SEGURIDAD INFORMATICA, Firewall, parches, vacunas, antivirus, anti troyanos, spyware etc > Seguridad Informatica - Firewall - Virus - Troyanos - Spyware - Ad Aware - Malware
ayuda no he podido cambiar mi pagina de inicio
Danae:
Esto es más o menos la traducción de lo que he encontrado sobre esta familia de trojanos, os ruego disculpas si la traducción no es demasiado correcta, pero creo que para lo que nos trae puede ser suficiente.
--------------------------------------------------------------------------
Todos estos son de la misma familia.
1. Downloader.Win32.Dler
2. Downloader.Win32.Harnig
3. Downloader.Win32.WebDown
4. TrojanDownloader.Win32.Apher
5. TrojanDownloader.Win32.Checkin
6. TrojanDownloader.Win32.Dyfuca
7. TrojanDownloader.Win32.Greetyah
8. TrojanDownloader.Win32.Small.cz
9. TrojanDownloader.Win32.Small.hg
10. TrojanDownloader.Win32.Ultimx
Estos tipos de programas no son Troyanos por si mismos, pero se piensa que ellos despliegan los programas troyanos a la computadora de una víctima (dropper).
Los " programas de TrojanDownloader " contienen la información sobre los nombres y situaciones de programas del malware para transmitir e instalar. Esta información normalmente se guarda como un bloque encriptado de datos al final de un " archivo de TrojanDropper ".
A estas alturas, pueden ser usados los programas instaladores y transmitir y actualizarse para nuevas versiones de software del malware, o instalar varios programas del Troyano sin el permiso del usuario.
TrojanDownloader.Win32.Dler
Este programa pertenece a la familia de abajo-cargadores troyanos.
Cuando corre, el Troyano se instala al sistema. Mientras instalando, el programa transmite al Troyano del sitio de un hacker remoto y conectarse con él. Opcionalmente, puede instalar los Troyanos transmitidos en el registro de Windows y empezar automáticamente.
Se guardan el nombre del archivo troyano instalado, el directorio designado y llave del registro en la forma encriptada en el archivo troyano al final del archivo.
Un hacker puede configurarlos antes de enviar un Troyano a la máquina de una víctima, o antes de poner el Troyano en un sitio web o mandarlo por correo.
Saludos
jose humberto agudelo:
hola amigos , gracias por la atencion prestada tengo para contarles que la version que tengo del ad aware en la ultima la 6.181 he escaneado el pc completamente varias veces tambien lo he hecho con el easy cleaner 1.7, con el reg cleaner 4.3 y tambien lo hice con el troyan explorer antivirus que me recomendo edi ademas hice un escaneo en una pagina que publicaron trojanscan.com me parece raro que ad aware se detenga cuando llega a la ubicacion del trojan"C:\documents and settings\USER\configuracion local\TEMP\_UPDATE.DAT" tambien encontre algo sobre borrar el archivo sysUdp.exe y update.dat pero me da miedo hacerlo puesto que soy un poco inexperto en esto espero su opinion y muchas gracias por la ayuda que prestan que dios los bendiga
jose humberto agudelo:
hola amigos esto me salio cuando hice el escaneo con troyan explorer antivirus ojala sirva de algo
-------------------------------------------------------------------------------
A/Gtr
C:\WINDOWS\GATOR*.LOG
-------------------------------------------------------------------------------
IdemGen
C:\WINDOWS\EXPLORE.EXE
-------------------------------------------------------------------------------
B/Jeem
C:\WINDOWS\SYSUPD.EXE
-------------------------------------------------------------------------------
BotGen
C:\WINDOWS\SYSTEM32\JAVAW.EXE
-------------------------------------------------------------------------------
A/NCse
C:\ARCHIVOS DE PROGRAMA\N-CASE\
-------------------------------------------------------------------------------
Iestart
C:\WINDOWS\SYSDLLWM.REG
-------------------------------------------------------------------------------
A/ShB
C:\WINDOWS\IUN6002.EXE
-------------------------------------------------------------------------------
A/Mgr
C:\WINDOWS\SYSTEM32\QMGR*.DLL
-------------------------------------------------------------------------------
A/Tibs
C:\ARCHIVOS DE PROGRAMA\WEBSITEVIEWER\
-------------------------------------------------------------------------------
A/AdGen
C:\ARCHIVOS DE PROGRAMA\WEBSITEVIEWER\
-------------------------------------------------------------------------------
A/E2G
C:\ARCHIVOS DE PROGRAMA\E2G\
-------------------------------------------------------------------------------
A/MkSre
C:\WINDOWS\SYSTEM32\CSLOA.*
-------------------------------------------------------------------------------
A/TP
C:\ARCHIVOS DE PROGRAMA\TOPICKS\
-------------------------------------------------------------------------------
A/DLR
C:\WINDOWS\PCCONFIG.DAT
C:\DOCUME~1\User\CONFIG~1\Temp\*PILLAMUSICA*.*
C:\DOCUME~1\User\CONFIG~1\Temp\*XXX*.*
C:\DOCUME~1\User\CONFIG~1\Temp\DIAL-*.*
C:\DOCUME~1\User\CONFIG~1\Temp\SEXO*.*
C:\DOCUME~1\User\CONFIG~1\Temp\DOWNLOAD-MSN.*
C:\DOCUME~1\User\CONFIG~1\Temp\PSPA-*.*
C:\DOCUME~1\User\CONFIG~1\Temp\*.SWT
C:\DOCUME~1\User\CONFIG~1\Temp\PROMO-*.GIF
-------------------------------------------------------------------------------
La interpretacion y utilizacion del presente reporte
quedan bajo exclusiva responsabilidad de los usuarios.
-------------------------------------------------------------------------------
Troyan Explore 4.13 - www.troyan.tk - [email protected]
(C)2004 BUENOS AIRES Sistemas
jose humberto agudelo:
este es el resultado del scan con ad aware disculpen la demora y gracias
Lavasoft Ad-aware Personal Build 162
Logfile created on :Jueves, 06 de Mayo de 2004 01:08:40 a.m.
Created with Ad-aware Personal, free for private use.
Using reference-file :0R150 05.07.2003
______________________________________________________
Ad-aware Settings
=========================
Set : Activate in-depth scan (Recommended)
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep scan registry
Set : Scan within archives
Listing running processes
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ThreadCreationTime : 06-05-2004 05:13:36 a.m.
BasePriority : Normal
#:2 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ThreadCreationTime : 06-05-2004 05:13:38 a.m.
BasePriority : High
#:3 [services.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 06-05-2004 05:13:39 a.m.
BasePriority : Normal
FileSize : 99 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
Copyright : Copyright (C) Microsoft Corporation. Reservados todos los derechos.
CompanyName : Microsoft Corporation
FileDescription : Aplicaci n de servicios y controlador
InternalName : services.exe
OriginalFilename : services.exe
ProductName : Sistema operativo Microsoft Windows
Created on : 24/08/2001 04:00:00 p.m.
Last accessed : 06/05/2004 05:13:32 a.m.
Last modified : 24/08/2001 04:00:00 p.m.
#:4 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 06-05-2004 05:13:39 a.m.
BasePriority : Normal
FileSize : 11 KB
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
Copyright : Microsoft Corporation. All rights reserved.
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
OriginalFilename : lsass.exe
ProductName : Microsoft Windows Operating System
Created on : 09/09/2002 05:51:32 p.m.
Last accessed : 06/05/2004 05:13:32 a.m.
Last modified : 09/09/2002 05:51:32 p.m.
#:5 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 06-05-2004 05:13:41 a.m.
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
Copyright : Microsoft Corporation. All rights reserved.
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft Windows Operating System
Created on : 24/08/2001 04:00:00 p.m.
Last accessed : 06/05/2004 05:13:32 a.m.
Last modified : 24/08/2001 04:00:00 p.m.
#:6 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 06-05-2004 05:13:41 a.m.
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
Copyright : Microsoft Corporation. All rights reserved.
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft Windows Operating System
Created on : 24/08/2001 04:00:00 p.m.
Last accessed : 06/05/2004 05:13:32 a.m.
Last modified : 24/08/2001 04:00:00 p.m.
#:7 [explorer.exe]
FilePath : C:\WINDOWS\
ThreadCreationTime : 06-05-2004 05:13:45 a.m.
BasePriority : Normal
FileSize : 983 KB
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
Copyright : Microsoft Corporation. Reservados todos los derechos.
