SEGURIDAD INFORMATICA, Firewall, parches, vacunas, antivirus, anti troyanos, spyware etc > Seguridad Informatica - Firewall - Virus - Troyanos - Spyware - Ad Aware - Malware
Adware.Mainsearch
hombredelcubo:
Os cuento, resulta que ya llevo tiempo con este molesto pero de momento inofensivo adware pero el otro dia me hablaron de vuestra web y he estado leyendo algunos posts y me preguntaba si a mi tb me pudieseis ayudar.
Segun Norton 2004 (que es el que tengo instalado) el nombre del virus es ADWARE.MAINSEARCH y el nombre del archivo en cuestion va cambiando, porque lo elimino y vuelve a salir otro con distinto nombre. Ahora toma el nombre de FDOP.DLL.
tambien he pasado el Panda online pero ni siquiera me reconoce nada
Lo que me hace es cambiar la pagina de inicio por la de about:blank (pero en realidad sale una pagina de busqueda en ingles), ademas me abre ventanas dicendome que estoy infectado por un spyware (tambien en ingles), fundamentalmente cuadno estoy en algun tipo de correo (yahoo,hotmail)
Ahora estoy en vuestra disposicion, asiq si no es mucho molestar, me gustaria que me ayudarais a deshacerme de este virus.
muchas gracias de todos modos
Miyu:
Holas hombredelcubo, bienvenido al foro ;)
Mira, lo primero instálate el Ad-aware 6.181, ACTUALÍZALO y haz un full scan siguiendo los pasos de éste enlace
Desde allí puedes bajarte también el programa, en el enlace de la firma de Fatsgordon ;)
Una vez hecho el scan, copia el log y publícalo aquí para que Fats le eche un vistazo y te diga lo que debes hacer (para publicar el log, cuando haya finalizado el scan clika en "Mostrar log" o "Show logfile", selecciónalo y cópialo y pégalo aquí), de acuerdo?
Saludetes ;)
Dabo:
bienvenido amigo, este primer paso es fundamental para saber a lo que nos enfrentamos, hay bichos muy molestos :wink:
un saludo y bienvenido :!:
hombredelcubo:
Ya he instalao el adware 6.181 con su respectiva actualizacion. a continuacion he realizao el full scan con el siguiente paronama:
Muchas gracias por vuestra labor, de verdad.
Os mereceis ser pagina del año ;)
Lavasoft Ad-aware Personal Build 6.181
Logfile created on :domingo, 27 de junio de 2004 5:11:47
Created with Ad-aware Personal, free for private use.
Using reference-file :01R325 27.06.2004
______________________________________________________
Reffile status:
=========================
Reference file loaded:
Reference Number : 1R200 12.07.2003
Internal build : 17
File location : C:\Archivos de programa\Lavasoft\Ad-aware 6\reflist.ref
Total size : 432159 Bytes
Signature data size : 423356 Bytes
Reference data size : 8739 Bytes
Signatures total : 9938
Target categories : 10
Target families : 202
27-06-2004 5:10:33 Performing Webupdate...
Installing Update...
Reference file loaded:
Reference Number : 01R325 27.06.2004
Internal build : 257
File location : C:\Archivos de programa\Lavasoft\Ad-aware 6\reflist.ref
Total size : 1274298 Bytes
Signature data size : 1253786 Bytes
Reference data size : 20448 Bytes
Signatures total : 27864
Target categories : 10
Target families : 507
27-06-2004 5:11:08 Success.
Update successfully downlodaded and installed.
Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium II
Memory available:14 %
Total physical memory:261684 kb
Available physical memory:34824 kb
Total page file size:632856 kb
Available on page file:362500 kb
Total virtual memory:2097024 kb
Available virtual memory:2043776 kb
OS:Windows 2000
Ad-aware Settings
=========================
Set : Activate in-depth scan (Recommended)
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file
Extended Ad-aware Settings
=========================
Set : Unload recognized processes during scanning
Set : Include basic Ad-aware settings in logfile
Set : Include additional Ad-aware settings in logfile
Set : Let windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Always back up reference file, before updating
Set : Play sound if scan produced a result
27-06-2004 5:11:47 - Scan started. (Custom mode)
Listing running processes
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ThreadCreationTime : 27-06-2004 2:56:28
BasePriority : Normal
#:2 [winlogon.exe]
FilePath : \??\C:\WINNT\SYSTEM32\
ThreadCreationTime : 27-06-2004 2:56:57
BasePriority : High
#:3 [services.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 27-06-2004 2:57:10
BasePriority : Normal
FileSize : 87 KB
FileVersion : 5.00.2195.6700
ProductVersion : 5.00.2195.6700
Copyright : Copyright (C) Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Aplicaci
InternalName : services.exe
OriginalFilename : services.exe
ProductName : Sistema operativo Microsoft(R) Windows (R) 2000
Created on : 02/09/2003 16:58:57
Last accessed : 27/06/2004 2:57:10
Last modified : 19/06/2003 19:05:04
#:4 [lsass.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 27-06-2004 2:57:11
BasePriority : Normal
FileSize : 36 KB
FileVersion : 5.00.2195.6695
ProductVersion : 5.00.2195.6695
Copyright : Copyright (C) Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : DLL de servidor y ejecutable LSA (versi
InternalName : lsasrv.dll and lsass.exe
OriginalFilename : lsasrv.dll and lsass.exe
ProductName : Sistema operativo Microsoft(R) Windows(R) 2000
Created on : 02/09/2003 16:58:54
Last accessed : 27/06/2004 2:57:11
Last modified : 19/06/2003 19:05:04
#:5 [svchost.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 27-06-2004 2:57:28
BasePriority : Normal
FileSize : 7 KB
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
Copyright : Copyright (C) Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft(R) Windows (R) 2000 Operating System
Created on : 01/12/1999 8:40:16
Last accessed : 27/06/2004 2:57:28
Last modified : 01/12/1999 8:40:16
#:6 [ccsetmgr.exe]
FilePath : C:\Archivos de programa\Archivos comunes\Symantec Shared\
ThreadCreationTime : 27-06-2004 2:57:32
BasePriority : Normal
FileSize : 229 KB
FileVersion : 2.0.0.635
ProductVersion : 2.0.0.635
Copyright : Copyright (c) 2000-2003 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Common Client Settings Manager Service
InternalName : ccSetMgr
OriginalFilename : ccSetMgr.exe
ProductName : Common Client
Created on : 20/08/2003 0:58:50
Last accessed : 27/06/2004 2:57:32
Last modified : 20/08/2003 0:58:50
#:7 [ccevtmgr.exe]
FilePath : C:\Archivos de programa\Archivos comunes\Symantec Shared\
ThreadCreationTime : 27-06-2004 2:57:36
BasePriority : Normal
FileSize : 249 KB
FileVersion : 2.0.0.635
ProductVersion : 2.0.0.635
Copyright : Copyright (c) 2000-2003 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Common Client Event Manager Service
InternalName : ccEvtMgr
OriginalFilename : ccEvtMgr.exe
ProductName : Common Client
Created on : 20/08/2003 0:56:12
Last accessed : 27/06/2004 2:57:36
Last modified : 20/08/2003 0:56:12
#:8 [spoolsv.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 27-06-2004 2:57:43
BasePriority : Normal
FileSize : 44 KB
FileVersion : 5.00.2195.6659
ProductVersion : 5.00.2195.6659
Copyright : Copyright (C) Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolss.exe
OriginalFilename : spoolss.exe
ProductName : Microsoft(R) Windows (R) 2000 Operating System
Created on : 02/09/2003 14:41:51
Last accessed : 27/06/2004 2:57:43
Last modified : 19/06/2003 19:05:04
#:9 [svchost.exe]
FilePath : C:\WINNT\System32\
ThreadCreationTime : 27-06-2004 2:57:46
BasePriority : Normal
FileSize : 7 KB
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
Copyright : Copyright (C) Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft(R) Windows (R) 2000 Operating System
Created on : 01/12/1999 8:40:16
Last accessed : 27/06/2004 2:57:28
Last modified : 01/12/1999 8:40:16
#:10 [navapsvc.exe]
FilePath : C:\Archivos de programa\Norton AntiVirus\
ThreadCreationTime : 27-06-2004 2:57:52
BasePriority : Normal
FileSize : 155 KB
FileVersion : 10.00.2
ProductVersion : 10.00.2
Copyright : Norton AntiVirus 2004 for Windows 98/ME/2000/XP Copyright (c) 2003 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
OriginalFilename : NAVAPSVC.EXE
ProductName : Norton AntiVirus
Created on : 30/05/2004 2:01:51
Last accessed : 27/06/2004 2:57:52
Last modified : 12/05/2004 12:53:44
#:11 [regsvc.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 27-06-2004 2:58:01
BasePriority : Normal
FileSize : 66 KB
FileVersion : 5.00.2195.6701
ProductVersion : 5.00.2195.6701
Copyright : Copyright (C) Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Remote Registry Service
InternalName : regsvc
OriginalFilename : REGSVC.EXE
ProductName : Microsoft(R) Windows (R) 2000 Operating System
Created on : 23/11/2003 0:56:05
Last accessed : 27/06/2004 2:58:00
Last modified : 19/06/2003 19:05:04
#:12 [savscan.exe]
FilePath : C:\Archivos de programa\Norton AntiVirus\
ThreadCreationTime : 27-06-2004 2:58:05
BasePriority : Normal
FileSize : 189 KB
FileVersion : 9.2.1.14
ProductVersion : 9.2
Copyright : Copyright (c) 2003 Symantec Corporation
CompanyName : Symantec Corporation
FileDescription : Symantec AntiVirus Scanner
InternalName : SAVSCAN
OriginalFilename : SAVSCAN.EXE
ProductName : Symantec AntiVirus AutoProtect
Created on : 27/02/2004 18:26:02
Last accessed : 27/06/2004 2:58:05
Last modified : 07/11/2003 18:46:58
#:13 [mstask.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 27-06-2004 2:58:16
BasePriority : Normal
FileSize : 117 KB
FileVersion : 4.71.2195.6704
ProductVersion : 4.71.2195.6704
Copyright : Copyright (C) Microsoft Corp. 1997
CompanyName : Microsoft Corporation
FileDescription : Motor de Programador de tareas
InternalName : TaskScheduler
OriginalFilename : mstask.exe
ProductName : Programador de tareas de Microsoft
Created on : 23/11/2003 0:37:12
Last accessed : 27/06/2004 2:58:16
Last modified : 19/06/2003 19:05:04
#:14 [stisvc.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 27-06-2004 2:58:21
BasePriority : Normal
FileSize : 60 KB
FileVersion : 5.00.2195.6656
ProductVersion : 5.00.2195.6656
Copyright : Copyright (C) Microsoft Corp. 1996-1997
CompanyName : Microsoft Corporation
FileDescription : Monitor de dispositivos de imagen est
InternalName : STIMON
OriginalFilename : STIMON.EXE
ProductName : Sistema operativo Microsoft(R) Windows (R) 2000
Created on : 23/11/2003 1:04:51
Last accessed : 27/06/2004 2:58:21
Last modified : 19/06/2003 19:05:04
#:15 [explorer.exe]
FilePath : C:\WINNT\
ThreadCreationTime : 27-06-2004 2:58:21
BasePriority : Normal
FileSize : 238 KB
FileVersion : 5.00.3700.6690
ProductVersion : 5.00.3700.6690
Copyright : Copyright (C) Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
OriginalFilename : EXPLORER.EXE
ProductName : Microsoft(R) Windows (R) 2000 Operating System
Created on : 22/11/2003 23:54:10
Last accessed : 27/06/2004 3:09:04
Last modified : 19/06/2003 19:05:04
#:16 [winmgmt.exe]
FilePath : C:\WINNT\System32\WBEM\
ThreadCreationTime : 27-06-2004 2:58:26
BasePriority : Normal
FileSize : 192 KB
FileVersion : 1.50.1085.0100
ProductVersion : 1.50.1085.0100
Copyright : Copyright (C) Microsoft Corp. 1995-1999
CompanyName : Microsoft Corporation
FileDescription : Instrumental de administraci
InternalName : WINMGMT
ProductName : Instrumental de administraci
Created on : 23/11/2003 1:15:57
Last accessed : 27/06/2004 2:58:26
Last modified : 19/06/2003 19:05:04
#:17 [svchost.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 27-06-2004 2:58:31
BasePriority : Normal
FileSize : 7 KB
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
Copyright : Copyright (C) Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft(R) Windows (R) 2000 Operating System
Created on : 01/12/1999 8:40:16
Last accessed : 27/06/2004 2:57:28
Last modified : 01/12/1999 8:40:16
#:18 [ccapp.exe]
FilePath : C:\Archivos de programa\Archivos comunes\Symantec Shared\
ThreadCreationTime : 27-06-2004 2:59:00
BasePriority : Normal
FileSize : 69 KB
FileVersion : 2.0.0.635
ProductVersion : 2.0.0.635
Copyright : Copyright (c) 2000-2003 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Symantec Common Client User Session
InternalName : ccApp
OriginalFilename : ccApp.exe
ProductName : Common Client
Created on : 20/08/2003 0:55:56
Last accessed : 27/06/2004 2:59:00
Last modified : 20/08/2003 0:55:56
#:19 [svchost.exe]
FilePath : C:\WINNT\
ThreadCreationTime : 27-06-2004 2:59:07
BasePriority : Normal
FileSize : 44 KB
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
Copyright : Copyright (C) 2004
FileDescription : MFC Application
InternalName : svchost
OriginalFilename : SVCHOST.EXE
ProductName : SVCHOST Application
Created on : 22/06/2004 19:46:04
Last accessed : 27/06/2004 2:59:07
Last modified : 22/06/2004 19:46:04
#:20 [dslmon.exe]
FilePath : C:\Archivos de programa\Wanadoo\USB ADSL Modem\
ThreadCreationTime : 27-06-2004 2:59:11
BasePriority : Normal
FileSize : 900 KB
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
Copyright : Copyright (C) 2000
FileDescription : ADIMON MFC Application
InternalName : DSLMON
OriginalFilename : ADIMON.EXE
ProductName : DSLMON Application
Created on : 23/11/2003 2:41:08
Last accessed : 27/06/2004 2:59:11
Last modified : 29/10/2002 11:15:34
#:21 [msnmsgr.exe]
FilePath : C:\Archivos de programa\MSN Messenger\
ThreadCreationTime : 27-06-2004 3:02:14
BasePriority : Normal
FileSize : 4572 KB
FileVersion : 6.1.0211
ProductVersion : Version 6.1
Copyright : Copyright (c) Microsoft Corporation 1997-2003
CompanyName : Microsoft Corporation
FileDescription : Messenger
InternalName : msnmsgr
OriginalFilename : msnmsgr.exe
ProductName : Messenger
Created on : 04/03/2004 22:01:00
Last accessed : 27/06/2004 3:02:20
Last modified : 04/03/2004 22:01:00
#:22 [iexplore.exe]
FilePath : C:\Archivos de programa\Internet Explorer\
ThreadCreationTime : 27-06-2004 3:02:42
BasePriority : Normal
FileSize : 89 KB
FileVersion : 6.00.2800.1106
ProductVersion : 6.00.2800.1106
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
OriginalFilename : IEXPLORE.EXE
ProductName : Sistema operativo Microsoft
Created on : 30/08/2002 17:56:44
Last accessed : 27/06/2004 3:03:09
Last modified : 30/08/2002 17:56:44
#:23 [svchost.exe]
FilePath : C:\WINNT\System32\
ThreadCreationTime : 27-06-2004 3:02:57
BasePriority : Normal
FileSize : 7 KB
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
Copyright : Copyright (C) Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft(R) Windows (R) 2000 Operating System
Created on : 01/12/1999 8:40:16
Last accessed : 27/06/2004 2:57:28
Last modified : 01/12/1999 8:40:16
#:24 [ad-aware.exe]
FilePath : C:\Archivos de programa\Lavasoft\Ad-aware 6\
ThreadCreationTime : 27-06-2004 3:09:34
BasePriority : Normal
FileSize : 668 KB
FileVersion : 6.0.1.181
ProductVersion : 6.0.0.0
Copyright : Copyright
CompanyName : Lavasoft Sweden
FileDescription : Ad-aware 6 core application
InternalName : Ad-aware.exe
OriginalFilename : Ad-aware.exe
ProductName : Lavasoft Ad-aware Plus
Created on : 26/06/2004 17:27:44
Last accessed : 27/06/2004 3:09:34
Last modified : 12/07/2003 20:00:20
Memory scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0
Started registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
PeopleOnPage Object recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : "AutoLoaderAproposClient"
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value : AutoLoaderAproposClient
Registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 1
Objects found so far: 1
Started deep registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Possible browser hijack attempt : Software\Microsoft\Internet Explorer\MainStart Pageabout:blank
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "about:blank"
Category : Data Miner
Comment : Possible browser hijack attempt
Rootkey : HKEY_CURRENT_USER
Object : Software\Microsoft\Internet Explorer\Main
Value : Start Page
Data : "about:blank"
Possible browser hijack attempt : Software\Microsoft\Internet Explorer\MainStart Pageabout:blank
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "about:blank"
Category : Data Miner
Comment : Possible browser hijack attempt
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Internet Explorer\Main
Value : Start Page
Data : "about:blank"
Possible browser hijack attempt : .Default\Software\Microsoft\Internet Explorer\MainStart Pageabout:blank
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "about:blank"
Category : Data Miner
Comment : Possible browser hijack attempt
Rootkey : HKEY_USERS
Object : .Default\Software\Microsoft\Internet Explorer\Main
Value : Start Page
Data : "about:blank"
CoolWebSearch Object recognized!
Type : RegKey
Data :
Category : Malware
Comment : c:\winnt\system32\fdop.dll
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{4CE5986A-005E-4B87-A91B-764B169E918A}
CoolWebSearch Object recognized!
Type : File
Data : fdop.dll
Category : Malware
Comment :
Object : c:\winnt\system32\
FileSize : 30 KB
Created on : 30/05/2004 1:49:38
Last accessed : 27/06/2004 3:02:46
Last modified : 30/05/2004 1:49:38
CoolWebSearch Object recognized!
Type : RegKey
Data :
Category : Malware
Comment : c:\winnt\system32\fdop.dll
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{57496027-B2F5-4823-BFD6-8AC94455F658}
CoolWebSearch Object recognized!
Type : RegKey
Data :
Category : Malware
Comment : c:\winnt\system32\fdop.dll
Rootkey : HKEY_CLASSES_ROOT
Object : PROTOCOLS\Filter\text/html
CoolWebSearch Object recognized!
Type : RegKey
Data :
Category : Malware
Comment : c:\winnt\system32\fdop.dll
Rootkey : HKEY_CLASSES_ROOT
Object : PROTOCOLS\Filter\text/plain
CoolWebSearch Object recognized!
Type : RegKey
Data :
Category : Malware
Comment : c:\winnt\system32\fdop.dll
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4CE5986A-005E-4B87-A91B-764B169E918A}
Deep registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 8
Objects found so far: 10
Deep scanning and examining files (A:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Disk scan result for A:\
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 10
Deep scanning and examining files (C:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Tracking Cookie Object recognized!
Type : File
Data : [email protected][1].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Administrador\Configuración local\Temp\Cookies\
Created on : 10/06/2004 0:53:50
Last accessed : 27/06/2004 3:15:10
Last modified : 10/06/2004 0:53:53
Tracking Cookie Object recognized!
Type : File
Data : [email protected][1].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Administrador\Configuración local\Temp\Cookies\
Created on : 09/06/2004 23:45:45
Last accessed : 27/06/2004 3:15:10
Last modified : 09/06/2004 23:45:48
Tracking Cookie Object recognized!
Type : File
Data : administrador@advertising[1].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Administrador\Configuración local\Temp\Cookies\
Created on : 10/06/2004 0:38:02
Last accessed : 27/06/2004 3:15:10
Last modified : 10/06/2004 0:38:02
Tracking Cookie Object recognized!
Type : File
Data : administrador@cgi-bin[1].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Administrador\Configuración local\Temp\Cookies\
Created on : 10/06/2004 0:53:37
Last accessed : 27/06/2004 3:15:10
Last modified : 10/06/2004 0:53:37
Tracking Cookie Object recognized!
Type : File
Data : administrador@qksrv[1].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Administrador\Configuración local\Temp\Cookies\
Created on : 10/06/2004 0:38:18
Last accessed : 27/06/2004 3:15:10
Last modified : 10/06/2004 0:38:18
Tracking Cookie Object recognized!
