Dsde hace unos dias se abren ventanas de publicidad. Que le pasa a mi pc?.
Os envio el informe de Ewido a ver como quito esto:
__________________________________________________
ewido anti-spyware online scanner
http://www.ewido.net
__________________________________________________
Name: TrackingCookie.Netflame
Path: C:\Documents and Settings\Compaq_Propietario\Cookies\compaq_propiet ario@ssl-hints.netflame[1].txt
Risk: Medium
Name: TrackingCookie.Tradedoubler
Path: C:\Documents and Settings\Compaq_Propietario\Cookies\compaq_propiet ario@tradedoubler[2].txt
Risk: Medium
Name: Trojan.Conhook.c
Path: HKU\PE_C_EDUARDO\Software\Microsoft\Windows\Curren tVersion\Ext\Stats\{8E13DDE1-E013-47EC-9C4C-27C2F78BDD26}
Risk: High
Muchas gracias. Un saludo
Angel Doze
13/05/08, 15:51:00
Hola.
Realiza un escaneo online con el "Panda ActiveScan Online" ,copias y pegas aqui el reporte.
salu2!
El resultado del reporte es este:
;************************************************* ************************************************** ************************************************** ******************************
ANALYSIS: 2008-05-14 20:49:35
PROTECTIONS: 1
MALWARE: 6
SUSPECTS: 0
;************************************************* ************************************************** ************************************************** ******************************
PROTECTIONS
Description Version Active Updated
;================================================= ================================================== ================================================== ==============================
F-Secure Antivirus 5.40 No No
;================================================= ================================================== ================================================== ==============================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;================================================= ================================================== ================================================== ==============================
00101555 Application/KillApp.B HackTools No 0 Yes No C:\hp\bin\KillIt.exe
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Compaq_Propietario\Cookies\compaq_propiet ario@doubleclick[1].txt
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Compaq_Propietario\Cookies\compaq_propiet ario@serving-sys[2].txt
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Compaq_Propietario\Cookies\compaq_propiet ario@bs.serving-sys[2].txt
01262593 Application/NirCmd.A HackTools No 0 Yes No C:\WINDOWS\NirCmd.exe
02384530 Adware/NaviPromo Adware No 1 Yes No C:\qoobox\Quarantine\C\WINDOWS\system32\ubpdlainbj .exe.vir
;================================================= ================================================== ================================================== ==============================
SUSPECTS
Sent Location
;================================================= ================================================== ================================================== ==============================
;================================================= ================================================== ================================================== ==============================
VULNERABILITIES
Id Severity Description
;================================================= ================================================== ================================================== ==============================
170904 HIGH MS07-043
;================================================= ================================================== ================================================== ==============================
Gracias por tu ayuda. Un saludo
Angel Doze
15/05/08, 00:06:29
Hola
Lee y realiza lo indicado aqui :Eliminar Adware Navipromo. (http://www.forospyware.com/t148657.html)
Nota 1* Por Favor pega aqui el Reporte de Navilog1
Nota 2*Pega aqui el Reporte de Panda ActiveScan Online
Salu2!
Me cuentas !
Creo que hice lo que me dijiste. Este es el reporte de panda
ANALYSIS: 2008-05-15 21:39:41
PROTECTIONS: 1
MALWARE: 5
SUSPECTS: 0
PROTECTIONS
Description Version Active Updated
Kaspersky Anti-Virus 7.0.1.325 Yes Yes
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
00101555 Application/KillApp.B HackTools No 0 Yes No C:\hp\bin\KillIt.exe
00139535 Application/Processor HackTools No 0 Yes No C:\WINDOWS\system32\Process.exe
00139535 Application/Processor HackTools No 0 Yes No C:\Archivos de programa\Navilog1\Process.exe
01262593 Application/NirCmd.A HackTools No 0 Yes No C:\WINDOWS\NirCmd.exe
02197130 Trj/Rebooter.J Virus/Trojan No 1 Yes No C:\Archivos de programa\Navilog1\reboot.exe
02384530 Adware/NaviPromo Adware No 1 Yes No C:\qoobox\Quarantine\C\WINDOWS\system32\ubpdlainbj .exe.vir
SUSPECTS
Sent Location
VULNERABILITIES
Id Severity Description
170904 HIGH MS07-043
Y el de navilog1 Fix Navipromo version 3.5.7
Scan completed 15/05/2008 18:08:33,70
Angel Doze
15/05/08, 17:33:59
Hola
Pega el reporte del Navilog1 ,completo/correcto , por favor....
salu2!
Lo siento no me aclaré y mandé un reporte equivocado, ahi va el bueno, o eso creo
Navipromo Removal version 3.5.7 started on 16/05/2008 at 16:21:14,06
Fix running from C:\Archivos de programa\navilog1
Actual User Account : "Compaq_Propietario"
Updated on 11.05.2008 at 18h00 by IL-MAFIOSO
Microsoft Windows XP [Versi¢n 5.1.2600]
Internet Explorer : 7.0.5730.13
Filesystem type : NTFS
Cleanning Stage done in normal mode
!! Results will not be optimised !!
