Cita:
Originalmente publicado por dlahman77  Hola proba con estos pasos Realiza lo Siguiente: Descarga la herramienta SDFix guardala y descomprimila en tu escritorio pero no la ejecutes aun.
Reinicia la PC a Modo a prueba de fallos o (Modo seguro)
• Ejecuta SDFix.exe en el escritorio, se creará una nueva carpeta en el escritorio, entra en dicha carpeta y ejecuta el archivo "Runthis.bat" luego, presiona la tecla "Y" para que comience el chequeo, al terminar, se creará un archivo dentro de la carpeta llamado Report.txt, copia y pega lo que indique ese reporte acá. Reinicia el PC a "Modo normal" Por Ultimo Realiza los Siguientes Pasos: Eliminar Adware Navipromo. - Foro de Spyware Nos Envias los reportes de Navipromo, panda y el de SIDFix. |
Pues la página de Panda no me abre...
pero del resto me salió lo siguiente: :S no tengo ni idea de lo que sea...
Fix Navipromo version 3.5.7
Scan completed 15/05/2008 18:40:09.48
No file found
*** Search with GenericNaviSearch ***
!!! Possibility of legitimate files in the result !!!
!!! Must always be checked before manually deleting !!!
* Scan in "C:\WINDOWS\system32" *
* Scan in "C:\Documents and Settings\Giusseppe\config~1\datosd~1" *
* Scan in "C:\DOCUME~1\Giuseppe\config~1\datosd~1" *
* Scan in "C:\DOCUME~1\Invitado\config~1\datosd~1" *
* Scan in "C:\DOCUME~1\IOMAFE~1\config~1\datosd~1" *
* Scan in "C:\DOCUME~1\Usuario\config~1\datosd~1" *
*** Search files ***
*** Search specific Registry keys ***
*** Complementary Search ***
(Search specific files)
1)Search new Instant Access files :
2)Heuristic Search :
* In "C:\WINDOWS\system32" :
* In "C:\Documents and Settings\Giusseppe\config~1\datosd~1" :
* In "C:\DOCUME~1\Giuseppe\config~1\datosd~1" :
* In "C:\DOCUME~1\Invitado\config~1\datosd~1" :
* In "C:\DOCUME~1\IOMAFE~1\config~1\datosd~1" :
* In "C:\DOCUME~1\Usuario\config~1\datosd~1" :
3)Certificates Search :
Egroup certificate not found !
Electronic-Group certificate not found !
OOO-Favorit certificate not found !
Sunny-Day-Design-Ltd certificate not found !
4)Search known files :
*** Search completed on 15/05/2008 at 19:31:45.81 ***
SDFix: Version 1.182
Run by Giusseppe on 15/05/2008 at 05:34 p.m.
Microsoft Windows XP [Versi¢n 5.1.2600]
Running From: C:\DOCUME~1\GIUSSE~1\ESCRIT~1\sdfix
Checking Services :
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Rebooting
Checking Files :
No Trojan Files Found
Folder C:\WINDOWS\system32\527631 - Removed
Removing Temp Files
ADS Check :
Final Check :
catchme 0.3.1359.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-15 17:48:39
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
scanning hidden registry entries ...
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\WindowsUpdate\Auto Update]
"OfflineDetectionPending"=dword:00000001
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
Remaining Services :
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\sharedaccess\parameters\firewallpolicy\standard profile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\s yste m32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Archivos de programa\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Archivos de programa\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Archivos de programa\\Ares\\Ares.exe"="C:\\Archivos de programa\\Ares\\Ares.exe:*:Enabled:Ares"
"C:\\Archivos de programa\\DNA\\btdna.exe"="C:\\Archivos de programa\\DNA\\btdna.exe:*:Enabled:DNA"
"C:\\Archivos de programa\\Internet Explorer\\iexplore.exe"="C:\\Archivos de programa\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
"C:\\Archivos de programa\\BitTorrent\\bittorrent.exe"="C:\\Archivo s de programa\\BitTorrent\\bittorrent.exe:*:Enabled:Bit Torrent"
"C:\\Archivos de programa\\Electronic Arts\\The Battle for Middle-earth (tm) II\\game.dat"="C:\\Archivos de programa\\Electronic Arts\\The Battle for Middle-earth (tm) II\\game.dat:*:Enabled:The Battle for Middle-earth(tm) II"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\sharedaccess\parameters\firewallpolicy\domainpr ofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\s yste m32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
Remaining Files :
File Backups: - C:\DOCUME~1\GIUSSE~1\ESCRIT~1\sdfix\backups\backup s.zip
Files with Hidden Attributes :
Mon 28 Jan 2008 1,404,240 A.SHR --- "C:\Archivos de programa\Spybot - Search & Destroy\SDUpdate.exe"
Mon 28 Jan 2008 5,146,448 A.SHR --- "C:\Archivos de programa\Spybot - Search & Destroy\SpybotSD.exe"
Mon 28 Jan 2008 2,097,488 A.SHR --- "C:\Archivos de programa\Spybot - Search & Destroy\TeaTimer.exe"
Thu 27 Mar 2008 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Wed 16 Apr 2008 26,884 A..H. --- "C:\Documents and Settings\Giuseppe\Configuraci¢n local\Temp\9sky8pia.dll"
Sun 13 Apr 2008 26,884 A..H. --- "C:\Documents and Settings\io Mafercita\Configuraci¢n local\Temp\9sky8pia.dll"
Tue 15 Apr 2008 26,884 A..H. --- "C:\Documents and Settings\Usuario\Configuraci¢n local\Temp\9sky8pia.dll"
Mon 7 Apr 2008 25,828,448 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\0b55 e76c fdd1306ec8076157e26db664\BIT1B5.tmp"
Mon 3 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\0f34 824a 033eab228771f2d4652430bc\BIT194.tmp"
Fri 11 Apr 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\6302 cd95 3d4f96eddfc52b796b65351e\BIT1C1.tmp"
Thu 10 Apr 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\6a60 bc3d a9838ca85b90a0ada9908135\BIT1F8.tmp"
Tue 2 Oct 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\756b 5cb6 b308fddade39cc900771aca9\BIT188.tmp"
Tue 2 Oct 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\75d4 ef6a cab89734910413bcff4bcc8f\BIT19F.tmp"
Tue 5 Feb 2008 150,994 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\7b69 6348 bdd4982e1728653ff799b5ec\BIT176.tmp"
Mon 3 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\b857 106b 57491ac2a650851d43af1c92\BIT193.tmp"
Fri 25 Jan 2008 120,566 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\d5ac 62f0 d56f37c0e058f63fb51833cd\BIT171.tmp"
Thu 10 Apr 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\dcf1 c79d c43838b07e54842e827c0bf4\BIT1F9.tmp"
Thu 8 May 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\e333 946a 72df07902c13124415079b00\BIT6.tmp"
Mon 12 Feb 2007 3,096,576 A..H. --- "C:\Documents and Settings\Giuseppe\Datos de programa\U3\temp\Launchpad Removal.exe"
Mon 12 Feb 2007 3,096,576 A..H. --- "C:\Documents and Settings\io Mafercita\Datos de programa\U3\temp\Launchpad Removal.exe"
Mon 12 Feb 2007 3,096,576 A..H. --- "C:\Documents and Settings\Usuario\Datos de programa\U3\temp\Launchpad Removal.exe"
Mon 7 Apr 2008 104,986 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\1f87 a686 cf3b25b0d359384ae3434a81\download\BIT1BB.tmp"
Fri 22 Feb 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\8c4d 7a0a 2d8877005bd43c371fa41c56\download\BIT17C.tmp"
Tue 8 Apr 2008 2,645,261 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\cc97 a48f d328890898bfd10a6990bbe9\download\BIT1DB.tmp"
Wed 7 Nov 2007 413,697 A.SH. --- "C:\Documents and Settings\All Users\Datos de programa\YAMAHA\MSD\TEMP\anxxclamp.zip"
Finished!
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 05/15/2008 at 07:27 PM
Application Version : 4.0.1154
Core Rules Database Version : 3462
Trace Rules Database Version: 1453
Scan type : Complete Scan
Total Scan Time : 0116
Memory items scanned : 188
Memory threats detected : 0
Registry items scanned : 5835
Registry threats detected : 10
File items scanned : 20510
File threats detected : 61
Trojan.Downloader-Gen/FotoMoto-A
HKLM\Software\Classes\CLSID\{733716E1-76D2-4003-AC39-845281C0EF85}
HKCR\CLSID\{733716E1-76D2-4003-AC39-845281C0EF85}
HKCR\CLSID\{733716E1-76D2-4003-AC39-845281C0EF85}
HKCR\CLSID\{733716E1-76D2-4003-AC39-845281C0EF85}\InprocServer32
HKCR\CLSID\{733716E1-76D2-4003-AC39-845281C0EF85}\InprocServer32#ThreadingModel
HKCR\CLSID\{733716E1-76D2-4003-AC39-845281C0EF85}\ProgID
HKCR\CLSID\{733716E1-76D2-4003-AC39-845281C0EF85}\Programmable
HKCR\CLSID\{733716E1-76D2-4003-AC39-845281C0EF85}\TypeLib
HKCR\CLSID\{733716E1-76D2-4003-AC39-845281C0EF85}\VersionIndependentProgID
C:\WINDOWS\SYSTEM32\NSA1CE.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{733716E1-76D2-4003-AC39-845281C0EF85}
Adware.Tracking Cookie
C:\Documents and Settings\Giusseppe\Cookies\giusseppe@1068632757[1].txt
C:\Documents and Settings\Invitado\Cookies\invitado@hotbar[2].txt
C:\Documents and Settings\io Mafercita\Cookies\io mafercita@2o7[1].txt
C:\Documents and Settings\io Mafercita\Cookies\io mafercita@account.live[2].txt
C:\Documents and Settings\io Mafercita\Cookies\io mafercita@ad.yieldmanager[2].txt
C:\Documents and Settings\io Mafercita\Cookies\io mafercita@ads.e-planning[1].txt
C:\Documents and Settings\io Mafercita\Cookies\io mafercita@ads.pointroll[1].txt
C:\Documents and Settings\io Mafercita\Cookies\io mafercita@ads.us.e-planning[2].txt
C:\Documents and Settings\io Mafercita\Cookies\io mafercita@advertising[2].txt
C:\Documents and Settings\io Mafercita\Cookies\io mafercita@apmebf[2].txt
C:\Documents and Settings\io Mafercita\Cookies\io mafercita@atdmt[2].txt
C:\Documents and Settings\io Mafercita\Cookies\io mafercita@atwola[1].txt
C:\Documents and Settings\io Mafercita\Cookies\io mafercita@doubleclick[1].txt
C:\Documents and Settings\io Mafercita\Cookies\io mafercita@edge.ru4[2].txt
C:\Documents and Settings\io Mafercita\Cookies\io mafercita@fastclick[2].txt
C:\Documents and Settings\io Mafercita\Cookies\io mafercita@findwhat[1].txt
C:\Documents and Settings\io Mafercita\Cookies\io mafercita@imeem.112.2o7[1].txt
C:\Documents and Settings\io Mafercita\Cookies\io mafercita@insightexpressai[1].txt
C:\Documents and Settings\io Mafercita\Cookies\io mafercita@msnaccountservices.112.2o7[1].txt
C:\Documents and Settings\io Mafercita\Cookies\io mafercita@msnportal.112.2o7[1].txt
C:\Documents and Settings\io Mafercita\Cookies\io mafercita@oas.directaclick[1].txt
C:\Documents and Settings\io Mafercita\Cookies\io mafercita@questionmarket[2].txt
C:\Documents and Settings\io Mafercita\Cookies\io mafercita@rm.yieldmanager[2].txt
C:\Documents and Settings\io Mafercita\Cookies\io mafercita@specificclick[2].txt
C:\Documents and Settings\io Mafercita\Cookies\io mafercita@statcounter[1].txt
C:\Documents and Settings\io Mafercita\Cookies\io mafercita@waterfrontmedia.112.2o7[1].txt
C:\Documents and Settings\io Mafercita\Cookies\io mafercita@weborama[1].txt
C:\Documents and Settings\io Mafercita\Cookies\io mafercita@windowsmedia[1].txt
C:\Documents and Settings\io Mafercita\Cookies\io mafercita@www.windowsmedia[1].txt
C:\Documents and Settings\io Mafercita\Cookies\io mafercita@yieldmanager[2].txt
C:\Documents and Settings\io Mafercita\Cookies\io mafercita@yoigo.solution.weborama[2].txt
Trojan.Downloader-AUPD
C:\DOCUMENTS AND SETTINGS\GIUSEPPE\CONFIGURACIóN LOCAL\TEMP\AUPD.EXE
C:\DOCUMENTS AND SETTINGS\USUARIO\CONFIGURACIóN LOCAL\TEMP\AUPD.EXE
Trojan.Downloader-Gen/Suspicious
C:\DOCUMENTS AND SETTINGS\GIUSEPPE\CONFIGURACIóN LOCAL\TEMP\ZFE2.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{BA93A044-AD19-44AD-BFC4-BD7AA9AF195F}\RP453\A0334316.EXE
Trojan.NewDotNet
C:\SYSTEM VOLUME INFORMATION\_RESTORE{BA93A044-AD19-44AD-BFC4-BD7AA9AF195F}\FIFOED(20)\A0314383.EXE
Trojan.Unclassified/FukuRuku-A
C:\SYSTEM VOLUME INFORMATION\_RESTORE{BA93A044-AD19-44AD-BFC4-BD7AA9AF195F}\FIFOED(20)\A0314386.DLL
Rogue.NetProject-Installer
C:\SYSTEM VOLUME INFORMATION\_RESTORE{BA93A044-AD19-44AD-BFC4-BD7AA9AF195F}\RP453\A0334291.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{BA93A044-AD19-44AD-BFC4-BD7AA9AF195F}\RP453\A0334313.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{BA93A044-AD19-44AD-BFC4-BD7AA9AF195F}\RP453\A0336311.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{BA93A044-AD19-44AD-BFC4-BD7AA9AF195F}\RP453\A0336329.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{BA93A044-AD19-44AD-BFC4-BD7AA9AF195F}\RP454\A0336404.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{BA93A044-AD19-44AD-BFC4-BD7AA9AF195F}\RP454\A0336437.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{BA93A044-AD19-44AD-BFC4-BD7AA9AF195F}\RP454\A0336459.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{BA93A044-AD19-44AD-BFC4-BD7AA9AF195F}\RP454\A0336477.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{BA93A044-AD19-44AD-BFC4-BD7AA9AF195F}\RP454\A0336540.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{BA93A044-AD19-44AD-BFC4-BD7AA9AF195F}\RP455\A0336568.EXE
Trojan.Downloader-Gen/FotoMoto-B
C:\SYSTEM VOLUME INFORMATION\_RESTORE{BA93A044-AD19-44AD-BFC4-BD7AA9AF195F}\RP453\A0336315.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{BA93A044-AD19-44AD-BFC4-BD7AA9AF195F}\RP453\A0336343.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{BA93A044-AD19-44AD-BFC4-BD7AA9AF195F}\RP454\A0336464.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{BA93A044-AD19-44AD-BFC4-BD7AA9AF195F}\RP455\A0336573.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{BA93A044-AD19-44AD-BFC4-BD7AA9AF195F}\RP457\A0337700.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{BA93A044-AD19-44AD-BFC4-BD7AA9AF195F}\RP457\A0337719.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{BA93A044-AD19-44AD-BFC4-BD7AA9AF195F}\RP457\A0337752.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{BA93A044-AD19-44AD-BFC4-BD7AA9AF195F}\RP458\A0337780.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{BA93A044-AD19-44AD-BFC4-BD7AA9AF195F}\RP459\A0339904.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{BA93A044-AD19-44AD-BFC4-BD7AA9AF195F}\RP460\A0340137.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{BA93A044-AD19-44AD-BFC4-BD7AA9AF195F}\RP461\A0340170.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{BA93A044-AD19-44AD-BFC4-BD7AA9AF195F}\RP461\A0340206.DLL
Adware.AdRotator/RightOnz
C:\WINDOWS\SYSTEM32\RIGHTONADZ-UNINST.EXE