CompanyName : Microsoft Corporation
FileDescription : Explorador de Windows
InternalName : explorer
OriginalFilename : EXPLORER.EXE
ProductName : Sistema operativo Microsoft Windows
Created on : 09/09/2002 05:51:28 p.m.
Last accessed : 06/05/2004 05:13:46 a.m.
Last modified : 09/09/2002 05:51:28 p.m.
#:8 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 06-05-2004 05:13:46 a.m.
BasePriority : Normal
FileSize : 50 KB
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
Copyright : Microsoft Corporation. All rights reserved.
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
OriginalFilename : spoolsv.exe
ProductName : Microsoft Windows Operating System
Created on : 24/08/2001 04:00:00 p.m.
Last accessed : 06/05/2004 05:13:32 a.m.
Last modified : 24/08/2001 04:00:00 p.m.
#:9 [avgcc32.exe]
FilePath : C:\ARCHIV~1\Grisoft\AVG6\
ThreadCreationTime : 06-05-2004 05:13:49 a.m.
BasePriority : Normal
FileSize : 337 KB
FileVersion : 6, 0, 0, 515
ProductVersion : 6, 0, 0, 0
Copyright : Copyright 2003 GRISOFT s.r.o.
CompanyName : GRISOFT s.r.o.
FileDescription : AVG Control Center
InternalName : AvgCC32
OriginalFilename : AvgCC32.EXE
ProductName : AVG Anti-Virus System
Created on : 28/04/2004 04:11:59 a.m.
Last accessed : 06/05/2004 05:13:59 a.m.
Last modified : 28/04/2004 04:11:59 a.m.
#:10 [ezsp_px.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 06-05-2004 05:13:49 a.m.
BasePriority : Normal
FileSize : 40 KB
FileVersion : 1, 0, 0, 0
ProductVersion : 1, 0, 0, 0
Copyright : Copyright (C) 2002 Easy Systems Japan Ltd.
CompanyName : Easy Systems Japan Ltd.
FileDescription : ezSP_Px MFC Application
InternalName : ezSP_Px
OriginalFilename : ezSP_Px.EXE
ProductName : ezSP_Px Application
Created on : 18/01/2004 09:21:49 p.m.
Last accessed : 06/05/2004 05:13:32 a.m.
Last modified : 20/08/2002 03:29:26 p.m.
#:11 [pctspk.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 06-05-2004 05:13:49 a.m.
BasePriority : Normal
FileSize : 172 KB
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
Copyright : Copyright (C) 2001
FileDescription : pctvoice MFC Application
InternalName : pctvoice
OriginalFilename : pctvoice.EXE
ProductName : pctvoice Application
Created on : 06/01/2003 08:40:02 a.m.
Last accessed : 06/05/2004 05:13:32 a.m.
Last modified : 06/01/2003 08:40:02 a.m.
#:12 [sysupd.exe]
FilePath : C:\WINDOWS\
ThreadCreationTime : 06-05-2004 05:13:49 a.m.
BasePriority : Normal
FileSize : 129 KB
Created on : 22/02/2004 05:32:28 a.m.
Last accessed : 06/05/2004 05:13:32 a.m.
Last modified : 30/04/2004 06:37:55 a.m.
#:13 [idhost.exe]
FilePath : C:\Archivos de programa\ToPicks\Bin\
ThreadCreationTime : 06-05-2004 05:13:50 a.m.
BasePriority : Normal
FileSize : 16 KB
Created on : 25/02/2004 06:28:28 a.m.
Last accessed : 06/05/2004 05:13:32 a.m.
Last modified : 31/12/2003 08:20:58 p.m.
#:14 [mm_tray.exe]
FilePath : C:\Archivos de programa\MUSICMATCH\MUSICMATCH Jukebox\
ThreadCreationTime : 06-05-2004 05:13:50 a.m.
BasePriority : Normal
FileSize : 88 KB
FileVersion : 7.10.1074
ProductVersion : 7.10.1074
Copyright : Copyright (c) MUSICMATCH 1998-2001
CompanyName : MUSICMATCH, Inc.
FileDescription : mm_tray
InternalName : mm_tray
OriginalFilename : mm_tray.exe
ProductName : MUSICMATCH JUKEBOX
Created on : 01/05/2004 04:32:18 p.m.
Last accessed : 06/05/2004 05:13:32 a.m.
Last modified : 04/06/2002 12:35:20 a.m.
#:15 [avgserv.exe]
FilePath : C:\ARCHIV~1\Grisoft\AVG6\
ThreadCreationTime : 06-05-2004 05:13:50 a.m.
BasePriority : Normal
FileSize : 20 KB
FileVersion : 6.0.1.9
ProductVersion : 6.0.1.9
Copyright : Copyright (c) GRISOFT(c) SOFTWARE 1998-2001
CompanyName : GRISOFT(c) SOFTWARE s.r.o
FileDescription : AvgServ - displays notification message
InternalName : AvgServ
OriginalFilename : AvgServ
ProductName : AVG6
Created on : 12/11/2003 09:53:22 p.m.
Last accessed : 06/05/2004 05:13:32 a.m.
Last modified : 27/05/2003 11:00:00 a.m.
#:16 [cdac11ba.exe]
FilePath : C:\WINDOWS\System32\drivers\
ThreadCreationTime : 06-05-2004 05:13:51 a.m.
BasePriority : Normal
FileSize : 53 KB
FileVersion : 4.20.020
ProductVersion : 4.20.020 Windows NT 2002/12/10
Copyright : Copyright (c) 1998-2002 Macrovision Corp.
CompanyName : Macrovision
FileDescription : Macrovision RTS Service
InternalName : CDANTSRV
OriginalFilename : CDANTSRV.EXE
ProductName : SafeCast Windows NT
Created on : 12/11/2003 11:48:08 a.m.
Last accessed : 06/05/2004 05:13:32 a.m.
Last modified : 12/11/2003 11:48:09 a.m.
#:17 [msnmsgr.exe]
FilePath : C:\Archivos de programa\MSN Messenger\
ThreadCreationTime : 06-05-2004 05:13:51 a.m.
BasePriority : Normal
FileSize : 4572 KB
FileVersion : 6.1.0211
ProductVersion : Version 6.1
Copyright : Copyright (c) Microsoft Corporation 1997-2003
CompanyName : Microsoft Corporation
FileDescription : Messenger
InternalName : msnmsgr
OriginalFilename : msnmsgr.exe
ProductName : Messenger
Created on : 05/03/2004 04:01:00 a.m.
Last accessed : 06/05/2004 05:13:32 a.m.
Last modified : 05/03/2004 04:01:00 a.m.
#:18 [acrotray.exe]
FilePath : C:\Archivos de programa\Adobe\Acrobat 6.0\Distillr\
ThreadCreationTime : 06-05-2004 05:13:55 a.m.
BasePriority : Normal
FileSize : 212 KB
FileVersion : 6.0.0.2003051500
ProductVersion : 6.0.0.0
Copyright : Copyright 1984-2003 Adobe Systems Incorporated and its licensors. All rights reserved.
CompanyName : Adobe Systems Inc.
FileDescription : AcroTray
InternalName : AcroTray
OriginalFilename : AcroTray.exe
ProductName : AcroTray - Adobe Acrobat Distiller helper application.
Created on : 15/05/2003 06:19:50 a.m.
Last accessed : 06/05/2004 05:13:32 a.m.
Last modified : 15/05/2003 06:19:50 a.m.
#:19 [mdm.exe]
FilePath : C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\
ThreadCreationTime : 06-05-2004 05:13:56 a.m.
BasePriority : Normal
FileSize : 314 KB
FileVersion : 7.00.9466
ProductVersion : 7.00.9466
Copyright : Microsoft Corporation. All rights reserved.
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
OriginalFilename : mdm.exe
ProductName : Microsoft Visual Studio .NET
Created on : 20/06/2003 04:25:00 a.m.
Last accessed : 06/05/2004 05:13:32 a.m.
Last modified : 20/06/2003 04:25:00 a.m.
#:20 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 06-05-2004 05:13:58 a.m.
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
Copyright : Microsoft Corporation. All rights reserved.
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft Windows Operating System
Created on : 24/08/2001 04:00:00 p.m.
Last accessed : 06/05/2004 05:13:32 a.m.
Last modified : 24/08/2001 04:00:00 p.m.