*** Searching, making backups and deleting files ***
No Files entered !!
*** Deleting folders in "C:\WINDOWS" ***
*** Deleting folders in "C:\Archivos de programa" ***
*** Deleting folders in "c:\docume~1\alluse~1\datosd~1" ***
*** Deleting folders in "c:\docume~1\alluse~1\menini~1\progra~1" ***
*** Deleting folders in "C:\Documents and Settings\Compaq_Propietario\datosd~1" ***
*** Deleting folders in "C:\DOCUME~1\ADMINI~1\datosd~1" ***
*** Deleting folders in "C:\DOCUME~1\ADMINI~1.EAB\datosd~1" ***
*** Deleting folders in "C:\DOCUME~1\BEGOA~1\datosd~1" ***
*** Deleting folders in "C:\DOCUME~1\Eduardo\datosd~1" ***
*** Deleting folders in "C:\Documents and Settings\Compaq_Propietario\config~1\datosd~1" ***
*** Deleting folders in "C:\DOCUME~1\ADMINI~1\config~1\datosd~1" ***
*** Deleting folders in "C:\DOCUME~1\ADMINI~1.EAB\config~1\datosd~1" ***
*** Deleting folders in "C:\DOCUME~1\BEGOA~1\config~1\datosd~1" ***
*** Deleting folders in "C:\DOCUME~1\Eduardo\config~1\datosd~1" ***
*** Deleting folders in "C:\Documents and Settings\Compaq_Propietario\menini~1\progra~1" ***
*** Deleting folders in "C:\DOCUME~1\ADMINI~1\menini~1\progra~1" ***
*** Deleting folders in "C:\DOCUME~1\ADMINI~1.EAB\menini~1\progra~1" ***
*** Deleting folders in "C:\DOCUME~1\BEGOA~1\menini~1\progra~1" ***
*** Deleting folders in "C:\DOCUME~1\Eduardo\menini~1\progra~1" ***
*** Deleting files ***
*** Deleting temporary files ***
Cleaning of C:\WINDOWS\Temp done !
Cleaning of C:\Documents and Settings\Compaq_Propietario\config~1\Temp done !
*** Complementary Search ***
(Search specific files)
1)Deletion with backups new Instant Access files:
2)Heuristic search and deletion with backups :
* In "C:\WINDOWS\system32" *
* In "C:\Documents and Settings\Compaq_Propietario\config~1\datosd~1" *
* In "C:\DOCUME~1\ADMINI~1\config~1\datosd~1" *
* In "C:\DOCUME~1\ADMINI~1.EAB\config~1\datosd~1" *
* In "C:\DOCUME~1\BEGOA~1\config~1\datosd~1" *
* In "C:\DOCUME~1\Eduardo\config~1\datosd~1" *
*** Copy Registry to Safebackup folder ***
Backing up Registry done !
*** Cleaning Registry ***
Registry cleaned
*** Certificates ***
Egroup Certificate not found !
Electronic-Group Certificate not found !
OOO-Favorit Certificate not found !
Sunny-Day-Design-Ltd Certificate not found !
Angel Doze
16/05/08, 15:15:39
Hola.
Cuentame como esta la pc ?
salu2!
No han vuelto a salir ninguna ventana, creo que esta solucionado. Muchas gracias
Pero aunque kaspersky y ewido no encuentran nada, panda activescan dice esto:
ANALYSIS: 2008-05-17 23:27:27
PROTECTIONS: 1
MALWARE: 4
SUSPECTS: 0
PROTECTIONS
Description Version Active Updated
Kaspersky Anti-Virus 7.0.1.325 Yes Yes
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
00101555 Application/KillApp.B HackTools No 0 Yes No C:\hp\bin\KillIt.exe
00139535 Application/Processor HackTools No 0 Yes No C:\WINDOWS\system32\Process.exe
01262593 Application/NirCmd.A HackTools No 0 Yes No C:\WINDOWS\NirCmd.exe
02384530 Adware/NaviPromo Adware No 1 Yes No C:\qoobox\Quarantine\C\WINDOWS\system32\ubpdlainbj .exe.vir
SUSPECTS
Sent Location s
VULNERABILITIES
Id Severity Description
170904 HIGH MS07-043
Aunque ya te digo que el pc va bien. Gracias, un saludo
Astareth
19/05/08, 04:07:17
Hola a todos ;)
No han vuelto a salir ninguna ventana, creo que esta solucionado. Muchas gracias
Pero aunque kaspersky y ewido no encuentran nada, panda activescan dice esto
Tu reporte no muestra nada de que debas preocuparte , son falsos positivos de combofix y un archivo en la cuarentena de combofix .
Desinstala combofix de esta forma :
Ir a Inicio > Ejecutar Escribir lo siguiente: ComboFix /u como muestra la imagen debajo:
http://www.forospyware.com/images/adv/CF_Cleanup.png Esto activara el desinstalador de ComboFix abriendo su pantalla principal y luego de unos segundos veras ("ComboFix is uninstalled")
Como ya no tienes mas problemas vamos a dar tu tema por solucionado , cualquier cosa aquí estamos ;)
Salu2:adios: