acuaman00
14/08/06, 04:41:50
hola soy nuevo y para variar tengo problemas con el norton internet security y unos virus q no se dejan, el priemero es q llevo desintalado e lnorton como 25 veces y nada simpre me caduca al siguiete dia y lo peor es q la ultima vez me dio 2547 dias de suscripcion y al siguinte dia me deice q el tiempo de prueba a expirado, me ilusione jaja, y lo de los virus he corrido el adware y me encuentra como 57 archios al borrar se traba, quise borrar el tclock pero no se deja no recuerdo cuando se instalo ni que hace pero aparte de cambiar de color el reloj lo atraso no lopueod quitar probe el ewido y esto me sale ojala me puedan ayudar gracias ::Help:: ::Help::
__________________________________________________
ewido anti-spyware online scanner
http://www.ewido.net
__________________________________________________
Name: TrackingCookie.Yieldmanager
Path: C:\Documents and Settings\EArquitectoS\Cookies\earquitectos@ad.yiel dmanager[1].txt
Risk: Medium
Name: TrackingCookie.Atdmt
Path: C:\Documents and Settings\EArquitectoS\Cookies\earquitectos@atdmt[2].txt
Risk: Medium
Name: TrackingCookie.Com
Path: C:\Documents and Settings\EArquitectoS\Cookies\earquitectos@com[1].txt
Risk: Medium
Name: TrackingCookie.Doubleclick
Path: C:\Documents and Settings\EArquitectoS\Cookies\earquitectos@doublec lick[1].txt
Risk: Medium
Name: TrackingCookie.2o7
Path: C:\Documents and Settings\EArquitectoS\Cookies\earquitectos@microso ftwga.112.2o7[1].txt
Risk: Medium
Name: TrackingCookie.2o7
Path: C:\Documents and Settings\EArquitectoS\Cookies\earquitectos@msnport al.112.2o7[1].txt
Risk: Medium
Name: TrackingCookie.Overture
Path: C:\Documents and Settings\EArquitectoS\Cookies\earquitectos@overtur e[1].txt
Risk: Medium
Name: TrackingCookie.Zedo
Path: C:\Documents and Settings\EArquitectoS\Cookies\earquitectos@zedo[1].txt
Risk: Medium
Name: Not-A-Virus.Hacktool.EvID
Path: C:\Documents and Settings\EArquitectoS\Configuración local\Datos de programa\Mozilla\Firefox\Profiles\cqbynxt2.default \Cache(2)\B82198D7d01/EvID4226Patch.exe
Risk: Low
Name: TrackingCookie.Doubleclick
Path: :mozilla.10:C:\Documents and Settings\EArquitectoS\Datos de programa\Mozilla\Firefox\Profiles\cqbynxt2.default \cookies.txt
Risk: Medium
Name: TrackingCookie.Yadro
Path: :mozilla.40:C:\Documents and Settings\EArquitectoS\Datos de programa\Mozilla\Firefox\Profiles\cqbynxt2.default \cookies.txt
Risk: Medium
Name: TrackingCookie.Yieldmanager
Path: :mozilla.41:C:\Documents and Settings\EArquitectoS\Datos de programa\Mozilla\Firefox\Profiles\cqbynxt2.default \cookies.txt
Risk: Medium
Name: TrackingCookie.Yieldmanager
Path: :mozilla.42:C:\Documents and Settings\EArquitectoS\Datos de programa\Mozilla\Firefox\Profiles\cqbynxt2.default \cookies.txt
Risk: Medium
Name: TrackingCookie.Yieldmanager
Path: :mozilla.43:C:\Documents and Settings\EArquitectoS\Datos de programa\Mozilla\Firefox\Profiles\cqbynxt2.default \cookies.txt
Risk: Medium
Name: TrackingCookie.Yieldmanager
Path: :mozilla.44:C:\Documents and Settings\EArquitectoS\Datos de programa\Mozilla\Firefox\Profiles\cqbynxt2.default \cookies.txt
Risk: Medium
Name: TrackingCookie.Yieldmanager
Path: :mozilla.45:C:\Documents and Settings\EArquitectoS\Datos de programa\Mozilla\Firefox\Profiles\cqbynxt2.default \cookies.txt
Risk: Medium
Name: TrackingCookie.2o7
Path: :mozilla.46:C:\Documents and Settings\EArquitectoS\Datos de programa\Mozilla\Firefox\Profiles\cqbynxt2.default \cookies.txt
Risk: Medium