Type : File
Data : [email protected][2].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Administrador\Configuración local\Temp\Cookies\
Created on : 10/06/2004 0:40:50
Last accessed : 27/06/2004 3:15:11
Last modified : 10/06/2004 0:40:50
SexFiles.nu Object recognized!
Type : File
Data : dialerx.exe
Category : Malware
Comment :
Object : C:\WINNT\
FileSize : 44 KB
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
Copyright : Copyright (C) 2003
FileDescription : diallerX MFC Application
InternalName : diallerX
OriginalFilename : diallerX.EXE
ProductName : diallerX Application
Created on : 22/06/2004 19:46:11
Last accessed : 27/06/2004 3:24:26
Last modified : 22/06/2004 19:46:10
Disk scan result for C:\
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 17
Deep scanning and examining files (D:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Disk scan result for D:\
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 17
Deep scanning and examining files (E:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Disk scan result for E:\
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 17
Deep scanning and examining files (F:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Disk scan result for F:\
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 17
Deep scanning and examining files (G:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Disk scan result for G:\
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 17
Deep scanning and examining files (H:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Disk scan result for H:\
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 17
Scanning Hosts file(C:\WINNT\system32\drivers\etc\hosts)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Hosts file scan result:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
1 entries scanned.
New objects :0
Objects found so far: 17
Performing conditional scans..
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
PeopleOnPage Object recognized!
Type : Folder
Category : Data Miner
Comment :
Object : c:\docume~1\admini~1\config~1\temp\~apropos0
PeopleOnPage Object recognized!
Type : Folder
Category : Data Miner
Comment :
Object : c:\docume~1\admini~1\config~1\temp\~compoundinst0
PeopleOnPage Object recognized!
Type : File
Data : auf0.exe
Category : Data Miner
Comment :
Object : c:\docume~1\admini~1\config~1\temp\
FileSize : 1471 KB
Created on : 14/01/2004 19:25:59
Last accessed : 27/06/2004 3:28:37
Last modified : 14/01/2004 19:27:02
PeopleOnPage Object recognized!
Type : File
Data : atla.dll
Category : Data Miner
Comment :
Object : c:\docume~1\admini~1\config~1\temp\~apropos0\
FileSize : 72 KB
FileVersion : 3.00.8449
ProductVersion : 6.00.8449
Copyright : Copyright
CompanyName : Microsoft Corporation
FileDescription : ATL Module for Windows (ANSI)
InternalName : ATL
OriginalFilename : ATL.DLL
ProductName : Microsoft (R) Visual C++
Created on : 14/01/2004 20:23:10
Last accessed : 27/06/2004 3:28:38
Last modified : 14/01/2004 20:23:10
PeopleOnPage Object recognized!
Type : File
Data : atlw.dll
Category : Data Miner
Comment :
Object : c:\docume~1\admini~1\config~1\temp\~apropos0\
FileSize : 73 KB
FileVersion : 3.00.9435
ProductVersion : 6.00.9435
Copyright : Copyright
CompanyName : Microsoft Corporation
FileDescription : ATL Module for Windows NT (Unicode)
InternalName : ATL
OriginalFilename : ATL.DLL
ProductName : Microsoft (R) Visual C++
Created on : 14/01/2004 20:23:10
Last accessed : 27/06/2004 3:28:38
Last modified : 14/01/2004 20:23:10
PeopleOnPage Object recognized!
Type : File
Data : setup.inf
Category : Data Miner
Comment :
Object : c:\docume~1\admini~1\config~1\temp\~apropos0\
FileSize : 1 KB
Created on : 14/01/2004 20:23:11
Last accessed : 27/06/2004 3:28:38
Last modified : 14/01/2004 20:23:11
CoolWebSearch Object recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
Value : ITBarLayout
Conditional scan result:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 7
Objects found so far: 24
5:28:39 Scan complete
Summary of this scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Total scanning time :00:16:50:803
Objects scanned :71800
Objects identified :24
Objects ignored :0
New objects :24
hombredelcubo:
pa cuando una respuesta please?
q ya lleva un par de dias y me meto to los dias y no veo respuesta alguna :( :( :(
1 saludo!
Navegación
[#] Página Siguiente
Ir a la versión completa