Вы находитесь на странице: 1из 9

Logfile created: 24/03/2012 09:12:30 Ad-Aware version: 9.5.1 Extended engine: 3 Extended engine version: 3.1.

2770 User performing scan: Sanchez Paucar *********************** Definitions database information *********************** Lavasoft definition file: 150.765 Genotype definition file version: 2012/02/13 12:34:34 Extended engine definition file: 11705.0 ******************************** Scan results: ********************************* Scan profile name: Anlisis completo (ID: full) Objects scanned: 153700 Objects detected: 9 Type Detected ========================== Processes.......: 0 Registry entries: 0 Hostfile entries: 0 Files...........: 9 Folders.........: 0 LSPs............: 0 Cookies.........: 0 Browser hijacks.: 0 MRU objects.....: 0

Skipped items: Description: c:\documents and settings\sanchez paucar\mis documentos\downloads\i lividsetupv1 (1).exe Family Name: Win32.PUP.Bandoo[800] Engine: 1 Clean status: Success Item ID: 0 Family ID: 0 MD5: 580dd7ecebedfaf0c32b327db9e92cf0 Description: c:\documents and settings\sanchez paucar\mis documentos\downloads\i lividsetupv1.exe Family Name: Win32.PUP.Bandoo[800] Engine: 1 Clean status: Succ ess Item ID: 0 Family ID: 0 MD5: 580dd7ecebedfaf0c32b327db9e92cf0 Description: c:\documents and settings\sanchez paucar\configuracin local\datos de programa\google\chrome\user data\default\cache\f_001886 Family Name: Win32.PUP. Bandoo[800] Engine: 1 Clean status: Success Item ID: 0 Family ID: 0 MD5: 580dd7e cebedfaf0c32b327db9e92cf0 Quarantined items: Description: c:\documents and settings\sanchez paucar\mis documentos\downloads\d fx.rar::dfx8.audioenhancer.fxsound\jriver\jriver-kg.exe Family Name: Trojan-Spy. Win32.Banker.ovo (fs) Engine: 3 Clean status: Success Item ID: 2 Family ID: 0 MD 5: Description: c:\documents and settings\sanchez paucar\mis documentos\downloads\d fx.rar::dfx8.audioenhancer.fxsound\musicmatch\musicmatch-kg.exe Family Name: Tro jan-Spy.Win32.Banker.ovo (fs) Engine: 3 Clean status: Success Item ID: 2 Family ID: 0 MD5: Description: c:\documents and settings\sanchez paucar\mis documentos\downloads\d fx.rar::dfx8.audioenhancer.fxsound\realplayer\realplayer-kg.exe Family Name: Tro jan-Spy.Win32.Banker.ovo (fs) Engine: 3 Clean status: Success Item ID: 2 Family ID: 0 MD5: Description: c:\documents and settings\sanchez paucar\mis documentos\downloads\d fx.rar::dfx8.audioenhancer.fxsound\winamp\winamp-kg.exe Family Name: Trojan-Spy. Win32.Banker.ovo (fs) Engine: 3 Clean status: Success Item ID: 2 Family ID: 0 MD 5:

Description: c:\documents and settings\sanchez paucar\mis documentos\downloads\d fx.rar::dfx8.audioenhancer.fxsound\wmp\wmp-kg.exe Family Name: Trojan-Spy.Win32. Banker.ovo (fs) Engine: 3 Clean status: Success Item ID: 2 Family ID: 0 MD5: Description: c:\kane & lynch 2- dog days\steam_api.dll Family Name: Trojan.Win32 .Generic!BT Engine: 3 Clean status: Success Item ID: 1 Family ID: 0 MD5: 0eb0291 5d3b07b183c5ea76bc77d9bbc Scan and cleaning complete: Stopped by request after 5699 seconds *********************************** Settings *********************************** Scan profile: ID: full, enabled:1, value: Anlisis completo ID: folderstoscan, enabled:1, value: C:\,D:\,F:\ ID: useantivirus, enabled:1, value: true ID: sections, enabled:1 ID: scancriticalareas, enabled:1, value: true ID: scanrunningapps, enabled:1, value: true ID: scanregistry, enabled:1, value: true ID: scanlsp, enabled:1, value: true ID: scanads, enabled:1, value: true ID: scanhostsfile, enabled:1, value: true ID: scanmru, enabled:1, value: true ID: scanbrowserhijacks, enabled:1, value: true ID: scantrackingcookies, enabled:1, value: true ID: closebrowsers, enabled:1, value: false ID: filescanningoptions, enabled:1 ID: archives, enabled:1, value: true ID: onlyexecutables, enabled:1, value: false ID: skiplargerthan, enabled:1, value: 20480 ID: scanrootkits, enabled:1, value: true ID: rootkitlevel, enabled:1, value: mild, domain: medium,mild,strict ID: usespywareheuristics, enabled:1, value: true Scan global: ID: global, enabled:1 ID: addtocontextmenu, enabled:1, value: true ID: playsoundoninfection, enabled:1, value: false ID: soundfile, enabled:0, value: N/A Scheduled scan settings: <Empty> Update settings: ID: updates, enabled:1 ID: launchthreatworksafterscan, enabled:1, value: off, domain: normal,off,sile ntly ID: deffiles, enabled:1, value: downloadandinstall, domain: dontcheck,download andinstall ID: licenseandinfo, enabled:1, value: downloadandinstall, domain: dontcheck,do wnloadandinstall ID: schedules, enabled:1, value: true ID: updatedaily1, enabled:1, value: Daily 1 ID: time, enabled:1, value: Sat Mar 24 08:46:00 2012 ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systems tart,weekly ID: weekdays, enabled:1 ID: monday, enabled:1, value: false ID: tuesday, enabled:1, value: false ID: wednesday, enabled:1, value: false

ID: thursday, enabled:1, value: false ID: friday, enabled:1, value: false ID: saturday, enabled:1, value: false ID: sunday, enabled:1, value: false ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31 ID: scanprofile, enabled:1, value: ID: auto_deal_with_infections, enabled:1, value: false ID: updatedaily2, enabled:1, value: Daily 2 ID: time, enabled:1, value: Sat Mar 24 14:46:00 2012 ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systems tart,weekly ID: weekdays, enabled:1 ID: monday, enabled:1, value: false ID: tuesday, enabled:1, value: false ID: wednesday, enabled:1, value: false ID: thursday, enabled:1, value: false ID: friday, enabled:1, value: false ID: saturday, enabled:1, value: false ID: sunday, enabled:1, value: false ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31 ID: scanprofile, enabled:1, value: ID: auto_deal_with_infections, enabled:1, value: false ID: updatedaily3, enabled:1, value: Daily 3 ID: time, enabled:1, value: Sat Mar 24 20:46:00 2012 ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systems tart,weekly ID: weekdays, enabled:1 ID: monday, enabled:1, value: false ID: tuesday, enabled:1, value: false ID: wednesday, enabled:1, value: false ID: thursday, enabled:1, value: false ID: friday, enabled:1, value: false ID: saturday, enabled:1, value: false ID: sunday, enabled:1, value: false ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31 ID: scanprofile, enabled:1, value: ID: auto_deal_with_infections, enabled:1, value: false ID: updatedaily4, enabled:1, value: Daily 4 ID: time, enabled:1, value: Sat Mar 24 02:46:00 2012 ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systems tart,weekly ID: weekdays, enabled:1 ID: monday, enabled:1, value: false ID: tuesday, enabled:1, value: false ID: wednesday, enabled:1, value: false ID: thursday, enabled:1, value: false ID: friday, enabled:1, value: false ID: saturday, enabled:1, value: false ID: sunday, enabled:1, value: false ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31 ID: scanprofile, enabled:1, value: ID: auto_deal_with_infections, enabled:1, value: false ID: updateweekly1, enabled:1, value: Weekly ID: time, enabled:1, value: Sat Mar 24 08:46:00 2012 ID: frequency, enabled:1, value: weekly, domain: daily,monthly,once,system start,weekly ID: weekdays, enabled:1 ID: monday, enabled:1, value: false ID: tuesday, enabled:1, value: true ID: wednesday, enabled:1, value: false

ID: thursday, enabled:1, value: false ID: friday, enabled:1, value: false ID: saturday, enabled:1, value: true ID: sunday, enabled:1, value: false ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31 ID: scanprofile, enabled:1, value: ID: auto_deal_with_infections, enabled:1, value: false Appearance settings: ID: appearance, enabled:1 ID: skin, enabled:1, value: default.egl, reglocation: HKEY_LOCAL_MACHINE\SOFTW ARE\Lavasoft\Ad-Aware\Resource ID: showtrayicon, enabled:1, value: true ID: autoentertainmentmode, enabled:1, value: true ID: guimode, enabled:1, value: mode_simple, domain: mode_advanced,mode_simple ID: language, enabled:1, value: es, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\L avasoft\Ad-Aware\Language Realtime protection settings: ID: realtime, enabled:1 ID: layers, enabled:1 ID: useantivirus, enabled:1, value: true ID: usespywareheuristics, enabled:1, value: true ID: maintainbackup, enabled:1, value: true ID: infomessages, enabled:1, value: onlyimportant, domain: display,dontnotify, onlyimportant ID: modules, enabled:1 ID: processprotection, enabled:1, value: true ID: onaccessprotection, enabled:1, value: true ID: registryprotection, enabled:1, value: true ID: networkprotection, enabled:1, value: true ****************************** System information ****************************** Computer name: NILELI-99EDA7CF Processor name: Intel(R) Pentium(R) Dual CPU E2160 @ 1.80GHz Processor identifier: x86 Family 6 Model 15 Stepping 13 Processor speed: ~1799MHZ Raw info: processorarchitecture 0, processortype 586, processorlevel 6, processo r revision 3853, number of processors 2, processor features: [MMX,SSE,SSE2] Physical memory available: 1100820480 bytes Physical memory total: 2107363328 bytes Virtual memory available: 1885863936 bytes Virtual memory total: 2147352576 bytes Memory load: 47% Microsoft Windows XP Home Edition Service Pack 3 (build 2600) Windows startup mode: Running processes: PID: 956 name: \SystemRoot\System32\smss.exe owner: SYSTEM domain: NT AUTHORITY PID: 1052 name: C:\WINDOWS\system32\csrss.exe owner: SYSTEM domain: NT AUTHORITY PID: 1080 name: C:\WINDOWS\system32\winlogon.exe owner: SYSTEM domain: NT AUTHOR ITY PID: 1180 name: C:\WINDOWS\system32\services.exe owner: SYSTEM domain: NT AUTHOR ITY PID: 1192 name: C:\WINDOWS\system32\lsass.exe owner: SYSTEM domain: NT AUTHORITY PID: 1388 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain: NT AUTHORI TY PID: 1452 name: C:\WINDOWS\system32\svchost.exe owner: Servicio de red domain: N T AUTHORITY

PID: 1572 name: C:\WINDOWS\System32\svchost.exe owner: SYSTEM domain: NT AUTHORI TY PID: 1668 name: C:\WINDOWS\system32\svchost.exe owner: Servicio de red domain: N T AUTHORITY PID: 1748 name: C:\WINDOWS\system32\svchost.exe owner: SERVICIO LOCAL domain: NT AUTHORITY PID: 1912 name: C:\WINDOWS\system32\spoolsv.exe owner: SYSTEM domain: NT AUTHORI TY PID: 2020 name: C:\Archivos de programa\Archivos comunes\Acronis\Schedule2\sched ul2.exe owner: SYSTEM domain: NT AUTHORITY PID: 2044 name: C:\Archivos de programa\Diskeeper Corporation\Diskeeper\DkServic e.exe owner: SYSTEM domain: NT AUTHORITY PID: 288 name: C:\Archivos de programa\ESET\ESET NOD32 Antivirus\ekrn.exe owner: SYSTEM domain: NT AUTHORITY PID: 584 name: C:\Archivos de programa\CyberLink\Shared Files\RichVideo.exe owne r: SYSTEM domain: NT AUTHORITY PID: 668 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain: NT AUTHORIT Y PID: 788 name: C:\Archivos de programa\TuneUp Utilities 2010\TuneUpUtilitiesServ ice32.exe owner: SYSTEM domain: NT AUTHORITY PID: 896 name: C:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WLIDSVC.EXE owner: SYSTEM domain: NT AUTHORITY PID: 1144 name: C:\WINDOWS\system32\SearchIndexer.exe owner: SYSTEM domain: NT A UTHORITY PID: 1860 name: C:\Archivos de programa\Archivos comunes\Microsoft Shared\Window s Live\WLIDSvcM.exe owner: SYSTEM domain: NT AUTHORITY PID: 2228 name: C:\WINDOWS\system32\wbem\wmiapsrv.exe owner: SYSTEM domain: NT A UTHORITY PID: 2332 name: C:\WINDOWS\System32\alg.exe owner: SERVICIO LOCAL domain: NT AUT HORITY PID: 2800 name: C:\Archivos de programa\TuneUp Utilities 2010\TuneUpUtilitiesApp 32.exe owner: Sanchez Paucar domain: NILELI-99EDA7CF PID: 2832 name: C:\WINDOWS\Explorer.EXE owner: Sanchez Paucar domain: NILELI-99E DA7CF PID: 3604 name: C:\WINDOWS\RTHDCPL.EXE owner: Sanchez Paucar domain: NILELI-99ED A7CF PID: 3636 name: C:\WINDOWS\system32\igfxtray.exe owner: Sanchez Paucar domain: N ILELI-99EDA7CF PID: 3708 name: C:\WINDOWS\system32\hkcmd.exe owner: Sanchez Paucar domain: NILE LI-99EDA7CF PID: 3748 name: C:\WINDOWS\system32\igfxpers.exe owner: Sanchez Paucar domain: N ILELI-99EDA7CF PID: 3796 name: C:\WINDOWS\system32\igfxsrvc.exe owner: Sanchez Paucar domain: N ILELI-99EDA7CF PID: 3832 name: C:\Archivos de programa\Acronis\TrueImage\TimounterMonitor.exe o wner: Sanchez Paucar domain: NILELI-99EDA7CF PID: 3852 name: C:\Archivos de programa\CyberLink\PowerDVD\PDVDServ.exe owner: S anchez Paucar domain: NILELI-99EDA7CF PID: 328 name: C:\Archivos de programa\ESET\ESET NOD32 Antivirus\egui.exe owner: Sanchez Paucar domain: NILELI-99EDA7CF PID: 612 name: C:\Archivos de programa\Microsoft Office\Office12\GrooveMonitor.e xe owner: Sanchez Paucar domain: NILELI-99EDA7CF PID: 916 name: C:\Archivos de programa\Winamp\winampa.exe owner: Sanchez Paucar domain: NILELI-99EDA7CF PID: 2132 name: C:\Archivos de programa\Ask.com\Updater\Updater.exe owner: Sanch ez Paucar domain: NILELI-99EDA7CF PID: 556 name: C:\WINDOWS\system32\ctfmon.exe owner: Sanchez Paucar domain: NILE LI-99EDA7CF PID: 2420 name: C:\Archivos de programa\Windows Desktop Search\WindowsSearch.exe owner: Sanchez Paucar domain: NILELI-99EDA7CF

PID: 2552 name: C:\Documents and Settings\Sanchez Paucar\Configuracin local\Datos de programa\Google\Chrome\Application\chrome.exe owner: Sanchez Paucar domain: NILELI-99EDA7CF PID: 2760 name: C:\Documents and Settings\Sanchez Paucar\Configuracin local\Datos de programa\Google\Chrome\Application\chrome.exe owner: Sanchez Paucar domain: NILELI-99EDA7CF PID: 3976 name: C:\WINDOWS\system32\wuauclt.exe owner: Sanchez Paucar domain: NI LELI-99EDA7CF PID: 2344 name: C:\Documents and Settings\Sanchez Paucar\Configuracin local\Datos de programa\Google\Chrome\Application\chrome.exe owner: Sanchez Paucar domain: NILELI-99EDA7CF PID: 2728 name: C:\Archivos de programa\Ares\Ares.exe owner: Sanchez Paucar doma in: NILELI-99EDA7CF PID: 2152 name: C:\Documents and Settings\Sanchez Paucar\Mis documentos\Download s\SoftonicDownloader_para_kmplayer.exe owner: Sanchez Paucar domain: NILELI-99ED A7CF PID: 2844 name: C:\Archivos de programa\Lavasoft\Ad-Aware\Ad-Aware.exe owner: Sa nchez Paucar domain: NILELI-99EDA7CF PID: 3032 name: C:\Archivos de programa\Lavasoft\Ad-Aware\AAWService.exe owner: SYSTEM domain: NT AUTHORITY PID: 3972 name: C:\WINDOWS\system32\wbem\unsecapp.exe owner: SYSTEM domain: NT A UTHORITY PID: 1640 name: C:\WINDOWS\system32\wbem\wmiprvse.exe owner: SYSTEM domain: NT A UTHORITY PID: 4068 name: C:\Archivos de programa\Lavasoft\Ad-Aware\AAWTray.exe owner: San chez Paucar domain: NILELI-99EDA7CF PID: 3884 name: C:\Documents and Settings\Sanchez Paucar\Configuracin local\Datos de programa\Google\Chrome\Application\chrome.exe owner: Sanchez Paucar domain: NILELI-99EDA7CF Startup items: Name: RTHDCPL imagepath: RTHDCPL.EXE Name: Alcmtr imagepath: ALCMTR.EXE Name: IgfxTray imagepath: C:\WINDOWS\system32\igfxtray.exe Name: HotKeysCmds imagepath: C:\WINDOWS\system32\hkcmd.exe Name: Persistence imagepath: C:\WINDOWS\system32\igfxpers.exe Name: AcronisTimounterMonitor imagepath: C:\Archivos de programa\Acronis\TrueImage\TimounterMonitor. exe Name: RemoteControl imagepath: "C:\Archivos de programa\CyberLink\PowerDVD\PDVDServ.exe" Name: LanguageShortcut imagepath: "C:\Archivos de programa\CyberLink\PowerDVD\Language\Langua ge.exe" Name: {438755C2-A8BA-11D1-B96B-00A0C90312E1} imagepath: Precargador Browseui Name: {8C7461EF-2B13-11d2-BE35-3078302C2030} imagepath: Demonio de cach de las categoras de componente Name: CTFMON.EXE imagepath: C:\WINDOWS\system32\CTFMON.EXE Name: PostBootReminder imagepath: {7849596a-48ea-486e-8937-a2a3009f31a9} Name: CDBurn imagepath: {fbeb8a05-beee-4442-804e-409d6c4515e9} Name: WebCheck