Name: TrackingCookie.Falkag
Path: :mozilla.51:C:\Documents and Settings\EArquitectoS\Datos de programa\Mozilla\Firefox\Profiles\cqbynxt2.default \cookies.txt
Risk: Medium
Name: TrackingCookie.Atdmt
Path: :mozilla.56:C:\Documents and Settings\EArquitectoS\Datos de programa\Mozilla\Firefox\Profiles\cqbynxt2.default \cookies.txt
Risk: Medium
Name: TrackingCookie.Hitbox
Path: :mozilla.94:C:\Documents and Settings\EArquitectoS\Datos de programa\Mozilla\Firefox\Profiles\cqbynxt2.default \cookies.txt
Risk: Medium
Name: TrackingCookie.Hitbox
Path: :mozilla.95:C:\Documents and Settings\EArquitectoS\Datos de programa\Mozilla\Firefox\Profiles\cqbynxt2.default \cookies.txt
Risk: Medium
Name: Not-A-Virus.Hacktool.EvID
Path: C:\Documents and Settings\EArquitectoS\Mis documentos\COSAS\EvID4226Patch223d-en.zip/EvID4226Patch.exe
Risk: Low
Name: Adware.BargainBuddy
Path: C:\Documents and Settings\EArquitectoS\Mis documentos\COSAS\WGA_KB905474_1.5.532.0_May.31.06. exe/wgatray.exe
Risk: Medium
Name: Not-A-Virus.VirTool.Win32.Patcher.a
Path: D:\ACCESORIOS\Vray\VRay_KeyGen_fix-Loader.exe
Risk: Low
Hardrive
14/08/06, 06:19:35
Bienvenido a Forospyware :Bien:
En primer lugar, te recomiendo que desinstales el Norton e instales otro antivirus. Entre los antivirus gratuitos puedes usar el Avast (http://www.avast.com) o el Antivir (http://www.free-av.com), que son los dos muy buenos. Recuerda que luego instalarlos debes actualizarlos.
Una vez dicho esto, procedamos con la limpieza. Hace lo siguiente:
:1: - Entra en Modo Seguro (http://www.forospyware.com/47-post4.html) (Modo a Prueba de Fallos).
:2: - Activa la opcion ver archivos ocultos (http://www.forospyware.com/46-post3.html).
:3: - Borra los siguientes archivos:
C:\Documents and Settings\EArquitectoS\Configuración local\Datos de programa\Mozilla\Firefox\Profiles\cqbynxt2.default \Cache(2)\B82198D7d01
C:\Documents and Settings\EArquitectoS\Mis documentos\COSAS\EvID4226Patch223d-en.zip
C:\Documents and Settings\EArquitectoS\Mis documentos\COSAS\WGA_KB905474_1.5.532.0_May.31.06. exe
D:\ACCESORIOS\Vray\VRay_KeyGen_fix-Loader.exe
NOTA: si no se dejan borrar normalmente, usa el programa KillBox (http://www.forospyware.com/49-post6.html).
:4: - Escanea con:
Tu antivirus actualizado (todos tus discos locales).
Spybot S&D (http://www.spybot.com/es/mirrors/index.html) actualizado (opcion "Analizar problemas").
Ad-aware (http://www.lavasoft.com/software/adaware/) actualizado (Escaneo completo).
:5: - No salgas del modo seguro. Has lo siguiente en cada cuenta de usuario:
Cierra todas las ventanas.
Pasa el CCleaner (http://download.ccleaner.com/ccsetup131.exe).
Limpia el registro con RegSeeker (http://www.forospyware.com/t713.html) (opcion limpiar registro).
:6: - Inicia en Modo Normal y deshace el paso :2:.
:7: - Escanea con:
Ewido On-Line (http://www.ewido.net/en/onlinescan/).
Kaspersky On-Line (http://www.kaspersky.com/virusscanner) ==> nos pegas el reporte.
Nos cuentas.
salu2 :adios:
acuaman00
17/08/06, 00:20:14
hola muchas gracias empesare a limpiar pero tengo una duda, es necesario borrar el vray? esq es un plug in para 3d max y si lo uso, es totalmente nesesario? con todo lo demas no tengo problema muchas gracias :biggrin:
Hardrive
17/08/06, 11:14:28
Si quieres no lo elimines, el Ewido no lo muestra como virus, si no como herramienta sospechosa:
Name: Not-A-Virus.VirTool.Win32.Patcher.a
Path: D:\ACCESORIOS\Vray\VRay_KeyGen_fix-Loader.exe
Risk: Low
Sigue con los demas pasos.
