Solved: Heeelp please! im infected with oneclicksearches.com and more!

Status
This thread has been Locked and is not open to further replies. The original thread starter may use the Report button to request it be reopened but anyone else with a similar issue should start a New Thread. Watch our Welcome Guide to learn how to use this site.
A

axnseeker

Thread Starter
Joined
Jul 5, 2005
Messages
9
Hello, i just got infected by this really anoying malware (or whatever it is!) I ran f-secure antivirus but i did'nt work at all, i have also run spybot S&D and AD-Aware SE, but nothing works! I found you by searching related topics to oneclicksearch in yahoo and there i read about this site. What should i do now to receive your help?

I cannot acces my hotmail account, i can't use panda online antivirus because im re-directed to oneclicksearces.com and then i receive messages to download antivirus gold 2.0. My desktop changed and there is a message that reads:

WARNING!
YOU'RE IN DANGER!



ALL YOU DO WITH COMPUTER IS STORED FOREVER IN YOUR HARD DISK. WHEN YOU VISIT SITES, SEND EMAILS... ALL YOUR ACTIONS ARE LOGGED. AND IT IS IMPOSSIBLE TO REMOVE THEM WITH STANDARD TOOLS. YOUR DATA IS STILL AVAILABLE FOR FORENSICS. AND IN SOME CASES FOR YOUR BOSS, YOUR FRIENDS, YOUR WIFE, YOUR CHILDREN.

Every site you or somebody or even something, like spyware, opened in your browser, with all images, and all downloaded and maybe later removed movies or mp3 songs - ARE STILL THERE and could broke your life!


SECURE YOURSELF RIGHT NOW!
REMOVE ALL SPYWARE FROM YOUR PC!

Removal instructions


Can you help me please? :(
 
bosshogg151

bosshogg151

Joined
Jan 17, 2004
Messages
553
Please go to http://www.majorgeeks.com/HijackThis_d3155.html

Please note: When you download HijackThis put it in its own permanent folder like My Documents for example. DO NOT download to a temp folder or the desktop.

Launch program and click on the SCAN button. After scan click on “ Save Log “. It should save to Notepad.

Click on Edit, then Select All. Then click Edit again then Copy. Then paste log back here in a reply.

DO NOT have HijackThis fix anything yet. Most of what it shows will be harmless / needed stuff. Wait for an expert to review it and advise you.
 
A

axnseeker

Thread Starter
Joined
Jul 5, 2005
Messages
9
Ok, here it is:

Logfile of HijackThis v1.99.1
Scan saved at 09:36:59 p.m., on 05/07/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Archivos de programa\Archivos comunes\Symantec Shared\ccSetMgr.exe
C:\Archivos de programa\Archivos comunes\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\Archivos de programa\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Archivos de programa\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe
C:\ARCHIV~1\NORTON~1\NORTON~1\NPROTECT.EXE
C:\WINDOWS\system32\pctspk.exe
C:\ARCHIV~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\Archivos de programa\Archivos comunes\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Archivos de programa\Archivos comunes\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\shnlog.exe
C:\WINDOWS\system32\msole32.exe
C:\Archivos de programa\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
C:\Archivos de programa\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe
C:\WINDOWS\system32\intmon.exe
C:\Archivos de programa\Java\jre1.5.0_02\bin\jusched.exe
C:\Archivos de programa\QuickTime\qttask.exe
C:\Archivos de programa\Winamp\winampa.exe
C:\Archivos de programa\Archivos comunes\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Archivos de programa\Microsoft ActiveSync\WCESCOMM.EXE
C:\Archivos de programa\The Weather Channel FW\Desktop Weather\DesktopWeather.exe
C:\WINDOWS\system32\hookdump.exe
C:\Archivos de programa\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Archivos de programa\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Archivos de programa\Yahoo!\Messenger\ymsgr_tray.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\Archivos de programa\Rainlendar\Rainlendar.exe
C:\Archivos de programa\Mozilla Firefox\firefox.exe
C:\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.oneclicksearches.com/search.php?qq=%1
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.oneclicksearches.com/bar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.oneclicksearches.com/search.php?qq=%1
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.oneclicksearches.com/search.php?qq=%1
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.oneclicksearches.com/search.php?qq=%1
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.oneclicksearches.com/search.php?qq=%1
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.oneclicksearches.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
F2 - REG:system.ini: Shell=explorer.exe, msmsgs.exe
O2 - BHO: VMHomepage Class - {FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFA} - C:\WINDOWS\system32\hp14BA.tmp
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Archivos de programa\Norton SystemWorks\Norton AntiVirus\NavShExt.dll (file missing)
O4 - HKLM\..\Run: [ccApp] "C:\Archivos de programa\Archivos comunes\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Archivos de programa\Archivos comunes\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Archivos de programa\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Archivos de programa\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe"
O4 - HKLM\..\Run: [CountrySelection] pctptt.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\ARCHIV~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Archivos de programa\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Archivos de programa\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WinampAgent] C:\Archivos de programa\Winamp\winampa.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Archivos de programa\Archivos comunes\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [RegSvr32] C:\WINDOWS\system32\msmsgs.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Archivos de programa\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Archivos de programa\Yahoo!\Messenger\ypager.exe" -quiet
O4 - HKCU\..\Run: [DW4] "C:\Archivos de programa\The Weather Channel FW\Desktop Weather\DesktopWeather.exe"
O4 - HKCU\..\Run: [Intel system tool] C:\WINDOWS\system32\hookdump.exe
O4 - Startup: Norton Disk Doctor.lnk = C:\Archivos de programa\Norton SystemWorks\Norton Utilities\NDD32.EXE
O4 - Startup: Rainlendar.lnk = C:\Archivos de programa\Rainlendar\Rainlendar.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Archivos de programa\Archivos comunes\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
O4 - Global Startup: Inicio rápido de Adobe Reader.lnk = C:\Archivos de programa\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Software Kodak EasyShare.lnk = C:\Archivos de programa\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Archivos de programa\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Crear un favorito móvil - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Archivos de programa\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Archivos de programa\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Crear un favorito móvil... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Archivos de programa\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARCHIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O12 - Plugin for .htm: C:\Archivos de programa\Netscape\Netscape Browser\PLUGINS\npTrident.dll
O12 - Plugin for .xml: C:\Archivos de programa\Netscape\Netscape Browser\PLUGINS\npTrident.dll
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,84/mcinsctl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1020827120509
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} (F-Secure Online Scanner) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,21/mcgdmgr.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/activedata/SymAData.cab
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Archivos de programa\Archivos comunes\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Archivos de programa\Archivos comunes\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Archivos de programa\Archivos comunes\Symantec Shared\ccSetMgr.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Archivos de programa\Archivos comunes\EPSON\EBAPI\SAgent2.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Archivos de programa\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Archivos de programa\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\ARCHIV~1\NORTON~1\NORTON~1\NPROTECT.EXE
O23 - Service: W2k PCtel speaker phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Archivos de programa\Norton SystemWorks\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\ARCHIV~1\ARCHIV~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Archivos de programa\Archivos comunes\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Archivos de programa\Archivos comunes\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\ARCHIV~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Archivos de programa\Archivos comunes\Symantec Shared\CCPD-LC\symlcsvc.exe
 
