no puedo instalar el panda (SOLUCIONADO)
no puedo instalar el panda (SOLUCIONADO)
hola amigos:mi problema es el siguiente.cuando quiero instalar el panda me sale un mensaje de error diciendo que el sistema no puede encontrar el archivo:"pavshld/pavprsrv.exe" y por lo tanto no puedo instalarlo.me podeis ayudar??gracias.un saludo :?
Gracias por el favor.
Ahora, nos indica que al instalar le aparece este error, no es al desinstalar ? Por que se me hace raro que al instalar le pida archivos . Si se refiere a instalar verifica que solo tengas 1 antivirus y si tienes otro quitalo y vuelve a probar, si ya tenia instalado Panda y instalaste uno nuevo desinsatala el otro completamente e intenta de nievo..
Ahora, nos indica que al instalar le aparece este error, no es al desinstalar ? Por que se me hace raro que al instalar le pida archivos . Si se refiere a instalar verifica que solo tengas 1 antivirus y si tienes otro quitalo y vuelve a probar, si ya tenia instalado Panda y instalaste uno nuevo desinsatala el otro completamente e intenta de nievo..
[DJ eXploit]
gracias de nuevo nuker por tu respuesta..efectivamente eso es lo raro que al intentar INSTALAR un programa me diga que no encuentra archivos.si los necesita ya me los metera dicho programa.lo que creo es que he debido borrar algo que no deberia haber borrado.ahora no tengo ningun antivirus instalado.he intentado instalar de otra marca pero tambien me da error... :(
nuker a ver si es eso lo que me decias.lo he hecho bien??
Logfile of HijackThis v1.99.1
Scan saved at 0:02:45, on 23/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\CTSvcCDA.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\monsitos\Datos de programa\hidires\hidr.exe
C:\Archivos de programa\Messenger\msmsgs.exe
D:\instalacion emule\eMule\emule.exe
C:\Archivos de programa\Lavasoft\Ad-Aware SE Professional\Ad-Aware.exe
C:\Archivos de programa\WinRAR\WinRAR.exe
C:\DOCUME~1\monsitos\CONFIG~1\Temp\Rar$EX00.875\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =http://www.google.es/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {D80C4E21-C346-4E21-8E64-20746AA20AEB} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Archivos de programa\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: (no name) - {C1B4DEC2-2623-438e-9CA2-C9043AB28508} - (no file)
O4 - HKLM\..\Run: [Disc Detector] C:\Archivos de programa\Creative\ShareDLL\CtNotify.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Archivos de programa\Messenger\msmsgs.exe" /background
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\imanol\Menú Inicio\Programas\IMVU\Run IMVU.lnk
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -http://loloweb.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) -http://messenger.zone.msn.com/ES-ES/a-UNO1/GAME_UNO1.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\ARCHIV~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: PAVWAIT.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Client IP-IPX - Unknown owner - C:\WINDOWS\system32\svchosts.exe" -e te-110-12-0000307 (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
Logfile of HijackThis v1.99.1
Scan saved at 0:02:45, on 23/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\CTSvcCDA.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\monsitos\Datos de programa\hidires\hidr.exe
C:\Archivos de programa\Messenger\msmsgs.exe
D:\instalacion emule\eMule\emule.exe
C:\Archivos de programa\Lavasoft\Ad-Aware SE Professional\Ad-Aware.exe
C:\Archivos de programa\WinRAR\WinRAR.exe
C:\DOCUME~1\monsitos\CONFIG~1\Temp\Rar$EX00.875\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {D80C4E21-C346-4E21-8E64-20746AA20AEB} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Archivos de programa\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: (no name) - {C1B4DEC2-2623-438e-9CA2-C9043AB28508} - (no file)
O4 - HKLM\..\Run: [Disc Detector] C:\Archivos de programa\Creative\ShareDLL\CtNotify.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Archivos de programa\Messenger\msmsgs.exe" /background
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\imanol\Menú Inicio\Programas\IMVU\Run IMVU.lnk
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) -
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\ARCHIV~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: PAVWAIT.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Client IP-IPX - Unknown owner - C:\WINDOWS\system32\svchosts.exe" -e te-110-12-0000307 (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
Si muy bien, Solo que tienes un Bagle (problema de que no puedas instalar el antivirus) Lanza ELIBAGLA en Modo Normal y al terminar ELIBAGLA, lanzas ELISTARA en Modo Seguro.. Estas herramientas te generaran un log en Unidad C, con el nombre de infoSat.txt copia el contenido y pegalo aqui (esto en modo normal claro).
ELIMINA ESTAS (DALE FIX CHECKED DENTRO DE HJT, EN MODO SEGURO):
O2 - BHO: (no name) - {D80C4E21-C346-4E21-8E64-20746AA20AEB} - (no file)
O3 - Toolbar: (no name) - {C1B4DEC2-2623-438e-9CA2-C9043AB28508} - (no file)
------------------------------
ELIBAGLA:
http://www.zonavirus.com/descargas/elibagla.asp
ELISTARA:http://www.zonavirus.com/descargas/elistara.asp
MODO SEGURO:http://www.zonavirus.com/articulos/como-arrancar-en-modo-seguro-o-a-prueba-de-fallos.asp
ELIMINACION DE CLAVES (HJT) :
http://www.zonavirus.com/articulos/como-arrancar-en-modo-seguro-o-a-prueba-de-fallos.asp
ELIMINA ESTAS (DALE FIX CHECKED DENTRO DE HJT, EN MODO SEGURO):
O2 - BHO: (no name) - {D80C4E21-C346-4E21-8E64-20746AA20AEB} - (no file)
O3 - Toolbar: (no name) - {C1B4DEC2-2623-438e-9CA2-C9043AB28508} - (no file)
------------------------------
ELIBAGLA:
ELISTARA:
MODO SEGURO:
ELIMINACION DE CLAVES (HJT) :
[DJ eXploit]
muchas gracias nuker...gracias a tus sabias indicaciones he podido solucionar el problema e instalar un antivirus.de todas formas te mando el log que me pediste..a ver si lo hecho bien..
gracias de nuevo.muy agradecido..un saludo...:wink:
Fri Feb 23 16:48:43 2007
EliBagle v10.18 (c)2007 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Renombrado a .VIR
C:\WINDOWS\SYSTEM32\BAN_LIST.TXT --> Eliminado Bagle
C:\DOCUMENTS AND SETTINGS\MONSITOS\DATOS DE PROGRAMA\HIDIRES\HIDR.EXE --> Bagle Renombrado a .VIR
C:\DOCUMENTS AND SETTINGS\MONSITOS\DATOS DE PROGRAMA\HIDIRES\M_HOOK.SYS --> Eliminado Bagle (rootkit)
Eliminada Carpeta "%WinDir%\exefld"
Restaurada Clave: "SafeBoot\Minimal y Network"
Fri Feb 23 16:49:10 2007
EliBagle v10.18 (c)2007 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
C:\Documents and Settings\nerea\Configuración local\Temp\~5D.EXE --> Eliminado Bagle
C:\Documents and Settings\nerea\Configuración local\Temp\~68.EXE --> Eliminado Bagle
C:\Documents and Settings\nerea\Configuración local\Temp\~73.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP155\A0024532.SYS --> Eliminado Bagle (rootkit)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP155\A0024541.SYS --> Eliminado Bagle (rootkit)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP155\A0024699.SYS --> Eliminado Bagle (rootkit)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP155\A0024851.SYS --> Eliminado Bagle (rootkit)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP155\A0024855.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP155\A0024856.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP155\A0024957.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP156\A0025040.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP156\A0025041.SYS --> Eliminado Bagle (rootkit)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP160\A0025147.SYS --> Eliminado Bagle (rootkit)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP160\A0025156.SYS --> Eliminado Bagle (rootkit)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP162\A0025240.SYS --> Eliminado Bagle (rootkit)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP164\A0025267.SYS --> Eliminado Bagle (rootkit)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP164\A0026268.SYS --> Eliminado Bagle (rootkit)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP165\A0026513.SYS --> Eliminado Bagle (rootkit)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP166\A0026524.SYS --> Eliminado Bagle (rootkit)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP167\A0026765.SYS --> Eliminado Bagle (rootkit)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP169\A0026840.SYS --> Eliminado Bagle (rootkit)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP169\A0027838.SYS --> Eliminado Bagle (rootkit)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP169\A0028838.SYS --> Eliminado Bagle (rootkit)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP169\A0029838.SYS --> Eliminado Bagle (rootkit)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP170\A0030081.SYS --> Eliminado Bagle (rootkit)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP170\A0030092.SYS --> Eliminado Bagle (rootkit)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP170\A0030103.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP171\A0030281.SYS --> Eliminado Bagle (rootkit)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP171\A0030301.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP171\A0030302.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP171\A0030344.EXE --> Eliminado Bagle
Fri Feb 23 17:14:50 2007
EliStartPage v13.39 (c)2007 S.G.H. / Satinfo S.L.
--------------------------------------------------
Lista de Acciones (por Acción Directa):
Linea Eliminada del HOSTS --> 127.0.0.1 bin.errorprotector.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 br.errorsafe.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 br.winantivirus.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 br.winfixer.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 cdn.drivecleaner.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 cdn.errorsafe.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 cdn.winsoftware.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 de.errorsafe.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 de.winantivirus.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 download.cdn.errorsafe.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 download.cdn.winsoftware.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 download.errorsafe.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 download.systemdoctor.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 download.winantispyware.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 download.windrivecleaner.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 download.winfixer.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 drivecleaner.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 dynamique.drivecleaner.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 errorprotector.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 errorsafe.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 es.winantivirus.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 fr.winantivirus.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 fr.winfixer.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 go.drivecleaner.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 go.errorsafe.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 go.winantispyware.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 go.winantivirus.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 hk.winantivirus.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 instlog.errorsafe.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 instlog.winantivirus.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 instlog.winfixer.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 jsp.drivecleaner.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 kb.errorsafe.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 kb.winantivirus.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 nl.errorsafe.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 se.errorsafe.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 secure.drivecleaner.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 secure.errorsafe.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 secure.winantispam.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 secure.winantispy.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 secure.winantivirus.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 support.winantivirus.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 trial.updates.winsoftware.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 ulog.winantivirus.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 utils.errorsafe.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 utils.winantivirus.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 utils.winfixer.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 winantispyware.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 winantivirus.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 winfixer.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 winfixer2006.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 winsoftware.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1http://www.drivecleaner.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1http://www.errorprotector.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1http://www.errorsafe.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1http://www.systemdoctor.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1http://www.utils.winfixer.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1http://www.win-anti-virus-pro.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1http://www.win-virus-pro.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1http://www.winantispam.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1http://www.winantispy.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1http://www.winantispyware.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1http://www.winantivirus.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1http://www.winantiviruspro.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1http://www.windrivecleaner.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1http://www.windrivesafe.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1http://www.winfixer.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1http://www.winfixer2006.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1http://www.winsoftware.com ## added by CiD
Eliminada Carpeta "%WinSys%\LogFiles"
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
Fri Feb 23 17:15:18 2007
EliStartPage v13.39 (c)2007 S.G.H. / Satinfo S.L.
--------------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
C:\Documents and Settings\monsitos\Configuración local\Datos de programa\Ares\My Shared Folder\EMULE0 46A_INSTALLER [CONTENT EMULE-PROJECT NET].EXE --> AutoExtraible
C:\Archivos de programa\Archivos comunes\{2D6E1AE3-0AF5-3082-0811-030311190022}\SYSTEM.DLL --> Eliminado, Matcash(dll)
C:\Archivos de programa\Nero\Nero 7\Nero Vision\NVDV.DLL --> Eliminado, Hotbar
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP143\A0020069.DLL --> Eliminado, NewDotNet
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP155\A0024454.EXE --> Eliminado, NewDotNet Uninst
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP155\A0024455.EXE --> Eliminado, NewDotNet Uninst
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP155\A0024595.EXE --> Eliminado, PWS-Lineage
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP155\A0024869.DLL --> Eliminado, Matcash(dll)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP155\A0024870.DLL --> Eliminado, Matcash(dll)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP155\A0024887.DLL --> Eliminado, Matcash(dll)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP155\A0024888.DLL --> Eliminado, Matcash(dll)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP156\A0025097.EXE --> Eliminado, NewDotNet Uninst
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP160\A0025135.DLL --> Eliminado, NewDotNet
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP160\A0025136.EXE --> Eliminado, NewDotNet Uninst
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP160\A0025176.EXE --> Eliminado, PWS-Lineage
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP160\A0025193.DLL --> Eliminado, Matcash(dll)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP160\A0025194.DLL --> Eliminado, Matcash(dll)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP160\A0025198.DLL --> Eliminado, Matcash(dll)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP170\A0030097.EXE --> Eliminado, Matcash(dropper)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP171\A0030361.DLL --> Eliminado, Matcash(dll)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP171\A0030362.DLL --> Eliminado, Hotbar
C:\Recycled\Dc1\SYSTEM.DLL --> Eliminado, Matcash(dll)
C:\Recycled\Dc2\SYSTEM.DLL --> Eliminado, Matcash(dll)
C:\Recycled\Dc5\SYSTEM.DLL --> Eliminado, Matcash(dll)
C:\Recycled\Dc9\SYSTEM.DLL --> Eliminado, Matcash(dll)
C:\Recycled\Dc10\SYSTEM.DLL --> Eliminado, Matcash(dll)
C:\Recycled\Dc11\SYSTEM.DLL --> Eliminado, Matcash(dll)
C:\Recycled\Dc14\SYSTEM.DLL --> Eliminado, Matcash(dll)
C:\Recycled\Dc15\SYSTEM.DLL --> Eliminado, Matcash(dll)
C:\Recycled\Dc16\SYSTEM.DLL --> Eliminado, Matcash(dll)
C:\Recycled\Dc17\SYSTEM.DLL --> Eliminado, Matcash(dll)
C:\Recycled\Dc18\SYSTEM.DLL --> Eliminado, Matcash(dll)
C:\Recycled\Dc19\SYSTEM.DLL --> Eliminado, Matcash(dll)
Fri Feb 23 17:23:09 2007
EliBagle v10.18 (c)2007 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE.VIR --> Eliminado
C:\WINDOWS\SYSTEM32\BAN_LIST.TXT --> Eliminado Bagle
Eliminada Carpeta "%AppData%\Hidires"
Fri Feb 23 17:23:33 2007
EliStartPage v13.39 (c)2007 S.G.H. / Satinfo S.L.
--------------------------------------------------
Lista de Acciones (por Acción Directa):
Fri Feb 23 17:24:46 2007
EliBagle v10.18 (c)2007 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
Fri Feb 23 17:24:57 2007
EliStartPage v13.39 (c)2007 S.G.H. / Satinfo S.L.
--------------------------------------------------
Lista de Acciones (por Acción Directa):
Fri Feb 23 17:26:56 2007
EliBagle v10.18 (c)2007 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
Fri Feb 23 17:27:04 2007
EliBagle v10.18 (c)2007 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
Exploración Detenida por el Usuario.
Fri Feb 23 17:30:32 2007
EliBagle v10.18 (c)2007 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
gracias de nuevo.muy agradecido..un saludo...
Fri Feb 23 16:48:43 2007
EliBagle v10.18 (c)2007 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Renombrado a .VIR
C:\WINDOWS\SYSTEM32\BAN_LIST.TXT --> Eliminado Bagle
C:\DOCUMENTS AND SETTINGS\MONSITOS\DATOS DE PROGRAMA\HIDIRES\HIDR.EXE --> Bagle Renombrado a .VIR
C:\DOCUMENTS AND SETTINGS\MONSITOS\DATOS DE PROGRAMA\HIDIRES\M_HOOK.SYS --> Eliminado Bagle (rootkit)
Eliminada Carpeta "%WinDir%\exefld"
Restaurada Clave: "SafeBoot\Minimal y Network"
Fri Feb 23 16:49:10 2007
EliBagle v10.18 (c)2007 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
C:\Documents and Settings\nerea\Configuración local\Temp\~5D.EXE --> Eliminado Bagle
C:\Documents and Settings\nerea\Configuración local\Temp\~68.EXE --> Eliminado Bagle
C:\Documents and Settings\nerea\Configuración local\Temp\~73.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP155\A0024532.SYS --> Eliminado Bagle (rootkit)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP155\A0024541.SYS --> Eliminado Bagle (rootkit)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP155\A0024699.SYS --> Eliminado Bagle (rootkit)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP155\A0024851.SYS --> Eliminado Bagle (rootkit)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP155\A0024855.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP155\A0024856.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP155\A0024957.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP156\A0025040.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP156\A0025041.SYS --> Eliminado Bagle (rootkit)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP160\A0025147.SYS --> Eliminado Bagle (rootkit)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP160\A0025156.SYS --> Eliminado Bagle (rootkit)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP162\A0025240.SYS --> Eliminado Bagle (rootkit)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP164\A0025267.SYS --> Eliminado Bagle (rootkit)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP164\A0026268.SYS --> Eliminado Bagle (rootkit)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP165\A0026513.SYS --> Eliminado Bagle (rootkit)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP166\A0026524.SYS --> Eliminado Bagle (rootkit)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP167\A0026765.SYS --> Eliminado Bagle (rootkit)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP169\A0026840.SYS --> Eliminado Bagle (rootkit)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP169\A0027838.SYS --> Eliminado Bagle (rootkit)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP169\A0028838.SYS --> Eliminado Bagle (rootkit)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP169\A0029838.SYS --> Eliminado Bagle (rootkit)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP170\A0030081.SYS --> Eliminado Bagle (rootkit)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP170\A0030092.SYS --> Eliminado Bagle (rootkit)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP170\A0030103.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP171\A0030281.SYS --> Eliminado Bagle (rootkit)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP171\A0030301.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP171\A0030302.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP171\A0030344.EXE --> Eliminado Bagle
Fri Feb 23 17:14:50 2007
EliStartPage v13.39 (c)2007 S.G.H. / Satinfo S.L.