salu2 :adios:
acuaman00
21/08/06, 04:39:43
hola, ya acabe desintale el norton instale mcafee y hice lo q me indicas y por ultimo me fui a la pagina de kaspersky y me salio esto aver q opinas yo no ytengo ni la menor idea gracias :Bien:
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Monday, August 21, 2006 3:20:08 AM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 21/08/2006
Kaspersky Anti-Virus database records: 203890
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: standard
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\
Scan Statistics:
Total number of scanned objects: 57996
Number of viruses found: 7
Number of infected objects: 20 / 0
Number of suspicious objects: 0
Duration of the scan process: 01:02:19
Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Datos de programa\McAfee\SpamKiller\Logs\Filtering.log Object is locked skipped
C:\Documents and Settings\All Users\Datos de programa\McAfee.com\Agent\Logs\TaskScheduler\McTsk shd001.log Object is locked skipped
C:\Documents and Settings\All Users\Datos de programa\McAfee.com\VSO\OASLogs\OAS.log Object is locked skipped
C:\Documents and Settings\All Users\Datos de programa\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Datos de programa\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\EArquitectoS\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\EArquitectoS\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\EArquitectoS\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\EArquitectoS\Configuración local\Datos de programa\Mozilla\Firefox\Profiles\cqbynxt2.default \Cache\_CACHE_001_ Object is locked skipped
C:\Documents and Settings\EArquitectoS\Configuración local\Datos de programa\Mozilla\Firefox\Profiles\cqbynxt2.default \Cache\_CACHE_002_ Object is locked skipped
C:\Documents and Settings\EArquitectoS\Configuración local\Datos de programa\Mozilla\Firefox\Profiles\cqbynxt2.default \Cache\_CACHE_003_ Object is locked skipped
C:\Documents and Settings\EArquitectoS\Configuración local\Datos de programa\Mozilla\Firefox\Profiles\cqbynxt2.default \Cache\_CACHE_MAP_ Object is locked skipped
C:\Documents and Settings\EArquitectoS\Configuración local\Historial\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\EArquitectoS\Configuración local\Historial\History.IE5\MSHist0120060821200608 22\index.dat Object is locked skipped
C:\Documents and Settings\EArquitectoS\Configuración local\Temp\Perflib_Perfdata_a3c.dat Object is locked skipped
C:\Documents and Settings\EArquitectoS\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\EArquitectoS\Datos de programa\Mozilla\Firefox\Profiles\cqbynxt2.default \cert8.db Object is locked skipped
C:\Documents and Settings\EArquitectoS\Datos de programa\Mozilla\Firefox\Profiles\cqbynxt2.default \formhistory.dat Object is locked skipped
C:\Documents and Settings\EArquitectoS\Datos de programa\Mozilla\Firefox\Profiles\cqbynxt2.default \googlesafebrowsing.db Object is locked skipped
C:\Documents and Settings\EArquitectoS\Datos de programa\Mozilla\Firefox\Profiles\cqbynxt2.default \history.dat Object is locked skipped
C:\Documents and Settings\EArquitectoS\Datos de programa\Mozilla\Firefox\Profiles\cqbynxt2.default \key3.db Object is locked skipped
C:\Documents and Settings\EArquitectoS\Datos de programa\Mozilla\Firefox\Profiles\cqbynxt2.default \parent.lock Object is locked skipped
C:\Documents and Settings\EArquitectoS\ntuser.dat Object is locked skipped
C:\Documents and Settings\EArquitectoS\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Archivos temporales de Internet\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Configuración local\Historial\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\sti.log Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{7103AEB7-2A06-4A76-989F-722F61C61D03}\RP122\A0074629.exe Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\System Volume Information\_restore{7103AEB7-2A06-4A76-989F-722F61C61D03}\RP122\A0074630.exe Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\System Volume Information\_restore{7103AEB7-2A06-4A76-989F-722F61C61D03}\RP122\A0074634.exe Infected: Trojan-Downloader.Win32.Obfuscated.a skipped
C:\System Volume Information\_restore{7103AEB7-2A06-4A76-989F-722F61C61D03}\RP122\A0074635.exe Infected: Trojan-Downloader.Win32.Obfuscated.a skipped
C:\System Volume Information\_restore{7103AEB7-2A06-4A76-989F-722F61C61D03}\RP122\A0074636.exe/data0006 Infected: Trojan-Dropper.Win32.VB.nn skipped
