virus troj_generic. archivo system32\oins.exe (CERRADO)

esterilla · Mensaje por **esterilla** » 05 Ene 2007, 12:14

NO ME HAS ENTENDIDO, PORQUE HAS CERRADO EL TEMA??

SI NO HE HECHO NADA TODAVIA.... SOLO TE PREGUNTABA

DONDE TE MANDO EL INFOSAT.TXT ... PARA QUE VEAS LOS

ARCHIVOS INFECTADOS, QUE NO HE BORRADO TODAVIA...

VALE? TE LO ENVIO Y

Mon Jul 17 17:28:34 2006

EliStartPage v12.10 (c)2006 S.G.H. / Satinfo S.L.

--------------------------------------------------

Lista de Acciones (por Exploración):

C:\Archivos de programa\OutLaster\UN-SHHOST.EXE --> AutoExtraible

C:\WINDOWS\TEMP\nsc9131.TMP\WEBHANCER.EXE --> AutoExtraible

C:\WINDOWS\TEMP\nsu80F2.TMP\WEBHANCER.EXE --> AutoExtraible

C:\unzipped\XviD.CVS.[www.CanalXviD.com]\XVID.1.1.CVS.EXE --> AutoExtraible

C:\Documents and Settings\Pc\Mis documentos\UNLOCKER1.8.1.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP1\A0002211.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP1\A0002217.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP2\A0002313.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP2\A0002598.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP2\A0002677.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP5\A0018276.EXE --> AutoExtraible

Mon Jul 31 08:54:50 2006

EliStartPage v12.10 (c)2006 S.G.H. / Satinfo S.L.

--------------------------------------------------

Lista de Acciones (por Exploración):

C:\Archivos de programa\OutLaster\UN-SHHOST.EXE --> AutoExtraible

C:\WINDOWS\TEMP\nsc9131.TMP\WEBHANCER.EXE --> AutoExtraible

C:\WINDOWS\TEMP\nsu80F2.TMP\WEBHANCER.EXE --> AutoExtraible

C:\unzipped\XviD.CVS.[www.CanalXviD.com]\XVID.1.1.CVS.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP1\A0002211.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP1\A0002217.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP2\A0002313.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP2\A0002598.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP2\A0002677.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP5\A0018276.EXE --> AutoExtraible

Fri Sep 01 12:44:31 2006

EliStartPage v12.10 (c)2006 S.G.H. / Satinfo S.L.

--------------------------------------------------

Lista de Acciones (por Exploración):

C:\Archivos de programa\OutLaster\UN-SHHOST.EXE --> AutoExtraible

C:\WINDOWS\TEMP\nsc9131.TMP\WEBHANCER.EXE --> AutoExtraible

C:\WINDOWS\TEMP\nsu80F2.TMP\WEBHANCER.EXE --> AutoExtraible

C:\unzipped\XviD.CVS.[www.CanalXviD.com]\XVID.1.1.CVS.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP1\A0002211.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP1\A0002217.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP2\A0002313.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP2\A0002598.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP2\A0002677.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP5\A0018276.EXE --> AutoExtraible

Mon Sep 04 18:53:19 2006

EliStartPage v12.10 (c)2006 S.G.H. / Satinfo S.L.

--------------------------------------------------

Lista de Acciones (por Acción Directa):

Eliminados Ficheros Temporales del IE

Mon Sep 04 18:54:54 2006

EliStartPage v12.10 (c)2006 S.G.H. / Satinfo S.L.

--------------------------------------------------

Lista de Acciones (por Exploración):

C:\Archivos de programa\OutLaster\UN-SHHOST.EXE --> AutoExtraible

C:\WINDOWS\TEMP\nsc9131.TMP\WEBHANCER.EXE --> AutoExtraible

C:\WINDOWS\TEMP\nsu80F2.TMP\WEBHANCER.EXE --> AutoExtraible

C:\unzipped\XviD.CVS.[www.CanalXviD.com]\XVID.1.1.CVS.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP1\A0002211.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP1\A0002217.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP2\A0002313.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP2\A0002598.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP2\A0002677.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP5\A0018276.EXE --> AutoExtraible

Mon Sep 04 19:04:32 2006

EliStartPage v12.10 (c)2006 S.G.H. / Satinfo S.L.

--------------------------------------------------

Lista de Acciones (por Exploración):

C:\Archivos de programa\OutLaster\UN-SHHOST.EXE --> AutoExtraible

C:\WINDOWS\TEMP\nsc9131.TMP\WEBHANCER.EXE --> AutoExtraible

C:\WINDOWS\TEMP\nsu80F2.TMP\WEBHANCER.EXE --> AutoExtraible

C:\unzipped\XviD.CVS.[www.CanalXviD.com]\XVID.1.1.CVS.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP1\A0002211.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP1\A0002217.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP2\A0002313.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP2\A0002598.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP2\A0002677.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP5\A0018276.EXE --> AutoExtraible

Tue Sep 05 08:48:16 2006

EliStartPage v12.10 (c)2006 S.G.H. / Satinfo S.L.

--------------------------------------------------

Lista de Acciones (por Acción Directa):

Eliminados Ficheros Temporales del IE

Tue Sep 05 08:49:48 2006

EliStartPage v12.10 (c)2006 S.G.H. / Satinfo S.L.

--------------------------------------------------

Lista de Acciones (por Exploración):

C:\Archivos de programa\OutLaster\UN-SHHOST.EXE --> AutoExtraible

C:\WINDOWS\TEMP\nsc9131.TMP\WEBHANCER.EXE --> AutoExtraible

C:\WINDOWS\TEMP\nsu80F2.TMP\WEBHANCER.EXE --> AutoExtraible

C:\unzipped\XviD.CVS.[www.CanalXviD.com]\XVID.1.1.CVS.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP1\A0002211.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP1\A0002217.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP2\A0002313.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP2\A0002598.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP2\A0002677.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP5\A0018276.EXE --> AutoExtraible

Tue Sep 05 09:11:14 2006

EliStartPage v12.27 (c)2006 S.G.H. / Satinfo S.L.

--------------------------------------------------

Lista de Acciones (por Acción Directa):

Eliminados Ficheros Temporales del IE

Tue Sep 05 09:12:14 2006

EliStartPage v12.27 (c)2006 S.G.H. / Satinfo S.L.

--------------------------------------------------

Lista de Acciones (por Exploración):

C:\Archivos de programa\OutLaster\UN-SHHOST.EXE --> AutoExtraible

C:\WINDOWS\TEMP\nsc9131.TMP\WEBHANCER.EXE --> AutoExtraible

C:\WINDOWS\TEMP\nsu80F2.TMP\WEBHANCER.EXE --> AutoExtraible

C:\unzipped\XviD.CVS.[www.CanalXviD.com]\XVID.1.1.CVS.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP1\A0002211.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP1\A0002217.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP2\A0002313.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP2\A0002598.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP2\A0002677.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP4\A0012115.DLL --> Eliminado, ZangoSA (BHO)

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP5\A0018276.EXE --> AutoExtraible

Wed Sep 06 10:58:24 2006

EliStartPage v12.28 (c)2006 S.G.H. / Satinfo S.L.

--------------------------------------------------

Lista de Acciones (por Exploración):

C:\Archivos de programa\OutLaster\UN-SHHOST.EXE --> AutoExtraible

C:\Archivos de programa\Yahoo!\Companion\Installs\cpn0\PUBMOD.DLL --> Eliminado, Puper (BHO)

C:\WINDOWS\TEMP\nsc9131.TMP\WEBHANCER.EXE --> AutoExtraible

C:\WINDOWS\TEMP\nsu80F2.TMP\WEBHANCER.EXE --> AutoExtraible

C:\unzipped\XviD.CVS.[www.CanalXviD.com]\XVID.1.1.CVS.EXE --> AutoExtraible

C:\Documents and Settings\Pc\Mis documentos\LIMEWIREWIN.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP1\A0002211.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP1\A0002217.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP2\A0002313.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP2\A0002598.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP2\A0002677.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP5\A0018276.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP24\A0024299.DLL --> Eliminado, Puper (BHO)

Thu Sep 07 08:11:30 2006

EliStartPage v12.29 (c)2006 S.G.H. / Satinfo S.L.

--------------------------------------------------

Lista de Acciones (por Acción Directa):

Eliminados Ficheros Temporales del IE

Thu Sep 07 08:13:35 2006

EliStartPage v12.29 (c)2006 S.G.H. / Satinfo S.L.

--------------------------------------------------

Lista de Acciones (por Exploración):

C:\Archivos de programa\OutLaster\UN-SHHOST.EXE --> AutoExtraible

C:\WINDOWS\TEMP\WIN2C.TMP.EXE --> Eliminado, DownLoader.AUX

C:\WINDOWS\TEMP\WINDD.TMP.EXE --> Eliminado, DownLoader.AUX

C:\WINDOWS\TEMP\WIN32B.TMP.EXE --> Eliminado, DownLoader.AUX

C:\WINDOWS\TEMP\WIN4DE.TMP.EXE --> Eliminado, DownLoader.AUX

C:\WINDOWS\TEMP\nsc9131.TMP\WEBHANCER.EXE --> AutoExtraible

C:\WINDOWS\TEMP\nsu80F2.TMP\WEBHANCER.EXE --> AutoExtraible

C:\RECYCLED\Dc489\WIN2C.TMP.EXE --> Eliminado, DownLoader.AUX

C:\RECYCLED\Dc489\WIN4DE.TMP.EXE --> Eliminado, DownLoader.AUX

C:\RECYCLED\Dc489\WIN32B.TMP.EXE --> Eliminado, DownLoader.AUX

C:\RECYCLED\Dc489\WINDD.TMP.EXE --> Eliminado, DownLoader.AUX

C:\unzipped\XviD.CVS.[www.CanalXviD.com]\XVID.1.1.CVS.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP1\A0002211.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP1\A0002217.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP2\A0002313.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP2\A0002598.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP2\A0002677.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP5\A0018276.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP26\A0024409.EXE --> Eliminado, DownLoader.AUX

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP26\A0024410.EXE --> Eliminado, DownLoader.AUX

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP26\A0024411.EXE --> Eliminado, DownLoader.AUX

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP26\A0024412.EXE --> Eliminado, DownLoader.AUX

Mon Sep 25 11:27:29 2006

EliStartPage v12.40 (c)2006 S.G.H. / Satinfo S.L.

--------------------------------------------------

Lista de Acciones (por Acción Directa):

Eliminados Ficheros Temporales del IE

Mon Sep 25 11:27:32 2006

EliStartPage v12.40 (c)2006 S.G.H. / Satinfo S.L.

--------------------------------------------------

Lista de Acciones (por Exploración):

C:\UCMOREIEX_.EXE --> Eliminado, UCMore (install)

C:\Archivos de programa\Trend PC-cillin 7.5\PACOMAN-BIN-SRC.EXE --> Eliminado, Guiños(msn)

C:\Archivos de programa\OutLaster\UN-SHHOST.EXE --> AutoExtraible

C:\Archivos de programa\Yahoo!\Companion\Modules\pubmod\v1\PUBMOD.DLL --> Eliminado, Puper (BHO)

C:\Archivos de programa\Total Video Converter\OPTIMIZEGIF.DLL --> Eliminado, KeyLogger.FL

C:\WINDOWS\TEMP\nsc9131.TMP\WEBHANCER.EXE --> AutoExtraible

C:\WINDOWS\TEMP\nsu80F2.TMP\WEBHANCER.EXE --> AutoExtraible

C:\unzipped\mecawin\MECAWIN.EXE --> Eliminado, Guiños(msn)

C:\unzipped\mecanografiax\MECANOGRAFIAX INSTALADOR.EXE --> Eliminado, Guiños(msn)

C:\unzipped\XviD.CVS.[www.CanalXviD.com]\XVID.1.1.CVS.EXE --> AutoExtraible

C:\unzipped\WinAVIVideoConverter\TRADUCTOR_WINAVI_VIDEOCONVERTER_6.3.EXE --> Eliminado, Guiños(msn)

