Bullguard Antivirus Forum Download A Free Copy Of Bullguard Antivirus Software
Free Antivirus Forum - Learn about antivirus, firewalls and personal security Free Antivirus Forum - Learn about antivirus, firewalls and personal security
 HomeLog InRegisterCommunity CalendarSearch the ForumView The Member ListHelp
Lots of viruses
   
BullGuard Antivirus Forum > Virus Removal > Removal Help > Lots of viruses  
Forum Quick Jump
 
New Topic Post reply to : Lots of viruses Printable version of : Lots of viruses
[ << Previous Thread | Next Thread >> ]

RMB
New Member


Date Joined Dec 2005
Total Posts : 1
  		   Posted 12-30-2005 5:58 (GMT +1)    Quote: Lots of virusesAlert an admin about: Lots of viruses
Hello! I'm from Spain and my English isn't very well but i need somebody to help me.
I didn't have antivirus until last week because i thought i didn't need it. now i'm downloading a lot of programs but it's not enough. There's a red icon in the corner of the screen that says "your computer is infected!" and i don't know what to do with it. There's also a problem when i start IE: i can't change the homepage and it appears something like C:\secure32.html.
Can sombody help me!? i'm desperated!!
HEEEEEEEELP!
 
Here's the HiJack This Log:
Logfile of HijackThis v1.99.1
Scan saved at 17:57:35, on 30/12/2005
Platform: Windows XP  (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\atievxx.exe
C:\Archivos de programa\ewido\security suite\ewidoctrl.exe
C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7Debug\mdm.exe
C:\Archivos de programa\Panda Software\Panda Antivirus Titanium\Pavsrv51.exe
C:\Archivos de programa\Panda Software\Panda Antivirus Titanium\AVENGINE.EXE
C:\WINDOWS\explorer.exe
C:\Archivos de programa\Winamp\winampa.exe
C:\WINDOWS\System32\paytime.exe
C:\Archivos de programa\Panda Software\Panda Antivirus Titanium\APVXDWIN.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\winstall.exe
C:\WINDOWS\System32\paytime.exe
C:\Archivos de programa\Panda Software\Panda Antivirus Titanium\pavProxy.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Archivos de programa\Internet Explorer\iexplore.exe
C:\ARCHIV~1\Lavasoft\AD-AWA~1\Ad-Aware.exe
C:\Archivos de programa\MSN Messenger\msnmsgr.exe
C:\Archivos de programa\WinRAR\WinRAR.exe
C:\DOCUME~1\Rafa\CONFIG~1\Temp\Rar$EX00.069\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = c:\secure32.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = c:\secure32.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
F2 - REG:system.ini: Shell=explorer.exe                                                                                                    "C:\Archivos de programa\Archivos comunes\Microsoft Shared\Web Folders\ibm00001.exe"
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: XBTP07618 - {2296428D-C133-4928-B76A-A200FF409572} - C:\ARCHIV~1\FREEPR~1\freeprod.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Freeprod Toolbar - {77FBF9B8-1D37-4FF2-9CED-192D8E3ABA6F} - C:\Archivos de programa\Freeprod Toolbar\freeprod.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Archivos de programa\Winamp\winampa.exe
O4 - HKLM\..\Run: [Network] C:\Archivos de programa\Network\network.exe
O4 - HKLM\..\Run: [PayTime] C:\WINDOWS\System32\paytime.exe
O4 - HKLM\..\Run: [timessquare] C:\windows\timessquare.exe
O4 - HKLM\..\Run: [APVXDWIN] "C:\Archivos de programa\Panda Software\Panda Antivirus Titanium\APVXDWIN.EXE" /s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [services32] C:\Archivos de programa\Archivos comunes\Windows\mc-110-12-0000188.exe
O4 - HKCU\..\Run: [Shell] "C:\Archivos de programa\Archivos comunes\Microsoft Shared\Web Folders\ibm00001.exe"
O4 - HKCU\..\Run: [Windows installer] C:\winstall.exe
O4 - HKCU\..\Run: [PayTime] C:\WINDOWS\System32\paytime.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Archivos de programa\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Freeprod Toolbar - {77FBF9B8-1D37-4FF2-9CED-192D8E3ABA6F} - C:\Archivos de programa\Freeprod Toolbar\freeprod.dll
O9 - Extra 'Tools' menuitem: Freeprod Toolbar - {77FBF9B8-1D37-4FF2-9CED-192D8E3ABA6F} - C:\Archivos de programa\Freeprod Toolbar\freeprod.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{31DD7D00-E7A6-4EC6-A40D-FA60979FFCDE}: NameServer = 62.81.16.130 62.81.0.34
O17 - HKLM\System\CS1\Services\Tcpip\..\{31DD7D00-E7A6-4EC6-A40D-FA60979FFCDE}: NameServer = 62.81.16.130 62.81.0.34
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\ARCHIV~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: msctl32.dll - C:\WINDOWS\system32\msctl32.dll (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Archivos de programa\ewido\security suite\ewidoctrl.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software - C:\Archivos de programa\Panda Software\Panda Antivirus Titanium\Pavsrv51.exe
 