C:\System Volume Information\_restore{7103AEB7-2A06-4A76-989F-722F61C61D03}\RP122\A0074636.exe NSIS: infected - 1 skipped
C:\System Volume Information\_restore{7103AEB7-2A06-4A76-989F-722F61C61D03}\RP122\A0074636.exe CryptFF: infected - 1 skipped
C:\System Volume Information\_restore{7103AEB7-2A06-4A76-989F-722F61C61D03}\RP122\A0074637.exe Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\System Volume Information\_restore{7103AEB7-2A06-4A76-989F-722F61C61D03}\RP122\A0074638.exe Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\System Volume Information\_restore{7103AEB7-2A06-4A76-989F-722F61C61D03}\RP122\A0074639.exe Infected: Packed.Win32.Klone.g skipped
C:\System Volume Information\_restore{7103AEB7-2A06-4A76-989F-722F61C61D03}\RP122\A0074640.exe Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\System Volume Information\_restore{7103AEB7-2A06-4A76-989F-722F61C61D03}\RP122\A0074642.dll Infected: Packed.Win32.Klone.g skipped
C:\System Volume Information\_restore{7103AEB7-2A06-4A76-989F-722F61C61D03}\RP122\A0074643.exe Infected: Trojan-Downloader.Win32.PurityScan.cu skipped
C:\System Volume Information\_restore{7103AEB7-2A06-4A76-989F-722F61C61D03}\RP122\A0074644.exe Infected: Trojan.Win32.Dialer.qs skipped
C:\System Volume Information\_restore{7103AEB7-2A06-4A76-989F-722F61C61D03}\RP122\A0074645.exe Infected: Trojan-Downloader.Win32.Obfuscated.a skipped
C:\System Volume Information\_restore{7103AEB7-2A06-4A76-989F-722F61C61D03}\RP122\A0074646.exe Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\System Volume Information\_restore{7103AEB7-2A06-4A76-989F-722F61C61D03}\RP122\A0074647.exe Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\System Volume Information\_restore{7103AEB7-2A06-4A76-989F-722F61C61D03}\RP122\A0074648.exe Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\System Volume Information\_restore{7103AEB7-2A06-4A76-989F-722F61C61D03}\RP122\A0074649.exe Infected: Trojan.Win32.Pakes skipped
C:\System Volume Information\_restore{7103AEB7-2A06-4A76-989F-722F61C61D03}\RP122\A0074650.exe Infected: Trojan.Win32.Pakes skipped
C:\System Volume Information\_restore{7103AEB7-2A06-4A76-989F-722F61C61D03}\RP124\A0076857.exe Object is locked skipped
C:\System Volume Information\_restore{7103AEB7-2A06-4A76-989F-722F61C61D03}\RP124\A0076862.exe Object is locked skipped
C:\System Volume Information\_restore{7103AEB7-2A06-4A76-989F-722F61C61D03}\RP125\A0076949.exe Object is locked skipped
C:\System Volume Information\_restore{7103AEB7-2A06-4A76-989F-722F61C61D03}\RP127\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.lo g Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MA P Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MA P Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DAT A Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Tasks\SCHEDLGU.TXT Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
D:\03ACCESORIOS\Vray\VRay_KeyGen_fix-Loader.exe Object is locked skipped
D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
D:\System Volume Information\_restore{7103AEB7-2A06-4A76-989F-722F61C61D03}\RP127\change.log Object is locked skipped
Scan process completed.
holass, realiza lo siguiente:
descarga estas herramientas, pero no las ejecutes aun:
-spy sweeper (http://www.webroot.com/consumer/products/spysweeper/index.html?acode=af1&rc=1737)
-ad-aware (ftp://ftp.download.com/pub/windows/aawsepersonal.exe)
-regseeker+manual (http://www.forospyware.com/showthread.php?t=713)
-disk cleaner (http://www.forospyware.com/attachments/forum14/278-diskcleaner_1.5.7.exe?d=1139350886)
:1: apaga restaurar el sistema (http://www.forospyware.com/45-post2.html)
:2: reinicia en modo a prueba de fallos (http://www.forospyware.com/47-post4.html) con funciones a red
:3: escanea con el ad-aware , el spy sweeper actualizados y el trend micro online (http://www.forospyware.com/foro-de-virus-y-spywares/aviso-7.html)
:4: pasa el disk cleaner para limpiar cookies y temporales
:5: pasa el regseeker para limpiar el registro
:6: reinicia en modo normal y repite el paso 3 (a excepcion de escanear con el antivirus online, el trend micro) y el paso 5
:7: escanea tu pc con el ewido y el kaspersky online (http://www.forospyware.com/foro-de-virus-y-spywares/aviso-7.html), en ese orden, y peganos el reporte del kaspersky y de lo que el ewido no te elimine, admeas cuentanos lo del norton y como sigue tu pc
salu2 :Bien: