SEGURIDAD INFORMATICA, Firewall, parches, vacunas, antivirus, anti troyanos, spyware etc > Seguridad Informatica - Firewall - Virus - Troyanos - Spyware - Ad Aware - Malware
Nose si es virus troyano o que pero me esta volviendo loco
ticogotenks:
Ad-Aware SE Build 1.05
Logfile Created on:Domingo, 26 de Diciembre de 2004 20:15:33
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R23 16.12.2004
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Claria(TAC index:7):1 total references
MRU List(TAC index:0):36 total references
Possible Browser Hijack attempt(TAC index:3):1 total references
Tracking Cookie(TAC index:3):82 total references
Win32.Trojan.ByteVerify.A(TAC index:8):6 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R23 16.12.2004
Internal build : 28
File location : C:\Archivos de programa\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 418765 Bytes
Total size : 1325342 Bytes
Signature data size : 1295582 Bytes
Reference data size : 29248 Bytes
Signatures total : 36831
Fingerprints total : 624
Fingerprints size : 23478 Bytes
Target categories : 15
Target families : 634
Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium III
Memory available:62 %
Total physical memory:523760 kb
Available physical memory:321476 kb
Total page file size:1276624 kb
Available on page file:1089328 kb
Total virtual memory:2097024 kb
Available virtual memory:2046464 kb
OS:Microsoft Windows 2000 Professional Service Pack 4 (Build 2195)
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Don't log streams smaller than 0 Bytes
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects
26-12-2004 20:15:33 - Scan started. (Full System Scan)
MRU List Object Recognized!
Location: : S-1-5-21-2025429265-162531612-839522115-500\software\microsoft\windows\currentversion\applets\wordpad\recent file list
Description : list of recent files opened using wordpad
MRU List Object Recognized!
Location: : S-1-5-21-2025429265-162531612-839522115-500\software\microsoft\windows\currentversion\applets\paint\recent file list
Description : list of files recently opened using microsoft paint
MRU List Object Recognized!
Location: : S-1-5-21-2025429265-162531612-839522115-500\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension
MRU List Object Recognized!
Location: : S-1-5-21-2025429265-162531612-839522115-500\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened
MRU List Object Recognized!
Location: : S-1-5-21-2025429265-162531612-839522115-500\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened
MRU List Object Recognized!
Location: : S-1-5-21-2025429265-162531612-839522115-500\software\microsoft\office\10.0\powerpoint\recenttemplatelist
Description : list of recent templates used by microsoft powerpoint
MRU List Object Recognized!
Location: : S-1-5-21-2025429265-162531612-839522115-500\software\microsoft\office\10.0\excel\recent files
Description : list of recent files used by microsoft excel
MRU List Object Recognized!
Location: : S-1-5-21-2025429265-162531612-839522115-500\software\microsoft\office\10.0\powerpoint\recent file list
Description : list of recent files used by microsoft powerpoint
MRU List Object Recognized!
Location: : S-1-5-21-2025429265-162531612-839522115-500\software\microsoft\office\10.0\powerpoint\recent templates
Description : list of recent templates used by microsoft powerpoint
MRU List Object Recognized!
Location: : S-1-5-21-2025429265-162531612-839522115-500\software\adobe\adobe acrobat\5.0\avgeneral\crecentfiles
Description : list of recently used files in adobe acrobat
MRU List Object Recognized!
Location: : S-1-5-21-2025429265-162531612-839522115-500\software\microsoft\mediaplayer\player\recentfilelist
Description : list of recently used files in microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-21-2025429265-162531612-839522115-500\software\microsoft\internet explorer\main
Description : last save directory used in microsoft internet explorer
MRU List Object Recognized!
Location: : S-1-5-21-2025429265-162531612-839522115-500\software\realnetworks\realplayer\6.0\preferences
Description : list of recent skins in realplayer
MRU List Object Recognized!
Location: : S-1-5-21-2025429265-162531612-839522115-500\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer
MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw
MRU List Object Recognized!
Location: : S-1-5-21-2025429265-162531612-839522115-500\software\microsoft\microsoft management console\recent file list
Description : list of recent snap-ins used in the microsoft management console
MRU List Object Recognized!
Location: : S-1-5-21-2025429265-162531612-839522115-500\software\microsoft\office\10.0\common\general
Description : list of recently used symbols in microsoft office
MRU List Object Recognized!
Location: : S-1-5-21-2025429265-162531612-839522115-500\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer
MRU List Object Recognized!
Location: : S-1-5-21-2025429265-162531612-839522115-500\software\microsoft\office\10.0\powerpoint\recent typeface list
Description : list of recently used typefaces in microsoft powerpoint
MRU List Object Recognized!
Location: : S-1-5-21-2025429265-162531612-839522115-500\software\adobe\acrobat reader\5.0\avgeneral\crecentfiles
Description : list of recently used files in adobe reader
MRU List Object Recognized!
