Bienvenido! - Willkommen! - Welcome!

Bitácora Técnica de Tux&Cía., Santa Cruz de la Sierra, BO
Bitácora Central: Tux&Cía.
Bitácora de Información Avanzada: Tux&Cía.-Información
May the source be with you!

Thursday, August 1, 2013

lnk:runner-n

http://www.zonavirus.com/descargas/utilidades-satinfo.asp
password de descarga:  zonavirus
http://www.precisesecurity.com/tools-resources/adware-tools

Adware Tools


Avast! Browser Cleanup – Download and Usage

Avast! Browser Cleanup – Download and Usage

http://www.avast.com/store

Updated: June 3, 2013 Adware Tools 0 Comment
Recent threats for computer user these days are not just limited to viruses, Trojans, spyware, or malware. Adware , toolbars and search redirects are now becoming problems for people. Antivirus program is not sufficient in blocking these kinds of threats due to the fact that it may arrive with some legitimate programs. Almost every free software that is made available for download contains adware that integrates toolbar and search engine into the browser without seeking for user’s approval. More
MalwareBytes Flash Scanner

MalwareBytes Flash Scanner

Updated: June 3, 2013 Adware Tools, HeadLine 0 Comment
Malwarebytes’ Anti-Malware added new flash scanning option which searches for malicious objects in memory and load point locations. Worms and other kinds of flash drive viruses will utilize autorun functions of Windows to spread the infection to other drives connected on target PC. More
Flash Disinfector

Flash Disinfector

Updated: June 11, 2013 Adware Tools
Flash Disinfector is a tool that will automatically remove unwanted files on removable USB drives, flash drives and memory sticks. Typically, computer Worms can enter the computer either when user download compromised files from insecure locations. Worms also spreads on spam email messages that come as attachment or links. More

SmitFraudFix

SmitFraudFix


Updated: June 4, 2013 Adware Tools 18 Comments
SmitFraudFix is a tool created to remove various desktop hijackers, adware and malware installed by Zlob family of Trojans.
Note: This is the legitimate SmiFraudFix Removal Created by SiRi. The rogue program was called SmitFraud Fix Tool created to confuse computer users. More
Logs to assist in cleaning malware
===================
SPECIFIC INFECTIONS LOGS

If you have the hard drive infection and are no longer able to see your files/folders/start menu then do not run any temporary file cleaners but download and run the following programme:

  • Download RogueKiller  and save it on your desktop.

    NOTE: If using IE8 or better Smartscreen Filter will need to be disabled
  • Quit all programs
  • Start RogueKiller.exe.
  • Wait until Prescan has finished ... 
  •     Click on Scan
 

  • Wait for the end of the scan. 
  • The report has been created on the desktop. 
  • Click on the Delete button.
   
  • The report has been created on the desktop.
  • Next click on the ShortcutsFix 
  • The report has been created on the desktop.
Please attach:    All RKreport.txt text files located on your desktop.

If you cannot  Boot the computer

Please print these instruction out so that you know what you are doing

  • Download OTLPENet.exe to your desktop
  • Download Farbar Recovery Scan Tool and save it to a flash drive.
  • Ensure that you have a blank CD in the drive
  • Double click OTLPENet.exe and this will then open imgburn  to burn the file to CD
  • Reboot your system using the boot CD you just created.
Note : If you do not know how to set your computer to boot from CD follow the steps here
  • As the CD needs to detect your hardware and load the operating system, I would recommend a nice cup of tea whilst it loads  :)
  • Your system should now display a Reatogo desktop.
Note : as you are running from CD it is not exactly speedy
  • Insert the flash drive with FRST on it
  • Locate the flash drive and run FSRT
  • The tool will start to run.

  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.
===================
Combofix and Rkill are just for one off use - nothing gets installed. MBAM remains on the system but is not resident i.e it doesn't start at boot up time with Windows.
lnk:runner-b 
forum.avast.com/index.php?topic=85151.0
Download aswMBR.exe ( 1.8mb ) to your desktop.
 Double click the aswMBR.exe to run it  Click the "Scan" button to start scan 
http://forum.avast.com/index.php?topic=85151.0
TDSSKiller put out by Kaspersky:
http://forum.avast.com/index.php?topic=83140.15

http://www.virus-delete.com/es/guides/removal-tips/how-to-remove-lnkrunner-btrj-virus.html 
Guía eficaz para eliminar LNK: Runner-B [Trj] Virus
Paso 1: Vaya al Administrador de tareas con Ctrl + Alt + Delete y detener el proceso.
Paso 2.Trojan Remover LNK: Runner-B [Trj], buscar los archivos relacionados
. %AllUsersProfile% \ Application Data \ %AllUsersProfile% \ Datos de programa \ exe %UserProfile% \ Start Menu \ Programs \ LNK: Runner-B [Trj]
Paso 3.Retire LNK: Runner-B [Trj] registros de Troya:
Software \ Microsoft \ Windows \ CurrentVersion \ Run ". Exe" HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ System "DisableTaskMgr" = '1 ' HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ policies \ system "DisableTaskMgr "= '1 ' HKEY_CURRENT_USER \ Software \ Microsoft \ Internet Explorer \ Download" CheckExeSignatures "=" no "
http://blog.teesupport.com/manual-guide-to-remove-lnkrunner-btrj-virus/http://forum.avast.com/index.php?topic=66667.0

