SEGURIDAD INFORMATICA, Firewall, parches, vacunas, antivirus, anti troyanos, spyware etc > Seguridad Informatica - Firewall - Virus - Troyanos - Spyware - Ad Aware - Malware
hijack....
fernando:
encontre los bichitos...los tengo en la lista de ignorados y son...
Scanning Hosts file(C:\WINDOWS\System32\drivers\etc\hosts)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
ATENCION!
Bad hosts file entry:127.0.0.1:connect.online-dialer.com
ATENCION!
Bad hosts file entry:127.0.0.1:www.0190-dialer.com
Hosts file scan result:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
913 entries scanned.
Nuevos objetos:0
Objetos encontrados hasta ahora: 0
23:29:17 Escaneo completo
Resumen Del escaneo
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Total tiempo escaneo:00:07:51:422
Objetos Escaneados:118983
Objetos identificados:0
Objetos ignorados:2
Nuevos objetos:0
espero qcon esto valga Fats... :oops: y luego supongo qlos tengo qborrar y ya esta no??
destroyer:
Fernando ese log no es completo, debes escanear el pc, y cuando finalice pulsa abajo en "Mostrar log" y copias TODO de arriba hasta la ultima linea y lo pegas aqui.. sinó lo haces así será dificil ayudarte..
Un saludo
fernando:
espero qasi valga... :oops: :oops:
Lavasoft Ad-aware Personal Build 6.181
Logfile creado:lunes, 14 de junio de 2004 15:29:19
Created with Ad-aware Personal, free for private use.
Usando archivo de referencia:01R318 13.06.2004
______________________________________________________
Reffile status:
=========================
archivo de la referencia cargado:
Reference Number : 01R318 13.06.2004
Internal build : 250
File location : C:\Archivos de programa\Lavasoft\Ad-aware 6\reflist.ref
Total size : 1241033 Bytes
Signature data size : 1220738 Bytes
Reference data size : 20231 Bytes
Signatures total : 27180
Target categories : 10
Target families : 497
Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium IV
Memory available:61 %
Total physical memory:523760 kb
Available physical memory:318828 kb
Total page file size:1280660 kb
Available on page file:1081532 kb
Total virtual memory:2097024 kb
Available virtual memory:2054644 kb
OS:
Ad-aware Settings
=========================
Juego : Activar escaneo en profundidad
Juego : Modo seguro (siempre pide una confirmación)
Juego : Escanear procesos activos
Juego : Escanear registro
Juego : Escanear registro a fondo
Juego : Escanear Favorito de IE para los sitios prohibidos
Juego : Escanear dentro de los archivos
Juego : Scan my Hosts file
Extended Ad-aware Settings
=========================
Juego : Unload recognized processes during scanning
Juego : Include basic Ad-aware settings in logfile
Juego : Include additional Ad-aware settings in logfile
Juego : Let windows remove files in use at next reboot
Juego : Delete quarantined objects after restoring
Juego : Always back up reference file, before updating
Juego : Play sound if scan produced a result
14-06-2004 15:29:19 - Scan started. (Custom mode)
Listando procesos activos
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ThreadCreationTime : 14-06-2004 13:20:45
BasePriority : Normal
#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ThreadCreationTime : 14-06-2004 13:20:47
BasePriority : Normal
#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ThreadCreationTime : 14-06-2004 13:20:48
BasePriority : High
#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 14-06-2004 13:20:50
BasePriority : Normal
FileSize : 99 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
Copyright : Copyright (C) Microsoft Corporation. Reservados todos los derechos.
