Logfile of HijackThis v1.99.1
Scan saved at 13:58:23, on 09-01-2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Archivos de programa\ewido anti-malware\ewidoctrl.exe
C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\RioMSC.exe
C:\Archivos de programa\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\Archivos de programa\Webroot\Spy Sweeper\WRSSSDK.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\ARCHIV~1\BILLPS~1\WINPAT~1\winpatrol.exe
C:\Archivos de programa\Webroot\Spy Sweeper\SpySweeper.exe
C:\Archivos de programa\Messenger\msmsgs.exe
C:\Archivos de programa\ATI Technologies\ATI.ACE\CLI.exe
C:\Archivos de programa\MessengerPlus! 3\MsgPlus.exe
C:\Archivos de programa\Tuner Application\TVTimer.exe
C:\Archivos de programa\ATI Technologies\ATI.ACE\cli.exe
C:\Archivos de programa\ATI Technologies\ATI.ACE\cli.exe
C:\Archivos de programa\Internet Explorer\iexplore.exe
C:\Program Files\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hotmail.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\ARCHIV~1\FlashGet\fgiebar.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [WinPatrol] C:\ARCHIV~1\BILLPS~1\WINPAT~1\winpatrol.exe
O4 - HKLM\..\Run: [SpySweeper] "C:\Archivos de programa\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKCU\..\Run: [MSMSGS] "C:\Archivos de programa\Messenger\msmsgs.exe" /background
O4 - Startup: MsgPlus.lnk = C:\Archivos de programa\MessengerPlus! 3\MsgPlus.exe
O4 - Startup: TV Timer.lnk = C:\Archivos de programa\Tuner Application\TVTimer.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Archivos de programa\Archivos comunes\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Archivos de programa\ATI Technologies\ATI.ACE\CLI.exe
O8 - Extra context menu item: Descargar con Fl&ashGet - C:\Archivos de programa\FlashGet\jc_link.htm
O8 - Extra context menu item: Descargar todo con Flas&hGet - C:\Archivos de programa\FlashGet\jc_all.htm
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\ARCHIV~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\ARCHIV~1\FlashGet\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\MSMSGS.EXE
O20 - AppInit_DLLs: MsgPlusLoader.dll
O20 - Winlogon Notify: App Management - C:\WINDOWS\system32\gpn8l35u1.dll (file missing)
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ewido security suite control - ewido networks - C:\Archivos de programa\ewido anti-malware\ewidoctrl.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Archivos de programa\Archivos comunes\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: RIO Mass Storage C (RioMSC) - Digital Networks North America, Inc. - C:\WINDOWS\System32\RioMSC.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Archivos de programa\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Archivos de programa\Webroot\Spy Sweeper\WRSSSDK.exe
-----------------------------------------------------------------------------------
Ewido Log:
---------------------------------------------------------
ewido anti-malware - Report de exploración
---------------------------------------------------------
+ Creado en: 12:48:52, 09-01-2006
+ Report-Checksum: 9D3EA17F
+ Scan result:
No se han encontrado archivos infectados!
::Fin Report
-----------------------------------------------------------------------------------
Fresh Uninstall List:
Actualización de seguridad para Windows XP (KB890046)
Actualización de seguridad para Windows XP (KB893066)
Actualización de seguridad para Windows XP (KB893756)
Actualización de seguridad para Windows XP (KB896358)
Actualización de seguridad para Windows XP (KB896422)
Actualización de seguridad para Windows XP (KB896423)
Actualización de seguridad para Windows XP (KB896424)
Actualización de seguridad para Windows XP (KB896426)
Actualización de seguridad para Windows XP (KB896428)
Actualización de seguridad para Windows XP (KB899587)
Actualización de seguridad para Windows XP (KB899588)
Actualización de seguridad para Windows XP (KB899589)
Actualización de seguridad para Windows XP (KB899591)
Actualización de seguridad para Windows XP (KB900725)
Actualización de seguridad para Windows XP (KB901017)
Actualización de seguridad para Windows XP (KB901214)
Actualización de seguridad para Windows XP (KB902400)
Actualización de seguridad para Windows XP (KB904706)
Actualización de seguridad para Windows XP (KB905414)
Actualización de seguridad para Windows XP (KB905495)
Actualización de seguridad para Windows XP (KB905749)
Actualización de seguridad para Windows XP (KB912919)
Actualización para Windows XP (KB835409)
Actualización para Windows XP (KB898461)
Actualización para Windows XP (KB910437)
Ad-Aware SE Professional
Adobe Photoshop 7.0
Analizador y SDK de Microsoft XML
ArcSoft PhotoImpression
ArcSoft VideoImpression 1.6
ATI - Software Uninstall Utility
ATI Catalyst Control Center
ATI Display Driver
Black & White® 2
CDex extraction audio
CIF USB Camera (2110A)
CleanUp!
Codec Pack - All In 1 6.0.2.7
Compresor WinRAR
DigiDoc
ewido anti-malware
Extensión de HighMAT para el Asistente para grabación de CD de Microsoft Windows XP
FlashGet(JetCar)
Google Gmail Notifier
Google Talk (remove only)
GTA San Andreas
Harry Potter and the Goblet of Fire™
HijackThis 1.99.1
Hitman 2 Silent Assassin
HP Image Zone 3.5
HP PSC & OfficeJet 3.5
HP Software Update
IGN Download Manager 2.1.1
IrfanView (remove only)
J2SE Runtime Environment 5.0 Update 4
J2SE Runtime Environment 5.0 Update 6
LimeWire 4.9.37
Macromedia Flash Player 8
MAGIX Films en CD & DVD 4.0 e-version
Messenger Plus! 3
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft .NET Framework 1.1 Spanish Language Pack
Microsoft Data Access Components KB870669
Microsoft Office XP Standard
mIRC
Morgan M-JPEG codec V3
MSIDVD
MSN Messenger 7.5
Need for Speed Underground 2
Need for Speed™ Most Wanted
Nero 7 Demo
NVIDIA Windows 2000/XP nForce Drivers
overland
Panda ActiveScan
Paquete de revisión de Windows XP [Consulte Q329048 para obtener más información ]
Paquete de revisión de Windows XP [Consulte Q329115 para obtener más información ]
Paquete de revisión de Windows XP [Consulte Q329390 para obtener más información ]
Paquete de revisión de Windows XP [Consulte Q329834 para obtener más información ]
PCI Audio Driver
QuickTime
RealPlayer
Reproductor de Windows Media 10
Revisión de Windows XP - KB821253
Revisión de Windows XP - KB823559
Revisión de Windows XP - KB823182
Revisión de Windows XP - KB824105
Revisión de Windows XP - KB825119
Revisión de Windows XP - KB828035
Revisión de Windows XP - KB828741
Revisión de Windows XP - KB833987
Revisión de Windows XP - KB835732
Revisión de Windows XP - KB837001
Revisión de Windows XP - KB839643
Revisión de Windows XP - KB839645
Revisión de Windows XP - KB840315
Revisión de Windows XP - KB840374
Revisión de Windows XP - KB840987
Revisión de Windows XP - KB841356
Revisión de Windows XP - KB841533
Revisión de Windows XP - KB841873
Revisión de Windows XP - KB842773
Revisión de Windows XP - KB871250
Revisión de Windows XP - KB873333
Revisión de Windows XP - KB873339
Revisión de Windows XP - KB873376
Revisión de Windows XP - KB885250
Revisión de Windows XP - KB885835
Revisión de Windows XP - KB885836
Revisión de Windows XP - KB887822
Revisión de Windows XP - KB888113
Revisión de Windows XP - KB888302
Revisión de Windows XP - KB890859
Revisión de Windows XP - KB891711
Revisión de Windows XP - KB891781
Revisión de Windows XP - KB892944
Revisión de Windows XP - KB893086
Revisión de Windows XP - KB896688
Revisión de Windows XP - KB896727
Revisión de Windows XP - KB897715
Revisión de Windows XP - KB905915
Revisión de Windows XP (SP2) Q329170
Revisión de Windows XP (SP2) Q329441
Revisión de Windows XP (SP2) Q810565
Revisión de Windows XP (SP2) Q810577
Revisión de Windows XP (SP2) Q810833
Revisión de Windows XP (SP2) Q814033
Revisión de Windows XP (SP2) Q817606
Revisión de Windows XP (SP2) Q819696
Rio Internet Update
Rio Music Manager
SiSoftware Sandra Lite 2005.SR3 (Win64/32/CE)
Spy Sweeper
SpywareBlaster v3.5.1
USB Vibration Joystick
WinAce Archiver 2.0
Winamp (remove only)
Windows Genuine Advantage v1.3.0254.0
Windows Installer 3.1 (KB893803)
Windows Media Format Runtime
Windows XP Service Pack 1a
WinPatrol
XP Codec Pack
-----------------------------------------------------------------------------------
Spysweeper Log:
********
1:01: | Start of Session, Lunes, 09 de Enero de 2006 |
1:01: Spy Sweeper started
1:01: Sweep initiated using definitions version 597
1:01: Starting Memory Sweep
1:02: Memory Sweep Complete, Elapsed Time: 00:01:27
1:02: Starting Registry Sweep
1:03: The Spy Communication shield has blocked access to:
1:03: The Spy Communication shield has blocked access to:
1:05: Found Adware: hotbar
1:05: HKCR\interface\{175816a5-219e-4079-b2f9-53c501c409ba}\ (7 subtraces) (ID = 774223)
1:05: HKCR\interface\{1c1793e0-1034-4cac-837d-aa545f6961bf}\ (7 subtraces) (ID = 774241)
1:05: HKCR\interface\{8a61a950-c325-4f44-ba64-273180ff3464}\ (7 subtraces) (ID = 774358)
1:05: HKCR\interface\{b53d4cd4-406d-43cc-8244-7893d72236dd}\ (7 subtraces) (ID = 774394)
1:05: HKCR\interface\{b671426c-5c1a-48ac-9652-bc9402b1c404}\ (7 subtraces) (ID = 774403)
1:05: HKCR\interface\{b9bb3219-f84c-4060-966b-4a1e73e24226}\ (7 subtraces) (ID = 774412)
1:05: HKCR\interface\{f786cb18-3809-4e49-bc99-9a66da47db8b}\ (7 subtraces) (ID = 774457)
1:05: HKLM\software\classes\interface\{175816a5-219e-4079-b2f9-53c501c409ba}\ (7 subtraces) (ID = 774499)
1:05: HKLM\software\classes\interface\{1c1793e0-1034-4cac-837d-aa545f6961bf}\ (7 subtraces) (ID = 774517)
1:05: HKLM\software\classes\interface\{8a61a950-c325-4f44-ba64-273180ff3464}\ (7 subtraces) (ID = 774634)
1:05: HKLM\software\classes\interface\{b53d4cd4-406d-43cc-8244-7893d72236dd}\ (7 subtraces) (ID = 774670)
1:05: HKLM\software\classes\interface\{b671426c-5c1a-48ac-9652-bc9402b1c404}\ (7 subtraces) (ID = 774679)
1:05: HKLM\software\classes\interface\{b9bb3219-f84c-4060-966b-4a1e73e24226}\ (7 subtraces) (ID = 774688)
1:05: HKLM\software\classes\interface\{f786cb18-3809-4e49-bc99-9a66da47db8b}\ (7 subtraces) (ID = 774733)
1:05: Found Adware: dollarrevenue
1:05: HKLM\software\microsoft\drsmartload\ (1 subtraces) (ID = 916795)
1:05: Found Trojan Horse: trojan-backdoor-superbgirlz
1:05: HKLM\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler\ || {4f141cba-1457-6cca-03a7-7aa21b61ea0f} (ID = 954575)
1:05: Found Trojan Horse: manwithnoname_spamrelayer
1:05: HKLM\software\microsoft\windows nt\currentversion\winlogon\notify\msctl32.dll\ (5 subtraces) (ID = 1021403)
1:05: Found Trojan Horse: trojan-downloader-hochladen
1:05: HKLM\system\currentcontrolset\services\i386p\ (11 subtraces) (ID = 1021419)
1:05: HKU\WRSS_Profile_S-1-5-21-448539723-813497703-725345543-1004\software\hbtools\ (163 subtraces) (ID = 127563)
1:05: HKU\WRSS_Profile_S-1-5-21-448539723-813497703-725345543-1004\software\microsoft\internet explorer\explorer bars\{7e66936c-fea0-4984-ad26-7b6661ac5b2e}\ (2 subtraces) (ID = 127568)
1:05: HKU\WRSS_Profile_S-1-5-21-448539723-813497703-725345543-1004\software\microsoft\internet explorer\explorer bars\{66b90adb-0be3-40ae-8680-84a6f0577ca0}\ (2 subtraces) (ID = 127570)
1:05: HKU\WRSS_Profile_S-1-5-21-448539723-813497703-725345543-1004\software\microsoft\internet explorer\explorer bars\{2178c864-b8bc-41ae-a1fb-eb6a32f87eb1}\ (2 subtraces) (ID = 127571)