Flrman1

Flrman1

Joined
Jul 26, 2002
Messages
46,353
Hi axnseeker

Welcome to TSG! :)

I am attaching a smitRembeta.zip file to this post.
  • Download it and save it to your desktop.
  • Unzip smitRembeta.zip to extract the four files it contains all to the same folder.
  • Do not do anything with it yet. You will run the RunThis.bat file later in safe mode.


* Go here to download CCleaner.
  • Install CCleaner
  • Launch CCleaner and look in the upper right corner and click on the "Options" button.
  • Click "Advanced" and remove the check by "Only delete files in Windows temp folders older than 48 hours".
  • Click OK
  • Do not run CCleaner yet. You will run it later in safe mode.


* Download the trial version of Ewido Security Suite here.
  • Install ewido.
  • During the installation, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
  • Launch ewido
  • It will prompt you to update click the OK button and it will go to the main screen
  • On the left side of the main screen click update
  • Click on Start and let it update.
  • DO NOT run a scan yet. You will do that later in safe mode.


* Click here for info on how to boot to safe mode if you don't already know how.


* Now copy these instructions to notepad and save them to your desktop. You will need them to refer to in safe mode.


* Restart your computer into safe mode now. Perform the following steps in safe mode:


* Open the smitRembeta folder, then double click the RunThis.bat file to start the tool. Follow the prompts on screen.
Wait for the tool to complete and disk cleanup to finish.


* Run Ewido:
  • Click on scanner
  • Click Complete System Scan and the scan will begin.
  • During the scan it will prompt you to clean files, click OK
  • When the scan is finished, look at the bottom of the screen and click the Save report button.
  • Save the report to your desktop


* Start Ccleaner and click Run Cleaner


* Go to Control Panel > Internet Options. Click on the Programs tab then click the "Reset Web Settings" button. Click Apply then OK.


* Next go to Control Panel > Display. Click on the "Desktop" tab then click the "Customize Desktop" button. Click on the "Web" tab. Under "Web Pages" you should see an entry checked called something like "Security info" or similar. If it is there, select that entry and click the "Delete" button. Click OK then Apply and OK.


* Restart back into Windows normally now.


* Run ActiveScan online virus scan here

When the scan is finished, anything that it cannot clean have it delete it. Make a note of the file location of anything that cannot be deleted so you can delete it yourself.
- Save the results from the scan!

Post a new HiJackThis log along with the results from ActiveScan and the ewido scan
 
A

axnseeker

Thread Starter
Joined
Jul 5, 2005
Messages
9
Hi, here is HijackThis log:
Logfile of HijackThis v1.99.1
Scan saved at 02:32:24 a.m., on 06/07/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Archivos de programa\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
C:\Archivos de programa\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe
C:\Archivos de programa\Java\jre1.5.0_02\bin\jusched.exe
C:\Archivos de programa\QuickTime\qttask.exe
C:\Archivos de programa\Winamp\winampa.exe
C:\Archivos de programa\Archivos comunes\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Archivos de programa\Microsoft ActiveSync\WCESCOMM.EXE
C:\Archivos de programa\Archivos comunes\Symantec Shared\ccSetMgr.exe
C:\Archivos de programa\Archivos comunes\EPSON\EBAPI\SAgent2.exe
C:\Archivos de programa\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\Archivos de programa\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Archivos de programa\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe
C:\Archivos de programa\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Archivos de programa\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Archivos de programa\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe
C:\ARCHIV~1\NORTON~1\NORTON~1\NPROTECT.EXE
C:\Archivos de programa\Rainlendar\Rainlendar.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\Archivos de programa\Yahoo!\Messenger\ymsgr_tray.exe
C:\ARCHIV~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\Archivos de programa\Archivos comunes\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Archivos de programa\Archivos comunes\Symantec Shared\ccEvtMgr.exe
C:\Archivos de programa\Mozilla Firefox\firefox.exe
C:\Archivos de programa\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\winmine.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.oneclicksearches.com/search.php?qq=%1
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.oneclicksearches.com/search.php?qq=%1
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.oneclicksearches.com/search.php?qq=%1
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.oneclicksearches.com/search.php?qq=%1
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.oneclicksearches.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
F2 - REG:system.ini: Shell=explorer.exe, msmsgs.exe
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Archivos de programa\Norton SystemWorks\Norton AntiVirus\NavShExt.dll (file missing)
O4 - HKLM\..\Run: [ccApp] "C:\Archivos de programa\Archivos comunes\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Archivos de programa\Archivos comunes\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Archivos de programa\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Archivos de programa\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe"
O4 - HKLM\..\Run: [CountrySelection] pctptt.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\ARCHIV~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Archivos de programa\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Archivos de programa\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WinampAgent] C:\Archivos de programa\Winamp\winampa.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Archivos de programa\Archivos comunes\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Archivos de programa\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Archivos de programa\Yahoo!\Messenger\ypager.exe" -quiet
O4 - HKCU\..\Run: [DW4] "C:\Archivos de programa\The Weather Channel FW\Desktop Weather\DesktopWeather.exe"
O4 - Startup: Norton Disk Doctor.lnk = C:\Archivos de programa\Norton SystemWorks\Norton Utilities\NDD32.EXE
O4 - Startup: Rainlendar.lnk = C:\Archivos de programa\Rainlendar\Rainlendar.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Archivos de programa\Archivos comunes\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
O4 - Global Startup: Inicio rápido de Adobe Reader.lnk = C:\Archivos de programa\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Software Kodak EasyShare.lnk = C:\Archivos de programa\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Archivos de programa\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Crear un favorito móvil - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Archivos de programa\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Archivos de programa\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Crear un favorito móvil... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Archivos de programa\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARCHIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O12 - Plugin for .htm: C:\Archivos de programa\Netscape\Netscape Browser\PLUGINS\npTrident.dll
O12 - Plugin for .xml: C:\Archivos de programa\Netscape\Netscape Browser\PLUGINS\npTrident.dll
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,84/mcinsctl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1020827120509
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} (F-Secure Online Scanner) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,21/mcgdmgr.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/activedata/SymAData.cab
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Archivos de programa\Archivos comunes\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Archivos de programa\Archivos comunes\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Archivos de programa\Archivos comunes\Symantec Shared\ccSetMgr.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Archivos de programa\Archivos comunes\EPSON\EBAPI\SAgent2.exe
O23 - Service: ewido security suite control - ewido networks - C:\Archivos de programa\ewido\security suite\ewidoctrl.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Archivos de programa\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Archivos de programa\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\ARCHIV~1\NORTON~1\NORTON~1\NPROTECT.EXE
O23 - Service: W2k PCtel speaker phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Archivos de programa\Norton SystemWorks\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\ARCHIV~1\ARCHIV~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Archivos de programa\Archivos comunes\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Archivos de programa\Archivos comunes\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\ARCHIV~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Archivos de programa\Archivos comunes\Symantec Shared\CCPD-LC\symlcsvc.exe
 
