| Re: Hotoffers (Estoy muy emproblemado)
Gracias…
Realmente me sorprendió lo rápido que el computador se infecta con estos spyware, solo con volver a entrar 10 minutos para descargar el programa MWA que me recomendaron y ahora el IExplorer está lleno de barras y tengo links a Webpages en mi escritorio que antes no estaban, ¿Será que mi antivirus tampoco funciona? Además, al ver la cantidad de virus que la herramienta MWA encontró quedé aún más sorprendido; pero bueno…. mejor es que lo vean por Uds. Mismos:
Aquí están los 2 logs:
MicroWorld Antivirus. Virus log information:
File C:\WINDOWS\SYSTEM\QH4MKBV9.DLL infected by "not-a-virus:AdWare.Sahat.l" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\CMD32.EXE infected by "Trojan-Downloader.Win32.Delf.cb" Virus. Action Taken: No Action Taken.
File D01UTFMP.DLL infected by "not-a-virus:AdWare.Sahat.m" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\CMD32.EXE infected by "Trojan-Downloader.Win32.Delf.cb" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\TEMP\SHOP1004.EXE infected by "not-a-virus:AdWare.Sahat.m" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SHOP1004.EXE infected by "not-a-virus:AdWare.Sahat.m" Virus. Action Taken: No Action Taken.
File C:\ARCHIV~1\BULLSE~1\BIN\BARGAINS.EXE infected by "File C:\ARCHIV~1\TOOLBAR\TBPS.exe infected by "not-a-virus:AdWare.WebSearch.af" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\ap9h4qmo.exe infected by "not-a-virus:AdWare.Sahat.o" Virus. Action Taken: No Action Taken.
File C:\ARCHIV~1\ARCHIV~1\WINTOOLS\WTOOLSA.EXE infected by "not-a-virus:AdWare.Wintol.aa" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\STUBINSTALLER5356.EXE infected by "Trojan-Downloader.Win32.Small.asa" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\JSPEGISTER.EXE infected by "not-a-virus:AdWare.Apropos.i" Virus. Action Taken: No Action Taken.
File System Found infected by "SideFind Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "Bargain Buddy Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "Bargain Buddy Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "Bargain Buddy Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "Bargain Buddy Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "XXXToolbar Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "Adintelligence.AproposToolbar Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "BetterInternet Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "BetterInternet Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "avenue media Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "bargains Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "bullseye network Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "exactutil Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "myway Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "bargainbuddy Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "VGroup Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "WebSiteViewer Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "text/html Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "pynix Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "envolo Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "autoloader Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "AutoLoaderAproposClient Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "ezula Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "ezula Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "ezula Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "ezula Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "ezula Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "ezula Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "ezula Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "ezula Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "ezula Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "ezula Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "ezula Spyware/Adware" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\loadclean.exe infected by "Trojan-Downloader.Win32.Delf.cb" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\optimize.exe infected by "Trojan-Downloader.Win32.Dyfuca.dk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SSK_B5.EXE infected by "Trojan-Dropper.Win32.SurfSide.a" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\shop1004.exe infected by "not-a-virus:AdWare.Sahat.m" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\edow.exe infected by "not-a-virus:AdWare.Wintol.ab" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\zeta.exe infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\installer_SIAC.exe infected by "Trojan-Downloader.Win32.Adload.a" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\ucmoreiex.exe infected by "not-a-virus:AdWare.ToolBar.Ucmore.a" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\a95kfrhe.exe infected by "not-a-virus:AdWare.Sahat.o" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\ahadp.exe infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\MQEXDLM.SRG infected by "not-a-virus:AdWare.BargianBuddy.n" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\c92gme2th2pzo.dll infected by "Trojan-Downloader.Win32.Small.amg" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\izxczxcr.exe infected by "Trojan.Win32.LowZones.y" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\lpzxczxct.exe infected by "Trojan-Downloader.Win32.Delf.dg" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\exdl.exe infected by "not-a-virus:AdWare.BargianBuddy.n" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\exdl0.exe infected by "not-a-virus:AdWare.BargianBuddy.n" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\unregister.exe infected by "not-a-virus:AdWare.ToolBar.VB.f" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\gkk.dll infected by "Trojan.Win32.StartPage.ix" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\exul.exe infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\javexulm.vxd infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\intfsdffdsronsad.exe infected by "not-a-virus:AdWare.ToolBar.ISearch.d" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\izxxzdsafsafczxcr.exe infected by "Trojan-Downloader.Win32.Small.aqt" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\intronsad.exe infected by "Trojan-Clicker.Win32.Delf.bz" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\exdl1.exe infected by "not-a-virus:AdWare.BargianBuddy.n" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\nnkyir.exe infected by "Trojan.Win32.Agent.ay" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\exul1.exe infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\eeos.exe infected by "not-a-virus:AdWare.PurityScan.w" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\angelex.exe infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\instsrv.exe tagged as not-a-virus:RiskWare.Tool.ServiceRunner.f. No Action Taken.
