Administrador de tareas. (Solucionado)

**kopu80** · 30/11/10, 20:50:16

hola que tal. tengo el siguiente problema. Me aparece el administrador de tareas incompleto: esta es una captura de pantalla del mismo.
http://k01.kn3.net/80B590036.png

Es probable que tenga un virus o algun bicho metido en mi pc?
Aca les mando el LOG del panda antivirus online y el de malware antivirus.

PANDA:

Código:

;***********************************************************************************************************************************************************************************
ANALYSIS: 2010-11-30 21:52:15
PROTECTIONS: 1
MALWARE: 5
SUSPECTS: 16
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description                                  Version                       Active    Updated
;===================================================================================================================================================================================
Kaspersky Internet Security                                                Yes       Yes
;===================================================================================================================================================================================
MALWARE
Id        Description                        Type                Active    Severity  Disinfectable  Disinfected Location
;===================================================================================================================================================================================
03074964  Trj/CI.A                           Virus/Trojan        No        0         Yes            No           c:\users\mat\documents\downloads\compressed\windows.7.loader.extreme.edition.3.503-napalum\w7lxe.exe
03074964  Trj/CI.A                           Virus/Trojan        No        0         No             No           c:\users\mat\downloads\star wars th2\crackbyupgame.rar[crack\crack\securom.dll]
03074964  Trj/CI.A                           Virus/Trojan        No        0         Yes            No           c:\users\mat\documents\downloads\compressed\activ\activar\w7lxe.exe
03074964  Trj/CI.A                           Virus/Trojan        No        0         No             No           c:\users\mat\documents\downloads\compressed\activ\activar.rar[activar\w7lxe.exe]
03074964  Trj/CI.A                           Virus/Trojan        No        0         Yes            No           c:\users\mat\documents\downloads\compressed\activador777\fotos en familia.zip[win7exv3.503/w7lxe.exe]
03074964  Trj/CI.A                           Virus/Trojan        No        0         Yes            No           c:\users\mat\documents\downloads\compressed\activador777\win7exv3.503\w7lxe.exe
03074964  Trj/CI.A                           Virus/Trojan        No        0         Yes            No           c:\users\mat\documents\downloads\compressed\activadores\loaders\7loader by orbit 30 release 5.exe
03074964  Trj/CI.A                           Virus/Trojan        No        0         No             No           c:\users\mat\documents\downloads\compressed\crack_gow.rar[startup.exe]
03074964  Trj/CI.A                           Virus/Trojan        No        0         Yes            No           c:\users\mat\documents\downloads\compressed\dominicanbook.com_real_hide_ip_dominicanbook.com_2.zip[patch.zip][patch.exe]
03074964  Trj/CI.A                           Virus/Trojan        No        0         No             No           c:\users\mat\documents\downloads\compressed\validar\validarwindows7bydeathvic.rar[removewat.exe]
03074964  Trj/CI.A                           Virus/Trojan        No        0         No             No           c:\users\mat\documents\downloads\compressed\validarwindows7bydeathvic.rar[removewat.exe]
03074964  Trj/CI.A                           Virus/Trojan        No        0         No             No           c:\users\mat\documents\downloads\compressed\windows.7.loader.extreme.edition.3.503- asdf2009.rar[windows.7.loader.extreme.edition.3.503-napalum\w7lxe.exe]
03074964  Trj/CI.A                           Virus/Trojan        No        0         No             No           c:\users\mat\downloads\star wars th2\sw2byupgameesp.part01.rar[crackbyupgame.rar][crack\crack\securom.dll]
03074964  Trj/CI.A                           Virus/Trojan        No        0         Yes            No           c:\users\mat\documents\downloads\compressed\win7acti\w7lxe.exe
03074964  Trj/CI.A                           Virus/Trojan        No        0         No             No           c:\users\mat\documents\downloads\compressed\win7acti\w7lxebydeathvic.rar[w7lxe.exe]
03074964  Trj/CI.A                           Virus/Trojan        No        0         Yes            No           c:\users\mat\downloads\internet download manager 5.18 build 7.zip[internet download manager 5.18 build 7.exe]
03074964  Trj/CI.A                           Virus/Trojan        No        0         No             No           c:\users\mat\downloads\activador\100-legal.rar[activadores windows 7\7loader release 5 [32 bits y 64 bits]\7loader_release_5.exe]
03074964  Trj/CI.A                           Virus/Trojan        No        0         Yes            No           c:\users\mat\downloads\activador\activadores windows 7\7loader release 5 [32 bits y 64 bits]\7loader_release_5.exe
03074964  Trj/CI.A                           Virus/Trojan        No        0         Yes            No           c:\users\mat\downloads\gearof war\2º copiar y reemplazar\binaries\startup.exe
03074964  Trj/CI.A                           Virus/Trojan        No        0         Yes            No           c:\users\mat\downloads\gearof war\solucion_gear_of_wars.zip[2º copiar y reemplazar/binaries/startup.exe]
03074964  Trj/CI.A                           Virus/Trojan        No        0         No             No           c:\users\mat\downloads\idm.rar[idm 5.18 full\patch_snd\patch.exe]
03898902  Generic Malware                    Virus/Trojan        No        0         No             No           c:\users\mat\documents\downloads\compressed\isobster\ib2.5.0.0.rar[isobuster 2.5.0.0\keygen.exe]
04226857  Generic Trojan                     Virus/Trojan        No        0         Yes            No           c:\users\mat\documents\downloads\compressed\auto_power_on.zip[auto power on/autopowershut-keygen.exe]