Location: : S-1-5-21-2025429265-162531612-839522115-500\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput
MRU List Object Recognized!
Location: : S-1-5-21-2025429265-162531612-839522115-500\software\microsoft\mediaplayer\player\settings
Description : last open directory used in jasc paint shop pro
MRU List Object Recognized!
Location: : S-1-5-21-2025429265-162531612-839522115-500\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d
MRU List Object Recognized!
Location: : software\musicmatch
Description : download location of the musicmatch installer
MRU List Object Recognized!
Location: : S-1-5-21-2025429265-162531612-839522115-500\software\microsoft\mediaplayer\preferences
Description : last playlist index loaded in microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-21-2025429265-162531612-839522115-500\software\realnetworks\realplayer\6.0\preferences
Description : list of recent clips in realplayer
MRU List Object Recognized!
Location: : S-1-5-21-2025429265-162531612-839522115-500\software\microsoft\windows\currentversion\applets\regedit
Description : last key accessed using the microsoft registry editor
MRU List Object Recognized!
Location: : S-1-5-21-2025429265-162531612-839522115-500\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput
MRU List Object Recognized!
Location: : S-1-5-21-2025429265-162531612-839522115-500\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player
MRU List Object Recognized!
Location: : software\musicmatch\musicmatch jukebox\4.0\mmradio
Description : information on the last station listened to using musicmatch radio
MRU List Object Recognized!
Location: : S-1-5-21-2025429265-162531612-839522115-500\software\realnetworks\realplayer\6.0\preferences
Description : last login time in realplayer
MRU List Object Recognized!
Location: : software\musicmatch\musicmatch jukebox\4.0\fileconv
Description : file conversion location settings in musicmatch jukebox
MRU List Object Recognized!
Location: : S-1-5-21-2025429265-162531612-839522115-500\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X
MRU List Object Recognized!
Location: : S-1-5-21-2025429265-162531612-839522115-500\software\microsoft\windows media\wmsdk\general
Description : windows media sdk
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 224
ThreadCreationTime : 26-12-2004 23:10:41
BasePriority : Normal
#:2 [csrss.exe]
FilePath : \??\C:\WINNT\system32\
ProcessID : 248
ThreadCreationTime : 26-12-2004 23:11:04
BasePriority : Normal
#:3 [winlogon.exe]
FilePath : \??\C:\WINNT\system32\
ProcessID : 268
ThreadCreationTime : 26-12-2004 23:11:06
BasePriority : High
#:4 [services.exe]
FilePath : C:\WINNT\system32\
ProcessID : 296
ThreadCreationTime : 26-12-2004 23:11:07
BasePriority : Normal
FileVersion : 5.00.2195.6700
ProductVersion : 5.00.2195.6700
ProductName : Sistema operativo Microsoft(R) Windows (R) 2000
CompanyName : Microsoft Corporation
FileDescription : Aplicación de servicios y controlador
InternalName : services.exe
LegalCopyright : Copyright (C) Microsoft Corp. 1981-1999
OriginalFilename : services.exe
#:5 [lsass.exe]
FilePath : C:\WINNT\system32\
ProcessID : 308
ThreadCreationTime : 26-12-2004 23:11:07
BasePriority : Normal
FileVersion : 5.00.2195.6902
ProductVersion : 5.00.2195.6902
ProductName : Sistema operativo Microsoft(R) Windows(R) 2000
CompanyName : Microsoft Corporation
FileDescription : DLL de servidor y ejecutable LSA (versión de exportación)
InternalName : lsasrv.dll and lsass.exe
LegalCopyright : Copyright (C) Microsoft Corp. 1981-1999
OriginalFilename : lsasrv.dll and lsass.exe
#:6 [svchost.exe]
FilePath : C:\WINNT\system32\
ProcessID : 492
ThreadCreationTime : 26-12-2004 23:11:10
BasePriority : Normal
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
ProductName : Microsoft(R) Windows (R) 2000 Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : Copyright (C) Microsoft Corp. 1981-1999
OriginalFilename : svchost.exe
#:7 [spoolsv.exe]
FilePath : C:\WINNT\system32\
ProcessID : 516
ThreadCreationTime : 26-12-2004 23:11:10
BasePriority : Normal
FileVersion : 5.00.2195.6659
ProductVersion : 5.00.2195.6659
ProductName : Microsoft(R) Windows (R) 2000 Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolss.exe
LegalCopyright : Copyright (C) Microsoft Corp. 1981-1999
OriginalFilename : spoolss.exe
#:8 [blackd.exe]
FilePath : C:\Archivos de programa\ISS\BlackICE\
ProcessID : 548
ThreadCreationTime : 26-12-2004 23:11:10
BasePriority : Normal
FileVersion : 3.6.319
ProductVersion : 3.6
ProductName : Network ICE Corporation blackd
CompanyName : Internet Security Systems, Inc.
FileDescription : blackd
InternalName : BlackICE Daemon
LegalCopyright : Copyright ¨ 1999-200, Internet Security Systems, Inc. All rights reserved worldwide.
LegalTrademarks : BlackICE, Internet Security Systems, Inc.
OriginalFilename : blackd.exe
Comments : Reverse engineering prohibited by license agreement
#:9 [cisvc.exe]
FilePath : C:\WINNT\System32\
ProcessID : 564
ThreadCreationTime : 26-12-2004 23:11:10
BasePriority : Normal
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
ProductName : Microsoft(R) Windows (R) 2000 Operating System
CompanyName : Microsoft Corporation
FileDescription : Content Index service
InternalName : cisvc.exe
LegalCopyright : Copyright (C) Microsoft Corp. 1981-1999
OriginalFilename : cisvc.exe
#:10 [sagent2.exe]
FilePath : C:\Archivos de programa\Archivos comunes\EPSON\EBAPI\
ProcessID : 580
ThreadCreationTime : 26-12-2004 23:11:11
BasePriority : Normal
FileVersion : 1, 2, 0, 0
ProductVersion : 1, 0, 0, 0
ProductName : EPSON Bidirectional Printer
CompanyName : SEIKO EPSON CORPORATION
FileDescription : EPSON Printer Status Agent
InternalName : SAgent2
LegalCopyright : Copyright (C) SEIKO EPSON CORP. 2000
OriginalFilename : SAgent2.exe
#:11 [svchost.exe]
FilePath : C:\WINNT\System32\
ProcessID : 592
ThreadCreationTime : 26-12-2004 23:11:12
BasePriority : Normal
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
ProductName : Microsoft(R) Windows (R) 2000 Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : Copyright (C) Microsoft Corp. 1981-1999
OriginalFilename : svchost.exe
#:12 [nvsvc32.exe]
FilePath : C:\WINNT\system32\
ProcessID : 776
ThreadCreationTime : 26-12-2004 23:11:16
BasePriority : Normal
FileVersion : 6.14.10.6177
ProductVersion : 6.14.10.6177
ProductName : NVIDIA Driver Helper Service, Version 61.77
CompanyName : NVIDIA Corporation
FileDescription : NVIDIA Driver Helper Service, Version 61.77
InternalName : NVSVC
LegalCopyright : (C) NVIDIA Corporation. All rights reserved.
OriginalFilename : nvsvc32.exe
#:13 [rapapp.exe]
FilePath : C:\Archivos de programa\ISS\BlackICE\
ProcessID : 868
ThreadCreationTime : 26-12-2004 23:11:19
BasePriority : Normal
FileVersion : 3.6.25.0
ProductVersion : 3.6
ProductName : Rap Protection System
CompanyName : Internet Security Systems, Inc.
FileDescription : Rap Protection System
InternalName : RapApp
LegalCopyright : Copyright (C) 2002, Internet Security Systems, Inc.
LegalTrademarks : BlackICE, Internet Security Systems, Inc.
OriginalFilename : RapApp.EXE
Comments : Reverse engineering prohibited by license agreement
#:14 [regsvc.exe]
FilePath : C:\WINNT\system32\
ProcessID : 876
ThreadCreationTime : 26-12-2004 23:11:20
BasePriority : Normal
FileVersion : 5.00.2195.6701
ProductVersion : 5.00.2195.6701
ProductName : Microsoft(R) Windows (R) 2000 Operating System
CompanyName : Microsoft Corporation
FileDescription : Remote Registry Service
InternalName : regsvc
LegalCopyright : Copyright (C) Microsoft Corp. 1981-1999
OriginalFilename : REGSVC.EXE
#:15 [mstask.exe]
FilePath : C:\WINNT\system32\
ProcessID : 888
ThreadCreationTime : 26-12-2004 23:11:20
BasePriority : Normal
FileVersion : 4.71.2195.6920
ProductVersion : 4.71.2195.6920
ProductName : Programador de tareas de Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Motor de Programador de tareas
InternalName : TaskScheduler
LegalCopyright : Copyright (C) Microsoft Corp. 1997
OriginalFilename : mstask.exe
#:16 [upserv.exe]
FilePath : C:\Archivos de programa\UPSmart\
ProcessID : 952
ThreadCreationTime : 26-12-2004 23:11:21
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : UPSmart Module
FileDescription : UPSmart Module
InternalName : UPSmart
LegalCopyright : Copyright 1999
OriginalFilename : UPSmart.EXE
#:17 [winmgmt.exe]
FilePath : C:\WINNT\System32\WBEM\
ProcessID : 972
ThreadCreationTime : 26-12-2004 23:11:21
BasePriority : Normal
FileVersion : 1.50.1085.0100
ProductVersion : 1.50.1085.0100
ProductName : Instrumental de administración de Windows
CompanyName : Microsoft Corporation
FileDescription : Instrumental de administración de Windows
InternalName : WINMGMT
LegalCopyright : Copyright (C) Microsoft Corp. 1995-1999
#:18 [wros.exe]
FilePath : C:\Archivos de programa\WinPoET\
ProcessID : 1012
ThreadCreationTime : 26-12-2004 23:11:22
BasePriority : Normal
FileVersion : 1, 1, 2, 0
ProductVersion : 1, 1, 2, 0
ProductName : WinRouter Operating System
CompanyName : iVasion, a Routerware Company
FileDescription : WrOS
InternalName : WrOS
LegalCopyright : Copyright © 1997-1999
LegalTrademarks : WinRouter
OriginalFilename : WrOS.exe
#:19 [mspmspsv.exe]
FilePath : C:\WINNT\system32\
ProcessID : 1028
ThreadCreationTime : 26-12-2004 23:11:22
BasePriority : Normal
FileVersion : 7.01.00.3055
ProductVersion : 7.01.00.3055
ProductName : Microsoft (R) DRM
CompanyName : Microsoft Corporation
FileDescription : WMDM PMSP Service
InternalName : MSPMSPSV.EXE
LegalCopyright : Copyright (C) Microsoft Corp. 1981-2000
OriginalFilename : MSPMSPSV.EXE
#:20 [svchost.exe]
FilePath : C:\WINNT\system32\
ProcessID : 1036
ThreadCreationTime : 26-12-2004 23:11:22
BasePriority : Normal
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
ProductName : Microsoft(R) Windows (R) 2000 Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : Copyright (C) Microsoft Corp. 1981-1999
OriginalFilename : svchost.exe
#:21 [explorer.exe]
FilePath : C:\WINNT\
ProcessID : 1160
ThreadCreationTime : 26-12-2004 23:11:29
BasePriority : Normal
FileVersion : 5.00.3700.6690
ProductVersion : 5.00.3700.6690
ProductName : Microsoft(R) Windows (R) 2000 Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : Copyright (C) Microsoft Corp. 1981-1999
OriginalFilename : EXPLORER.EXE
#:22 [upsmart.exe]
FilePath : C:\Archivos de programa\UPSmart\
ProcessID : 1180
ThreadCreationTime : 26-12-2004 23:11:29
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : UPSmart Application
FileDescription : UPSmart MFC Application
InternalName : UPSmart
LegalCopyright : Copyright (C) 2000
OriginalFilename : UPSmart.EXE
#:23 [winpppoverethernet.exe]
FilePath : C:\Archivos de programa\WinPoET\
ProcessID : 1380
ThreadCreationTime : 26-12-2004 23:11:46
BasePriority : Normal
FileVersion : 6.6.908
ProductVersion : 6.6.908
ProductName : WinPoET System Tray Application
CompanyName : Fine Point Technologies, Inc.
FileDescription : WinPoET System Tray Application for Windows 95/98/ME
InternalName : WinPPPoverEthernet
LegalCopyright : Copyright © 2003, Fine Point Technologies, Inc.
LegalTrademarks : WinPoET, is a registered trademark of Fine Point Technologies, Inc.
OriginalFilename : WinPPPoverEthernet.EXE
#:24 [soundman.exe]
FilePath : C:\WINNT\
ProcessID : 1396
ThreadCreationTime : 26-12-2004 23:11:48
BasePriority : Normal
FileVersion : 5.1.0.28
ProductVersion : 5.1.0.28
ProductName : Realtek Sound Manager
CompanyName : Realtek Semiconductor Corp.
FileDescription : Realtek Sound Manager
InternalName : ALSMTray
LegalCopyright : Copyright (c) 2001-2004 Realtek Semiconductor Corp.
OriginalFilename : ALSMTray.exe
Comments : Realtek AC97 Audio Sound Manager
#:25 [daemon.exe]
FilePath : C:\Archivos de programa\D-Tools\
ProcessID : 1404
ThreadCreationTime : 26-12-2004 23:11:48
BasePriority : Normal
#:26 [mcvsescn.exe]
FilePath : c:\archiv~1\mcafee.com\vso\
ProcessID : 1464
ThreadCreationTime : 26-12-2004 23:11:52
BasePriority : Normal
FileVersion : 8, 0, 0, 30
ProductVersion : 8, 0, 0, 0
ProductName : McAfee VirusScan
CompanyName : Networks Associates Technology, Inc
FileDescription : McAfee VirusScan E-mail Scan Module
InternalName : mcvsescn
LegalCopyright : Copyright © 1998-2003 Networks Associates Technology, Inc
OriginalFilename : mcvsescn.EXE
Comments : McAfee VirusScan E-mail Scan Module
#:27 [realsched.exe]
FilePath : C:\Archivos de programa\Archivos comunes\Real\Update_OB\
ProcessID : 1484
ThreadCreationTime : 26-12-2004 23:11:53
BasePriority : Normal
FileVersion : 0.1.0.3034
ProductVersion : 0.1.0.3034
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004
LegalTrademarks : RealAudio(tm) is a trademark of RealNetworks, Inc.
OriginalFilename : realsched.exe
#:28 [acrotray.exe]
FilePath : C:\Archivos de programa\Adobe\Acrobat 5.0\Distillr\
ProcessID : 1604
ThreadCreationTime : 26-12-2004 23:12:01
BasePriority : Normal
FileVersion : 5, 0, 0, 0
ProductVersion : 5, 0, 0, 0
ProductName : AcroTray - Adobe Acrobat Distiller helper application.
CompanyName : Adobe Systems Inc.
FileDescription : AcroTray
InternalName : AcroTray
LegalCopyright : Copyright © 2001
OriginalFilename : AcroTray.exe
#:29 [blackice.exe]
FilePath : C:\Archivos de programa\ISS\BlackICE\
ProcessID : 1632
ThreadCreationTime : 26-12-2004 23:12:05
BasePriority : Normal
FileVersion : 3.6.319
ProductVersion : 3.6
ProductName : Internet Security Systems, Inc. BlackICE
CompanyName : Internet Security Systems, Inc.
FileDescription : BlackICE MFC Application
InternalName : BlackICE
LegalCopyright : Copyright ¨ 1999-2004, Internet Security Systems, Inc. All rights reserved worldwide.
LegalTrademarks : BlackICE, Internet Security Systems, Inc.
OriginalFilename : blackice.exe
Comments : Reverse engineering prohibited by license agreement
#:30 [corecenter.exe]
FilePath : C:\Archivos de programa\MSI\Core Center\
ProcessID : 1652
ThreadCreationTime : 26-12-2004 23:12:08
BasePriority : Normal
FileVersion : 1, 7, 0, 0
ProductVersion : 1, 7, 0, 0
ProductName : FuzzyPWM Application
FileDescription : FuzzyPWM MFC Application
InternalName : FuzzyPWM
LegalCopyright : Copyright (C) 2003
OriginalFilename : FuzzyPWM.EXE
#:31 [mcvsftsn.exe]
FilePath : c:\archiv~1\mcafee.com\vso\
ProcessID : 1636
ThreadCreationTime : 26-12-2004 23:12:26
BasePriority : Normal
FileVersion : 8, 0, 0, 20
ProductVersion : 8, 0, 0, 0
ProductName : McAfee VirusScan
CompanyName : Networks Associates Technology, Inc
FileDescription : McAfee VirusScan Instant Messenger Scan Module
InternalName : mcvsftsn
LegalCopyright : Copyright © 1998-2003 Networks Associates Technology, Inc
OriginalFilename : mcvsftsn.EXE
Comments : McAfee VirusScan Instant Messenger Scan Module
#:32 [ad-aware.exe]
FilePath : C:\Archivos de programa\Lavasoft\Ad-Aware SE Personal\
ProcessID : 964
ThreadCreationTime : 26-12-2004 23:15:26
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 36
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 36
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 36
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@0[8].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:[email protected]/HTM/473/0
Expires : 26-12-2005 02:33:30
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@realmedia[2].txt
Category : Data Miner
Comment : Hits:74
Value : Cookie:[email protected]/
Expires : 31-12-2010 21:00:00
LastSync : Hits:74
UseCount : 0
Hits : 74
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
Category : Data Miner
Comment : Hits:27
Value : Cookie:[email protected]/
Expires : 27-12-2004 13:19:44
LastSync : Hits:27
UseCount : 0
Hits : 27
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@seeq[2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:[email protected]/
Expires : 21-12-2005 18:30:44
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@cgi-bin[4].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:[email protected]/cgi-bin
Expires : 27-02-2015 21:00:00
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@cgi-bin[5].txt
Category : Data Miner
Comment : Hits:5
Value : Cookie:[email protected]/cgi-bin
Expires : 27-02-2015 21:00:00
LastSync : Hits:5
UseCount : 0
Hits : 5
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
Category : Data Miner
Comment : Hits:8
Value : Cookie:[email protected]/
Expires : 12-05-2024 15:07:28
LastSync : Hits:8
UseCount : 0
Hits : 8
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
Category : Data Miner
Comment : Hits:7
Value : Cookie:[email protected]/
Expires : 27-12-2004 08:15:34
LastSync : Hits:7
UseCount : 0
Hits : 7
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
Category : Data Miner
Comment : Hits:4
Value : Cookie:[email protected]/
Expires : 27-12-2004 07:35:04
LastSync : Hits:4
UseCount : 0
Hits : 4
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@tripod[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:[email protected]/
Expires : 24-12-2005 06:17:32
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@bravenet[2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:[email protected]/
Expires : 22-12-2014 06:42:58
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@cgi-bin[2].txt
Category : Data Miner
Comment : Hits:17
Value : Cookie:[email protected]/cgi-bin
Expires : 27-02-2015 21:00:00
LastSync : Hits:17
UseCount : 0
Hits : 17
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@0[3].txt
Category : Data Miner
Comment : Hits:4
Value : Cookie:[email protected]/HTM/582/0
Expires : 26-12-2005 04:13:12
LastSync : Hits:4
UseCount : 0
Hits : 4
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@domainsponsor[2].txt
Category : Data Miner
Comment : Hits:8
Value : Cookie:[email protected]/
Expires : 27-12-2004 07:35:08
LastSync : Hits:8
UseCount : 0
Hits : 8
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
Category : Data Miner
Comment : Hits:30
Value : Cookie:[email protected]/
Expires : 28-02-2007 21:00:00
LastSync : Hits:30
UseCount : 0
Hits : 30
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
Category : Data Miner
Comment : Hits:19
Value : Cookie:[email protected]/
Expires : 26-12-2004 21:47:38
LastSync : Hits:19
UseCount : 0
Hits : 19
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:[email protected]/
Expires : 23-12-2005 06:16:56
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@0[2].txt
Category : Data Miner
Comment : Hits:5
Value : Cookie:[email protected]/HTM/598/0
Expires : 26-12-2005 19:30:50
LastSync : Hits:5
UseCount : 0
Hits : 5
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@cgi-bin[1].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:[email protected]/cgi-bin
Expires : 27-02-2015 21:00:00
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@statcounter[1].txt
Category : Data Miner
Comment : Hits:6
Value : Cookie:[email protected]/
Expires : 23-12-2009 06:16:10
LastSync : Hits:6
UseCount : 0
Hits : 6
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@0[4].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:[email protected]/HTM/652/0
Expires : 26-12-2005 07:27:44
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@0[1].txt
Category : Data Miner
Comment : Hits:14
Value : Cookie:[email protected]/HTM/598/0
Expires : 26-12-2005 19:30:50
LastSync : Hits:14
UseCount : 0
Hits : 14
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
Category : Data Miner
Comment : Hits:18
Value : Cookie:[email protected]/
Expires : 22-10-2005 04:08:40
LastSync : Hits:18
UseCount : 0
Hits : 18
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
Category : Data Miner
Comment : Hits:6
Value : Cookie:[email protected]/
Expires : 12-01-2073 05:01:52
LastSync : Hits:6
UseCount : 0
Hits : 6
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
Category : Data Miner
Comment : Hits:4
Value : Cookie:[email protected]/
Expires : 25-12-2014 21:00:00
LastSync : Hits:4
UseCount : 0
Hits : 4
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:[email protected]/
Expires : 24-01-2005 20:00:00
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 26
Objects found so far: 62
Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Claria Object Recognized!
Type : File
Data : fsg_4104.exe
Category : Data Miner
Comment :
Object : C:\Archivos de programa\Codec Pack de ELISOFT\divx511\
FileVersion : 4.1.0.4
ProductVersion : 4.1.0.4
OriginalFilename : Trickler.exe
Win32.Trojan.ByteVerify.A Object Recognized!
Type : File
Data : Counter.class
Category : Malware
Comment :
Object : C:\Documents and Settings\Administrador\Configuración local\Temp\AAWTMP\C1942375\37EEEE\
Win32.Trojan.ByteVerify.A Object Recognized!
Type : File
Data : Counter.class
Category : Malware
Comment :
Object : C:\Documents and Settings\Administrador\Configuración local\Temp\AAWTMP\C503687\3B0F8D\
Win32.Trojan.ByteVerify.A Object Recognized!
Type : File
Data : web.exe
Category : Malware
Comment :
Object : C:\Documents and Settings\Administrador\Configuración local\Temp\AAWTMP\C503687\3B0F8D\
Object "Counter.class" found in this archive.
Win32.Trojan.ByteVerify.A Object Recognized!
Type : File
Data : Counters.jar-4eefbe2a-144f9f8a.zip
Category : Malware
Comment : Object "Counter.class" found in this archive.
Object : C:\Documents and Settings\Administrador\Datos de programa\Sun\Java\Deployment\cache\javapi\v1.0\jar\
Object "web.exe" found in this archive.
Win32.Trojan.ByteVerify.A Object Recognized!
Type : File
Data : Counters.jar-4eefbe2a-144f9f8a.zip
Category : Malware
Comment : Object "web.exe" found in this archive.
Object : C:\Documents and Settings\Administrador\Datos de programa\Sun\Java\Deployment\cache\javapi\v1.0\jar\
Object "Counter.class" found in this archive.
Win32.Trojan.ByteVerify.A Object Recognized!
Type : File
Data : Counters.jar-6a6c0bc8-547c9c1d.zip
Category : Malware
Comment : Object "Counter.class" found in this archive.
