIt! para lanzar la supresión.
• Se abrirá un aviso preguntando si deseas reiniciar el PC:
• Pulsar sobre YES para reiniciar inmediatamente

Creara un reporté que se encuentra generalmente en C: \ _ OTM\MovedFiles\***_***.log

Descarga Dr.Web CureIt!, su manual.

-Ejecuta Dr.Web CureIt! como lo indica su manual.

• Realizando un escaneo completo
• (Elimina lo que encuentre)

Usa CCleaner

• En su opción de Limpiador para limpiar los archivos temporales, cookies y archivos innecesarios del PC.
• luego en su opción de Registro (haciendo copia de seguridad)

Para terminar realiza un escaneo con Kaspersky Online su manual
Pega el reporté que generé junto con el de OTM y el de Dr.Web CureIt!.

Saludos.

Hola gracias por contestar y perdon por la demora pero estaba a full con la facu. Realize el analisis con Kaspersky pero dio error unpoco mas de la mitad de realizado y cada vez que quiero volver a hacerlo no se xq pero pierdo la conexion cuando esta descargando los updates. Le hice un Scan con el panda online y recien termina.
bueno te paso los logs:

OTM
All processes killed
========== FILES ==========
C:\WINDOWS\system32\04.scr moved successfully.
C:\WINDOWS\system32\13.scr moved successfully.
C:\WINDOWS\system32\45.scr moved successfully.
D:\PROGRAMAS\utiles\apariencia\themes\Blissta.rar moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrador
->Temp folder emptied: 90020417 bytes
File delete failed. C:\Documents and Settings\Administrador\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 41047278 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 81774872 bytes
->Google Chrome cache emptied: 856432 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 402 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

%systemdrive% .tmp files removed: 0 bytes
C:\WINDOWS\msdownld.tmp folder deleted successfully.
%systemroot% .tmp files removed: 2114656 bytes
%systemroot%\System32 .tmp files removed: 2909 bytes
Windows Temp folder emptied: 664 bytes
RecycleBin emptied: 32017128 bytes

Total Files Cleaned = 236,35 mb


OTM by OldTimer - Version 3.0.0.6 log created on 11042009_154607

Files moved on Reboot...

Registry entries deleted on Reboot...


