Ayuda por favor!!! Urgente

natalie2986 · #1 (**permalink**) 21/07/2009, 20:10

Ante todo muy buenas noches, necesito su ayuda por favor, me llegaron 3 virus por medio de unos imagenes en el mns. Mi antivirus no los elimina y mi pc se ha vuelto loca. Aqui les dejo el reporte del antivirus

Avira AntiVir Personal
Report file date: miércoles, 22 de julio de 2009 03:41

Scanning for 1560023 virus strains and unwanted programs.

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 3) [5.1.2600]
Boot mode : Normally booted
Username : Natasha
Computer name : NATASHA

Version information:
BUILD.DAT : 9.0.0.403 17961 Bytes 03/06/2009 17:05:00
AVSCAN.EXE : 9.0.3.6 466689 Bytes 11/05/2009 08:14:47
AVSCAN.DLL : 9.0.3.0 40705 Bytes 27/02/2009 09:58:24
LUKE.DLL : 9.0.3.2 209665 Bytes 20/02/2009 10:35:49
LUKERES.DLL : 9.0.2.0 12033 Bytes 27/02/2009 09:58:52
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 11:30:36
ANTIVIR1.VDF : 7.1.4.132 5707264 Bytes 24/06/2009 06:57:18
ANTIVIR2.VDF : 7.1.4.253 1779200 Bytes 19/07/2009 23:44:32
ANTIVIR3.VDF : 7.1.5.10 77824 Bytes 21/07/2009 12:28:12
Engineversion : 8.2.0.222
AEVDF.DLL : 8.1.1.1 106868 Bytes 30/04/2009 10:52:04
AESCRIPT.DLL : 8.1.2.18 442746 Bytes 20/07/2009 23:44:42
AESCN.DLL : 8.1.2.3 127347 Bytes 14/05/2009 10:02:01
AERDL.DLL : 8.1.2.4 430452 Bytes 16/07/2009 06:59:03
AEPACK.DLL : 8.1.3.18 401783 Bytes 27/05/2009 15:07:20
AEOFFICE.DLL : 8.1.0.38 196987 Bytes 16/07/2009 06:58:56
AEHEUR.DLL : 8.1.0.143 1864055 Bytes 17/07/2009 10:31:35
AEHELP.DLL : 8.1.4.5 229748 Bytes 16/07/2009 06:58:26
AEGEN.DLL : 8.1.1.48 348532 Bytes 16/07/2009 06:58:22
AEEMU.DLL : 8.1.0.9 393588 Bytes 09/10/2008 13:32:40
AECORE.DLL : 8.1.7.5 180597 Bytes 16/07/2009 06:58:16
AEBB.DLL : 8.1.0.3 53618 Bytes 09/10/2008 13:32:40
AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 07:47:59
AVPREF.DLL : 9.0.0.1 43777 Bytes 05/12/2008 09:32:15
AVREP.DLL : 8.0.0.3 155905 Bytes 20/01/2009 13:34:28
AVREG.DLL : 9.0.0.0 36609 Bytes 05/12/2008 09:32:09
AVARKT.DLL : 9.0.0.3 292609 Bytes 24/03/2009 14:05:41
AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30/01/2009 09:37:08
SQLITE3.DLL : 3.6.1.0 326401 Bytes 28/01/2009 14:03:49
SMTPLIB.DLL : 9.2.0.25 28417 Bytes 02/02/2009 07:21:33
NETNT.DLL : 9.0.0.0 11521 Bytes 05/12/2008 09:32:10
RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 15/05/2009 14:39:58
RCTEXT.DLL : 9.0.37.0 86785 Bytes 17/04/2009 09:19:48

Configuration settings for the scan:
Jobname.............................: ShlExt
Configuration file..................: C:\Windows\Temp\340a5cd6.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:,
Process scan........................: off
Scan registry.......................: off
Search for rootkits.................: off
Integrity checking of system files..: off
Scan all files......................: Intelligent file selection
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: high

