Hola de nuevo, Caito, y gracias otra vez por tomarte tantas molestias en ayudarme.
Te comento, antes de pegarte los reports de los tres programas, que desde que ejecuté lo que me dijiste, me aparece un aviso de windows al conectarme a internet que dice lo de que no puede cargar
c:\Windows\system32\MTRDO20.DLL, DllGetVersion
Aparte, el Kapersky, me ha avisado de ataques de LOVESAN y de LSASS Exploit.
Los pop-ups siguen apareciendo, quizá menos que antes, pero siguen, especialmente el de esta url:
http://oas-central.realmedia.com/RealMedia.../cache_bust@x03Lo que te quisiera preguntar también es si aparte de los pop-ups puede que tenga aún algun tipo de troyano, pues necesito utilizar el ordenador para consultar cuentas bancarias, correo y demás, y de momento no lo hago por miedo a tener algo que me robe las contraseñas. Disculpa tantas preguntas, pero es que ya no estoy tranquila...
Y ahora sí, ahí van los logs:
El del Hijack:
Logfile of HijackThis v1.99.1
Scan saved at 9:22:08, on 11/11/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\rundll32.exe
C:\Archivos de programa\Archivos comunes\EPSON\EBAPI\eEBSVC.exe
C:\Archivos de programa\Archivos comunes\EPSON\EBAPI\SAgent2.exe
C:\Archivos de programa\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\atiptaxx.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Archivos de programa\Messenger\msmsgs.exe
C:\Archivos de programa\WinRAR\WinRAR.exe
C:\DOCUME~1\PYT\CONFIG~1\Temp\Rar$EX00.000\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\archivos de programa\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Archivos de programa\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize
O4 - HKLM\..\Run: [SECRETSERVICE] C:\Archivos de programa\macaffe\host\update\s4nn0t.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Archivos de programa\Messenger\msmsgs.exe" /background
O4 - Global Startup: Microsoft Office.lnk = C:\Archivos de programa\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Búsqueda en Google - res://C:\Archivos de programa\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Traducir palabra inglesa - res://C:\Archivos de programa\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Instantánea de caché de la página - res://C:\Archivos de programa\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Páginas similares - res://C:\Archivos de programa\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Páginas vinculadas - res://C:\Archivos de programa\Google\GoogleToolbar1.dll/cmbacklinks.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
http://www.kaspersky.com/downloads/kws/kav...can_unicode.cabO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.microsoft.com/windowsupdate/...b?1131462223061O17 - HKLM\System\CCS\Services\Tcpip\..\{3A21FFD4-AA5C-416C-A2DA-C9E1491C2BD1}: NameServer = 80.58.61.250,80.58.61.254
O20 - Winlogon Notify: Group Policy - C:\WINDOWS\system32\s2880cluefq80.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Archivos de programa\Archivos comunes\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Archivos de programa\Archivos comunes\EPSON\EBAPI\SAgent2.exe
O23 - Service: ewido security suite control - ewido networks - C:\Archivos de programa\ewido\security suite\ewidoctrl.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Archivos de programa\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Archivos de programa\Archivos comunes\Symantec Shared\SNDSrvc.exe
O23 - Service: Windows Time Sync (wservtime) - Unknown owner - C:\WINDOWS\csrss.exe (file missing)
El del l2mfix:
L2MFIX find log 1.04a
These are the registry keys present
********************************************************************************
**
Winlogon/notify:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
"DLLName"="Ati2evxx.dll"
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000001
"Lock"="AtiLockEvent"
"Logoff"="AtiLogoffEvent"
"Logon"="AtiLogonEvent"
"Disconnect"="AtiDisConnectEvent"
"Reconnect"="AtiReConnectEvent"
"Safe"=dword:00000000
"Shutdown"="AtiShutdownEvent"
"StartScreenSaver"="AtiStartScreenSaverEvent"
"StartShell"="AtiStartShellEvent"
"Startup"="AtiStartupEvent"
"StopScreenSaver"="AtiStopScreenSaverEvent"
"Unlock"="AtiUnLockEvent"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,\
6c,00,00,00
"Logoff"="ChainWlxLogoffEvent"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Logoff"="CryptnetWlxLogoffEvent"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
"DLLName"="cscdll.dll"
"Logon"="WinlogonLogonEvent"
"Logoff"="WinlogonLogoffEvent"
"ScreenSaver"="WinlogonScreenSaverEvent"
"Startup"="WinlogonStartupEvent"
"Shutdown"="WinlogonShutdownEvent"
"StartShell"="WinlogonStartShellEvent"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\RunOnceEx]
"Asynchronous"=dword:00000000
"DllName"="C:\\WINDOWS\\system32\\ktn2l75o1.dll"
"Impersonate"=dword:00000000
"Logon"="WinLogon"
"Logoff"="WinLogoff"
"Shutdown"="WinShutdown"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
"DLLName"="wlnotify.dll"
"Logon"="SCardStartCertProp"
"Logoff"="SCardStopCertProp"
"Lock"="SCardSuspendCertProp"
"Unlock"="SCardResumeCertProp"
"Enabled"=dword:00000001
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"StartShell"="SchedStartShell"
"Logoff"="SchedEventLogOff"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
"Logoff"="WLEventLogoff"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001
"DllName"=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
"DLLName"="WlNotify.dll"
"Lock"="SensLockEvent"
"Logon"="SensLogonEvent"
"Logoff"="SensLogoffEvent"
"Safe"=dword:00000001
"MaxWait"=dword:00000258
"StartScreenSaver"="SensStartScreenSaverEvent"
"StopScreenSaver"="SensStopScreenSaverEvent"
"Startup"="SensStartupEvent"
"Shutdown"="SensShutdownEvent"
"StartShell"="SensStartShellEvent"
"PostShell"="SensPostShellEvent"
"Disconnect"="SensDisconnectEvent"
"Reconnect"="SensReconnectEvent"
"Unlock"="SensUnlockEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"Logoff"="TSEventLogoff"
"Logon"="TSEventLogon"
"PostShell"="TSEventPostShell"
"Shutdown"="TSEventShutdown"
"StartShell"="TSEventStartShell"
"Startup"="TSEventStartup"
"MaxWait"=dword:00000258
"Reconnect"="TSEventReconnect"
"Disconnect"="TSEventDisconnect"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
"DLLName"="wlnotify.dll"
"Logon"="RegisterTicketExpiredNotificationEvent"
"Logoff"="UnregisterTicketExpiredNotificationEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001
RegDACL 5.1 - Permissions Manager for Registry keys for Windows NT 4 and above
Copyright © 1999-2001 Frank Heyne Software (http://www.heysoft.de)
This program is Freeware, use it on your own risk!
Access Control List for Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify:
(NI) ALLOW Full access NT AUTHORITY\SYSTEM
(IO) ALLOW Full access NT AUTHORITY\SYSTEM
(NI) ALLOW Full access NT AUTHORITY\SYSTEM
(IO) ALLOW Full access NT AUTHORITY\SYSTEM
(ID-NI) ALLOW Read BUILTIN\Usuarios
(ID-IO) ALLOW Read BUILTIN\Usuarios
(ID-NI) ALLOW Read BUILTIN\Usuarios avanzados
(ID-IO) ALLOW Read BUILTIN\Usuarios avanzados
(ID-NI) ALLOW Full access BUILTIN\Administradores
(ID-IO) ALLOW Full access BUILTIN\Administradores
(ID-NI) ALLOW Full access NT AUTHORITY\SYSTEM
(ID-IO) ALLOW Full access NT AUTHORITY\SYSTEM
(ID-IO) ALLOW Full access CREATOR OWNER
********************************************************************************
**
useragent:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
"{45C8C821-14EF-1740-14F9-2E08DEA5CE9E}"=""
********************************************************************************
**
Shell Extension key:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{00022613-0000-0000-C000-000000000046}"="Hoja de propiedades de archivos multimedia"
"{176d6597-26d3-11d1-b350-080036a75b03}"="Administraci¢n de esc ner ICM"
"{1F2E5C40-9550-11CE-99D2-00AA006E086C}"="P gina de seguridad NTFS"
"{3EA48300-8CF6-101B-84FB-666CCB9BCD32}"="P gina de propiedades del archivo de documentos OLE"
"{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"="Extensiones de interfaz para uso compartido"
"{41E300E0-78B6-11ce-849B-444553540000}"="PlusPack CPL Extension"
"{42071712-76d4-11d1-8b24-00a0c9068ff3}"="Extensi¢n CPL del adaptador de pantalla"
"{42071713-76d4-11d1-8b24-00a0c9068ff3}"="Extensi¢n CPL del monitor de pantalla"
"{42071714-76d4-11d1-8b24-00a0c9068ff3}"="Extensi¢n de paneo de pantalla del Panel de control"
"{4E40F770-369C-11d0-8922-00A024AB2DBB}"="P gina de seguridad DS"
"{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"="P gina de compatibilidad"
"{56117100-C0CD-101B-81E2-00AA004AE837}"="Shell Scrap DataHandler"
"{59099400-57FF-11CE-BD94-0020AF85B590}"="Extensi¢n de copia de discos"
"{59be4990-f85c-11ce-aff7-00aa003ca9f6}"="Extensiones del shell para objetos de la red de Microsoft Windows"
"{5DB2625A-54DF-11D0-B6C4-0800091AA605}"="Administraci¢n de monitor ICM"
"{675F097E-4C4D-11D0-B6C1-0800091AA605}"="Administraci¢n de impresora ICM"
"{764BF0E1-F219-11ce-972D-00AA00A14F56}"="Extensiones del shell para compresi¢n de archivos"
"{77597368-7b15-11d0-a0c2-080036af3f03}"="Extensi¢n del shell de impresora en Web"
"{7988B573-EC89-11cf-9C00-00AA00A14F56}"="Disk Quota UI"
"{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}"="Men£ de contexto de cifrado"
"{85BBD920-42A0-1069-A2E4-08002B30309D}"="Malet¡n"
"{88895560-9AA2-1069-930E-00AA0030EBC8}"="Extensi¢n de icono de HyperTerminal"
"{BD84B380-8CA2-1069-AB1D-08000948F534}"="Fuentes"
"{DBCE2480-C732-101B-BE72-BA78E9AD5B27}"="Perfil de ICC"
"{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}"="P gina de seguridad de impresoras"
"{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}"="Extensiones de interfaz para uso compartido"
"{f92e8c40-3d33-11d2-b1aa-080036a75b03}"="Display TroubleShoot CPL Extension"
"{7444C717-39BF-11D1-8CD9-00C04FC29D45}"="Extensi¢n PKO cifrada"
"{7444C719-39BF-11D1-8CD9-00C04FC29D45}"="Extensi¢n de firma cifrada"
"{7007ACC7-3202-11D1-AAD2-00805FC1270E}"="Conexiones de red"
"{992CFFA0-F557-101A-88EC-00DD010CCC48}"="Conexiones de red"
"{E211B736-43FD-11D1-9EFB-0000F8757FCD}"="&C maras y esc neres"
"{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}"="&C maras y esc neres"
"{905667aa-acd6-11d2-8080-00805f6596d2}"="&C maras y esc neres"
"{3F953603-1008-4f6e-A73A-04AAC7A992F1}"="&C maras y esc neres"
"{83bbcbf3-b28a-4919-a5aa-73027445d672}"="&C maras y esc neres"
"{F0152790-D56E-4445-850E-4F3117DB740C}"="Remote Sessions CPL Extension"
"{5F327514-6C5E-4d60-8F16-D07FA08A78ED}"="Auto Update Property Sheet Extension"
"{60254CA5-953B-11CF-8C96-00AA00B8708C}"="Extensiones del shell para Windows Script Host"
"{2206CDB2-19C1-11D1-89E0-00C04FD7A829}"="V¡nculos a datos de Microsoft"
"{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Icon Handler"
"{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Shell Extension"
"{D6277990-4C6A-11CF-8D87-00AA0060F5BF}"="Tareas programadas"
"{0DF44EAA-FF21-4412-828E-260A8728E7F1}"="Barra de tareas y men£ Inicio"
"{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}"="Buscar"
"{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}"="Ayuda y soporte t‚cnico"
"{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}"="Ayuda y soporte t‚cnico"
"{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}"="Ejecutar..."
"{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}"="Internet"
"{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}"="Correo electr¢nico"
"{D20EA4E1-3957-11d2-A40B-0C5020524152}"="Fuentes"
"{D20EA4E1-3957-11d2-A40B-0C5020524153}"="Herramientas administrativas"
"{875CB1A1-0F29-45de-A1AE-CFB4950D0B78}"="Audio Media Properties Handler"
"{40C3D757-D6E4-4b49-BB41-0E5BBEA28817}"="Video Media Properties Handler"
"{E4B29F9D-D390-480b-92FD-7DDB47101D71}"="Wav Properties Handler"
"{87D62D94-71B3-4b9a-9489-5FE6850DC73E}"="Avi Properties Handler"
"{A6FD9E45-6E44-43f9-8644-08598F5A74D9}"="Midi Properties Handler"
"{c5a40261-cd64-4ccf-84cb-c394da41d590}"="Video Thumbnail Extractor"
"{5E6AB780-7743-11CF-A12B-00AA004AE837}"="Barra de herramientas de Microsoft Internet"
"{22BF0C20-6DA7-11D0-B373-00A0C9034938}"="Estado de la descarga"
"{91EA3F8B-C99B-11d0-9815-00C04FD91972}"="Carpeta Shell aumentada"
"{6413BA2C-B461-11d1-A18A-080036B11A03}"="Carpeta 2 Shell aumentada"
"{F61FFEC1-754F-11d0-80CA-00AA005B4383}"="BandProxy"
"{7BA4C742-9E81-11CF-99D3-00AA004AE837}"="Banda del explorador de Microsoft"
"{30D02401-6A81-11d0-8274-00C04FD5AE38}"="Banda de b£squeda"
"{32683183-48a0-441b-a342-7c2a440a9478}"="Banda multimedia"
"{169A0691-8DF9-11d1-A1C4-00C04FD75D13}"="B£squeda en panel"
"{07798131-AF23-11d1-9111-00A0C98BA67D}"="B£squeda Web"
"{AF4F6510-F982-11d0-8595-00AA004CD6D8}"="Utilidad de opciones del rbol de Registro"
"{01E04581-4EEE-11d0-BFE9-00AA005B4383}"="&Direcci¢n"
"{A08C11D2-A228-11d0-825B-00AA005B4383}"="Cuadro de la direcci¢n"
"{00BB2763-6A77-11D0-A535-00C04FD7D062}"="Autocompletar de Microsoft"
"{7376D660-C583-11d0-A3A5-00C04FD706EC}"="TridentImageExtractor"
"{6756A641-DE71-11d0-831B-00AA005B4383}"="Lista autocompleta MRU"
"{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}"="Lista autocompleta MRU personalizada"
"{7e653215-fa25-46bd-a339-34a2790f3cb7}"="Accessible"
"{acf35015-526e-4230-9596-becbe19f0ac9}"="Barra de progreso emergente"
"{E0E11A09-5CB8-4B6C-8332-E00720A168F2}"="Analizador de Barra de direcciones"
"{00BB2764-6A77-11D0-A535-00C04FD7D062}"="Lista autocompleta de la historia de Microsoft"
"{03C036F1-A186-11D0-824A-00AA005B4383}"="Lista autocompleta de la carpeta Shell de Microsoft"
"{00BB2765-6A77-11D0-A535-00C04FD7D062}"="Contenedor de la Lista m£ltiple de Microsoft"
"{ECD4FC4E-521C-11D0-B792-00A0C90312E1}"="Men£ de sitio de bandas Shell"
"{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}"="Shell DeskBarApp"
"{ECD4FC4C-521C-11D0-B792-00A0C90312E1}"="Barra de escritorio Shell"
"{ECD4FC4D-521C-11D0-B792-00A0C90312E1}"="Shell Rebar BandSite"
"{DD313E04-FEFF-11d1-8ECD-0000F87A470C}"="Asistencia al usuario"
"{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}"="Configuraci¢n de carpeta global"
"{EFA24E61-B078-11d0-89E4-00C04FC9E26E}"="Favorites Band"
"{0A89A860-D7B1-11CE-8350-444553540000}"="Shell Automation Inproc Service"
"{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}"="Shell DocObject Viewer"
"{A5E46E3A-8849-11D1-9D8C-00C04FC99D61}"="Microsoft Browser Architecture"
"{FBF23B40-E3F0-101B-8488-00AA003E56F8}"="InternetShortcut"
"{3C374A40-BAE4-11CF-BF7D-00AA006946EE}"="Servicio de Historial de las direcciones URL de Microsoft"
"{FF393560-C2A7-11CF-BFF4-444553540000}"="Historial"
"{7BD29E00-76C1-11CF-9DD0-00A0C9034933}"="Archivos temporales de Internet"
"{7BD29E01-76C1-11CF-9DD0-00A0C9034933}"="Archivos temporales de Internet"
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"="Hook de b£squeda de direcciones URL de Microsoft"
"{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}"="Pantalla de bienvenida de IE4 Suite"
"{67EA19A0-CCEF-11d0-8024-00C04FD75D13}"="CDF Extension Copy Hook"
"{131A6951-7F78-11D0-A979-00C04FD705A2}"="ISFBand OC"
"{9461b922-3c5a-11d2-bf8b-00c04fb93661}"="Search Assistant OC"
"{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}"="Internet"
"{871C5380-42A0-1069-A2EA-08002B30309D}"="Internet Name Space"
"{EFA24E64-B078-11d0-89E4-00C04FC9E26E}"="Banda de Explorador"
"{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
"{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
"{88C6C381-2E85-11D0-94DE-444553540000}"="Carpeta del cach‚ de ActiveX"
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"="WebCheck"
"{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}"="Subscription Mgr"
"{F5175861-2688-11d0-9C5E-00AA00A45957}"="Carpeta de suscripciones"
"{08165EA0-E946-11CF-9C87-00AA005127ED}"="WebCheckWebCrawler"
"{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}"="WebCheckChannelAgent"
"{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}"="TrayAgent"
"{7D559C10-9FE9-11d0-93F7-00AA0059CE02}"="Code Download Agent"
"{E6CC6978-6B6E-11D0-BECA-00C04FD940BE}"="ConnectionAgent"
"{D8BD2030-6FC9-11D0-864F-00AA006809D9}"="PostAgent"
"{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}"="WebCheck SyncMgr Handler"
"{352EC2B7-8B9A-11D1-B8AE-006008059382}"="Administrador de aplicaciones de Shell"
"{0B124F8F-91F0-11D1-B8B5-006008059382}"="Enumerador de aplicaciones instaladas"
"{CFCCC7A0-A282-11D1-9082-006008059382}"="Darwin App Publisher"
"{e84fda7c-1d6a-45f6-b725-cb260c236066}"="Shell Image Verbs"
"{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178}"="Shell Image Data Factory"
"{3F30C968-480A-4C6C-862D-EFC0897BB84B}"="Extractor de vistas en miniatura de archivos GDI+"
"{9DBD2C50-62AD-11d0-B806-00C04FD706EC}"="Controlador de la informaci¢n de resumen para vistas en miniatura (DOCFILES)"
"{EAB841A0-9550-11cf-8C16-00805F1408F3}"="Extractor de vistas en miniatura HTML"
"{eb9b1153-3b57-4e68-959a-a3266bc3d7fe}"="Shell Image Property Handler"
"{CC6EEFFB-43F6-46c5-9619-51D571967F7D}"="Asistente para la publicaci¢n en Web"
"{add36aa8-751a-4579-a266-d66f5202ccbb}"="Pedido de impresiones v¡a web"
"{6b33163c-76a5-4b6c-bf21-45de9cd503a1}"="Objeto de Asistente de publicaci¢n de shell"
"{58f1f272-9240-4f51-b6d4-fd63d1618591}"="Asistente para obtener pasaporte"
"{7A9D77BD-5403-11d2-8785-2E0420524153}"="Cuentas de usuario"
"{BD472F60-27FA-11cf-B8B4-444553540000}"="Compressed (zipped) Folder Right Drag Handler"
"{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}"="Compressed (zipped) Folder SendTo Target"
"{f39a0dc0-9cc8-11d0-a599-00c04fd64433}"="Archivo de canal"
"{f3aa0dc0-9cc8-11d0-a599-00c04fd64434}"="Acceso directo al canal"
"{f3ba0dc0-9cc8-11d0-a599-00c04fd64435}"="Objeto de control de canal"
"{f3da0dc0-9cc8-11d0-a599-00c04fd64437}"="Channel Menu"
"{f3ea0dc0-9cc8-11d0-a599-00c04fd64438}"="Channel Properties"
"{63da6ec0-2e98-11cf-8d82-444553540000}"="FTP Folders Webview"
"{883373C3-BF89-11D1-BE35-080036B11A03}"="Microsoft DocProp Shell Ext"
"{A9CF0EAE-901A-4739-A481-E35B73E47F6D}"="Microsoft DocProp Inplace Edit Box Control"
"{8EE97210-FD1F-4B19-91DA-67914005F020}"="Microsoft DocProp Inplace ML Edit Box Control"
"{0EEA25CC-4362-4A12-850B-86EE61B0D3EB}"="Microsoft DocProp Inplace Droplist Combo Control"
"{6A205B57-2567-4A2C-B881-F787FAB579A3}"="Microsoft DocProp Inplace Calendar Control"
"{28F8A4AC-BBB3-4D9B-B177-82BFC914FA33}"="Microsoft DocProp Inplace Time Control"
"{8A23E65E-31C2-11d0-891C-00A024AB2DBB}"="Directory Query UI"
"{9E51E0D0-6E0F-11d2-9601-00C04FA31A86}"="Shell properties for a DS object"
"{163FDC20-2ABC-11d0-88F0-00A024AB2DBB}"="Directory Object Find"
"{F020E586-5264-11d1-A532-0000F8757D7E}"="Directory Start/Search Find"
"{0D45D530-764B-11d0-A1CA-00AA00C16E65}"="Directory Property UI"
"{62AE1F9A-126A-11D0-A14B-0800361B1103}"="Directory Context Menu Verbs"
"{ECF03A33-103D-11d2-854D-006008059367}"="MyDocs Copy Hook"
"{ECF03A32-103D-11d2-854D-006008059367}"="MyDocs Drop Target"
"{4a7ded0a-ad25-11d0-98a8-0800361b1103}"="MyDocs Properties"
"{750fdf0e-2a26-11d1-a3ea-080036587f03}"="Offline Files Menu"
"{10CFC467-4392-11d2-8DB4-00C04FA31A66}"="Offline Files Folder Options"
"{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}"="Carpeta de archivos sin conexi¢n"
"{143A62C8-C33B-11D1-84FE-00C04FA34A14}"="Microsoft Agent Character Property Sheet Handler"
"{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}"="DfsShell"
"{60fd46de-f830-4894-a628-6fa81bc0190d}"="%DESC_PublishDropTarget%"
"{7A80E4A8-8005-11D2-BCF8-00C04F72C717}"="MMC Icon Handler"
"{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}"=".CAB file viewer"
"{32714800-2E5F-11d0-8B85-00AA0044F941}"="&Personas..."
"{8DD448E6-C188-4aed-AF92-44956194EB1F}"="Windows Media Player Play as Playlist Context Menu Handler"
"{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}"="Windows Media Player Burn Audio CD Context Menu Handler"
"{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}"="Windows Media Player Add to Playlist Context Menu Handler"
"{1C847AA8-A7FF-42C5-BAE2-4E9BDCFB6FB1}"=""
"{BDEADF00-C265-11D0-BCED-00A0C90AB50F}"="Carpetas Web"
"{42042206-2D85-11D3-8CFF-005004838597}"="Microsoft Office HTML Icon Handler"
"{A1070DF1-C116-4D9F-BBB5-06AC2CA9BCEB}"=""
"{0AE72D27-2AE6-4B52-80A0-7AA5F6C6296F}"=""
"{3891D852-6C2C-404F-8B23-8237DF79133E}"=""
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}"="WinRAR shell extension"
"{4D098544-66BF-4F2A-B1F3-978F7A491C29}"=""
"{7C9D5882-CB4A-4090-96C8-430BFE8B795B}"="Webroot Spy Sweeper Context Menu Integration"
"{2559a1f7-21d7-11d4-bdaf-00c04f60b9f0}"="Set Program Access and Defaults"
"{596AB062-B4D2-4215-9F74-E9109B0A8153}"="Previous Versions Property Page"
"{9DB7A13C-F208-4981-8353-73CC61AE2783}"="Previous Versions"
"{692F0339-CBAA-47e6-B5B5-3B84DB604E87}"="Extensions Manager Folder"
"{7815FD5F-CADE-4668-9338-F3BCF29C0388}"=""
"{EB76E546-B2D5-44CB-A436-B8EEF5E2BDF4}"=""
"{7D5FF2AD-9E6C-4224-A0D4-A4E3AA567477}"=""
********************************************************************************
**
HKEY ROOT CLASSIDS:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{1C847AA8-A7FF-42C5-BAE2-4E9BDCFB6FB1}]
@=""
"IDEx"="ADDR"
[HKEY_CLASSES_ROOT\CLSID\{1C847AA8-A7FF-42C5-BAE2-4E9BDCFB6FB1}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{1C847AA8-A7FF-42C5-BAE2-4E9BDCFB6FB1}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{1C847AA8-A7FF-42C5-BAE2-4E9BDCFB6FB1}\InprocServer32]
@="C:\\WINDOWS\\system32\\udp10.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{A1070DF1-C116-4D9F-BBB5-06AC2CA9BCEB}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{A1070DF1-C116-4D9F-BBB5-06AC2CA9BCEB}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{A1070DF1-C116-4D9F-BBB5-06AC2CA9BCEB}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{A1070DF1-C116-4D9F-BBB5-06AC2CA9BCEB}\InprocServer32]
@="C:\\WINDOWS\\system32\\scellstyle.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{0AE72D27-2AE6-4B52-80A0-7AA5F6C6296F}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{0AE72D27-2AE6-4B52-80A0-7AA5F6C6296F}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{0AE72D27-2AE6-4B52-80A0-7AA5F6C6296F}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{0AE72D27-2AE6-4B52-80A0-7AA5F6C6296F}\InprocServer32]
@="C:\\WINDOWS\\system32\\iemp.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{3891D852-6C2C-404F-8B23-8237DF79133E}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{3891D852-6C2C-404F-8B23-8237DF79133E}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{3891D852-6C2C-404F-8B23-8237DF79133E}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{3891D852-6C2C-404F-8B23-8237DF79133E}\InprocServer32]
@="C:\\WINDOWS\\system32\\cscfg32.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{4D098544-66BF-4F2A-B1F3-978F7A491C29}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{4D098544-66BF-4F2A-B1F3-978F7A491C29}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{4D098544-66BF-4F2A-B1F3-978F7A491C29}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{4D098544-66BF-4F2A-B1F3-978F7A491C29}\InprocServer32]
@="C:\\WINDOWS\\system32\\kydnec.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{7815FD5F-CADE-4668-9338-F3BCF29C0388}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{7815FD5F-CADE-4668-9338-F3BCF29C0388}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{7815FD5F-CADE-4668-9338-F3BCF29C0388}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{7815FD5F-CADE-4668-9338-F3BCF29C0388}\InprocServer32]
@="C:\\WINDOWS\\system32\\nutrap.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{EB76E546-B2D5-44CB-A436-B8EEF5E2BDF4}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{EB76E546-B2D5-44CB-A436-B8EEF5E2BDF4}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{EB76E546-B2D5-44CB-A436-B8EEF5E2BDF4}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{EB76E546-B2D5-44CB-A436-B8EEF5E2BDF4}\InprocServer32]
@="C:\\WINDOWS\\system32\\guard.tmp"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{7D5FF2AD-9E6C-4224-A0D4-A4E3AA567477}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{7D5FF2AD-9E6C-4224-A0D4-A4E3AA567477}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{7D5FF2AD-9E6C-4224-A0D4-A4E3AA567477}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{7D5FF2AD-9E6C-4224-A0D4-A4E3AA567477}\InprocServer32]
@="C:\\WINDOWS\\system32\\skeio.dll"
"ThreadingModel"="Apartment"
********************************************************************************
**
Files Found are not all bad files:
C:\WINDOWS\SYSTEM32\
ati2cqag.dll Thu 15 Sep 2005 2:59:20 A.... 233.472 228,00 K
ati2dvag.dll Thu 15 Sep 2005 3:58:48 A.... 241.664 236,00 K
ati2edxx.dll Thu 15 Sep 2005 3:53:24 A.... 39.936 39,00 K
ati2evxx.dll Thu 15 Sep 2005 3:53:14 A.... 46.080 45,00 K
ati3duag.dll Thu 15 Sep 2005 3:44:50 A.... 2.429.952 2,32 M
atiddc.dll Thu 15 Sep 2005 3:51:48 A.... 53.248 52,00 K
atidemgr.dll Thu 15 Sep 2005 5:55:12 A.... 253.952 248,00 K
atiiiexx.dll Thu 15 Sep 2005 6:32:28 A.... 307.200 300,00 K
atikvmag.dll Thu 15 Sep 2005 3:27:18 A.... 147.456 144,00 K
atioglx1.dll Thu 15 Sep 2005 5:14:50 A.... 6.680.576 6,37 M
atioglxx.dll Thu 15 Sep 2005 4:13:08 A.... 4.837.376 4,61 M
atipdlxx.dll Thu 15 Sep 2005 3:53:46 A.... 106.496 104,00 K
atitvo32.dll Thu 15 Sep 2005 3:04:28 A.... 17.408 17,00 K
ativvaxx.dll Thu 15 Sep 2005 3:39:22 A.... 602.016 587,91 K
ktn2l7~1.dll Thu 10 Nov 2005 17:26:54 ..S.R 234.879 229,37 K
mvpql9~1.dll Thu 10 Nov 2005 17:46:36 ..S.R 236.458 230,91 K
oemdspif.dll Thu 15 Sep 2005 3:53:36 A.... 73.728 72,00 K
__dele~1.dll Thu 10 Nov 2005 17:46:36 A.... 234.879 229,37 K
18 items found: 18 files (2 H/S), 0 directories.
Total of file sizes: 16.776.776 bytes 15,99 M
Locate .tmp files:
No matches found.
********************************************************************************
**
Directory Listing of system files:
El volumen de la unidad C es Muleta
El n£mero de serie del volumen es: 000F-CFF5
Directorio de C:\WINDOWS\System32
10/11/2005 17:46 236.458 mvpql9751.dll
10/11/2005 17:26 234.879 ktn2l75o1.dll
05/11/2005 19:27 <DIR> Microsoft
30/09/1999 19:21 166.672 mstext35.dll
28/09/1999 21:42 1.050.896 msjet35.dll
09/09/1999 22:06 168.720 msltus35.dll
09/09/1999 22:06 252.688 msexcl35.dll
25/08/1999 14:57 415.504 msrepl35.dll
10/06/1999 09:34 24.848 msjter35.dll
10/06/1999 09:34 123.664 msjint35.dll
07/06/1999 18:59 250.128 mspdox35.dll
25/04/1999 17:00 252.176 Msrd2x35.dll
25/04/1999 17:00 368.912 Vbar332.dll
25/04/1999 17:00 287.504 Msxbse35.dll
13 archivos 3.833.049 bytes
1 dirs 37.379.899.392 bytes libres
Y el del Ewido:
---------------------------------------------------------
ewido security suite - Report de exploración
---------------------------------------------------------
+ Creado en: 9:04:59, 11/11/2005
+ Report-Checksum: 13281A2A
+ Scan result:
HKLM\SOFTWARE\Classes\CLSID\{21FFB6C0-0DA1-11D5-A9D5-00500413153C} -> Spyware.Gator : Limpio con backup
[852] C:\WINDOWS\system32\kidgae.dll -> Spyware.Look2Me : Limpio con backup
C:\Archivos de programa\Codec Pack de ELISOFT\divx511\fsg_4104.exe -> Spyware.Web3000 : Limpio con backup
C:\Documents and Settings\PYT\Configuración local\Temp\Cookies\pyt@ad.yieldmanager[1].txt -> Spyware.Cookie.Yieldmanager : Limpio con backup
C:\Documents and Settings\PYT\Configuración local\Temp\Cookies\pyt@tradedoubler[2].txt -> Spyware.Cookie.Tradedoubler : Limpio con backup
:mozilla.6:C:\Documents and Settings\PYT\Datos de programa\Mozilla\Firefox\Profiles\x787qtnf.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Limpio con backup
:mozilla.7:C:\Documents and Settings\PYT\Datos de programa\Mozilla\Firefox\Profiles\x787qtnf.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Limpio con backup
:mozilla.8:C:\Documents and Settings\PYT\Datos de programa\Mozilla\Firefox\Profiles\x787qtnf.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Limpio con backup
:mozilla.9:C:\Documents and Settings\PYT\Datos de programa\Mozilla\Firefox\Profiles\x787qtnf.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Limpio con backup
:mozilla.10:C:\Documents and Settings\PYT\Datos de programa\Mozilla\Firefox\Profiles\x787qtnf.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Limpio con backup
:mozilla.11:C:\Documents and Settings\PYT\Datos de programa\Mozilla\Firefox\Profiles\x787qtnf.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Limpio con backup
:mozilla.12:C:\Documents and Settings\PYT\Datos de programa\Mozilla\Firefox\Profiles\x787qtnf.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Limpio con backup
:mozilla.17:C:\Documents and Settings\PYT\Datos de programa\Mozilla\Firefox\Profiles\x787qtnf.default\cookies.txt -> Spyware.Cookie.Paypopup : Limpio con backup
:mozilla.18:C:\Documents and Settings\PYT\Datos de programa\Mozilla\Firefox\Profiles\x787qtnf.default\cookies.txt -> Spyware.Cookie.Paypopup : Limpio con backup
:mozilla.19:C:\Documents and Settings\PYT\Datos de programa\Mozilla\Firefox\Profiles\x787qtnf.default\cookies.txt -> Spyware.Cookie.Paypopup : Limpio con backup
:mozilla.20:C:\Documents and Settings\PYT\Datos de programa\Mozilla\Firefox\Profiles\x787qtnf.default\cookies.txt -> Spyware.Cookie.Paypopup : Limpio con backup
:mozilla.21:C:\Documents and Settings\PYT\Datos de programa\Mozilla\Firefox\Profiles\x787qtnf.default\cookies.txt -> Spyware.Cookie.Paypopup : Limpio con backup
:mozilla.22:C:\Documents and Settings\PYT\Datos de programa\Mozilla\Firefox\Profiles\x787qtnf.default\cookies.txt -> Spyware.Cookie.Paypopup : Limpio con backup
:mozilla.23:C:\Documents and Settings\PYT\Datos de programa\Mozilla\Firefox\Profiles\x787qtnf.default\cookies.txt -> Spyware.Cookie.Paypopup : Limpio con backup
:mozilla.24:C:\Documents and Settings\PYT\Datos de programa\Mozilla\Firefox\Profiles\x787qtnf.default\cookies.txt -> Spyware.Cookie.Paypopup : Limpio con backup
:mozilla.25:C:\Documents and Settings\PYT\Datos de programa\Mozilla\Firefox\Profiles\x787qtnf.default\cookies.txt -> Spyware.Cookie.Paypopup : Limpio con backup
:mozilla.26:C:\Documents and Settings\PYT\Datos de programa\Mozilla\Firefox\Profiles\x787qtnf.default\cookies.txt -> Spyware.Cookie.Paypopup : Limpio con backup
:mozilla.27:C:\Documents and Settings\PYT\Datos de programa\Mozilla\Firefox\Profiles\x787qtnf.default\cookies.txt -> Spyware.Cookie.Paypopup : Limpio con backup
:mozilla.28:C:\Documents and Settings\PYT\Datos de programa\Mozilla\Firefox\Profiles\x787qtnf.default\cookies.txt -> Spyware.Cookie.Paypopup : Limpio con backup
:mozilla.29:C:\Documents and Settings\PYT\Datos de programa\Mozilla\Firefox\Profiles\x787qtnf.default\cookies.txt -> Spyware.Cookie.Paypopup : Limpio con backup
:mozilla.30:C:\Documents and Settings\PYT\Datos de programa\Mozilla\Firefox\Profiles\x787qtnf.default\cookies.txt -> Spyware.Cookie.Paypopup : Limpio con backup
:mozilla.31:C:\Documents and Settings\PYT\Datos de programa\Mozilla\Firefox\Profiles\x787qtnf.default\cookies.txt -> Spyware.Cookie.Paypopup : Limpio con backup
:mozilla.33:C:\Documents and Settings\PYT\Datos de programa\Mozilla\Firefox\Profiles\x787qtnf.default\cookies.txt -> Spyware.Cookie.Atdmt : Limpio con backup
:mozilla.37:C:\Documents and Settings\PYT\Datos de programa\Mozilla\Firefox\Profiles\x787qtnf.default\cookies.txt -> Spyware.Cookie.Falkag : Limpio con backup
:mozilla.38:C:\Documents and Settings\PYT\Datos de programa\Mozilla\Firefox\Profiles\x787qtnf.default\cookies.txt -> Spyware.Cookie.Falkag : Limpio con backup
:mozilla.39:C:\Documents and Settings\PYT\Datos de programa\Mozilla\Firefox\Profiles\x787qtnf.default\cookies.txt -> Spyware.Cookie.Falkag : Limpio con backup
:mozilla.40:C:\Documents and Settings\PYT\Datos de programa\Mozilla\Firefox\Profiles\x787qtnf.default\cookies.txt -> Spyware.Cookie.Falkag : Limpio con backup
:mozilla.44:C:\Documents and Settings\PYT\Datos de programa\Mozilla\Firefox\Profiles\x787qtnf.default\cookies.txt -> Spyware.Cookie.Sitestat : Limpio con backup
:mozilla.45:C:\Documents and Settings\PYT\Datos de programa\Mozilla\Firefox\Profiles\x787qtnf.default\cookies.txt -> Spyware.Cookie.Sitestat : Limpio con backup
C:\WINDOWS\system32\kidgae.dll -> Spyware.Look2Me : Limpio con backup
C:\WINDOWS\system32\mgdscli.dll -> Spyware.Look2Me : Limpio con backup
::Fin Report
A ver si en esta ocasión hay suerte, ¡gracias!
Otra nueva con problemas :(
Nov 10 2005, 02:44 PM
