SEGURIDAD INFORMATICA, Firewall, parches, vacunas, antivirus, anti troyanos, spyware etc > Seguridad Informatica - Firewall - Virus - Troyanos - Spyware - Ad Aware - Malware
W32.Myzor.FK@yf
pintin:
hola gracias otra vez el sonido ya anda bien, el archivo para eliminar no lo encontre y este es el informe del ElistarA, muchas gracias
Mon Sep 11 19:22:32 2006
EliStartPage v12.31 (c)2006 S.G.H. / Satinfo S.L.
--------------------------------------------------
Lista de Acciones (por Acción Directa):
Por favor, envienos una muestra del fichero
C:\Muestras\ISNOTIFY.EXE.Muestra EliStartPage v12.31
a "[email protected]". Gracias.
C:\WINDOWS\SYSTEM32\ISNOTIFY.EXE --> Acceso Denegado.
C:\WINDOWS\SYSTEM32\ISHOST.EXE --> Eliminado Puper
Por favor, envienos una muestra del fichero
C:\Muestras\ISMINI.EXE.Muestra EliStartPage v12.31
a "[email protected]". Gracias.
C:\WINDOWS\SYSTEM32\ISMINI.EXE --> Eliminado
C:\WINDOWS\SYSTEM32\ISSEARCH.EXE --> Eliminado Puper
Por favor, envienos una muestra del fichero
C:\Muestras\IXT0.DLL.Muestra EliStartPage v12.31
a "[email protected]". Gracias.
C:\WINDOWS\SYSTEM32\IXT0.DLL --> Eliminado
C:\WINDOWS\SYSTEM32\OT.ICO --> Eliminado (Fichero Complementario).
C:\Documents and Settings\PC\Datos de programa\Install.dat --> Eliminado (Fichero Complementario).
C:\WINDOWS\SYSTEM32\ts.ico --> Eliminado (Fichero Complementario).
Eliminada Class, "{052B12F7-86FA-4921-8482-26C42316B522}" -> C:\Archivos de programa\Safety Bar\SafetyBar.dll
Eliminada Carpeta "%WinSys%\LogFiles"
No detectado Parche MS04-011 de Microsoft instalado. (LSASS)
No detectado Parche MS04-012 de Microsoft instalado. (RPC)
No detectado Parche MS06-001 de Microsoft instalado. (WMF)
No detectado Parche MS06-040 de Microsoft instalado. (SServidor)
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
Mon Sep 11 19:43:22 2006
EliStartPage v12.31 (c)2006 S.G.H. / Satinfo S.L.
--------------------------------------------------
Lista de Acciones (por Acción Directa):
Linea Eliminada del HOSTS --> 127.0.0.1 2005-search.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 600pics.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 a1.interclick.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 absolutepics.net # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 ad.yieldmanager.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 all-tgp.org # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 all-websearch.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 apps.deskwizz.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 awmdabest.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 b.casalemedia.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 bailefunk.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 best4all.net # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 besthardcore.net # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 bn.i-ru.net # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 bundleware.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 campaigns.interclick.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 code.jcash.biz # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 content.dollarrevenue.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 content.exetraffic.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 coolwebsearch.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 cumhereteens.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 dedmazai.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 download.abetterinternet.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 faccesborrate.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 flavinha.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 fullbizzone.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 game4all.biz # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 granjerascachondas.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 heretofind.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 hqthumbz.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 it.online-more.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 lust-mature.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 mikos.paraisoasiatico.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 more-pages.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 msmn.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 musah.info # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 newsh.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 nude-teen-bodies.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 onlyhotlinks.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 on-search.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 picshunter.us # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 picslab.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 redirect.msupdate.net # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 rogalik.net # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 search4www.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 searchforit.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 searchx.cc # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 sex-pics.biz # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 sp2admin.biz # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 surubanet.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 teen-biz.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 teen-fantazi.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 teenygirlshome.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 traffbest.biz # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 traffbucks.biz # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 traffmoney.biz # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 ukstories.net # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 ultra-search.biz # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 vivisexy.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 wearehosters.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 www.0websearch.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 www.600pics.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 www.all-tgp.org # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 www.all-websearch.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 www.bailefunk.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 www.best4all.net # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 www.besthardcore.net # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 www.bundleware.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 www.coolwebsearch.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 www.dedmazai.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 www.flavinha.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 www.granjerascachondas.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 www.heretofind.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 www.hqthumbz.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 www.lust-mature.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 www.mikos.paraisoasiatico.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 www.more-pages.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 www.msmn.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 www.newsh.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 www.nude-teens-bodies.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 www.onlyhotlinks.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 www.on-search.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 www.picshunter.us # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 www.picslab.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 www.procounter.biz # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 www.search4www.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 www.searchforit.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 www.searchx.cc # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 www.sex-pics.biz # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 www.sp2admin.biz # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 www.surubanet.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 www.teen-biz.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 www.teen-fantazi.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 www.teenygirlshome.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 www.traff4ppc.biz # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 www.vivisexy.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 www.wearehosters.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 www.ysbweb.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 www.zgallery.us # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 www.zonebest.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 yhvoo.eseconsult.info # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 ysbweb.com # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 zgallery.us # ***Inserted By STOPzilla***
Linea Eliminada del HOSTS --> 127.0.0.1 zonebest.com # ***Inserted By STOPzilla***
No detectado Parche MS04-011 de Microsoft instalado. (LSASS)
No detectado Parche MS04-012 de Microsoft instalado. (RPC)
No detectado Parche MS06-001 de Microsoft instalado. (WMF)
No detectado Parche MS06-040 de Microsoft instalado. (SServidor)
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE
Mon Sep 11 19:45:04 2006
EliStartPage v12.31 (c)2006 S.G.H. / Satinfo S.L.
--------------------------------------------------
Lista de Acciones (por Exploración):
C:\Archivos de programa\Malware-Wipe\MALWARE-WIPE.EXE --> Eliminado, SpywareQuake (antispy)
C:\Archivos de programa\Yahoo!\Companion\Installs\cpn0\PUBMOD.DLL --> Eliminado, Puper (BHO)
C:\Documents and Settings\All Users\Datos de programa\Kaspersky Anti-Virus Personal\5.0\Bases\Patches\PATCH_PERS_5.0.388_390_TO_5.0.391.EXE --> AutoExtraible
Por favor, envienos una muestra del fichero
C:\Muestras\MW_INSTALL.EXE.Muestra EliStartPage v12.31
a "[email protected]". Gracias.
C:\Documents and Settings\PC\Mis documentos\instaladores\MW_INSTALL.EXE --> Eliminado, Nombre Vírico
C:\Documents and Settings\PC\Mis documentos\instaladores\SETUP.EXE --> AutoExtraible
171278:
Debes de instalar estos parches de seguridad:
MS04-011 de Microsoft -
MS04-012 de Microsoft -
MS06-001 de Microsoft -
MS06-040 de Microsoft -
Baja este programa:
http://siri.urz.free.fr/Fix/SmitfraudFix.zip
Haz esto:
Desactiva la opcion de Restaurar sistema
Asegura que tu sistema Muestre los Archivos y Carpetas ocultos
Reinicia en Modo Seguro (Desconectate fisicamente de internet)
Extrae todos los archivos al escritorio, una carpeta llamada
SmitfraudFix se creará , la abres haciendo y haces doble clic en smitfraudfix.cmd
Seleccionas la opción #2 – Clean tecleando 2 y dándole a Enter
Te aparecerá :"Registry cleaning - Do you want to clean the registry ?"
Contesta Yes apretando la Y y dándole a Enter
Si te aparece :"Replace infected file ?"
Contesta Yes apretando la Y y dándole a Enter
Ten paciencia mientras el programa trabaja, luego te dará un reporte (log) llamado
rapport.txt el cual se encontrará en la raíz de tu disco duro, lo más común será C: rapport.txt
La pc se reiniciará (si no lo hace reiniciala tu )
Me lo copias y pones en tu próximo post
Un Saludo.
destroyer:
Hola:
Bienvenido al foro pintin. ¿Como llevas el tema?
Un saludo
Navegación
[*] Página Anterior
Ir a la versión completa