IE Syntax Error and Can´t browse some sites

Hi,
Download Ewido and install it. Then run, you will receive a warning message saying "Database not found", click "OK" for this. Next in the main screen, click "Update" and click "Start Update". After the update process, exit from Ewido.

Download CleanUp! and install it. Do not run it now.

Make Windows to show all files:-
Go to Start > My Computer.
Go to Tools menu, click Folder Options (Folder Option will be in View Menu in Win98).
Uncheck Hide protected operating system files.
Then, click to select the option Show hidden files and folders.
Click Apply and then click OK to exit.

Reboot in Safe Mode:-
Restart (or switch ON) the PC.
Then, keep tapping the F8 Key.
From the menu that will be displayed, out of which choose Safe Mode and press Enter.

Run HijackThis and click Do only a System scan.
Then put a check mark infront of below listed entries:-

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O4 - HKLM\..\Run: [System Configurator] 2\RUNDLL.EXE
O4 - HKLM\..\Run: [WinDriv32] C:\WINDOWS\System32\WinDriv32.exe
O4 - HKCU\..\Run: [WinDriv32] C:\WINDOWS\System32\WinDriv32.exe

Close all other open programs except Hijackthis and click the button Fix Checked in HijackThis.

Exit from HijackThis. Delete this file:-
C:\WINDOWS\System32\WinDriv32.exe

Run CleanUp!, click "Options" button, move the "Quick Setup" slider to "Thorough CleanUp!" and click "Yes" for the warning message and exit from Options. Click "CleanUp!" to start cleaning. After cleaning, click "Close", and choose "No" to avoid the restart.

Run Ewido, click on the "Scanner" button in the left menu, then click on the "Start" button.
If ewido finds anything, it will pop up a notification. You can select "Clean" and check the boxes "Perform action with all infections" and "Create encrypted backup" before clicking on OK.
When the scan finishes, click on "Save Report". This will create a text file.

Reboot to Normal Mode. Run HijackThis again, click Do a System scan and save log, and post the fresh log along with the Ewido log.

Hi swatkat!

Thanks for your help!!

Well...let´s start..

Some funny things.In safe mode, the System Scan of HJT does not report the lines:

1)R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
2)O4 - HKCU\..\Run: [WinDriv32] C:\WINDOWS\System32\WinDriv32.exe (only appears ONE line and no two lines)

I fix all the other lines in safe mode

When i go to Windows/system32 after fix the lines with HJT, i can´t find the file windriv32.exe....

I installed Clenup but the screen was diferrent (i can´t find any slider) but anyway I made a cleaning..

I had run Ewido. first i have an error on a file (it was a zip) and after descompress no problem at all...

But STILL have SYNTAX ERROR (right now i can´t go to this page throught IE 6, i´m using firefox) and worst... it´s like the windows must be affected as i CAN´T search in star-->Find.A blank, white and a blue left margin window...

LOGS:


1) HJT
Logfile of HijackThis v1.99.1
Scan saved at 12:47:43, on 22/07/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)


Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Archivos de programa\Archivos comunes\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\atwtusb.exe
C:\Archivos de programa\Softick\PPP\PPPGate.exe
C:\Archivos de programa\Softick\CardExport\CardGate.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Archivos de programa\TVTool 6.5\TVTool.exe
C:\WINDOWS\system32\svchost.exe
C:\Archivos de programa\ScanSoft\OmniPagePro11.0\opware32.exe
C:\ARCHIV~1\ZONELA~1\ZONEAL~1\zlclient.exe
C:\Archivos de programa\Archivos comunes\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Archivos de programa\Java\jre1.5.0_02\bin\jusched.exe
C:\Archivos de programa\Conceptronic\Software Bluetooth\bin\btwdins.exe
C:\Archivos de programa\ABBYY FineReader 7.0 Professional Edition\AbbyyNewsReader.exe
C:\Archivos de programa\Archivos comunes\Symantec Shared\ccSetMgr.exe
C:\Archivos de programa\Archivos comunes\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Archivos de programa\ewido\security suite\ewidoctrl.exe
C:\Archivos de programa\Microsoft ActiveSync\WCESCOMM.EXE
C:\Archivos de programa\Wanadoo\USB ADSL Modem\dslmon.exe
C:\Archivos de programa\InterVideo\MSIPVS\WinScheduler.exe
C:\Archivos de programa\ewido\security suite\ewidoguard.exe
C:\Archivos de programa\Conceptronic\Software Bluetooth\BTTray.exe
C:\Archivos de programa\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Archivos de programa\TechniSat DVB\bin\Server4PC.exe
C:\Archivos de programa\Project1\Soltek_HM.exe
C:\Archivos de programa\Palm\HOTSYNC.EXE
C:\Archivos de programa\Palm\HandStory.exe
C:\WINDOWS\webshots.scr
C:\Archivos de programa\Norton AntiVirus\navapsvc.exe
C:\ARCHIV~1\CONCEP~1\SOFTWA~1\BTSTAC~1.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Archivos de programa\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\Archivos de programa\RealVNC\VNC4\WinVNC4.exe
C:\Archivos de programa\Archivos comunes\Symantec Shared\ccEvtMgr.exe
C:\Archivos de programa\Archivos comunes\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\System32\alg.exe
C:\Archivos de programa\Messenger\msmsgs.exe
C:\clean\hijackthis\HijackThis.exe