File C:\WINDOWS\SYSTEM\mac80ex.idf infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\netut80ex.vxd infected by "not-a-virus:AdWare.BargianBuddy.n" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\qh4mkbv9.dll infected by "not-a-virus:AdWare.Sahat.l" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\q17i9a4j.exe infected by "not-a-virus:AdWare.Sahat.o" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\TEMP\sp.html infected by "Trojan.JS.StartPage.u" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\TEMP\B141579204\build2.exe infected by "not-a-virus:AdWare.ToolBar.ISearch.d" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\TEMP\D01UTFMP.dll infected by "not-a-virus:AdWare.Sahat.m" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\TEMP\down.cab infected by "not-a-virus:AdWare.Wintol.y" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\TEMP\DrTemp\pynix.cab infected by "not-a-virus:AdWare.DlMax.a" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\TEMP\DrTemp\Pynix.dll infected by "not-a-virus:AdWare.DlMax.a" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\TEMP\cln63A6.TMP infected by "Trojan-Downloader.Win32.Dyfuca.dx" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\TEMP\WToolsB.dll infected by "not-a-virus:AdWare.Wintol.y" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\TEMP\setup4002b.cab infected by "not-a-virus:AdWare.Sahat.l" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\TEMP\WToolsA.exe infected by "not-a-virus:AdWare.Wintol.aa" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\TEMP\AutoUpdate0\auto_update_install.ex e infected by "Trojan-Downloader.Win32.Apropo.u" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\MQEXDLM.SRG infected by "not-a-virus:AdWare.BargianBuddy.n" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\c92gme2th2pzo.dll infected by "Trojan-Downloader.Win32.Small.amg" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\izxczxcr.exe infected by "Trojan.Win32.LowZones.y" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\lpzxczxct.exe infected by "Trojan-Downloader.Win32.Delf.dg" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\exdl.exe infected by "not-a-virus:AdWare.BargianBuddy.n" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\exdl0.exe infected by "not-a-virus:AdWare.BargianBuddy.n" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\unregister.exe infected by "not-a-virus:AdWare.ToolBar.VB.f" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\picsvr\picsvr.exe infected by "Trojan-Downloader.Win32.Delmed.b" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\gkk.dll infected by "Trojan.Win32.StartPage.ix" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\exul.exe infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\javexulm.vxd infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\intfsdffdsronsad.exe infected by "not-a-virus:AdWare.ToolBar.ISearch.d" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\izxxzdsafsafczxcr.exe infected by "Trojan-Downloader.Win32.Small.aqt" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\intronsad.exe infected by "Trojan-Clicker.Win32.Delf.bz" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\exdl1.exe infected by "not-a-virus:AdWare.BargianBuddy.n" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\nnkyir.exe infected by "Trojan.Win32.Agent.ay" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\exul1.exe infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\eeos.exe infected by "not-a-virus:AdWare.PurityScan.w" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\angelex.exe infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\instsrv.exe tagged as not-a-virus:RiskWare.Tool.ServiceRunner.f. No Action Taken.
File C:\WINDOWS\SYSTEM\mac80ex.idf infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\netut80ex.vxd infected by "not-a-virus:AdWare.BargianBuddy.n" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\qh4mkbv9.dll infected by "not-a-virus:AdWare.Sahat.l" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\q17i9a4j.exe infected by "not-a-virus:AdWare.Sahat.o" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\TEMP\sp.html infected by "Trojan.JS.StartPage.u" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\TEMP\B141579204\build2.exe infected by "not-a-virus:AdWare.ToolBar.ISearch.d" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\TEMP\D01UTFMP.dll infected by "not-a-virus:AdWare.Sahat.m" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\TEMP\down.cab infected by "not-a-virus:AdWare.Wintol.y" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\TEMP\DrTemp\pynix.cab infected by "not-a-virus:AdWare.DlMax.a" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\TEMP\DrTemp\Pynix.dll infected by "not-a-virus:AdWare.DlMax.a" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\TEMP\cln63A6.TMP infected by "Trojan-Downloader.Win32.Dyfuca.dx" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\TEMP\WToolsB.dll infected by "not-a-virus:AdWare.Wintol.y" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\TEMP\setup4002b.cab infected by "not-a-virus:AdWare.Sahat.l" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\TEMP\WToolsA.exe infected by "not-a-virus:AdWare.Wintol.aa" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\TEMP\AutoUpdate0\auto_update_install.ex e infected by "Trojan-Downloader.Win32.Apropo.u" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\Downloaded Program Files\CONFLICT.1\dropper.exe infected by "Trojan-Downloader.Win32.WarSpy.d" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\Downloaded Program Files\dropper.exe infected by "Trojan-Downloader.Win32.WarSpy.d" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\Downloaded Program Files\MediaAccX.dll infected by "not-a-virus:AdWare.WinAD.ak" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\Downloaded Program Files\u6f6uftuc_.exe infected by "not-a-virus:AdWare.Sahat.o" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\Downloaded Program Files\webinstaller.dll infected by "not-a-virus:AdWare.Sahat.q" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\Archivos temporales de Internet\Content.IE5\CI8FZ26Q\pynix[1].cab infected by "not-a-virus:AdWare.DlMax.a" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\Archivos temporales de Internet\Content.IE5\KTGU7C3Z\main[1].chm infected by "Trojan-Downloader.JS.Miner" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\Archivos temporales de Internet\Content.IE5\F7Q01KL4\optimize313[1].exe infected by "Trojan-Downloader.Win32.Dyfuca.dx" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\Archivos temporales de Internet\Content.IE5\F7Q01KL4\package_adp_SIAC[1].exe infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\Archivos temporales de Internet\Content.IE5\V39JRDGW\a1[1].htm infected by "Trojan-Clicker.JS.Linker.j" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\Archivos temporales de Internet\Content.IE5\8L41YNGP\a772a97b[1].js infected by "Trojan-Downloader.JS.Small.af" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\Archivos temporales de Internet\Content.IE5\AT1MNE1O\mtrslib2[1].js infected by "Trojan-Downloader.JS.Small.ag" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\Archivos temporales de Internet\Content.IE5\AT1MNE1O\AutoUpdaterInstaller[1].exe infected by "Trojan-Downloader.Win32.Apropo.g" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\Archivos temporales de Internet\Content.IE5\7UORFL0P\nem220[1].dll infected by "Trojan-Downloader.Win32.Dyfuca.gen" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\Archivos temporales de Internet\Content.IE5\7UORFL0P\Toolbar3[1].cab tagged as not-a-virus:RiskWare.Tool.Exporun. No Action Taken.
File C:\WINDOWS\loadclean.exe infected by "Trojan-Downloader.Win32.Delf.cb" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\optimize.exe infected by "Trojan-Downloader.Win32.Dyfuca.dk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SSK_B5.EXE infected by "Trojan-Dropper.Win32.SurfSide.a" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\shop1004.exe infected by "not-a-virus:AdWare.Sahat.m" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\edow.exe infected by "not-a-virus:AdWare.Wintol.ab" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\isrvs\mfiltis.dll infected by "not-a-virus:AdWare.ToolBar.ISearch.d" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\isrvs\isearch.xpi infected by "not-a-virus:AdWare.ToolBar.ISearch.e" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\isrvs\delprot.sys infected by "Trojan.Win32.Delprot.a" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\isrvs\edmond.exe infected by "Trojan.Win32.Delprot.a" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\zeta.exe infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\installer_SIAC.exe infected by "Trojan-Downloader.Win32.Adload.a" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\ucmoreiex.exe infected by "not-a-virus:AdWare.ToolBar.Ucmore.a" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\a95kfrhe.exe infected by "not-a-virus:AdWare.Sahat.o" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\ahadp.exe infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken.
File C:\_RESTORE\TEMP\MQEXDLM.0 infected by "not-a-virus:AdWare.BargianBuddy.n" Virus. Action Taken: No Action Taken.
File C:\_RESTORE\TEMP\PACKAG~1.0 infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken.
File C:\_RESTORE\TEMP\WTOOLSA.0 infected by "not-a-virus:AdWare.Wintol.aa" Virus. Action Taken: No Action Taken.
File C:\command.exe infected by "Trojan-Dropper.Win32.Delf.ev" Virus. Action Taken: No Action Taken.
File C:\4.dat infected by "Trojan.Win32.Small.bb" Virus. Action Taken: No Action Taken.
File C:\Archivos de programa\Archivos comunes\Uninstall Information\RemoveDisplayUtility.exe infected by "not-a-virus:AdWare.DelphinMedia.Viewer.f" Virus. Action Taken: No Action Taken.
File C:\Archivos de programa\Archivos comunes\WinTools\WSup.exe infected by "not-a-virus:AdWare.Wintol.aa" Virus. Action Taken: No Action Taken.
File C:\Archivos de programa\Mozilla Firefox\extensions\{2bafa858-4ff3-4207-822e-ef46d1b431de}\chrome\isearch.jar infected by "not-a-virus:AdWare.ToolBar.ISearch.e" Virus. Action Taken: No Action Taken.
Hijackthis log:
Logfile of HijackThis v1.99.1
Scan saved at 05:49:39 p.m., on 20/04/2005
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\ARCHIVOS DE PROGRAMA\MSN APPS\UPDATER\01.02.3000.1001\ES-LA\MSNAPPAU.EXE
C:\ARCHIVOS DE PROGRAMA\MICROSOFT HARDWARE\GAME CONTROLLERS\COMMON\SWTRAYV4.EXE
C:\WINDOWS\SYSTEM\IRMON.EXE
C:\PROGRAM FILES\GLOBESPANVIRATA\ADSL\DSLSTAT.EXE
C:\PROGRAM FILES\GLOBESPANVIRATA\ADSL\DSLAGENT.EXE
C:\ARCHIVOS DE PROGRAMA\PC BOOSTER\PCBOOSTER.EXE
C:\WINDOWS\SYSTEM\CMD32.EXE
C:\WINDOWS\TEMP\SHOP1004.EXE
C:\ARCHIVOS DE PROGRAMA\BULLSEYE NETWORK\BIN\BARGAINS.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\JSPEGISTER.EXE
C:\WINDOWS\SYSTEM\LINMOPRP.EXE
C:\WINDOWS\SYSTEM\WINOA386.MOD
C:\ARCHIVOS DE PROGRAMA\CXTPLS\CXTPLS.EXE
C:\PROGRAM FILES\AUTOUPDATE\AUTOUPDATE.EXE
C:\ARCHIVOS DE PROGRAMA\ARCHIVOS COMUNES\WINTOOLS\WTOOLSA.EXE
C:\ARCHIVOS DE PROGRAMA\ARCHIVOS COMUNES\WINTOOLS\WSUP.EXE
C:\ARCHIVOS DE PROGRAMA\TOOLBAR\TBPS.EXE
C:\ARCHIVOS DE PROGRAMA\TOOLBAR\PIB.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\ARCHIVOS DE PROGRAMA\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\AP9H4QMO.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\ARCHIVOS DE PROGRAMA\INTERNET EXPLORER\IEXPLORE.EXE
C:\ARCHIVOS DE PROGRAMA\INTERNET EXPLORER\IEXPLORE.EXE
C:\ARCHIVOS DE PROGRAMA\HIJACKTHIS\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.websearch.com/ie.aspx?tb_id=50162
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:NavigationFailure
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hotoffers.info/ad0179/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.websearch.com/ie.aspx?tb_id=50162
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = res://C:\ARCHIV~1\TOOLBAR\TOOLBAR.DLL/sa
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:NavigationFailure
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:NavigationFailure
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:NavigationFailure