 
And the Ad-Aware Log:
dware.Director(TAC index:3):14 total references
Adware.DollarRevenue(TAC index:3):4 total references
Adware.Freeprod Toolbar(TAC index:3):53 total references
Other(TAC index:5):6 total references
Possible Browser Hijack attempt(TAC index:3):5 total references
Tracking Cookie(TAC index:3):2 total references
Windows(TAC index:3):1 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects


30-12-2005 17:32:01 - Scan started. (Full System Scan)
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 364
ThreadCreationTime : 30-12-2005 15:03:25
BasePriority : Normal


#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 428
ThreadCreationTime : 30-12-2005 15:03:30
BasePriority : Normal


#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 452
ThreadCreationTime : 30-12-2005 15:03:31
BasePriority : High


#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 496
ThreadCreationTime : 30-12-2005 15:03:31
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Sistema operativo Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Aplicación de servicios y controlador
InternalName : services.exe
LegalCopyright : Copyright (C) Microsoft Corporation. Reservados todos los derechos.
OriginalFilename : services.exe
#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 508
ThreadCreationTime : 30-12-2005 15:03:31
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe
#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 676
ThreadCreationTime : 30-12-2005 15:03:32
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:7 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 720
ThreadCreationTime : 30-12-2005 15:03:33
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 788
ThreadCreationTime : 30-12-2005 15:03:34
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 800
ThreadCreationTime : 30-12-2005 15:03:34
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:10 [logonui.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 848
ThreadCreationTime : 30-12-2005 15:03:34
BasePriority : Normal
FileVersion : 6.00.2600.0000 (xpclient.010817-1148)
ProductVersion : 6.00.2600.0000
ProductName : Sistema operativo Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Interfaz de usuario de inicio d sesión de Windows
InternalName : LOGONUI
LegalCopyright : © Microsoft Corporation. Reservados todos los derechos.
OriginalFilename : LOGONUI.EXE
#:11 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 964
ThreadCreationTime : 30-12-2005 15:03:35
BasePriority : Normal
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe
#:12 [atievxx.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1056
ThreadCreationTime : 30-12-2005 15:03:35
BasePriority : Normal
FileVersion : 5.1.2482.0 (Lab01_N(ericks).010524-2202)
ProductVersion : 5.1.2482.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : ATI Hotkey polling utility
InternalName : atievxx.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : atievxx.exe
#:13 [ewidoctrl.exe]
FilePath : C:\Archivos de programa\ewido\security suite\
ProcessID : 1084
ThreadCreationTime : 30-12-2005 15:03:35
BasePriority : Normal
FileVersion : 3, 0, 0, 1
ProductVersion : 3, 0, 0, 1
ProductName : ewido control
CompanyName : ewido networks
FileDescription : ewido control
InternalName : ewido control
LegalCopyright : Copyright © 2004
OriginalFilename : ewidoctrl.exe
#:14 [mdm.exe]
FilePath : C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7Debug\
ProcessID : 1104
ThreadCreationTime : 30-12-2005 15:03:36
BasePriority : Normal
FileVersion : 7.00.9064.9150
ProductVersion : 7.00.9064.9150
ProductName : Microsoft Development Environment
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
LegalCopyright : Copyright (C) Microsoft Corp. 1997-2000
OriginalFilename : mdm.exe
#:15 [pavsrv51.exe]
FilePath : C:\Archivos de programa\Panda Software\Panda Antivirus Titanium\
ProcessID : 1120
ThreadCreationTime : 30-12-2005 15:03:36
BasePriority : High
FileVersion : 6, 3, 0, 531
ProductVersion : 6.3
ProductName : Panda Antivirus
CompanyName : Panda Software
FileDescription : Panda Antivirus Service for Windows NT/2000
InternalName : pavsrv
LegalCopyright : Copyright © Panda Software 2003
OriginalFilename : pavsrv.exe
#:16 [avengine.exe]
FilePath : C:\Archivos de programa\Panda Software\Panda Antivirus Titanium\
ProcessID : 1300
ThreadCreationTime : 30-12-2005 15:03:36
BasePriority : Normal
FileVersion : 6, 3, 0, 492
ProductVersion : 6.3
ProductName : Panda Antivirus Windows NT/2000
CompanyName : Panda Software
FileDescription : Proceso análisis independiente
InternalName : avengine
LegalCopyright : Copyright © Panda Software 1990-2002
OriginalFilename : avengine.exe
#:17 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 1564
ThreadCreationTime : 30-12-2005 15:03:38
BasePriority : Normal
FileVersion : 6.00.2600.0000 (xpclient.010817-1148)
ProductVersion : 6.00.2600.0000
ProductName : Sistema operativo Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Explorador de Windows
InternalName : explorer
LegalCopyright : © Microsoft Corporation. Reservados todos los derechos.
OriginalFilename : EXPLORER.EXE
#:18 [winampa.exe]
FilePath : C:\Archivos de programa\Winamp\
ProcessID : 1680
ThreadCreationTime : 30-12-2005 15:03:40
BasePriority : Normal


#:19 [paytime.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1696
ThreadCreationTime : 30-12-2005 15:03:40
BasePriority : Normal
FileVersion : 2,5,1,1600
ProductVersion : 2,5,1,1600
ProductName : explorer helper
CompanyName : Microsoft Corporation
FileDescription : explorer
InternalName : explorer
LegalCopyright : Copyright Microsoft Corporation© 2005
OriginalFilename : explorer.exe
#:20 [apvxdwin.exe]
FilePath : C:\Archivos de programa\Panda Software\Panda Antivirus Titanium\
ProcessID : 1712
ThreadCreationTime : 30-12-2005 15:03:41
BasePriority : Normal
FileVersion : 3.06.03
ProductVersion : 2.05.05
ProductName : Panda Antivirus Titanium
CompanyName : Panda Software International
FileDescription : ApVxdWin
InternalName : ApVxdWin.exe
OriginalFilename : ApVxdWin.exe
#:21 [ctfmon.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1720
ThreadCreationTime : 30-12-2005 15:03:41
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE
#:22 [winstall.exe]
FilePath : C:\
ProcessID : 1736
ThreadCreationTime : 30-12-2005 15:03:41
BasePriority : Normal


#:23 [paytime.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1744
ThreadCreationTime : 30-12-2005 15:03:41
BasePriority : Normal
FileVersion : 2,5,1,1600
ProductVersion : 2,5,1,1600
ProductName : explorer helper
CompanyName : Microsoft Corporation
FileDescription : explorer
InternalName : explorer
LegalCopyright : Copyright Microsoft Corporation© 2005
OriginalFilename : explorer.exe
#:24 [services32.exe]
FilePath : C:\Archivos de programa\Archivos comunes\Windows\
ProcessID : 1908
ThreadCreationTime : 30-12-2005 15:03:44
BasePriority : Normal


Adware.Director Object Recognized!
Type : Process
Data : services32.exe
TAC Rating : 3
Category : Adware
Comment :
Object : C:\Archivos de programa\Archivos comunes\Windows\


"C:\Archivos de programa\Archivos comunes\Windows\services32.exe"Process terminated successfully
"C:\Archivos de programa\Archivos comunes\Windows\services32.exe"Process terminated successfully
#:25 [pavproxy.exe]
FilePath : C:\Archivos de programa\Panda Software\Panda Antivirus Titanium\
ProcessID : 512
ThreadCreationTime : 30-12-2005 15:03:51
BasePriority : Normal
FileVersion : 3, 6, 10, 24
ProductVersion : 3, 6, 10, 24
ProductName : Mail Resident
CompanyName : Panda Software
FileDescription : PavProxy
InternalName : PavProxy
LegalCopyright : Copyright © 2002
OriginalFilename : PavProxy.exe
#:26 [wuauclt.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1640
ThreadCreationTime : 30-12-2005 15:04:42
BasePriority : Normal
FileVersion : 5.8.0.2469 built by: lab01_n(wmbla)
ProductVersion : 5.8.0.2469
ProductName : Sistema operativo Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Actualizaciones automáticas
InternalName : wuauclt.exe
LegalCopyright : © Microsoft Corporation. Reservados todos los derechos.
OriginalFilename : wuauclt.exe
#:27 [iexplore.exe]
FilePath : C:\Archivos de programa\Internet Explorer\
ProcessID : 2088
ThreadCreationTime : 30-12-2005 15:53:07
BasePriority : Normal
FileVersion : 6.00.2600.0000 (xpclient.010817-1148)
ProductVersion : 6.00.2600.0000
ProductName : Sistema operativo Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. Reservados todos los derechos.
OriginalFilename : IEXPLORE.EXE
Adware.Freeprod Toolbar Object Recognized!
Type : Process
Data : freeprod.dll
TAC Rating : 3
Category : Adware
Comment :
Object : C:\Archivos de programa\Freeprod Toolbar\
FileVersion : 1, 0, 0, 4
ProductVersion : 1, 0, 0, 1
ProductName : IE Toolbar
CompanyName : IE Toolbar
FileDescription : IE Toolbar
InternalName : IE Toolbar
LegalCopyright : Copyright 2001-2003. All rights reserved.
OriginalFilename : toolbar.dll


#:28 [iexplore.exe]
FilePath : C:\Archivos de programa\Internet Explorer\
ProcessID : 2296
ThreadCreationTime : 30-12-2005 15:58:17
BasePriority : Normal
FileVersion : 6.00.2600.0000 (xpclient.010817-1148)
ProductVersion : 6.00.2600.0000
ProductName : Sistema operativo Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. Reservados todos los derechos.
OriginalFilename : IEXPLORE.EXE
Adware.Freeprod Toolbar Object Recognized!
Type : Process
Data : freeprod.dll
TAC Rating : 3
Category : Adware
Comment :
Object : C:\Archivos de programa\Freeprod Toolbar\
FileVersion : 1, 0, 0, 4
ProductVersion : 1, 0, 0, 1
ProductName : IE Toolbar
CompanyName : IE Toolbar
FileDescription : IE Toolbar
InternalName : IE Toolbar
LegalCopyright : Copyright 2001-2003. All rights reserved.
OriginalFilename : toolbar.dll


#:29 [winamp.exe]
FilePath : C:\Archivos de programa\Winamp\
ProcessID : 2972
ThreadCreationTime : 30-12-2005 16:19:05
BasePriority : Normal
FileVersion : 5,1,1,143
ProductVersion : 5.1.1.143
ProductName : Winamp
CompanyName : Nullsoft
FileDescription : Winamp
InternalName : WINAMP
LegalCopyright : Copyright © 1997-2005, Nullsoft
LegalTrademarks : Nullsoft and Winamp are trademarks of Nullsoft, Inc.
OriginalFilename : Winamp.exe
Comments : Visit http://www.winamp.com/ for updates.
#:30 [ad-aware.exe]
FilePath : C:\ARCHIV~1\Lavasoft\AD-AWA~1\
ProcessID : 3416
ThreadCreationTime : 30-12-2005 16:23:24
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
#:31 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 3848
ThreadCreationTime : 30-12-2005 16:31:25
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 1
Objects found so far: 3


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Adware.Freeprod Toolbar Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{2296428d-c133-4928-b76a-a200ff409572}
Adware.Freeprod Toolbar Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{77fbf9b8-1d37-4ff2-9ced-192d8e3aba6f}
Adware.Freeprod Toolbar Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : toolband.xbtp07618
Adware.Freeprod Toolbar Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : toolband.xbtp07618.1
Adware.Freeprod Toolbar Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{5279231e-fabe-4abf-83a8-7c7e17e3ce1a}
Adware.Freeprod Toolbar Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : xbtb07618.ietoolbar
Adware.Freeprod Toolbar Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : xbtb07618.ietoolbar.1
Adware.Freeprod Toolbar Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : xbtb07618.xbtb07618
Adware.Freeprod Toolbar Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : xbtb07618.xbtb07618.1
Adware.Director Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1275210071-920026266-842925246-1003\software\director
Adware.Director Object Recognized!
Type : RegValue
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1275210071-920026266-842925246-1003\software\director
Value : BaseURL
Adware.Director Object Recognized!
Type : RegValue
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1275210071-920026266-842925246-1003\software\director
Value : Uid
Adware.Director Object Recognized!
Type : RegValue
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1275210071-920026266-842925246-1003\software\director
Value : Request
Adware.Freeprod Toolbar Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1275210071-920026266-842925246-1003\software\xbtb07618
Adware.Freeprod Toolbar Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\explorer\browser helper objects\{2296428d-c133-4928-b76a-a200ff409572}
Windows Object Recognized!
Type : RegData
Data : explorer.exe "c:\archivos de programa\archivos comunes\microsoft shared\web folders\ibm00001.exe"
TAC Rating : 3
Category : Vulnerability
Comment : Shell Possibly Compromised
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows nt\currentversion\winlogon
Value : Shell
Data : explorer.exe "c:\archivos de programa\archivos comunes\microsoft shared\web folders\ibm00001.exe"
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 16
Objects found so far: 19


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Possible Browser Hijack attempt : Software\Microsoft\Internet Explorer\MainSearch Page.findthewebsiteyouneed.com
Possible Browser Hijack attempt Object Recognized!
Type : RegData
Data : "http://searchbar.findthewebsiteyouneed.com"
TAC Rating : 3
Category : Vulnerability
Comment : Possible Browser Hijack attempt
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Internet Explorer\Main
Value : Search Page
Data : "http://searchbar.findthewebsiteyouneed.com"
Possible Browser Hijack attempt : Software\Microsoft\Internet Explorer\SearchSearchAssistant.findthewebsiteyouneed.com
Possible Browser Hijack attempt Object Recognized!
Type : RegData
Data : "http://searchbar.findthewebsiteyouneed.com"
TAC Rating : 3
Category : Vulnerability
Comment : Possible Browser Hijack attempt
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Internet Explorer\Search
Value : SearchAssistant
Data : "http://searchbar.findthewebsiteyouneed.com"
Possible Browser Hijack attempt : S-1-5-21-1275210071-920026266-842925246-1003\Software\Microsoft\Internet Explorer\MainSearch Page.findthewebsiteyouneed.com
Possible Browser Hijack attempt Object Recognized!
Type : RegData
Data : "http://searchbar.findthewebsiteyouneed.com"
TAC Rating : 3
Category : Vulnerability
Comment : Possible Browser Hijack attempt
Rootkey : HKEY_USERS
Object : S-1-5-21-1275210071-920026266-842925246-1003\Software\Microsoft\Internet Explorer\Main
Value : Search Page
Data : "http://searchbar.findthewebsiteyouneed.com"
Possible Browser Hijack attempt : S-1-5-21-1275210071-920026266-842925246-1003\Software\Microsoft\Internet Explorer\MainSearch Bar.findthewebsiteyouneed.com
Possible Browser Hijack attempt Object Recognized!
Type : RegData
Data : "http://searchbar.findthewebsiteyouneed.com"
TAC Rating : 3
Category : Vulnerability
Comment : Possible Browser Hijack attempt
Rootkey : HKEY_USERS
Object : S-1-5-21-1275210071-920026266-842925246-1003\Software\Microsoft\Internet Explorer\Main
Value : Search Bar
Data : "http://searchbar.findthewebsiteyouneed.com"
Possible Browser Hijack attempt : S-1-5-21-1275210071-920026266-842925246-1003\Software\Microsoft\Internet Explorer\MainDefault_Search_URL.findthewebsiteyouneed.com
Possible Browser Hijack attempt Object Recognized!
Type : RegData
Data : "http://searchbar.findthewebsiteyouneed.com"
TAC Rating : 3
Category : Vulnerability
Comment : Possible Browser Hijack attempt
Rootkey : HKEY_USERS
Object : S-1-5-21-1275210071-920026266-842925246-1003\Software\Microsoft\Internet Explorer\Main
Value : Default_Search_URL
Data : "http://searchbar.findthewebsiteyouneed.com"
Adware.Freeprod Toolbar Object Recognized!
Type : RegValue
Data :
TAC Rating : 3
Category : Adware
Comment : ({77FBF9B8-1D37-4FF2-9CED-192D8E3ABA6F})
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Internet Explorer\Toolbar
Value : {77FBF9B8-1D37-4FF2-9CED-192D8E3ABA6F}
Adware.Director Object Recognized!
Type : RegValue
Data :
TAC Rating : 3
Category : Adware
Comment : "services32"
Rootkey : HKEY_CURRENT_USER
Object : Software\Microsoft\Windows\CurrentVersion\Run
Value : services32
Adware.Director Object Recognized!
Type : File
Data : mc-110-12-0000188.exe
TAC Rating : 3
Category : Adware
Comment :
Object : c:\archivos de programa\archivos comunes\windows\
FileVersion : 3, 1, 1, 83
Comments : http://www.autoitscript.com/autoit3/compiled.html


Adware.DollarRevenue Object Recognized!
Type : RegValue
Data :
TAC Rating : 3
Category : Adware
Comment : "timessquare"
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\Run
Value : timessquare
Adware.DollarRevenue Object Recognized!
Type : File
Data : timessquare.exe
TAC Rating : 3
Category : Adware
Comment :
Object : c:\windows\
FileVersion : 1.00
ProductVersion : 1.00
ProductName : timessquare
InternalName : timessquare
OriginalFilename : timessquare.exe


Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 8
Objects found so far: 29
Adware.Freeprod Toolbar Object Recognized!
Type : RegValue
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1275210071-920026266-842925246-1003\software\microsoft\internet explorer\toolbar\Webbrowser
Value : {77fbf9b8-1d37-4ff2-9ced-192d8e3aba6f}


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : rafa@tribalfusion[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:rafa@tribalfusion.com/
Expires : 01-01-2038 01:00:00
LastSync : Hits:3
UseCount : 0
Hits : 3
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : rafa@atdmt[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:rafa@atdmt.com/
Expires : 29-12-2010 01:00:00
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 2
Objects found so far: 32




Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Adware.Freeprod Toolbar Object Recognized!
Type : File
Data : freeprodtb.exe
TAC Rating : 3
Category : Adware
Comment :
Object : C:\Archivos de programa\Archivos comunes\Download\
FileVersion : 3, 1, 1, 83
Comments : http://www.autoitscript.com/autoit3/compiled.html


Adware.Freeprod Toolbar Object Recognized!
Type : File
Data : mc-110-12-0000188.exe
TAC Rating : 3
Category : Adware
Comment :
Object : C:\Archivos de programa\Archivos comunes\Download\
FileVersion : 3, 1, 1, 83
Comments : http://www.autoitscript.com/autoit3/compiled.html


Adware.Director Object Recognized!
Type : File
Data : mc-110-12-0000188.exe
TAC Rating : 3
Category : Adware
Comment :
Object : C:\Archivos de programa\Archivos comunes\InetGet\
FileVersion : 3, 1, 1, 83
Comments : http://www.autoitscript.com/autoit3/compiled.html


Adware.Director Object Recognized!
Type : File
Data : services32.exe
TAC Rating : 3
Category : Adware
Comment :
Object : C:\Archivos de programa\Archivos comunes\Windows\




Adware.Freeprod Toolbar Object Recognized!
Type : File
Data : freeprod.dll
TAC Rating : 3
Category : Adware
Comment :
Object : C:\Archivos de programa\Freeprod Toolbar\
FileVersion : 1, 0, 0, 4
ProductVersion : 1, 0, 0, 1
ProductName : IE Toolbar
CompanyName : IE Toolbar
FileDescription : IE Toolbar
InternalName : IE Toolbar
LegalCopyright : Copyright 2001-2003. All rights reserved.
OriginalFilename : toolbar.dll


Adware.Freeprod Toolbar Object Recognized!
Type : File
Data : freeprod.dll
TAC Rating : 3
Category : Adware
Comment :
Object : C:\Archivos de programa\Freeprod Toolbar\tbu00193\
FileVersion : 1, 0, 0, 4
ProductVersion : 1, 0, 0, 1
ProductName : IE Toolbar
CompanyName : IE Toolbar
FileDescription : IE Toolbar
InternalName : IE Toolbar
LegalCopyright : Copyright 2001-2003. All rights reserved.
OriginalFilename : toolbar.dll


Adware.Freeprod Toolbar Object Recognized!
Type : File
Data : launcher[1].exe
TAC Rating : 3
Category : Adware
Comment :
Object : C:\Documents and Settings\Rafa\Configuración local\Archivos temporales de Internet\Content.IE5\MD434FWJ\
FileVersion : 3, 1, 1, 83
Comments : http://www.autoitscript.com/autoit3/compiled.html


Adware.Freeprod Toolbar Object Recognized!
Type : File
Data : mc-110-12-0000188[1].exe
TAC Rating : 3
Category : Adware
Comment :
Object : C:\Documents and Settings\Rafa\Configuración local\Archivos temporales de Internet\Content.IE5\MD434FWJ\
FileVersion : 3, 1, 1, 83
Comments : http://www.autoitscript.com/autoit3/compiled.html


Adware.DollarRevenue Object Recognized!
Type : File
Data : timessquare[1].exe
TAC Rating : 3
Category : Adware
Comment :
Object : C:\Documents and Settings\Rafa\Configuración local\Archivos temporales de Internet\Content.IE5\MD434FWJ\
FileVersion : 1.00
ProductVersion : 1.00
ProductName : timessquare
InternalName : timessquare
OriginalFilename : timessquare.exe


Adware.Director Object Recognized!
Type : File
Data : director_install[1].exe
TAC Rating : 3
Category : Adware
Comment :
Object : C:\Documents and Settings\Rafa\Configuración local\Archivos temporales de Internet\Content.IE5\O9YNO5AV\
FileVersion : 3, 1, 1, 83
Comments : http://www.autoitscript.com/autoit3/compiled.html


Adware.Freeprod Toolbar Object Recognized!
Type : File
Data : mc-110-12-0000188.exe
TAC Rating : 3
Category : Adware
Comment :
Object : C:\
FileVersion : 3, 1, 1, 83
Comments : http://www.autoitscript.com/autoit3/compiled.html


Adware.Freeprod Toolbar Object Recognized!
Type : File
Data : mc-110-12-0000188[1].exe
TAC Rating : 3
Category : Adware
Comment :
Object : C:\WINDOWS\system32\config\systemprofile\Configuración local\Archivos temporales de Internet\Content.IE5\0BEFJ12Q\
FileVersion : 3, 1, 1, 83
Comments : http://www.autoitscript.com/autoit3/compiled.html


Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 44


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 44






Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Adware.Director Object Recognized!
Type : Folder
TAC Rating : 3
Category : Adware
Comment : Adware.Director
Object : C:\Archivos de programa\Archivos comunes\Windows
Adware.Director Object Recognized!
Type : File
Data : AutoIt3.exe
TAC Rating : 3
Category : Adware
Comment :
Object : C:\Archivos de programa\Archivos comunes\windows\
FileVersion : 3, 1, 1, 83
ProductVersion : 3, 1, 1, 83
ProductName : AutoIt v3 Script
FileDescription : AutoIt v3 Script
InternalName : AutoIt3.exe
LegalCopyright : ©1999-2005 Jonathan Bennett & AutoIt Team
OriginalFilename : AutoIt3.exe
Comments : http://www.autoitscript.com/autoit3/


Adware.Director Object Recognized!
Type : File
Data : psapi.dll
TAC Rating : 3
Category : Adware
Comment :
Object : C:\Archivos de programa\Archivos comunes\windows\
FileVersion : 4.00
ProductVersion : 4.00
ProductName : Microsoft(R) Windows NT(TM) Operating System
CompanyName : Microsoft Corporation
FileDescription : Process Status Helper
InternalName : PSAPI
LegalCopyright : Copyright (C) Microsoft Corp. 1981-1996
OriginalFilename : PSAPI


Adware.Director Object Recognized!
Type : File
Data : request.html
TAC Rating : 3
Category : Adware
Comment :
Object : C:\Archivos de programa\Archivos comunes\windows\




Adware.Freeprod Toolbar Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\director
Adware.Freeprod Toolbar Object Recognized!
Type : RegValue
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\director
Value : BaseURL
Adware.Freeprod Toolbar Object Recognized!
Type : RegValue
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\director
Value : Uid
Adware.Freeprod Toolbar Object Recognized!
Type : RegValue
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\director
Value : Request
Adware.Freeprod Toolbar Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\xbtb07618.xbtb07618toolbar
Adware.Freeprod Toolbar Object Recognized!
Type : RegValue
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\xbtb07618.xbtb07618toolbar
Value : UninstallString
Adware.Freeprod Toolbar Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{77fbf9b8-1d37-4ff2-9ced-192d8e3aba6f}
Adware.Freeprod Toolbar Object Recognized!
Type : RegValue
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{77fbf9b8-1d37-4ff2-9ced-192d8e3aba6f}
Value : CLSID
Adware.Freeprod Toolbar Object Recognized!
Type : RegValue
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{77fbf9b8-1d37-4ff2-9ced-192d8e3aba6f}
Value : Default Visible
Adware.Freeprod Toolbar Object Recognized!
Type : RegValue
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{77fbf9b8-1d37-4ff2-9ced-192d8e3aba6f}
Value : HotIcon
Adware.Freeprod Toolbar Object Recognized!
Type : RegValue
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{77fbf9b8-1d37-4ff2-9ced-192d8e3aba6f}
Value : Icon
Adware.Freeprod Toolbar Object Recognized!
Type : RegValue
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{77fbf9b8-1d37-4ff2-9ced-192d8e3aba6f}
Value : MenuStatusBar
Adware.Freeprod Toolbar Object Recognized!
Type : RegValue
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{77fbf9b8-1d37-4ff2-9ced-192d8e3aba6f}
Value : MenuText
Adware.Freeprod Toolbar Object Recognized!
Type : RegValue
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{77fbf9b8-1d37-4ff2-9ced-192d8e3aba6f}
Value : ClsidExtension
Adware.Freeprod Toolbar Object Recognized!
Type : RegValue
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\internet explorer\extensions\cmdmapping
Value : {77FBF9B8-1D37-4FF2-9CED-192D8E3ABA6F}
Adware.Freeprod Toolbar Object Recognized!
Type : RegValue
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\windows\currentversion\internet settings
Value : GlobalUserOffline
Adware.Freeprod Toolbar Object Recognized!
Type : RegData
Data : 0
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\internet explorer\main\featurecontrol\feature_localmachine_lockdown
Value : iexplore.exe
Data : 0
Adware.Freeprod Toolbar Object Recognized!
Type : Folder
TAC Rating : 3
Category : Adware
Comment : Adware.Freeprod Toolbar
Object : C:\Archivos de programa\Freeprod Toolbar
Adware.Freeprod Toolbar Object Recognized!
Type : Folder
TAC Rating : 3
Category : Adware
Comment : Adware.Freeprod Toolbar
Object : C:\Archivos de programa\freeprod toolbar\Cache
Adware.Freeprod Toolbar Object Recognized!
Type : Folder
TAC Rating : 3
Category : Adware
Comment : Adware.Freeprod Toolbar
Object : C:\Archivos de programa\Archivos comunes\InetGet
Adware.Freeprod Toolbar Object Recognized!
Type : Folder
TAC Rating : 3
Category : Adware
Comment : Adware.Freeprod Toolbar
Object : C:\Archivos de programa\Archivos comunes\Download
Adware.Freeprod Toolbar Object Recognized!
Type : File
Data : basis.xml
TAC Rating : 3
Category : Adware
Comment :
Object : C:\Archivos de programa\freeprod toolbar\




Adware.Freeprod Toolbar Object Recognized!
Type : File
Data : favicon.ico
TAC Rating : 3
Category : Adware
Comment :
Object : C:\Archivos de programa\freeprod toolbar\




Adware.Freeprod Toolbar Object Recognized!
Type : File
Data : freeprod.crc
TAC Rating : 3
Category : Adware
Comment :
Object : C:\Archivos de programa\freeprod toolbar\




Adware.Freeprod Toolbar Object Recognized!
Type : File
Data : icons.bmp
TAC Rating : 3
Category : Adware
Comment :
Object : C:\Archivos de programa\freeprod toolbar\




Adware.Freeprod Toolbar Object Recognized!
Type : File
Data : msvcp60.dll
TAC Rating : 3
Category : Adware
Comment :
Object : C:\Archivos de programa\freeprod toolbar\
FileVersion : 6.00.8972.0
ProductVersion : 6.00.8972.0
ProductName : Microsoft (R) Visual C++
CompanyName : Microsoft Corporation
FileDescription : Microsoft (R) C++ Runtime Library
InternalName : MSVCP60.DLL
LegalCopyright : Copyright (C) Microsoft Corp. 1981-1998
OriginalFilename : MSVCP60.DLL


Adware.Freeprod Toolbar Object Recognized!
Type : File
Data : msvcrt.dll
TAC Rating : 3
Category : Adware
Comment :
Object : C:\Archivos de programa\freeprod toolbar\
FileVersion : 6.10.9359.0
ProductVersion : 6.10.9359.0
ProductName : Microsoft (R) Visual C++
CompanyName : Microsoft Corporation
FileDescription : Microsoft (R) C Runtime Library
InternalName : MSVCRT.DLL
LegalCopyright : Copyright (C) Microsoft Corp. 1981-1999
OriginalFilename : MSVCRT.DLL


Adware.Freeprod Toolbar Object Recognized!
Type : File
Data : version.txt
TAC Rating : 3
Category : Adware
Comment :
Object : C:\Archivos de programa\freeprod toolbar\




Adware.Freeprod Toolbar Object Recognized!
Type : File
Data : id.id
TAC Rating : 3
Category : Adware
Comment :
Object : C:\DOCUME~1\Rafa\CONFIG~1\Temp\




Adware.Freeprod Toolbar Object Recognized!
Type : File
Data : freeprod.exe
TAC Rating : 3
Category : Adware
Comment :
Object : C:\Archivos de programa\Archivos comunes\download\




Adware.DollarRevenue Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\downloadmanager
Other Object Recognized!
Type : File
Data : MC-110-12-0000188.EXE-075F9D4C.pf
TAC Rating : 7
Category : Malware
Comment :
Object : C:\WINDOWS\prefetch\




Other Object Recognized!
Type : File
Data : MC-110-12-0000188.EXE-26D9E7B4.pf
TAC Rating : 7
Category : Malware
Comment :
Object : C:\WINDOWS\prefetch\




Other Object Recognized!
Type : File
Data : MC-110-12-0000188.EXE-2D42CDAB.pf
TAC Rating : 7
Category : Malware
Comment :
Object : C:\WINDOWS\prefetch\




Other Object Recognized!
Type : File
Data : FREEPRODTB.EXE-036DEDE8.pf
TAC Rating : 7
Category : Malware
Comment :
Object : C:\WINDOWS\prefetch\




Other Object Recognized!
Type : File
Data : SERVICES32.EXE-1E8CA98F.pf
TAC Rating : 7
Category : Malware
Comment :
Object : C:\WINDOWS\prefetch\




Other Object Recognized!
Type : File
Data : FREEPROD.EXE-012374FC.pf
TAC Rating : 7
Category : Malware
Comment :
Object : C:\WINDOWS\prefetch\




Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 41
Objects found so far: 85
17:52:32 Scan Complete
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:20:31.891
Objects scanned:103449
Objects identified:98
Objects ignored:0
New critical objects:98
Back to Top
 
New Topic Post reply to : Lots of viruses Printable version of : Lots of viruses
 
Forum Information
Currently it is Friday, January 09, 2009 11:39 PM (GMT +1)
There are a total of 66.009 posts in 16.187 threads.
In the last 3 days there were 18 new threads and 109 reply posts. View Active Threads
Who's Online
This forum has 27804 registered members. Please welcome our newest member, revmrf.
49 Guest(s), 1 Registered Member(s) are currently online.  Details
phinfan
5 Latest Threads
Windows antivirus 2009 (4)09-01-2009 22:25:35 (castleclan)
Google redirect virus help (6)09-01-2009 20:36:39 (phinfan)
Connection to server timeout (0)09-01-2009 20:35:36 (revmrf)
Hijackthis (2)09-01-2009 19:41:14 (fingers101)
Need help with removing viruses ∼tmpa and ∼tmpc!!! (4)09-01-2009 19:26:11 (Strummer89)


Need Support? Write to: | Forum Help Manual

Download free trial version of Bullguard