Foros de daboweb
SEGURIDAD INFORMATICA, Firewall, parches, vacunas, antivirus, anti troyanos, spyware etc => Seguridad Informatica - Firewall - Virus - Troyanos - Spyware - Ad Aware - Malware => Mensaje iniciado por: Xesulp en 22 de Junio de 2004, 10:21:03 pm
-
Barra de tareas.
Bueno, les cuento el problema con el que no soy capaz de dar una solucion.
Despues de ejecutar Add Aware 6 me detecta como 70 registros y otros supuestos espias en mi ordenador. Habia dejado pasar demasiado tiempo siiin rastrearlo, se me acumula el trabajo.
Como es logico, me acojono un poco y todos a cuarentena. Acto seguido reinicio el ordenador y no me apareacen los iconos de inicio rapido de la barra de tareas, bueno digo yo, los activo y ya esta. Pero cada vez que reinicio, desaparecen.
Necesito saber que archivo, es el que se encarga de guardar en memoria esta funcion, para asi poder mantener este archivo, ya que aparentemente el resto de aplicaciones, no he notado que deje de funcionar ninguna.
Nota, si reinstalo todos los registros puestos en cuarentena, funciona perfectamente otra vez.
Gracias de antemano.
Saludos.
-
Hola Xesulp, y bienvenido al foro!
Evidentemente parecería que algo que se lleva el Ad-Aware tiene que ver con esa barra.
Mi pregunta es la siguiente: ¿es una barra del Internet Explorer? Porque no me hago la idea.
Lo siguiente que me gustaría ver es el último log "sucio" del Ad-Aware, el que tiene todo lo que pusiste luego en cuarentena. No quiero el log de cuarentena, sólo quiero el log del Ad-Aware (C:\Archivos de programa\Lavasoft\Ad-aware 6\Logs\).
Muchas gracias.
-
Gracias por responder:
Cuando digo la barra de tareas me refiero a los iconos que en windows llaman inicio rapido, osea los iconos al lado del menu inicio, digase escritorio, outlook o cualquier otro que alli alojemos. Estos aparecen en los sistemas XP y otros anteriores.
Te envio los logs en un mensaje privado.
Gracias de antemano.
-
Por favor, publicá el log de Ad-Aware (no el de cuarentena) en este mismo hilo.
Perdón pero por políticas del foro no acepto privados para consultas que bien pueden ser públicas y que pueden ayudar a otros. Espero que sepas entender.
Muchas gracias.
-
No entendi bien el log que necesitas, este es el primer log creado antes de la cuarentena.
Un saludo.
Lavasoft Ad-aware Personal Build 6.181
Logfile created on :dilluns, 21 / juny / 2004 20:52:41
Created with Ad-aware Personal, free for private use.
Using reference-file :01R323 20.06.2004
______________________________________________________
Ad-aware Settings
=========================
Set : Activate in-depth scan (Recommended)
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep scan registry
21-06-2004 20:52:41 - Scan started. (Smart mode)
Listing running processes
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ThreadCreationTime : 21-06-2004 18:33:59
BasePriority : Normal
#:2 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ThreadCreationTime : 21-06-2004 18:34:04
BasePriority : High
#:3 [services.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 21-06-2004 18:34:05
BasePriority : Normal
FileSize : 99 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
Copyright : Copyright (C) Microsoft Corporation. Reservados todos los derechos.
CompanyName : Microsoft Corporation
FileDescription : Aplicaci
InternalName : services.exe
OriginalFilename : services.exe
ProductName : Sistema operativo Microsoft
Created on : 24/08/2001 12:00:00
Last accessed : 21/06/2004 18:33:57
Last modified : 24/08/2001 12:00:00
#:4 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 21-06-2004 18:34:05
BasePriority : Normal
FileSize : 11 KB
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
OriginalFilename : lsass.exe
ProductName : Microsoft
Created on : 09/09/2002 13:51:32
Last accessed : 21/06/2004 18:33:57
Last modified : 09/09/2002 13:51:32
#:5 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 21-06-2004 18:34:06
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 24/08/2001 12:00:00
Last accessed : 21/06/2004 18:33:57
Last modified : 24/08/2001 12:00:00
#:6 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 21-06-2004 18:34:06
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 24/08/2001 12:00:00
Last accessed : 21/06/2004 18:33:57
Last modified : 24/08/2001 12:00:00
#:7 [ccsetmgr.exe]
FilePath : C:\Archivos de programa\Archivos comunes\Symantec Shared\
ThreadCreationTime : 21-06-2004 18:34:08
BasePriority : Normal
FileSize : 229 KB
FileVersion : 2.0.0.635
ProductVersion : 2.0.0.635
Copyright : Copyright (c) 2000-2003 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Common Client Settings Manager Service
InternalName : ccSetMgr
OriginalFilename : ccSetMgr.exe
ProductName : Common Client
Created on : 20/08/2003 00:58:50
Last accessed : 21/06/2004 18:33:57
Last modified : 20/08/2003 00:58:50
#:8 [ccevtmgr.exe]
FilePath : C:\Archivos de programa\Archivos comunes\Symantec Shared\
ThreadCreationTime : 21-06-2004 18:34:08
BasePriority : Normal
FileSize : 249 KB
FileVersion : 2.0.0.635
ProductVersion : 2.0.0.635
Copyright : Copyright (c) 2000-2003 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Common Client Event Manager Service
InternalName : ccEvtMgr
OriginalFilename : ccEvtMgr.exe
ProductName : Common Client
Created on : 20/08/2003 00:56:12
Last accessed : 21/06/2004 18:33:57
Last modified : 20/08/2003 00:56:12
#:9 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 21-06-2004 18:34:09
BasePriority : Normal
FileSize : 50 KB
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
OriginalFilename : spoolsv.exe
ProductName : Microsoft
Created on : 24/08/2001 12:00:00
Last accessed : 21/06/2004 18:33:57
Last modified : 24/08/2001 12:00:00
#:10 [mdm.exe]
FilePath : C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\
ThreadCreationTime : 21-06-2004 18:34:15
BasePriority : Normal
FileSize : 314 KB
FileVersion : 7.00.9466
ProductVersion : 7.00.9466
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
OriginalFilename : mdm.exe
ProductName : Microsoft
Created on : 19/06/2003 22:25:00
Last accessed : 21/06/2004 18:33:57
Last modified : 19/06/2003 22:25:00
#:11 [navapsvc.exe]
FilePath : C:\Archivos de programa\Norton AntiVirus\
ThreadCreationTime : 21-06-2004 18:34:15
BasePriority : Normal
FileSize : 154 KB
FileVersion : 10.00.109
ProductVersion : 10.00.109
Copyright : Norton AntiVirus 2004 for Windows 98/ME/2000/XP Copyright (c) 2003 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
OriginalFilename : NAVAPSVC.EXE
ProductName : Norton AntiVirus
Created on : 22/08/2003 23:12:54
Last accessed : 21/06/2004 18:32:46
Last modified : 22/08/2003 23:12:54
#:12 [nvsvc32.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 21-06-2004 18:34:15
BasePriority : Normal
FileSize : 80 KB
FileVersion : 6.14.10.5216
ProductVersion : 6.14.10.5216
Copyright : (C) NVIDIA Corporation. All rights reserved.
CompanyName : NVIDIA Corporation
FileDescription : NVIDIA Driver Helper Service, Version 52.16
InternalName : NVSVC
OriginalFilename : nvsvc32.exe
ProductName : NVIDIA Driver Helper Service, Version 52.16
Created on : 06/10/2003 13:16:00
Last accessed : 21/06/2004 18:33:57
Last modified : 06/10/2003 13:16:00
#:13 [savscan.exe]
FilePath : C:\Archivos de programa\Norton AntiVirus\
ThreadCreationTime : 21-06-2004 18:34:15
BasePriority : Normal
FileSize : 189 KB
FileVersion : 9.2.0.79
ProductVersion : 9.2
Copyright : Copyright (c) 2003 Symantec Corporation
CompanyName : Symantec Corporation
FileDescription : Symantec AntiVirus Scanner
InternalName : SAVSCAN
OriginalFilename : SAVSCAN.EXE
ProductName : Symantec AntiVirus AutoProtect
Created on : 10/08/2003 05:26:24
Last accessed : 21/06/2004 18:33:57
Last modified : 10/08/2003 05:26:24
#:14 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 21-06-2004 18:34:15
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 24/08/2001 12:00:00
Last accessed : 21/06/2004 18:33:57
Last modified : 24/08/2001 12:00:00
#:15 [explorer.exe]
FilePath : C:\WINDOWS\
ThreadCreationTime : 21-06-2004 18:34:19
BasePriority : Normal
FileSize : 975 KB
FileVersion : 6.00.2800.1221 (xpsp2.030511-1403)
ProductVersion : 6.00.2800.1221
CompanyName : Microsoft Corporation
FileDescription : Explorador de Windows
InternalName : explorer
OriginalFilename : EXPLORER.EXE
ProductName : Sistema operativo Microsoft
Created on : 29/05/2003 10:51:26
Last accessed : 21/06/2004 18:38:16
Last modified : 29/05/2003 10:51:26
#:16 [soundman.exe]
FilePath : C:\WINDOWS\
ThreadCreationTime : 21-06-2004 18:34:23
BasePriority : Normal
FileSize : 56 KB
FileVersion : 5.1.10
ProductVersion : 5.1.10
Copyright : Copyright (c) 2001-2003 Realtek Semiconductor Corp.
CompanyName : Realtek Semiconductor Corp.
FileDescription : Realtek Sound Manager
InternalName : ALSMTray
OriginalFilename : ALSMTray.exe
ProductName : Realtek Sound Manager
Created on : 15/08/2003 14:34:50
Last accessed : 21/06/2004 18:33:57
Last modified : 15/08/2003 14:34:50
#:17 [ccapp.exe]
FilePath : C:\Archivos de programa\Archivos comunes\Symantec Shared\
ThreadCreationTime : 21-06-2004 18:34:23
BasePriority : Normal
FileSize : 69 KB
FileVersion : 2.0.0.635
ProductVersion : 2.0.0.635
Copyright : Copyright (c) 2000-2003 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Symantec Common Client User Session
InternalName : ccApp
OriginalFilename : ccApp.exe
ProductName : Common Client
Created on : 20/08/2003 00:55:56
Last accessed : 21/06/2004 18:33:57
Last modified : 20/08/2003 00:55:56
#:18 [anydvd.exe]
FilePath : C:\Archivos de programa\SlySoft\AnyDVD\
ThreadCreationTime : 21-06-2004 18:34:23
BasePriority : Normal
FileSize : 173 KB
FileVersion : 3.0.0.7
ProductVersion : 3.0.0.7
Copyright : Copyright 2002 - 2003 SlySoft, Inc.
CompanyName : SlySoft, Inc.
FileDescription : Application
InternalName : ANYDVD
OriginalFilename : AnyDVD.exe
ProductName : AnyDVD
Created on : 21/11/2003 16:07:57
Last accessed : 21/06/2004 18:38:18
Last modified : 21/11/2003 16:07:57
#:19 [rundll32.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 21-06-2004 18:34:24
BasePriority : Normal
FileSize : 31 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Ejecutar un archivo DLL como una aplicaci
InternalName : rundll
OriginalFilename : RUNDLL.EXE
ProductName : Sistema operativo Microsoft
Created on : 24/08/2001 12:00:00
Last accessed : 21/06/2004 18:35:04
Last modified : 24/08/2001 12:00:00
#:20 [btusrbdg.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 21-06-2004 18:34:24
BasePriority : Normal
FileSize : 52 KB
FileVersion : 1, 0, 1, 0
ProductVersion : 1, 0, 0, 0
Copyright : Copyright (C) 2001 Extended Systems, Inc.
CompanyName : Extended Systems, Inc.
FileDescription : btusrbdg.exe
InternalName : BTUSRBDG
OriginalFilename : btusrbdg.exe
Created on : 20/03/2004 14:48:19
Last accessed : 21/06/2004 18:34:25
Last modified : 19/06/2002 14:04:34
#:21 [ituneshelper.exe]
FilePath : C:\Archivos de programa\iTunes\
ThreadCreationTime : 21-06-2004 18:34:25
BasePriority : Normal
FileSize : 280 KB
FileVersion : 4.6.0.15
ProductVersion : 4.6.0.15
CompanyName : Apple Computer, Inc.
FileDescription : iTunesHelper Module
InternalName : iTunesHelper
OriginalFilename : iTunesHelper.exe
ProductName : iTunes
Created on : 04/06/2004 10:38:12
Last accessed : 21/06/2004 18:34:25
Last modified : 04/06/2004 10:38:12
#:22 [xmuxexzl.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 21-06-2004 18:34:26
BasePriority : Normal
FileSize : 37 KB
Created on : 21/06/2004 12:56:24
Last accessed : 21/06/2004 18:34:26
Last modified : 21/05/2004 16:02:58
#:23 [ctfmon.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 21-06-2004 18:34:26
BasePriority : Normal
FileSize : 13 KB
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
OriginalFilename : CTFMON.EXE
ProductName : Microsoft
Created on : 09/09/2002 13:51:26
Last accessed : 21/06/2004 18:33:57
Last modified : 09/09/2002 13:51:26
#:24 [msmsgs.exe]
FilePath : C:\Archivos de programa\Messenger\
ThreadCreationTime : 21-06-2004 18:34:26
BasePriority : Normal
FileSize : 1456 KB
FileVersion : 4.7.2009
ProductVersion : Version 4.7
Copyright : Copyright (c) Microsoft Corporation 1997-2003
CompanyName : Microsoft Corporation
FileDescription : Messenger
InternalName : msmsgs
OriginalFilename : msmsgs.exe
ProductName : Messenger
Created on : 14/04/2003 18:30:14
Last accessed : 21/06/2004 18:44:24
Last modified : 14/04/2003 18:30:14
#:25 [netscp.exe]
FilePath : C:\ARCHIV~1\NETSCAPE\NETSCAPE\
ThreadCreationTime : 21-06-2004 18:34:26
BasePriority : Normal
FileSize : 554 KB
FileVersion : 7.1
ProductVersion : 7.1
Copyright : License: MPL 1.1/GPL 2.0/LGPL 2.1
CompanyName : Mozilla, Netscape
FileDescription : Netscape
InternalName : apprunner
OriginalFilename : Netscp.exe
ProductName : Mozilla
Created on : 21/02/2004 19:32:17
Last accessed : 21/06/2004 18:34:30
Last modified : 24/06/2003 11:09:00
#:26 [acrotray.exe]
FilePath : C:\Archivos de programa\Adobe\Acrobat 6.0\Distillr\
ThreadCreationTime : 21-06-2004 18:34:27
BasePriority : Normal
FileSize : 212 KB
FileVersion : 6.0.0.2003051500
ProductVersion : 6.0.0.0
Copyright : Copyright 1984-2003 Adobe Systems Incorporated and its licensors. All rights reserved.
CompanyName : Adobe Systems Inc.
FileDescription : AcroTray
InternalName : AcroTray
OriginalFilename : AcroTray.exe
ProductName : AcroTray - Adobe Acrobat Distiller helper application.
Created on : 15/05/2003 00:19:50
Last accessed : 21/06/2004 18:33:57
Last modified : 15/05/2003 00:19:50
#:27 [audevicemgr.exe]
FilePath : C:\Archivos de programa\Sony Ericsson\Mobile\
ThreadCreationTime : 21-06-2004 18:34:27
BasePriority : Normal
FileSize : 788 KB
FileVersion : 1, 2, 7, 1
ProductVersion : 1, 2, 7, 1
Copyright : Copyright
CompanyName : Teleca Software Solutions AB
FileDescription : Phone Connection Monitor application
InternalName : Device Manager
OriginalFilename : audevicemgr.exe
ProductName : Phone Connection Monitor
Created on : 06/05/2004 12:55:01
Last accessed : 21/06/2004 18:34:28
Last modified : 14/01/2004 15:17:00
#:28 [ipodservice.exe]
FilePath : C:\Archivos de programa\iPod\bin\
ThreadCreationTime : 21-06-2004 18:34:28
BasePriority : Normal
FileSize : 392 KB
FileVersion : 4.6.0.15
ProductVersion : 4.6.0.15
CompanyName : Apple Computer, Inc.
FileDescription : iPodService Module
InternalName : iPodService
OriginalFilename : iPodService.exe
ProductName : iTunes
Created on : 04/06/2004 10:37:56
Last accessed : 21/06/2004 18:32:48
Last modified : 04/06/2004 10:37:56
#:29 [mroute~2.exe]
FilePath : c:\ARCHIV~1\INTUWA~1\Shared\MROUTE~1\
ThreadCreationTime : 21-06-2004 18:34:31
BasePriority : Normal
FileSize : 544 KB
FileVersion : 2, 2, 0, 371
ProductVersion : 2, 0, 0, 1
Copyright : Copyright (C) Intuwave Ltd. 2001
CompanyName : Intuwave Ltd.
FileDescription : mRouterRuntime MFC Application
InternalName : mRouterRuntime
OriginalFilename : mRouterRuntime.EXE
ProductName : mRouter
#:30 [connmn~1.exe]
FilePath : C:\ARCHIV~1\SONYER~1\Mobile\CONNEC~1\
ThreadCreationTime : 21-06-2004 18:34:35
BasePriority : Normal
FileSize : 176 KB
FileVersion : 1, 0, 0, 41
ProductVersion : 1, 0, 0, 1
Copyright : Copyright (C) Symbian Ltd. 2001
CompanyName : Symbian Ltd.
FileDescription : ConnMngmntBox Module
InternalName : ConnMngmntBox
OriginalFilename : ConnMngmntBox.EXE
ProductName : Symbian Connect
#:31 [msbb.exe]
FilePath : C:\DOCUME~1\MIQUEL~1\CONFIG~1\Temp\
ThreadCreationTime : 21-06-2004 18:35:05
BasePriority : Normal
FileSize : 106 KB
FileVersion : 5, 9, 0, 7
ProductVersion : 5, 9, 0, 7
Copyright : Copyright
CompanyName : 180solutions, Inc.
FileDescription : Search Assistant
ProductName : Search Assistant
Created on : 21/06/2004 18:35:05
Last accessed : 21/06/2004 18:35:05
Last modified : 21/06/2004 18:35:05
180Solutions Object recognized!
Type : Process
Data : msbb.exe
Object : C:\DOCUME~1\MIQUEL~1\CONFIG~1\Temp\
FileSize : 106 KB
FileVersion : 5, 9, 0, 7
ProductVersion : 5, 9, 0, 7
Copyright : Copyright
CompanyName : 180solutions, Inc.
FileDescription : Search Assistant
ProductName : Search Assistant
Created on : 21/06/2004 18:35:05
Last accessed : 21/06/2004 18:35:05
Last modified : 21/06/2004 18:35:05
Warning! 180Solutions object found in memory(msbb.exe)
"msbb.exe"Process terminated successfully.
#:32 [omniscient.exe]
FilePath : C:\Program Files\WindowsSA\
ThreadCreationTime : 21-06-2004 18:45:27
BasePriority : Normal
FileSize : 312 KB
Created on : 21/05/2004 08:19:58
Last accessed : 21/06/2004 18:45:27
Last modified : 21/05/2004 08:19:58
Warning! BlazeFind object found in memory(C:\Program Files\WindowsSA\omniscient.exe)
BlazeFind Object recognized!
Type : Process
Data : omniscient.exe
Object : C:\Program Files\WindowsSA\
FileSize : 312 KB
Created on : 21/05/2004 08:19:58
Last accessed : 21/06/2004 18:45:27
Last modified : 21/05/2004 08:19:58
"omniscient.exe"Process terminated successfully.
#:33 [ad-aware.exe]
FilePath : C:\ARCHIV~1\Lavasoft\AD-AWA~1\
ThreadCreationTime : 21-06-2004 18:52:24
BasePriority : Normal
FileSize : 668 KB
FileVersion : 6.0.1.181
ProductVersion : 6.0.0.0
Copyright : Copyright
CompanyName : Lavasoft Sweden
FileDescription : Ad-aware 6 core application
InternalName : Ad-aware.exe
OriginalFilename : Ad-aware.exe
ProductName : Lavasoft Ad-aware Plus
Created on : 21/06/2004 18:50:31
Last accessed : 21/06/2004 18:51:50
Last modified : 12/07/2003 19:00:20
Memory scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 2
Objects found so far: 2
Started registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
180Solutions Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : SOFTWARE\180solutions\msbb
180Solutions Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\Uninstall\msbb
180Solutions Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\180solutions\msbb
Alexa Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Internet Explorer\Extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
BlazeFind Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{83DE62E0-5805-11D8-9B25-00E04C60FAF2}
BlazeFind Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83DE62E0-5805-11D8-9B25-00E04C60FAF2}
StopPop Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{4534CD6B-59D6-43FD-864B-06A0D843444A}
VX2.BetterInternet Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{000020DD-C72E-4113-AF77-DD56626C6C42}
VX2.BetterInternet Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\twaintec
VX2.BetterInternet Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TwaintecDll.TwaintecDllObj.1
VX2.BetterInternet Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TypeLib\{690BCCB4-6B83-4203-AE77-038C116594EC}
VX2.BetterInternet Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : vx2.vx2obj
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Bridge.brdg
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Bridge.brdg.1
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{80bb7465-a638-43b5-9827-8e8fe38dfcc1}
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{9C691A33-7DDA-4C2F-BE4C-C176083F35CF}
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : jao.jao
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : jao.jao.1
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TYPELIB\{c094876d-1b0e-46fa-b6a6-7ffc0f970c27}
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TypeLib\{DDAF2479-6F00-4599-998A-3ED75686C6D0}
Registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 20
Objects found so far: 22
Started deep registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\microsoft\windows\currentversion\moduleusage\C:/WINDOWS/Downloaded Program Files/bridge.dll
WinFavorites Object recognized!
Type : File
Data : bridge.dll
Object : c:\windows\downloaded program files\
FileSize : 56 KB
FileVersion : 1, 0, 0, 117
ProductVersion : 1, 0, 0, 117
Copyright : Copyright 2003
FileDescription : bridge Module
InternalName : bridge
OriginalFilename : bridge.DLL
ProductName : bridge Module
Created on : 19/03/2004 09:46:30
Last accessed : 21/06/2004 18:53:34
Last modified : 19/03/2004 09:46:30
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\microsoft\windows\currentversion\moduleusage\C:/WINDOWS/Downloaded Program Files/jao.dll
WinFavorites Object recognized!
Type : File
Data : jao.dll
Object : c:\windows\downloaded program files\
FileSize : 36 KB
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
Copyright : Copyright 2004
FileDescription : jao Module
InternalName : jao
OriginalFilename : jao.DLL
ProductName : jao Module
Created on : 17/03/2004 09:45:54
Last accessed : 21/06/2004 18:53:35
Last modified : 17/03/2004 09:45:54
Possible browser hijack attempt : {9C691A33-7DDA-4C2F-BE4C-C176083F35CF} (http://static.flingstone.com/cab/2000xp/cdtinc/bridge-c2.cab)
Possible Browser Hijack attempt Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Code Store Database\Distribution Units\{9C691A33-7DDA-4C2F-BE4C-C176083F35CF}
180Solutions Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\Run
Value : msbb
180Solutions Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\Run
Value : xsrun
180Solutions Object recognized!
Type : File
Data : xsrun.exe
Object : c:\windows\
FileSize : 92 KB
Created on : 21/06/2004 18:35:06
Last accessed : 21/06/2004 18:35:14
Last modified : 21/06/2004 18:35:14
VX2.BetterInternet Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\Run
Value : alchem
VX2.BetterInternet Object recognized!
Type : File
Data : alchem.exe
Object : c:\windows\
FileSize : 240 KB
FileVersion : 0, 2, 1, 3
ProductVersion : 0, 2, 1, 3
Copyright : Copyright
CompanyName : ClickAlchemy
FileDescription : www.clickalchemy.com
Created on : 21/06/2004 18:40:22
Last accessed : 21/06/2004 18:40:23
Last modified : 12/03/2004 07:17:20
BlazeFind Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\Run
Value : Windows SA
WinFavorites Object recognized!
Type : RegValue
Data : c:\windows\downloaded program files\jao.dll
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\SharedDLLs
Value : C:\WINDOWS\Downloaded Program Files\jao.dll
WinFavorites Object recognized!
Type : RegValue
Data : c:\windows\downloaded program files\bridge.dll
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\SharedDLLs
Value : C:\WINDOWS\Downloaded Program Files\bridge.dll
VX2.BetterInternet Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000020DD-C72E-4113-AF77-DD56626C6C42}
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9C691A33-7DDA-4C2F-BE4C-C176083F35CF}
Deep registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 11
Objects found so far: 37
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Tracking Cookie Object recognized!
Type : File
Data : miquel costa@180solutions[1].txt
Object : C:\Documents and Settings\Miquel Costa\Cookies\
Created on : 21/06/2004 18:46:09
Last accessed : 21/06/2004 18:46:09
Last modified : 21/06/2004 18:46:09
Tracking Cookie Object recognized!
Type : File
Data : miquel costa@atdmt[1].txt
Object : C:\Documents and Settings\Miquel Costa\Cookies\
Created on : 21/06/2004 18:48:15
Last accessed : 21/06/2004 18:48:15
Last modified : 21/06/2004 18:48:15
Tracking Cookie Object recognized!
Type : File
Data : miquel costa@mediaplex[1].txt
Object : C:\Documents and Settings\Miquel Costa\Cookies\
Created on : 21/06/2004 18:48:31
Last accessed : 21/06/2004 18:48:31
Last modified : 21/06/2004 18:48:31
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Deep scanning and examining files (C:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
WinFavorites Object recognized!
Type : File
Data : a.exe
Object : C:\WINDOWS\System32\
FileSize : 14 KB
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
Copyright : Copyright
OriginalFilename : a.exe
Created on : 21/06/2004 13:28:15
Last accessed : 21/06/2004 18:53:51
Last modified : 21/06/2004 13:28:15
WinFavorites Object recognized!
Type : File
Data : bridge.dll
Object : C:\WINDOWS\System32\
FileSize : 68 KB
FileVersion : 1, 0, 0, 117
ProductVersion : 1, 0, 0, 117
Copyright : Copyright 2003
FileDescription : bridge Module
InternalName : bridge
OriginalFilename : bridge.DLL
ProductName : bridge Module
Created on : 21/06/2004 13:28:15
Last accessed : 21/06/2004 18:34:26
Last modified : 21/06/2004 13:28:15
WinFavorites Object recognized!
Type : File
Data : jao.dll
Object : C:\WINDOWS\System32\
FileSize : 48 KB
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
Copyright : Copyright 2004
FileDescription : jao Module
InternalName : jao
OriginalFilename : jao.DLL
ProductName : jao Module
Created on : 21/06/2004 13:28:15
Last accessed : 21/06/2004 18:53:12
Last modified : 21/06/2004 13:28:15
Performing conditional scans..
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
180Solutions Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\Microsoft\Internet Explorer\Explorer Bars\{30D02401-6A81-11D0-8274-00C04FD5AE38}
180Solutions Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\180solutions
180Solutions Object recognized!
Type : Folder
Object : c:\program files\N-case
180Solutions Object recognized!
Type : File
Data : fiz1
Object : c:\program files\n-case\
FileSize : 29 KB
Created on : 28/02/2004 01:14:28
Last accessed : 21/06/2004 18:54:19
Last modified : 29/02/2004 02:27:03
180Solutions Object recognized!
Type : File
Data : fiz2
Object : c:\program files\n-case\
FileSize : 29 KB
Created on : 28/02/2004 01:17:07
Last accessed : 21/06/2004 18:54:19
Last modified : 29/02/2004 16:09:29
180Solutions Object recognized!
Type : File
Data : fiz3
Object : c:\program files\n-case\
Created on : 29/02/2004 16:12:23
Last accessed : 21/06/2004 18:54:19
Last modified : 29/02/2004 16:13:09
180Solutions Object recognized!
Type : File
Data : kyf.dat
Object : c:\program files\n-case\
FileSize : 2327 KB
Created on : 28/02/2004 01:08:21
Last accessed : 21/06/2004 18:54:19
Last modified : 29/02/2004 14:49:08
VX2.BetterInternet Object recognized!
Type : File
Data : dummy.htm
Object : c:\docume~1\miquel~1\config~1\temp\
Created on : 21/06/2004 12:56:13
Last accessed : 21/06/2004 18:55:43
Last modified : 21/06/2004 12:56:13
VX2.BetterInternet Object recognized!
Type : File
Data : twtini.cab
Object : c:\docume~1\miquel~1\config~1\temp\
Created on : 21/06/2004 18:35:36
Last accessed : 21/06/2004 18:35:36
Last modified : 21/06/2004 18:35:36
VX2.BetterInternet Object recognized!
Type : File
Data : oem11.inf
Object : c:\windows\lastgood\inf\
Created on : 21/02/2004 22:21:01
Last accessed : 21/06/2004 18:55:43
Last modified : 21/02/2004 22:21:01
VX2.BetterInternet Object recognized!
Type : File
Data : oem11.pnf
Object : c:\windows\lastgood\inf\
Created on : 21/02/2004 22:21:01
Last accessed : 21/06/2004 18:55:43
Last modified : 21/02/2004 22:21:01
VX2.BetterInternet Object recognized!
Type : File
Data : oem12.inf
Object : c:\windows\lastgood\inf\
Created on : 22/02/2004 15:17:26
Last accessed : 21/06/2004 18:55:43
Last modified : 22/02/2004 15:17:26
VX2.BetterInternet Object recognized!
Type : File
Data : oem12.pnf
Object : c:\windows\lastgood\inf\
Created on : 22/02/2004 15:17:26
Last accessed : 21/06/2004 18:55:43
Last modified : 22/02/2004 15:17:26
VX2.BetterInternet Object recognized!
Type : File
Data : oem14.inf
Object : c:\windows\lastgood\inf\
Created on : 01/03/2004 21:55:26
Last accessed : 21/06/2004 18:55:43
Last modified : 01/03/2004 21:55:26
VX2.BetterInternet Object recognized!
Type : File
Data : oem14.pnf
Object : c:\windows\lastgood\inf\
Created on : 01/03/2004 21:55:26
Last accessed : 21/06/2004 18:55:43
Last modified : 01/03/2004 21:55:26
VX2.BetterInternet Object recognized!
Type : File
Data : twaintec.dll
Object : c:\windows\
FileSize : 136 KB
FileVersion : 0, 1, 4, 19
ProductVersion : 0, 1, 4, 19
Copyright : Copyright
CompanyName : Twain Tech
FileDescription : www.twain-tech.com
InternalName : Twaintec
OriginalFilename : Twaintec.dll
ProductName : Twaintec
Created on : 21/06/2004 12:56:22
Last accessed : 21/06/2004 18:34:29
Last modified : 04/05/2004 14:43:46
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{4FDBDBAD-FEFE-4C4C-9CC1-1181052AFB12}
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{B88A3AF1-4F1B-4400-8FFB-3FCB108CE115}
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bridge
Conditional scan result:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 19
Objects found so far: 62
20:56:11 Scan complete
Summary of this scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Total scanning time :00:03:30:203
Objects scanned :74480
Objects identified :62
Objects ignored :0
New objects :62
-
Ese log es el que quería.
No me gusta nada... Por favor, hacé una cosa: actualizá el Ad-Aware (01R324), fijate que el Ad-Aware esté tal y como dice en http://www.daboweb.com/phpBB2/viewtopic.php?t=2443 y corré un escaneo FULL con la SEGUNDA opción (Custom scan). Fijate que usaste la primera (Smart scan), que es muchísimo menos profunda que la Custom.
Seguramente vas a ver más porquerías ahí... Por favor publicá el log completo. Si es necesario fijate dónde terminó y seguí desde ahí.
-
Creo que lo he puesto como indicaba el otro hilo. Actualizado y con los parametros que alli indicabas.
Algunas opciones no me las deja seleccionar el progama ya que tiene uno que registrarse.
Gracias de antemano.
Lavasoft Ad-aware Personal Build 6.181
Logfile created on :dimecres, 23 / juny / 2004 14:50:49
Created with Ad-aware Personal, free for private use.
Using reference-file :01R324 22.06.2004
______________________________________________________
Reffile status:
=========================
S'ha carregat el fitxer de referència:
Reference Number : 01R324 22.06.2004
Internal build : 256
File location : C:\Archivos de programa\Lavasoft\Ad-aware 6\reflist.ref
Total size : 1265402 Bytes
Signature data size : 1244925 Bytes
Reference data size : 20413 Bytes
Signatures total : 27677
Target categories : 10
Target families : 506
Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium IV
Memory available:66 %
Total physical memory:1048048 kb
Available physical memory:691012 kb
Total page file size:2520548 kb
Available on page file:2260128 kb
Total virtual memory:2097024 kb
Available virtual memory:2049872 kb
OS:
Ad-aware Settings
=========================
Set : Activate in-depth scan (Recommended)
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file
Extended Ad-aware Settings
=========================
Set : Unload recognized processes during scanning
Set : Reanalyze result after scanning, before displaying result list
Set : Run scan as background process (Low CPU usage)
Set : Include basic Ad-aware settings in logfile
Set : Include additional Ad-aware settings in logfile
Set : Let windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Always back up reference file, before updating
Set : Play sound if scan produced a result
23-06-2004 14:50:49 - Scan started. (Custom mode)
Listing running processes
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ThreadCreationTime : 22-06-2004 22:05:08
BasePriority : Normal
#:2 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ThreadCreationTime : 22-06-2004 22:05:13
BasePriority : High
#:3 [services.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 22-06-2004 22:05:14
BasePriority : Normal
FileSize : 99 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
Copyright : Copyright (C) Microsoft Corporation. Reservados todos los derechos.
CompanyName : Microsoft Corporation
FileDescription : Aplicaci
InternalName : services.exe
OriginalFilename : services.exe
ProductName : Sistema operativo Microsoft
Created on : 24/08/2001 12:00:00
Last accessed : 23/06/2004 12:50:49
Last modified : 24/08/2001 12:00:00
#:4 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 22-06-2004 22:05:14
BasePriority : Normal
FileSize : 11 KB
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
OriginalFilename : lsass.exe
ProductName : Microsoft
Created on : 09/09/2002 13:51:32
Last accessed : 23/06/2004 12:50:49
Last modified : 09/09/2002 13:51:32
#:5 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 22-06-2004 22:05:15
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 24/08/2001 12:00:00
Last accessed : 23/06/2004 12:50:49
Last modified : 24/08/2001 12:00:00
#:6 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 22-06-2004 22:05:15
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 24/08/2001 12:00:00
Last accessed : 23/06/2004 12:50:49
Last modified : 24/08/2001 12:00:00
#:7 [ccsetmgr.exe]
FilePath : C:\Archivos de programa\Archivos comunes\Symantec Shared\
ThreadCreationTime : 22-06-2004 22:05:17
BasePriority : Normal
FileSize : 229 KB
FileVersion : 2.0.0.635
ProductVersion : 2.0.0.635
Copyright : Copyright (c) 2000-2003 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Common Client Settings Manager Service
InternalName : ccSetMgr
OriginalFilename : ccSetMgr.exe
ProductName : Common Client
Created on : 20/08/2003 00:58:50
Last accessed : 23/06/2004 12:50:49
Last modified : 20/08/2003 00:58:50
#:8 [ccevtmgr.exe]
FilePath : C:\Archivos de programa\Archivos comunes\Symantec Shared\
ThreadCreationTime : 22-06-2004 22:05:18
BasePriority : Normal
FileSize : 249 KB
FileVersion : 2.0.0.635
ProductVersion : 2.0.0.635
Copyright : Copyright (c) 2000-2003 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Common Client Event Manager Service
InternalName : ccEvtMgr
OriginalFilename : ccEvtMgr.exe
ProductName : Common Client
Created on : 20/08/2003 00:56:12
Last accessed : 23/06/2004 12:50:49
Last modified : 20/08/2003 00:56:12
#:9 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 22-06-2004 22:05:18
BasePriority : Normal
FileSize : 50 KB
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
OriginalFilename : spoolsv.exe
ProductName : Microsoft
Created on : 24/08/2001 12:00:00
Last accessed : 23/06/2004 12:50:49
Last modified : 24/08/2001 12:00:00
#:10 [mdm.exe]
FilePath : C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\
ThreadCreationTime : 22-06-2004 22:05:24
BasePriority : Normal
FileSize : 314 KB
FileVersion : 7.00.9466
ProductVersion : 7.00.9466
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
OriginalFilename : mdm.exe
ProductName : Microsoft
Created on : 19/06/2003 22:25:00
Last accessed : 23/06/2004 12:50:49
Last modified : 19/06/2003 22:25:00
#:11 [navapsvc.exe]
FilePath : C:\Archivos de programa\Norton AntiVirus\
ThreadCreationTime : 22-06-2004 22:05:24
BasePriority : Normal
FileSize : 154 KB
FileVersion : 10.00.109
ProductVersion : 10.00.109
Copyright : Norton AntiVirus 2004 for Windows 98/ME/2000/XP Copyright (c) 2003 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
OriginalFilename : NAVAPSVC.EXE
ProductName : Norton AntiVirus
Created on : 22/08/2003 23:12:54
Last accessed : 23/06/2004 12:50:49
Last modified : 22/08/2003 23:12:54
#:12 [nvsvc32.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 22-06-2004 22:05:24
BasePriority : Normal
FileSize : 80 KB
FileVersion : 6.14.10.5216
ProductVersion : 6.14.10.5216
Copyright : (C) NVIDIA Corporation. All rights reserved.
CompanyName : NVIDIA Corporation
FileDescription : NVIDIA Driver Helper Service, Version 52.16
InternalName : NVSVC
OriginalFilename : nvsvc32.exe
ProductName : NVIDIA Driver Helper Service, Version 52.16
Created on : 06/10/2003 13:16:00
Last accessed : 23/06/2004 12:50:49
Last modified : 06/10/2003 13:16:00
#:13 [savscan.exe]
FilePath : C:\Archivos de programa\Norton AntiVirus\
ThreadCreationTime : 22-06-2004 22:05:24
BasePriority : Normal
FileSize : 189 KB
FileVersion : 9.2.0.79
ProductVersion : 9.2
Copyright : Copyright (c) 2003 Symantec Corporation
CompanyName : Symantec Corporation
FileDescription : Symantec AntiVirus Scanner
InternalName : SAVSCAN
OriginalFilename : SAVSCAN.EXE
ProductName : Symantec AntiVirus AutoProtect
Created on : 10/08/2003 05:26:24
Last accessed : 23/06/2004 12:50:49
Last modified : 10/08/2003 05:26:24
#:14 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 22-06-2004 22:05:25
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 24/08/2001 12:00:00
Last accessed : 23/06/2004 12:50:49
Last modified : 24/08/2001 12:00:00
#:15 [explorer.exe]
FilePath : C:\WINDOWS\
ThreadCreationTime : 22-06-2004 22:05:29
BasePriority : Normal
FileSize : 975 KB
FileVersion : 6.00.2800.1221 (xpsp2.030511-1403)
ProductVersion : 6.00.2800.1221
CompanyName : Microsoft Corporation
FileDescription : Explorador de Windows
InternalName : explorer
OriginalFilename : EXPLORER.EXE
ProductName : Sistema operativo Microsoft
Created on : 29/05/2003 10:51:26
Last accessed : 23/06/2004 12:50:49
Last modified : 29/05/2003 10:51:26
#:16 [ccapp.exe]
FilePath : C:\Archivos de programa\Archivos comunes\Symantec Shared\
ThreadCreationTime : 22-06-2004 22:05:30
BasePriority : Normal
FileSize : 69 KB
FileVersion : 2.0.0.635
ProductVersion : 2.0.0.635
Copyright : Copyright (c) 2000-2003 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Symantec Common Client User Session
InternalName : ccApp
OriginalFilename : ccApp.exe
ProductName : Common Client
Created on : 20/08/2003 00:55:56
Last accessed : 23/06/2004 12:50:49
Last modified : 20/08/2003 00:55:56
#:17 [anydvd.exe]
FilePath : C:\Archivos de programa\SlySoft\AnyDVD\
ThreadCreationTime : 22-06-2004 22:05:31
BasePriority : Normal
FileSize : 173 KB
FileVersion : 3.0.0.7
ProductVersion : 3.0.0.7
Copyright : Copyright 2002 - 2003 SlySoft, Inc.
CompanyName : SlySoft, Inc.
FileDescription : Application
InternalName : ANYDVD
OriginalFilename : AnyDVD.exe
ProductName : AnyDVD
Created on : 21/11/2003 16:07:57
Last accessed : 23/06/2004 12:05:49
Last modified : 21/11/2003 16:07:57
#:18 [ituneshelper.exe]
FilePath : C:\Archivos de programa\iTunes\
ThreadCreationTime : 22-06-2004 22:05:32
BasePriority : Normal
FileSize : 280 KB
FileVersion : 4.6.0.15
ProductVersion : 4.6.0.15
CompanyName : Apple Computer, Inc.
FileDescription : iTunesHelper Module
InternalName : iTunesHelper
OriginalFilename : iTunesHelper.exe
ProductName : iTunes
Created on : 04/06/2004 10:38:12
Last accessed : 23/06/2004 12:50:49
Last modified : 04/06/2004 10:38:12
#:19 [msmsgs.exe]
FilePath : C:\Archivos de programa\Messenger\
ThreadCreationTime : 22-06-2004 22:05:33
BasePriority : Normal
FileSize : 1456 KB
FileVersion : 4.7.2009
ProductVersion : Version 4.7
Copyright : Copyright (c) Microsoft Corporation 1997-2003
CompanyName : Microsoft Corporation
FileDescription : Messenger
InternalName : msmsgs
OriginalFilename : msmsgs.exe
ProductName : Messenger
Created on : 14/04/2003 18:30:14
Last accessed : 23/06/2004 12:30:47
Last modified : 14/04/2003 18:30:14
#:20 [btusrbdg.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 22-06-2004 22:05:34
BasePriority : Normal
FileSize : 52 KB
FileVersion : 1, 0, 1, 0
ProductVersion : 1, 0, 0, 0
Copyright : Copyright (C) 2001 Extended Systems, Inc.
CompanyName : Extended Systems, Inc.
FileDescription : btusrbdg.exe
InternalName : BTUSRBDG
OriginalFilename : btusrbdg.exe
Created on : 20/03/2004 14:48:19
Last accessed : 23/06/2004 12:50:49
Last modified : 19/06/2002 14:04:34
#:21 [soundman.exe]
FilePath : C:\WINDOWS\
ThreadCreationTime : 22-06-2004 22:05:34
BasePriority : Normal
FileSize : 56 KB
FileVersion : 5.1.10
ProductVersion : 5.1.10
Copyright : Copyright (c) 2001-2003 Realtek Semiconductor Corp.
CompanyName : Realtek Semiconductor Corp.
FileDescription : Realtek Sound Manager
InternalName : ALSMTray
OriginalFilename : ALSMTray.exe
ProductName : Realtek Sound Manager
Created on : 15/08/2003 14:34:50
Last accessed : 23/06/2004 12:50:49
Last modified : 15/08/2003 14:34:50
#:22 [ctfmon.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 22-06-2004 22:05:34
BasePriority : Normal
FileSize : 13 KB
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
OriginalFilename : CTFMON.EXE
ProductName : Microsoft
Created on : 09/09/2002 13:51:26
Last accessed : 23/06/2004 12:50:49
Last modified : 09/09/2002 13:51:26
#:23 [netscp.exe]
FilePath : C:\ARCHIV~1\NETSCAPE\NETSCAPE\
ThreadCreationTime : 22-06-2004 22:05:34
BasePriority : Normal
FileSize : 554 KB
FileVersion : 7.1
ProductVersion : 7.1
Copyright : License: MPL 1.1/GPL 2.0/LGPL 2.1
CompanyName : Mozilla, Netscape
FileDescription : Netscape
InternalName : apprunner
OriginalFilename : Netscp.exe
ProductName : Mozilla
Created on : 21/02/2004 19:32:17
Last accessed : 23/06/2004 12:50:49
Last modified : 24/06/2003 11:09:00
#:24 [rundll32.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 22-06-2004 22:05:34
BasePriority : Normal
FileSize : 31 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Ejecutar un archivo DLL como una aplicaci
InternalName : rundll
OriginalFilename : RUNDLL.EXE
ProductName : Sistema operativo Microsoft
Created on : 24/08/2001 12:00:00
Last accessed : 23/06/2004 12:50:49
Last modified : 24/08/2001 12:00:00
#:25 [acrotray.exe]
FilePath : C:\Archivos de programa\Adobe\Acrobat 6.0\Distillr\
ThreadCreationTime : 22-06-2004 22:05:35
BasePriority : Normal
FileSize : 212 KB
FileVersion : 6.0.0.2003051500
ProductVersion : 6.0.0.0
Copyright : Copyright 1984-2003 Adobe Systems Incorporated and its licensors. All rights reserved.
CompanyName : Adobe Systems Inc.
FileDescription : AcroTray
InternalName : AcroTray
OriginalFilename : AcroTray.exe
ProductName : AcroTray - Adobe Acrobat Distiller helper application.
Created on : 15/05/2003 00:19:50
Last accessed : 23/06/2004 12:50:50
Last modified : 15/05/2003 00:19:50
#:26 [audevicemgr.exe]
FilePath : C:\Archivos de programa\Sony Ericsson\Mobile\
ThreadCreationTime : 22-06-2004 22:05:36
BasePriority : Normal
FileSize : 788 KB
FileVersion : 1, 2, 7, 1
ProductVersion : 1, 2, 7, 1
Copyright : Copyright
CompanyName : Teleca Software Solutions AB
FileDescription : Phone Connection Monitor application
InternalName : Device Manager
OriginalFilename : audevicemgr.exe
ProductName : Phone Connection Monitor
Created on : 06/05/2004 12:55:01
Last accessed : 23/06/2004 12:50:50
Last modified : 14/01/2004 15:17:00
#:27 [ipodservice.exe]
FilePath : C:\Archivos de programa\iPod\bin\
ThreadCreationTime : 22-06-2004 22:05:37
BasePriority : Normal
FileSize : 392 KB
FileVersion : 4.6.0.15
ProductVersion : 4.6.0.15
CompanyName : Apple Computer, Inc.
FileDescription : iPodService Module
InternalName : iPodService
OriginalFilename : iPodService.exe
ProductName : iTunes
Created on : 04/06/2004 10:37:56
Last accessed : 23/06/2004 12:50:50
Last modified : 04/06/2004 10:37:56
#:28 [mroute~2.exe]
FilePath : c:\ARCHIV~1\INTUWA~1\Shared\MROUTE~1\
ThreadCreationTime : 22-06-2004 22:05:39
BasePriority : Normal
FileSize : 544 KB
FileVersion : 2, 2, 0, 371
ProductVersion : 2, 0, 0, 1
Copyright : Copyright (C) Intuwave Ltd. 2001
CompanyName : Intuwave Ltd.
FileDescription : mRouterRuntime MFC Application
InternalName : mRouterRuntime
OriginalFilename : mRouterRuntime.EXE
ProductName : mRouter
#:29 [connmn~1.exe]
FilePath : C:\ARCHIV~1\SONYER~1\Mobile\CONNEC~1\
ThreadCreationTime : 22-06-2004 22:05:43
BasePriority : Normal
FileSize : 176 KB
FileVersion : 1, 0, 0, 41
ProductVersion : 1, 0, 0, 1
Copyright : Copyright (C) Symbian Ltd. 2001
CompanyName : Symbian Ltd.
FileDescription : ConnMngmntBox Module
InternalName : ConnMngmntBox
OriginalFilename : ConnMngmntBox.EXE
ProductName : Symbian Connect
#:30 [wisptis.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 22-06-2004 23:21:36
BasePriority : High
FileSize : 185 KB
FileVersion : 1.0.2201.0 (xpsp1.020820-1800)
ProductVersion : 1.0.2201.0
Copyright : Copyright
CompanyName : Microsoft Corporation
FileDescription : Microsoft Tablet PC Platform Component
InternalName : WISPTIS.EXE
OriginalFilename : WISPTIS.EXE
ProductName : Microsoft
Created on : 21/08/2002 04:13:12
Last accessed : 23/06/2004 12:50:50
Last modified : 21/08/2002 04:13:12
#:31 [iexplore.exe]
FilePath : C:\Archivos de programa\Internet Explorer\
ThreadCreationTime : 23-06-2004 12:29:36
BasePriority : Normal
FileSize : 89 KB
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
OriginalFilename : IEXPLORE.EXE
ProductName : Sistema operativo Microsoft
Created on : 21/02/2004 13:19:00
Last accessed : 23/06/2004 12:29:38
Last modified : 09/09/2002 13:51:30
#:32 [firefox.exe]
FilePath : C:\Archivos de programa\Mozilla.org\Firefox\
ThreadCreationTime : 23-06-2004 12:30:38
BasePriority : Normal
FileSize : 6592 KB
FileVersion : 0.8
ProductVersion : Personal
Copyright : Mozilla
CompanyName : Mozilla
FileDescription : Firefox
InternalName : Firefox
ProductName : Firefox
Created on : 10/02/2004 21:12:36
Last accessed : 23/06/2004 12:30:38
Last modified : 10/02/2004 21:12:36
#:33 [ad-aware.exe]
FilePath : C:\Archivos de programa\Lavasoft\Ad-aware 6\
ThreadCreationTime : 23-06-2004 12:37:29
BasePriority : Idle
FileSize : 668 KB
FileVersion : 6.0.1.181
ProductVersion : 6.0.0.0
Copyright : Copyright
CompanyName : Lavasoft Sweden
FileDescription : Ad-aware 6 core application
InternalName : Ad-aware.exe
OriginalFilename : Ad-aware.exe
ProductName : Lavasoft Ad-aware Plus
Created on : 21/06/2004 18:50:31
Last accessed : 23/06/2004 12:32:48
Last modified : 12/07/2003 19:00:20
Memory scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0
Started registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0
Started deep registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Deep registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0
Deep scanning and examining files (C:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
VX2.BetterInternet Object recognized!
Type : File
Data : thnall1t[1].exe
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Miquel Costa\Configuración local\Archivos temporales de Internet\Content.IE5\EVEV2LQ7\
FileSize : 64 KB
FileVersion : 1, 0, 0, 8
ProductVersion : 1, 0, 0, 8
Copyright : BetterInternet, Inc.
CompanyName : BetterInternet, Inc.
FileDescription : www.abetterinternet.com - Utility for downloading files and upgrading software.
InternalName : Install Utility
OriginalFilename : InstUtil.exe
ProductName : Install Utility
Created on : 22/06/2004 19:10:39
Last accessed : 23/06/2004 12:54:33
Last modified : 22/06/2004 19:10:42
WinFavorites Object recognized!
Type : File
Data : sbc_netscape.exe
Category : Malware
Comment :
Object : C:\Documents and Settings\Miquel Costa\Configuración local\Temp\
FileSize : 208 KB
Created on : 22/06/2004 19:20:15
Last accessed : 23/06/2004 12:54:38
Last modified : 01/04/2004 08:32:00
Tracking Cookie Object recognized!
Type : File
Data : miquel costa@0[1].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Miquel Costa\Cookies\
Created on : 23/06/2004 06:38:51
Last accessed : 23/06/2004 12:54:40
Last modified : 23/06/2004 06:38:52
Tracking Cookie Object recognized!
Type : File
Data : miquel costa@advertising[1].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Miquel Costa\Cookies\
Created on : 22/06/2004 21:57:08
Last accessed : 23/06/2004 12:54:40
Last modified : 22/06/2004 21:57:08
Tracking Cookie Object recognized!
Type : File
Data : miquel costa@atdmt[1].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Miquel Costa\Cookies\
Created on : 22/06/2004 19:20:15
Last accessed : 23/06/2004 12:54:40
Last modified : 21/06/2004 18:48:16
Tracking Cookie Object recognized!
Type : File
Data : miquel costa@doubleclick[1].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Miquel Costa\Cookies\
Created on : 22/06/2004 19:41:25
Last accessed : 23/06/2004 12:54:40
Last modified : 22/06/2004 19:41:43
Tracking Cookie Object recognized!
Type : File
Data : miquel costa@mediaplex[1].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Miquel Costa\Cookies\
Created on : 22/06/2004 19:20:15
Last accessed : 23/06/2004 12:54:40
Last modified : 21/06/2004 18:48:32
Tracking Cookie Object recognized!
Type : File
Data : miquel [email protected][1].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Miquel Costa\Cookies\
Created on : 23/06/2004 06:38:52
Last accessed : 23/06/2004 12:54:40
Last modified : 23/06/2004 06:38:52
MainPean Dialer Object recognized!
Type : File
Data : taquilla on freecam humax.zip
Category : Malware
Comment : Object "Taquilla on freecam & humax.exe" found in this archive.
Object : C:\Documents and Settings\Miquel Costa\Els meus documents\CSD\Vell\020508\
FileSize : 70 KB
Created on : 22/06/2004 19:28:33
Last accessed : 23/06/2004 12:55:08
Last modified : 08/05/2002 19:30:02
Object "Taquilla on freecam & humax.exe" found in this archive.
BlazeFind Object recognized!
Type : File
Data : 2_0_1browserhelper2.dll
Category : Malware
Comment :
Object : C:\WINDOWS\
FileSize : 213 KB
Created on : 22/06/2004 19:20:15
Last accessed : 23/06/2004 12:58:17
Last modified : 21/06/2004 18:35:00
Disk scan result for C:\
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 10
Deep scanning and examining files (E:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Tracking Cookie Object recognized!
Type : File
Data : miqco@0[1].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\mes cookies\Cookies\
Created on : 20/02/2004 06:58:28
Last accessed : 23/06/2004 12:59:40
Last modified : 20/02/2004 06:58:32
Tracking Cookie Object recognized!
Type : File
Data : [email protected][1].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\mes cookies\Cookies\
Created on : 15/02/2004 23:29:51
Last accessed : 23/06/2004 12:59:40
Last modified : 15/02/2004 23:29:51
Tracking Cookie Object recognized!
Type : File
Data : miqco@advertising[1].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\mes cookies\Cookies\
Created on : 13/02/1980 23:44:02
Last accessed : 23/06/2004 12:59:40
Last modified : 13/02/1980 23:44:48
Tracking Cookie Object recognized!
Type : File
Data : [email protected][2].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\mes cookies\Cookies\
Created on : 19/02/2004 14:26:05
Last accessed : 23/06/2004 12:59:40
Last modified : 19/02/2004 14:26:05
Tracking Cookie Object recognized!
Type : File
Data : miqco@gator[1].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\mes cookies\Cookies\
Created on : 13/02/1980 23:44:05
Last accessed : 23/06/2004 12:59:40
Last modified : 13/02/1980 23:44:05
Tracking Cookie Object recognized!
Type : File
Data : miqco@hitbox[1].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\mes cookies\Cookies\
Created on : 15/02/2004 05:38:46
Last accessed : 23/06/2004 12:59:40
Last modified : 15/02/2004 05:38:46
Tracking Cookie Object recognized!
Type : File
Data : [email protected][2].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\mes cookies\Cookies\
Created on : 13/02/1980 23:44:16
Last accessed : 23/06/2004 12:59:40
Last modified : 13/02/1980 23:44:48
Tracking Cookie Object recognized!
Type : File
Data : miqco@targetnet[1].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\mes cookies\Cookies\
Created on : 13/02/1980 23:44:10
Last accessed : 23/06/2004 12:59:40
Last modified : 13/02/1980 23:44:48
Tracking Cookie Object recognized!
Type : File
Data : miqco@tribalfusion[1].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\mes cookies\Cookies\
Created on : 13/02/1980 23:45:34
Last accessed : 23/06/2004 12:59:40
Last modified : 13/02/1980 23:45:38
Tracking Cookie Object recognized!
Type : File
Data : miqco@2o7[2].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
FileSize : 1 KB
Created on : 15/12/2003 21:37:12
Last accessed : 23/06/2004 12:59:41
Last modified : 15/12/2003 21:37:41
Tracking Cookie Object recognized!
Type : File
Data : miqco@adrevolver[2].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
Created on : 02/01/2004 14:52:53
Last accessed : 23/06/2004 12:59:41
Last modified : 02/01/2004 14:52:53
Tracking Cookie Object recognized!
Type : File
Data : [email protected][2].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
Created on : 24/10/2003 17:41:36
Last accessed : 23/06/2004 12:59:41
Last modified : 24/10/2003 17:41:36
Tracking Cookie Object recognized!
Type : File
Data : [email protected][2].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
Created on : 21/02/2004 07:28:28
Last accessed : 23/06/2004 12:59:41
Last modified : 21/02/2004 07:28:28
Tracking Cookie Object recognized!
Type : File
Data : [email protected][2].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
Created on : 09/09/2003 22:54:05
Last accessed : 23/06/2004 12:59:41
Last modified : 09/09/2003 22:54:05
Tracking Cookie Object recognized!
Type : File
Data : [email protected][2].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
Created on : 22/12/2003 22:11:33
Last accessed : 23/06/2004 12:59:41
Last modified : 22/12/2003 22:11:34
Tracking Cookie Object recognized!
Type : File
Data : [email protected][1].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
Created on : 27/11/2003 22:36:18
Last accessed : 23/06/2004 12:59:41
Last modified : 27/11/2003 22:36:18
Tracking Cookie Object recognized!
Type : File
Data : [email protected][1].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
Created on : 04/02/2004 13:45:15
Last accessed : 23/06/2004 12:59:41
Last modified : 04/02/2004 13:45:17
Tracking Cookie Object recognized!
Type : File
Data : [email protected][2].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
Created on : 16/11/2003 16:40:16
Last accessed : 23/06/2004 12:59:41
Last modified : 16/11/2003 16:41:26
Tracking Cookie Object recognized!
Type : File
Data : [email protected][2].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
Created on : 27/12/2003 19:37:01
Last accessed : 23/06/2004 12:59:41
Last modified : 27/12/2003 19:37:01
Tracking Cookie Object recognized!
Type : File
Data : miqco@adtech[2].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
Created on : 26/08/2003 14:56:41
Last accessed : 23/06/2004 12:59:41
Last modified : 26/08/2003 14:56:41
Tracking Cookie Object recognized!
Type : File
Data : miqco@advertising[2].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
Created on : 23/01/2004 14:49:17
Last accessed : 23/06/2004 12:59:41
Last modified : 23/01/2004 14:49:17
Tracking Cookie Object recognized!
Type : File
Data : [email protected][1].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
Created on : 21/02/2004 08:58:00
Last accessed : 23/06/2004 12:59:41
Last modified : 21/02/2004 08:58:00
Tracking Cookie Object recognized!
Type : File
Data : miqco@atdmt[2].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
Created on : 24/08/2003 03:32:55
Last accessed : 23/06/2004 12:59:41
Last modified : 24/08/2003 03:32:55
Tracking Cookie Object recognized!
Type : File
Data : miqco@bfast[2].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
Created on : 27/10/2003 23:40:57
Last accessed : 23/06/2004 12:59:41
Last modified : 27/10/2003 23:40:57
Tracking Cookie Object recognized!
Type : File
Data : miqco@bluestreak[2].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
Created on : 20/11/2003 19:56:00
Last accessed : 23/06/2004 12:59:41
Last modified : 09/12/2003 15:04:29
Tracking Cookie Object recognized!
Type : File
Data : miqco@bravenet[1].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
Created on : 25/10/2003 12:42:31
Last accessed : 23/06/2004 12:59:41
Last modified : 25/10/2003 12:42:31
Tracking Cookie Object recognized!
Type : File
Data : [email protected][2].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
Created on : 27/10/2003 23:43:36
Last accessed : 23/06/2004 12:59:41
Last modified : 27/10/2003 23:43:36
Tracking Cookie Object recognized!
Type : File
Data : miqco@cgi-bin[1].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
Created on : 10/12/2003 21:04:48
Last accessed : 23/06/2004 12:59:41
Last modified : 10/12/2003 21:04:48
Tracking Cookie Object recognized!
Type : File
Data : miqco@cgi-bin[2].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
Created on : 02/02/2004 20:29:02
Last accessed : 23/06/2004 12:59:41
Last modified : 02/02/2004 20:29:02
Tracking Cookie Object recognized!
Type : File
Data : miqco@cgi-bin[4].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
Created on : 01/02/2004 13:32:25
Last accessed : 23/06/2004 12:59:41
Last modified : 01/02/2004 13:32:25
Tracking Cookie Object recognized!
Type : File
Data : miqco@cgi-bin[5].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
Created on : 13/01/2004 22:33:03
Last accessed : 23/06/2004 12:59:41
Last modified : 13/01/2004 22:33:03
Tracking Cookie Object recognized!
Type : File
Data : miqco@doubleclick[1].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
Created on : 24/08/2003 23:28:05
Last accessed : 23/06/2004 12:59:41
Last modified : 24/08/2003 23:28:12
Tracking Cookie Object recognized!
Type : File
Data : [email protected][1].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
Created on : 14/09/2003 03:28:25
Last accessed : 23/06/2004 12:59:41
Last modified : 14/09/2003 03:28:28
Tracking Cookie Object recognized!
Type : File
Data : [email protected][2].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
Created on : 29/08/2003 00:06:17
Last accessed : 23/06/2004 12:59:41
Last modified : 29/08/2003 00:06:17
Tracking Cookie Object recognized!
Type : File
Data : [email protected][2].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
Created on : 21/09/2003 16:00:46
Last accessed : 23/06/2004 12:59:41
Last modified : 21/09/2003 16:00:46
Tracking Cookie Object recognized!
Type : File
Data : [email protected][2].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
Created on : 08/12/2003 01:56:06
Last accessed : 23/06/2004 12:59:41
Last modified : 08/12/2003 01:56:06
Tracking Cookie Object recognized!
Type : File
Data : [email protected][2].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
FileSize : 2 KB
Created on : 21/09/2003 18:58:47
Last accessed : 23/06/2004 12:59:41
Last modified : 11/10/2003 12:29:18
Tracking Cookie Object recognized!
Type : File
Data : miqco@fastclick[1].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
Created on : 25/01/2004 03:51:45
Last accessed : 23/06/2004 12:59:41
Last modified : 25/01/2004 03:51:45
Tracking Cookie Object recognized!
Type : File
Data : [email protected][2].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
Created on : 27/08/2003 19:37:16
Last accessed : 23/06/2004 12:59:41
Last modified : 29/10/2003 22:43:56
Tracking Cookie Object recognized!
Type : File
Data : [email protected][2].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
Created on : 04/09/2003 16:01:04
Last accessed : 23/06/2004 12:59:41
Last modified : 04/09/2003 16:01:04
Tracking Cookie Object recognized!
Type : File
Data : [email protected][1].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
Created on : 04/11/2003 22:57:37
Last accessed : 23/06/2004 12:59:41
Last modified : 04/11/2003 22:57:37
Tracking Cookie Object recognized!
Type : File
Data : miqco@hitbox[1].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
Created on : 08/12/2003 01:56:04
Last accessed : 23/06/2004 12:59:41
Last modified : 08/12/2003 01:56:06
Tracking Cookie Object recognized!
Type : File
Data : miqco@hotlog[2].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
Created on : 18/11/2003 22:22:53
Last accessed : 23/06/2004 12:59:41
Last modified : 18/11/2003 22:22:53
Tracking Cookie Object recognized!
Type : File
Data : miqco@maxserving[1].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
Created on : 25/01/2004 03:09:59
Last accessed : 23/06/2004 12:59:42
Last modified : 25/01/2004 03:09:59
Tracking Cookie Object recognized!
Type : File
Data : miqco@mediaplex[2].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
Created on : 14/10/2003 13:54:37
Last accessed : 23/06/2004 12:59:42
Last modified : 14/10/2003 13:54:37
Tracking Cookie Object recognized!
Type : File
Data : [email protected][2].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
Created on : 27/10/2003 23:45:19
Last accessed : 23/06/2004 12:59:42
Last modified : 27/10/2003 23:45:19
Tracking Cookie Object recognized!
Type : File
Data : [email protected][2].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
Created on : 25/08/2003 22:42:04
Last accessed : 23/06/2004 12:59:42
Last modified : 25/08/2003 22:42:04
Tracking Cookie Object recognized!
Type : File
Data : miqco@overture[2].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
Created on : 04/02/2004 15:01:12
Last accessed : 23/06/2004 12:59:42
Last modified : 04/02/2004 15:01:12
Tracking Cookie Object recognized!
Type : File
Data : miqco@qksrv[1].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
Created on : 21/09/2003 19:57:09
Last accessed : 23/06/2004 12:59:42
Last modified : 21/09/2003 19:57:09
Tracking Cookie Object recognized!
Type : File
Data : miqco@questionmarket[1].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
Created on : 04/11/2003 21:17:21
Last accessed : 23/06/2004 12:59:42
Last modified : 13/01/2004 22:29:03
Tracking Cookie Object recognized!
Type : File
Data : miqco@realmedia[1].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
Created on : 16/09/2003 22:59:40
Last accessed : 23/06/2004 12:59:42
Last modified : 16/09/2003 22:59:40
Tracking Cookie Object recognized!
Type : File
Data : [email protected][1].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
FileSize : 1 KB
Created on : 12/02/2004 20:41:02
Last accessed : 23/06/2004 12:59:42
Last modified : 12/02/2004 20:41:02
Tracking Cookie Object recognized!
Type : File
Data : [email protected][2].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
Created on : 01/09/2003 00:32:24
Last accessed : 23/06/2004 12:59:42
Last modified : 01/09/2003 00:32:44
Tracking Cookie Object recognized!
Type : File
Data : miqco@sextracker[2].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
Created on : 27/10/2003 23:43:28
Last accessed : 23/06/2004 12:59:42
Last modified : 27/10/2003 23:43:28
Tracking Cookie Object recognized!
Type : File
Data : miqco@spylog[1].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
Created on : 18/11/2003 22:22:18
Last accessed : 23/06/2004 12:59:42
Last modified : 18/11/2003 22:22:54
Tracking Cookie Object recognized!
Type : File
Data : miqco@tmpad[1].txt
Category : Data Miner
Comment : www.searchtraffic.com
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
Created on : 24/08/2003 23:56:00
Last accessed : 23/06/2004 12:59:42
Last modified : 28/10/2003 14:21:40
Tracking Cookie Object recognized!
Type : File
Data : miqco@tradedoubler[1].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
Created on : 02/02/2004 14:59:02
Last accessed : 23/06/2004 12:59:42
Last modified : 02/02/2004 14:59:02
Tracking Cookie Object recognized!
Type : File
Data : miqco@trafficmp[2].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
Created on : 22/11/2003 10:33:55
Last accessed : 23/06/2004 12:59:42
Last modified : 22/11/2003 10:33:55
Tracking Cookie Object recognized!
Type : File
Data : miqco@tribalfusion[1].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
Created on : 27/10/2003 23:45:08
Last accessed : 23/06/2004 12:59:42
Last modified : 27/10/2003 23:45:08
Tracking Cookie Object recognized!
Type : File
Data : miqco@valueclick[2].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
Created on : 31/08/2003 23:10:25
Last accessed : 23/06/2004 12:59:42
Last modified : 31/08/2003 23:10:25
Tracking Cookie Object recognized!
Type : File
Data : miqco@weborama[2].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
Created on : 20/09/2003 17:45:46
Last accessed : 23/06/2004 12:59:42
Last modified : 20/09/2003 17:45:46
Tracking Cookie Object recognized!
Type : File
Data : [email protected][2].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
Created on : 21/09/2003 15:31:46
Last accessed : 23/06/2004 12:59:43
Last modified : 21/09/2003 15:31:46
Tracking Cookie Object recognized!
Type : File
Data : miqco@xxxtoolbar[2].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
Created on : 27/10/2003 23:49:55
Last accessed : 23/06/2004 12:59:43
Last modified : 27/10/2003 23:49:55
Tracking Cookie Object recognized!
Type : File
Data : [email protected][1].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
Created on : 16/11/2003 02:50:34
Last accessed : 23/06/2004 12:59:43
Last modified : 16/11/2003 02:54:49
Tracking Cookie Object recognized!
Type : File
Data : miqco@zedo[1].txt
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De4\Cookies\
Created on : 21/09/2003 16:04:09
Last accessed : 23/06/2004 12:59:43
Last modified : 21/09/2003 16:04:09
Cydoor Object recognized!
Type : Folder
Category : Data Miner
Comment :
Object : E:\RECYCLER\S-1-5-21-1409082233-1647877149-839522115-1003\De5\Qualcomm\Eudora\EudPriv\Ads\AdCache
Disk scan result for E:\
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 76
Deep scanning and examining files (F:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Disk scan result for F:\
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 76
Deep scanning and examining files (G:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Disk scan result for G:\
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 76
Deep scanning and examining files (H:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯
-
Decir que estos 75 elementos vienen a sumarse a los anteriores que ya tengo en cuarentena.
Cuanta porqueria !!
:o :o :o
-
Ahora necesitaría que reinicies en modo A prueba de errores (F8 ) y efectúes un escaneo idéntico al que acabas de hacer. Si encontrás algo, ponelo en cuarentena.
Una vez terminado reiniciá en modo normal, NO TE CONECTES A INTERNET y realizá un nuevo escaneo idéntico al que hiciste. Debería estar límpio. Si no lo está reiniciá la máquina y volvé a escanear. Así tantas veces como sea necesario hasta que salga un log limpio.
Necesito que publiques ese log.
Lo de no conectarte a Internet es para que nada interfiera con la limpieza del Ad-Aware y que no se infecte el sistema de nuevo.
Una vez publicado ese log te indicaré qué hacer (en función de lo que muestre).
-
hola:
Bienvenido al foro Xesulp.
Sigue las indicaciones de Fats que lo vas a solucionar seguro. ... :wink:
Un saludo
-
Gracias de nuevo.
Bien, he realizado las tareas que me has comentado, con resultado satisfactorio a continuacion envio log
Como antes habia señalado solo he detectado que no me funciona correcatmente la barra de inicio rapido, digase los iconos que se encuentran a continuacion del menu inicio, y que para mi son de mucha utilidad, aunque esta claro que solo se trata de la costumbre de usarlos. Bien podria acostumbrarme a usar otros accesos directos.
Me mosquea el hecho de que lo pueda activar, cada vez que reinicio, pero, no me guarda estos cambios en la proxima sesion.
Ahi va el log,
Saludos.
Lavasoft Ad-aware Personal Build 6.181
Logfile created on :dijous, 24 / juny / 2004 01:37:25
Created with Ad-aware Personal, free for private use.
Using reference-file :01R324 22.06.2004
______________________________________________________
Reffile status:
=========================
Reference file loaded:
Reference Number : 01R324 22.06.2004
Internal build : 256
File location : C:\Archivos de programa\Lavasoft\Ad-aware 6\reflist.ref
Total size : 1265402 Bytes
Signature data size : 1244925 Bytes
Reference data size : 20413 Bytes
Signatures total : 27677
Target categories : 10
Target families : 506
Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium IV
Memory available:72 %
Total physical memory:1048048 kb
Available physical memory:748356 kb
Total page file size:2520548 kb
Available on page file:2328320 kb
Total virtual memory:2097024 kb
Available virtual memory:2053584 kb
OS:
Ad-aware Settings
=========================
Set : Activate in-depth scan (Recommended)
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file
Extended Ad-aware Settings
=========================
Set : Unload recognized processes during scanning
Set : Reanalyze result after scanning, before displaying result list
Set : Run scan as background process (Low CPU usage)
Set : Include basic Ad-aware settings in logfile
Set : Include additional Ad-aware settings in logfile
Set : Let windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Always back up reference file, before updating
Set : Play sound if scan produced a result
24-06-2004 01:37:25 - Scan started. (Custom mode)
Listing running processes
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ThreadCreationTime : 23-06-2004 23:36:49
BasePriority : Normal
#:2 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ThreadCreationTime : 23-06-2004 23:36:53
BasePriority : High
#:3 [services.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 23-06-2004 23:36:54
BasePriority : Normal
FileSize : 99 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
Copyright : Copyright (C) Microsoft Corporation. Reservados todos los derechos.
CompanyName : Microsoft Corporation
FileDescription : Aplicaci
InternalName : services.exe
OriginalFilename : services.exe
ProductName : Sistema operativo Microsoft
Created on : 24/08/2001 12:00:00
Last accessed : 23/06/2004 23:13:35
Last modified : 24/08/2001 12:00:00
#:4 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 23-06-2004 23:36:54
BasePriority : Normal
FileSize : 11 KB
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
OriginalFilename : lsass.exe
ProductName : Microsoft
Created on : 09/09/2002 13:51:32
Last accessed : 23/06/2004 23:13:35
Last modified : 09/09/2002 13:51:32
#:5 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 23-06-2004 23:36:55
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 24/08/2001 12:00:00
Last accessed : 23/06/2004 23:13:35
Last modified : 24/08/2001 12:00:00
#:6 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 23-06-2004 23:36:55
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 24/08/2001 12:00:00
Last accessed : 23/06/2004 23:13:35
Last modified : 24/08/2001 12:00:00
#:7 [ccsetmgr.exe]
FilePath : C:\Archivos de programa\Archivos comunes\Symantec Shared\
ThreadCreationTime : 23-06-2004 23:36:56
BasePriority : Normal
FileSize : 229 KB
FileVersion : 2.0.0.635
ProductVersion : 2.0.0.635
Copyright : Copyright (c) 2000-2003 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Common Client Settings Manager Service
InternalName : ccSetMgr
OriginalFilename : ccSetMgr.exe
ProductName : Common Client
Created on : 20/08/2003 00:58:50
Last accessed : 23/06/2004 23:13:35
Last modified : 20/08/2003 00:58:50
#:8 [ccevtmgr.exe]
FilePath : C:\Archivos de programa\Archivos comunes\Symantec Shared\
ThreadCreationTime : 23-06-2004 23:36:57
BasePriority : Normal
FileSize : 249 KB
FileVersion : 2.0.0.635
ProductVersion : 2.0.0.635
Copyright : Copyright (c) 2000-2003 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Common Client Event Manager Service
InternalName : ccEvtMgr
OriginalFilename : ccEvtMgr.exe
ProductName : Common Client
Created on : 20/08/2003 00:56:12
Last accessed : 23/06/2004 23:13:35
Last modified : 20/08/2003 00:56:12
#:9 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 23-06-2004 23:36:58
BasePriority : Normal
FileSize : 50 KB
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
OriginalFilename : spoolsv.exe
ProductName : Microsoft
Created on : 24/08/2001 12:00:00
Last accessed : 23/06/2004 23:13:35
Last modified : 24/08/2001 12:00:00
#:10 [mdm.exe]
FilePath : C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\
ThreadCreationTime : 23-06-2004 23:36:58
BasePriority : Normal
FileSize : 314 KB
FileVersion : 7.00.9466
ProductVersion : 7.00.9466
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
OriginalFilename : mdm.exe
ProductName : Microsoft
Created on : 19/06/2003 22:25:00
Last accessed : 23/06/2004 23:13:35
Last modified : 19/06/2003 22:25:00
#:11 [navapsvc.exe]
FilePath : C:\Archivos de programa\Norton AntiVirus\
ThreadCreationTime : 23-06-2004 23:36:58
BasePriority : Normal
FileSize : 154 KB
FileVersion : 10.00.109
ProductVersion : 10.00.109
Copyright : Norton AntiVirus 2004 for Windows 98/ME/2000/XP Copyright (c) 2003 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
OriginalFilename : NAVAPSVC.EXE
ProductName : Norton AntiVirus
Created on : 22/08/2003 23:12:54
Last accessed : 23/06/2004 23:13:35
Last modified : 22/08/2003 23:12:54
#:12 [nvsvc32.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 23-06-2004 23:36:58
BasePriority : Normal
FileSize : 80 KB
FileVersion : 6.14.10.5216
ProductVersion : 6.14.10.5216
Copyright : (C) NVIDIA Corporation. All rights reserved.
CompanyName : NVIDIA Corporation
FileDescription : NVIDIA Driver Helper Service, Version 52.16
InternalName : NVSVC
OriginalFilename : nvsvc32.exe
ProductName : NVIDIA Driver Helper Service, Version 52.16
Created on : 06/10/2003 13:16:00
Last accessed : 23/06/2004 23:13:35
Last modified : 06/10/2003 13:16:00
#:13 [savscan.exe]
FilePath : C:\Archivos de programa\Norton AntiVirus\
ThreadCreationTime : 23-06-2004 23:36:58
BasePriority : Normal
FileSize : 189 KB
FileVersion : 9.2.0.79
ProductVersion : 9.2
Copyright : Copyright (c) 2003 Symantec Corporation
CompanyName : Symantec Corporation
FileDescription : Symantec AntiVirus Scanner
InternalName : SAVSCAN
OriginalFilename : SAVSCAN.EXE
ProductName : Symantec AntiVirus AutoProtect
Created on : 10/08/2003 05:26:24
Last accessed : 23/06/2004 23:13:35
Last modified : 10/08/2003 05:26:24
#:14 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 23-06-2004 23:36:58
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 24/08/2001 12:00:00
Last accessed : 23/06/2004 23:13:35
Last modified : 24/08/2001 12:00:00
#:15 [userinit.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 23-06-2004 23:37:01
BasePriority : Normal
FileSize : 22 KB
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
CompanyName : Microsoft Corporation
FileDescription : Aplicaci
InternalName : userinit
OriginalFilename : USERINIT.EXE
ProductName : Sistema operativo Microsoft
Created on : 09/09/2002 13:51:42
Last accessed : 23/06/2004 23:36:48
Last modified : 09/09/2002 13:51:42
#:16 [explorer.exe]
FilePath : C:\WINDOWS\
ThreadCreationTime : 23-06-2004 23:37:01
BasePriority : Normal
FileSize : 975 KB
FileVersion : 6.00.2800.1221 (xpsp2.030511-1403)
ProductVersion : 6.00.2800.1221
CompanyName : Microsoft Corporation
FileDescription : Explorador de Windows
InternalName : explorer
OriginalFilename : EXPLORER.EXE
ProductName : Sistema operativo Microsoft
Created on : 29/05/2003 10:51:26
Last accessed : 23/06/2004 23:37:01
Last modified : 29/05/2003 10:51:26
#:17 [ccapp.exe]
FilePath : C:\Archivos de programa\Archivos comunes\Symantec Shared\
ThreadCreationTime : 23-06-2004 23:37:03
BasePriority : Normal
FileSize : 69 KB
FileVersion : 2.0.0.635
ProductVersion : 2.0.0.635
Copyright : Copyright (c) 2000-2003 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Symantec Common Client User Session
InternalName : ccApp
OriginalFilename : ccApp.exe
ProductName : Common Client
Created on : 20/08/2003 00:55:56
Last accessed : 23/06/2004 23:36:48
Last modified : 20/08/2003 00:55:56
#:18 [sgtray.exe]
FilePath : C:\Archivos de programa\Archivos comunes\Sonic\Update Manager\
ThreadCreationTime : 23-06-2004 23:37:03
BasePriority : Normal
FileSize : 108 KB
FileVersion : 1.01.32a
Copyright : Copyright
CompanyName : Sonic Solutions
FileDescription : Sonic Update Manager
Created on : 19/08/2003 00:01:00
Last accessed : 23/06/2004 23:36:48
Last modified : 19/08/2003 00:01:00
#:19 [anydvd.exe]
FilePath : C:\Archivos de programa\SlySoft\AnyDVD\
ThreadCreationTime : 23-06-2004 23:37:04
BasePriority : Normal
FileSize : 173 KB
FileVersion : 3.0.0.7
ProductVersion : 3.0.0.7
Copyright : Copyright 2002 - 2003 SlySoft, Inc.
CompanyName : SlySoft, Inc.
FileDescription : Application
InternalName : ANYDVD
OriginalFilename : AnyDVD.exe
ProductName : AnyDVD
Created on : 21/11/2003 16:07:57
Last accessed : 23/06/2004 23:37:09
Last modified : 21/11/2003 16:07:57
#:20 [ituneshelper.exe]
FilePath : C:\Archivos de programa\iTunes\
ThreadCreationTime : 23-06-2004 23:37:04
BasePriority : Normal
FileSize : 280 KB
FileVersion : 4.6.0.15
ProductVersion : 4.6.0.15
CompanyName : Apple Computer, Inc.
FileDescription : iTunesHelper Module
InternalName : iTunesHelper
OriginalFilename : iTunesHelper.exe
ProductName : iTunes
Created on : 04/06/2004 10:38:12
Last accessed : 23/06/2004 23:13:35
Last modified : 04/06/2004 10:38:12
#:21 [msmsgs.exe]
FilePath : C:\Archivos de programa\Messenger\
ThreadCreationTime : 23-06-2004 23:37:06
BasePriority : Normal
FileSize : 1456 KB
FileVersion : 4.7.2009
ProductVersion : Version 4.7
Copyright : Copyright (c) Microsoft Corporation 1997-2003
CompanyName : Microsoft Corporation
FileDescription : Messenger
InternalName : msmsgs
OriginalFilename : msmsgs.exe
ProductName : Messenger
Created on : 14/04/2003 18:30:14
Last accessed : 23/06/2004 23:37:06
Last modified : 14/04/2003 18:30:14
#:22 [btusrbdg.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 23-06-2004 23:37:06
BasePriority : Normal
FileSize : 52 KB
FileVersion : 1, 0, 1, 0
ProductVersion : 1, 0, 0, 0
Copyright : Copyright (C) 2001 Extended Systems, Inc.
CompanyName : Extended Systems, Inc.
FileDescription : btusrbdg.exe
InternalName : BTUSRBDG
OriginalFilename : btusrbdg.exe
Created on : 20/03/2004 14:48:19
Last accessed : 23/06/2004 23:13:35
Last modified : 19/06/2002 14:04:34
#:23 [soundman.exe]
FilePath : C:\WINDOWS\
ThreadCreationTime : 23-06-2004 23:37:06
BasePriority : Normal
FileSize : 56 KB
FileVersion : 5.1.10
ProductVersion : 5.1.10
Copyright : Copyright (c) 2001-2003 Realtek Semiconductor Corp.
CompanyName : Realtek Semiconductor Corp.
FileDescription : Realtek Sound Manager
InternalName : ALSMTray
OriginalFilename : ALSMTray.exe
ProductName : Realtek Sound Manager
Created on : 15/08/2003 14:34:50
Last accessed : 23/06/2004 23:36:48
Last modified : 15/08/2003 14:34:50
#:24 [rundll32.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 23-06-2004 23:37:07
BasePriority : Normal
FileSize : 31 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Ejecutar un archivo DLL como una aplicaci
InternalName : rundll
OriginalFilename : RUNDLL.EXE
ProductName : Sistema operativo Microsoft
Created on : 24/08/2001 12:00:00
Last accessed : 23/06/2004 23:37:02
Last modified : 24/08/2001 12:00:00
#:25 [ctfmon.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 23-06-2004 23:37:07
BasePriority : Normal
FileSize : 13 KB
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
OriginalFilename : CTFMON.EXE
ProductName : Microsoft
Created on : 09/09/2002 13:51:26
Last accessed : 23/06/2004 23:36:48
Last modified : 09/09/2002 13:51:26
#:26 [netscp.exe]
FilePath : C:\ARCHIV~1\NETSCAPE\NETSCAPE\
ThreadCreationTime : 23-06-2004 23:37:07
BasePriority : Normal
FileSize : 554 KB
FileVersion : 7.1
ProductVersion : 7.1
Copyright : License: MPL 1.1/GPL 2.0/LGPL 2.1
CompanyName : Mozilla, Netscape
FileDescription : Netscape
InternalName : apprunner
OriginalFilename : Netscp.exe
ProductName : Mozilla
Created on : 21/02/2004 19:32:17
Last accessed : 23/06/2004 23:36:48
Last modified : 24/06/2003 11:09:00
#:27 [acrotray.exe]
FilePath : C:\Archivos de programa\Adobe\Acrobat 6.0\Distillr\
ThreadCreationTime : 23-06-2004 23:37:07
BasePriority : Normal
FileSize : 212 KB
FileVersion : 6.0.0.2003051500
ProductVersion : 6.0.0.0
Copyright : Copyright 1984-2003 Adobe Systems Incorporated and its licensors. All rights reserved.
CompanyName : Adobe Systems Inc.
FileDescription : AcroTray
InternalName : AcroTray
OriginalFilename : AcroTray.exe
ProductName : AcroTray - Adobe Acrobat Distiller helper application.
Created on : 15/05/2003 00:19:50
Last accessed : 23/06/2004 23:36:48
Last modified : 15/05/2003 00:19:50
#:28 [ipodservice.exe]
FilePath : C:\Archivos de programa\iPod\bin\
ThreadCreationTime : 23-06-2004 23:37:08
BasePriority : Normal
FileSize : 392 KB
FileVersion : 4.6.0.15
ProductVersion : 4.6.0.15
CompanyName : Apple Computer, Inc.
FileDescription : iPodService Module
InternalName : iPodService
OriginalFilename : iPodService.exe
ProductName : iTunes
Created on : 04/06/2004 10:37:56
Last accessed : 23/06/2004 23:13:35
Last modified : 04/06/2004 10:37:56
#:29 [audevicemgr.exe]
FilePath : C:\Archivos de programa\Sony Ericsson\Mobile\
ThreadCreationTime : 23-06-2004 23:37:09
BasePriority : Normal
FileSize : 788 KB
FileVersion : 1, 2, 7, 1
ProductVersion : 1, 2, 7, 1
Copyright : Copyright
CompanyName : Teleca Software Solutions AB
FileDescription : Phone Connection Monitor application
InternalName : Device Manager
OriginalFilename : audevicemgr.exe
ProductName : Phone Connection Monitor
Created on : 06/05/2004 12:55:01
Last accessed : 23/06/2004 23:37:09
Last modified : 14/01/2004 15:17:00
#:30 [mroute~2.exe]
FilePath : c:\ARCHIV~1\INTUWA~1\Shared\MROUTE~1\
ThreadCreationTime : 23-06-2004 23:37:11
BasePriority : Normal
FileSize : 544 KB
FileVersion : 2, 2, 0, 371
ProductVersion : 2, 0, 0, 1
Copyright : Copyright (C) Intuwave Ltd. 2001
CompanyName : Intuwave Ltd.
FileDescription : mRouterRuntime MFC Application
InternalName : mRouterRuntime
OriginalFilename : mRouterRuntime.EXE
ProductName : mRouter
#:31 [connmn~1.exe]
FilePath : C:\ARCHIV~1\SONYER~1\Mobile\CONNEC~1\
ThreadCreationTime : 23-06-2004 23:37:15
BasePriority : Normal
FileSize : 176 KB
FileVersion : 1, 0, 0, 41
ProductVersion : 1, 0, 0, 1
Copyright : Copyright (C) Symbian Ltd. 2001
CompanyName : Symbian Ltd.
FileDescription : ConnMngmntBox Module
InternalName : ConnMngmntBox
OriginalFilename : ConnMngmntBox.EXE
ProductName : Symbian Connect
#:32 [ad-aware.exe]
FilePath : C:\Archivos de programa\Lavasoft\Ad-aware 6\
ThreadCreationTime : 23-06-2004 23:37:18
BasePriority : Idle
FileSize : 668 KB
FileVersion : 6.0.1.181
ProductVersion : 6.0.0.0
Copyright : Copyright
CompanyName : Lavasoft Sweden
FileDescription : Ad-aware 6 core application
InternalName : Ad-aware.exe
OriginalFilename : Ad-aware.exe
ProductName : Lavasoft Ad-aware Plus
Created on : 21/06/2004 18:50:31
Last accessed : 23/06/2004 23:37:18
Last modified : 12/07/2003 19:00:20
Memory scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0
Started registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0
Started deep registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Deep registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0
Deep scanning and examining files (C:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Disk scan result for C:\
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0
Deep scanning and examining files (E:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Disk scan result for E:\
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0
Deep scanning and examining files (F:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Disk scan result for F:\
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0
Deep scanning and examining files (G:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Disk scan result for G:\
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0
Deep scanning and examining files (H:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Disk scan result for H:\
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0
Scanning Hosts file(C:\WINDOWS\System32\drivers\etc\hosts)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Hosts file scan result:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
1 entries scanned.
New objects :0
Objects found so far: 0
01:46:32 Scan complete
Summary of this scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Total scanning time :00:09:06:140
Objects scanned :163617
Objects identified :0
Objects ignored :0
New objects :0
-
Ok, ahora bajate el HijackThis de http://www.spywareinfo.com/~merijn/files/HijackThis.exe
Ponelo en una carpeta nueva llamada C:\HijackThis y abrilo. Presioná Scan, luego Save log, aceptá y en el Bloc de notas que se abre copiá TODO el texto y pegalo acá.
Vamos a ver si al Ad-Aware se le está escapando algo, y qué puede ser.
Espero el log.
-
Bien, pues, este es el log correspondiente a este programa,
Nuevos datos si hay
Saludos
Logfile of HijackThis v1.97.7
Scan saved at 21:02:08, on 24/06/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Archivos de programa\Archivos comunes\Symantec Shared\ccSetMgr.exe
C:\Archivos de programa\Archivos comunes\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Archivos de programa\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Archivos de programa\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Archivos de programa\Archivos comunes\Symantec Shared\ccApp.exe
C:\Archivos de programa\SlySoft\AnyDVD\AnyDVD.exe
C:\Archivos de programa\iTunes\iTunesHelper.exe
C:\Archivos de programa\Messenger\msmsgs.exe
C:\WINDOWS\System32\BtUsrBdg.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\rundll32.exe
C:\Archivos de programa\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Archivos de programa\Sony Ericsson\Mobile\audevicemgr.exe
C:\Archivos de programa\iPod\bin\iPodService.exe
c:\ARCHIV~1\INTUWA~1\Shared\MROUTE~1\MROUTE~2.EXE
C:\ARCHIV~1\SONYER~1\Mobile\CONNEC~1\CONNMN~1.EXE
C:\WINDOWS\System32\WISPTIS.EXE
C:\ARCHIV~1\NETSCAPE\NETSCAPE\NETSCP.EXE
C:\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS10
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ct.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = miquelcosta.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
F2 - REG:system.ini: UserInit=C:\Windows\System32\wsaupdater.exe,
O2 - BHO: (no name) - {0000607D-D204-42C7-8E46-216055BF9918} - (no file)
O2 - BHO: (no name) - {0096CC0A-623C-4829-AD9C-19AF0DC9D8FE} - C:\Archivos de programa\DAP\DAPIEBar.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Archivos de programa\Yahoo!\Companion\Installs\cpn\ycomp5_3_16_0.dll
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Archivos de programa\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Archivos de programa\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Archivos de programa\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Archivos de programa\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Archivos de programa\DAP\DAPIEBar.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Archivos de programa\Yahoo!\Companion\Installs\cpn\ycomp5_3_16_0.dll
O4 - HKLM\..\Run: [PtiuPbmd] Rundll32.exe ptipbm.dll,SetWriteBack
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Archivos de programa\Archivos comunes\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Archivos de programa\Archivos comunes\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [AnyDVD] C:\Archivos de programa\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Archivos de programa\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Archivos de programa\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [xsrun] C:\WINDOWS\xsrun.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [BTUSRBDG] BtUsrBdg.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Windows SA] C:\Program Files\WindowsSA\omniscient.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Archivos de programa\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Mozilla Quick Launch] "C:\ARCHIV~1\NETSCAPE\NETSCAPE\NETSCP.EXE" -turbo
O4 - Global Startup: Acrobat Assistant.lnk = C:\Archivos de programa\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Monitor de conexión del teléfono.lnk = ?
O8 - Extra context menu item: &Download with &DAP - C:\ARCHIV~1\DAP\dapextie.htm
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Run DAP (HKLM)
O9 - Extra button: Research (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {2253F320-AB68-4A07-917D-4F12D8884A06} (ChainCast VMR Client Proxy) - http://www.streamaudio.com/download/ccpm_0237.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst0401.cab
O16 - DPF: {4B6015E7-3ABB-45DC-96B7-55A843751F28} (IntRuboskizo2 Class) - http://www.contenidospc.com/ruboskizo2.cab
O16 - DPF: {4E330863-6A11-11D0-BFD8-006097237877} (InstallFromTheWeb ActiveX Control) - http://tw.msi.com.tw/autobios/client/iftwclix.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38038.2740625
O16 - DPF: {B785FA3C-1DE9-4D20-8396-613C486FE95E} (AeatCtl Class) - https://www4.aeat.es/es13/h/cactivex.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/detection/ITDetector.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/2,0,0,4364/mcfscan.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{BDDB0DBF-14D3-4DCC-87F6-C69ABD97BB44}: NameServer = 80.58.0.33,80.58.32.97
O17 - HKLM\System\CCS\Services\Tcpip\..\{F4852B99-0707-4EDE-9909-01C4430EFD0B}: NameServer = 80.58.0.33,80.58.32.97
-
Ok, esto es extraño porque me están faltando cosas, pero lo que se ve es BlazeFind. Para eliminar el BlazeFind hacé lo siguiente:
Buscá este archivo C:\Windows\System32\wsaupdater.exe. Si no lo encontraste, avisame. Ahora, si lo encontraste NO LO BORRES!!! Y hacé lo que pongo a continuación:
Abrí el Bloc de notas y copiá lo que está a continuación:
REGEDIT4
[ HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"=C:\Windows\System32\userinit.exe,
Guardalo como BlazeFindRemover.reg (asegurate de cambiar el 'Guardar como tipo:' de .txt a Todos los archivos (*.*)), y luego hacé un click derecho sobre el archivo .reg y elegí Merge (Combinar). Decile que sí para combinarlo, y con eso se terminó esta parte. Luego reiniciá (MUY IMPORTANTE), borrá el archivo wsaupdater.exe de la carpeta system32, y publicá un log de HijackThis nuevo.
No podemos borrar ese archivo por el siguiente motivo (en inglés):
Lavasoft Knowledge Base Article 04060901
Unable to Log On To Windows XP After Removing wsaupdater.exe
http://www.lavahelp.com/articles/v6/04/06/0901.html
Parece que si se elimina luego impide el ingreso al sistema.
Cuando publiques el log continuamos con la limpieza.
-
He encontrado el archivo, he seguido las instrucciones para borrarlo y este es el log del HijackThis
Logfile of HijackThis v1.97.7
Scan saved at 21:52:57, on 24/06/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Archivos de programa\Archivos comunes\Symantec Shared\ccSetMgr.exe
C:\Archivos de programa\Archivos comunes\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Archivos de programa\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Archivos de programa\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Archivos de programa\Archivos comunes\Symantec Shared\ccApp.exe
C:\Archivos de programa\Archivos comunes\Sonic\Update Manager\sgtray.exe
C:\Archivos de programa\SlySoft\AnyDVD\AnyDVD.exe
C:\Archivos de programa\iTunes\iTunesHelper.exe
C:\Archivos de programa\Messenger\msmsgs.exe
C:\WINDOWS\System32\BtUsrBdg.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\ARCHIV~1\NETSCAPE\NETSCAPE\NETSCP.EXE
C:\WINDOWS\System32\rundll32.exe
C:\Archivos de programa\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Archivos de programa\iPod\bin\iPodService.exe
C:\Archivos de programa\Sony Ericsson\Mobile\audevicemgr.exe
c:\ARCHIV~1\INTUWA~1\Shared\MROUTE~1\MROUTE~2.EXE
C:\ARCHIV~1\SONYER~1\Mobile\CONNEC~1\CONNMN~1.EXE
C:\Archivos de programa\Mozilla.org\Firefox\firefox.exe
C:\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS10
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ct.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = miquelcosta.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
F2 - REG:system.ini: UserInit=C:\Windows\System32\wsaupdater.exe,
O2 - BHO: (no name) - {0000607D-D204-42C7-8E46-216055BF9918} - (no file)
O2 - BHO: (no name) - {0096CC0A-623C-4829-AD9C-19AF0DC9D8FE} - C:\Archivos de programa\DAP\DAPIEBar.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Archivos de programa\Yahoo!\Companion\Installs\cpn\ycomp5_3_16_0.dll
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Archivos de programa\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Archivos de programa\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Archivos de programa\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Archivos de programa\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Archivos de programa\DAP\DAPIEBar.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Archivos de programa\Yahoo!\Companion\Installs\cpn\ycomp5_3_16_0.dll
O4 - HKLM\..\Run: [PtiuPbmd] Rundll32.exe ptipbm.dll,SetWriteBack
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Archivos de programa\Archivos comunes\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Archivos de programa\Archivos comunes\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [AnyDVD] C:\Archivos de programa\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Archivos de programa\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Archivos de programa\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [xsrun] C:\WINDOWS\xsrun.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [BTUSRBDG] BtUsrBdg.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Windows SA] C:\Program Files\WindowsSA\omniscient.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Archivos de programa\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Mozilla Quick Launch] "C:\ARCHIV~1\NETSCAPE\NETSCAPE\NETSCP.EXE" -turbo
O4 - Global Startup: Acrobat Assistant.lnk = C:\Archivos de programa\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Monitor de conexión del teléfono.lnk = ?
O8 - Extra context menu item: &Download with &DAP - C:\ARCHIV~1\DAP\dapextie.htm
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Run DAP (HKLM)
O9 - Extra button: Research (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {2253F320-AB68-4A07-917D-4F12D8884A06} (ChainCast VMR Client Proxy) - http://www.streamaudio.com/download/ccpm_0237.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst0401.cab
O16 - DPF: {4B6015E7-3ABB-45DC-96B7-55A843751F28} (IntRuboskizo2 Class) - http://www.contenidospc.com/ruboskizo2.cab
O16 - DPF: {4E330863-6A11-11D0-BFD8-006097237877} (InstallFromTheWeb ActiveX Control) - http://tw.msi.com.tw/autobios/client/iftwclix.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38038.2740625
O16 - DPF: {B785FA3C-1DE9-4D20-8396-613C486FE95E} (AeatCtl Class) - https://www4.aeat.es/es13/h/cactivex.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/detection/ITDetector.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/2,0,0,4364/mcfscan.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{BDDB0DBF-14D3-4DCC-87F6-C69ABD97BB44}: NameServer = 80.58.0.33,80.58.32.97
O17 - HKLM\System\CCS\Services\Tcpip\..\{F4852B99-0707-4EDE-9909-01C4430EFD0B}: NameServer = 80.58.0.33,80.58.32.97
-
Ok, ahora cerrá absolutamente todos los programas y las ventanas de navegador y abrí el HijackThis. Presioná Scan y poné una marca en SÓLO las entradas que siguen (no hagas como uno que vi hoy que eliminó todas las entradas del HT por su cuenta... y dice que la máquina le funciona bien... :shock: ):
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS10
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ct.yahoo.com/
F2 - REG:system.ini: UserInit=C:\Windows\System32\wsaupdater.exe,
O2 - BHO: (no name) - {0000607D-D204-42C7-8E46-216055BF9918} - (no file)
O4 - HKLM\..\Run: [PtiuPbmd] Rundll32.exe ptipbm.dll,SetWriteBack
O4 - HKLM\..\Run: [xsrun] C:\WINDOWS\xsrun.exe
O4 - HKLM\..\Run: [Windows SA] C:\Program Files\WindowsSA\omniscient.exe
O4 - Global Startup: Monitor de conexión del teléfono.lnk = ?
O16 - DPF: {2253F320-AB68-4A07-917D-4F12D8884A06} (ChainCast VMR Client Proxy) - http://www.streamaudio.com/download/ccpm_0237.cab
O16 - DPF: {4B6015E7-3ABB-45DC-96B7-55A843751F28} (IntRuboskizo2 Class) - http://www.contenidospc.com/ruboskizo2.cab
O16 - DPF: {4E330863-6A11-11D0-BFD8-006097237877} (InstallFromTheWeb ActiveX Control) - http://tw.msi.com.tw/autobios/client/iftwclix.cab
O16 - DPF: {B785FA3C-1DE9-4D20-8396-613C486FE95E} (AeatCtl Class) - https://www4.aeat.es/es13/h/cactivex.cab
Fijate en esta entrada:
O4 - HKLM\..\Run: [PtiuPbmd] Rundll32.exe ptipbm.dll,SetWriteBack
Según lo que encuentro dice que es de tipo X, o sea, malware. Pero tiene una nota agregada (en inglés):
Installed with the miniport drivers for Promise hard drive controllers in both RAID and non-RAID installations. If used is it required?
Lo que entiendo es que si tenés disco rígido Promise esto está bien, aunque no se sabe si es requerido. Pero si no tenés esos controladores o esa marca de disco... Lo dejo en tus manos. Si querés lo marcás, si no, no.
Una vez marcado todo apretá Fix checked. Cerrá el HijackThis.
Fijate si tenés en Panel de control->Añadir / Quitar programas un desinstalador para WindowsSA u Omniscient. Si lo encontrás, usalo.
Ahora quiero que reinicies en modo A prueba de errores (con F8 ) y una vez en dicho modo busques los siguientes archivos:
C:\WINDOWS\xsrun.exe
C:\Program Files\WindowsSA\omniscient.exe
Una vez localizados, por favor copialos a una nueva carpeta llamada C:\Basura. Si se desinstaló el Omniscient, probablemente no encuentres el archivo. El otro espero que sí... De cualquier modo, seguí las instrucciones en http://www.daboweb.com/phpBB2/viewtopic.php?t=5087 para mostrar archivos ocultos (por las dudas). Si aún así no encontrás nada no te preocupes.
El objetivo de copiar esos archivos a esa carpeta es para enviarlos a analizar más tarde, porque el Ad-Aware no los detecta.
Una vez copiados, eilminá lo que está en negrita (un archivo y una carpeta):
C:\WINDOWS\xsrun.exe
C:\Program Files\WindowsSA\
Reiniciá en modo normal y publicá un nuevo log de HijackThis.
-
GENIAL
Esta ultima vez que reinicie, ya me aparecia la barra de inicio rapido!!
Decir que pude desinstalar WindowsSA desde el panel de control, que a su vez instaló otro programa llamado parecido, no lo recuerdo algo así como 2.0 despues en modo a prueba de errores no encontre los archivos que mencionas.
Este es el ultimo log
Logfile of HijackThis v1.97.7
Scan saved at 22:59:39, on 24/06/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Archivos de programa\Archivos comunes\Symantec Shared\ccSetMgr.exe
C:\Archivos de programa\Archivos comunes\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Archivos de programa\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Archivos de programa\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Archivos de programa\Archivos comunes\Symantec Shared\ccApp.exe
C:\Archivos de programa\Archivos comunes\Sonic\Update Manager\sgtray.exe
C:\Archivos de programa\SlySoft\AnyDVD\AnyDVD.exe
C:\Archivos de programa\iTunes\iTunesHelper.exe
C:\WINDOWS\System32\BtUsrBdg.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\Archivos de programa\Messenger\msmsgs.exe
C:\ARCHIV~1\NETSCAPE\NETSCAPE\NETSCP.EXE
C:\Archivos de programa\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\WINDOWS\System32\rundll32.exe
C:\Archivos de programa\iPod\bin\iPodService.exe
C:\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = miquelcosta.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
O2 - BHO: (no name) - {0096CC0A-623C-4829-AD9C-19AF0DC9D8FE} - C:\Archivos de programa\DAP\DAPIEBar.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Archivos de programa\Yahoo!\Companion\Installs\cpn\ycomp5_3_16_0.dll
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Archivos de programa\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Archivos de programa\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Archivos de programa\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Archivos de programa\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Archivos de programa\DAP\DAPIEBar.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Archivos de programa\Yahoo!\Companion\Installs\cpn\ycomp5_3_16_0.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Archivos de programa\Archivos comunes\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Archivos de programa\Archivos comunes\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [AnyDVD] C:\Archivos de programa\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Archivos de programa\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Archivos de programa\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [BTUSRBDG] BtUsrBdg.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Archivos de programa\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Mozilla Quick Launch] "C:\ARCHIV~1\NETSCAPE\NETSCAPE\NETSCP.EXE" -turbo
O4 - Global Startup: Acrobat Assistant.lnk = C:\Archivos de programa\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O8 - Extra context menu item: &Download with &DAP - C:\ARCHIV~1\DAP\dapextie.htm
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Run DAP (HKLM)
O9 - Extra button: Research (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst0401.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38038.2740625
O16 - DPF: {B785FA3C-1DE9-4D20-8396-613C486FE95E} (AeatCtl Class) - https://www4.aeat.es/es13/h/cactivex.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/detection/ITDetector.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/2,0,0,4364/mcfscan.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{BDDB0DBF-14D3-4DCC-87F6-C69ABD97BB44}: NameServer = 80.58.0.33,80.58.32.97
O17 - HKLM\System\CCS\Services\Tcpip\..\{F4852B99-0707-4EDE-9909-01C4430EFD0B}: NameServer = 80.58.0.33,80.58.32.97
-
No te preocupes por los archivos. El log se ve límpio, pero lo que me interesa es tu opinión sobre tu máquina. ¿Cómo la sentís? ¿Funciona bien?
-
Va muy bien, de momento no he notado ninguna disfuncion.
Solo una cosa mas, cuando arranca cuando estan arrancando los programas que hay en el tray, se escucha un sonido de error, que no se cual de los programas que arrancan es. No es que me moleste mucho, ya que la mayoria de las veces arranco sin sonido, pero si hay algun programa que realmente no funciona, se podria quitar, no consigo averiguar cual es.
En cualquier caso miles de gracias por esta gran ayuda.
Saludos.
-
gracias por informar amigo
fats, de luxe :!:
-
Eso es raro... Yo no lo recuerdo, pero ¿no existe un log de errores en Windows? Me parece que sí, el que se llama log de eventos. ¿Te fijaste allí?