06007715  Trj/Downloader.MDW                 Virus/Trojan        No        0         No             No           c:\users\mat\downloads\idm.rar[idm 5.18 full\setup.exe.exe]
06433465  Bck/Bifrose.AKL                    Virus/Trojan        No        1         Yes            No           c:\users\mat\documents\fix5\loader_one.cl.exe
;===================================================================================================================================================================================
SUSPECTS
Sent      Location
;===================================================================================================================================================================================
No        c:\programdata\win7codecs\{c68b319d-e153-4557-baeb-0987320636a7}\win7codecs.msi[unk_0063][setupinfo.exe]
No        c:\users\mat\documents\downloads\compressed\100- funcionando.rar[100% funcionando\skidrow\ubiorbitapi_r2.dll]
No        c:\users\mat\documents\downloads\compressed\activadores\loaders\7loader by hazar v1.6.exe
No        c:\users\mat\documents\downloads\compressed\crakc wop\wings.of.prey.fixvitality~ by mig19.rar[wings.of.prey.fixvitality~ by mig19\english\activate.dll]
No        c:\users\mat\documents\downloads\compressed\winamp_pro\patch\winamp pro v5.56 patch.exe
No        c:\users\mat\documents\downloads\compressed\winamp_pro\winamppro.v5.56plusessentials.rar[patch\winamp pro v5.56 patch.exe]
No        c:\users\mat\documents\downloads\compressed\[version_5.2]_mw2_hack_pack_by_ijusthelp_[1.0.184].rar[[version 5.2] mw2 private match hacks by ijusthelp [1.0.184].exe]
No        c:\users\mat\documents\downloads\compressed\[version_5.2]_mw2_hack_pack_by_ijusthelp_[1.0.184].rar[[version 5.2] mw2 statsrank hack by ijusthelp [1.0.184].exe]
No        c:\users\mat\documents\downloads\programs\iw4sp.exe
No        c:\users\mat\downloads\call6\nivel_70\[version 5.2] mw2 private match hacks by ijusthelp [1.0.184].exe
No        c:\users\mat\downloads\call6\nivel_70\[version 5.2] mw2 statsrank hack by ijusthelp [1.0.184].exe
No        c:\users\mat\downloads\call6\nivel_70\[version_5.2]_mw2_hack_pack_by_ijusthelp_[1.0.184].rar[[version 5.2] mw2 private match hacks by ijusthelp [1.0.184].exe]
No        c:\users\mat\downloads\call6\nivel_70\[version_5.2]_mw2_hack_pack_by_ijusthelp_[1.0.184].rar[[version 5.2] mw2 statsrank hack by ijusthelp [1.0.184].exe]
No        c:\users\mat\documents\winds pro\windspro\plugins\splashimage.dll
No        c:\windows\downloaded installations\{2df71002-935b-470d-9a03-b20da3b0595d}\totalmedia theatre 3.msi[unk_0048][_1a06859bd6164e85befe3733c1ede556]
No        c:\windows\installer\12627a8.msi[unk_0048][_1a06859bd6164e85befe3733c1ede556]
;===================================================================================================================================================================================
VULNERABILITIES
Id        Severity       Description
;===================================================================================================================================================================================
;===================================================================================================================================================================================
;***********************************************************************************************************************************************************************************
ANALYSIS: 2010-11-30 21:52:15
PROTECTIONS: 1
MALWARE: 5
SUSPECTS: 16
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description                                  Version                       Active    Updated
;===================================================================================================================================================================================
Kaspersky Internet Security                                                Yes       Yes
;===================================================================================================================================================================================
MALWARE
Id        Description                        Type                Active    Severity  Disinfectable  Disinfected Location
;===================================================================================================================================================================================
03074964  Trj/CI.A                           Virus/Trojan        No        0         Yes            No           c:\users\mat\documents\downloads\compressed\windows.7.loader.extreme.edition.3.503-napalum\w7lxe.exe
03074964  Trj/CI.A                           Virus/Trojan        No        0         No             No           c:\users\mat\downloads\star wars th2\crackbyupgame.rar[crack\crack\securom.dll]
03074964  Trj/CI.A                           Virus/Trojan        No        0         Yes            No           c:\users\mat\documents\downloads\compressed\activ\activar\w7lxe.exe
03074964  Trj/CI.A                           Virus/Trojan        No        0         No             No           c:\users\mat\documents\downloads\compressed\activ\activar.rar[activar\w7lxe.exe]
03074964  Trj/CI.A                           Virus/Trojan        No        0         Yes            No           c:\users\mat\documents\downloads\compressed\activador777\fotos en familia.zip[win7exv3.503/w7lxe.exe]
03074964  Trj/CI.A                           Virus/Trojan        No        0         Yes            No           c:\users\mat\documents\downloads\compressed\activador777\win7exv3.503\w7lxe.exe
03074964  Trj/CI.A                           Virus/Trojan        No        0         Yes            No           c:\users\mat\documents\downloads\compressed\activadores\loaders\7loader by orbit 30 release 5.exe
03074964  Trj/CI.A                           Virus/Trojan        No        0         No             No           c:\users\mat\documents\downloads\compressed\crack_gow.rar[startup.exe]
03074964  Trj/CI.A                           Virus/Trojan        No        0         Yes            No           c:\users\mat\documents\downloads\compressed\dominicanbook.com_real_hide_ip_dominicanbook.com_2.zip[patch.zip][patch.exe]