C:\Documents and Settings\Pc\Mis documentos\HACHA 3 PRO.EXE --> Eliminado, Guiños(msn)

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP5\A0018276.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP30\A0028770.EXE --> Eliminado, UCMore (install)

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP30\A0028771.EXE --> Eliminado, Guiños(msn)

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP30\A0028772.DLL --> Eliminado, Puper (BHO)

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP30\A0028773.DLL --> Eliminado, KeyLogger.FL

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP30\A0028774.EXE --> Eliminado, Guiños(msn)

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP30\A0028775.EXE --> Eliminado, Guiños(msn)

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP30\A0028776.EXE --> Eliminado, Guiños(msn)

Wed Sep 27 18:24:41 2006

EliStartPage v12.40 (c)2006 S.G.H. / Satinfo S.L.

--------------------------------------------------

Lista de Acciones (por Exploración):

C:\Archivos de programa\OutLaster\UN-SHHOST.EXE --> AutoExtraible

C:\WINDOWS\TEMP\nsc9131.TMP\WEBHANCER.EXE --> AutoExtraible

C:\WINDOWS\TEMP\nsu80F2.TMP\WEBHANCER.EXE --> AutoExtraible

C:\unzipped\XviD.CVS.[www.CanalXviD.com]\XVID.1.1.CVS.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP5\A0018276.EXE --> AutoExtraible

Wed Oct 04 08:51:24 2006

EliStartPage v12.46 (c)2006 S.G.H. / Satinfo S.L.

--------------------------------------------------

Lista de Acciones (por Acción Directa):

Eliminados Ficheros Temporales del IE

Wed Oct 04 08:52:37 2006

EliStartPage v12.46 (c)2006 S.G.H. / Satinfo S.L.

--------------------------------------------------

Lista de Acciones (por Exploración):

C:\Archivos de programa\OutLaster\UN-SHHOST.EXE --> AutoExtraible

C:\WINDOWS\TEMP\nsc9131.TMP\WEBHANCER.EXE --> AutoExtraible

C:\WINDOWS\TEMP\nsu80F2.TMP\WEBHANCER.EXE --> AutoExtraible

C:\unzipped\XviD.CVS.[www.CanalXviD.com]\XVID.1.1.CVS.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP5\A0018276.EXE --> AutoExtraible

Mon Oct 09 09:18:01 2006

EliStartPage v12.46 (c)2006 S.G.H. / Satinfo S.L.

--------------------------------------------------

Lista de Acciones (por Exploración):

C:\Archivos de programa\OutLaster\UN-SHHOST.EXE --> AutoExtraible

C:\WINDOWS\TEMP\nsc9131.TMP\WEBHANCER.EXE --> AutoExtraible

C:\WINDOWS\TEMP\nsu80F2.TMP\WEBHANCER.EXE --> AutoExtraible

C:\unzipped\XviD.CVS.[www.CanalXviD.com]\XVID.1.1.CVS.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP5\A0018276.EXE --> AutoExtraible

Wed Oct 18 18:17:30 2006

EliStartPage v12.53 (c)2006 S.G.H. / Satinfo S.L.

--------------------------------------------------

Lista de Acciones (por Exploración):

C:\Archivos de programa\OutLaster\UN-SHHOST.EXE --> AutoExtraible

C:\WINDOWS\TEMP\nsc9131.TMP\WEBHANCER.EXE --> AutoExtraible

C:\WINDOWS\TEMP\nsu80F2.TMP\WEBHANCER.EXE --> AutoExtraible

C:\unzipped\XviD.CVS.[www.CanalXviD.com]\XVID.1.1.CVS.EXE --> AutoExtraible

Tue Nov 14 10:24:03 2006

EliStartPage v12.70 (c)2006 S.G.H. / Satinfo S.L.

--------------------------------------------------

Lista de Acciones (por Acción Directa):

Eliminados Ficheros Temporales del IE

Tue Nov 14 10:26:19 2006

EliStartPage v12.70 (c)2006 S.G.H. / Satinfo S.L.