A

axnseeker

Thread Starter
Joined
Jul 5, 2005
Messages
9
ewido security suite - Report de exploración PART 1
+ Creado en: 01:01:44 a.m., 06/07/2005
+ Report-Checksum: 848A68D
+ Scan result:

HKLM\SOFTWARE\Classes\CLSID\{00000000-6CB0-410C-8C3D-8FA8D2011D0A} -> Spyware.iMesh : Limpio con backup
C:\WINDOWS\tmpcpyis.bat -> Backdoor.AcidShiver : Limpio con backup
C:\WINDOWS\NDNuninstall4_85.exe -> Spyware.NewDotNet : Limpio con backup
C:\WINDOWS\NDNuninstall6_38.exe -> Spyware.NewDotNet : Limpio con backup
:mozilla.6:C:\Documents and Settings\Jorge\Datos de programa\Mozilla\Profiles\default\0iapfyu8.slt\cookies.txt -> Spyware.Cookie.2o7 : Limpio con backup
:mozilla.7:C:\Documents and Settings\Jorge\Datos de programa\Mozilla\Profiles\default\0iapfyu8.slt\cookies.txt -> Spyware.Cookie.2o7 : Limpio con backup
:mozilla.8:C:\Documents and Settings\Jorge\Datos de programa\Mozilla\Profiles\default\0iapfyu8.slt\cookies.txt -> Spyware.Cookie.2o7 : Limpio con backup
:mozilla.9:C:\Documents and Settings\Jorge\Datos de programa\Mozilla\Profiles\default\0iapfyu8.slt\cookies.txt -> Spyware.Cookie.2o7 : Limpio con backup
:mozilla.10:C:\Documents and Settings\Jorge\Datos de programa\Mozilla\Profiles\default\0iapfyu8.slt\cookies.txt -> Spyware.Cookie.2o7 : Limpio con backup
:mozilla.11:C:\Documents and Settings\Jorge\Datos de programa\Mozilla\Profiles\default\0iapfyu8.slt\cookies.txt -> Spyware.Cookie.2o7 : Limpio con backup
:mozilla.12:C:\Documents and Settings\Jorge\Datos de programa\Mozilla\Profiles\default\0iapfyu8.slt\cookies.txt -> Spyware.Cookie.2o7 : Limpio con backup
:mozilla.22:C:\Documents and Settings\Jorge\Datos de programa\Mozilla\Profiles\default\0iapfyu8.slt\cookies.txt -> Spyware.Cookie.Centrport : Limpio con backup
:mozilla.31:C:\Documents and Settings\Jorge\Datos de programa\Mozilla\Profiles\default\0iapfyu8.slt\cookies.txt -> Spyware.Cookie.Ru4 : Limpio con backup
:mozilla.32:C:\Documents and Settings\Jorge\Datos de programa\Mozilla\Profiles\default\0iapfyu8.slt\cookies.txt -> Spyware.Cookie.Ru4 : Limpio con backup
:mozilla.33:C:\Documents and Settings\Jorge\Datos de programa\Mozilla\Profiles\default\0iapfyu8.slt\cookies.txt -> Spyware.Cookie.Ru4 : Limpio con backup
:mozilla.56:C:\Documents and Settings\Jorge\Datos de programa\Mozilla\Profiles\default\0iapfyu8.slt\cookies.txt -> Spyware.Cookie.Paycounter : Limpio con backup
:mozilla.79:C:\Documents and Settings\Jorge\Datos de programa\Mozilla\Profiles\default\0iapfyu8.slt\cookies.txt -> Spyware.Cookie.Tradedoubler : Limpio con backup
:mozilla.80:C:\Documents and Settings\Jorge\Datos de programa\Mozilla\Profiles\default\0iapfyu8.slt\cookies.txt -> Spyware.Cookie.Tribalfusion : Limpio con backup
:mozilla.6:C:\Documents and Settings\Jorge\Datos de programa\Mozilla\Profiles\Checadato\3kpi0bzj.slt\cookies.txt -> Spyware.Cookie.2o7 : Limpio con backup
:mozilla.8:C:\Documents and Settings\Jorge\Datos de programa\Mozilla\Profiles\Checadato\3kpi0bzj.slt\cookies.txt -> Spyware.Cookie.Ru4 : Limpio con backup
:mozilla.9:C:\Documents and Settings\Jorge\Datos de programa\Mozilla\Profiles\Checadato\3kpi0bzj.slt\cookies.txt -> Spyware.Cookie.Ru4 : Limpio con backup
:mozilla.10:C:\Documents and Settings\Jorge\Datos de programa\Mozilla\Profiles\Checadato\3kpi0bzj.slt\cookies.txt -> Spyware.Cookie.Ru4 : Limpio con backup
:mozilla.19:C:\Documents and Settings\Jorge\Datos de programa\Mozilla\Firefox\Profiles\l2n99g5z.default\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.20:C:\Documents and Settings\Jorge\Datos de programa\Mozilla\Firefox\Profiles\l2n99g5z.default\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.21:C:\Documents and Settings\Jorge\Datos de programa\Mozilla\Firefox\Profiles\l2n99g5z.default\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.22:C:\Documents and Settings\Jorge\Datos de programa\Mozilla\Firefox\Profiles\l2n99g5z.default\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.23:C:\Documents and Settings\Jorge\Datos de programa\Mozilla\Firefox\Profiles\l2n99g5z.default\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.24:C:\Documents and Settings\Jorge\Datos de programa\Mozilla\Firefox\Profiles\l2n99g5z.default\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.25:C:\Documents and Settings\Jorge\Datos de programa\Mozilla\Firefox\Profiles\l2n99g5z.default\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.26:C:\Documents and Settings\Jorge\Datos de programa\Mozilla\Firefox\Profiles\l2n99g5z.default\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.27:C:\Documents and Settings\Jorge\Datos de programa\Mozilla\Firefox\Profiles\l2n99g5z.default\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.29:C:\Documents and Settings\Jorge\Datos de programa\Mozilla\Firefox\Profiles\l2n99g5z.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Limpio con backup
:mozilla.39:C:\Documents and Settings\Jorge\Datos de programa\Mozilla\Firefox\Profiles\l2n99g5z.default\cookies.txt -> Spyware.Cookie.Mediaplex : Limpio con backup
:mozilla.10:C:\Documents and Settings\Jorge\Datos de programa\Netscape\NSB\Profiles\4i0gw862.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Limpio con backup
:mozilla.12:C:\Documents and Settings\Jorge\Datos de programa\Netscape\NSB\Profiles\4i0gw862.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Limpio con backup
:mozilla.18:C:\Documents and Settings\Jorge\Datos de programa\Netscape\NSB\Profiles\4i0gw862.default\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.20:C:\Documents and Settings\Jorge\Datos de programa\Netscape\NSB\Profiles\4i0gw862.default\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.21:C:\Documents and Settings\Jorge\Datos de programa\Netscape\NSB\Profiles\4i0gw862.default\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.22:C:\Documents and Settings\Jorge\Datos de programa\Netscape\NSB\Profiles\4i0gw862.default\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.23:C:\Documents and Settings\Jorge\Datos de programa\Netscape\NSB\Profiles\4i0gw862.default\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.24:C:\Documents and Settings\Jorge\Datos de programa\Netscape\NSB\Profiles\4i0gw862.default\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.25:C:\Documents and Settings\Jorge\Datos de programa\Netscape\NSB\Profiles\4i0gw862.default\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.26:C:\Documents and Settings\Jorge\Datos de programa\Netscape\NSB\Profiles\4i0gw862.default\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.27:C:\Documents and Settings\Jorge\Datos de programa\Netscape\NSB\Profiles\4i0gw862.default\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.28:C:\Documents and Settings\Jorge\Datos de programa\Netscape\NSB\Profiles\4i0gw862.default\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.29:C:\Documents and Settings\Jorge\Datos de programa\Netscape\NSB\Profiles\4i0gw862.default\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.30:C:\Documents and Settings\Jorge\Datos de programa\Netscape\NSB\Profiles\4i0gw862.default\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.37:C:\Documents and Settings\Jorge\Datos de programa\Netscape\NSB\Profiles\4i0gw862.default\cookies.txt -> Spyware.Cookie.Atdmt : Limpio con backup
:mozilla.42:C:\Documents and Settings\Jorge\Datos de programa\Netscape\NSB\Profiles\4i0gw862.default\cookies.txt -> Spyware.Cookie.2o7 : Limpio con backup
:mozilla.43:C:\Documents and Settings\Jorge\Datos de programa\Netscape\NSB\Profiles\4i0gw862.default\cookies.txt -> Spyware.Cookie.2o7 : Limpio con backup