03074964  Trj/CI.A                           Virus/Trojan        No        0         No             No           c:\users\mat\documents\downloads\compressed\validar\validarwindows7bydeathvic.rar[removewat.exe]
03074964  Trj/CI.A                           Virus/Trojan        No        0         No             No           c:\users\mat\documents\downloads\compressed\validarwindows7bydeathvic.rar[removewat.exe]
03074964  Trj/CI.A                           Virus/Trojan        No        0         No             No           c:\users\mat\documents\downloads\compressed\windows.7.loader.extreme.edition.3.503- asdf2009.rar[windows.7.loader.extreme.edition.3.503-napalum\w7lxe.exe]
03074964  Trj/CI.A                           Virus/Trojan        No        0         No             No           c:\users\mat\downloads\star wars th2\sw2byupgameesp.part01.rar[crackbyupgame.rar][crack\crack\securom.dll]
03074964  Trj/CI.A                           Virus/Trojan        No        0         Yes            No           c:\users\mat\documents\downloads\compressed\win7acti\w7lxe.exe
03074964  Trj/CI.A                           Virus/Trojan        No        0         No             No           c:\users\mat\documents\downloads\compressed\win7acti\w7lxebydeathvic.rar[w7lxe.exe]
03074964  Trj/CI.A                           Virus/Trojan        No        0         Yes            No           c:\users\mat\downloads\internet download manager 5.18 build 7.zip[internet download manager 5.18 build 7.exe]
03074964  Trj/CI.A                           Virus/Trojan        No        0         No             No           c:\users\mat\downloads\activador\100-legal.rar[activadores windows 7\7loader release 5 [32 bits y 64 bits]\7loader_release_5.exe]
03074964  Trj/CI.A                           Virus/Trojan        No        0         Yes            No           c:\users\mat\downloads\activador\activadores windows 7\7loader release 5 [32 bits y 64 bits]\7loader_release_5.exe
03074964  Trj/CI.A                           Virus/Trojan        No        0         Yes            No           c:\users\mat\downloads\gearof war\2º copiar y reemplazar\binaries\startup.exe
03074964  Trj/CI.A                           Virus/Trojan        No        0         Yes            No           c:\users\mat\downloads\gearof war\solucion_gear_of_wars.zip[2º copiar y reemplazar/binaries/startup.exe]
03074964  Trj/CI.A                           Virus/Trojan        No        0         No             No           c:\users\mat\downloads\idm.rar[idm 5.18 full\patch_snd\patch.exe]
03898902  Generic Malware                    Virus/Trojan        No        0         No             No           c:\users\mat\documents\downloads\compressed\isobster\ib2.5.0.0.rar[isobuster 2.5.0.0\keygen.exe]
04226857  Generic Trojan                     Virus/Trojan        No        0         Yes            No           c:\users\mat\documents\downloads\compressed\auto_power_on.zip[auto power on/autopowershut-keygen.exe]
06007715  Trj/Downloader.MDW                 Virus/Trojan        No        0         No             No           c:\users\mat\downloads\idm.rar[idm 5.18 full\setup.exe.exe]
06433465  Bck/Bifrose.AKL                    Virus/Trojan        No        1         Yes            No           c:\users\mat\documents\fix5\loader_one.cl.exe
;===================================================================================================================================================================================
SUSPECTS
Sent      Location
;===================================================================================================================================================================================
No        c:\programdata\win7codecs\{c68b319d-e153-4557-baeb-0987320636a7}\win7codecs.msi[unk_0063][setupinfo.exe]
No        c:\users\mat\documents\downloads\compressed\100- funcionando.rar[100% funcionando\skidrow\ubiorbitapi_r2.dll]
No        c:\users\mat\documents\downloads\compressed\activadores\loaders\7loader by hazar v1.6.exe
No        c:\users\mat\documents\downloads\compressed\crakc wop\wings.of.prey.fixvitality~ by mig19.rar[wings.of.prey.fixvitality~ by mig19\english\activate.dll]
No        c:\users\mat\documents\downloads\compressed\winamp_pro\patch\winamp pro v5.56 patch.exe
No        c:\users\mat\documents\downloads\compressed\winamp_pro\winamppro.v5.56plusessentials.rar[patch\winamp pro v5.56 patch.exe]
No        c:\users\mat\documents\downloads\compressed\[version_5.2]_mw2_hack_pack_by_ijusthelp_[1.0.184].rar[[version 5.2] mw2 private match hacks by ijusthelp [1.0.184].exe]
No        c:\users\mat\documents\downloads\compressed\[version_5.2]_mw2_hack_pack_by_ijusthelp_[1.0.184].rar[[version 5.2] mw2 statsrank hack by ijusthelp [1.0.184].exe]
No        c:\users\mat\documents\downloads\programs\iw4sp.exe
No        c:\users\mat\downloads\call6\nivel_70\[version 5.2] mw2 private match hacks by ijusthelp [1.0.184].exe
No        c:\users\mat\downloads\call6\nivel_70\[version 5.2] mw2 statsrank hack by ijusthelp [1.0.184].exe
No        c:\users\mat\downloads\call6\nivel_70\[version_5.2]_mw2_hack_pack_by_ijusthelp_[1.0.184].rar[[version 5.2] mw2 private match hacks by ijusthelp [1.0.184].exe]
No        c:\users\mat\downloads\call6\nivel_70\[version_5.2]_mw2_hack_pack_by_ijusthelp_[1.0.184].rar[[version 5.2] mw2 statsrank hack by ijusthelp [1.0.184].exe]
No        c:\users\mat\documents\winds pro\windspro\plugins\splashimage.dll
No        c:\windows\downloaded installations\{2df71002-935b-470d-9a03-b20da3b0595d}\totalmedia theatre 3.msi[unk_0048][_1a06859bd6164e85befe3733c1ede556]
No        c:\windows\installer\12627a8.msi[unk_0048][_1a06859bd6164e85befe3733c1ede556]
;===================================================================================================================================================================================
VULNERABILITIES
Id        Severity       Description
;===================================================================================================================================================================================
;===================================================================================================================================================================================

Malwarebytes' Anti-Malware

Código:

Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Versión de la Base de Datos: 5221

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

30/11/2010 10:38:10 p.m.
mbam-log-2010-11-30 (22-38-10).txt

Tipos de Análisis: Análisis Completo (C:\|)
Objetos examinados: 237305
Tiempo transcurrido: 34 minuto(s), 12 segundo(s)

Procesos en Memoria Infectados: 0
Módulos de Memoria Infectados: 0
Claves del Registro Infectadas: 0
Valores del Registro Infectados: 0
Elementos de Datos del Registro Infectados: 0
Carpetas Infectadas: 0
Archivos Infectados: 0

Procesos en Memoria Infectados:
(No se han detectado elementos maliciosos)

Módulos de Memoria Infectados:
(No se han detectado elementos maliciosos)

Claves del Registro Infectadas:
(No se han detectado elementos maliciosos)

Valores del Registro Infectados:
(No se han detectado elementos maliciosos)

Elementos de Datos del Registro Infectados:
(No se han detectado elementos maliciosos)

Carpetas Infectadas:
(No se han detectado elementos maliciosos)

Archivos Infectados:
(No se han detectado elementos maliciosos)

Otra cosa que e notado es que cooler del micro funciona como un ventilador industrial( hace un kilombo del carajo).

Desde ya les agradesco su respuesta. saludos.

**Rodrigo_Jose** · 30/11/10, 21:29:23

Hola

Políticas del foro
Consejos para publicar un mensaje

Bien, antes que nada, vamos a limpiar un poco el log de panda ya que se vé algo sucio:

Descarga el ESET Smart Installer

Ejecutar y marcar, las casillas Eliminar las amenazas detectadas y analizar archivos.
Dar en Configuración adicional, marcar las casillas de Analizar en busca de aplicaciones potencialmente indeseables, Analizar en busca de aplicaciones potencialmente peligrosas y Activar la tecnoligía Anti-Stealth.
Dar en Iniciar para que empiece a descargar la base firmas de virus y posteriormente empiece a analizar tu sistema.
Acabado el scan dar en Finalizar El reporte se puede localizar en C:\Archivos de programa\ESET\ESET Online Scanner\log

Luego, Vas a realizar estos pasos uno a uno. Si no consigues hacer alguno te lo saltas y vas al siguiente. Ante cualquier duda pregunta.

Primer Paso.

Descarga, instala y/ o actualiza estos programas. No los ejecutes aun.

Segundo Paso.

Respetando el Orden Ejecuta (Con todos los navegadores cerrados):

Ccleaner:

Ejecutas Ccleaner
Realizas una limpieza con el en su modo limpiador y en su modo registro (con copia de seguridad)

Glary Utilities:

Ejecutas Glary Utilities
Ejecutar el mantenimiento con un click.

Argente RC:

Ejecutas Argente RC
Vas a Configurar-->Escanear-->Motor de Busquedas--->Profundo.
Luego limpias el registro con èl

A tu vuelta, nos comentas como continua el ordenador, y nos traes el log de ESET Smart.

Un saludo!

**kopu80** · 01/12/10, 01:27:40

Me sigue apareciendo el administrador de tareas incompleto. Aca esta el log del eset smart security.

Código:

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=ef99feb79df98a44afd104fd43525e3a
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2010-12-01 05:26:48
# local_time=2010-12-01 02:26:48 (-0300, Hora estándar de Argentina)
# country="Bolivia"
# lang=3082
# osver=6.1.7600 NT 
# compatibility_mode=512 16777215 100 0 1481738 1481738 0 0
# compatibility_mode=1024 16777215 100 0 0 0 0 0
# compatibility_mode=1280 16777215 100 0 18712123 18712123 0 0
# compatibility_mode=5893 16776573 100 94 0 42715871 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=121536
# found=25
# cleaned=25
# scan_time=10127
C:\ProgramData\Spybot - Search & Destroy\Recovery\DNSFlushcws1.zip	Win32/Bagle.gen.zip gusano (no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena)	00000000000000000000000000000000	C
C:\ProgramData\Spybot - Search & Destroy\Recovery\DNSFlushcws5.zip	Win32/Bagle.gen.zip gusano (no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena)	00000000000000000000000000000000	C
C:\ProgramData\Win7codecs\{C68B319D-E153-4557-BAEB-0987320636A7}\Win7codecs.msi	Win32/Packed.Autoit.C.Gen aplicación (eliminado - puesto en Cuarentena)	00000000000000000000000000000000	C
C:\Users\mat\Documents\Downloads\ColordigitalP1.htm	JS/TrojanClicker.Agent.NAZ Troyano (no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena)	00000000000000000000000000000000	C
C:\Users\mat\Documents\Downloads\Compressed\100- Funcionando.rar	una variante de Win32/Packed.VMProtect.AAA Troyano (eliminado - puesto en Cuarentena)	00000000000000000000000000000000	C
C:\Users\mat\Documents\Downloads\Compressed\DominicanBook.com_real_hide_ip_DominicanBook.com_2.zip	Win32/HackTool.Patcher.A aplicación (eliminado - puesto en Cuarentena)	00000000000000000000000000000000	C
C:\Users\mat\Documents\Downloads\Compressed\Windows.7.Loader.eXtreme.Edition.3.503- ASDF2009.rar	una variante de Win32/HackKMS.A aplicación (eliminado - puesto en Cuarentena)	00000000000000000000000000000000	C
C:\Users\mat\Documents\Downloads\Compressed\[Version 5.1] MW2 Stats&Rank Hack by iJustHelp [1.0.182].rar	Win32/HackTool.CheatEngine.AB aplicación (eliminado - puesto en Cuarentena)	00000000000000000000000000000000	C
C:\Users\mat\Documents\Downloads\Compressed\[Version_5.2]_MW2_Hack_Pack_by_iJustHelp_[1.0.184].rar	una variante de Win32/HackTool.CheatEngine.AB aplicación (eliminado - puesto en Cuarentena)	00000000000000000000000000000000	C
C:\Users\mat\Documents\Downloads\Compressed\activ\Activar.rar	una variante de Win32/HackKMS.A aplicación (eliminado - puesto en Cuarentena)	00000000000000000000000000000000	C
C:\Users\mat\Documents\Downloads\Compressed\activ\Activar\w7lxe.exe	una variante de Win32/HackKMS.A aplicación (no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena)	00000000000000000000000000000000	C
C:\Users\mat\Documents\Downloads\Compressed\activador777\Fotos en familia.zip	una variante de Win32/HackKMS.A aplicación (eliminado - puesto en Cuarentena)	00000000000000000000000000000000	C
C:\Users\mat\Documents\Downloads\Compressed\activador777\Win7eXv3.503\w7lxe.exe	una variante de Win32/HackKMS.A aplicación (no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena)	00000000000000000000000000000000	C
C:\Users\mat\Documents\Downloads\Compressed\tyotal media\TotalMedia Theatre 3 SimHD + Sim3D.rar	una variante de Win32/Injector.CDU Troyano (eliminado - puesto en Cuarentena)	00000000000000000000000000000000	C
C:\Users\mat\Documents\Downloads\Compressed\win7acti\w7lxe.exe	una variante de Win32/HackKMS.A aplicación (no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena)	00000000000000000000000000000000	C
C:\Users\mat\Documents\Downloads\Compressed\win7acti\w7lxebydeathvic.rar	una variante de Win32/HackKMS.A aplicación (eliminado - puesto en Cuarentena)	00000000000000000000000000000000	C
C:\Users\mat\Documents\Downloads\Compressed\Windows.7.Loader.eXtreme.Edition.3.503-Napalum\w7lxe.exe	una variante de Win32/HackKMS.A aplicación (no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena)	00000000000000000000000000000000	C
C:\Users\mat\Documents\Downloads\Programs\HSS-1.37-install-anchorfree-218-ask2.exe	una variante de Win32/HotSpotShield aplicación (eliminado - puesto en Cuarentena)	00000000000000000000000000000000	C
C:\Users\mat\Downloads\IDM.rar	múltiples amenazas (eliminado - puesto en Cuarentena)	00000000000000000000000000000000	C
C:\Users\mat\Downloads\call of duty 5\cd5\CoD rank hack.zip	Win32/HackTool.CheatEngine.AB aplicación (eliminado - puesto en Cuarentena)	00000000000000000000000000000000	C
C:\Users\mat\Downloads\call of duty 5\cd5\CoD rank hack\Call of Duty - World at War V 1.6 RANK HAX.exe	Win32/HackTool.CheatEngine.AB aplicación (no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena)	00000000000000000000000000000000	C
C:\Users\mat\Downloads\call6\nivel_70\[Version 5.1] MW2 Stats&Rank Hack by iJustHelp [1.0.182].exe	Win32/HackTool.CheatEngine.AB aplicación (no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena)	00000000000000000000000000000000	C
C:\Users\mat\Downloads\call6\nivel_70\[Version 5.2] MW2 Private Match Hacks by iJustHelp [1.0.184].exe	una variante de Win32/HackTool.CheatEngine.AB aplicación (no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena)	00000000000000000000000000000000	C
C:\Users\mat\Downloads\call6\nivel_70\[Version 5.2] MW2 StatsRank Hack by iJustHelp [1.0.184].exe	una variante de Win32/HackTool.CheatEngine.AB aplicación (no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena)	00000000000000000000000000000000	C
C:\Users\mat\Downloads\call6\nivel_70\[Version_5.2]_MW2_Hack_Pack_by_iJustHelp_[1.0.184].rar	una variante de Win32/HackTool.CheatEngine.AB aplicación (eliminado - puesto en Cuarentena)	00000000000000000000000000000000	C