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.websearch.com/ie.aspx?tb_id=50162
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = res://C:\ARCHIV~1\TOOLBAR\TOOLBAR.DLL/sa
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Familia Cadavid
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
R3 - Default URLSearchHook is missing
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\ARCHIVOS DE PROGRAMA\MSN APPS\MSN TOOLBAR\01.02.4000.1001\ES-LA\MSNTB.DLL
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\ARCHIVOS DE PROGRAMA\MSN APPS\ST\01.02.3000.1002\EN-XU\STMAIN.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\ARCHIVOS DE PROGRAMA\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
O2 - BHO: (no name) - {E9257ECA-722C-466F-915A-4BCEF18893CF} - C:\WINDOWS\SYSTEM\LGBFGA.DLL
O2 - BHO: IE Update Class - {5B4AB8E2-6DC5-477A-B637-BF3C1A2E5993} - C:\WINDOWS\isrvs\sysupd.dll
O2 - BHO: PynixObj Class - {00000000-DD60-0064-6EC2-6E0100000000} - C:\WINDOWS\PYNIX.DLL
O2 - BHO: (no name) - {016235BE-59D4-4CEB-ADD5-E2378282A1D9} - C:\ARCHIVOS DE PROGRAMA\CXTPLS\CXTPLS.DLL
O2 - BHO: ADP UrlCatcher Class - {F4E04583-354E-4076-BE7D-ED6A80FD66DA} - C:\WINDOWS\SYSTEM\MSBE.DLL
O2 - BHO: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} - C:\ARCHIV~1\ARCHIV~1\WINTOOLS\WTOOLSB.DLL
O2 - BHO: (no name) - {8952A998-1E7E-4716-B23D-3DBE03910972} - C:\ARCHIV~1\TOOLBAR\TOOLBAR.DLL
O3 - Toolbar: @msdxmLC.dll,-1@3082,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\ARCHIVOS DE PROGRAMA\MSN APPS\MSN TOOLBAR\01.02.4000.1001\ES-LA\MSNTB.DLL
O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\ARCHIVOS DE PROGRAMA\DAP\DAPIEBAR.DLL
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - C:\ARCHIVOS DE PROGRAMA\MCAFEE.COM\VSO\MCVSSHL.DLL
O3 - Toolbar: UCmore XP - The Search Accelerator - {44BE0690-5429-47f0-85BB-3FFD8020233E} - C:\ARCHIVOS DE PROGRAMA\THESEARCHACCELERATOR\UCMTSAIE.DLL
O3 - Toolbar: &Search Toolbar - {339BB23F-A864-48C0-A59F-29EA915965EC} - C:\ARCHIV~1\TOOLBAR\TOOLBAR.DLL
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [msnappau] "C:\Archivos de programa\MSN Apps\Updater\01.02.3000.1001\es-la\msnappau.exe"
O4 - HKLM\..\Run: [SideWinderTrayV4] C:\ARCHIV~1\MICROS~2\GAMECO~1\COMMON\SWTRAYV4.EXE
O4 - HKLM\..\Run: [IrMon] irmon.exe
O4 - HKLM\..\Run: [DSLSTATEXE] C:\Program Files\GlobespanVirata\Adsl\dslstat.exe icon
O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Program Files\GlobespanVirata\Adsl\dslagent.exe
O4 - HKLM\..\Run: [PC Booster] C:\Archivos de programa\PC Booster\pcbooster.exe
O4 - HKLM\..\Run: [MCAgentExe] C:\ARCHIV~1\MCAFEE.COM\AGENT\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\ARCHIV~1\MCAFEE.COM\AGENT\MCUPDATE.EXE
O4 - HKLM\..\Run: [ControlPanel] C:\WINDOWS\SYSTEM\cmd32.exe internat.dll,LoadKeyboardProfile
O4 - HKLM\..\Run: [AutoLoaderAproposClient] "C:\WINDOWS\CXTPLS_LOADER.EXE" /HideUninstall /HideDir /PC=CP.AMS /ShowLegalNote=nonbranded
O4 - HKLM\..\Run: [Desktop Search] C:\WINDOWS\isrvs\desktop.exe