:mozilla.44:C:\Documents and Settings\Jorge\Datos de programa\Netscape\NSB\Profiles\4i0gw862.default\cookies.txt -> Spyware.Cookie.2o7 : Limpio con backup
:mozilla.45:C:\Documents and Settings\Jorge\Datos de programa\Netscape\NSB\Profiles\4i0gw862.default\cookies.txt -> Spyware.Cookie.Doubleclick : Limpio con backup
:mozilla.88:C:\Documents and Settings\Jorge\Datos de programa\Netscape\NSB\Profiles\4i0gw862.default\cookies.txt -> Spyware.Cookie.Ru4 : Limpio con backup
:mozilla.89:C:\Documents and Settings\Jorge\Datos de programa\Netscape\NSB\Profiles\4i0gw862.default\cookies.txt -> Spyware.Cookie.Ru4 : Limpio con backup
:mozilla.90:C:\Documents and Settings\Jorge\Datos de programa\Netscape\NSB\Profiles\4i0gw862.default\cookies.txt -> Spyware.Cookie.Coremetrics : Limpio con backup
:mozilla.91:C:\Documents and Settings\Jorge\Datos de programa\Netscape\NSB\Profiles\4i0gw862.default\cookies.txt -> Spyware.Cookie.Ru4 : Limpio con backup
:mozilla.92:C:\Documents and Settings\Jorge\Datos de programa\Netscape\NSB\Profiles\4i0gw862.default\cookies.txt -> Spyware.Cookie.Ru4 : Limpio con backup
:mozilla.93:C:\Documents and Settings\Jorge\Datos de programa\Netscape\NSB\Profiles\4i0gw862.default\cookies.txt -> Spyware.Cookie.Mediaplex : Limpio con backup
:mozilla.94:C:\Documents and Settings\Jorge\Datos de programa\Netscape\NSB\Profiles\4i0gw862.default\cookies.txt -> Spyware.Cookie.Pointroll : Limpio con backup
:mozilla.95:C:\Documents and Settings\Jorge\Datos de programa\Netscape\NSB\Profiles\4i0gw862.default\cookies.txt -> Spyware.Cookie.Pointroll : Limpio con backup
:mozilla.96:C:\Documents and Settings\Jorge\Datos de programa\Netscape\NSB\Profiles\4i0gw862.default\cookies.txt -> Spyware.Cookie.Pointroll : Limpio con backup
C:\Documents and Settings\älëcÿtä\Configuración local\Temp\fsg.exe -> Adware.Gator : Limpio con backup
:mozilla.15:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\6pp5ehqe.default\cookies.txt -> Spyware.Cookie.Doubleclick : Limpio con backup
:mozilla.24:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\6pp5ehqe.default\cookies.txt -> Spyware.Cookie.Fastclick : Limpio con backup
:mozilla.41:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\6pp5ehqe.default\cookies.txt -> Spyware.Cookie.Overture : Limpio con backup
:mozilla.43:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\6pp5ehqe.default\cookies.txt -> Spyware.Cookie.Hitbox : Limpio con backup
:mozilla.44:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\6pp5ehqe.default\cookies.txt -> Spyware.Cookie.Hitbox : Limpio con backup
:mozilla.46:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\6pp5ehqe.default\cookies.txt -> Spyware.Cookie.Adtech : Limpio con backup
:mozilla.47:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\6pp5ehqe.default\cookies.txt -> Spyware.Cookie.Adtech : Limpio con backup
:mozilla.52:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\6pp5ehqe.default\cookies.txt -> Spyware.Cookie.Atdmt : Limpio con backup
:mozilla.55:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\6pp5ehqe.default\cookies.txt -> Spyware.Cookie.Adserver : Limpio con backup
:mozilla.56:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\6pp5ehqe.default\cookies.txt -> Spyware.Cookie.Adserver : Limpio con backup
:mozilla.60:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\6pp5ehqe.default\cookies.txt -> Spyware.Cookie.Mediaplex : Limpio con backup
:mozilla.61:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\6pp5ehqe.default\cookies.txt -> Spyware.Cookie.Mediaplex : Limpio con backup
:mozilla.62:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\6pp5ehqe.default\cookies.txt -> Spyware.Cookie.Weborama : Limpio con backup
:mozilla.10:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Doubleclick : Limpio con backup
:mozilla.20:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Atdmt : Limpio con backup
:mozilla.25:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Hitbox : Limpio con backup
:mozilla.26:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Hitbox : Limpio con backup
:mozilla.27:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Hitbox : Limpio con backup
:mozilla.28:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Hitbox : Limpio con backup
:mozilla.29:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Hitbox : Limpio con backup
:mozilla.45:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Trafficmp : Limpio con backup
:mozilla.47:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Trafficmp : Limpio con backup
:mozilla.48:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Trafficmp : Limpio con backup
:mozilla.49:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Trafficmp : Limpio con backup
:mozilla.50:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Valueclick : Limpio con backup
:mozilla.51:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Valueclick : Limpio con backup
:mozilla.67:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.68:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.69:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.70:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.71:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.72:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.73:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.74:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.75:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.76:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.77:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.78:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.79:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.80:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.81:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.82:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.83:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.84:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.85:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.86:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.87:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.88:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.89:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.90:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.91:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.92:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.93:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.94:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.95:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.96:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.97:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.98:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.99:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.100:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.101:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.102:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.103:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.104:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.105:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Advertising : Limpio con backup
:mozilla.117:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Ru4 : Limpio con backup
:mozilla.118:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Ru4 : Limpio con backup
:mozilla.119:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Tribalfusion : Limpio con backup
 
A

axnseeker

Thread Starter
Joined
Jul 5, 2005
Messages
9
Ewido report part 2


:mozilla.127:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Weborama : Limpio con backup
:mozilla.128:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Weborama : Limpio con backup
:mozilla.129:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Weborama : Limpio con backup
:mozilla.148:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Fastclick : Limpio con backup
:mozilla.168:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Dbbsrv : Limpio con backup
:mozilla.196:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Centrport : Limpio con backup
:mozilla.206:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Pointroll : Limpio con backup
:mozilla.207:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Pointroll : Limpio con backup
:mozilla.208:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Pointroll : Limpio con backup
:mozilla.211:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Coremetrics : Limpio con backup
:mozilla.214:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Bluestreak : Limpio con backup
:mozilla.215:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Mediaplex : Limpio con backup
:mozilla.231:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Overture : Limpio con backup
:mozilla.251:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Hitbox : Limpio con backup
:mozilla.254:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Tradedoubler : Limpio con backup
:mozilla.271:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Bfast : Limpio con backup
:mozilla.279:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Serving-sys : Limpio con backup
:mozilla.280:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Serving-sys : Limpio con backup
:mozilla.281:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Serving-sys : Limpio con backup
:mozilla.282:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Serving-sys : Limpio con backup
:mozilla.284:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Adserver : Limpio con backup
:mozilla.285:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Questionmarket : Limpio con backup
:mozilla.287:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Adtech : Limpio con backup
:mozilla.288:C:\Documents and Settings\älëcÿtä\Datos de programa\Mozilla\Firefox\Profiles\9up9efeg.Default User\cookies.txt -> Spyware.Cookie.Adtech : Limpio con backup
C:\System Volume Information\_restore{F0A68171-C658-415D-8C71-81B1329BCB2E}\RP209\A0128704.exe -> Trojan.Puper.w : Limpio con backup
C:\System Volume Information\_restore{F0A68171-C658-415D-8C71-81B1329BCB2E}\RP209\A0128705.exe -> Trojan.Puper.w : Limpio con backup
C:\System Volume Information\_restore{F0A68171-C658-415D-8C71-81B1329BCB2E}\RP209\A0128706.dll -> Trojan.Puper.t : Limpio con backup
C:\System Volume Information\_restore{F0A68171-C658-415D-8C71-81B1329BCB2E}\RP209\A0128719.exe -> Trojan.Puper.w : Limpio con backup
C:\System Volume Information\_restore{F0A68171-C658-415D-8C71-81B1329BCB2E}\RP209\A0128720.exe -> Trojan.Puper.w : Limpio con backup
C:\System Volume Information\_restore{F0A68171-C658-415D-8C71-81B1329BCB2E}\RP209\A0128721.dll -> Trojan.Puper.t : Limpio con backup
C:\System Volume Information\_restore{F0A68171-C658-415D-8C71-81B1329BCB2E}\RP209\A0128734.exe -> Trojan.Puper.w : Limpio con backup
C:\System Volume Information\_restore{F0A68171-C658-415D-8C71-81B1329BCB2E}\RP209\A0128735.dll -> Trojan.Puper.t : Limpio con backup
C:\System Volume Information\_restore{F0A68171-C658-415D-8C71-81B1329BCB2E}\RP209\A0128737.exe -> Trojan.Puper.w : Limpio con backup
C:\System Volume Information\_restore{F0A68171-C658-415D-8C71-81B1329BCB2E}\RP209\A0128751.EXE -> Trojan.Puper.w : Limpio con backup
C:\System Volume Information\_restore{F0A68171-C658-415D-8C71-81B1329BCB2E}\RP209\A0128758.exe -> Trojan.Puper.w : Limpio con backup
C:\System Volume Information\_restore{F0A68171-C658-415D-8C71-81B1329BCB2E}\RP209\A0128759.dll -> Trojan.Puper.t : Limpio con backup
C:\System Volume Information\_restore{F0A68171-C658-415D-8C71-81B1329BCB2E}\RP209\A0128776.exe -> Trojan.Puper.w : Limpio con backup
C:\System Volume Information\_restore{F0A68171-C658-415D-8C71-81B1329BCB2E}\RP209\A0128777.dll -> Trojan.Puper.t : Limpio con backup
C:\System Volume Information\_restore{F0A68171-C658-415D-8C71-81B1329BCB2E}\RP209\A0128798.exe -> Trojan.Puper.w : Limpio con backup
C:\System Volume Information\_restore{F0A68171-C658-415D-8C71-81B1329BCB2E}\RP209\A0128799.dll -> Trojan.Puper.t : Limpio con backup
C:\System Volume Information\_restore{F0A68171-C658-415D-8C71-81B1329BCB2E}\RP209\A0128801.exe -> Trojan.Puper.w : Limpio con backup
C:\System Volume Information\_restore{F0A68171-C658-415D-8C71-81B1329BCB2E}\RP207\A0128501.dll -> Spyware.Neon : Limpio con backup
C:\RECYCLED\NPROTECT\00077567.TXT -> Spyware.Cookie.Adserver : Limpio con backup
C:\RECYCLED\NPROTECT\00077568.TXT -> Spyware.Cookie.Gator : Limpio con backup
C:\RECYCLED\NPROTECT\00077569.TXT -> Spyware.Cookie.Gator : Limpio con backup
C:\RECYCLED\NPROTECT\00077570.TXT -> Spyware.Cookie.Weborama : Limpio con backup
C:\RECYCLED\NPROTECT\00077571.TXT -> Spyware.Cookie.Weborama : Limpio con backup
C:\RECYCLED\NPROTECT\00077572.TXT -> Spyware.Cookie.Tribalfusion : Limpio con backup
C:\RECYCLED\NPROTECT\00077573.TXT -> Spyware.Cookie.Tradedoubler : Limpio con backup
C:\RECYCLED\NPROTECT\00077576.TXT -> Spyware.Cookie.Serving-sys : Limpio con backup
C:\RECYCLED\NPROTECT\00077577.TXT -> Spyware.Cookie.Serving-sys : Limpio con backup
C:\RECYCLED\NPROTECT\00077578.TXT -> Spyware.Cookie.Advertising : Limpio con backup
C:\RECYCLED\NPROTECT\00077579.TXT -> Spyware.Cookie.Advertising : Limpio con backup
C:\RECYCLED\NPROTECT\00077581.TXT -> Spyware.Cookie.Questionmarket : Limpio con backup
C:\RECYCLED\NPROTECT\00077582.TXT -> Spyware.Cookie.Questionmarket : Limpio con backup
C:\RECYCLED\NPROTECT\00077584.TXT -> Spyware.Cookie.Overture : Limpio con backup
C:\RECYCLED\NPROTECT\00077585.TXT -> Spyware.Cookie.Mediaplex : Limpio con backup
C:\RECYCLED\NPROTECT\00077586.TXT -> Spyware.Cookie.Hitbox : Limpio con backup
C:\RECYCLED\NPROTECT\00077587.TXT -> Spyware.Cookie.Fastclick : Limpio con backup
C:\RECYCLED\NPROTECT\00077588.TXT -> Spyware.Cookie.Fastclick : Limpio con backup
C:\RECYCLED\NPROTECT\00077589.TXT -> Spyware.Cookie.Hitbox : Limpio con backup
C:\RECYCLED\NPROTECT\00077590.TXT -> Spyware.Cookie.Hitbox : Limpio con backup
C:\RECYCLED\NPROTECT\00077591.TXT -> Spyware.Cookie.Doubleclick : Limpio con backup
C:\RECYCLED\NPROTECT\00077592.TXT -> Spyware.Cookie.Coremetrics : Limpio con backup
C:\RECYCLED\NPROTECT\00077594.TXT -> Spyware.Cookie.Centrport : Limpio con backup
C:\RECYCLED\NPROTECT\00077597.TXT -> Spyware.Cookie.Serving-sys : Limpio con backup
C:\RECYCLED\NPROTECT\00077598.TXT -> Spyware.Cookie.Serving-sys : Limpio con backup
C:\RECYCLED\NPROTECT\00077599.TXT -> Spyware.Cookie.Atdmt : Limpio con backup
C:\RECYCLED\NPROTECT\00077600.TXT -> Spyware.Cookie.Falkag : Limpio con backup
C:\RECYCLED\NPROTECT\00077602.TXT -> Spyware.Cookie.Advertising : Limpio con backup
C:\RECYCLED\NPROTECT\00077604.TXT -> Spyware.Cookie.Pointroll : Limpio con backup
C:\RECYCLED\NPROTECT\00077605.TXT -> Spyware.Cookie.2o7 : Limpio con backup
C:\RECYCLED\NPROTECT\00077606.TXT -> Spyware.Cookie.Gator : Limpio con backup
C:\RECYCLED\NPROTECT\00077608.TXT -> Spyware.Cookie.2o7 : Limpio con backup
C:\RECYCLED\NPROTECT\00077609.exe -> Trojan.Puper.w : Limpio con backup
::End Report
 
A

axnseeker

Thread Starter
Joined
Jul 5, 2005
Messages
9
Here is ActiveScan:


Incident Status Location

Adware:Adware/MyWay No disinfected C:\Archivos de programa\MySearch
Adware:Adware/CWS No disinfected C:\Documents and Settings\Jorge\Favoritos\Online Gambling\Online Gambling.url
Adware:Adware/SuperSpider No disinfected C:\Documents and Settings\Jorge\Favoritos\online dating.url
Adware:Adware/Popuper No disinfected C:\Documents and Settings\Jorge\Favoritos\Black Jack Online.url
Adware:Adware/Perfect-Search No disinfected C:\Documents and Settings\Jorge\Favoritos\Online Pharmacy\Adipex.url
Adware:Adware/Popuper No disinfected C:\Documents and Settings\All Users\Escritorio\Remove Spyware.url
Adware:Adware/Popuper No disinfected C:\Documents and Settings\All Users\Escritorio\Online Dating.url
Adware:Adware/Perfect-Search No disinfected C:\Documents and Settings\Jorge\Favoritos\Online Pharmacy\Online Pharmacy.url
Adware:Adware/Perfect-Search No disinfected C:\Documents and Settings\Jorge\Favoritos\Online Pharmacy\Adipex.url
Adware:Adware/Perfect-Search No disinfected C:\Documents and Settings\Jorge\Favoritos\Online Pharmacy\Alprazolam.url
Adware:Adware/Perfect-Search No disinfected C:\Documents and Settings\Jorge\Favoritos\Online Pharmacy\Carisoprodol.url
Adware:Adware/Perfect-Search No disinfected C:\Documents and Settings\Jorge\Favoritos\Online Pharmacy\Diazepam.url
Adware:Adware/Perfect-Search No disinfected C:\Documents and Settings\Jorge\Favoritos\Online Pharmacy\Hydrocodone.url
Adware:Adware/CWS No disinfected C:\Documents and Settings\Jorge\Favoritos\Online Pharmacy\Lortab.url
Adware:Adware/Perfect-Search No disinfected C:\Documents and Settings\Jorge\Favoritos\Online Pharmacy\Prozac.url
Adware:Adware/Perfect-Search No disinfected C:\Documents and Settings\Jorge\Favoritos\Online Pharmacy\Valium.url
Adware:Adware/Perfect-Search No disinfected C:\Documents and Settings\Jorge\Favoritos\Online Pharmacy\Vicodin.url
Adware:Adware/Perfect-Search No disinfected C:\Documents and Settings\Jorge\Favoritos\Online Pharmacy\Xanax.url
Adware:Adware/CWS No disinfected C:\Documents and Settings\Jorge\Favoritos\Online Gambling\Online Gambling.url
Adware:Adware/Popuper No disinfected C:\Documents and Settings\Jorge\Favoritos\Take It Here - Free Porn TGP.url
Adware:Adware/Popuper No disinfected C:\Documents and Settings\Jorge\Favoritos\Black Jack Online.url
Adware:Adware/Popuper No disinfected C:\Documents and Settings\Jorge\Favoritos\Online Gambling.url
Adware:Adware/Popuper No disinfected C:\Documents and Settings\Jorge\Favoritos\Home Loan.url
Adware:Adware/Popuper No disinfected C:\Documents and Settings\Jorge\Favoritos\Online Pharmacy.url
Adware:Adware/Popuper No disinfected C:\Documents and Settings\Jorge\Favoritos\Remove Spyware.url
Adware:Adware/Popuper No disinfected C:\Documents and Settings\Jorge\Favoritos\Network Security.url
Adware:Adware/Popuper No disinfected C:\Documents and Settings\Jorge\Favoritos\Spam Filters.url
Adware:Adware/SuperSpider No disinfected C:\Documents and Settings\Jorge\Favoritos\Online Dating.url
Adware:Adware/Popuper No disinfected C:\Documents and Settings\Jorge\Favoritos\Web Detective.url
 
Flrman1

Flrman1

Joined
Jul 26, 2002
Messages
46,353
Run Hijack This again and put a check by these. Close ALL windows except HijackThis and click "Fix checked"

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.oneclicksearches.com/search.php?qq=%1

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.oneclicksearches.com/search.php?qq=%1

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.oneclicksearches.com/search.php?qq=%1

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.oneclicksearches.com/search.php?qq=%1

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.oneclicksearches.com/

F2 - REG:system.ini: Shell=explorer.exe, msmsgs.exe


Restart into safe mode and delete this folder:

C:\Archivos de programa\MySearch


Delete these folders from your favorites:

Online Gambling
Online Pharmacy
Escritorio

Delete these links from your favorites:

online dating
Black Jack Online
Take It Here - Free Porn TGP
Black Jack Online
Online Gambling
Home Loan
Online Pharmacy
Remove Spyware
Network Security
Spam Filters
Web Detective


* Start Ccleaner and click Run Cleaner


* Go to Control Panel > Internet Options. Click on the Programs tab then click the "Reset Web Settings" button. Click Apply then OK.


* Restart back into Windows normally now.


* Go here and download Ad-Aware SE.
  • Install the program and launch it.
  • First in the main window look in the bottom right corner and click on Check for updates now
  • Click Connect and download the latest reference files.
  • From main window click Start then under Select a scan Mode tick Perform full system scan.
  • Next deselect Search for negligible risk entries.
  • Now to scan just click the Next button.
  • When the scan is finished mark everything for removal and get rid of it.
  • Right-click the window and choose select all from the drop down menu and click Next
  • Restart your computer.



* Go here and download Microsoft Antispyware Beta.
  • Install the program and launch it.
  • First in the top menu click File then Check for updates to download the definitons updates.
  • After updating look in the right side of the main window under "Run Quick Scan Now" and click Spyware scan options.
  • Put a tick by Run a full system scan and then put a check by all three options below that
  • Click Run Scan now.
  • When the scan is finished, let it fix anything that it finds
  • Have it quarantine the items that have that option rather than delete just in case.
  • Restart your computer.


* Go here and do an online virus scan. Choose "Complete Scan" and select all drives to scan.

When the scan is finished, anything that it cannot clean have it delete it. Click "Print Report". The report will open in your browser. Go to File > Save As and save the file to your desktop. Under "Save as type" click the dropdown menu and choose "Text file (*.txt) and save it as a text file.