Aunque e limpiado como 15mil errores

del registro, me sigue apareciendo ese error http://k01.kn3.net/80B590036.png. Disculpa que insista. Desde ya agradesco que me allas respondido.

**SanMar** · 01/12/10, 03:00:33

Hola chicos y permiso:

Sobre el error del Administrador de Tareas:

Dale doble clic en el reborde blanco del mismo y debería volver a la normalidad.

En cuanto a la desinfección de tu equipo, continua con Rodrigo_Jose

Salu2.

**kopu80** · 01/12/10, 04:44:26

jeje era eso nomas. Gracias san mar.

Pero me gustaria segir con la desinfecion. hay postee el log de eset. M e podrias de cir como continuar? gracias.

**Rodrigo_Jose** · 01/12/10, 10:05:48

Hola!

Bien, ahora està todo un poco mas limpio

Debo igualmente notificarte que como infecciones se ven solo Crack y Keygen's, asi que no es de alta peligrosidad

Ahora, dirigete a C:\Program Files\ESET\ESET Online Scanner\Quarantine y suprime el contenido de la carpeta. Atencion: No la carpeta, sino su contenido..
Asi estariamos borrando la cuarentena de ESET Smart

Terminado lo anterior, creo yo que ya quedaria resuelta la desinfeccion

, pero por si las dudas vamos con un analisis mas de Panda, para corroborar que no queden mas archivos:

Realiza un escaneo online con Panda ActiveScan, revisando antes su Manual. Realizas un escaneo y al terminar, guardas su reporte.

Esperamos ese log entonces...

Saludos!