Panda Scan

;************************************************* ************************************************** ************************************************** ******************************
ANALYSIS: 2009-11-06 02:38:15
PROTECTIONS: 0
MALWARE: 14
SUSPECTS: 6
;************************************************* ************************************************** ************************************************** ******************************
PROTECTIONS
Description Version Active Updated
;================================================= ================================================== ================================================== ==============================
;================================================= ================================================== ================================================== ==============================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;================================================= ================================================== ================================================== ==============================
00055522 Eicar.Mod Virus No 0 No No d:\jdownload\pack de juegos.rar[pes 2009 n5800 by kriker.zip][pes 2009 n5800 by kriker.jar][_]
00157261 Application/FileProtec.A HackTools No 0 No No d:\programas\utiles\apariencia\issopack-4.6-setup.zip[issopack-4.6-setup.exe][wfpdisable.exe]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No c:\documents and settings\administrador\cookies\administrador@ad.yi eldmanager[2].txt
00199231 HackTool/EvID HackTools No 0 Yes No d:\programas\internet\p2p\evid4226patch223d-en.zip[evid4226patch.exe]
00475627 Bck/Bifrose.BHN Virus/Trojan No 1 No No d:\programas\utiles\apariencia\stardock.windowblin ds.v6.20.build.102.enhanced.patched.rar[stardock.windowblinds.v6.20.build.102.enhanced.pat ched\2.patch-embrace\patch-keyfilemaker.exe]
00571380 Trj/PWSteal.EE Virus/Trojan No 0 No No d:\programas\utiles\apariencia\issopack-4.6-setup.zip[issopack-4.6-setup.exe][vsdrv.exe]
02495636 Generic Malware Virus/Trojan No 0 No No d:\programas\audio y video\audio\winamp.v5.551.build.2419.pro.ml-hardal.rar[winamp.v5.551.build.2419.pro.ml-hardal\winamp.v5.551.build.2419.pro.ml-hardal\winamp5551_pro_all.exe]
02652859 Trj/MultiDropper.RJJ Virus/Trojan No 1 Yes Yes d:\programas\internet\speed optimizer 3 serial genuine advantage validation.exe
02951660 Generic Trojan Virus/Trojan No 0 No No d:\programas\utiles\anti-trojan shield 2.1.0.14 + crack.rar[anti-trojan[1].shield.2.1.0.14.cracked-icu.zip][anti-trojan.shield.2.1.0.14.cracked-icu/ats.exe]
02951660 Generic Trojan Virus/Trojan No 0 No No d:\programas\utiles\seguridad\anti-trojan shield 2.1.0.14 + crack.rar[anti-trojan[1].shield.2.1.0.14.cracked-icu.zip][anti-trojan.shield.2.1.0.14.cracked-icu/ats.exe]
03009106 W32/Xor-encoded.A Virus No 0 Yes Yes c:\archivos de programa\eset\infected\hxvsyeda.nqf
03074964 Trj/CI.A Virus/Trojan No 0 No No c:\_otm\movedfiles\11042009_154607\programas\utile s\apariencia\themes\blissta.rar[blissta\logoff\lspatch.zip][lspatch.exe]
03074964 Trj/CI.A Virus/Trojan No 0 No No c:\_otm\movedfiles\11042009_154607\programas\utile s\apariencia\themes\blissta.rar[blissta\transmenu\transmenu.exe]
03074964 Trj/CI.A Virus/Trojan No 0 Yes No d:\programas\utiles\apariencia\themes\blissta\blis sta\logoff\lspatch.zip[lspatch.exe]
03870689 Generic Trojan Virus/Trojan No 0 No No d:\programas\utiles\seguridad\anti-trojan shield 2.1.0.14 + crack.rar[anti-trojan[1].shield.2.1.0.14.cracked-icu.zip][anti-trojan.shield.2.1.0.14.cracked-icu/supervisor.exe]
03870689 Generic Trojan Virus/Trojan No 0 No No d:\programas\utiles\anti-trojan shield 2.1.0.14 + crack.rar[anti-trojan[1].shield.2.1.0.14.cracked-icu.zip][anti-trojan.shield.2.1.0.14.cracked-icu/supervisor.exe]
04490799 Generic Malware Virus/Trojan No 0 Yes Yes d:\programas\celular\celulares\z750\a2uploader\a2u ploader.exe
04980380 Adware/AccesMembre Adware No 0 No No d:\programas\utiles\apariencia\stardock.windowblin ds.v6.20.build.102.enhanced.patched.rar[stardock.windowblinds.v6.20.build.102.enhanced.pat ched\1.keygen\stardock windowblinds v6.x build x - x86 enhanced keygen.exe]
;================================================= ================================================== ================================================== ==============================
SUSPECTS
Sent Location
;================================================= ================================================== ================================================== ==============================
No d:\pico-no borrar\octave-3.2.2_i686-pc-mingw32_gcc-4.3.0_setup.exe[dlltool.exe]
No d:\pico-no borrar\octave-3.2.2_i686-pc-mingw32_gcc-4.3.0_setup.exe[dlltool.exe]
No d:\programas\celular\setool2lite 1.08.rar[setool2lt.exe]
No d:\programas\utiles\apariencia\issopack-4.6-setup.zip[issopack-4.6-setup.exe][sbdrop.dll]
No d:\programas\utiles\apariencia\issopack-4.6-setup.zip[issopack-4.6-setup.exe][sbdrop.dll]
No d:\programas\utiles\apariencia\themes\181093.exe
;================================================= ================================================== ================================================== ==============================
VULNERABILITIES
Id Severity Description
;================================================= ================================================== ================================================== ==============================
214076 HIGH MS09-059
971486 HIGH MS09-058
214074 HIGH MS09-057
214073 HIGH MS09-056
214072 HIGH MS09-055
214071 HIGH MS09-054
213109 HIGH MS09-046
212494 HIGH MS09-042
212493 HIGH MS09-041
212490 HIGH MS09-038
212530 HIGH MS09-034
211784 HIGH MS09-032
211781 HIGH MS09-029
210625 HIGH MS09-026
210624 HIGH MS09-025
210621 HIGH MS09-022
210618 HIGH MS09-019
208380 HIGH MS09-015
208379 HIGH MS09-014
208378 HIGH MS09-013
208377 HIGH MS09-012
206981 HIGH MS09-007
206980 HIGH MS09-006
205735 HIGH MS09-002
204670 HIGH MS09-001
203806 HIGH MS08-078
203508 HIGH MS08-073
203505 HIGH MS08-071
202465 HIGH MS08-068
201683 HIGH MS08-067
201258 HIGH MS08-066
201256 HIGH MS08-064
201255 HIGH MS08-063
201253 HIGH MS08-061
201250 HIGH MS08-058
209275 HIGH MS08-049
209273 HIGH MS08-045
196455 MEDIUM MS08-037
194862 HIGH MS08-032
194861 HIGH MS08-031
194860 HIGH MS08-030
191618 HIGH MS08-025
191617 HIGH MS08-024
191616 HIGH MS08-023
191614 HIGH MS08-021
191613 HIGH MS08-020
187735 HIGH MS08-010
187733 HIGH MS08-008
;================================================= ================================================== ================================================== ==============================

Cuando pego el de Dr Web se tilda, calculo q sera muy pesado xq tiene 14177 pag y pesa 34mb el txt. Si pudiras decirme q parte de el te hace falta asi subo solo eso xq ya intente 2 veces pero se tilda mal y no envia la respuesta. Desde ya gracias.