imagepath: {E6FB5E20-DE35-11CF-9C87-00AA005127ED} Name: SysTray imagepath: {35CEC8A3-2BE6-11D2-8773-92E220524153} Name: WPDShServiceObj imagepath: {AAA288BA-9A4C-45B0-95D7-94D524869DB5} Name: imagepath: C:\Documents and Settings\All Users\Men Inicio\Programas\Ini cio\desktop.ini Name: location: C:\Documents and Settings\All Users\Men Inicio\Programas\Inic io\Windows Search.lnk imagepath: C:\Archivos de programa\Windows Desktop Search\WindowsSearc h.exe Bootexecute items: Name: imagepath: autocheck autochk * Running services: Name: AcrSch2Svc displayname: Acronis Scheduler2 Service Name: ALG displayname: Servicio de puerta de enlace de capa de aplicacin Name: AudioSrv displayname: Audio de Windows Name: BITS displayname: Servicio de transferencia inteligente en segundo plano Name: Browser displayname: Examinador de equipos Name: CryptSvc displayname: Servicios de cifrado Name: DcomLaunch displayname: Iniciador de procesos de servidor DCOM Name: Dhcp displayname: Cliente DHCP Name: Diskeeper displayname: Diskeeper Name: dmserver displayname: Administrador de discos lgicos Name: Dnscache displayname: Cliente DNS Name: ekrn displayname: ESET Service Name: ERSvc displayname: Servicio de informe de errores Name: Eventlog displayname: Registro de sucesos Name: EventSystem displayname: Sistema de sucesos COM+ Name: FastUserSwitchingCompatibility displayname: Compatibilidad de cambio rpido de usuario Name: helpsvc displayname: Ayuda y soporte tcnico Name: LanmanServer displayname: Servidor Name: lanmanworkstation displayname: Estacin de trabajo Name: LmHosts displayname: Ayuda de NetBIOS sobre TCP/IP Name: Netman

displayname: Conexiones de red Name: Nla displayname: NLA (Network Location Awareness) Name: PlugPlay displayname: Plug and Play Name: PolicyAgent displayname: Servicios IPSEC Name: ProtectedStorage displayname: Almacenamiento protegido Name: RasMan displayname: Administrador de conexin de acceso remoto Name: RichVideo displayname: Cyberlink RichVideo Service(CRVS) Name: RpcSs displayname: Llamada a procedimiento remoto (RPC) Name: SamSs displayname: Administrador de cuentas de seguridad Name: Schedule displayname: Programador de tareas Name: seclogon displayname: Inicio de sesin secundario Name: SENS displayname: Notificacin de sucesos del sistema Name: SharedAccess displayname: Firewall de Windows/Conexin compartida a Internet (ICS) Name: ShellHWDetection displayname: Deteccin de hardware shell Name: Spooler displayname: Cola de impresin Name: srservice displayname: Servicio de restauracin de sistema Name: SSDPSRV displayname: Servicio de descubrimientos SSDP Name: stisvc displayname: Adquisicin de imgenes de Windows (WIA) Name: TapiSrv displayname: Telefona Name: TermService displayname: Servicios de Terminal Server Name: Themes displayname: Temas Name: TrkWks displayname: Cliente de seguimiento de vinculos distribuidos Name: TuneUp.UtilitiesSvc displayname: TuneUp Utilities Service Name: UxTuneUp displayname: TuneUp Ampliacin del thema Name: W32Time displayname: Horario de Windows Name: winmgmt displayname: Instrumental de administracin de Windows Name: wlidsvc displayname: Windows Live ID Sign-in Assistant Name: WmiApSrv displayname: Adaptador de rendimiento de WMI Name: wscsvc displayname: Centro de seguridad Name: WSearch displayname: Windows Search Name: wuauserv

displayname: Actualizaciones automticas Name: WZCSVC displayname: Configuracin inalmbrica rpida Name: Lavasoft Ad-Aware Service displayname: Lavasoft Ad-Aware Service