Hola a todos...
Tengo un problema con Spyware, me cambia la pagina de inicio y me introduce paginas en mis favoritos. Publico el login de Ad-Aware para ver si me podeis ayudar. Muchas gracias por adelantado.
Lavasoft Ad-aware Personal Build 6.181
Logfile creado:martes, 08 de junio de 2004 17:24:57
Created with Ad-aware Personal, free for private use.
Usando archivo de referencia:01R315 06.06.2004
______________________________________________________
Reffile status:
=========================
archivo de la referencia cargado:
Reference Number : 01R315 06.06.2004
Internal build : 247
File location : D:\Util\Ad-ware\Ad-aware 6\reflist.ref
Total size : 1211780 Bytes
Signature data size : 1191581 Bytes
Reference data size : 20135 Bytes
Signatures total : 26553
Target categories : 10
Target families : 493
Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium II
Memory available:26 %
Total physical memory:196148 kb
Available physical memory:49112 kb
Total page file size:479116 kb
Available on page file:312332 kb
Total virtual memory:2097024 kb
Available virtual memory:2041172 kb
OS:
Ad-aware Settings
=========================
Juego : Activar escaneo en profundidad
Juego : Modo seguro (siempre pide una confirmación)
Juego : Escanear procesos activos
Juego : Escanear registro
Juego : Escanear registro a fondo
Juego : Escanear Favorito de IE para los sitios prohibidos
Juego : Escanear dentro de los archivos
Juego : Scan my Hosts file
Extended Ad-aware Settings
=========================
Juego : Unload recognized processes during scanning
Juego : Run scan as background process (Low CPU usage)
Juego : Include basic Ad-aware settings in logfile
Juego : Include additional Ad-aware settings in logfile
Juego : Let windows remove files in use at next reboot
Juego : Delete quarantined objects after restoring
Juego : Always back up reference file, before updating
Juego : Play sound if scan produced a result
08-06-2004 17:24:57 - Scan started. (Custom mode)
Listando procesos activos
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ThreadCreationTime : 08-06-2004 15:00:17
BasePriority : Normal
#:2 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ThreadCreationTime : 08-06-2004 15:01:03
BasePriority : High
#:3 [services.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 08-06-2004 15:01:04
BasePriority : Normal
FileSize : 99 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
Copyright : Copyright (C) Microsoft Corporation. Reservados todos los derechos.
CompanyName : Microsoft Corporation
FileDescription : Aplicaci
InternalName : services.exe
OriginalFilename : services.exe
ProductName : Sistema operativo Microsoft
Created on : 24/08/2001 8:00:00
Last accessed : 07/06/2004 22:00:00
Last modified : 24/08/2001 8:00:00
#:4 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 08-06-2004 15:01:04
BasePriority : Normal
FileSize : 11 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
OriginalFilename : lsass.exe
ProductName : Microsoft
Created on : 24/08/2001 8:00:00
Last accessed : 07/06/2004 22:00:00
Last modified : 24/08/2001 8:00:00
#:5 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 08-06-2004 15:01:06
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 24/08/2001 8:00:00
Last accessed : 07/06/2004 22:00:00
Last modified : 24/08/2001 8:00:00
#:6 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 08-06-2004 15:01:07
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 24/08/2001 8:00:00
Last accessed : 07/06/2004 22:00:00
Last modified : 24/08/2001 8:00:00
#:7 [explorer.exe]
FilePath : C:\WINDOWS\
ThreadCreationTime : 08-06-2004 15:01:12
BasePriority : Normal
FileSize : 980 KB
FileVersion : 6.00.2600.0000 (xpclient.010817-1148)
ProductVersion : 6.00.2600.0000
CompanyName : Microsoft Corporation
FileDescription : Explorador de Windows
InternalName : explorer
OriginalFilename : EXPLORER.EXE
ProductName : Sistema operativo Microsoft
Created on : 24/08/2001 8:00:00
Last accessed : 07/06/2004 22:00:00
Last modified : 24/08/2001 8:00:00
#:8 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 08-06-2004 15:01:12
BasePriority : Normal
FileSize : 50 KB
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
OriginalFilename : spoolsv.exe
ProductName : Microsoft
Created on : 24/08/2001 8:00:00
Last accessed : 07/06/2004 22:00:00
Last modified : 24/08/2001 8:00:00
#:9 [ccevtmgr.exe]
FilePath : C:\Archivos de programa\Archivos comunes\Symantec Shared\
ThreadCreationTime : 08-06-2004 15:01:12
BasePriority : Normal
FileSize : 309 KB
FileVersion : 1.03.4
ProductVersion : 1.03.4
Copyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Event Manager Service
InternalName : ccEvtMgr
OriginalFilename : ccEvtMgr.exe
ProductName : Event Manager
Created on : 29/02/2004 15:56:23
Last accessed : 07/06/2004 22:00:00
Last modified : 03/12/2002 15:22:12
#:10 [ccapp.exe]
FilePath : C:\Archivos de programa\Archivos comunes\Symantec Shared\
ThreadCreationTime : 08-06-2004 15:01:14
BasePriority : Normal
FileSize : 54 KB
FileVersion : 1.08.01
ProductVersion : 1.08.01
Copyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Common Client CC App
InternalName : ccApp
OriginalFilename : ccApp.exe
ProductName : Common Client
Created on : 02/04/2004 15:55:31
Last accessed : 07/06/2004 22:00:00
Last modified : 15/07/2003 12:58:08
#:11 [winampa.exe]
FilePath : C:\Archivos de programa\Winamp\
ThreadCreationTime : 08-06-2004 15:01:15
BasePriority : Normal
FileSize : 33 KB
Created on : 12/12/2003 23:50:34
Last accessed : 07/06/2004 22:00:00
Last modified : 12/12/2003 23:50:36
#:12 [realsched.exe]
FilePath : C:\Archivos de programa\Archivos comunes\Real\Update_OB\
ThreadCreationTime : 08-06-2004 15:01:15
BasePriority : Normal
FileSize : 176 KB
FileVersion : 0.1.0.3018
ProductVersion : 0.1.0.3018
Copyright : Copyright
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
OriginalFilename : realsched.exe
ProductName : RealPlayer (32-bit)
Created on : 09/04/2004 16:59:32
Last accessed : 07/06/2004 22:00:00
Last modified : 09/04/2004 16:59:34
#:13 [zlclient.exe]
FilePath : C:\Archivos de programa\Zone Labs\ZoneAlarm\
ThreadCreationTime : 08-06-2004 15:01:15
BasePriority : Normal
FileSize : 677 KB
FileVersion : 4.5.594.000
ProductVersion : 4.5.594.000
Copyright : Copyright
CompanyName : Zone Labs Inc.
FileDescription : Zone Labs Client
InternalName : zlclient
OriginalFilename : zlclient.exe
ProductName : Zone Labs Client
Created on : 04/05/2004 15:52:28
Last accessed : 07/06/2004 22:00:00
Last modified : 01/04/2004 7:30:04
#:14 [dllhelp.exe]
FilePath : C:\windows\
ThreadCreationTime : 08-06-2004 15:01:16
BasePriority : Normal
FileSize : 33 KB
Created on : 06/06/2004 16:03:59
Last accessed : 07/06/2004 22:00:00
Last modified : 06/06/2004 16:04:00
#:15 [navapsvc.exe]
FilePath : C:\Archivos de programa\Norton AntiVirus\
ThreadCreationTime : 08-06-2004 15:01:29
BasePriority : Normal
FileSize : 113 KB
FileVersion : 9.05.1015
ProductVersion : 9.05.1015
Copyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
OriginalFilename : NAVAPSVC.EXE
ProductName : Norton AntiVirus
Created on : 28/02/2004 16:21:22
Last accessed : 07/06/2004 22:00:00
Last modified : 21/11/2002 8:14:18
#:16 [nvsvc32.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 08-06-2004 15:01:29
BasePriority : Normal
FileSize : 76 KB
FileVersion : 6.14.10.5303
ProductVersion : 6.14.10.5303
Copyright : (C) NVIDIA Corporation. All rights reserved.