Object : C:\Documents and Settings\Administrador\Datos de programa\Sun\Java\Deployment\cache\javapi\v1.0\jar\
Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 69
Deep scanning and examining files (D:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for D:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 69
Deep scanning and examining files (E:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for E:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 69
Deep scanning and examining files (F:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for F:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 69
Deep scanning and examining files (G:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mama@metriweb[1].txt
Category : Data Miner
Comment :
Value : G:\Documents and Settings\mama\Cookies\mama@metriweb[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mama@estat[1].txt
Category : Data Miner
Comment :
Value : G:\Documents and Settings\mama\Cookies\mama@estat[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mama@estat[2].txt
Category : Data Miner
Comment :
Value : G:\Documents and Settings\mama\Cookies\mama@estat[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mama@tickle[2].txt
Category : Data Miner
Comment :
Value : G:\Documents and Settings\mama\Cookies\mama@tickle[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mama@weborama[2].txt
Category : Data Miner
Comment :
Value : G:\Documents and Settings\mama\Cookies\mama@weborama[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
Category : Data Miner
Comment :
Value : G:\Documents and Settings\mama\Cookies\[email protected][1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mama@cgi-bin[1].txt
Category : Data Miner
Comment :
Value : G:\Documents and Settings\mama\Cookies\mama@cgi-bin[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@0[2].txt
Category : Data Miner
Comment :
Value : G:\Documents and Settings\administrador.CASA\Cookies\administrador@0[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
Category : Data Miner
Comment :
Value : G:\Documents and Settings\administrador.CASA\Cookies\[email protected][2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@bravenet[1].txt
Category : Data Miner
Comment :
Value : G:\Documents and Settings\administrador.CASA\Cookies\administrador@bravenet[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@mediaplex[1].txt
Category : Data Miner
Comment :
Value : G:\Documents and Settings\administrador.CASA\Cookies\administrador@mediaplex[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@0[6].txt
Category : Data Miner
Comment :
Value : G:\Documents and Settings\administrador.CASA\Cookies\administrador@0[6].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
Category : Data Miner
Comment :
Value : G:\Documents and Settings\administrador.CASA\Cookies\[email protected][1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@domainsponsor[2].txt
Category : Data Miner
Comment :
Value : G:\Documents and Settings\administrador.CASA\Cookies\administrador@domainsponsor[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@statcounter[1].txt
Category : Data Miner
Comment :
Value : G:\Documents and Settings\administrador.CASA\Cookies\administrador@statcounter[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@sexcounter[2].txt
Category : Data Miner
Comment :
Value : G:\Documents and Settings\administrador.CASA\Cookies\administrador@sexcounter[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@0[3].txt
Category : Data Miner
Comment :
Value : G:\Documents and Settings\administrador.CASA\Cookies\administrador@0[3].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@cgi-bin[3].txt
Category : Data Miner
Comment :
Value : G:\Documents and Settings\administrador.CASA\Cookies\administrador@cgi-bin[3].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@0[5].txt
Category : Data Miner
Comment :
Value : G:\Documents and Settings\administrador.CASA\Cookies\administrador@0[5].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@kelkoo[1].txt
Category : Data Miner
Comment :
Value : G:\Documents and Settings\administrador.CASA\Cookies\administrador@kelkoo[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@0[4].txt
Category : Data Miner
Comment :
Value : G:\Documents and Settings\administrador.CASA\Cookies\administrador@0[4].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@0[8].txt
Category : Data Miner
Comment :
Value : G:\Documents and Settings\administrador.CASA\Cookies\administrador@0[8].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
Category : Data Miner
Comment :
Value : G:\Documents and Settings\administrador.CASA\Cookies\[email protected][1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
Category : Data Miner
Comment :
Value : G:\Documents and Settings\administrador.CASA\Cookies\[email protected][2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@cgi-bin[1].txt
Category : Data Miner
Comment :
Value : G:\Documents and Settings\administrador.CASA\Cookies\administrador@cgi-bin[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@0[7].txt
Category : Data Miner
Comment :
Value : G:\Documents and Settings\administrador.CASA\Cookies\administrador@0[7].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@0[9].txt
Category : Data Miner
Comment :
Value : G:\Documents and Settings\administrador.CASA\Cookies\administrador@0[9].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
Category : Data Miner
Comment :
Value : G:\Documents and Settings\administrador.CASA\Cookies\[email protected][2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@casalemedia[2].txt
Category : Data Miner
Comment :
Value : G:\Documents and Settings\administrador.CASA\Cookies\administrador@casalemedia[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@tickle[2].txt
Category : Data Miner
Comment :
