Bueno les cuento, lo que le pasa a mi pc es que se instalo algo extraño, cuando entro a windows me aparecen 4 ventanitas que dicen algo asi com Unregitstraded version y un pagina de internet abajito donde supuestamente solucionaria, bueno estos se llama SERVER.EXE y no se lo que es.
Otra cosa es que desde hace poco al entrar a Internet explorer las paginas no se cargan, es decir aparece un mesaje error en la pagina o pagina no encontrada.
eso ojala me puedan ayudar porfavor!!
Astareth
27/07/06, 20:55:51
Hola jal0ux:
Sigue los primeros 9 pasos de Los 11 Pasos fundamentales de una buena eliminación (http://www.forospyware.com/t8.html)(los scan del paso 7 realizalos con Ewido y Kaspersky)
Pega aquí el reporte que te genere Kaspersky
También pega una captura de las ventanas que te salen , aquí (http://www.forospyware.com/t6616.html) se te dice como.
Nos cuentas como te fue...:adios:
1.Por el momento ya no aparece, puesto que lo elimine( a lo mejor hice mal)pero lo elimine de System32 y ya no aparece aparte que lo eliminé del PANEL DE CONTROL/Software explorer.
2.le he pasado kaspersky y encontro esto:
C:\Documents and Settings\All Users\Application Data\McAfee\SpamKiller\Logs\Filtering.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Support\WDLog-07082006-210739.log Object is locked skipped
C:\Documents and Settings\ANDY\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\ANDY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\ANDY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\ANDY\Local Settings\Application Data\Microsoft\Windows Defender\FileTracker\{1A3EC232-5DE3-4C26-AABE-D32C73DCDBCF} Object is locked skipped
C:\Documents and Settings\ANDY\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\ANDY\Local Settings\History\History.IE5\MSHist012006072720060 728\index.dat Object is locked skipped
C:\Documents and Settings\ANDY\Local Settings\Temp\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\ANDY\Local Settings\Temp\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\ANDY\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\ANDY\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\ANDY\My Documents\Mis archivos recibidos\karol\foto.jpg.zip/foto.jpg.exe Infected: Backdoor.Win32.Bifrose.la skipped
C:\Documents and Settings\ANDY\My Documents\Mis archivos recibidos\karol\foto.jpg.zip ZIP: infected - 1 skipped
C:\Documents and Settings\ANDY\My Documents\WarezP2P.exe Infected: not-a-virus:Downloader.Win32.Agent.h skipped
C:\Documents and Settings\ANDY\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\ANDY\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{197427AE-0FDF-4946-8296-3962DBC58F01}\RP220\A0028004.exe Infected: Backdoor.Win32.Bifrose.la skipped
C:\System Volume Information\_restore{197427AE-0FDF-4946-8296-3962DBC58F01}\RP227\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\ModemLog_Lucent Win Modem.txt Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{530248 85-DACD-40C9-AD24-04A080F0C570}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.lo g Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\SYSTEM32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\SYSTEM32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\SYSTEM32\CnxDslWz.log Object is locked skipped
C:\WINDOWS\SYSTEM32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\config\default Object is locked skipped
C:\WINDOWS\SYSTEM32\config\default.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\config\Media Ce.evt Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SAM Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SECURITY Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\config\software Object is locked skipped
C:\WINDOWS\SYSTEM32\config\software.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\config\system Object is locked skipped
C:\WINDOWS\SYSTEM32\config\system.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\h323log.txt Object is locked skipped
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\MAPPING1.MA P Object is locked skipped