Start of the scan: miércoles, 22 de julio de 2009 03:41

Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
[NOTE] This file is a Windows system file.
[NOTE] This file cannot be opened for scanning.
C:\Documents and Settings\All Users\Datos de programa\Avira\AntiVir Desktop\TEMP\AVSCAN-20090722-034111-58293ECD\AVSCAN-0000000B.dat
[DETECTION] Is the TR/Spy.Gen Trojan
C:\WINDOWS\system32\secupdat.dat
[DETECTION] Is the TR/Spy.Gen Trojan
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\wtkgbvkl.sys
[DETECTION] Is the TR/Dropper.Gen Trojan
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\etc\hosts
[DETECTION] Is the TR/AntiHosts.Gen Trojan

Beginning disinfection:
C:\WINDOWS\system32\secupdat.dat
[DETECTION] Is the TR/Spy.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26004
[WARNING] The source file could not be found.
[NOTE] Attempting to perform action using the ARK library.
[NOTE] The file was moved to '4ac9726b.qua'!
C:\WINDOWS\system32\drivers\wtkgbvkl.sys
[DETECTION] Is the TR/Dropper.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26004
[WARNING] The source file could not be found.
[NOTE] Attempting to perform action using the ARK library.
[NOTE] The file was moved to '4ad1727d.qua'!
C:\WINDOWS\system32\drivers\etc\hosts
[DETECTION] Is the TR/AntiHosts.Gen Trojan
[NOTE] The file was moved to '4ad9727a.qua'!

End of the scan: miércoles, 22 de julio de 2009 03:57
Used time: 15:56 Minute(s)

The scan has been done completely.

4005 Scanned directories
195842 Files were scanned
3 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
3 Files were moved to quarantine
0 Files were renamed
3 Files cannot be scanned
195836 Files not concerned
1180 Archives were scanned
4 Warnings
4 Notes

JoaoM · #2 (**permalink**) 22/07/2009, 13:50

Por eso ni instalo MSN desde hace años, ni ningun mensagero instantaneo

zackrated · #3 (**permalink**) 22/07/2009, 17:39

Sigue estos pasos para una buena desinfección

Primero desactiva restaurar sistema.
Mi PC>Propiedades>Resturar sistema

Descarga y actualiza Super AntiSpyware
http://downloads.superantispyware.co...ntiSpyware.exe

Descarga y actualiza Malwarebytes
http://www.malwarebytes.org/mbam/program/mbam-setup.exe

Inicia Modo Seguro [presionando F8 cuando la PC esté iniciando]

Pásale el Super Antispyware borrado todo lo que encuentre.
Sin reiniciar haz un análisis completo con Malwarebytes, borra todo lo que encuentre y guarda un informe <---- (MUY IMPORTANTE)

Reinicia en Modo normal y pásale este antivirus Online
http://www.eset-la.com/online-scanner/ (Usa Internet Explorer)
Guarda un informe <----(MUY IMPORTANTE)

Pásale de nuevo el Malwarebytes en análisis rápido, borra todo lo que encuentre y Guarda un segundo informe <--- (MUY IMPORTANTE)

Sin reinciar pásale el CCleaner limpiando temporales y registro (Haciendo copia de seguridad, el mismo programa da la opcion)
http://download.piriform.com/ccsetup221.exe

Reinicia y comprueba si el problema se a solucionado . Si no sigue los siguiente pasos

Descarga Hijackthis. Crea una carpeta y mete ahi Hijackthis.exe <--- (MUY IMPORTANTE)
http://www.trendsecure.com/portal/en...HJTInstall.exe
Ejecútalo despues seleccionas la opcion Do a Scan And Save a Log File
Esto generará un bloc de notas, pega aqui su contenido COMPLETO para analizarlo junto con los informes que guardaste anteriormente [1 del ESET Online y 2 del Malwarebytes]

Si presentas problemas al pegarlos aqui, sube los informes a www.megaupload.com y dame el link de descarga para bajarlos y analizarlos.

Necesitas ser paciente y es MUY IMPORTANTE no brincarse los pasos

Saludos