R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\archivos de programa\google\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Archivos de programa\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\ARCHIV~1\FLASHGET\fgiebar.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Archivos de programa\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\archivos de programa\google\googletoolbar2.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Archivos de programa\Archivos comunes\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [atwtusb] atwtusb.exe beta
O4 - HKLM\..\Run: [VOBRegCheck] C:\WINDOWS\System32\VOBREGCheck.exe -CheckReg
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe
O4 - HKLM\..\Run: [amouse] C:\Archivos de programa\Auto Mouse\automouse.exe
O4 - HKLM\..\Run: [SoftickPPP] "C:\Archivos de programa\Softick\PPP\PPPGate.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Archivos de programa\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CardGate] "C:\Archivos de programa\Softick\CardExport\CardGate.exe"
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [TVTool] "C:\Archivos de programa\TVTool 6.5\TVTool.exe"
O4 - HKLM\..\Run: [Omnipage] C:\Archivos de programa\ScanSoft\OmniPagePro11.0\opware32.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\ARCHIV~1\ZONELA~1\ZONEAL~1\zlclient.exe
O4 - HKLM\..\Run: [ccApp] "C:\Archivos de programa\Archivos comunes\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Archivos de programa\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [FineReader7NewsReaderPro] C:\Archivos de programa\ABBYY FineReader 7.0 Professional Edition\AbbyyNewsReader.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\ARCHIV~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [THGuard] "C:\Archivos de programa\TrojanHunter 4.2\THGuard.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\ARCHIV~1\YAHOO!\MESSEN~1\ypager.exe -quiet
O4 - HKCU\..\Run: [FreeMem Pro] "C:\ARCHIV~1\FREEME~1\Fmempro.exe" autostart
O4 - HKCU\..\Run: [WinDriv32] C:\WINDOWS\System32\WinDriv32.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Archivos de programa\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - Startup: Soltek HM.LNK = C:\Archivos de programa\Project1\Soltek_HM.exe
O4 - Startup: HotSync Manager.lnk = C:\Archivos de programa\Palm\HOTSYNC.EXE
O4 - Startup: HandStory.lnk = C:\Archivos de programa\Palm\HandStory.exe
O4 - Startup: Registration-InstantCopy.lnk = C:\Archivos de programa\InstantCD+DVD\SharedFiles\Pixie\RegTool.exe
O4 - Startup: Webshots.lnk = C:\Archivos de programa\Webshots\Launcher.exe
O4 - Global Startup: DSLMON.lnk = ?
O4 - Global Startup: InterVideo WinScheduler.lnk = C:\Archivos de programa\InterVideo\MSIPVS\WinScheduler.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Archivos de programa\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Archivos de programa\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Acrobat Assistant.lnk = C:\Archivos de programa\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Inicio rápido de Adobe Reader.lnk = C:\Archivos de programa\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Server4PC.lnk = C:\Archivos de programa\TechniSat DVB\bin\Server4PC.exe
O8 - Extra context menu item: &Google Search - res://c:\archivos de programa\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Save To Palm - C:\Archivos de programa\Palm\HandStoryME.htm
O8 - Extra context menu item: Backward Links - res://c:\archivos de programa\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: C&lip To Palm - C:\Archivos de programa\Palm\HandStoryMEC.htm
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\archivos de programa\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Download All by FlashGet - C:\Archivos de programa\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Archivos de programa\FlashGet\jc_link.htm
O8 - Extra context menu item: Enviar a &Bluetooth - C:\Archivos de programa\Conceptronic\Software Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: Similar Pages - res://c:\archivos de programa\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Sothink SWF Catcher - C:\Archivos de programa\Archivos comunes\SourceTec\SWF Catcher\InternetExplorer.htm
O8 - Extra context menu item: Translate into English - res://c:\archivos de programa\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Crear un favorito móvil - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Archivos de programa\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Archivos de programa\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Crear un favorito móvil... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Archivos de programa\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Save To Palm - {6C8741AB-53B4-476e-BE7C-F519AD8A6494} - C:\Archivos de programa\Palm\HandStoryTE.htm
O9 - Extra 'Tools' menuitem: &Save To Palm - {6C8741AB-53B4-476e-BE7C-F519AD8A6494} - C:\Archivos de programa\Palm\HandStoryTE.htm
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Archivos de programa\Conceptronic\Software Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Archivos de programa\Conceptronic\Software Bluetooth\btsendto_ie.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\ARCHIV~1\FLASHGET\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\ARCHIV~1\FLASHGET\flashget.exe
O9 - Extra button: SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Archivos de programa\Archivos comunes\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Archivos de programa\Archivos comunes\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\ARCHIV~1\YAHOO!\MESSEN~1\YPAGER.EXE
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\ARCHIV~1\YAHOO!\MESSEN~1\YPAGER.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-24.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {C1BAC744-8F0B-11D0-89E7-00C0A8295197} (Cameractl Class) - http://www.crtvg.es/camweb/camera.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Archivos de programa\Conceptronic\Software Bluetooth\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Archivos de programa\Archivos comunes\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Archivos de programa\Archivos comunes\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Archivos de programa\Archivos comunes\Symantec Shared\ccSetMgr.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Archivos de programa\Archivos comunes\EPSON\EBAPI\SAgent2.exe
O23 - Service: ewido security suite control - ewido networks - C:\Archivos de programa\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Archivos de programa\ewido\security suite\ewidoguard.exe
O23 - Service: LogoMedia TranslateDotNet Server - LogoMedia Corporation - C:\Archivos de programa\Power Translator\LogoMedia TranslateDotNet Server.exe
O23 - Service: Servicio Auto-Protect de Norton AntiVirus (navapsvc) - Symantec Corporation - C:\Archivos de programa\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Archivos de programa\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\ARCHIV~1\ARCHIV~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Archivos de programa\Archivos comunes\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Archivos de programa\Archivos comunes\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZONELABS\vsmon.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Archivos de programa\RealVNC\VNC4\WinVNC4.exe" -service (file missing)


2) Ewido


2.1-Frist log
---------------------------------------------------------
ewido security suite - Report de exploración
---------------------------------------------------------


+ Creado en:        12:36:54, 22/07/2005
+ Report-Checksum:  47A619CE


+ Scan result:


HKLM\SOFTWARE\Classes\iefeatsl.ViewSource -> Spyware.CoolWebSearch : Limpio con backup
HKLM\SOFTWARE\Classes\iefeatsl.ViewSource\CLSID -> Spyware.CoolWebSearch : Limpio con backup
HKLM\SOFTWARE\Classes\iefeatsl.ViewSource\CurVer -> Spyware.CoolWebSearch : Limpio con backup
HKLM\SOFTWARE\Classes\SearchHook.SearchHookObject -> Spyware.CoolWebSearch : Limpio con backup
HKLM\SOFTWARE\Classes\SearchHook.SearchHookObject\CLSID -> Spyware.CoolWebSearch : Limpio con backup
HKLM\SOFTWARE\Classes\SearchHook.SearchHookObject\CurVer -> Spyware.CoolWebSearch : Limpio con backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{FD9BC004-8331-4457-B830-4759FF704C22} -> Spyware.CoolWebSearch : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@gator[1].txt -> Spyware.Cookie.Gator : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@mediaplex[1].txt -> Spyware.Cookie.Mediaplex : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@fastclick[1].txt -> Spyware.Cookie.Fastclick : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@tribalfusion[2].txt -> Spyware.Cookie.Tribalfusion : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@z1.adserver[1].txt -> Spyware.Cookie.Adserver : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@advertising[1].txt -> Spyware.Cookie.Advertising : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@targetnet[2].txt -> Spyware.Cookie.Targetnet : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@qksrv[2].txt -> Spyware.Cookie.Qksrv : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@servedby.advertising[1].txt -> Spyware.Cookie.Advertising : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@www.smartadserver[1].txt -> Spyware.Cookie.Smartadserver : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@hitbox[2].txt -> Spyware.Cookie.Hitbox : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@overture[2].txt -> Spyware.Cookie.Overture : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@as1.falkag[2].txt -> Spyware.Cookie.Falkag : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@as1.falkag[1].txt -> Spyware.Cookie.Falkag : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@counter2.hitslink[2].txt -> Spyware.Cookie.Hitslink : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@z1.adserver[3].txt -> Spyware.Cookie.Adserver : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@serving-sys[1].txt -> Spyware.Cookie.Serving-sys : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@edge.ru4[1].txt -> Spyware.Cookie.Ru4 : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@2o7[1].txt -> Spyware.Cookie.2o7 : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@questionmarket[2].txt -> Spyware.Cookie.Questionmarket : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@fastclick[2].txt -> Spyware.Cookie.Fastclick : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@centrport[1].txt -> Spyware.Cookie.Centrport : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@ehg-wizardsofthecoast.hitbox[2].txt -> Spyware.Cookie.Hitbox : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@advertising[2].txt -> Spyware.Cookie.Advertising : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@112.2o7[2].txt -> Spyware.Cookie.2o7 : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@adtech[2].txt -> Spyware.Cookie.Adtech : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@tribalfusion[3].txt -> Spyware.Cookie.Tribalfusion : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@247realmedia[1].txt -> Spyware.Cookie.247realmedia : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@ehg-idg.hitbox[1].txt -> Spyware.Cookie.Hitbox : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@bs.serving-sys[2].txt -> Spyware.Cookie.Serving-sys : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@bilbo.counted[2].txt -> Spyware.Cookie.Counted : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@bfast[1].txt -> Spyware.Cookie.Bfast : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@tradedoubler[2].txt -> Spyware.Cookie.Tradedoubler : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@atdmt[2].txt -> Spyware.Cookie.Atdmt : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@phg.hitbox[2].txt -> Spyware.Cookie.Hitbox : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@targetnet[1].txt -> Spyware.Cookie.Targetnet : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@ehg-newegg.hitbox[1].txt -> Spyware.Cookie.Hitbox : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@ads.pointroll[1].txt -> Spyware.Cookie.Pointroll : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@www.goldenpalace[1].txt -> Spyware.Cookie.Goldenpalace : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@z1.adserver[4].txt -> Spyware.Cookie.Adserver : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@ehg-sonycomputer.hitbox[2].txt -> Spyware.Cookie.Hitbox : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@bfast[2].txt -> Spyware.Cookie.Bfast : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@phg.hitbox[3].txt -> Spyware.Cookie.Hitbox : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@overture[1].txt -> Spyware.Cookie.Overture : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@bluestreak[2].txt -> Spyware.Cookie.Bluestreak : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@tradedoubler[3].txt -> Spyware.Cookie.Tradedoubler : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@counter.hitslink[2].txt -> Spyware.Cookie.Hitslink : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@ehg-zoomerang.hitbox[1].txt -> Spyware.Cookie.Hitbox : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@spylog[2].txt -> Spyware.Cookie.Spylog : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@bluestreak[3].txt -> Spyware.Cookie.Bluestreak : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@bilbo.counted[3].txt -> Spyware.Cookie.Counted : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@ad.adition[3].txt -> Spyware.Cookie.Adition : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@as1.falkag[4].txt -> Spyware.Cookie.Falkag : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@ehg-randomhouse.hitbox[1].txt -> Spyware.Cookie.Hitbox : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@hitbox[3].txt -> Spyware.Cookie.Hitbox : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@questionmarket[1].txt -> Spyware.Cookie.Questionmarket : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@weborama[2].txt -> Spyware.Cookie.Weborama : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@counter4.sextracker[1].txt -> Spyware.Cookie.Sextracker : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@ehg-darksideprod.hitbox[2].txt -> Spyware.Cookie.Hitbox : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@fastclick[4].txt -> Spyware.Cookie.Fastclick : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@goldenpalace[2].txt -> Spyware.Cookie.Goldenpalace : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@2o7[3].txt -> Spyware.Cookie.2o7 : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@ads.addynamix[1].txt -> Spyware.Cookie.Addynamix : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@counter3.sextracker[1].txt -> Spyware.Cookie.Sextracker : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@ehg-uniontrib.hitbox[2].txt -> Spyware.Cookie.Hitbox : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@ads.pointroll[2].txt -> Spyware.Cookie.Pointroll : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@adviva[2].txt -> Spyware.Cookie.Adviva : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@servedby.advertising[2].txt -> Spyware.Cookie.Advertising : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@advertising[4].txt -> Spyware.Cookie.Advertising : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@paypopup[1].txt -> Spyware.Cookie.Paypopup : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@counter12.sextracker[1].txt -> Spyware.Cookie.Sextracker : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@ehg-hsm.hitbox[2].txt -> Spyware.Cookie.Hitbox : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@sextracker[1].txt -> Spyware.Cookie.Sextracker : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@xxxcounter[1].txt -> Spyware.Cookie.Xxxcounter : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@counter15.sextracker[1].txt -> Spyware.Cookie.Sextracker : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@paycounter[2].txt -> Spyware.Cookie.Paycounter : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@valueclick[1].txt -> Spyware.Cookie.Valueclick : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@data.coremetrics[1].txt -> Spyware.Cookie.Coremetrics : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@ehg-cafepress.hitbox[1].txt -> Spyware.Cookie.Hitbox : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@servedby.advertising[3].txt -> Spyware.Cookie.Advertising : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@counter16.sextracker[1].txt -> Spyware.Cookie.Sextracker : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@sexlist[2].txt -> Spyware.Cookie.Sexlist : Limpio con backup
C:\Documents and Settings\Andres\Configuración local\Temp\Cookies\andres@counter13.sextracker[1].txt -> Spyware.Cookie.Sextracker : Limpio con backup
C:\Documents and Settings\Andres\Mis documentos\HDD_Regenerator_v1[1].41.zip/bkg.exe -> TrojanDownloader.INService : Error durante limpieza
C:\Documents and Settings\Andres\Cookies\andres@tradedoubler[1].txt -> Spyware.Cookie.Tradedoubler : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@mediaplex[1].txt -> Spyware.Cookie.Mediaplex : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@adtech[3].txt -> Spyware.Cookie.Adtech : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@findwhat[1].txt -> Spyware.Cookie.Findwhat : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@hotlog[2].txt -> Spyware.Cookie.Hotlog : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@web4.realtracker[1].txt -> Spyware.Cookie.Realtracker : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@doubleclick[2].txt -> Spyware.Cookie.Doubleclick : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@ads.x10[2].txt -> Spyware.Cookie.X10 : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@z1.adserver[3].txt -> Spyware.Cookie.Adserver : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@questionmarket[1].txt -> Spyware.Cookie.Questionmarket : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@2o7[1].txt -> Spyware.Cookie.2o7 : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@perf.overture[1].txt -> Spyware.Cookie.Overture : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@tradedoubler[3].txt -> Spyware.Cookie.Tradedoubler : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@ads.specificpop[2].txt -> Spyware.Cookie.Specificpop : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@ads18.bpath[1].txt -> Spyware.Cookie.Bpath : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@ads47.bpath[2].txt -> Spyware.Cookie.Bpath : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@serving-sys[3].txt -> Spyware.Cookie.Serving-sys : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@bs.serving-sys[2].txt -> Spyware.Cookie.Serving-sys : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@xxxtoolbar[2].txt -> Spyware.Cookie.Xxxtoolbar : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@www.smartadserver[2].txt -> Spyware.Cookie.Smartadserver : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@tribalfusion[2].txt -> Spyware.Cookie.Tribalfusion : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@hotlog[3].txt -> Spyware.Cookie.Hotlog : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@bs.serving-sys[1].txt -> Spyware.Cookie.Serving-sys : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@paycounter[1].txt -> Spyware.Cookie.Paycounter : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@ads47.bpath[3].txt -> Spyware.Cookie.Bpath : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@fastclick[1].txt -> Spyware.Cookie.Fastclick : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@centrport[1].txt -> Spyware.Cookie.Centrport : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@www.res99[1].txt -> Spyware.Cookie.Res99 : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@atdmt[2].txt -> Spyware.Cookie.Atdmt : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@trafficmp[1].txt -> Spyware.Cookie.Trafficmp : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@ivwbox[2].txt -> Spyware.Cookie.Ivwbox : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@spylog[2].txt -> Spyware.Cookie.Spylog : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@bluestreak[1].txt -> Spyware.Cookie.Bluestreak : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@as1.falkag[1].txt -> Spyware.Cookie.Falkag : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@adtech[2].txt -> Spyware.Cookie.Adtech : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@ads.x10[3].txt -> Spyware.Cookie.X10 : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@z1.adserver[1].txt -> Spyware.Cookie.Adserver : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@weborama[2].txt -> Spyware.Cookie.Weborama : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@ads.specificpop[1].txt -> Spyware.Cookie.Specificpop : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@bilbo.counted[2].txt -> Spyware.Cookie.Counted : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@ad.adition[2].txt -> Spyware.Cookie.Adition : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@fl01.ct2.comclick[2].txt -> Spyware.Cookie.Comclick : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@realmedia[2].txt -> Spyware.Cookie.Realmedia : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@ads.pointroll[2].txt -> Spyware.Cookie.Pointroll : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@overture[1].txt -> Spyware.Cookie.Overture : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@internetfuel[2].txt -> Spyware.Cookie.Internetfuel : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@hestia.sextrail.trakkerd[2].txt -> Spyware.Cookie.Trakkerd : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@xxxcounter[2].txt -> Spyware.Cookie.Xxxcounter : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@bilbo.counted[4].txt -> Spyware.Cookie.Counted : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@vad.mainentrypoint[1].txt -> Spyware.Cookie.Mainentrypoint : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@edge.ru4[1].txt -> Spyware.Cookie.Ru4 : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@www.smartadserver[1].txt -> Spyware.Cookie.Smartadserver : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@valueclick[1].txt -> Spyware.Cookie.Valueclick : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@valueclick[3].txt -> Spyware.Cookie.Valueclick : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@tribalfusion[3].txt -> Spyware.Cookie.Tribalfusion : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@questionmarket[3].txt -> Spyware.Cookie.Questionmarket : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@ds.serving-sys[1].txt -> Spyware.Cookie.Serving-sys : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@weborama[3].txt -> Spyware.Cookie.Weborama : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@advertising[1].txt -> Spyware.Cookie.Advertising : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@overture[2].txt -> Spyware.Cookie.Overture : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@edge.ru4[2].txt -> Spyware.Cookie.Ru4 : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@centrport[3].txt -> Spyware.Cookie.Centrport : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@247realmedia[1].txt -> Spyware.Cookie.247realmedia : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@bilbo.counted[3].txt -> Spyware.Cookie.Counted : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@xxxtoolbar[1].txt -> Spyware.Cookie.Xxxtoolbar : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@serving-sys[1].txt -> Spyware.Cookie.Serving-sys : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@tribalfusion[4].txt -> Spyware.Cookie.Tribalfusion : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@ads.pointroll[3].txt -> Spyware.Cookie.Pointroll : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@bluestreak[3].txt -> Spyware.Cookie.Bluestreak : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@bluestreak[2].txt -> Spyware.Cookie.Bluestreak : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@as1.falkag[2].txt -> Spyware.Cookie.Falkag : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@112.2o7[2].txt -> Spyware.Cookie.2o7 : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@trafficmp[2].txt -> Spyware.Cookie.Trafficmp : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@ivwbox[1].txt -> Spyware.Cookie.Ivwbox : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@spylog[3].txt -> Spyware.Cookie.Spylog : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@questionmarket[4].txt -> Spyware.Cookie.Questionmarket : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@bs.serving-sys[3].txt -> Spyware.Cookie.Serving-sys : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@2o7[2].txt -> Spyware.Cookie.2o7 : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@sextracker[1].txt -> Spyware.Cookie.Sextracker : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@2o7[4].txt -> Spyware.Cookie.2o7 : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@serving-sys[2].txt -> Spyware.Cookie.Serving-sys : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@servedby.advertising[2].txt -> Spyware.Cookie.Advertising : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@bs.serving-sys[4].txt -> Spyware.Cookie.Serving-sys : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@tradedoubler[4].txt -> Spyware.Cookie.Tradedoubler : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@counter2.hitslink[1].txt -> Spyware.Cookie.Hitslink : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@weborama[4].txt -> Spyware.Cookie.Weborama : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@counter2.sextracker[1].txt -> Spyware.Cookie.Sextracker : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@as1.falkag[3].txt -> Spyware.Cookie.Falkag : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@counter7.sextracker[1].txt -> Spyware.Cookie.Sextracker : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@counter4.sextracker[1].txt -> Spyware.Cookie.Sextracker : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@paycounter[3].txt -> Spyware.Cookie.Paycounter : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@hitbox[2].txt -> Spyware.Cookie.Hitbox : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@ehg-dig.hitbox[2].txt -> Spyware.Cookie.Hitbox : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@247realmedia[2].txt -> Spyware.Cookie.247realmedia : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@ehg-cafepress.hitbox[1].txt -> Spyware.Cookie.Hitbox : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@ehg-sonycomputer.hitbox[2].txt -> Spyware.Cookie.Hitbox : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@trafficmp[4].txt -> Spyware.Cookie.Trafficmp : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@112.2o7[1].txt -> Spyware.Cookie.2o7 : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@statse.webtrendslive[2].txt -> Spyware.Cookie.Webtrendslive : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@valueclick[2].txt -> Spyware.Cookie.Valueclick : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@counter4.sextracker[2].txt -> Spyware.Cookie.Sextracker : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@centrport[2].txt -> Spyware.Cookie.Centrport : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@serving-sys[4].txt -> Spyware.Cookie.Serving-sys : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@adtech[4].txt -> Spyware.Cookie.Adtech : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@bilbo.counted[5].txt -> Spyware.Cookie.Counted : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@ad.adition[4].txt -> Spyware.Cookie.Adition : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@adviva[2].txt -> Spyware.Cookie.Adviva : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@questionmarket[2].txt -> Spyware.Cookie.Questionmarket : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@bfast[2].txt -> Spyware.Cookie.Bfast : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@ehg-samsungusa.hitbox[1].txt -> Spyware.Cookie.Hitbox : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@weborama[1].txt -> Spyware.Cookie.Weborama : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@perf.overture[2].txt -> Spyware.Cookie.Overture : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@ehg-hasbro.hitbox[2].txt -> Spyware.Cookie.Hitbox : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@fl01.ct2.comclick[3].txt -> Spyware.Cookie.Comclick : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@edge.ru4[4].txt -> Spyware.Cookie.Ru4 : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@free.wegcash[2].txt -> Spyware.Cookie.Wegcash : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@www.goldenpalace[1].txt -> Spyware.Cookie.Goldenpalace : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@casinotropez[1].txt -> Spyware.Cookie.Casinotropez : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@affiliates.x10[2].txt -> Spyware.Cookie.X10 : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@mediaplex[2].txt -> Spyware.Cookie.Mediaplex : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@ehg-idg.hitbox[1].txt -> Spyware.Cookie.Hitbox : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@ehg-atariinc.hitbox[1].txt -> Spyware.Cookie.Hitbox : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@qksrv[1].txt -> Spyware.Cookie.Qksrv : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@counter.hitslink[2].txt -> Spyware.Cookie.Hitslink : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@counter2.hitslink[2].txt -> Spyware.Cookie.Hitslink : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@targetnet[2].txt -> Spyware.Cookie.Targetnet : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@paypopup[1].txt -> Spyware.Cookie.Paypopup : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@advertising[2].txt -> Spyware.Cookie.Advertising : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@ehg-newarkinone.hitbox[2].txt -> Spyware.Cookie.Hitbox : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@xxxtoolbar[3].txt -> Spyware.Cookie.Xxxtoolbar : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@linksynergy[2].txt -> Spyware.Cookie.Linksynergy : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@ehg-playboy.hitbox[1].txt -> Spyware.Cookie.Hitbox : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@sexlist[2].txt -> Spyware.Cookie.Sexlist : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@as1.falkag[4].txt -> Spyware.Cookie.Falkag : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@doubleclick[3].txt -> Spyware.Cookie.Doubleclick : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@goldenpalace[2].txt -> Spyware.Cookie.Goldenpalace : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@sextracker[2].txt -> Spyware.Cookie.Sextracker : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@ysbweb[2].txt -> Spyware.Cookie.Ysbweb : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@counter9.sextracker[1].txt -> Spyware.Cookie.Sextracker : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@programs.wegcash[1].txt -> Spyware.Cookie.Wegcash : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@counter2.sextracker[2].txt -> Spyware.Cookie.Sextracker : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@spylog[1].txt -> Spyware.Cookie.Spylog : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@hotlog[4].txt -> Spyware.Cookie.Hotlog : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@z1.adserver[2].txt -> Spyware.Cookie.Adserver : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@counter13.sextracker[2].txt -> Spyware.Cookie.Sextracker : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@bluestreak[5].txt -> Spyware.Cookie.Bluestreak : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@paycounter[2].txt -> Spyware.Cookie.Paycounter : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@fastclick[2].txt -> Spyware.Cookie.Fastclick : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@overture[4].txt -> Spyware.Cookie.Overture : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@counter12.sextracker[2].txt -> Spyware.Cookie.Sextracker : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@xxxcounter[1].txt -> Spyware.Cookie.Xxxcounter : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@bs.serving-sys[6].txt -> Spyware.Cookie.Serving-sys : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@hitbox[1].txt -> Spyware.Cookie.Hitbox : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@ehg-interlifeform.hitbox[2].txt -> Spyware.Cookie.Hitbox : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@twci.coremetrics[1].txt -> Spyware.Cookie.Coremetrics : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@ads.pointroll[4].txt -> Spyware.Cookie.Pointroll : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@2o7[3].txt -> Spyware.Cookie.2o7 : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@popunder.paypopup[2].txt -> Spyware.Cookie.Paypopup : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@servedby.advertising[3].txt -> Spyware.Cookie.Advertising : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@tribalfusion[5].txt -> Spyware.Cookie.Tribalfusion : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@tradedoubler[2].txt -> Spyware.Cookie.Tradedoubler : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@counter3.sextracker[2].txt -> Spyware.Cookie.Sextracker : Limpio con backup
C:\Documents and Settings\Andres\Cookies\andres@counter7.sextracker[3].txt -> Spyware.Cookie.Sextracker : Limpio con backup
C:\Archivos de programa\Siemens\GPRS\Siemens GPRS.exe -> Heuristic.Win32.Dialer : Limpio con backup



