Aquí estoy de nuevo:
1. Problema: Imposible bajarme esta actualización, Windows XP Service Pack 1 (Express)* , vamos a tener que seguir adelante con lo que hay. Los controladores los he actualizado y en estos momentos ya no queda nada que actualizar.
2. En el primer repaso que hice con el Ad aware 181 borré los 183 elementos encontrados, pero en el segundo repaso y siguiendo directrices que le había leído en otros mensajes, no he borrado los 5 elementos encontrados.
Este es el resultado, espero no haberme equivocado esta vez:
Lavasoft Ad-aware Personal Build 6.181
Logfile creado:domingo, 16 de mayo de 2004 19:51:41
Created with Ad-aware Personal, free for private use.
Usando archivo de referencia:01R304 16.05.2004
______________________________________________________
Reffile status:
=========================
archivo de la referencia cargado:
Reference Number : 01R304 16.05.2004
Internal build : 236
File location : C:\ARCHIV~1\Lavasoft\AD-AWA~1\reflist.ref
Total size : 1116816 Bytes
Signature data size : 1098071 Bytes
Reference data size : 18681 Bytes
Signatures total : 24559
Target categories : 10
Target families : 469
Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium III
Memory available:62 %
Total physical memory:523760 kb
Available physical memory:324716 kb
Total page file size:1280624 kb
Available on page file:1111968 kb
Total virtual memory:2097024 kb
Available virtual memory:2056692 kb
OS:
Ad-aware Settings
=========================
Juego : Activar escaneo en profundidad
Juego : Modo seguro (siempre pide una confirmación)
Juego : Escanear procesos activos
Juego : Escanear registro
Juego : Escanear registro a fondo
Juego : Escanear Favorito de IE para los sitios prohibidos
Juego : Escanear dentro de los archivos
Juego : Scan my Hosts file
Extended Ad-aware Settings
=========================
Juego : Unload recognized processes during scanning
Juego : Include basic Ad-aware settings in logfile
Juego : Include additional Ad-aware settings in logfile
Juego : Let windows remove files in use at next reboot
Juego : Delete quarantined objects after restoring
Juego : Always back up reference file, before updating
Juego : Play sound if scan produced a result
16-05-2004 19:51:41 - Scan started. (Custom mode)
Listando procesos activos
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ThreadCreationTime : 16-05-2004 18:49:14
BasePriority : Normal
#:2 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ThreadCreationTime : 16-05-2004 18:49:21
BasePriority : High
#:3 [services.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 16-05-2004 18:49:21
BasePriority : Normal
FileSize : 99 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
Copyright : Copyright (C) Microsoft Corporation. Reservados todos los derechos.
CompanyName : Microsoft Corporation
FileDescription : Aplicaci
InternalName : services.exe
OriginalFilename : services.exe
ProductName : Sistema operativo Microsoft
Created on : 24/08/2001 10:00:00
Last accessed : 16/05/2004 18:50:53
Last modified : 24/08/2001 10:00:00
#:4 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 16-05-2004 18:49:21
BasePriority : Normal
FileSize : 11 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
OriginalFilename : lsass.exe
ProductName : Microsoft
Created on : 24/08/2001 10:00:00
Last accessed : 16/05/2004 18:50:53
Last modified : 24/08/2001 10:00:00
#:5 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 16-05-2004 18:49:22
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 24/08/2001 10:00:00
Last accessed : 16/05/2004 18:50:53
Last modified : 24/08/2001 10:00:00
#:6 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 16-05-2004 18:49:22
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 24/08/2001 10:00:00
Last accessed : 16/05/2004 18:50:53
Last modified : 24/08/2001 10:00:00
#:7 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 16-05-2004 18:49:23
BasePriority : Normal
FileSize : 50 KB
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
OriginalFilename : spoolsv.exe
ProductName : Microsoft
Created on : 24/08/2001 10:00:00
Last accessed : 16/05/2004 18:50:53
Last modified : 24/08/2001 10:00:00
#:8 [ccevtmgr.exe]
FilePath : C:\Archivos de programa\Archivos comunes\Symantec Shared\
ThreadCreationTime : 16-05-2004 18:49:24
BasePriority : Normal
FileSize : 309 KB
FileVersion : 1.03.4
ProductVersion : 1.03.4
Copyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Event Manager Service