http://es.kioskea.net/forum/affich-483276-virus-con-extension-lnk
Archivos Con Extensión LNK Solucionado 1 son solo accesos directos los archivos y carpetas están ocultos deshabilitar en Herramientas/opciones de carpeta
Ocultar archivos Protegidos del sistema operativo
Ocultar las Extensiones de archivo para tipo sde archivo conocido
allí podrán ver los accesos directos y las carpetas ocultas luego eliminan los accesos directos encontraran los virus allí mismo les recomiendo que tengan instalado el antivirus algunos virus se eliminaran tendrán y los que no tendrán que eliminarlos manualmente las aplicaciones o virus luego las carpetas apareceran ocultas no se pueden cambiar sus atributos en este caso tendrán que utilizar el FPC File Propeties Changer lo pueden descargar de esta dirección y listo archivos recuperados.
Si desean Ayuda mi correo es clientmsn@hotmail.es
descarga el fpc de esta dirección
www.download25.com/install/file-properties-changer.html
--------------
1.- Primero borre todos los archivos contenidos en las siguientes carpetas...
Carpeta Temp
Carpeta Archivos Temporales de Internet
Carpeta Cookies
Carpeta Temp que esta contenida en Carpeta Win
Carpeta Prefetch que tambien esta contenida en Carpeta Win
Quizá algunos archivos no te dejará borrarlos y te dira que estan utilizandose... los podras borrar al llegar al paso 6...
2.- luego hice un escanneo completo con Dr. Web portable desde un USB y elimine lo que encontro.
3.- Luego instale Ad-Aware y lo corrí realizando un análisis completo del sistema activando incluso la casillas que dice buscar entradas de riesgo insignificante y de amenazas poco arriesgadas.... al concluir seleccionas lo que encontro y lo mandas a cuarentena...posteriormente entras a cuarentena y las elemine...
4 este paso casi va de la mano con el anterior porque al correr el Ad-Aware... aparecen virus que curiosamente el Antivirus no habia detectado por si solo.... y en mi caso tengo instalado el NOD32 pero haciendo el mismo procediemiento en otro equipo con Kaspersky resulto en lo mismo... aparecerán virus que tendras que ir eliminando o mandando a cuarentena para luego eliminar manualmente.....
5 Desactive Restaurar Sistema y reinicie para luego entrar a modo a prueba de fallos pulsando la tecla F8 repetidamente despues de que aparecen los textos de inicio...
6.- Repetí los pasos 1,2, 3 (obvio sin la instalación) y nuevamente elimine lo encontrado
7.- Reinicie el equipo y entre en modo normal
8.- Instale el CCleaner y le di una limpieza al registro
9.- Reinicie el equipo e instale el RegUnlocker.... este es la clave para arreglar lo que te sucede...pero no podiamos llegar a este paso sin eliminar todo aquello que hace los cambios fastidiosos...
en Reparar activas Repara la visualización de extensiones de archivo...y le das aplicar...
RegUnlocker es una aplicación que elimina las restricciones de los sistemas Windows serie NT, y repara los daños comunmente provocados por malwares. Pero hay que tener cuidado al usarlo...
Reinicias y listo.
lnk:runner-n
http://foros.zonavirus.com/viewtopic.php?f=6&t=33786 
parece tratarse de este RAMNIT:
http://www.precisesecurity.com/files-process/2010/11/16/watermark-exe/
WaterMark.exe
Executable file "WaterMark.exe" was identified as a threats.
Overall Risk Level:
Submitted on: 16 November 2010
Related to: W32.Ramnit.B
Classification: Trojan
File Directory:
%ProgramFiles%\Microsoft\
Startup Type:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\”Userinit” = “%system%\userinit.exe,,c%ProgramFiles%\microsoft\watermark.exe”

Help protect your computer from fake "WaterMark.exe" pop-up alert:
- Make firewall active.
- Always update operating system, internet browser and anti-virus programs.
- Install a separate anti-malware program aside from present anti-virus application if it is not included.
- Be cautious when clicking links. It can point your browser to download threats or visit malicious web site.

Posted by at
Labels:

1 comment:

Blogger said...

Did you know that you can generate dollars by locking selected pages of your blog or site?
Simply join CPALead and embed their content locking tool.

22 September, 2016

Post a Comment

Subscribe to: Post Comments (Atom)