**kopu80** · 01/12/10, 16:00:42

Aca esta el nuevo log de panda:

Código:

;***********************************************************************************************************************************************************************************
ANALYSIS: 2010-12-01 17:48:13
PROTECTIONS: 1
MALWARE: 4
SUSPECTS: 7
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description                                  Version                       Active    Updated
;===================================================================================================================================================================================
Kaspersky Internet Security                                                Yes       Yes
;===================================================================================================================================================================================
MALWARE
Id        Description                        Type                Active    Severity  Disinfectable  Disinfected Location
;===================================================================================================================================================================================
03074964  Trj/CI.A                           Virus/Trojan        No        0         No             No           c:\users\mat\downloads\star wars th2\sw2byupgameesp.part01.rar[crackbyupgame.rar][crack\crack\securom.dll]
03074964  Trj/CI.A                           Virus/Trojan        No        0         Yes            No           c:\users\mat\downloads\gearof war\solucion_gear_of_wars.zip[2º copiar y reemplazar/binaries/startup.exe]
03074964  Trj/CI.A                           Virus/Trojan        No        0         Yes            No           c:\users\mat\documents\downloads\compressed\activadores\loaders\7loader by orbit 30 release 5.exe
03074964  Trj/CI.A                           Virus/Trojan        No        0         No             No           c:\users\mat\documents\downloads\compressed\crack_gow.rar[startup.exe]
03074964  Trj/CI.A                           Virus/Trojan        No        0         No             No           c:\users\mat\documents\downloads\compressed\validar\validarwindows7bydeathvic.rar[removewat.exe]
03074964  Trj/CI.A                           Virus/Trojan        No        0         No             No           c:\users\mat\documents\downloads\compressed\validarwindows7bydeathvic.rar[removewat.exe]
03074964  Trj/CI.A                           Virus/Trojan        No        0         No             No           c:\users\mat\downloads\star wars th2\crackbyupgame.rar[crack\crack\securom.dll]
03074964  Trj/CI.A                           Virus/Trojan        No        0         No             No           c:\users\mat\downloads\activador\100-legal.rar[activadores windows 7\7loader release 5 [32 bits y 64 bits]\7loader_release_5.exe]
03074964  Trj/CI.A                           Virus/Trojan        No        0         Yes            No           c:\users\mat\downloads\activador\activadores windows 7\7loader release 5 [32 bits y 64 bits]\7loader_release_5.exe
03074964  Trj/CI.A                           Virus/Trojan        No        0         Yes            No           c:\users\mat\downloads\gearof war\2º copiar y reemplazar\binaries\startup.exe
03898902  Generic Malware                    Virus/Trojan        No        0         No             No           c:\users\mat\documents\downloads\compressed\isobster\ib2.5.0.0.rar[isobuster 2.5.0.0\keygen.exe]
04226857  Generic Trojan                     Virus/Trojan        No        0         Yes            No           c:\users\mat\documents\downloads\compressed\auto_power_on.zip[auto power on/autopowershut-keygen.exe]
06433465  Bck/Bifrose.AKL                    Virus/Trojan        No        1         Yes            No           c:\users\mat\documents\fix5\loader_one.cl.exe
;===================================================================================================================================================================================
SUSPECTS
Sent      Location
;===================================================================================================================================================================================
Yes       c:\users\mat\documents\downloads\compressed\activadores\loaders\7loader by hazar v1.6.exe
Yes       c:\users\mat\documents\downloads\compressed\crakc wop\wings.of.prey.fixvitality~ by mig19.rar[wings.of.prey.fixvitality~ by mig19\english\activate.dll]
Yes       c:\users\mat\documents\downloads\compressed\winamp_pro\patch\winamp pro v5.56 patch.exe
Yes       c:\users\mat\documents\downloads\compressed\winamp_pro\winamppro.v5.56plusessentials.rar[patch\winamp pro v5.56 patch.exe]
Yes       c:\users\mat\documents\winds pro\windspro\plugins\splashimage.dll
Yes       c:\windows\downloaded installations\{2df71002-935b-470d-9a03-b20da3b0595d}\totalmedia theatre 3.msi[unk_0048][_1a06859bd6164e85befe3733c1ede556]
Yes       c:\windows\installer\12627a8.msi[unk_0048][_1a06859bd6164e85befe3733c1ede556]
;===================================================================================================================================================================================
VULNERABILITIES
Id        Severity       Description
;===================================================================================================================================================================================
;===================================================================================================================================================================================

**Rodrigo_Jose** · 01/12/10, 16:19:21

Hola!

· Descarga OTM
· Ejecuta OTM.exe
· Copiar el texto que se encuentra dentro del recuadrado de abajo, y pegar el texto en el marco izquierdo de OTM llamado "Paste instruccions for items to be moved ".