1:05: HKU\WRSS_Profile_S-1-5-21-448539723-813497703-725345543-1004\software\microsoft\internet explorer\extensions\cmdmapping\ || {946b3e9e-e21a-49c8-9f63-900533fafe14} (ID = 127575)
1:05: HKU\WRSS_Profile_S-1-5-21-448539723-813497703-725345543-1004\software\microsoft\internet explorer\extensions\cmdmapping\ || {e77eda01-3c56-4a96-8d08-02b42891c169} (ID = 127576)
1:05: HKU\WRSS_Profile_S-1-5-21-448539723-813497703-725345543-1004\software\microsoft\internet explorer\toolbar\webbrowser\ || {74cc49f7-eb32-4a08-b204-948962a6e3db} (ID = 127586)
1:05: HKU\WRSS_Profile_S-1-5-21-448539723-813497703-725345543-1004\software\shopperreports\ (4 subtraces) (ID = 127631)
1:05: HKU\WRSS_Profile_S-1-5-21-448539723-813497703-725345543-1004\software\microsoft\installer\features\10b0642b36134f8f914ea8e11ee5b503\ (1 subtraces) (ID = 788006)
1:05: HKU\WRSS_Profile_S-1-5-21-448539723-813497703-725345543-1004\software\microsoft\installer\products\d493500bd4a54ea6bc805fc9cda952c5\ (2 subtraces) (ID = 788008)
1:05: Found Adware: findthewebsiteyouneed hijacker
1:05: HKU\S-1-5-21-448539723-813497703-725345543-1003\software\microsoft\internet explorer\search\searchassistant explorer\main\ || default_search_url (ID = 555437)
1:05: Found Adware: spysheriff
1:05: HKU\S-1-5-21-448539723-813497703-725345543-1003\software\sno2\ (ID = 782236)
1:05: HKU\S-1-5-21-448539723-813497703-725345543-1003\software\classes\clsid\{4f141cba-1457-6cca-03a7-7aa21b61ea0f}\ (3 subtraces) (ID = 954563)
1:05: Registry Sweep Complete, Elapsed Time:00:03:05
1:05: Starting Cookie Sweep
1:05: Found Spy Cookie: hbmediapro cookie
1:05: [email protected][1].txt (ID = 2768)
1:05: Found Spy Cookie: belnk cookie
1:05: victor@belnk[1].txt (ID = 2292)
1:05: [email protected][2].txt (ID = 2293)
1:05: Found Spy Cookie: fe.lea.lycos.com cookie
1:05: [email protected][1].txt (ID = 2660)
1:05: Found Spy Cookie: hotbar cookie
1:05: victor@hotbar[2].txt (ID = 2797)
1:05: [email protected][2].txt (ID = 4207)
1:05: Found Spy Cookie: atwola cookie
1:05: camila@atwola[1].txt (ID = 2255)
1:05: camila@belnk[1].txt (ID = 2292)
1:05: [email protected][2].txt (ID = 2293)
1:05: [email protected][1].txt (ID = 2660)
1:05: camila@hotbar[1].txt (ID = 2797)
1:05: Found Spy Cookie: yieldmanager cookie
1:05: [email protected][1].txt (ID = 3751)
1:05: [email protected][2].txt (ID = 2768)
1:05: guzano@belnk[1].txt (ID = 2292)
1:05: [email protected][2].txt (ID = 2293)
1:05: Found Spy Cookie: rn11 cookie
1:05: guzano@rn11[2].txt (ID = 3261)
1:05: Cookie Sweep Complete, Elapsed Time: 00:00:01
1:05: Starting File Sweep
1:06: c:\documents and settings\camila\datos de programa\shopperreports (16 subtraces) (ID = -2147480876)
1:06: c:\documents and settings\camila\datos de programa\hbtools (194 subtraces) (ID = -2147480879)
1:06: c:\documents and settings\guzano\datos de programa\hbtools (5 subtraces) (ID = -2147480879)
1:06: d_icons_buttons_3000.res (ID = 121824)
1:06: d_icons_weather.res (ID = 121840)
1:06: d_icons_buttons_2000.xip (ID = 114390)
1:06: d_icons_buttons_1000.res (ID = 121822)
1:07: d_icons_buttons_1000.xip (ID = 114339)
1:07: default_hotbarcom.mnu (ID = 121820)
1:07: d_icons_buttons_3000.xip (ID = 114353)
1:08: icons2.res (ID = 121846)
1:08: d_icons_buttons_3000.res (ID = 121824)
1:08: d_icons_buttons_1000.res (ID = 121822)
1:08: country.exe (ID = 121818)
1:09: d_icons_buttons_2000.res (ID = 121823)
1:09: icons2.xip (ID = 121862)
1:10: default_hotbarcom.mnu (ID = 121820)
1:10: top7.xip (ID = 162956)
1:11: The Spy Communication shield has blocked access to:
1:11: The Spy Communication shield has blocked access to:
1:11: country.xip (ID = 121857)
1:11: d_icons_weather.xip (ID = 121860)
1:11: tsd_bg.res (ID = 62382)
1:11: t2_bg.xip (ID = 121869)
1:11: t2_bg.res (ID = 121851)
1:11: d_icons_buttons_bbar1.res (ID = 121825)
1:12: d_icons_buttons_2000.res (ID = 121823)
1:12: secure32.html (ID = 184319)
1:12: Found Trojan Horse: phisher-sars
1:12: dvpd.dll (ID = 220995)
1:14: s_icons_buttons.xip (ID = 130929)
1:14: progress.res (ID = 62367)
1:14: d_icons_buttons_bbar1.xip (ID = 114354)
1:14: d_icons_buttons_bbar1.res (ID = 121825)
1:14: jmsckuld.exe (ID = 157549)
1:18: country.exe (ID = 121818)
1:18: icons2.res (ID = 121846)
1:18: tsd_bg.xip (ID = 62383)
1:19: tsd_bg.res (ID = 62382)
1:20: progress.res (ID = 62367)
1:21: t2_bg.res (ID = 121851)
1:21: d_icons_weather.res (ID = 121840)
1:25: fe43e701.htm (ID = 110396)
1:25: linkpathlegal.xip (ID = 121866)
1:25: linkpathlegal.txt (ID = 121849)
1:25: d_icons_buttons_logos.xip (ID = 62284)
1:25: d_icons_buttons_logos.res (ID = 62295)
1:25: d_icons_buttons_other.xip (ID = 62284)
1:25: d_icons_buttons_other.res (ID = 62295)
1:25: progress.xip (ID = 62368)
1:25: d_icons_buttons_bar.xip (ID = 62284)
1:25: d_icons_buttons_bar.res (ID = 62295)
1:25: business_promo.xip (ID = 121856)
1:25: hotbar_promo.xip (ID = 114346)
1:25: default_mails.mnu (ID = 121821)
1:25: email-def-511724-9595.mnu (ID = 121842)
1:25: email-def-511724-548964.mnu (ID = 121841)
1:25: ads.xip (ID = 121855)
1:25: ads.cdf (ID = 121815)
1:25: hotbar-premium.xip (ID = 114359)
1:25: hotbar-premium.cdf (ID = 121845)
1:25: hotbar-premium-hotbar-premium.mnu (ID = 121844)
1:25: samplegroups2.xip (ID = 178613)
1:25: linkpathlegal.txt (ID = 121849)
1:25: d_icons_buttons_logos.res (ID = 62295)
1:25: d_icons_buttons_other.res (ID = 62295)
1:25: d_icons_buttons_bar.res (ID = 62295)
1:25: default_mails.mnu (ID = 121821)
1:25: email-def-511724-9595.mnu (ID = 121842)
1:26: email-def-511724-548964.mnu (ID = 121841)
1:26: ads.cdf (ID = 121815)
1:26: hotbar-premium.cdf (ID = 121845)
1:26: hotbar-premium-hotbar-premium.mnu (ID = 121844)
1:26: drsmartload.dat (ID = 198788)
1:28: Found System Monitor: potentially rootkit-masked files
1:28: i386p.sys (ID = 0)
1:28: msctl32.dll (ID = 0)
1:28: Warning: Unhandled Archive Type
1:28: Warning: Unhandled Archive Type
1:29: The Spy Communication shield has blocked access to:
1:29: The Spy Communication shield has blocked access to:
1:30: The Spy Communication shield has blocked access to:
1:30: The Spy Communication shield has blocked access to:
1:40: Warning: Unhandled Archive Type
1:42: File Sweep Complete, Elapsed Time: 00:36:08
1:42: Full Sweep has completed. Elapsed time 00:40:51
1:42: Traces Found: 629
10:36: The Spy Communication shield has blocked access to:
10:36: The Spy Communication shield has blocked access to:
10:36: The Spy Communication shield has blocked access to:
10:36: The Spy Communication shield has blocked access to:
10:36: The Spy Communication shield has blocked access to:
10:36: The Spy Communication shield has blocked access to:
10:36: The Spy Communication shield has blocked access to:
10:36: The Spy Communication shield has blocked access to:
10:36: The Spy Communication shield has blocked access to:
10:36: The Spy Communication shield has blocked access to:
10:36: The Spy Communication shield has blocked access to:
10:36: The Spy Communication shield has blocked access to:
10:36: The Spy Communication shield has blocked access to:
10:36: The Spy Communication shield has blocked access to:
10:36: The Spy Communication shield has blocked access to:
10:36: The Spy Communication shield has blocked access to:
10:36: The Spy Communication shield has blocked access to:
10:36: The Spy Communication shield has blocked access to:
10:36: The Spy Communication shield has blocked access to:
10:36: The Spy Communication shield has blocked access to:
10:37: Removal process initiated
10:37: Quarantining All Traces: phisher-sars
10:37: Quarantining All Traces: potentially rootkit-masked files
10:37: potentially rootkit-masked files is in use. It will be removed on reboot.
10:37: msctl32.dll is in use. It will be removed on reboot.
10:37: Quarantining All Traces: spysheriff
10:37: Quarantining All Traces: hotbar
10:37: Quarantining All Traces: manwithnoname_spamrelayer
10:37: Quarantining All Traces: trojan-backdoor-superbgirlz
10:37: Quarantining All Traces: trojan-downloader-hochladen
10:37: Quarantining All Traces: dollarrevenue
10:38: Quarantining All Traces: findthewebsiteyouneed hijacker
10:38: Quarantining All Traces: atwola cookie
10:38: Quarantining All Traces: belnk cookie
10:38: Quarantining All Traces: fe.lea.lycos.com cookie
10:38: Quarantining All Traces: hbmediapro cookie
10:38: Quarantining All Traces: hotbar cookie
10:38: Quarantining All Traces: rn11 cookie
10:38: Quarantining All Traces: yieldmanager cookie
10:38: Removal process completed. Elapsed time 00:01:04
********
0:55: | Start of Session, Lunes, 09 de Enero de 2006 |
0:55: Spy Sweeper started
0:55: Messenger service has been disabled.
0:58: Your spyware definitions have been updated.
1:01: | End of Session, Lunes, 09 de Enero de 2006 |
-----------------------------------------------------------------------------------
My computer it's back to it's old performance, the nasty popups have gone, i have 1 more question though, when i was running spysweeper, the application gave me an error like "spysweeper.exe exception error" and it gave me 3 options "close app continue ignore?" so i kept saying continue, after that a "warning-like" window popped up many many times telling me that it would delete some files on the c:\docs and setts\guzano\complete folder (most of them were hosted there) so i said YES to all. Well if you have more instructions for me go ahead, i really appreciate your help in cleansing mmy computer i almost god rid of 880 MB of "junk" thanks very much i hope sites like this would prosper into the future because they're REAAAAALLLY helpful. Again i'm very grateful of what you guys have done