Value : G:\Documents and Settings\administrador.CASA\Cookies\administrador@tickle[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@maxserving[2].txt
Category : Data Miner
Comment :
Value : G:\Documents and Settings\administrador.CASA\Cookies\administrador@maxserving[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
Category : Data Miner
Comment :
Value : G:\Documents and Settings\administrador.CASA\Cookies\[email protected][2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@0[10].txt
Category : Data Miner
Comment :
Value : G:\Documents and Settings\administrador.CASA\Cookies\administrador@0[10].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@0[11].txt
Category : Data Miner
Comment :
Value : G:\Documents and Settings\administrador.CASA\Cookies\administrador@0[11].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@atdmt[2].txt
Category : Data Miner
Comment :
Value : G:\Documents and Settings\administrador.CASA\Cookies\administrador@atdmt[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
Category : Data Miner
Comment :
Value : G:\Documents and Settings\administrador.CASA\Cookies\[email protected][2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@trafficmp[1].txt
Category : Data Miner
Comment :
Value : G:\Documents and Settings\administrador.CASA\Cookies\administrador@trafficmp[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@adtech[1].txt
Category : Data Miner
Comment :
Value : G:\Documents and Settings\administrador.CASA\Cookies\administrador@adtech[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@hitbox[1].txt
Category : Data Miner
Comment :
Value : G:\Documents and Settings\administrador.CASA\Cookies\administrador@hitbox[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
Category : Data Miner
Comment :
Value : G:\Documents and Settings\administrador.CASA\Cookies\[email protected][2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
Category : Data Miner
Comment :
Value : G:\Documents and Settings\vivi.CASA\Cookies\[email protected][1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : vivi@estat[1].txt
Category : Data Miner
Comment :
Value : G:\Documents and Settings\vivi.CASA\Cookies\vivi@estat[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : vivi@tickle[1].txt
Category : Data Miner
Comment :
Value : G:\Documents and Settings\vivi.CASA\Cookies\vivi@tickle[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : ticogotenks@trafic[1].txt
Category : Data Miner
Comment :
Value : G:\Documents and Settings\ticogotenks.CASA\Cookies\ticogotenks@trafic[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : ticogotenks@please[2].txt
Category : Data Miner
Comment :
Value : G:\Documents and Settings\ticogotenks.CASA\Cookies\ticogotenks@please[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : ticogotenks@realmedia[1].txt
Category : Data Miner
Comment :
Value : G:\Documents and Settings\ticogotenks.CASA\Cookies\ticogotenks@realmedia[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
Category : Data Miner
Comment :
Value : G:\Documents and Settings\ticogotenks.CASA\Cookies\[email protected][2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
Category : Data Miner
Comment :
Value : G:\Documents and Settings\ticogotenks.CASA\Cookies\[email protected][2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
Category : Data Miner
Comment : www.searchtraffic.com
Value : G:\Documents and Settings\ticogotenks.CASA\Cookies\[email protected][2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
Category : Data Miner
Comment :
Value : G:\Documents and Settings\ticogotenks.CASA\Cookies\[email protected][1].txt
Tracking Cookie Object Recognized!
Type
FatsGordon:
Hola!
Con respecto al log del HijackThis te puedo comentar lo siguiente:
--- Citar ---Otra entrada común encontrada en F2 es la entrada UserInit la cuál corresponde a la llave: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\UserInit la cuál se encuentra en Windows NT, 2000, XP y 2003. Esta llave especifíca qué programa se debe cargar después que un usuario se loguee en Windows. El programa por defecto para esta llave es: C:\Windows\System32\userinit.exe. Userinit.exe es un programa que restaura tu perfil, fuentes, colores, etc. para tu nombre de usuario. Es posible añadir programas furtivos que inicien desde esta llave separando los programas con una coma. Por ejemplo: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit = C:\Windows\System32\userinit.exe,C:\Windows\programa_maligno.exe. Esto hará que ambos programas se ejecuten cuando te loguees y es un lugar común para ejecutar troyanos, hijackers y spywares.
--- Fin de la cita ---
Fuente: http://www.arwinianos.net/biblioteca/articulo/3/2
Por favor fijate si podés acceder a la registry y verificar esto que tenés en la línea:
F2 - REG:system.ini: UserInit=
Por otra parte, por favor verificá si la línea siguiente es algo instalado a nivel corporativo (asumo que estás en una empresa, en una LAN):
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.naupoint.com/toolbar/ie.html
Además abrí el HijackThis, realizá el escaneo y marcá las siguientes entradas (y sólo estas tres entradas):
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\ARCHIV~1\FlashGet\jccatch.dll (file missing)
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\ARCHIV~1\FlashFXP\IEFlash.dll (file missing)
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\ARCHIV~1\FlashGet\fgiebar.dll
Luego presioná Fix checked, reiniciá la máquina en modo A prueba de fallos, buscá el archivo C:\ARCHIV~1\FlashGet\fgiebar.dll y borralo (de hecho podrías eliminar la carpeta FlashGet completa).
Reiniciá la máquina, generá un nuevo log del HT y publicalo aquí.
ticogotenks:
muchas gracias
ahora el problema que tengo es este
http://www.daboweb.com/phpBB2/viewtopic.php?t=10074
Navegación
[*] Página Anterior
Ir a la versión completa