Hola

Realiza los mismos pasos con OTM pero ahora copia lo siguiente:

Descarga Kaspersky AVP-Tool .

-Ejecuta AVP-Tool como lo indica su manual.

• Realiza un escaneo de todas la áreas
• (Elimina lo que encuentre)

-Pasa por WindowsUpdate para descargar todos los parches disponibles.
-Si ti SO es pirata usa WinUp.

Usa CCleaner

• En su opción de Limpiador para limpiar los archivos temporales, cookies y archivos innecesarios del PC.
• luego en su opción de Registro (haciendo copia de seguridad)

Realiza un nuevo escaneo con Panda y pega todos los reportes.

Saludos.

Hola gracias por contestar actualize con winup y ya tengo los reportes. Sigue todo igual la compu , lo q mas me llama la atencion es q instale 2 veces xp (con 2 desatendidos distintos) con formateo completo del C: antes de consultar en el foro y sigue con lo mismo. Ah se me olvidaba, cuan estaba con el scan del panda se me tildo al 56% y tuve q reiniciar y realizarlo de nuevo. Eh notado q pierdo la conexion de internet al rato de prendida la compu y no se si sera por lo mismo o algo de hardware pero senti la necesidad de comentarlo. Bue aqui los reportes:

OTM

All processes killed
========== FILES ==========
d:\jdownload\PACK DE JUEGOS.rar moved successfully.
d:\programas\utiles\apariencia\issopack-4.6-setup.zip moved successfully.
File/Folder c:\documents and settings\administrador\cookies\administrador@ad.yi eldmanager[2].txt not found.
d:\programas\internet\p2p\EvID4226Patch223d-en.zip moved successfully.
File/Folder d:\programas\utiles\apariencia\stardock.windowblin ds.v6.20.build.102.enhanced.patched.rar not found.
d:\programas\audio y video\audio\Winamp.v5.551.Build.2419.PRO.ML-hardal.rar moved successfully.
File/Folder d:\programas\internet\speed optimizer 3 serial genuine advantage validation.exe not found.
d:\programas\utiles\Anti-Trojan Shield 2.1.0.14 + crack.rar moved successfully.
d:\programas\utiles\seguridad\Anti-Trojan Shield 2.1.0.14 + crack.rar moved successfully.
c:\archivos de programa\eset\infected\HXVSYEDA.NQF moved successfully.
File/Folder d:\programas\utiles\apariencia\themes\blissta\blis sta\logoff\lspatch.zip not found.
File/Folder d:\programas\utiles\seguridad\anti-trojan shield 2.1.0.14 + crack.rar not found.
File/Folder d:\programas\utiles\anti-trojan shield 2.1.0.14 + crack.rar not found.
File/Folder d:\programas\celular\celulares\z750\a2uploader\a2u ploader.exe not found.
File/Folder d:\programas\utiles\apariencia\stardock.windowblin ds.v6.20.build.102.enhanced.patched.rar not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrador
->Temp folder emptied: 175240895 bytes
File delete failed. C:\Documents and Settings\Administrador\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 786480 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 55218294 bytes
->Google Chrome cache emptied: 129405975 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 664 bytes
RecycleBin emptied: 740462699 bytes

Total Files Cleaned = 1050,11 mb


OTM by OldTimer - Version 3.0.0.6 log created on 11092009_220932

Files moved on Reboot...

Registry entries deleted on Reboot...


PANDA SCAN

;************************************************* ************************************************** ************************************************** ******************************
ANALYSIS: 2009-11-10 23:19:26
PROTECTIONS: 0
MALWARE: 8
SUSPECTS: 1
;************************************************* ************************************************** ************************************************** ******************************
PROTECTIONS
Description Version Active Updated
;================================================= ================================================== ================================================== ==============================
;================================================= ================================================== ================================================== ==============================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;================================================= ================================================== ================================================== ==============================
00055522 Eicar.Mod Virus No 0 No No c:\_otm\movedfiles\11092009_220932\jdownload\pack de juegos.rar[pes 2009 n5800 by kriker.zip][pes 2009 n5800 by kriker.jar][_]
00157261 Application/FileProtec.A HackTools No 0 No No c:\_otm\movedfiles\11092009_220932\programas\utile s\apariencia\issopack-4.6-setup.zip[issopack-4.6-setup.exe][wfpdisable.exe]
00475627 Bck/Bifrose.BHN Virus/Trojan No 1 No No d:\programas\utiles\apariencia\stardock.windowblin ds.v6.20.build.102.enhanced.patched.rar[stardock.windowblinds.v6.20.build.102.enhanced.pat ched\2.patch-embrace\patch-keyfilemaker.exe]
00571380 Trj/PWSteal.EE Virus/Trojan No 0 No No c:\_otm\movedfiles\11092009_220932\programas\utile s\apariencia\issopack-4.6-setup.zip[issopack-4.6-setup.exe][vsdrv.exe]
02495636 Generic Malware Virus/Trojan No 0 No No c:\_otm\movedfiles\11092009_220932\programas\audio y video\audio\winamp.v5.551.build.2419.pro.ml-hardal.rar[winamp.v5.551.build.2419.pro.ml-hardal\winamp.v5.551.build.2419.pro.ml-hardal\winamp5551_pro_all.exe]
02951660 Generic Trojan Virus/Trojan No 0 No No c:\_otm\movedfiles\11092009_220932\programas\utile s\seguridad\anti-trojan shield 2.1.0.14 + crack.rar[anti-trojan[1].shield.2.1.0.14.cracked-icu.zip][anti-trojan.shield.2.1.0.14.cracked-icu/ats.exe]
02951660 Generic Trojan Virus/Trojan No 0 No No c:\_otm\movedfiles\11092009_220932\programas\utile s\anti-trojan shield 2.1.0.14 + crack.rar[anti-trojan[1].shield.2.1.0.14.cracked-icu.zip][anti-trojan.shield.2.1.0.14.cracked-icu/ats.exe]
03870689 Generic Trojan Virus/Trojan No 0 No No c:\_otm\movedfiles\11092009_220932\programas\utile s\seguridad\anti-trojan shield 2.1.0.14 + crack.rar[anti-trojan[1].shield.2.1.0.14.cracked-icu.zip][anti-trojan.shield.2.1.0.14.cracked-icu/supervisor.exe]
03870689 Generic Trojan Virus/Trojan No 0 No No c:\_otm\movedfiles\11092009_220932\programas\utile s\anti-trojan shield 2.1.0.14 + crack.rar[anti-trojan[1].shield.2.1.0.14.cracked-icu.zip][anti-trojan.shield.2.1.0.14.cracked-icu/supervisor.exe]
04980380 Adware/AccesMembre Adware No 0 No No d:\programas\utiles\apariencia\stardock.windowblin ds.v6.20.build.102.enhanced.patched.rar[stardock.windowblinds.v6.20.build.102.enhanced.pat ched\1.keygen\stardock windowblinds v6.x build x - x86 enhanced keygen.exe]
;================================================= ================================================== ================================================== ==============================
SUSPECTS
Sent Location
;================================================= ================================================== ================================================== ==============================
No d:\programas\celular\myphoneexplorer_setup_1.6.6.e xe
;================================================= ================================================== ================================================== ==============================
VULNERABILITIES
Id Severity Description
;================================================= ================================================== ================================================== ==============================
214076 HIGH MS09-059
971486 HIGH MS09-058
214074 HIGH MS09-057
214073 HIGH MS09-056
214072 HIGH MS09-055
214071 HIGH MS09-054
213109 HIGH MS09-046
212494 HIGH MS09-042
212493 HIGH MS09-041
212490 HIGH MS09-038
212530 HIGH MS09-034
211784 HIGH MS09-032
211781 HIGH MS09-029
210625 HIGH MS09-026
210624 HIGH MS09-025
210621 HIGH MS09-022
210618 HIGH MS09-019
208380 HIGH MS09-015
208379 HIGH MS09-014
208378 HIGH MS09-013
208377 HIGH MS09-012
205735 HIGH MS09-002
203806 HIGH MS08-078
203508 HIGH MS08-073
201250 HIGH MS08-058
194862 HIGH MS08-032
191616 HIGH MS08-023
191613 HIGH MS08-020
187733 HIGH MS08-008
;================================================= ================================================== ================================================== ==============================

Gracias

Hola me respondo yo mismo para avisar q ya no tengo el problema . Resulta que actualize con windows update despues de la actualizacion realizada con Winup y realize un scan con SuperAntispyware actualizado y detecto una amenaza y la elimino, luego pase Ccleaner reinicie y listo !!! Estoy muy agradecido Plus-rt por ayudarme ...
Bue espero no volver a tener problemas con Win (por lo menos por un tiempo )
De nuevo muchas gracias y

Hola

Me alegra que se haya solucionado.

Damos el tema por Solucionado, si quieres reabrirlo reportalo con el botón dando las razones de la reapertura.

Saludos.