InternalName : ccEvtMgr
OriginalFilename : ccEvtMgr.exe
ProductName : Event Manager
Created on : 16/08/2003 18:40:30
Last accessed : 16/05/2004 18:50:47
Last modified : 03/12/2002 16:22:12
#:9 [mdm.exe]
FilePath : C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7Debug\
ThreadCreationTime : 16-05-2004 18:49:25
BasePriority : Normal
FileSize : 264 KB
FileVersion : 7.00.9064.9150
ProductVersion : 7.00.9064.9150
Copyright : Copyright (C) Microsoft Corp. 1997-2000
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
OriginalFilename : mdm.exe
ProductName : Microsoft Development Environment
Created on : 23/02/2001 9:07:30
Last accessed : 16/05/2004 18:50:52
Last modified : 23/02/2001 9:07:30
#:10 [navapsvc.exe]
FilePath : C:\Archivos de programa\Norton AntiVirus\
ThreadCreationTime : 16-05-2004 18:49:25
BasePriority : Normal
FileSize : 113 KB
FileVersion : 9.05.1015
ProductVersion : 9.05.1015
Copyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
OriginalFilename : NAVAPSVC.EXE
ProductName : Norton AntiVirus
Created on : 16/08/2003 18:07:18
Last accessed : 16/05/2004 18:50:47
Last modified : 21/11/2002 9:14:18
#:11 [nvsvc32.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 16-05-2004 18:49:25
BasePriority : Normal
FileSize : 80 KB
FileVersion : 6.14.10.5216
ProductVersion : 6.14.10.5216
Copyright : (C) NVIDIA Corporation. All rights reserved.
CompanyName : NVIDIA Corporation
FileDescription : NVIDIA Driver Helper Service, Version 52.16
InternalName : NVSVC
OriginalFilename : nvsvc32.exe
ProductName : NVIDIA Driver Helper Service, Version 52.16
Created on : 06/10/2003 13:16:00
Last accessed : 16/05/2004 18:00:12
Last modified : 06/10/2003 13:16:00
#:12 [explorer.exe]
FilePath : C:\WINDOWS\
ThreadCreationTime : 16-05-2004 18:49:37
BasePriority : Normal
FileSize : 980 KB
FileVersion : 6.00.2600.0000 (xpclient.010817-1148)
ProductVersion : 6.00.2600.0000
CompanyName : Microsoft Corporation
FileDescription : Explorador de Windows
InternalName : explorer
OriginalFilename : EXPLORER.EXE
ProductName : Sistema operativo Microsoft
Created on : 24/08/2001 10:00:00
Last accessed : 16/05/2004 18:50:53
Last modified : 24/08/2001 10:00:00
#:13 [echoctrl.exe]
FilePath : C:\Archivos de programa\PCI Audio Applications\Bin\
ThreadCreationTime : 16-05-2004 18:50:37
BasePriority : Normal
FileSize : 144 KB
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
Copyright : Copyright (C) 2001
FileDescription : EchoCtrl MFC Application
InternalName : EchoCtrl
OriginalFilename : EchoCtrl.EXE
ProductName : EchoCtrl Application
Created on : 07/08/2003 16:53:19
Last accessed : 16/05/2004 18:50:53
Last modified : 05/12/2001 15:47:32
#:14 [mixer.exe]
FilePath : C:\WINDOWS\
ThreadCreationTime : 16-05-2004 18:50:37
BasePriority : Normal
FileSize : 1776 KB
FileVersion : 1.58
ProductVersion : 1.58
Copyright : Copyright (C) 1997-2002
CompanyName : C-Media Electronic Inc. (
www.cmedia.com.tw)
FileDescription : Mixer
InternalName : Mixer
OriginalFilename : Mixer.EXE
ProductName : Mixer
Created on : 15/10/2002 18:00:20
Last accessed : 16/05/2004 18:49:14
Last modified : 15/10/2002 18:00:20
#:15 [ccapp.exe]
FilePath : C:\Archivos de programa\Archivos comunes\Symantec Shared\
ThreadCreationTime : 16-05-2004 18:50:38
BasePriority : Normal
FileSize : 54 KB
FileVersion : 1.08.01
ProductVersion : 1.08.01
Copyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Common Client CC App
InternalName : ccApp
OriginalFilename : ccApp.exe
ProductName : Common Client
Created on : 30/08/2003 16:04:37
Last accessed : 16/05/2004 18:49:14
Last modified : 15/07/2003 13:58:08
#:16 [point32.exe]
FilePath : C:\Archivos de programa\Microsoft Hardware\Mouse\
ThreadCreationTime : 16-05-2004 18:50:38
BasePriority : Normal
FileSize : 172 KB
FileVersion : 4.10.0851.0
ProductVersion : 4.1
Copyright : Copyright (C) Microsoft Corp. 1983-2002
CompanyName : Microsoft Corporation
FileDescription : Microsoft IntelliPoint
InternalName : POINT32
OriginalFilename : POINT32.EXE
ProductName : Microsoft IntelliPoint
Created on : 11/04/2002 18:47:52
Last accessed : 16/05/2004 18:50:53
Last modified : 11/04/2002 18:47:52
#:17 [msgplus.exe]
FilePath : C:\Archivos de programa\Messenger Plus! 2\
ThreadCreationTime : 16-05-2004 18:50:38
BasePriority : Normal
FileSize : 136 KB
FileVersion : 2, 54, 0, 74
ProductVersion : 2, 54, 0, 74
Copyright : Copyright (C) 2001-2003
CompanyName : Patchou
FileDescription : Messenger Plus!
InternalName : MsgPlus
OriginalFilename : MsgPlus.exe
ProductName : Messenger Plus! 2
Created on : 25/01/2004 20:43:08
Last accessed : 16/05/2004 18:50:59
Last modified : 25/01/2004 21:02:44
#:18 [meet gram.exe]
FilePath : C:\ARCHIV~1\CHINRE~1\
ThreadCreationTime : 16-05-2004 18:50:39
BasePriority : Normal
FileSize : 227 KB
Created on : 13/02/2004 16:54:33
Last accessed : 16/05/2004 18:49:14
Last modified : 13/05/2004 22:06:43
#:19 [rundll32.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 16-05-2004 18:50:39
BasePriority : Normal
FileSize : 31 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Ejecutar un archivo DLL como una aplicaci
InternalName : rundll
OriginalFilename : RUNDLL.EXE
ProductName : Sistema operativo Microsoft
Created on : 24/08/2001 10:00:00
Last accessed : 16/05/2004 18:50:59
Last modified : 24/08/2001 10:00:00
#:20 [msmsgs.exe]
FilePath : C:\Archivos de programa\Messenger\
ThreadCreationTime : 16-05-2004 18:50:39
BasePriority : Normal
FileSize : 1456 KB
FileVersion : 4.7.2009
ProductVersion : Version 4.7
Copyright : Copyright (c) Microsoft Corporation 1997-2003
CompanyName : Microsoft Corporation
FileDescription : Messenger
InternalName : msmsgs
OriginalFilename : msmsgs.exe
ProductName : Messenger
Created on : 14/04/2003 19:30:14
Last accessed : 16/05/2004 18:49:20
Last modified : 14/04/2003 19:30:14
#:21 [wincinemamgr.exe]
FilePath : C:\Archivos de programa\InterVideo\Common\Bin\
ThreadCreationTime : 16-05-2004 18:50:39
BasePriority : Normal
FileSize : 152 KB
FileVersion : 1.7
ProductVersion : 1, 0, 0, 1
Copyright : Copyright (C) 2000 InterVideo Inc.
FileDescription : WinCinema Manager
InternalName : WinCinema Manager
OriginalFilename : WinCinemaMgr.EXE
ProductName : WinCinema Manager for InterVideo WinCinema products
Created on : 16/08/2003 15:20:28
Last accessed : 16/05/2004 18:49:20
Last modified : 13/06/2003 17:50:46
#:22 [wuauclt.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 16-05-2004 18:50:44
BasePriority : Normal
FileSize : 148 KB
FileVersion : 5.4.3790.20 built by: lab04_n
ProductVersion : 5.4.3790.20
CompanyName : Microsoft Corporation
FileDescription : Cliente de actualizaci
InternalName : wuauclt.exe
OriginalFilename : wuauclt.exe
ProductName : Sistema operativo Microsoft
Created on : 07/08/2003 11:30:25
Last accessed : 16/05/2004 18:50:44
Last modified : 31/01/2004 0:40:40
#:23 [msnmsgr.exe]
FilePath : C:\Archivos de programa\MSN Messenger\
ThreadCreationTime : 16-05-2004 18:50:51
BasePriority : Normal
FileSize : 4572 KB
FileVersion : 6.1.0211
ProductVersion : Version 6.1
Copyright : Copyright (c) Microsoft Corporation 1997-2003
CompanyName : Microsoft Corporation
FileDescription : Messenger
InternalName : msnmsgr
OriginalFilename : msnmsgr.exe
ProductName : Messenger
Created on : 04/03/2004 22:01:00
Last accessed : 16/05/2004 18:50:40
Last modified : 04/03/2004 22:01:00
#:24 [ad-aware.exe]
FilePath : C:\ARCHIV~1\Lavasoft\AD-AWA~1\
ThreadCreationTime : 16-05-2004 18:51:35
BasePriority : Normal
FileSize : 668 KB
FileVersion : 6.0.1.181
ProductVersion : 6.0.0.0
Copyright : Copyright
CompanyName : Lavasoft Sweden
FileDescription : Ad-aware 6 core application
InternalName : Ad-aware.exe
OriginalFilename : Ad-aware.exe
ProductName : Lavasoft Ad-aware Plus
Created on : 16/05/2004 17:20:17
Last accessed : 16/05/2004 18:49:39
Last modified : 12/07/2003 20:00:20
Resultados Escaneo de la memoria:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Nuevos objetos: 0
Objetos encontrados hasta ahora: 0
Inicio escaneo del Registro
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
CoolWebSearch Objeto reconocido!