CompanyName : NVIDIA Corporation
FileDescription : NVIDIA Driver Helper Service, Version 53.03
InternalName : NVSVC
OriginalFilename : nvsvc32.exe
ProductName : NVIDIA Driver Helper Service, Version 53.03
Created on : 17/11/2003 8:33:00
Last accessed : 07/06/2004 22:00:00
Last modified : 17/11/2003 8:33:00
#:17 [outpost.exe]
FilePath : C:\ARCHIV~1\AGNITUM\OUTPOS~1.0\
ThreadCreationTime : 08-06-2004 15:01:29
BasePriority : Normal
FileSize : 77 KB
FileVersion : 1.0.242
ProductVersion : 1.0
Copyright : (C) Agnitum, 1999-2001
CompanyName : Agnitum
FileDescription : Outpost Firewall main module
InternalName : Outpost Firewall
OriginalFilename : outpost.exe
ProductName : Outpost Firewall
Created on : 29/02/2004 15:30:51
Last accessed : 07/06/2004 22:00:00
Last modified : 14/06/2002 14:20:36
#:18 [vsmon.exe]
FilePath : C:\WINDOWS\system32\ZONELABS\
ThreadCreationTime : 08-06-2004 15:01:33
BasePriority : Normal
FileSize : 805 KB
FileVersion : 4.5.594.000
ProductVersion : 4.5.594.000
Copyright : Copyright
CompanyName : Zone Labs Inc.
FileDescription : TrueVector Service
InternalName : vsmon
OriginalFilename : vsmon.exe
ProductName : TrueVector Service
Created on : 04/05/2004 15:52:18
Last accessed : 07/06/2004 22:00:00
Last modified : 01/04/2004 7:29:14
#:19 [iexplore.exe]
FilePath : C:\Archivos de programa\Internet Explorer\
ThreadCreationTime : 08-06-2004 15:02:53
BasePriority : Normal
FileSize : 89 KB
FileVersion : 6.00.2600.0000 (xpclient.010817-1148)
ProductVersion : 6.00.2600.0000
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
OriginalFilename : IEXPLORE.EXE
ProductName : Sistema operativo Microsoft
Created on : 28/02/2004 15:09:12
Last accessed : 07/06/2004 22:00:00
Last modified : 24/08/2001 9:00:00
#:20 [ad-aware.exe]
FilePath : D:\Util\Ad-ware\Ad-aware 6\
ThreadCreationTime : 08-06-2004 15:09:48
BasePriority : Idle
FileSize : 668 KB
FileVersion : 6.0.1.181
ProductVersion : 6.0.0.0
Copyright : Copyright
CompanyName : Lavasoft Sweden
FileDescription : Ad-aware 6 core application
InternalName : Ad-aware.exe
OriginalFilename : Ad-aware.exe
ProductName : Lavasoft Ad-aware Plus
Created on : 06/06/2004 18:15:59
Last accessed : 07/06/2004 22:00:00
Last modified : 12/07/2003 20:00:20
#:21 [msmsgs.exe]
FilePath : C:\Archivos de programa\Messenger\
ThreadCreationTime : 08-06-2004 15:24:30
BasePriority : Normal
FileSize : 1456 KB
FileVersion : 4.7.2009
ProductVersion : Version 4.7
Copyright : Copyright (c) Microsoft Corporation 1997-2003
CompanyName : Microsoft Corporation
FileDescription : Messenger
InternalName : msmsgs
OriginalFilename : msmsgs.exe
ProductName : Messenger
Created on : 14/04/2003 17:30:14
Last accessed : 07/06/2004 22:00:00
Last modified : 14/04/2003 17:30:14
Resultados Escaneo de la memoria:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Nuevos objetos: 0
Objetos encontrados hasta ahora: 0
Inicio escaneo del Registro
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Resultados Escaneo del registro:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Nuevos objetos: 0
Objetos encontrados hasta ahora: 0
Inicio escaneo profundo del Registro
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Posible secuestro del navegador : Software\Microsoft\Internet Explorer\MainSearch Page/your-searcher.com
Possible Browser Hijack attempt Objeto reconocido!