::Fin Report


2.2-After decompress the zip file


---------------------------------------------------------
ewido security suite - Report de exploración
---------------------------------------------------------


+ Creado en:        12:52:22, 22/07/2005
+ Report-Checksum:  174080E5


+ Scan result:


C:\Documents and Settings\Andres\Mis documentos\HDD_Regenerator_v1[1].41\bkg.exe -> TrojanDownloader.INService : Limpio con backup



::Fin Report

thanks in advance

Hi,
Open NotePad, and copy the contents of the below "Code" box:-

cd %windir%
cd System32
attrib -s -r -h WinDriv32.exe
del WinDriv32.exe

Go to File Menu > Save As, and save the file with the name Test.bat and exit from NotePad.

Download CWShredder and AboutBuster. Extract the AboutBuster ZIP file to a folder.

Now, close the Real Time scanner of Ewido and Trojan Hunter, and then run HijackThis.
Select these items in HijackThis:-

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
O4 - HKCU\..\Run: [WinDriv32] C:\WINDOWS\System32\WinDriv32.exe

Click "Fix Checked".

Next, reboot to safe mode. Run CWShredder and click "Fix". Next run AboutBuster and click "Begin Removal".

Double-Click on the file Test.bat, a small DOS type window should open and close immediately.

Reboot back to normal mode, and run HijackThis and post a fresh log. Also post whether CWShredder and AboutBuster found anything or not.

For the error in the Search feature, please download Windows Script and install it. Then check with the Search, and post back whether it's back to normal or not.

Hi!

Thanks again for your help.

The HJT log:
Logfile of HijackThis v1.99.1
Scan saved at 14:35:24, on 22/07/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Archivos de programa\Archivos comunes\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\atwtusb.exe
C:\Archivos de programa\Softick\PPP\PPPGate.exe
C:\Archivos de programa\Softick\CardExport\CardGate.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\svchost.exe
C:\Archivos de programa\TVTool 6.5\TVTool.exe
C:\Archivos de programa\ScanSoft\OmniPagePro11.0\opware32.exe
C:\ARCHIV~1\ZONELA~1\ZONEAL~1\zlclient.exe
C:\Archivos de programa\Archivos comunes\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Archivos de programa\Java\jre1.5.0_02\bin\jusched.exe
C:\Archivos de programa\ABBYY FineReader 7.0 Professional Edition\AbbyyNewsReader.exe
C:\Archivos de programa\Conceptronic\Software Bluetooth\bin\btwdins.exe
C:\Archivos de programa\Archivos comunes\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Archivos de programa\Archivos comunes\EPSON\EBAPI\SAgent2.exe
C:\Archivos de programa\Microsoft ActiveSync\WCESCOMM.EXE
C:\Archivos de programa\ewido\security suite\ewidoctrl.exe
C:\Archivos de programa\Wanadoo\USB ADSL Modem\dslmon.exe
C:\Archivos de programa\InterVideo\MSIPVS\WinScheduler.exe
C:\Archivos de programa\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Archivos de programa\Conceptronic\Software Bluetooth\BTTray.exe
C:\Archivos de programa\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Archivos de programa\TechniSat DVB\bin\Server4PC.exe
C:\Archivos de programa\Project1\Soltek_HM.exe
C:\Archivos de programa\Norton AntiVirus\navapsvc.exe
C:\Archivos de programa\Palm\HOTSYNC.EXE
C:\Archivos de programa\Palm\HandStory.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\webshots.scr
C:\Archivos de programa\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\svchost.exe
C:\ARCHIV~1\CONCEP~1\SOFTWA~1\BTSTAC~1.EXE
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\Archivos de programa\RealVNC\VNC4\WinVNC4.exe
C:\Archivos de programa\Archivos comunes\Symantec Shared\ccEvtMgr.exe
C:\Archivos de programa\Archivos comunes\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\System32\alg.exe
C:\Archivos de programa\Messenger\msmsgs.exe
C:\clean\hijackthis\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\archivos de programa\google\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Archivos de programa\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\ARCHIV~1\FLASHGET\fgiebar.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Archivos de programa\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\archivos de programa\google\googletoolbar2.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Archivos de programa\Archivos comunes\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [atwtusb] atwtusb.exe beta
O4 - HKLM\..\Run: [VOBRegCheck] C:\WINDOWS\System32\VOBREGCheck.exe -CheckReg
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe
O4 - HKLM\..\Run: [amouse] C:\Archivos de programa\Auto Mouse\automouse.exe
O4 - HKLM\..\Run: [SoftickPPP] "C:\Archivos de programa\Softick\PPP\PPPGate.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Archivos de programa\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CardGate] "C:\Archivos de programa\Softick\CardExport\CardGate.exe"
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [TVTool] "C:\Archivos de programa\TVTool 6.5\TVTool.exe"
O4 - HKLM\..\Run: [Omnipage] C:\Archivos de programa\ScanSoft\OmniPagePro11.0\opware32.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\ARCHIV~1\ZONELA~1\ZONEAL~1\zlclient.exe
O4 - HKLM\..\Run: [ccApp] "C:\Archivos de programa\Archivos comunes\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Archivos de programa\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [FineReader7NewsReaderPro] C:\Archivos de programa\ABBYY FineReader 7.0 Professional Edition\AbbyyNewsReader.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\ARCHIV~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [THGuard] "C:\Archivos de programa\TrojanHunter 4.2\THGuard.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\ARCHIV~1\YAHOO!\MESSEN~1\ypager.exe -quiet
O4 - HKCU\..\Run: [FreeMem Pro] "C:\ARCHIV~1\FREEME~1\Fmempro.exe" autostart
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Archivos de programa\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - Startup: Soltek HM.LNK = C:\Archivos de programa\Project1\Soltek_HM.exe
O4 - Startup: HotSync Manager.lnk = C:\Archivos de programa\Palm\HOTSYNC.EXE
O4 - Startup: HandStory.lnk = C:\Archivos de programa\Palm\HandStory.exe
O4 - Startup: Registration-InstantCopy.lnk = C:\Archivos de programa\InstantCD+DVD\SharedFiles\Pixie\RegTool.exe
O4 - Startup: Webshots.lnk = C:\Archivos de programa\Webshots\Launcher.exe
O4 - Global Startup: DSLMON.lnk = ?
O4 - Global Startup: InterVideo WinScheduler.lnk = C:\Archivos de programa\InterVideo\MSIPVS\WinScheduler.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Archivos de programa\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Archivos de programa\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Acrobat Assistant.lnk = C:\Archivos de programa\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Inicio rápido de Adobe Reader.lnk = C:\Archivos de programa\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Server4PC.lnk = C:\Archivos de programa\TechniSat DVB\bin\Server4PC.exe
O8 - Extra context menu item: &Google Search - res://c:\archivos de programa\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Save To Palm - C:\Archivos de programa\Palm\HandStoryME.htm
O8 - Extra context menu item: Backward Links - res://c:\archivos de programa\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: C&lip To Palm - C:\Archivos de programa\Palm\HandStoryMEC.htm
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\archivos de programa\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Download All by FlashGet - C:\Archivos de programa\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Archivos de programa\FlashGet\jc_link.htm
O8 - Extra context menu item: Enviar a &Bluetooth - C:\Archivos de programa\Conceptronic\Software Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: Similar Pages - res://c:\archivos de programa\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Sothink SWF Catcher - C:\Archivos de programa\Archivos comunes\SourceTec\SWF Catcher\InternetExplorer.htm
O8 - Extra context menu item: Translate into English - res://c:\archivos de programa\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Crear un favorito móvil - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Archivos de programa\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Archivos de programa\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Crear un favorito móvil... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Archivos de programa\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Save To Palm - {6C8741AB-53B4-476e-BE7C-F519AD8A6494} - C:\Archivos de programa\Palm\HandStoryTE.htm
O9 - Extra 'Tools' menuitem: &Save To Palm - {6C8741AB-53B4-476e-BE7C-F519AD8A6494} - C:\Archivos de programa\Palm\HandStoryTE.htm
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Archivos de programa\Conceptronic\Software Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Archivos de programa\Conceptronic\Software Bluetooth\btsendto_ie.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\ARCHIV~1\FLASHGET\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\ARCHIV~1\FLASHGET\flashget.exe
O9 - Extra button: SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Archivos de programa\Archivos comunes\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Archivos de programa\Archivos comunes\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\ARCHIV~1\YAHOO!\MESSEN~1\YPAGER.EXE
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\ARCHIV~1\YAHOO!\MESSEN~1\YPAGER.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-24.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {C1BAC744-8F0B-11D0-89E7-00C0A8295197} (Cameractl Class) - http://www.crtvg.es/camweb/camera.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Archivos de programa\Conceptronic\Software Bluetooth\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Archivos de programa\Archivos comunes\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Archivos de programa\Archivos comunes\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Archivos de programa\Archivos comunes\Symantec Shared\ccSetMgr.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Archivos de programa\Archivos comunes\EPSON\EBAPI\SAgent2.exe
O23 - Service: ewido security suite control - ewido networks - C:\Archivos de programa\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Archivos de programa\ewido\security suite\ewidoguard.exe
O23 - Service: LogoMedia TranslateDotNet Server - LogoMedia Corporation - C:\Archivos de programa\Power Translator\LogoMedia TranslateDotNet Server.exe
O23 - Service: Servicio Auto-Protect de Norton AntiVirus (navapsvc) - Symantec Corporation - C:\Archivos de programa\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Archivos de programa\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\ARCHIV~1\ARCHIV~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Archivos de programa\Archivos comunes\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Archivos de programa\Archivos comunes\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZONELABS\vsmon.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Archivos de programa\RealVNC\VNC4\WinVNC4.exe" -service (file missing)
------------
In safe mode i ran the test.bat witout prblems,cwshredder and AboutBuster gave no action.The las one gave me a log, but CwShredder didn´t

AboutBuster log:
AboutBuster 5.0 reference file 28
Scan started on [22/07/2005] at [14:15:19]
------------------------------------------------
Streams(ADS) not scanned: System not NTFS
------------------------------------------------
No Files Found!
------------------------------------------------
Scan was COMPLETED SUCCESSFULLY at 14:15:59

----------

After installing Windows Script, still same problem.No find box as you can see in this image:

Ah!! and Still no internet connection on some websites (Syntax not Valid).But all other programs seems to work ok:Firefox, Emule,Free Agent,etc

Hi,
Please follow the stpes provided here. After this, check with the Search box.

Open NotePad, and copy the contents of the below "Quote" box:-

regedit /e test1.txt "HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main"
regedit /e test2.txt "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main"
copy test1.txt + test2.txt = info.txt
del test1.txt
del test2.txt

Go to File Menu > Save As, and save the file with the name Test.bat and exit from NotePad.

Double-Click on the file Test.bat, a small DOS type window should open and close immediately.
After this, there would be a file called Info.txt in the same location where Test.bat was present. Open the Info.txt and post it's contents here.

Hi again!

I have realized that every time i write an URl that give me a "Syntax not Valid"... If i left the cursor over the URL BOX i can see how the cursor changes from a sanddclock...to something with three little dots in a semicircle.Form a small one, the a medium one and finaly a great one.In thios colors.blue,yelow and red.this item dissappears as soon as the syntax error appears.I mean you can see it only when the system it´s "thinking" the url

It´s a pitty but I don´t know how to catch this, as Print Screen does not cath the cursor.

Hope this helps.

Hi again!

This is the info file

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Enable_Disk_Cache"="yes"
"Cache_Percent_of_Disk"=hex:0a,00,00,00
"Delete_Temp_Files_On_Exit"="yes"
"Local Page"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
62,00,6c,00,61,00,6e,00,6b,00,2e,00,68,00,74,00,6d,00,00,00
"Anchor_Visitation_Horizon"=hex:01,00,00,00
"Use_Async_DNS"="yes"
"Placeholder_Width"=hex:1a,00,00,00
"Placeholder_Height"=hex:1a,00,00,00
"Start Page"="http://www.msn.com/"
"CompanyName"="Microsoft Corporation"
"Custom_Key"="MICROSO"
"Wizard_Version"="6.0.2600.0000"
"FullScreen"="no"
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\ErrorThresholds]
"400"=dword:00000200
"403"=dword:00000100
"404"=dword:00000200
"405"=dword:00000100
"406"=dword:00000200
"408"=dword:00000200
"409"=dword:00000200
"410"=dword:00000100
"500"=dword:00000200
"501"=dword:00000200
"505"=dword:00000200

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]
"WMPlayer.exe"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]
@=""
"iexplore.exe"=dword:00000001
"explorer.exe"=dword:00000001
"msimn.exe"=dword:00000001
"*"=dword:00000001
"infopath.exe"=dword:00000000
"msn6.exe"=dword:00000000
"WMPlayer.exe"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]
@=""
"SAPLOGON.exe"=dword:00000000
"SAPfewgsrv.exe"=dword:00000000
"iexplore.exe"=dword:00000001
"explorer.exe"=dword:00000001
"msimn.exe"=dword:00000001
"*"=dword:00000001
"WMPlayer.exe"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]
"WMPlayer.exe"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]
@=""
"iexplore.exe"=dword:00000001
"explorer.exe"=dword:00000001
"msimn.exe"=dword:00000001
"wmplayer.exe"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]
@=""
"iexplore.exe"=dword:00000001
"explorer.exe"=dword:00000001
"msimn.exe"=dword:00000001
"WMPlayer.exe"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]
@=""
"iexplore.exe"=dword:00000001
"explorer.exe"=dword:00000001
"msimn.exe"=dword:00000001
"WMPlayer.exe"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]
@=""
"iexplore.exe"=dword:00000001
"explorer.exe"=dword:00000001
"msimn.exe"=dword:00000001
"WMPlayer.exe"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]
@=""
"iexplore.exe"=dword:00000000
"explorer.exe"=dword:00000000
"WMPlayer.exe"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]
"WMPlayer.exe"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]
"WMPlayer.exe"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]
@=""
"iexplore.exe"=dword:00000001
"explorer.exe"=dword:00000001
"WMPlayer.exe"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]
"WMPlayer.exe"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]
"WMPlayer.exe"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]
"WMPlayer.exe"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]
@=""
"iexplore.exe"=dword:00000001
"explorer.exe"=dword:00000001
"msimn.exe"=dword:00000001
"WMPlayer.exe"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]
@=""
"iexplore.exe"=dword:00000001
"explorer.exe"=dword:00000001
"msimn.exe"=dword:00000001
"WMPlayer.exe"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]
@=""
"iexplore.exe"=dword:00000001
"explorer.exe"=dword:00000001
"msimn.exe"=dword:00000001
"WMPlayer.exe"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\UrlTemplate]
"1"="www.%s.com"
"2"="www.%s.org"
"3"="www.%s.net"
"4"="www.%s.edu"

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"NoUpdateCheck"=dword:00000001
"NoJITSetup"=dword:00000001
"Disable Script Debugger"="yes"
"Show_ChannelBand"="No"
"Anchor Underline"="yes"
"Cache_Update_Frequency"="Once_Per_Session"
"Display Inline Images"="yes"
"Do404Search"=hex:01,00,00,00
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Save_Session_History_On_Exit"="no"
"Show_FullURL"="no"
"Show_StatusBar"="yes"
"Show_ToolBar"="yes"
"Show_URLinStatusBar"="yes"
"Show_URLToolBar"="yes"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Use_DlgBox_Colors"="yes"
"FullScreen"="no"
"Window_Placement"=hex:2c,00,00,00,02,00,00,00,03,00,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,cb,00,00,00,1d,00,00,00,eb,03,00,00,6b,02,00,\
00
"NotifyDownloadComplete"="no"
"Página de búsqueda"="http://www.msn.com/access/allinone.asp"
"Página de inicio"="http://www.microsoft.com/msoffice/"
"Use FormSuggest"="no"
"Error Dlg Displayed On Every Error"="no"
"Error Dlg Details Pane Open"="yes"
"AddToFavoritesExpanded"=dword:00000001
"Save Directory"="C:\\Documents and Settings\\Andres\\Mis documentos\\Libros\\"
"Use_DlgBox_Colors_Complete"="1"
"Use_DlgBox_Colors_Failed"="9"
"Use_DlgBox_Colors_Error"="2"
"HistoryViewType"=hex:00,00
"Use Search Asst"="no"
"Expand Alt Text"="no"
"Move System Caret"="no"
"NscSingleExpand"=dword:00000001
"Force Offscreen Composition"=dword:00000000
"FavIntelliMenus"="no"
"UseThemes"=dword:00000001
"Enable Browser Extensions"="yes"
"NoWebJITSetup"=dword:00000001
"Page_Transitions"=dword:00000001
"AllowWindowReuse"=dword:00000001
"ShowGoButton"="yes"
"Friendly http errors"="yes"
"SmoothScroll"=dword:00000001
"Print_Background"="no"
"Play_Animations"="yes"
"Enable_MyPics_Hoverbar"="yes"
"Enable AutoImageResize"="yes"
"Show image placeholders"=dword:00000000
"Display Inline Videos"="yes"
"Play_Background_Sounds"="yes"
"FormSuggest PW Ask"="no"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Bar"="http://www.google.com/ie"
"StatusBarOther"=dword:00000001

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\Settings]
"LOCALMACHINE_CD_UNLOCK"=dword:00000000

I´m trying the search tips, but the method 1 it´s not working.now I´m going to test the second one.

thanks in advance.

Hi,
Open NotePad, and copy the contents of the below "Quote" box:-

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]
"iexplore.exe"=dword:00000000
"explorer.exe"=dword:00000000

Go to File Menu > Save As, and save the file with the name Fix.reg and exit from NotePad.

Double-Click on the file Fix.reg and choose "Yes" to merge it with Registry.

Reboot your PC, and check for the "Invalid Syntax" error message in Internet Explorer, and post back the results.

Hi and thanks for your time!

I´m afraid i made a mistake.. a made a *.bat file... and open an eplorer window.I said this because after i realize that the file was a *.REG.. a change the extension. and was added to the registry, but the syntax error continues :-(

It´s really strange.I can sufr almost any direction in internet, but someones not!! .Really strange.I can´t go to www.yahoo.com, www.google.com,www.altavista.com,www.cnn.com....strange...and the most rare thing it´s the change in the icon.. .with this little 3 color dots..

Humm..ejem... perhaps i may abuse your kind..but i don´t know how to make the method number 2 of the search tip from microsoft.I mean i can reach the variable in the register, but i don´t know what to change...could you help me with this...

I also found this info about the "open in new window" problem i have.
http://support.microsoft.com/default.aspx?scid=kb;es;180176
Sorry..in spanish.. but doesn´t work. I get an error while register actxproxy.dll and pdm32.dll

i also found this link... this time in english, but doesn´t work...http://www.cybertechhelp.com/forums/showthread.php?t=46100

the guy have Xp and said to put this line..C:\WINNT\System32\WScript.exe "%1" %*

UFFF!!..almost imposible to restore my system...I thnik everything must be something about the java machine.I have a virus in one file.. and after desinfection.. all this happen.I have Sun java..

Help in advance

WOOOWWWW!!!

Finally i get resolved the Sytax error...

It´s really funny.. i was looking for a solution to "open in new window" problem...and found this link:

http://support.microsoft.com/default.aspx?scid=kb;EN-US;Q281679

And VOILA!!! only this line "regsvr32 urlmon.dll" solves BOTH problems.

Now i can sufr WITHOUT problem in any site, and when open in new window.. the windowsa appears with content.

Really Wiondows it´s Amazing....

Bur Still present the problem with the find (search) window.

Thanks in advance.. and hope solve this last little problem...

Hi,
Copy the below contents to NotePad:-

regedit /e test1.txt "HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{f414c260-6ac0-11cf-b6d1-00aa00bbbb58}\In procServer32"
regedit /e test2.txt "HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{f414c261-6ac0-11cf-b6d1-00aa00bbbb558}\In procServer32"
regedit /e test3.txt "HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{f414c262-6ac0-11cf-b6d1-00aa00bbbb558}\In procServer32"
copy test1.txt + test2.txt + test3.txt = info.txt
del test1.txt
del test2.txt
del test3.txt

Go to File > Save As and save it as IE.BAT and exit from NotePad. Double-click on this file and after few seconds it closes by itself. It gives a text file named Info.txt, please post it's contents here.

After this, open Internet Explorer, go to Tools Menu > Internet Options. Here click "Programs" tab, and click "Reset Web Settings". After this, close IE. Go to Control Panel, here double-click on Add/Remove Programs, and unisntall (remove) the Java Runtime Environment (JRE).

Download latest Java Runtime Environment and install it.

Restart your PC, check for Internet Explorer errors and also "Open in new window" problem, and please post back.

Hi swatkat!!

But i have solved... (i think) the problem of Syntax not valid and Open in new window.

Right now, i´m writing form IE 6

The only remain problem it´s the Search Window....

Hope to resolve this soon...with your help!

Hi,
Happy to hear that, some of the problems are gone! Please run the UE.BAT file. as said in my previous post, and post the contents of the Info.txt file.

YEAHHH!!!!!

FINALLY WE GOT!!! now i have Search Working again!!!