CompanyName : Microsoft Corporation
FileDescription : Aplicaci
InternalName : services.exe
OriginalFilename : services.exe
ProductName : Sistema operativo Microsoft
Created on : 24/08/2001 10:00:00
Last accessed : 14/06/2004 13:21:30
Last modified : 24/08/2001 10:00:00
#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 14-06-2004 13:20:50
BasePriority : Normal
FileSize : 11 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
OriginalFilename : lsass.exe
ProductName : Microsoft
Created on : 24/08/2001 10:00:00
Last accessed : 14/06/2004 13:21:27
Last modified : 24/08/2001 10:00:00
#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 14-06-2004 13:20:53
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 24/08/2001 10:00:00
Last accessed : 14/06/2004 13:21:30
Last modified : 24/08/2001 10:00:00
#:7 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 14-06-2004 13:20:53
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 24/08/2001 10:00:00
Last accessed : 14/06/2004 13:21:30
Last modified : 24/08/2001 10:00:00
#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 14-06-2004 13:20:55
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 24/08/2001 10:00:00
Last accessed : 14/06/2004 13:21:30
Last modified : 24/08/2001 10:00:00
#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 14-06-2004 13:20:55
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 24/08/2001 10:00:00
Last accessed : 14/06/2004 13:21:30
Last modified : 24/08/2001 10:00:00
#:10 [lexbces.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 14-06-2004 13:20:56
BasePriority : Normal
FileSize : 296 KB
FileVersion : 8.16
ProductVersion : 8.16
Copyright : (C) 1993 - 2003 Lexmark International, Inc.
CompanyName : Lexmark International, Inc.
FileDescription : LexBce Service
InternalName : LexBce Service
OriginalFilename : LexBceS.exe
ProductName : MarkVision for Windows (32 bit)
Created on : 10/04/2004 16:39:48
Last accessed : 14/06/2004 13:20:56
Last modified : 28/02/2003 6:28:34
#:11 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 14-06-2004 13:20:57
BasePriority : Normal
FileSize : 50 KB
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
OriginalFilename : spoolsv.exe
ProductName : Microsoft
Created on : 24/08/2001 10:00:00
Last accessed : 14/06/2004 13:20:57
Last modified : 24/08/2001 10:00:00
#:12 [lexpps.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 14-06-2004 13:20:57
BasePriority : Normal
FileSize : 170 KB
FileVersion : 8.16
ProductVersion : 8.16
Copyright : (C) 1993 - 2003 Lexmark International, Inc.
CompanyName : Lexmark International, Inc.
FileDescription : LEXPPS.EXE
InternalName : LEXPPS
OriginalFilename : LEXPPS.EXE
ProductName : MarkVision for Windows (32 bit)
Created on : 10/04/2004 16:39:48
Last accessed : 14/06/2004 13:20:57
Last modified : 28/02/2003 6:26:00
#:13 [explorer.exe]
FilePath : C:\WINDOWS\
ThreadCreationTime : 14-06-2004 13:21:00
BasePriority : Normal
FileSize : 980 KB
FileVersion : 6.00.2600.0000 (xpclient.010817-1148)
ProductVersion : 6.00.2600.0000
CompanyName : Microsoft Corporation
FileDescription : Explorador de Windows
InternalName : explorer
OriginalFilename : EXPLORER.EXE
ProductName : Sistema operativo Microsoft
Created on : 24/08/2001 10:00:00
Last accessed : 14/06/2004 13:22:31
Last modified : 24/08/2001 10:00:00
#:14 [avgserv.exe]
FilePath : C:\ARCHIV~1\Grisoft\AVG6\
ThreadCreationTime : 14-06-2004 13:21:00
BasePriority : Normal
FileSize : 16 KB
FileVersion : 6.0.1.696
ProductVersion : 6.0.1.696
Copyright : Copyright (c) GRISOFT 1998-2004
CompanyName : GRISOFT s.r.o
FileDescription : AvgServ - displays notification message
InternalName : AvgServ
OriginalFilename : AvgServ
ProductName : AVG6
Created on : 02/06/2004 16:07:25
Last accessed : 14/06/2004 13:21:00
Last modified : 02/06/2004 16:07:25
#:15 [nvsvc32.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 14-06-2004 13:21:00
BasePriority : Normal
FileSize : 80 KB
FileVersion : 6.14.10.5216
ProductVersion : 6.14.10.5216
Copyright : (C) NVIDIA Corporation. All rights reserved.
CompanyName : NVIDIA Corporation
FileDescription : NVIDIA Driver Helper Service, Version 52.16
InternalName : NVSVC
OriginalFilename : nvsvc32.exe
ProductName : NVIDIA Driver Helper Service, Version 52.16
Created on : 06/10/2003 12:16:00
Last accessed : 14/06/2004 13:21:00
Last modified : 06/10/2003 12:16:00
#:16 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 14-06-2004 13:21:02
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 24/08/2001 10:00:00
Last accessed : 14/06/2004 13:21:30
Last modified : 24/08/2001 10:00:00
#:17 [vsmon.exe]
FilePath : C:\WINDOWS\system32\ZoneLabs\
ThreadCreationTime : 14-06-2004 13:21:03
BasePriority : Normal
FileSize : 805 KB
FileVersion : 4.5.594.000
ProductVersion : 4.5.594.000
Copyright : Copyright
CompanyName : Zone Labs Inc.
FileDescription : TrueVector Service
InternalName : vsmon
OriginalFilename : vsmon.exe
ProductName : TrueVector Service
Created on : 25/04/2004 13:14:08
Last accessed : 14/06/2004 13:21:03
Last modified : 01/04/2004 7:29:14
#:18 [htpatch.exe]
FilePath : C:\WINDOWS\
ThreadCreationTime : 14-06-2004 13:21:17
BasePriority : Normal
FileSize : 28 KB
Created on : 07/04/2004 11:28:21
Last accessed : 14/06/2004 13:21:17
Last modified : 30/10/2002 9:40:34
#:19 [zlclient.exe]
FilePath : C:\ARCHIV~1\ZONELA~1\ZONEAL~1\
ThreadCreationTime : 14-06-2004 13:21:20
BasePriority : Normal
FileSize : 677 KB
FileVersion : 4.5.594.000
ProductVersion : 4.5.594.000
Copyright : Copyright
CompanyName : Zone Labs Inc.
FileDescription : Zone Labs Client
InternalName : zlclient
OriginalFilename : zlclient.exe
ProductName : Zone Labs Client
Created on : 25/04/2004 13:14:11
Last accessed : 14/06/2004 13:21:20
Last modified : 01/04/2004 7:30:04
#:20 [chkdial.exe]
FilePath : C:\Archivos de programa\Hispasec\CheckDialer\
ThreadCreationTime : 14-06-2004 13:21:21
BasePriority : Normal
FileSize : 256 KB
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
Copyright : Copyright (C) 2003
CompanyName : www.hispasec.com
FileDescription : Check Dialer Application
InternalName : ChkDial
OriginalFilename : ChkDial.EXE
ProductName : Check Dialer 1.0.1
Created on : 19/12/2003 8:42:28
Last accessed : 14/06/2004 13:21:21
Last modified : 19/12/2003 8:42:28
#:21 [msnmsgr.exe]
FilePath : C:\Archivos de programa\MSN Messenger\
ThreadCreationTime : 14-06-2004 13:21:22
BasePriority : Normal
FileSize : 4768 KB
FileVersion : 6.2.0133
ProductVersion : Version 6.2
Copyright : Copyright (c) Microsoft Corporation 1997-2004
CompanyName : Microsoft Corporation
FileDescription : MSN Messenger
InternalName : msnmsgr
OriginalFilename : msnmsgr.exe
ProductName : MSN Messenger
Created on : 19/04/2004 3:45:08
Last accessed : 14/06/2004 13:21:30
Last modified : 19/04/2004 3:45:08
#:22 [dspy.exe]
FilePath : C:\Archivos de programa\DialerSpy\
ThreadCreationTime : 14-06-2004 13:21:23
BasePriority : Normal
FileSize : 1059 KB
FileVersion : 1.2.0.5
ProductVersion : 1.1
Copyright : Maciej Kotnis
CompanyName : Maciej Kotnis
FileDescription : AntiDialer Software
InternalName : dspy.exe
OriginalFilename : dspy.exe
ProductName : DialerSpy
Created on : 01/04/2004 15:48:10
Last accessed : 14/06/2004 13:21:56
Last modified : 01/04/2004 15:48:10
#:23 [avgcc32.exe]
FilePath : C:\ARCHIV~1\Grisoft\AVG6\
ThreadCreationTime : 14-06-2004 13:23:57
BasePriority : Normal
FileSize : 337 KB
FileVersion : 6, 0, 0, 515
ProductVersion : 6, 0, 0, 0
Copyright : Copyright
CompanyName : GRISOFT s.r.o.