Post a new HiJackThis log along with the report from the Housecall scan
 
A

axnseeker

Thread Starter
Joined
Jul 5, 2005
Messages
9
Logfile of HijackThis v1.99.1
Scan saved at 01:47:05 a.m., on 07/07/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Archivos de programa\Archivos comunes\Symantec Shared\ccSetMgr.exe
C:\Archivos de programa\Archivos comunes\EPSON\EBAPI\SAgent2.exe
C:\Archivos de programa\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\Archivos de programa\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Archivos de programa\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
C:\Archivos de programa\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe
C:\Archivos de programa\Java\jre1.5.0_02\bin\jusched.exe
C:\Archivos de programa\QuickTime\qttask.exe
C:\Archivos de programa\Winamp\winampa.exe
C:\Archivos de programa\Archivos comunes\Real\Update_OB\realsched.exe
C:\Archivos de programa\Microsoft AntiSpyware\gcasServ.exe
C:\Archivos de programa\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Archivos de programa\Microsoft ActiveSync\WCESCOMM.EXE
C:\ARCHIV~1\NORTON~1\NORTON~1\NPROTECT.EXE
C:\Archivos de programa\The Weather Channel FW\Desktop Weather\DesktopWeather.exe
C:\Archivos de programa\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe
C:\WINDOWS\system32\pctspk.exe
C:\Archivos de programa\Microsoft AntiSpyware\gcasDtServ.exe
C:\ARCHIV~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\Archivos de programa\Archivos comunes\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Archivos de programa\Yahoo!\Messenger\ymsgr_tray.exe
C:\Archivos de programa\Archivos comunes\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\Archivos de programa\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Archivos de programa\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Archivos de programa\Rainlendar\Rainlendar.exe
C:\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Archivos de programa\Norton SystemWorks\Norton AntiVirus\NavShExt.dll (file missing)
O4 - HKLM\..\Run: [ccApp] "C:\Archivos de programa\Archivos comunes\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Archivos de programa\Archivos comunes\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Archivos de programa\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Archivos de programa\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe"
O4 - HKLM\..\Run: [CountrySelection] pctptt.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\ARCHIV~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Archivos de programa\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Archivos de programa\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WinampAgent] C:\Archivos de programa\Winamp\winampa.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Archivos de programa\Archivos comunes\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [gcasServ] "C:\Archivos de programa\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Archivos de programa\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Archivos de programa\Yahoo!\Messenger\ypager.exe" -quiet
O4 - HKCU\..\Run: [DW4] "C:\Archivos de programa\The Weather Channel FW\Desktop Weather\DesktopWeather.exe"
O4 - Startup: Norton Disk Doctor.lnk = C:\Archivos de programa\Norton SystemWorks\Norton Utilities\NDD32.EXE
O4 - Startup: Rainlendar.lnk = C:\Archivos de programa\Rainlendar\Rainlendar.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Archivos de programa\Archivos comunes\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
O4 - Global Startup: Inicio rápido de Adobe Reader.lnk = C:\Archivos de programa\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Software Kodak EasyShare.lnk = C:\Archivos de programa\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Archivos de programa\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Crear un favorito móvil - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Archivos de programa\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Archivos de programa\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Crear un favorito móvil... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Archivos de programa\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARCHIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O12 - Plugin for .htm: C:\Archivos de programa\Netscape\Netscape Browser\PLUGINS\npTrident.dll
O12 - Plugin for .xml: C:\Archivos de programa\Netscape\Netscape Browser\PLUGINS\npTrident.dll
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,84/mcinsctl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1020827120509
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} (F-Secure Online Scanner) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,21/mcgdmgr.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/activedata/SymAData.cab
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Archivos de programa\Archivos comunes\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Archivos de programa\Archivos comunes\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Archivos de programa\Archivos comunes\Symantec Shared\ccSetMgr.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Archivos de programa\Archivos comunes\EPSON\EBAPI\SAgent2.exe
O23 - Service: ewido security suite control - ewido networks - C:\Archivos de programa\ewido\security suite\ewidoctrl.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Archivos de programa\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Archivos de programa\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\ARCHIV~1\NORTON~1\NORTON~1\NPROTECT.EXE
O23 - Service: W2k PCtel speaker phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Archivos de programa\Norton SystemWorks\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\ARCHIV~1\ARCHIV~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Archivos de programa\Archivos comunes\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Archivos de programa\Archivos comunes\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\ARCHIV~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Archivos de programa\Archivos comunes\Symantec Shared\CCPD-LC\symlcsvc.exe
 
A

axnseeker

Thread Starter
Joined
Jul 5, 2005
Messages
9
Trend Micro Housecall Virus Scan0 virus cleaned, 1 virus deleted


Results:
We have detected 1 infected file(s) with 1 virus(es) on your
computer. Only 0 out of 0 infected files are displayed:
- 0 virus(es) passed, 0 virus(es) no action available
- 0 virus(es) cleaned, 0 virus(es) uncleanable
- 1 virus(es) deleted, 0 virus(es) undeletable
- 0 virus(es) not found, 0 virus(es) unaccessible
Detected FileAssociated Virus NameAction Taken
C:\System Volume
Information\_restore{F0A68171-C658-415D-8C71-81B1329BCB2E}\RP209\A0128816.exeTROJ_PUPER.QDeletion
successful




Trojan/Worm Check0 worm/Trojan horse deleted

What we checked:
Malicious activity by a Trojan horse program. Although a
Trojan seems like a harmless program, it contains malicious
code and once installed can cause damage to your computer.
Results:
We have detected 0 Trojan horse program(s) and worm(s) on your
computer. Only 0 out of 0 Trojan horse programs and worms are
displayed: - 0 worm(s)/Trojan(s) passed, 0
worm(s)/Trojan(s) no action available
- 0 Worm(s)/Trojan(s) deleted, 0 worm(s)/Trojan(s)
undeletable
Trojan/Worm NameTrojan/Worm TypeAction Taken




Spyware Check1 spyware program removed

What we checked:
Whether personal information was tracked and reported by
spyware. Spyware is often installed secretly with legitimate
programs downloaded from the Internet.
Results:
We have detected 1 spyware(s) on your computer. Only 0 out of
0 spywares are displayed: - 0 spyware(s) passed, 0
spyware(s) no action available
- 1 spyware(s) removed, 0 spyware(s) unremovable
Spyware NameSpyware TypeAction Taken
SPYW_EXCTSEAR.ASpywareRemoval successful




Microsoft Vulnerability CheckNo vulnerability detected

What we checked:
Microsoft known security vulnerabilities. These are issues
Microsoft has identified and released Critical Updates to fix.

Results:
We have detected 0 vulnerability/vulnerabilities on your
computer. Only 0 out of 0 vulnerabilities are displayed.
Risk LevelIssueHow to Fix
 
Flrman1

Flrman1

Joined
Jul 26, 2002
Messages
46,353
Clean! (y)

Now turn off System Restore:

On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.

Restart your computer, turn System Restore back on and create a restore point.

To create a restore point:

Single-click Start and point to All Programs.
Mouse over Accessories, then System Tools, and select System Restore.
In the System Restore wizard, select the box next the text labeled "Create a restore point" and click the Next button.
Type a description for your new restore point. Something like "After trojan/spyware cleanup". Click Create and you're done.

Check this out for info on how to tighten your security settings and some good free tools to help prevent this from happening again.
 
A

axnseeker

Thread Starter
Joined
Jul 5, 2005
Messages
9
Hey thanks a lot flrman1!!!...you are THE man!...you are all a great team and i am very grateful with all of you. I thank for having the chance to find this site and know your great efforts to help needed people like me. Thanks again and be sure i will donate for your site, just let me get a credit card since mine is saturated right now. Thanks again and congratulations for your site. Best regards, Axnseeker--Jorge Barraza, Guadalajara, Mexico.
 
Flrman1

Flrman1

Joined
Jul 26, 2002
Messages
46,353
You're welcome! :)

Since this problem has been solved, I'm closing this thread. If you need it reopened please PM me or one of the other mods.

Anyone else with a similar problem please start a "New Thread".
 
Status
This thread has been Locked and is not open to further replies. The original thread starter may use the Report button to request it be reopened but anyone else with a similar issue should start a New Thread. Watch our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Members online

Total: 342 (members: 11, guests: 331)
Top