--------------------------------------------------

Lista de Acciones (por Exploración):

C:\Archivos de programa\OutLaster\UN-SHHOST.EXE --> AutoExtraible

C:\WINDOWS\SYSTEM32\MSAGENTXP.EXE --> Eliminado, DownLoader.Vixup

C:\WINDOWS\TEMP\nsc9131.TMP\WEBHANCER.EXE --> AutoExtraible

C:\WINDOWS\TEMP\nsu80F2.TMP\WEBHANCER.EXE --> AutoExtraible

C:\unzipped\XviD.CVS.[www.CanalXviD.com]\XVID.1.1.CVS.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP46\A0042542.DLL --> Eliminado, NavHelper (BHO)

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP47\A0043599.DLL --> Eliminado, NavHelper (BHO)

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP49\A0044656.DLL --> Eliminado, NavHelper (BHO)

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP51\A0047310.DLL --> Eliminado, NavHelper (BHO)

Fri Dec 22 13:06:40 2006

EliStartPage v12.95 (c)2006 S.G.H. / Satinfo S.L.

--------------------------------------------------

Lista de Acciones (por Acción Directa):

Linea Eliminada del HOSTS --> 127.0.0.1 bin.errorprotector.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 br.errorsafe.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 br.winantivirus.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 br.winfixer.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 de.errorsafe.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 de.winantivirus.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 download.cdn.winsoftware.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 download.errorsafe.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 download.systemdoctor.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 download.winantispyware.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 download.windrivecleaner.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 download.winfixer.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 drivecleaner.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 dynamique.drivecleaner.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 errorprotector.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 errorsafe.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 es.winantivirus.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 fr.winantivirus.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 fr.winfixer.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 go.drivecleaner.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 go.errorsafe.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 go.winantispyware.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 go.winantivirus.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 hk.winantivirus.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 instlog.errorsafe.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 instlog.winantivirus.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 jsp.drivecleaner.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 kb.errorsafe.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 kb.winantivirus.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 nl.errorsafe.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 se.errorsafe.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 secure.drivecleaner.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 secure.errorsafe.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 secure.winantispam.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 secure.winantispy.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 secure.winantivirus.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 support.winantivirus.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 ulog.winantivirus.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 utils.errorsafe.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 utils.winantivirus.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 winantispyware.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 winantivirus.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 winfixer.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 http://www.drivecleaner.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 http://www.errorprotector.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 http://www.errorsafe.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 http://www.systemdoctor.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 http://www.win-anti-virus-pro.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 http://www.win-virus-pro.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 http://www.winantispam.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 http://www.winantispy.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 http://www.winantispyware.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 http://www.winantivirus.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 http://www.winantiviruspro.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 http://www.windrivecleaner.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 http://www.windrivesafe.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 http://www.winfixer.com ## added by CiD

Tue Jan 02 16:21:35 2007

EliStartPage v13.00 (c)2007 S.G.H. / Satinfo S.L.

--------------------------------------------------

Lista de Acciones (por Acción Directa):

Linea Eliminada del HOSTS --> 127.0.0.1 bin.errorprotector.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 br.errorsafe.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 br.winantivirus.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 br.winfixer.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 cdn.drivecleaner.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 cdn.errorsafe.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 cdn.winsoftware.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 de.errorsafe.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 de.winantivirus.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 download.cdn.drivecleaner.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 download.cdn.errorsafe.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 download.cdn.winsoftware.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 download.errorsafe.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 download.systemdoctor.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 download.winantispyware.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 download.windrivecleaner.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 download.winfixer.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 drivecleaner.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 dynamique.drivecleaner.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 errorprotector.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 errorsafe.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 es.winantivirus.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 fr.winantivirus.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 fr.winfixer.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 go.drivecleaner.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 go.errorsafe.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 go.winantispyware.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 go.winantivirus.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 hk.winantivirus.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 instlog.errorsafe.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 instlog.winantivirus.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 instlog.winfixer.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 jsp.drivecleaner.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 kb.errorsafe.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 kb.winantivirus.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 nl.errorsafe.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 se.errorsafe.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 secure.drivecleaner.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 secure.errorsafe.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 secure.winantispam.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 secure.winantispy.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 secure.winantivirus.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 support.winantivirus.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 trial.updates.winsoftware.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 ulog.winantivirus.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 utils.errorsafe.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 utils.winantivirus.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 utils.winfixer.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 winantispyware.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 winantivirus.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 winfixer.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 winfixer2006.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 winsoftware.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 http://www.drivecleaner.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 http://www.errorprotector.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 http://www.errorsafe.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 http://www.systemdoctor.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 http://www.utils.winfixer.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 http://www.win-anti-virus-pro.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 http://www.win-virus-pro.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 http://www.winantispam.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 http://www.winantispy.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 http://www.winantispyware.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 http://www.winantivirus.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 http://www.winantiviruspro.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 http://www.windrivecleaner.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 http://www.windrivesafe.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 http://www.winfixer.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 http://www.winfixer2006.com ## added by CiD