Tipo : RegFecha
Fecha : "
http://your-searcher.com/index.htm"
Categoria : Data Miner
Comentario : Posible secuestro del navegador
Rootkey : HKEY_CURRENT_USER
Objeto : Software\Microsoft\Internet Explorer\Main
Valor : Search Page
Fecha : "
http://your-searcher.com/index.htm"
Posible secuestro del navegador : Software\Microsoft\Internet Explorer\MainStart Page/your-searcher.com
Possible Browser Hijack attempt Objeto reconocido!
Tipo : RegFecha
Fecha : "
http://your-searcher.com/index.htm"
Categoria : Data Miner
Comentario : Posible secuestro del navegador
Rootkey : HKEY_CURRENT_USER
Objeto : Software\Microsoft\Internet Explorer\Main
Valor : Start Page
Fecha : "
http://your-searcher.com/index.htm"
Posible secuestro del navegador : Software\Microsoft\Internet Explorer\MainSearch Bar/your-searcher.com
Possible Browser Hijack attempt Objeto reconocido!
Tipo : RegFecha
Fecha : "
http://your-searcher.com/sp.htm"
Categoria : Data Miner
Comentario : Posible secuestro del navegador
Rootkey : HKEY_CURRENT_USER
Objeto : Software\Microsoft\Internet Explorer\Main
Valor : Search Bar
Fecha : "
http://your-searcher.com/sp.htm"
Posible secuestro del navegador : Software\Microsoft\Internet Explorer\SearchURL/your-searcher.com
Possible Browser Hijack attempt Objeto reconocido!
Tipo : RegFecha
Fecha : "
http://your-searcher.com/index.htm"
Categoria : Data Miner
Comentario : Posible secuestro del navegador
Rootkey : HKEY_CURRENT_USER
Objeto : Software\Microsoft\Internet Explorer\SearchURL
Valor :
Fecha : "
http://your-searcher.com/index.htm"
Posible secuestro del navegador : Software\Microsoft\Internet Explorer\SearchSearchAssistant/your-searcher.com
Possible Browser Hijack attempt Objeto reconocido!
Tipo : RegFecha
Fecha : "
http://your-searcher.com/sp.htm"
Categoria : Data Miner
Comentario : Posible secuestro del navegador
Rootkey : HKEY_LOCAL_MACHINE
Objeto : Software\Microsoft\Internet Explorer\Search
Valor : SearchAssistant
Fecha : "
http://your-searcher.com/sp.htm"
Resultados Escaneo Profundo del registro:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Nuevos objetos: 5
Objetos encontrados hasta ahora: 5
Escaneando y examinando archivos en profundidad (C:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Resultados Escaneo del disco: C:\
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Nuevos objetos: 0
Objetos encontrados hasta ahora: 5
Escaneando y examinando archivos en profundidad (D:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Resultados Escaneo del disco: D:\
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Nuevos objetos: 0
Objetos encontrados hasta ahora: 5
17:48:26 Escan detenido por el usuario.
Resumen Del escaneo
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Total tiempo escaneo:00:23:28:24
Objetos Escaneados:69023
Objetos identificados:5
Objetos ignorados:0
Nuevos objetos:5