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\MAPPING2.MA P Object is locked skipped
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\OBJECTS.DAT A Object is locked skipped
C:\WINDOWS\SYSTEM32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
y EWIDO Online:
_________________________________________________
ewido anti-spyware online scanner
http://www.ewido.net
__________________________________________________
Name: TrackingCookie.2o7
Path: C:\Documents and Settings\ANDY\Local Settings\Temp\Cookies\andy@2o7[2].txt
Risk: Medium
Name: TrackingCookie.Yieldmanager
Path: C:\Documents and Settings\ANDY\Local Settings\Temp\Cookies\andy@ad.yieldmanager[1].txt
Risk: Medium
Name: TrackingCookie.Pointroll
Path: C:\Documents and Settings\ANDY\Local Settings\Temp\Cookies\andy@ads.pointroll[1].txt
Risk: Medium
Name: TrackingCookie.Atdmt
Path: C:\Documents and Settings\ANDY\Local Settings\Temp\Cookies\andy@atdmt[2].txt
Risk: Medium
Name: TrackingCookie.Doubleclick
Path: C:\Documents and Settings\ANDY\Local Settings\Temp\Cookies\andy@doubleclick[2].txt
Risk: Medium
Name: TrackingCookie.Hitbox
Path: C:\Documents and Settings\ANDY\Local Settings\Temp\Cookies\andy@ehg-terra.hitbox[1].txt
Risk: Medium
Name: TrackingCookie.Hitbox
Path: C:\Documents and Settings\ANDY\Local Settings\Temp\Cookies\andy@hitbox[2].txt
Risk: Medium
Name: TrackingCookie.2o7
Path: C:\Documents and Settings\ANDY\Local Settings\Temp\Cookies\andy@snapfish.112.2o7[1].txt
Risk: Medium
Name: TrackingCookie.Onestat
Path: C:\Documents and Settings\ANDY\Local Settings\Temp\Cookies\andy@stat.onestat[2].txt
Risk: Medium
Name: TrackingCookie.Tacoda
Path: C:\Documents and Settings\ANDY\Local Settings\Temp\Cookies\andy@tacoda[2].txt
Risk: Medium
Name: TrackingCookie.Tradedoubler
Path: C:\Documents and Settings\ANDY\Local Settings\Temp\Cookies\andy@tradedoubler[1].txt
Risk: Medium
Name: TrackingCookie.Tribalfusion
Path: C:\Documents and Settings\ANDY\Local Settings\Temp\Cookies\andy@tribalfusion[1].txt
Risk: Medium
Name: TrackingCookie.Weborama
Path: C:\Documents and Settings\ANDY\Local Settings\Temp\Cookies\andy@weborama[1].txt
Risk: Medium
Name: TrackingCookie.Smartadserver
Path: C:\Documents and Settings\ANDY\Local Settings\Temp\Cookies\andy@www.smartadserver[1].txt
Risk: Medium
Name: Downloader.Small
Path: C:\RECYCLER\S-1-5-21-14554460-2831480239-3783864085-1004\Dc72.exe
Risk: High
3. Nunca supe por qué Internet explorer en un momento no me enviaba a las webs(**algo super fijon de mi parte:al momento de ingresar a IE aparece un relojito de arena rojo al costado inferior izquerdo, bueno eso no salia cuando tenia IE malo solo salia ese ''e'' clasica dentro de una carpeta , cargaba un poco y enviaba error en la pagina**)esto solo pasaba el IE ya que en mi programa p2p funcionaba de manera normal.
esop gracias!!:biggrin:
si me das chance "Astareth", por fis? :biggrin:
bueno hola "jal0ux", realiza lo siguiente:
:1: apaga restuarar el sistema (http://www.forospyware.com/45-post2.html)
:2: ver archivos ocultos (http://www.forospyware.com/46-post3.html)
:3: reinicia en modo a prueba de fallos (http://www.forospyware.com/47-post4.html)
:4: desinstala el warezp2p y elimina su dicha carpeta ya que agrega spyware (leer esta lista para mas info.) (http://www.forospyware.com/t7.html) luego busca y elimina lo siguiente:
C:\Documents and Settings\ANDY\My Documents\Mis archivos recibidos\karol\foto.jpg.zip
C:\Documents and Settings\ANDY\My Documents\WarezP2P.exe
si no se dejan utiliza killbox (http://www.forospyware.com/49-post6.html)
:5: pasa el disk cleaner (http://www.forospyware.com/attachments/forum14/278-diskcleaner_1.5.7.exe?d=1139350886) para limpiar cookies y temporales
:6: utiliza el regseeker+manual (http://www.forospyware.com/showthread.php?t=713) para limpiar el registro
:7: deshaz el paso uno y reinicia en modo normal, luego vuelve a escanera tu computadora con el ewido y el kaspersky online y peganos el reporte que el kaspersky te genere...
salu2