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Enable_Disk_Cache"="yes"
"Cache_Percent_of_Disk"=hex:0a,00,00,00
"Delete_Temp_Files_On_Exit"="yes"
"Local Page"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
62,00,6c,00,61,00,6e,00,6b,00,2e,00,68,00,74,00,6d,00,00,00
"Anchor_Visitation_Horizon"=hex:01,00,00,00
"Use_Async_DNS"="yes"
"Placeholder_Width"=hex:1a,00,00,00
"Placeholder_Height"=hex:1a,00,00,00
"Start Page"="http://www.msn.com/"
"CompanyName"="Microsoft Corporation"
"Custom_Key"="MICROSO"
"Wizard_Version"="6.0.2600.0000"
"FullScreen"="no"
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\ErrorThresholds]
"400"=dword:00000200
"403"=dword:00000100
"404"=dword:00000200
"405"=dword:00000100
"406"=dword:00000200
"408"=dword:00000200
"409"=dword:00000200
"410"=dword:00000100
"500"=dword:00000200
"501"=dword:00000200
"505"=dword:00000200

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]
"WMPlayer.exe"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]
@=""
"iexplore.exe"=dword:00000001
"explorer.exe"=dword:00000001
"msimn.exe"=dword:00000001
"*"=dword:00000001
"infopath.exe"=dword:00000000
"msn6.exe"=dword:00000000
"WMPlayer.exe"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]
@=""
"SAPLOGON.exe"=dword:00000000
"SAPfewgsrv.exe"=dword:00000000
"iexplore.exe"=dword:00000001
"explorer.exe"=dword:00000001
"msimn.exe"=dword:00000001
"*"=dword:00000001
"WMPlayer.exe"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]
"WMPlayer.exe"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]
@=""
"iexplore.exe"=dword:00000001
"explorer.exe"=dword:00000001
"msimn.exe"=dword:00000001
"wmplayer.exe"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]
@=""
"iexplore.exe"=dword:00000001
"explorer.exe"=dword:00000001
"msimn.exe"=dword:00000001
"WMPlayer.exe"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]
@=""
"iexplore.exe"=dword:00000001
"explorer.exe"=dword:00000001
"msimn.exe"=dword:00000001
"WMPlayer.exe"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]
@=""
"iexplore.exe"=dword:00000001
"explorer.exe"=dword:00000001
"msimn.exe"=dword:00000001
"WMPlayer.exe"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]
@=""
"iexplore.exe"=dword:00000000
"explorer.exe"=dword:00000000
"WMPlayer.exe"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]
"WMPlayer.exe"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]
"WMPlayer.exe"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]
@=""
"iexplore.exe"=dword:00000001
"explorer.exe"=dword:00000001
"WMPlayer.exe"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]
"WMPlayer.exe"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]
"WMPlayer.exe"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]
"WMPlayer.exe"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]
@=""
"iexplore.exe"=dword:00000001
"explorer.exe"=dword:00000001
"msimn.exe"=dword:00000001
"WMPlayer.exe"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]
@=""
"iexplore.exe"=dword:00000001
"explorer.exe"=dword:00000001
"msimn.exe"=dword:00000001
"WMPlayer.exe"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]
@=""
"iexplore.exe"=dword:00000001
"explorer.exe"=dword:00000001
"msimn.exe"=dword:00000001
"WMPlayer.exe"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\UrlTemplate]
"1"="www.%s.com"
"2"="www.%s.org"
"3"="www.%s.net"
"4"="www.%s.edu"

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"NoUpdateCheck"=dword:00000001
"NoJITSetup"=dword:00000001
"Disable Script Debugger"="yes"
"Show_ChannelBand"="No"
"Anchor Underline"="yes"
"Cache_Update_Frequency"="Once_Per_Session"
"Display Inline Images"="yes"
"Do404Search"=hex:01,00,00,00
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Save_Session_History_On_Exit"="no"
"Show_FullURL"="no"
"Show_StatusBar"="yes"
"Show_ToolBar"="yes"
"Show_URLinStatusBar"="yes"
"Show_URLToolBar"="yes"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Use_DlgBox_Colors"="yes"
"FullScreen"="no"
"Window_Placement"=hex:2c,00,00,00,02,00,00,00,03,00,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,cb,00,00,00,1d,00,00,00,eb,03,00,00,6b,02,00,\
00
"NotifyDownloadComplete"="no"
"Página de búsqueda"="http://www.msn.com/access/allinone.asp"
"Página de inicio"="http://www.microsoft.com/msoffice/"
"Use FormSuggest"="no"
"Error Dlg Displayed On Every Error"="no"
"Error Dlg Details Pane Open"="yes"
"AddToFavoritesExpanded"=dword:00000001
"Save Directory"="C:\\Documents and Settings\\Andres\\Mis documentos\\Libros\\"
"Use_DlgBox_Colors_Complete"="1"
"Use_DlgBox_Colors_Failed"="9"
"Use_DlgBox_Colors_Error"="2"
"HistoryViewType"=hex:00,00
"Use Search Asst"="no"
"Expand Alt Text"="no"
"Move System Caret"="no"
"NscSingleExpand"=dword:00000001
"Force Offscreen Composition"=dword:00000000
"FavIntelliMenus"="no"
"UseThemes"=dword:00000001
"Enable Browser Extensions"="yes"
"NoWebJITSetup"=dword:00000001
"Page_Transitions"=dword:00000001
"AllowWindowReuse"=dword:00000001
"ShowGoButton"="yes"
"Friendly http errors"="yes"
"SmoothScroll"=dword:00000001
"Print_Background"="no"
"Play_Animations"="yes"
"Enable_MyPics_Hoverbar"="yes"
"Enable AutoImageResize"="yes"
"Show image placeholders"=dword:00000000
"Display Inline Videos"="yes"
"Play_Background_Sounds"="yes"
"FormSuggest PW Ask"="no"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Bar"="http://www.google.com/ie"
"StatusBarOther"=dword:00000001

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\Settings]
"LOCALMACHINE_CD_UNLOCK"=dword:00000000

---------

Really thanks thanks a lot !!!

Hi :) ,
Is the Search box back again? Then we dont need any registry editing now.

Hi :) ,
Is the Search box back again? Then we dont need any registry editing now.

Yeah!! :-)

After running the ie.bat the search works again!!!

Thanks a lot Swatkat!!! Really thanks a lot!

One question.Could you tell me some websites or books where i can learn about all this things....???

Bye and best wishes from Spain!!!

Hi SwatKat again..

I´m afraid the info.txt i had sent you it´s the same that after running "test.bat" file.

As I look at the time and the file is 22:57 and right now it´s 13:28

If you need thsi file i could run again the ie.bat file if you like.

Thanks in advance!

Hi Andy25,
I knew that you posted different file :D. But, since the Search box is back ( by the method of registering the files as given in that Microsoft article ), i thought that registry edit is not necessary.
Since you are not having any problems with Search window, that file is not necessary now :D

Hi again! :-)

Well.. after trying a lot of things in IE 6 i had found that the Java must we bad...

I mean, i can´t see SOME java webcams online.. like this site:

http://www.crtvg.es/camweb/priportadaeleccion.htm

and choose any webcam (a coruna is were i live) i only can see a window whith the icon of a broken link to an image...but in firefox works great.No problem in firefox...

But the strange thing is that this other webcam

http://www.earthcam.com/usa/california/venicebeach/

load perfect in IE 6!!!...really strange...

I must said that i have uninstalled JVE and reinstalled it again and reconstructed in the file asociation the item "open with the system symbol" in the Js and JSE file types...as i had erased both asociations...

any idea???

thanks in advance