FileDescription : AVG Control Center
InternalName : AvgCC32
OriginalFilename : AvgCC32.EXE
ProductName : AVG Anti-Virus System
Created on : 12/04/2004 22:58:44
Last accessed : 14/06/2004 13:21:36
Last modified : 09/04/2004 4:00:00
#:24 [dap.exe]
FilePath : C:\Archivos de programa\DAP\
ThreadCreationTime : 14-06-2004 13:24:53
BasePriority : Normal
FileSize : 1225 KB
FileVersion : 7, 1, 0, 2
ProductVersion : 7, 1, 0, 2
Copyright : Copyright (C) 2000 - 2004
CompanyName : Speedbit Ltd.
FileDescription : Download Accelerator Plus
InternalName : DAP
OriginalFilename : DAP.EXE
ProductName : Download Accelerator Plus
Created on : 16/05/2004 13:14:54
Last accessed : 14/06/2004 13:24:56
Last modified : 16/05/2004 13:14:54
#:25 [dapupd.exe]
FilePath : C:\ARCHIV~1\DAP\
ThreadCreationTime : 14-06-2004 13:25:01
BasePriority : Normal
FileSize : 240 KB
FileVersion : 1, 3, 0, 0
ProductVersion : 1, 3, 0, 0
Copyright : Copyright (C) 2001-2002
CompanyName : SpeedBit LTD
FileDescription : DAP Update Application
InternalName : DAPUpd
OriginalFilename : DAPUpd.EXE
ProductName : DAP Update Application
Created on : 16/05/2004 11:16:25
Last accessed : 14/06/2004 13:25:03
Last modified : 16/05/2004 11:16:26
#:26 [ad-aware.exe]
FilePath : C:\Archivos de programa\Lavasoft\Ad-aware 6\
ThreadCreationTime : 14-06-2004 13:29:13
BasePriority : Normal
FileSize : 668 KB
FileVersion : 6.0.1.181
ProductVersion : 6.0.0.0
Copyright : Copyright
CompanyName : Lavasoft Sweden
FileDescription : Ad-aware 6 core application
InternalName : Ad-aware.exe
OriginalFilename : Ad-aware.exe
ProductName : Lavasoft Ad-aware Plus
Created on : 13/04/2004 21:51:41
Last accessed : 14/06/2004 13:24:19
Last modified : 12/07/2003 20:00:20
Resultados Escaneo de la memoria:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Nuevos objetos: 0
Objetos encontrados hasta ahora: 0
Inicio escaneo del Registro
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Resultados Escaneo del registro:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Nuevos objetos: 0
Objetos encontrados hasta ahora: 0
Inicio escaneo profundo del Registro
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Resultados Escaneo Profundo del registro:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Nuevos objetos: 0
Objetos encontrados hasta ahora: 0
Escaneando y examinando archivos en profundidad (C:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Resultados Escaneo del disco: C:\
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Nuevos objetos: 0
Objetos encontrados hasta ahora: 0
Scanning Hosts file(C:\WINDOWS\System32\drivers\etc\hosts)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
ATENCION!
Bad hosts file entry:127.0.0.1:connect.online-dialer.com
ATENCION!
Bad hosts file entry:127.0.0.1:www.0190-dialer.com
Hosts file scan result:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
913 entries scanned.
Nuevos objetos:0
Objetos encontrados hasta ahora: 0
15:42:10 Escaneo completo
Resumen Del escaneo
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Total tiempo escaneo:00:12:51:62
Objetos Escaneados:119211
Objetos identificados:0
Objetos ignorados:2
Nuevos objetos:0
destroyer:
Ahora si parece estar correcto, a ver lo que nos comenta Fats...
un saludo
FatsGordon:
Ok. Por favor, bajate el HijackThis de http://www.spywareinfo.com/~merijn/files/HijackThis.exe , ponelo en una carpeta propia, como por ejemplo C:\HijackThis, y abrilo. Apretá Scan, luego Save log, luego Aceptar y por último, en el Bloc de notas que te aparece seleccioná todo, copialo y pegalo en este mismo hilo.
Muchas gracias!
Navegación
[#] Página Siguiente
[*] Página Anterior
Ir a la versión completa