Tipo : RegValor
Fecha :
Categoria : Malware
Comentario : "HOMEOldSP"
Rootkey : HKEY_LOCAL_MACHINE
Objeto : SOFTWARE\Microsoft\Internet Explorer\Main
Valor : HOMEOldSP
Resultados Escaneo del registro:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Nuevos objetos: 1
Objetos encontrados hasta ahora: 1
Inicio escaneo profundo del Registro
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Posible secuestro del navegador : Software\Microsoft\Internet Explorer\MainStart Pageabout:blank
Possible Browser Hijack attempt Objeto reconocido!
Tipo : RegFecha
Fecha : "about:blank"
Categoria : Malware
Comentario : Posible secuestro del navegador
Rootkey : HKEY_CURRENT_USER
Objeto : Software\Microsoft\Internet Explorer\Main
Valor : Start Page
Fecha : "about:blank"
Posible secuestro del navegador : Software\Microsoft\Internet Explorer\MainStart Pageabout:blank
Possible Browser Hijack attempt Objeto reconocido!
Tipo : RegFecha
Fecha : "about:blank"
Categoria : Malware
Comentario : Posible secuestro del navegador
Rootkey : HKEY_LOCAL_MACHINE
Objeto : Software\Microsoft\Internet Explorer\Main
Valor : Start Page
Fecha : "about:blank"
Resultados Escaneo Profundo del registro:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Nuevos objetos: 2
Objetos encontrados hasta ahora: 3
Escaneando y examinando archivos en profundidad (A:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Resultados Escaneo del disco: A:\
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Nuevos objetos: 0
Objetos encontrados hasta ahora: 3
Escaneando y examinando archivos en profundidad (C:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Resultados Escaneo del disco: C:\
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Nuevos objetos: 0
Objetos encontrados hasta ahora: 3
Escaneando y examinando archivos en profundidad (D:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Resultados Escaneo del disco: D:\
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Nuevos objetos: 0
Objetos encontrados hasta ahora: 3
Escaneando y examinando archivos en profundidad (E:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Resultados Escaneo del disco: E:\
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Nuevos objetos: 0
Objetos encontrados hasta ahora: 3
Scanning Hosts file(C:\WINDOWS\System32\drivers\etc\hosts)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Hosts file scan result:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
1 entries scanned.
Nuevos objetos:0
Objetos encontrados hasta ahora: 3
Performing conditional scans..
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
CoolWebSearch Objeto reconocido!
Tipo : RegKey
Fecha :
Categoria : Malware
Comentario :
Rootkey : HKEY_CLASSES_ROOT
Objeto : PROTOCOLS\Filter\text/html
CoolWebSearch Objeto reconocido!
Tipo : RegKey
Fecha :
Categoria : Malware
Comentario :
Rootkey : HKEY_CLASSES_ROOT
Objeto : PROTOCOLS\Filter\text/plain
Conditional scan result:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Nuevos objetos: 2
Objetos encontrados hasta ahora: 5
20:02:18 Escaneo completo
Resumen Del escaneo
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Total tiempo escaneo:00:10:36:616
Objetos Escaneados:117513
Objetos identificados:5
Objetos ignorados:0
Nuevos objetos:5
Un saludo y muchas gracias por la atención