Linea Eliminada del HOSTS --> 127.0.0.1 http://www.winsoftware.com ## added by CiD

Tue Jan 02 16:24:25 2007

EliStartPage v13.00 (c)2007 S.G.H. / Satinfo S.L.

--------------------------------------------------

Lista de Acciones (por Exploración):

C:\Archivos de programa\OutLaster\UN-SHHOST.EXE --> AutoExtraible

Exploración Detenida por el Usuario.

Tue Jan 02 16:27:25 2007

EliStartPage v13.00 (c)2007 S.G.H. / Satinfo S.L.

--------------------------------------------------

Lista de Acciones (por Exploración):

C:\Archivos de programa\OutLaster\UN-SHHOST.EXE --> AutoExtraible

C:\WINDOWS\TEMP\nsc9131.TMP\WEBHANCER.EXE --> AutoExtraible

C:\WINDOWS\TEMP\nsu80F2.TMP\WEBHANCER.EXE --> AutoExtraible

C:\unzipped\XviD.CVS.[www.CanalXviD.com]\XVID.1.1.CVS.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP53\A0048806.DLL --> Infectado, NavHelper (BHO)

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP58\A0052092.DLL --> Infectado, NavHelper (BHO)

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP61\A0052873.EXE --> Infectado, DownLoader.Vixup

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP66\A0057708.EXE --> Infectado, DownLoader.Vixup

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP89\A0063244.EXE --> Infectado, DownLoader.Vixup

Fri Jan 05 10:27:55 2007

EliStartPage v13.00 (c)2007 S.G.H. / Satinfo S.L.

--------------------------------------------------

Lista de Acciones (por Exploración):

C:\Archivos de programa\OutLaster\UN-SHHOST.EXE --> AutoExtraible

C:\WINDOWS\TEMP\nsc9131.TMP\WEBHANCER.EXE --> AutoExtraible

C:\WINDOWS\TEMP\nsu80F2.TMP\WEBHANCER.EXE --> AutoExtraible

C:\unzipped\XviD.CVS.[www.CanalXviD.com]\XVID.1.1.CVS.EXE --> AutoExtraible

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP53\A0048806.DLL --> Infectado, NavHelper (BHO)

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP58\A0052092.DLL --> Infectado, NavHelper (BHO)

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP61\A0052873.EXE --> Infectado, DownLoader.Vixup

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP66\A0057708.EXE --> Infectado, DownLoader.Vixup

C:\System Volume Information\_restore{61C28849-EDF8-4A99-A50C-DD9DDFA4CF9D}\RP89\A0063244.EXE --> Infectado, DownLoader.Vixup

A..GRACIAS..

Mensaje por **msc hotline sat** » 10 Ene 2007, 17:56

Siento que hayas vuelto a abrir Tema paralelo al

https://foros.zonavirus.com/trojgeneric-archivo-system32oinsexe-vt15835.html?highlight=

Ya se te ha avisado demasiadas veces

Aun intentando atenderte lo has impedido.

Se te desactiva del foro por reincidencia de incumplimiento de Normas

Se hace lo que se puede, pero dentro de las normas !

ms.