Autor Tema: Adware.Mainsearch (Leído 7127 veces)

destroyer · « **Respuesta #10 en:** 15 de Julio de 2004, 07:00:10 pm »

Hola:
A veces con el volumen de mensajes diarios que hay, es normal que algun post se nos quede "rezagado" , no está mal recordar que sigue ahí... A ver si conseguimos darle solucion... :wink:

Un saludo

Dabo · « **Respuesta #11 en:** 16 de Julio de 2004, 01:17:40 am »

tranquilo amigo, ya nos cuentas :wink:

hombredelcubo · « **Respuesta #12 en:** 16 de Julio de 2004, 07:29:25 pm »

os cuento un poco, resulta que ayer por la noche segui las instrucciones que me dijisteis que siguiera: me descargue el AntiSecuestro V.1.0 y a continuacion actualice el ad-ware. reinicie el ordenador en modo a prueba de errores e hice un scan completo,
el resultado de ese scan lo tengo guardado (por si lo quereis) y me detecto creo que 36 items, y yo los elimine todos sin que diese ningun problema a la hora de eliminarlos.
bueno reinicie el ordenador y me iba perfecto (volvi a pasar el ad-ware y no me localizo nada), sin que me saliera niguna ventanita ni siquiera me cambiaba la pagina de inicio, y hoy me iba igual que ayer, hasta que ha llegao un momento que he ido a abrir una pagina de hotmail para enviar un email y ma cambiado todo (la pagina de inicio y aparecian las odiosas ventanitas)
y ahora os pregunto yo? que es lo que quereis? un log antes de pasarlo, porque si lo paso y lo elimina no me reconoce nada, pero luego vuelve a aparecer ? :S

choche · « **Respuesta #13 en:** 16 de Julio de 2004, 11:52:39 pm »

Citar

reinicie el ordenador y me iba perfecto (volvi a pasar el ad-ware y no me localizo nada)

Si no te detectó nada es pq se arregló. Lo q te sucede ahora yo diría q es por alguna otra cosa, quizas instalastes algo o al navegar se te instaló algo nuevo.

Posteanos tu último log y lo miramos.

hombredelcubo · « **Respuesta #14 en:** 17 de Julio de 2004, 01:14:23 am »

a ver esos resultados
primero te pongo el log de ayer, y luego el de hoy ok?
Nota: sa ma pasao volver a pasar el adware despeus de pasar el de hoy para saber si no tenia nada :oops:

-------------------------------------------------------------------------------------
[ad-ware 6 log (16-07 01.05).TXT]

Lavasoft Ad-aware Personal Build 6.181
Logfile created on :viernes, 16 de julio de 2004 0:44:55
Created with Ad-aware Personal, free for private use.
Using reference-file :01R332 12.07.2004
______________________________________________________

Reffile status:
=========================
Reference file loaded:
Reference Number : 01R332 12.07.2004
Internal build : 264
File location : C:\Archivos de programa\Lavasoft\Ad-aware 6\reflist.ref
Total size : 1304680 Bytes
Signature data size : 1283888 Bytes
Reference data size : 20728 Bytes
Signatures total : 28484
Target categories : 10
Target families : 520

Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium II
Memory available:74 %
Total physical memory:261684 kb
Available physical memory:191596 kb
Total page file size:632856 kb
Available on page file:564052 kb
Total virtual memory:2097024 kb
Available virtual memory:2053080 kb
OS:Windows 2000

Ad-aware Settings
=========================
Set : Activate in-depth scan (Recommended)
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file

Extended Ad-aware Settings
=========================
Set : Unload recognized processes during scanning
Set : Include basic Ad-aware settings in logfile
Set : Include additional Ad-aware settings in logfile
Set : Let windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Always back up reference file, before updating
Set : Play sound if scan produced a result

16-07-2004 0:44:55 - Scan started. (Custom mode)

Listing running processes
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ThreadCreationTime : 15-07-2004 22:41:27
BasePriority : Normal

#:2 [winlogon.exe]
FilePath : \??\C:\WINNT\SYSTEM32\
ThreadCreationTime : 15-07-2004 22:41:51
BasePriority : High

#:3 [services.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 15-07-2004 22:41:58
BasePriority : Normal
FileSize : 87 KB
FileVersion : 5.00.2195.6700
ProductVersion : 5.00.2195.6700
Copyright : Copyright (C) Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Aplicaci
InternalName : services.exe
OriginalFilename : services.exe
ProductName : Sistema operativo Microsoft(R) Windows (R) 2000
Created on : 02/09/2003 16:58:57
Last accessed : 15/07/2004 22:41:58
Last modified : 19/06/2003 19:05:04

#:4 [lsass.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 15-07-2004 22:41:58
BasePriority : Normal
FileSize : 36 KB
FileVersion : 5.00.2195.6695
ProductVersion : 5.00.2195.6695
Copyright : Copyright (C) Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : DLL de servidor y ejecutable LSA (versi
InternalName : lsasrv.dll and lsass.exe
OriginalFilename : lsasrv.dll and lsass.exe
ProductName : Sistema operativo Microsoft(R) Windows(R) 2000
Created on : 02/09/2003 16:58:54
Last accessed : 15/07/2004 22:41:58
Last modified : 19/06/2003 19:05:04

#:5 [svchost.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 15-07-2004 22:42:05
BasePriority : Normal
FileSize : 7 KB
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
Copyright : Copyright (C) Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft(R) Windows (R) 2000 Operating System
Created on : 01/12/1999 8:40:16
Last accessed : 15/07/2004 22:42:05
Last modified : 01/12/1999 8:40:16

#:6 [winmgmt.exe]
FilePath : C:\WINNT\System32\WBEM\
ThreadCreationTime : 15-07-2004 22:42:07
BasePriority : Normal
FileSize : 192 KB
FileVersion : 1.50.1085.0100
ProductVersion : 1.50.1085.0100
Copyright : Copyright (C) Microsoft Corp. 1995-1999
CompanyName : Microsoft Corporation
FileDescription : Instrumental de administraci
InternalName : WINMGMT
ProductName : Instrumental de administraci
Created on : 23/11/2003 1:15:57
Last accessed : 15/07/2004 22:42:07
Last modified : 19/06/2003 19:05:04

#:7 [userinit.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 15-07-2004 22:44:10
BasePriority : Normal
FileSize : 17 KB
FileVersion : 5.00.2195.6612
ProductVersion : 5.00.2195.6612
Copyright : Copyright (C) Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Aplicaci
InternalName : userinit
OriginalFilename : USERINIT.EXE
ProductName : Sistema operativo Microsoft(R) Windows (R) 2000
Created on : 02/09/2003 16:58:57
Last accessed : 15/07/2004 22:44:10
Last modified : 19/06/2003 19:05:04

#:8 [explorer.exe]
FilePath : C:\WINNT\
ThreadCreationTime : 15-07-2004 22:44:12
BasePriority : Normal
FileSize : 238 KB
FileVersion : 5.00.3700.6690
ProductVersion : 5.00.3700.6690
Copyright : Copyright (C) Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
OriginalFilename : EXPLORER.EXE
ProductName : Microsoft(R) Windows (R) 2000 Operating System
Created on : 22/11/2003 23:54:10
Last accessed : 15/07/2004 22:44:12
Last modified : 19/06/2003 19:05:04

#:9 [ad-aware.exe]
FilePath : C:\Archivos de programa\Lavasoft\Ad-aware 6\
ThreadCreationTime : 15-07-2004 22:44:34
BasePriority : Normal
FileSize : 668 KB
FileVersion : 6.0.1.181
ProductVersion : 6.0.0.0
Copyright : Copyright
CompanyName : Lavasoft Sweden
FileDescription : Ad-aware 6 core application
InternalName : Ad-aware.exe
OriginalFilename : Ad-aware.exe
ProductName : Lavasoft Ad-aware Plus
Created on : 26/06/2004 17:27:44
Last accessed : 15/07/2004 22:38:14
Last modified : 12/07/2003 20:00:20

Memory scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0

Started registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

PeopleOnPage Object recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : "AutoLoaderAproposClient"
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value : AutoLoaderAproposClient

Registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 1
Objects found so far: 1

Started deep registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Possible browser hijack attempt : Software\Microsoft\Internet Explorer\MainStart Pageabout:blank

Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "about:blank"
Category : Data Miner
Comment : Possible browser hijack attempt
Rootkey : HKEY_CURRENT_USER
Object : Software\Microsoft\Internet Explorer\Main
Value : Start Page
Data : "about:blank"

Possible browser hijack attempt : Software\Microsoft\Internet Explorer\MainStart Pageabout:blank

Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "about:blank"
Category : Data Miner
Comment : Possible browser hijack attempt
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Internet Explorer\Main
Value : Start Page
Data : "about:blank"

Possible browser hijack attempt : .Default\Software\Microsoft\Internet Explorer\MainStart Pageabout:blank

Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "about:blank"
Category : Data Miner
Comment : Possible browser hijack attempt
Rootkey : HKEY_USERS
Object : .Default\Software\Microsoft\Internet Explorer\Main
Value : Start Page
Data : "about:blank"

CoolWebSearch Object recognized!
Type : RegKey
Data :
Category : Malware
Comment : c:\winnt\system32\fdop.dll
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{4CE5986A-005E-4B87-A91B-764B169E918A}

CoolWebSearch Object recognized!
Type : File
Data : fdop.dll
Category : Malware
Comment :
Object : c:\winnt\system32\
FileSize : 30 KB
Created on : 30/05/2004 1:49:38
Last accessed : 15/07/2004 22:34:59
Last modified : 30/05/2004 1:49:38

CoolWebSearch Object recognized!
Type : RegKey
Data :
Category : Malware
Comment : c:\winnt\system32\fdop.dll
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{57496027-B2F5-4823-BFD6-8AC94455F658}

CoolWebSearch Object recognized!
Type : RegKey
Data :
Category : Malware
Comment : c:\winnt\system32\fdop.dll
Rootkey : HKEY_CLASSES_ROOT
Object : PROTOCOLS\Filter\text/html

CoolWebSearch Object recognized!
Type : RegKey
Data :
Category : Malware
Comment : c:\winnt\system32\fdop.dll
Rootkey : HKEY_CLASSES_ROOT
Object : PROTOCOLS\Filter\text/plain

CoolWebSearch Object recognized!
Type : RegKey
Data :
Category : Malware
Comment : c:\winnt\system32\fdop.dll
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4CE5986A-005E-4B87-A91B-764B169E918A}

Deep registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 8
Objects found so far: 10

Deep scanning and examining files (A:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Disk scan result for A:\
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 10

Deep scanning and examining files (C:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Tracking Cookie Object recognized!
Type : File
Data : [email protected][1].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Administrador\Configuración local\Temp\Cookies\

Created on : 10/06/2004 0:53:50
Last accessed : 15/07/2004 22:56:14
Last modified : 10/06/2004 0:53:53

Tracking Cookie Object recognized!
Type : File
Data : [email protected][1].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Administrador\Configuración local\Temp\Cookies\

Created on : 09/06/2004 23:45:45
Last accessed : 15/07/2004 22:56:14
Last modified : 09/06/2004 23:45:48

Tracking Cookie Object recognized!
Type : File
Data : administrador@advertising[1].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Administrador\Configuración local\Temp\Cookies\

Created on : 10/06/2004 0:38:02
Last accessed : 15/07/2004 22:56:14
Last modified : 10/06/2004 0:38:02

Tracking Cookie Object recognized!
Type : File
Data : administrador@cgi-bin[1].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Administrador\Configuración local\Temp\Cookies\

Created on : 10/06/2004 0:53:37
Last accessed : 15/07/2004 22:56:15
Last modified : 10/06/2004 0:53:37

Tracking Cookie Object recognized!
Type : File
Data : administrador@doubleclick[1].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Administrador\Configuración local\Temp\Cookies\

Created on : 01/07/2004 18:25:42
Last accessed : 15/07/2004 22:56:15
Last modified : 01/07/2004 18:28:40

Tracking Cookie Object recognized!
Type : File
Data : administrador@mediaplex[1].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Administrador\Configuración local\Temp\Cookies\

Created on : 01/07/2004 19:59:24
Last accessed : 15/07/2004 22:56:15
Last modified : 01/07/2004 19:59:28

Tracking Cookie Object recognized!
Type : File
Data : administrador@paycounter[2].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Administrador\Configuración local\Temp\Cookies\

Created on : 01/07/2004 18:06:57
Last accessed : 15/07/2004 22:56:16
Last modified : 01/07/2004 18:06:57

Tracking Cookie Object recognized!
Type : File
Data : administrador@qksrv[1].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Administrador\Configuración local\Temp\Cookies\

Created on : 10/06/2004 0:38:18
Last accessed : 15/07/2004 22:56:16
Last modified : 10/06/2004 0:38:18

Tracking Cookie Object recognized!
Type : File
Data : [email protected][2].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Administrador\Configuración local\Temp\Cookies\

Created on : 10/06/2004 0:40:50
Last accessed : 15/07/2004 22:56:16
Last modified : 10/06/2004 0:40:50

Tracking Cookie Object recognized!
Type : File
Data : administrador@sexlist[2].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Administrador\Configuración local\Temp\Cookies\

Created on : 01/07/2004 17:58:04
Last accessed : 15/07/2004 22:56:16
Last modified : 01/07/2004 17:58:04

Tracking Cookie Object recognized!
Type : File
Data : administrador@tradedoubler[1].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Administrador\Configuración local\Temp\Cookies\

Created on : 01/07/2004 22:13:33
Last accessed : 15/07/2004 22:56:16
Last modified : 01/07/2004 22:13:33

Tracking Cookie Object recognized!
Type : File
Data : administrador@xxxcounter[1].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Administrador\Configuración local\Temp\Cookies\

Created on : 01/07/2004 17:58:15
Last accessed : 15/07/2004 22:56:17
Last modified : 01/07/2004 17:58:15

Tracking Cookie Object recognized!
Type : File
Data : administrador@bfast[2].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Administrador\Cookies\

Created on : 14/07/2004 23:35:02
Last accessed : 15/07/2004 22:57:07
Last modified : 14/07/2004 23:35:03

Tracking Cookie Object recognized!
Type : File
Data : administrador@doubleclick[1].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Administrador\Cookies\

Created on : 15/07/2004 0:14:30
Last accessed : 15/07/2004 22:57:07
Last modified : 15/07/2004 0:15:43

Tracking Cookie Object recognized!
Type : File
Data : administrador@fastclick[2].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Administrador\Cookies\

Created on : 14/07/2004 22:24:43
Last accessed : 15/07/2004 22:57:08
Last modified : 14/07/2004 22:24:57

Tracking Cookie Object recognized!
Type : File
Data : administrador@gator[1].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Administrador\Cookies\

Created on : 14/07/2004 22:24:45
Last accessed : 15/07/2004 22:57:08
Last modified : 14/07/2004 22:24:58

Tracking Cookie Object recognized!
Type : File
Data : [email protected][1].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Administrador\Cookies\

Created on : 15/07/2004 0:16:06
Last accessed : 15/07/2004 22:57:08
Last modified : 15/07/2004 0:16:06

Tracking Cookie Object recognized!
Type : File
Data : administrador@hitbox[1].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Administrador\Cookies\

Created on : 15/07/2004 0:16:03
Last accessed : 15/07/2004 22:57:08
Last modified : 15/07/2004 0:16:06

Tracking Cookie Object recognized!
Type : File
Data : administrador@paycounter[2].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Administrador\Cookies\

Created on : 15/07/2004 0:28:01
Last accessed : 15/07/2004 22:57:08
Last modified : 15/07/2004 0:28:01

Disk scan result for C:\
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 29

Deep scanning and examining files (D:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Disk scan result for D:\
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 29

Deep scanning and examining files (E:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Disk scan result for E:\
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 29

Deep scanning and examining files (F:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Disk scan result for F:\
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 29

Deep scanning and examining files (G:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Disk scan result for G:\
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 29

Deep scanning and examining files (H:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Disk scan result for H:\
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 29

Scanning Hosts file(C:\WINNT\system32\drivers\etc\hosts)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Hosts file scan result:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
1 entries scanned.
New objects :0
Objects found so far: 29

Performing conditional scans..
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

PeopleOnPage Object recognized!
Type : Folder
Category : Data Miner
Comment :
Object : c:\docume~1\admini~1\config~1\temp\~apropos0

PeopleOnPage Object recognized!
Type : Folder
Category : Data Miner
Comment :
Object : c:\docume~1\admini~1\config~1\temp\~compoundinst0

PeopleOnPage Object recognized!
Type : File
Data : auf0.exe
Category : Data Miner
Comment :
Object : c:\docume~1\admini~1\config~1\temp\
FileSize : 1471 KB
Created on : 14/01/2004 19:25:59
Last accessed : 15/07/2004 23:04:51
Last modified : 14/01/2004 19:27:02

PeopleOnPage Object recognized!
Type : File
Data : atla.dll
Category : Data Miner
Comment :
Object : c:\docume~1\admini~1\config~1\temp\~apropos0\
FileSize : 72 KB
FileVersion : 3.00.8449
ProductVersion : 6.00.8449
Copyright : Copyright
CompanyName : Microsoft Corporation
FileDescription : ATL Module for Windows (ANSI)
InternalName : ATL
OriginalFilename : ATL.DLL
ProductName : Microsoft (R) Visual C++
Created on : 14/01/2004 20:23:10
Last accessed : 15/07/2004 23:04:51
Last modified : 14/01/2004 20:23:10

PeopleOnPage Object recognized!
Type : File
Data : atlw.dll
Category : Data Miner
Comment :
Object : c:\docume~1\admini~1\config~1\temp\~apropos0\
FileSize : 73 KB
FileVersion : 3.00.9435
ProductVersion : 6.00.9435
Copyright : Copyright
CompanyName : Microsoft Corporation
FileDescription : ATL Module for Windows NT (Unicode)
InternalName : ATL
OriginalFilename : ATL.DLL
ProductName : Microsoft (R) Visual C++
Created on : 14/01/2004 20:23:10
Last accessed : 15/07/2004 23:04:51
Last modified : 14/01/2004 20:23:10

PeopleOnPage Object recognized!
Type : File
Data : setup.inf
Category : Data Miner
Comment :
Object : c:\docume~1\admini~1\config~1\temp\~apropos0\
FileSize : 1 KB
Created on : 14/01/2004 20:23:11
Last accessed : 15/07/2004 23:04:51
Last modified : 14/01/2004 20:23:11

CoolWebSearch Object recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
Value : ITBarLayout

Conditional scan result:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 7
Objects found so far: 36

1:04:53 Scan complete

Summary of this scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Total scanning time :00:19:55:519
Objects scanned :80720
Objects identified :36
Objects ignored :0
New objects :36

-------------------------------------------------------------------------------------

[ad-ware 6 log (17-07 00.55).TXT]

Lavasoft Ad-aware Personal Build 6.181
Logfile created on :sábado, 17 de julio de 2004 0:42:02
Created with Ad-aware Personal, free for private use.
Using reference-file :01R332 12.07.2004
______________________________________________________

Reffile status:
=========================
Reference file loaded:
Reference Number : 01R332 12.07.2004
Internal build : 264
File location : C:\Archivos de programa\Lavasoft\Ad-aware 6\reflist.ref
Total size : 1304680 Bytes
Signature data size : 1283888 Bytes
Reference data size : 20728 Bytes
Signatures total : 28484
Target categories : 10
Target families : 520

Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium II
Memory available:74 %
Total physical memory:261684 kb
Available physical memory:192540 kb
Total page file size:632856 kb
Available on page file:564420 kb
Total virtual memory:2097024 kb
Available virtual memory:2053092 kb
OS:Windows 2000

Ad-aware Settings
=========================
Set : Activate in-depth scan (Recommended)
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file

Extended Ad-aware Settings
=========================
Set : Unload recognized processes during scanning
Set : Include basic Ad-aware settings in logfile
Set : Include additional Ad-aware settings in logfile
Set : Let windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Always back up reference file, before updating
Set : Play sound if scan produced a result

17-07-2004 0:42:02 - Scan started. (Custom mode)

Listing running processes
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ThreadCreationTime : 16-07-2004 22:37:55
BasePriority : Normal

#:2 [winlogon.exe]
FilePath : \??\C:\WINNT\SYSTEM32\
ThreadCreationTime : 16-07-2004 22:38:19
BasePriority : High

#:3 [services.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 16-07-2004 22:38:26
BasePriority : Normal
FileSize : 87 KB
FileVersion : 5.00.2195.6700
ProductVersion : 5.00.2195.6700
Copyright : Copyright (C) Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Aplicaci
InternalName : services.exe
OriginalFilename : services.exe
ProductName : Sistema operativo Microsoft(R) Windows (R) 2000
Created on : 02/09/2003 16:58:57
Last accessed : 16/07/2004 22:36:32
Last modified : 19/06/2003 19:05:04

#:4 [lsass.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 16-07-2004 22:38:26
BasePriority : Normal
FileSize : 36 KB
FileVersion : 5.00.2195.6695
ProductVersion : 5.00.2195.6695
Copyright : Copyright (C) Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : DLL de servidor y ejecutable LSA (versi
InternalName : lsasrv.dll and lsass.exe
OriginalFilename : lsasrv.dll and lsass.exe
ProductName : Sistema operativo Microsoft(R) Windows(R) 2000
Created on : 02/09/2003 16:58:54
Last accessed : 16/07/2004 22:36:32
Last modified : 19/06/2003 19:05:04

#:5 [svchost.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 16-07-2004 22:38:32
BasePriority : Normal
FileSize : 7 KB
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
Copyright : Copyright (C) Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft(R) Windows (R) 2000 Operating System
Created on : 01/12/1999 8:40:16
Last accessed : 16/07/2004 22:38:32
Last modified : 01/12/1999 8:40:16

#:6 [winmgmt.exe]
FilePath : C:\WINNT\System32\WBEM\
ThreadCreationTime : 16-07-2004 22:38:34
BasePriority : Normal
FileSize : 192 KB
FileVersion : 1.50.1085.0100
ProductVersion : 1.50.1085.0100
Copyright : Copyright (C) Microsoft Corp. 1995-1999
CompanyName : Microsoft Corporation
FileDescription : Instrumental de administraci
InternalName : WINMGMT
ProductName : Instrumental de administraci
Created on : 23/11/2003 1:15:57
Last accessed : 16/07/2004 22:38:34
Last modified : 19/06/2003 19:05:04

#:7 [userinit.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 16-07-2004 22:40:37
BasePriority : Normal
FileSize : 17 KB
FileVersion : 5.00.2195.6612
ProductVersion : 5.00.2195.6612
Copyright : Copyright (C) Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Aplicaci
InternalName : userinit
OriginalFilename : USERINIT.EXE
ProductName : Sistema operativo Microsoft(R) Windows (R) 2000
Created on : 02/09/2003 16:58:57
Last accessed : 16/07/2004 22:40:37
Last modified : 19/06/2003 19:05:04

#:8 [explorer.exe]
FilePath : C:\WINNT\
ThreadCreationTime : 16-07-2004 22:40:39
BasePriority : Normal
FileSize : 238 KB
FileVersion : 5.00.3700.6690
ProductVersion : 5.00.3700.6690
Copyright : Copyright (C) Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
OriginalFilename : EXPLORER.EXE
ProductName : Microsoft(R) Windows (R) 2000 Operating System
Created on : 22/11/2003 23:54:10
Last accessed : 16/07/2004 22:40:39
Last modified : 19/06/2003 19:05:04

#:9 [ad-aware.exe]
FilePath : C:\Archivos de programa\Lavasoft\Ad-aware 6\
ThreadCreationTime : 16-07-2004 22:41:47
BasePriority : Normal
FileSize : 668 KB
FileVersion : 6.0.1.181
ProductVersion : 6.0.0.0
Copyright : Copyright
CompanyName : Lavasoft Sweden
FileDescription : Ad-aware 6 core application
InternalName : Ad-aware.exe
OriginalFilename : Ad-aware.exe
ProductName : Lavasoft Ad-aware Plus
Created on : 26/06/2004 17:27:44
Last accessed : 16/07/2004 22:41:47
Last modified : 12/07/2003 20:00:20

Memory scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0

Started registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0

Started deep registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Possible browser hijack attempt : Software\Microsoft\Internet Explorer\MainStart Pageabout:blank

Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "about:blank"
Category : Data Miner
Comment : Possible browser hijack attempt
Rootkey : HKEY_CURRENT_USER
Object : Software\Microsoft\Internet Explorer\Main
Value : Start Page
Data : "about:blank"

Possible browser hijack attempt : Software\Microsoft\Internet Explorer\MainStart Pageabout:blank

Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "about:blank"
Category : Data Miner
Comment : Possible browser hijack attempt
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Internet Explorer\Main
Value : Start Page
Data : "about:blank"

Possible browser hijack attempt : .Default\Software\Microsoft\Internet Explorer\MainStart Pageabout:blank

Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "about:blank"
Category : Data Miner
Comment : Possible browser hijack attempt
Rootkey : HKEY_USERS
Object : .Default\Software\Microsoft\Internet Explorer\Main
Value : Start Page
Data : "about:blank"

Possible browser hijack attempt : Software\Microsoft\Internet Explorer\MainSearch Pagetemp\sp.html

Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "file://C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\sp.html"
Category : Data Miner
Comment : Possible browser hijack attempt
Rootkey : HKEY_CURRENT_USER
Object : Software\Microsoft\Internet Explorer\Main
Value : Search Page
Data : "file://C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\sp.html"

Possible browser hijack attempt : Software\Microsoft\Internet Explorer\MainSearch Bartemp\sp.html

Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "file://C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\sp.html"
Category : Data Miner
Comment : Possible browser hijack attempt
Rootkey : HKEY_CURRENT_USER
Object : Software\Microsoft\Internet Explorer\Main
Value : Search Bar
Data : "file://C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\sp.html"

Possible browser hijack attempt : Software\Microsoft\Internet Explorer\SearchSearchAssistanttemp\sp.html

Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "file://C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\sp.html"
Category : Data Miner
Comment : Possible browser hijack attempt
Rootkey : HKEY_CURRENT_USER
Object : Software\Microsoft\Internet Explorer\Search
Value : SearchAssistant
Data : "file://C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\sp.html"

Possible browser hijack attempt : Software\Microsoft\Internet Explorer\MainSearch Pagetemp\sp.html

Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "file://C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\sp.html"
Category : Data Miner
Comment : Possible browser hijack attempt
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Internet Explorer\Main
Value : Search Page
Data : "file://C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\sp.html"

Possible browser hijack attempt : Software\Microsoft\Internet Explorer\MainSearch Bartemp\sp.html

Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "file://C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\sp.html"
Category : Data Miner
Comment : Possible browser hijack attempt
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Internet Explorer\Main
Value : Search Bar
Data : "file://C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\sp.html"

Possible browser hijack attempt : Software\Microsoft\Internet Explorer\SearchSearchAssistanttemp\sp.html

Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "file://C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\sp.html"
Category : Data Miner
Comment : Possible browser hijack attempt
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Internet Explorer\Search
Value : SearchAssistant
Data : "file://C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\sp.html"

Possible browser hijack attempt : .Default\Software\Microsoft\Internet Explorer\MainSearch Pagetemp\sp.html

Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "file://C:\WINNT\TEMP\sp.html"
Category : Data Miner
Comment : Possible browser hijack attempt
Rootkey : HKEY_USERS
Object : .Default\Software\Microsoft\Internet Explorer\Main
Value : Search Page
Data : "file://C:\WINNT\TEMP\sp.html"

Possible browser hijack attempt : .Default\Software\Microsoft\Internet Explorer\MainSearch Bartemp\sp.html

Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "file://C:\WINNT\TEMP\sp.html"
Category : Data Miner
Comment : Possible browser hijack attempt
Rootkey : HKEY_USERS
Object : .Default\Software\Microsoft\Internet Explorer\Main
Value : Search Bar
Data : "file://C:\WINNT\TEMP\sp.html"

Possible browser hijack attempt : .Default\Software\Microsoft\Internet Explorer\SearchSearchAssistanttemp\sp.html

Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "file://C:\WINNT\TEMP\sp.html"
Category : Data Miner
Comment : Possible browser hijack attempt
Rootkey : HKEY_USERS
Object : .Default\Software\Microsoft\Internet Explorer\Search
Value : SearchAssistant
Data : "file://C:\WINNT\TEMP\sp.html"

CoolWebSearch Object recognized!
Type : RegKey
Data :
Category : Malware
Comment : c:\winnt\system32\aok.dll
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{30D24C24-EA2F-41FC-8BCF-4CAE6277F0E9}

CoolWebSearch Object recognized!
Type : File
Data : aok.dll
Category : Malware
Comment :
Object : c:\winnt\system32\
FileSize : 30 KB
Created on : 16/07/2004 16:11:36
Last accessed : 16/07/2004 21:55:56
Last modified : 16/07/2004 16:11:36

CoolWebSearch Object recognized!
Type : RegKey
Data :
Category : Malware
Comment : c:\winnt\system32\aok.dll
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{B15CB30E-1EAA-472F-BF70-ED1FD32C1EA2}

CoolWebSearch Object recognized!
Type : RegKey
Data :
Category : Malware
Comment : c:\winnt\system32\aok.dll
Rootkey : HKEY_CLASSES_ROOT
Object : PROTOCOLS\Filter\text/html

CoolWebSearch Object recognized!
Type : RegKey
Data :
Category : Malware
Comment : c:\winnt\system32\aok.dll
Rootkey : HKEY_CLASSES_ROOT
Object : PROTOCOLS\Filter\text/plain

CoolWebSearch Object recognized!
Type : RegKey
Data :
Category : Malware
Comment : c:\winnt\system32\aok.dll
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30D24C24-EA2F-41FC-8BCF-4CAE6277F0E9}

Deep registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 17
Objects found so far: 18

Deep scanning and examining files (A:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Disk scan result for A:\
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 18

Deep scanning and examining files (C:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Tracking Cookie Object recognized!
Type : File
Data : administrador@2o7[1].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Administrador\Cookies\