--------------------------------------------------
Lista de Acciones (por Acción Directa):
Linea Eliminada del HOSTS --> 127.0.0.1 bin.errorprotector.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 br.errorsafe.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 br.winantivirus.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 br.winfixer.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 cdn.drivecleaner.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 cdn.errorsafe.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 cdn.winsoftware.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 de.errorsafe.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 de.winantivirus.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 download.cdn.errorsafe.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 download.cdn.winsoftware.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 download.errorsafe.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 download.systemdoctor.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 download.winantispyware.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 download.windrivecleaner.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 download.winfixer.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 drivecleaner.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 dynamique.drivecleaner.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 errorprotector.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 errorsafe.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 es.winantivirus.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 fr.winantivirus.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 fr.winfixer.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 go.drivecleaner.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 go.errorsafe.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 go.winantispyware.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 go.winantivirus.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 hk.winantivirus.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 instlog.errorsafe.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 instlog.winantivirus.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 instlog.winfixer.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 jsp.drivecleaner.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 kb.errorsafe.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 kb.winantivirus.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 nl.errorsafe.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 se.errorsafe.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 secure.drivecleaner.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 secure.errorsafe.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 secure.winantispam.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 secure.winantispy.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 secure.winantivirus.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 support.winantivirus.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 trial.updates.winsoftware.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 ulog.winantivirus.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 utils.errorsafe.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 utils.winantivirus.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 utils.winfixer.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 winantispyware.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 winantivirus.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 winfixer.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 winfixer2006.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1 winsoftware.com ## added by CiD
Linea Eliminada del HOSTS --> 127.0.0.1
Linea Eliminada del HOSTS --> 127.0.0.1
Linea Eliminada del HOSTS --> 127.0.0.1
Linea Eliminada del HOSTS --> 127.0.0.1
Linea Eliminada del HOSTS --> 127.0.0.1
Linea Eliminada del HOSTS --> 127.0.0.1
Linea Eliminada del HOSTS --> 127.0.0.1
Linea Eliminada del HOSTS --> 127.0.0.1
Linea Eliminada del HOSTS --> 127.0.0.1
Linea Eliminada del HOSTS --> 127.0.0.1
Linea Eliminada del HOSTS --> 127.0.0.1
Linea Eliminada del HOSTS --> 127.0.0.1
Linea Eliminada del HOSTS --> 127.0.0.1
Linea Eliminada del HOSTS --> 127.0.0.1
Linea Eliminada del HOSTS --> 127.0.0.1
Linea Eliminada del HOSTS --> 127.0.0.1
Linea Eliminada del HOSTS --> 127.0.0.1
Eliminada Carpeta "%WinSys%\LogFiles"
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
Fri Feb 23 17:15:18 2007
EliStartPage v13.39 (c)2007 S.G.H. / Satinfo S.L.