Código:

:processes
explorer.exe

:files
c:\users\mat\downloads\star wars th2\sw2byupgameesp.part01.rar
c:\users\mat\downloads\gearof war\solucion_gear_of_wars.zip
c:\users\mat\documents\downloads\compressed\activadores\loaders\7loader by orbit 30 release 5.exe
c:\users\mat\documents\downloads\compressed\crack_gow.rar
c:\users\mat\documents\downloads\compressed\validar\validarwindows7bydeathvic.rar
c:\users\mat\documents\downloads\compressed\validarwindows7bydeathvic.rar
c:\users\mat\downloads\star wars th2\crackbyupgame.rar
c:\users\mat\downloads\activador\100-legal.rar
c:\users\mat\downloads\activador\activadores windows 7\7loader release 5 [32 bits y 64 bits]\7loader_release_5.exe
c:\users\mat\downloads\gearof war\2º copiar y reemplazar\binaries\startup.exe
c:\users\mat\documents\downloads\compressed\isobster\ib2.5.0.0.rar
c:\users\mat\documents\downloads\compressed\auto_power_on.zip
c:\users\mat\documents\fix5\loader_one.cl.exe
c:\users\mat\documents\downloads\compressed\activadores\loaders\7loader by hazar v1.6.exe
c:\users\mat\documents\downloads\compressed\crakc wop\wings.of.prey.fixvitality~ by mig19.rar
c:\users\mat\documents\downloads\compressed\winamp_pro\patch\winamp pro v5.56 patch.exe
c:\users\mat\documents\downloads\compressed\winamp_pro\winamppro.v5.56plusessentials.rar
c:\users\mat\documents\winds pro\windspro\plugins\splashimage.dll
c:\windows\downloaded installations\{2df71002-935b-470d-9a03-b20da3b0595d}\totalmedia theatre 3.msi
c:\windows\installer\12627a8.msi

:commands
[emptytemp]
[startexplorer]
[reboot]

· Hacer clic en MoveIt! para lanzar la supresión.
· Simultáneamente se abrirá un aviso preguntando si deseas reiniciar el PC. Dale a YES.
· Los resultados aparecen despues del reinicio en C: \ _ OTM\MovedFiles\***_***.log (Donde sale "***_***" es la fecha y hora). Ese nos lo pegas.

Saludos!

**kopu80** · 01/12/10, 20:03:58

Aca esta el log de moveIT:

Código:

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
c:\users\mat\downloads\star wars th2\Sw2ByUpGameEsp.part01.rar moved successfully.
c:\users\mat\downloads\gearof war\Solucion_Gear_of_wars.zip moved successfully.
File/Folder c:\users\mat\documents\downloads\compressed\activadores\loaders\7loader by orbit 30 release 5.exe not found.
File/Folder c:\users\mat\documents\downloads\compressed\crack_gow.rar not found.
File/Folder c:\users\mat\documents\downloads\compressed\validar\validarwindows7bydeathvic.rar not found.
File/Folder c:\users\mat\documents\downloads\compressed\validarwindows7bydeathvic.rar not found.
c:\users\mat\downloads\star wars th2\CrackByUpGame.rar moved successfully.
c:\users\mat\downloads\activador\100-Legal.rar moved successfully.
c:\users\mat\downloads\activador\activadores windows 7\7loader release 5 [32 bits y 64 bits]\7Loader_Release_5.exe moved successfully.
c:\users\mat\downloads\gearof war\2º copiar y reemplazar\binaries\Startup.exe moved successfully.
c:\users\mat\documents\downloads\compressed\isobster\IB2.5.0.0.rar moved successfully.
c:\users\mat\documents\downloads\compressed\Auto_Power_On.zip moved successfully.
c:\users\mat\documents\fix5\Loader_one.cl.exe moved successfully.
File/Folder c:\users\mat\documents\downloads\compressed\activadores\loaders\7loader by hazar v1.6.exe not found.
c:\users\mat\documents\downloads\compressed\crakc wop\Wings.of.Prey.FixViTALiTY~ By Mig19.rar moved successfully.
File/Folder c:\users\mat\documents\downloads\compressed\winamp_pro\patch\winamp pro v5.56 patch.exe not found.
File/Folder c:\users\mat\documents\downloads\compressed\winamp_pro\winamppro.v5.56plusessentials.rar not found.
DllUnregisterServer procedure not found in c:\users\mat\documents\winds pro\windspro\plugins\SplashImage.dll
c:\users\mat\documents\winds pro\windspro\plugins\SplashImage.dll moved successfully.
c:\windows\downloaded installations\{2df71002-935b-470d-9a03-b20da3b0595d}\TotalMedia Theatre 3.msi moved successfully.
c:\windows\installer\12627a8.msi moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: mat
->Temp folder emptied: 74839078 bytes
->Temporary Internet Files folder emptied: 339282 bytes
->Java cache emptied: 24281386 bytes
->FireFox cache emptied: 81374072 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 1299 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 958464 bytes
%systemroot%\System32 .tmp files removed: 2416200 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 66016 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 176,00 mb

**kopu80** · 02/12/10, 11:04:04

Y ahora que hago?

Administrador de tareas. (Solucionado)

Herramientas

Administrador de tareas. (Solucionado)

Re: administrador de tareas

Re: administrador de tareas

Re: administrador de tareas

Re: administrador de tareas

Re: administrador de tareas

Re: administrador de tareas

Re: administrador de tareas

Re: administrador de tareas

Re: administrador de tareas