Created on : 16/07/2004 22:30:03
Last accessed : 16/07/2004 22:30:03
Last modified : 16/07/2004 22:30:03

Tracking Cookie Object recognized!
Type : File
Data : [email protected][1].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Administrador\Cookies\

Created on : 16/07/2004 20:54:35
Last accessed : 16/07/2004 22:46:44
Last modified : 16/07/2004 21:11:28

Tracking Cookie Object recognized!
Type : File
Data : administrador@atdmt[2].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Administrador\Cookies\

Created on : 16/07/2004 16:18:55
Last accessed : 16/07/2004 22:46:44
Last modified : 16/07/2004 16:18:55

Tracking Cookie Object recognized!
Type : File
Data : administrador@doubleclick[2].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Administrador\Cookies\

Created on : 16/07/2004 20:34:50
Last accessed : 16/07/2004 22:46:44
Last modified : 16/07/2004 20:34:54

Tracking Cookie Object recognized!
Type : File
Data : administrador@fastclick[1].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Administrador\Cookies\

Created on : 16/07/2004 17:00:42
Last accessed : 16/07/2004 22:46:44
Last modified : 16/07/2004 17:00:42

Tracking Cookie Object recognized!
Type : File
Data : administrador@gator[1].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Administrador\Cookies\

Created on : 16/07/2004 16:57:43
Last accessed : 16/07/2004 22:46:44
Last modified : 16/07/2004 16:58:07

Tracking Cookie Object recognized!
Type : File
Data : administrador@mediaplex[1].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Administrador\Cookies\

Created on : 16/07/2004 20:34:51
Last accessed : 16/07/2004 22:46:45
Last modified : 16/07/2004 20:34:51

Disk scan result for C:\
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 25

Deep scanning and examining files (D:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Disk scan result for D:\
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 25

Deep scanning and examining files (E:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Disk scan result for E:\
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 25

Deep scanning and examining files (F:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Disk scan result for F:\
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 25

Deep scanning and examining files (G:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Disk scan result for G:\
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 25

Deep scanning and examining files (H:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Disk scan result for H:\
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 25

Scanning Hosts file(C:\WINNT\system32\drivers\etc\hosts)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Hosts file scan result:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
1 entries scanned.
New objects :0
Objects found so far: 25

Performing conditional scans..
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

CoolWebSearch Object recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
Value : ITBarLayout

CoolWebSearch Object recognized!
Type : File
Data : sp.html
Category : Malware
Comment :
Object : c:\docume~1\admini~1\config~1\temp\
FileSize : 7 KB
Created on : 16/07/2004 16:17:48
Last accessed : 16/07/2004 22:26:06
Last modified : 16/07/2004 22:26:06

Conditional scan result:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 2
Objects found so far: 27

0:54:45 Scan complete

Summary of this scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Total scanning time :00:12:41:104
Objects scanned :79917
Objects identified :27
Objects ignored :0
New objects :27

hombredelcubo · « **Respuesta #15 en:** 18 de Julio de 2004, 11:57:40 pm »

tengo noticias nuevas:
resulta que he estado mirando un poco esto de los spyware y decidi bajarme dos programas : Cwshredder y X-Cleaner Freeware Version 2.0 y parece que el ordena me va mejor, tuve que cambiar la pagina de inicio pero de momento no me vuelto a infectar o que aparecieran los sintomas...
otra cosa, estoy pasando el adware y siempre me encuentra algo, aunq ya no me encuentra veintitantos que me encontraba antes. ahora solo 7, esto es normal o porque se produce que nunca esta limpio del todo ?
muchas gracias por todo

choche · « **Respuesta #16 en:** 19 de Julio de 2004, 03:09:13 am »

Citar

es normal o porque se produce que nunca esta limpio del todo?

Si es normal, seguramente sólo sean cookies.

El Cwshredder está especialmente diseñada para eliminar de tu sistema todos los elementos de spyware relacionados con CoolWebSearch.

hombredelcubo · « **Respuesta #17 en:** 19 de Julio de 2004, 09:42:45 pm »

yo no se que tiene este ordenador pero es indescriptible, no pasa de un dia y ya me ha vuelto a pasarme!! tiene solucion antes de formatearlo??

yo no se que hare o que es lo q pasa que reactiva el espia!!!

Noticias:

Autor Tema: Adware.Mainsearch (Leído 7127 veces)