ayuda para quitar virus

Tema en 'Seguridad informática' comenzado por biscione, 24/3/05.

Estado del tema:
No está abierto para más respuestas.
  1. biscione

    biscione Nuevo Miembro Miembro

    Spyware Scan Details

    Start Date: 24/03/2005 15:30:17

    End Date: 24/03/2005 15:44:29

    Total Time: 14 mins 12 secs



    Detected Threats



    ShopAtHome Spyware more information...

    Details: ShopAtHome installs itself in the Winsock layer of your system and redirects your browser to merchant sites to take advantage of the affiliate fees.

    Status: Removed

    Severe threat - Severe-risk items have an extreme potential for harm, such as a security exploit, and should be removed.



    Infected files detected

    c:\windows\system32\ap9h4qmo.exe



    Infected registry keys/values detected

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ap9h4qmo

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ap9h4qmo

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ap9h4qmo





    WindUpdates Browser Plug-in more information...

    Details: WindUpdates downloads additional adware and displays pop-up advertising.

    Status: Removed

    Severe threat - Severe-risk items have an extreme potential for harm, such as a security exploit, and should be removed.



    Infected files detected

    c:\windows\system32\netut80ex.vxd





    eXact.BullseyeNetwork Adware more information...

    Details: Bullseye displays pop-up advertisements.

    Status: Removed

    Severe threat - Severe-risk items have an extreme potential for harm, such as a security exploit, and should be removed.



    Infected files detected

    c:\windows\system32\mac80ex.idf





    eXact.ISEXEng Trojan more information...

    Details: eXact.ISEXEng is a Trojan Windows service installed by BargainBuddy and CashBack.

    Status: Removed

    Severe threat - Severe-risk items have an extreme potential for harm, such as a security exploit, and should be removed.



    Infected files detected

    c:\windows\system32\angelex.exe





    AvenueMedia.DyFuCA Browser Plug-in more information...

    Details: AvenueMedia DyFuCA Internet Optimizer is adware that changes your browser error page. It periodically displays pop-up advertisements from its remote sites and may update itself.

    Status: Removed

    Severe threat - Severe-risk items have an extreme potential for harm, such as a security exploit, and should be removed.



    Infected files detected

    C:\WINDOWS\optimize.exe





    Possible Browser Hijack Browser Modifier more information...

    Details: Possible Browser Hijack redirects Internet Explorer.

    Status: Removed

    High threat - High-risk items have a large potential for harm, such as loss of computer control, and should be removed unless knowingly installed.





    eXact.Downloader Trojan Downloader more information...

    Details: eXact Downloader is a Trojan used by eXact Bargain Buddy and Cash Back to download and install additional components.

    Status: Removed

    High threat - High-risk items have a large potential for harm, such as loss of computer control, and should be removed unless knowingly installed.



    Infected files detected

    c:\windows\system32\javexulm.vxd

    C:\WINDOWS\SYSTEM32\exul1.exe

    C:\WINDOWS\installer_SIAC.exe

    c:\windows\system32\mqexdlm.srg

    c:\windows\system32\vx1.nls

    c:\windows\system32\vx0.nls

    c:\windows\system32\vx1x.nls

    C:\WINDOWS\SYSTEM32\exdl.exe

    C:\WINDOWS\SYSTEM32\exdl0.exe

    C:\WINDOWS\SYSTEM32\exdl1.exe

    C:\WINDOWS\SYSTEM32\exul.exe





    IEMenuExtension Toolbar Adware more information...

    Details: IEMenuExtension Toolbar is an adware toolbar that installers as an Internet Explorer Web browser.

    Status: Removed

    High threat - High-risk items have a large potential for harm, such as loss of computer control, and should be removed unless knowingly installed.



    Infected files detected

    c:\windows\iemenuextension.exe





    Unclassified.Spyware.47 Spyware more information...

    Status: Removed

    High threat - High-risk items have a large potential for harm, such as loss of computer control, and should be removed unless knowingly installed.



    Infected files detected

    C:\WINDOWS\System32\ciobjapi.exe

    C:\WINDOWS\System32\gpexof.exe

    C:\WINDOWS\SYSTEM32\q17i9a4j.exe

    C:\WINDOWS\SYSTEM32\qh4mkbv9.dll



    Infected registry keys/values detected

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run o77U37R

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Zwo8RXdnP

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Zwo8RXdnP

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run o77U37R





    eXact.BargainBuddy Adware more information...

    Details: BargainBuddy is a Browser Helper Object that watches the pages your browser requests and the terms you enter into a search engine web form. If a term matches a preset list of sites or keywords, BargainBuddy will display an ad.

    Status: Removed

    High threat - High-risk items have a large potential for harm, such as loss of computer control, and should be removed unless knowingly installed.



    Infected files detected

    C:\WINDOWS\SYSTEM32\angelex.exe

    C:\WINDOWS\SYSTEM32\exclean.exe

    C:\WINDOWS\SYSTEM32\msexreg.exe

    C:\WINDOWS\zeta.exe





    PeopleOnPage Browser Modifier more information...

    Details: The PeopleOnPage program is an adware and browser redirector that purports to be an Internet Explorer sidebar, and displays a list of other users of the current site.

    Status: Removed

    High threat - High-risk items have a large potential for harm, such as loss of computer control, and should be removed unless knowingly installed.

    Esto lo ha sacado el Microsoft Antispyware:





    Infected files detected

    c:\windows\system32\auto_update_uninstall.exe

    c:\windows\system32\auto_update_uninstall.log





    180search Assistant Adware more information...

    Details: 180search Assistant displays pop-up advertismenets.

    Status: Quarantined

    Moderate threat - Moderate-risk items have some potential for harm, but may be part of a wanted service. Users may decide to ignore such programs after review.



    Infected files detected

    C:\WINDOWS\saap.exe

    c:\windows\cretwpox.exe

    c:\windows\saaphook.dll





    Detected Spyware Cookies

    No spyware cookies were found during this scan.
  2. Caito

    Caito Nuevo Miembro Miembro

    Podrías empezar por leer esto :

    http://foros.zonavirus.com/viewtopic.php?t=4795

    Y luego hacer esto :

    Descarga el programa HijackThis 1.99.1 y colócalo en una carpeta propia para el HijackThis (por ejemplo una carpeta C:\HijackThis\). Ejecútalo y presiona el botón "Do a system scan and save a logfile"; el programa realizará el escaneo e inmediatamente generará el Log, sólo te pedira el nombre del archivo y su ubicación, puedes simplemente guardarlo así como está. Se abrirá el Bloc de Notas, copia todo el contenido y pégalo como respuesta a este tema.

    HijackThis - Descargas Trucos Windows

    Salu2

    Caito
Estado del tema:
No está abierto para más respuestas.

Comparte esta página