mi sistema operativo es wxp
y si les sirve les mando el log de hijack
Logfile of HijackThis v1.97.7
Scan saved at 15:47:20, on 30/08/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Archivos de programa\Analog Devices\SoundMAX\Smtray.exe
C:\Archivos de programa\Archivos comunes\Symantec Shared\ccApp.exe
C:\Archivos de programa\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
C:\WINDOWS\system32\crlh32.exe
C:\Archivos de programa\Webroot\Spy Sweeper\SpySweeper.exe
C:\Archivos de programa\Roxio\GoBack\GBTray.exe
C:\WINDOWS\System32\alg.exe
C:\Archivos de programa\Archivos comunes\Symantec Shared\ccEvtMgr.exe
C:\Archivos de programa\Roxio\GoBack\GBPoll.exe
C:\ARCHIV~1\NORTON~1\NORTON~2\GHOSTS~2.EXE
C:\Archivos de programa\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Archivos de programa\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\winsk32.exe
C:\ARCHIV~1\NORTON~1\SPEEDD~1\nopdb.exe
C:\Archivos de programa\Internet Explorer\iexplore.exe
C:\Archivos de programa\Internet Explorer\iexplore.exe
C:\Archivos de programa\Messenger\msmsgs.exe
C:\Archivos de programa\MSN Messenger\msnmsgr.exe
C:\hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\ezkka.dll/sp.html#96676
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\ezkka.dll/sp.html#96676
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\ezkka.dll/sp.html#96676
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\ezkka.dll/sp.html#96676
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\ezkka.dll/sp.html#96676
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\ezkka.dll/sp.html#96676
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\ezkka.dll/sp.html#96676
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: (no name) - {9F97CFF5-375A-33DC-D005-0D4AA0EFAF4D} - C:\WINDOWS\system32\atlgl32.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Archivos de programa\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Archivos de programa\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Smapp] C:\Archivos de programa\Analog Devices\SoundMAX\Smtray.exe
O4 - HKLM\..\Run: [ccApp] "C:\Archivos de programa\Archivos comunes\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Archivos de programa\Archivos comunes\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Archivos de programa\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [crlh32.exe] C:\WINDOWS\system32\crlh32.exe
O4 - HKCU\..\Run: [SpySweeper] "C:\Archivos de programa\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Archivos de programa\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: GoBack.lnk = C:\Archivos de programa\Roxio\GoBack\GBTray.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Archivos de programa\Microsoft Office\Office\OSA9.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O16 - DPF: ConferenceRoom Java Client -
http://207.22.51.94/java/cr.cabO16 - DPF: Contains -
O16 - DPF: DownloadInformation -
O16 - DPF: InstalledVersion -
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zone.msn.com/binary/msgrchkr.cab28578.cabO16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} (Microsoft Office Template and Media Control) -
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) -
http://download.macromedia.com/pub/shockwave/cabs/director/sw.cabO16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) -
http://messenger.zone.msn.com/binary/MineSweeper.cab28177.cabO16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/MessengerStatsClient.cabO16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} -
http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38055.870462963O16 - DPF: {C4660846-8760-4852-8154-82438E33E383} (FileSharingCtrl Class) -
http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/es/filesharingctrl.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab y tambien les mando el log del ad aware
Lavasoft Ad-aware Personal Build 6.181
Logfile creado:domingo, 29 de agosto de 2004 15:54:25
Created with Ad-aware Personal, free for private use.
Usando archivo de referencia:01R339 26.08.2004
______________________________________________________
Reffile status:
=========================
archivo de la referencia cargado:
Reference Number : 01R339 26.08.2004
Internal build : 273
File location : C:\Archivos de programa\Lavasoft\Ad-aware 6\reflist.ref
Total size : 1322054 Bytes
Signature data size : 1300703 Bytes
Reference data size : 21287 Bytes
Signatures total : 28779
Target categories : 10
Target families : 537
Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium IV
Memory available:30 %
Total physical memory:260912 kb
Available physical memory:76416 kb
Total page file size:641048 kb
Available on page file:470828 kb
Total virtual memory:2097024 kb
Available virtual memory:2054832 kb
OS:
Ad-aware Settings
=========================
Juego : Activar escaneo en profundidad
Juego : Modo seguro (siempre pide una confirmación)
Juego : Escanear procesos activos
Juego : Escanear registro
Juego : Escanear registro a fondo
Juego : Escanear Favorito de IE para los sitios prohibidos
Juego : Escanear dentro de los archivos
Juego : Scan my Hosts file
Extended Ad-aware Settings
=========================
Juego : Unload recognized processes during scanning
Juego : Reanalyze result after scanning, before displaying result list
Juego : Run scan as background process (Low CPU usage)
Juego : Include basic Ad-aware settings in logfile
Juego : Include additional Ad-aware settings in logfile
Juego : Automatically try to unregister objects prior to deletion
Juego : Let windows remove files in use at next reboot
Juego : Delete quarantined objects after restoring
Juego : Remember window positions
Juego : Snap windows to desktop border
Juego : Always back up reference file, before updating
Juego : Create and save WebUpdate logfile
Juego : Dump details about unhandled exceptions to disk
Juego : Play sound if scan produced a result
29-08-2004 15:54:25 - Scan started. (Custom mode)
Listando procesos activos
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ThreadCreationTime : 29-08-2004 18:12:56
BasePriority : Normal
#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ThreadCreationTime : 29-08-2004 18:12:57
BasePriority : Normal
#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ThreadCreationTime : 29-08-2004 18:12:58
BasePriority : High
#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 29-08-2004 18:12:58
BasePriority : Normal
FileSize : 99 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
Copyright : Copyright (C) Microsoft Corporation. Reservados todos los derechos.
CompanyName : Microsoft Corporation
FileDescription : Aplicaci
InternalName : services.exe
OriginalFilename : services.exe
ProductName : Sistema operativo Microsoft
Created on : 24/08/2001 10:00:00
Last accessed : 29/08/2004 18:50:36
Last modified : 24/08/2001 10:00:00
#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 29-08-2004 18:12:58
BasePriority : Normal
FileSize : 11 KB
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
OriginalFilename : lsass.exe
ProductName : Microsoft
Created on : 24/08/2001 10:00:00
Last accessed : 29/08/2004 18:50:36
Last modified : 09/09/2002 16:51:32
#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 29-08-2004 18:12:59
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 24/08/2001 10:00:00
Last accessed : 29/08/2004 18:50:36
Last modified : 24/08/2001 10:00:00
#:7 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 29-08-2004 18:12:59
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 24/08/2001 10:00:00
Last accessed : 29/08/2004 18:50:36
Last modified : 24/08/2001 10:00:00
#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 29-08-2004 18:13:00
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 24/08/2001 10:00:00
Last accessed : 29/08/2004 18:50:36
Last modified : 24/08/2001 10:00:00
#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 29-08-2004 18:13:00
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 24/08/2001 10:00:00
Last accessed : 29/08/2004 18:50:36
Last modified : 24/08/2001 10:00:00
#:10 [explorer.exe]
FilePath : C:\WINDOWS\
ThreadCreationTime : 29-08-2004 18:13:01
BasePriority : Normal
FileSize : 983 KB
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
CompanyName : Microsoft Corporation
FileDescription : Explorador de Windows
InternalName : explorer
OriginalFilename : EXPLORER.EXE
ProductName : Sistema operativo Microsoft
Created on : 28/08/2004 3:08:31
Last accessed : 29/08/2004 18:52:36
Last modified : 09/09/2002 16:51:28
#:11 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 29-08-2004 18:13:02
BasePriority : Normal
FileSize : 50 KB
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
OriginalFilename : spoolsv.exe
ProductName : Microsoft
Created on : 24/08/2001 10:00:00
Last accessed : 29/08/2004 18:50:36
Last modified : 24/08/2001 10:00:00
#:12 [smtray.exe]
FilePath : C:\Archivos de programa\Analog Devices\SoundMAX\
ThreadCreationTime : 29-08-2004 18:13:03
BasePriority : Normal
FileSize : 80 KB
FileVersion : 3, 0, 205, 0
ProductVersion : 3, 0, 205, 0
Copyright : Copyright
CompanyName : Analog Devices, Inc.
FileDescription : SoundMAX System Tray
InternalName : SMTray
OriginalFilename : SMTray.exe
ProductName : SoundMAX Integrated Digital Audio
Created on : 08/05/2003 4:27:05
Last accessed : 29/08/2004 18:12:56
Last modified : 30/01/2002 13:31:54
#:13 [ccapp.exe]
FilePath : C:\Archivos de programa\Archivos comunes\Symantec Shared\
ThreadCreationTime : 29-08-2004 18:13:03
BasePriority : Normal
FileSize : 54 KB
FileVersion : 1.08.01
ProductVersion : 1.08.01
Copyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Common Client CC App
InternalName : ccApp
OriginalFilename : ccApp.exe
ProductName : Common Client
Created on : 21/08/2003 21:53:24
Last accessed : 29/08/2004 18:12:56
Last modified : 15/07/2003 17:58:08
#:14 [ghoststarttrayapp.exe]
FilePath : C:\Archivos de programa\Norton SystemWorks\Norton Ghost\
ThreadCreationTime : 29-08-2004 18:13:03
BasePriority : Normal
FileSize : 92 KB
FileVersion : 2003.775
ProductVersion : 2003.775
Copyright : Copyright (C) 1998-2002 Symantec Corp. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Norton Ghost Start
InternalName : GhostStartTrayApp
OriginalFilename : GhostStartTrayApp.exe
ProductName : Norton Ghost Start
Created on : 21/08/2002 5:15:36
Last accessed : 29/08/2004 18:12:56
Last modified : 21/08/2002 5:15:36
#:15 [crlh32.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 29-08-2004 18:13:03
BasePriority : Normal
FileSize : 26 KB
Created on : 13/08/2004 13:45:59
Last accessed : 29/08/2004 18:12:56
Last modified : 13/08/2004 13:46:01
#:16 [spysweeper.exe]
FilePath : C:\Archivos de programa\Webroot\Spy Sweeper\
ThreadCreationTime : 29-08-2004 18:13:03
BasePriority : Normal
FileSize : 3135 KB
FileVersion : 3.0.0.129
ProductVersion : 3.0i
Copyright : Copyright (c) 2001-2004 Webroot Software, Inc.
CompanyName : Webroot Software, Inc.
FileDescription : Spy Sweeper
ProductName : Spy Sweeper
Created on : 20/07/2004 16:48:00
Last accessed : 29/08/2004 18:12:56
Last modified : 20/07/2004 16:48:00
#:17 [teatimer.exe]
FilePath : C:\Archivos de programa\Spybot - Search & Destroy\
ThreadCreationTime : 29-08-2004 18:13:03
BasePriority : Idle
FileSize : 1014 KB
FileVersion : 1, 3, 0, 12
ProductVersion : 1, 3, 0, 12
CompanyName : Safer Networking Limited
FileDescription : System settings protector
InternalName : TeaTimer
OriginalFilename : TeaTimer.exe
ProductName : Spybot - Search & Destroy
Created on : 12/05/2004 4:03:00
Last accessed : 29/08/2004 18:12:56
Last modified : 12/05/2004 4:03:00
#:18 [gbtray.exe]
FilePath : C:\Archivos de programa\Roxio\GoBack\
ThreadCreationTime : 29-08-2004 18:13:03
BasePriority : Normal
FileSize : 512 KB
FileVersion : 3.11.59
ProductVersion : 3.11.59
Copyright : Copyright
CompanyName : Roxio, Inc.
FileDescription : GoBack Tray Icon
InternalName : GoBack Tray Icon
OriginalFilename : GBTray.exe
ProductName : GoBack
Created on : 12/05/2003 17:50:48
Last accessed : 29/08/2004 18:12:56
Last modified : 21/01/2002 8:02:56
#:19 [alg.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 29-08-2004 18:13:10
BasePriority : Normal
FileSize : 41 KB
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
OriginalFilename : ALG.exe
ProductName : Microsoft
Created on : 28/08/2004 3:08:26
Last accessed : 29/08/2004 18:50:36
Last modified : 09/09/2002 16:51:24
#:20 [ccevtmgr.exe]
FilePath : C:\Archivos de programa\Archivos comunes\Symantec Shared\
ThreadCreationTime : 29-08-2004 18:13:10
BasePriority : Normal
FileSize : 309 KB
FileVersion : 1.03.4
ProductVersion : 1.03.4
Copyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Event Manager Service
InternalName : ccEvtMgr
OriginalFilename : ccEvtMgr.exe
ProductName : Event Manager
Created on : 13/05/2003 7:38:05
Last accessed : 29/08/2004 18:50:36
Last modified : 03/12/2002 12:52:12
#:21 [gbpoll.exe]
FilePath : C:\Archivos de programa\Roxio\GoBack\
ThreadCreationTime : 29-08-2004 18:13:10
BasePriority : Normal
FileSize : 496 KB
FileVersion : 3.11.59
ProductVersion : 3.11.59
Copyright : Copyright
CompanyName : Roxio, Inc.
FileDescription : GoBack Autorun Menu
InternalName : GoBack Autorun Menu
OriginalFilename : Autorun.exe
ProductName : GoBack
Created on : 12/05/2003 17:50:48
Last accessed : 29/08/2004 18:50:36
Last modified : 21/01/2002 8:01:56
#:22 [ghosts~2.exe]
FilePath : C:\ARCHIV~1\NORTON~1\NORTON~2\
ThreadCreationTime : 29-08-2004 18:13:11
BasePriority : Normal
FileSize : 196 KB
FileVersion : 2003.775
ProductVersion : 2003.775
Copyright : Copyright (C) 1998-2002 Symantec Corp. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Norton Ghost Start
InternalName : GhostStartService
OriginalFilename : GhostStartService.exe
ProductName : Norton Ghost Start Service
#:23 [navapsvc.exe]
FilePath : C:\Archivos de programa\Norton SystemWorks\Norton AntiVirus\
ThreadCreationTime : 29-08-2004 18:13:11
BasePriority : Normal
FileSize : 113 KB
FileVersion : 9.05.1015
ProductVersion : 9.05.1015
Copyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
OriginalFilename : NAVAPSVC.EXE
ProductName : Norton AntiVirus
Created on : 13/05/2003 5:27:26
Last accessed : 29/08/2004 18:50:36
Last modified : 21/11/2002 5:44:18
#:24 [nprotect.exe]
FilePath : C:\Archivos de programa\Norton SystemWorks\Norton Utilities\
ThreadCreationTime : 29-08-2004 18:13:11
BasePriority : Normal
FileSize : 136 KB
FileVersion : 16.00.0.22
ProductVersion : 16.00.0.22
Copyright : Copyright (C) 2003 Symantec Corporation
CompanyName : Symantec Corporation
FileDescription : Norton Protection Status
InternalName : NPROTECT
OriginalFilename : NPROTECT.EXE
ProductName : Norton Utilities
Created on : 12/05/2003 17:59:47
Last accessed : 29/08/2004 18:50:36
Last modified : 20/08/2002 11:53:12
#:25 [nvsvc32.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 29-08-2004 18:13:11
BasePriority : Normal
FileSize : 80 KB
FileVersion : 6.14.10.5216
ProductVersion : 6.14.10.5216
Copyright : (C) NVIDIA Corporation. All rights reserved.
CompanyName : NVIDIA Corporation
FileDescription : NVIDIA Driver Helper Service, Version 52.16
InternalName : NVSVC
OriginalFilename : nvsvc32.exe
ProductName : NVIDIA Driver Helper Service, Version 52.16
Created on : 06/10/2003 17:16:00
Last accessed : 29/08/2004 18:50:36
Last modified : 06/10/2003 17:16:00
#:26 [winsk32.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 29-08-2004 18:13:14
BasePriority : Normal
FileSize : 10 KB
Created on : 01/08/2004 18:46:40
Last accessed : 29/08/2004 18:50:36
Last modified : 01/08/2004 18:46:40
#:27 [nopdb.exe]
FilePath : C:\ARCHIV~1\NORTON~1\SPEEDD~1\
ThreadCreationTime : 29-08-2004 18:13:15
BasePriority : Normal
FileSize : 168 KB
FileVersion : 7.00.0.24
ProductVersion : 7.00.0.24
Copyright : Copyright (C) 2002
CompanyName : Symantec Corporation
FileDescription : NOPDB
InternalName : NOPDB
OriginalFilename : NOPDB.dll
ProductName : Norton Speed Disk
Created on : 12/05/2003 18:00:51
Last accessed : 29/08/2004 18:50:36
Last modified : 19/08/2002 11:21:22
#:28 [msmsgs.exe]
FilePath : C:\Archivos de programa\Messenger\
ThreadCreationTime : 29-08-2004 18:15:02
BasePriority : Normal
FileSize : 1456 KB
FileVersion : 4.7.2009
ProductVersion : Version 4.7
Copyright : Copyright (c) Microsoft Corporation 1997-2003
CompanyName : Microsoft Corporation
FileDescription : Messenger
InternalName : msmsgs
OriginalFilename : msmsgs.exe
ProductName : Messenger
Created on : 14/04/2003 22:30:14
Last accessed : 29/08/2004 18:45:16
Last modified : 14/04/2003 22:30:14
#:29 [ad-aware.exe]
FilePath : C:\Archivos de programa\Lavasoft\Ad-aware 6\
ThreadCreationTime : 29-08-2004 18:53:54
BasePriority : Idle
FileSize : 668 KB
FileVersion : 6.0.1.181
ProductVersion : 6.0.0.0
Copyright : Copyright
CompanyName : Lavasoft Sweden
FileDescription : Ad-aware 6 core application
InternalName : Ad-aware.exe
OriginalFilename : Ad-aware.exe
ProductName : Lavasoft Ad-aware Plus
Created on : 14/08/2004 0:25:34
Last accessed : 29/08/2004 18:53:54
Last modified : 13/07/2003 0:00:20
Resultados Escaneo de la memoria:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Nuevos objetos: 0
Objetos encontrados hasta ahora: 0
Inicio escaneo del Registro
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Resultados Escaneo del registro:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Nuevos objetos: 0
Objetos encontrados hasta ahora: 0
Inicio escaneo profundo del Registro
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Posible secuestro del navegador : Software\Microsoft\Internet Explorer\MainDefault_Page_URLabout:blank
Possible Browser Hijack attempt Objeto reconocido!
Tipo : RegFecha
Fecha : "about:blank"
Categoria : Data Miner
Comentario : Posible secuestro del navegador
Rootkey : HKEY_LOCAL_MACHINE
Objeto : Software\Microsoft\Internet Explorer\Main
Valor : Default_Page_URL
Fecha : "about:blank"
Resultados Escaneo Profundo del registro:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Nuevos objetos: 1
Objetos encontrados hasta ahora: 1
Escaneando y examinando archivos en profundidad (C:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Resultados Escaneo del disco: C:\
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Nuevos objetos: 0
Objetos encontrados hasta ahora: 1
Performing conditional scans..
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Conditional scan result:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Nuevos objetos: 0
Objetos encontrados hasta ahora: 1
Reanalyzing resultado del Scaneo...
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Ningún objeto ha estado alejado de la lista del resultado.
16:21:20 Escaneo completo
Resumen Del escaneo
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Total tiempo escaneo:00:26:53:843
Objetos Escaneados:145728
Objetos identificados:1
Objetos ignorados:0
Nuevos objetos:1
gracia por ayudarme¡¡¡¡