--------------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
C:\Documents and Settings\monsitos\Configuración local\Datos de programa\Ares\My Shared Folder\EMULE0 46A_INSTALLER [CONTENT EMULE-PROJECT NET].EXE --> AutoExtraible
C:\Archivos de programa\Archivos comunes\{2D6E1AE3-0AF5-3082-0811-030311190022}\SYSTEM.DLL --> Eliminado, Matcash(dll)
C:\Archivos de programa\Nero\Nero 7\Nero Vision\NVDV.DLL --> Eliminado, Hotbar
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP143\A0020069.DLL --> Eliminado, NewDotNet
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP155\A0024454.EXE --> Eliminado, NewDotNet Uninst
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP155\A0024455.EXE --> Eliminado, NewDotNet Uninst
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP155\A0024595.EXE --> Eliminado, PWS-Lineage
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP155\A0024869.DLL --> Eliminado, Matcash(dll)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP155\A0024870.DLL --> Eliminado, Matcash(dll)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP155\A0024887.DLL --> Eliminado, Matcash(dll)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP155\A0024888.DLL --> Eliminado, Matcash(dll)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP156\A0025097.EXE --> Eliminado, NewDotNet Uninst
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP160\A0025135.DLL --> Eliminado, NewDotNet
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP160\A0025136.EXE --> Eliminado, NewDotNet Uninst
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP160\A0025176.EXE --> Eliminado, PWS-Lineage
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP160\A0025193.DLL --> Eliminado, Matcash(dll)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP160\A0025194.DLL --> Eliminado, Matcash(dll)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP160\A0025198.DLL --> Eliminado, Matcash(dll)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP170\A0030097.EXE --> Eliminado, Matcash(dropper)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP171\A0030361.DLL --> Eliminado, Matcash(dll)
C:\System Volume Information\_restore{449B4112-8D2B-45A7-A7D5-88E48810D8AB}\RP171\A0030362.DLL --> Eliminado, Hotbar
C:\Recycled\Dc1\SYSTEM.DLL --> Eliminado, Matcash(dll)
C:\Recycled\Dc2\SYSTEM.DLL --> Eliminado, Matcash(dll)
C:\Recycled\Dc5\SYSTEM.DLL --> Eliminado, Matcash(dll)
C:\Recycled\Dc9\SYSTEM.DLL --> Eliminado, Matcash(dll)
C:\Recycled\Dc10\SYSTEM.DLL --> Eliminado, Matcash(dll)
C:\Recycled\Dc11\SYSTEM.DLL --> Eliminado, Matcash(dll)
C:\Recycled\Dc14\SYSTEM.DLL --> Eliminado, Matcash(dll)
C:\Recycled\Dc15\SYSTEM.DLL --> Eliminado, Matcash(dll)
C:\Recycled\Dc16\SYSTEM.DLL --> Eliminado, Matcash(dll)
C:\Recycled\Dc17\SYSTEM.DLL --> Eliminado, Matcash(dll)
C:\Recycled\Dc18\SYSTEM.DLL --> Eliminado, Matcash(dll)
C:\Recycled\Dc19\SYSTEM.DLL --> Eliminado, Matcash(dll)
Fri Feb 23 17:23:09 2007
EliBagle v10.18 (c)2007 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE.VIR --> Eliminado
C:\WINDOWS\SYSTEM32\BAN_LIST.TXT --> Eliminado Bagle
Eliminada Carpeta "%AppData%\Hidires"
Fri Feb 23 17:23:33 2007
EliStartPage v13.39 (c)2007 S.G.H. / Satinfo S.L.
--------------------------------------------------
Lista de Acciones (por Acción Directa):
Fri Feb 23 17:24:46 2007
EliBagle v10.18 (c)2007 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
Fri Feb 23 17:24:57 2007
EliStartPage v13.39 (c)2007 S.G.H. / Satinfo S.L.
--------------------------------------------------
Lista de Acciones (por Acción Directa):
Fri Feb 23 17:26:56 2007
EliBagle v10.18 (c)2007 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
Fri Feb 23 17:27:04 2007
EliBagle v10.18 (c)2007 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
Exploración Detenida por el Usuario.
Fri Feb 23 17:30:32 2007
EliBagle v10.18 (c)2007 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
-
msc hotline sat
- Mensajes: 93500
- Registrado: 09 Mar 2004, 20:39
- Ubicación: BARCELONA (ESPAÑA)
- Contactar:
Pues Bagle eliminado y solucionado el problema, procedemos a cerrar el Tema
Si nos necesita de nuevo, ya sabe donde estamos
saludos
ms, 23-02-2007
nota a lucl: Cuando empecé a estudiar el Tema no estaba tu post... es hoy 24 cuando al revisarlo veo te pisé uno que editastes cuando ya estaba en ello... sorry
Si nos necesita de nuevo, ya sabe donde estamos
saludos
ms, 23-02-2007
nota a lucl: Cuando empecé a estudiar el Tema no estaba tu post... es hoy 24 cuando al revisarlo veo te pisé uno que editastes cuando ya estaba en ello... sorry
msc hotline sat Virus Research Engineer Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online