O4 - HKLM\..\Run: [ffis] C:\WINDOWS\isrvs\ffisearch.exe
O4 - HKLM\..\Run: [SAHBundle] C:\WINDOWS\TEMP\SHOP1004.EXE run
O4 - HKLM\..\Run: [BullsEye Network] C:\Archivos de programa\BullsEye Network\bin\bargains.exe
O4 - HKLM\..\Run: [o64h36O] LINMOPRP.EXE
O4 - HKLM\..\Run: [AutoUpdater] "c:\Program Files\AutoUpdate\AutoUpdate.exe"
O4 - HKLM\..\Run: [TBPS] C:\ARCHIV~1\TOOLBAR\TBPS.exe
O4 - HKLM\..\Run: [ap9h4qmo] C:\WINDOWS\SYSTEM\ap9h4qmo.exe
O4 - HKLM\..\Run: [WinTools] C:\ARCHIV~1\ARCHIV~1\WINTOOLS\WTOOLSA.EXE
O4 - HKLM\..\RunServices: [WinTools] C:\ARCHIV~1\ARCHIV~1\WINTOOLS\WTOOLSA.EXE
O4 - HKLM\..\RunServicesOnce: [WinTools] C:\ARCHIV~1\ARCHIV~1\WINTOOLS\WTOOLSA.EXE /boot
O4 - HKLM\..\RunServicesOnce: [TBPS] C:\ARCHIV~1\TOOLBAR\TBPS.exe /boot
O4 - HKCU\..\Run: [WindowBlinds] C:\Archivos de programa\Stardock\Object Desktop\WindowBlinds\wbload.exe auto
O4 - HKCU\..\Run: [180ClientStubInstall] "C:\WINDOWS\STUBINSTALLER5356.EXE"
O4 - HKCU\..\Run: [ZxvnRWimR] JSPEGISTER.EXE
O4 - HKCU\..\RunServices: [WindowBlinds] C:\Archivos de programa\Stardock\Object Desktop\WindowBlinds\wbload.exe auto
O4 - HKCU\..\RunServices: [180ClientStubInstall] "C:\WINDOWS\STUBINSTALLER5356.EXE"
O4 - HKCU\..\RunServices: [ZxvnRWimR] JSPEGISTER.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~1\OFFICE10\EXCEL.EXE/3000
O8 - Extra context menu item: &Download with &DAP - C:\ARCHIV~1\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\ARCHIV~1\DAP\dapextie2.htm
O15 - Trusted Zone: *.windupdates.com
O15 - Trusted Zone: *.searchmiracle.com
O15 - Trusted Zone: *.searchbarcash.com
O15 - Trusted Zone: *.skoobidoo.com
O15 - Trusted Zone: *.my-internet.info
O15 - Trusted Zone: *.xxxtoolbar.com
O15 - Trusted Zone: *.slotch.com
O15 - Trusted Zone: *.flingstone.com
O15 - Trusted Zone: *.mt-download.com
O15 - Trusted Zone: *.blazefind.com
O15 - Trusted Zone: *.clickspring.net
O15 - Trusted Zone: *.ysbweb.com
O15 - Trusted Zone: *.slotchbar.com
O15 - Trusted Zone: *.windupdates.com (HKLM)
O15 - Trusted Zone: *.searchbarcash.com (HKLM)
O15 - Trusted Zone: *.searchmiracle.com (HKLM)
O15 - Trusted Zone: *.skoobidoo.com (HKLM)
O15 - Trusted Zone: *.my-internet.info (HKLM)
O15 - Trusted Zone: *.xxxtoolbar.com (HKLM)
O15 - Trusted Zone: *.slotch.com (HKLM)
O15 - Trusted Zone: *.flingstone.com (HKLM)
O15 - Trusted Zone: *.mt-download.com (HKLM)
O15 - Trusted Zone: *.blazefind.com (HKLM)
O15 - Trusted Zone: *.clickspring.net (HKLM)
O15 - Trusted Zone: *.ysbweb.com (HKLM)
O15 - Trusted Zone: *.slotchbar.com (HKLM)
O15 - Trusted IP range: 67.19.185.246
O15 - Trusted IP range: 67.19.185.246 (HKLM)
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,90/mcinsctl.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,23/mcgdmgr.cab
O18 - Protocol: tpro - {FF76A5DA-6158-4439-99FF-EDC1B3FE100C} - C:\ARCHIV~1\TOOLBAR\TOOLBAR.DLL
O18 - Filter: text/html - {966838B3-B0FA-41A1-A018-C4399017AAAA} - C:\WINDOWS\SYSTEM\LGBFGA.DLL
O18 - Filter: text/plain - {966838B3-B0FA-41A1-A018-C4399017AAAA} - C:\WINDOWS\SYSTEM\LGBFGA.DLL |