#:21 [ymsgr_tray.exe]
FilePath : C:\ARCHIV~1\Yahoo!\MESSEN~1\
ThreadCreationTime : 06-05-2004 05:15:02 a.m.
BasePriority : Normal
FileSize : 64 KB
Created on : 04/02/2004 05:39:34 a.m.
Last accessed : 06/05/2004 05:15:02 a.m.
Last modified : 04/02/2002 10:15:00 p.m.
#:22 [iexplore.exe]
FilePath : C:\Archivos de programa\Internet Explorer\
ThreadCreationTime : 06-05-2004 05:57:00 a.m.
BasePriority : Normal
FileSize : 89 KB
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
Copyright : Microsoft Corporation. Reservados todos los derechos.
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
OriginalFilename : IEXPLORE.EXE
ProductName : Sistema operativo Microsoft Windows
Created on : 12/11/2003 11:20:32 a.m.
Last accessed : 06/05/2004 05:59:10 a.m.
Last modified : 09/09/2002 05:51:30 p.m.
#:23 [iexplore.exe]
FilePath : C:\Archivos de programa\Internet Explorer\
ThreadCreationTime : 06-05-2004 05:59:10 a.m.
BasePriority : Normal
FileSize : 89 KB
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
Copyright : Microsoft Corporation. Reservados todos los derechos.
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
OriginalFilename : IEXPLORE.EXE
ProductName : Sistema operativo Microsoft Windows
Created on : 12/11/2003 11:20:32 a.m.
Last accessed : 06/05/2004 05:59:10 a.m.
Last modified : 09/09/2002 05:51:30 p.m.
#:24 [ad-aware.exe]
FilePath : C:\Archivos de programa\Lavasoft\Ad-aware 6\
ThreadCreationTime : 06-05-2004 06:06:07 a.m.
BasePriority : Normal
FileSize : 645 KB
FileVersion : 6.0.1.165
ProductVersion : 6.0.0.0
Copyright : Copyright Lavasoft Sweden
CompanyName : Lavasoft Sweden
FileDescription : Ad-aware 6 core application
InternalName : Ad-aware.exe
OriginalFilename : Ad-aware.exe
ProductName : Lavasoft Ad-aware Plus
Created on : 05/05/2004 05:56:47 a.m.
Last accessed : 06/05/2004 06:04:41 a.m.
Last modified : 09/02/2003 02:50:52 a.m.
Memory scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0
Started registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
e2give Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : AppID\IeBHOs.DLL
e2give Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : AppID\{3B99F202-145A-4E5A-AC7B-88A36910BF5E}
MySearch Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{014DA6C9-189F-421a-88CD-07CFE51CFF10}
TopPicks Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{0352960F-47BE-11D5-AB93-00D0B760B4EB}
TopPicks Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{1717A4A5-D63A-4F70-B373-AE4AA46D1236}
e2give Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{3643ABC2-21BF-46B9-B230-F247DB0C6FD6}
TopPicks Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{5C40012E-44CA-11D7-8411-0002A5F9D08E}
TopPicks Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{CBDB0279-9D76-48AC-ABD3-8CB9A4D73D4A}
Dialer Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : DIALXLITE.DialXLiteCtrl.1
TopPicks Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : HtCheck2.CheckPage
TopPicks Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : HtCheck2.CheckPage.1
TopPicks Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : HtCheck2.CHelpObj
TopPicks Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : HtCheck2.CHelpObj.1
TopPicks Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : IdiumUpdater.IdiumSysUpdater
TopPicks Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : IdiumUpdater.IdiumSysUpdater.1
e2give Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : IeBHOs.Control
e2give Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : IeBHOs.Control.1
TopPicks Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{5C40012D-44CA-11D7-8411-0002A5F9D08E}
TopPicks Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{C809EE32-C648-459B-9A99-5CB20F61DCFC}
TopPicks Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{DAE6416E-491D-11D5-AB93-00D0B760B4EB}
TopPicks Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{EB29CD69-7020-4D1D-A0BE-72130DFBA9F7}
My-Way Speedbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : MyWayToolBar.SettingsPlugin
NCase Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : SOFTWARE\180solutions
e2give Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\e2g
Whazit Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Code Store Database\Distribution Units\{DCF0768D-BA7A-101A-B57A-0000C0C3ED5F}
e2give Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3643ABC2-21BF-46B9-B230-F247DB0C6FD6}
e2give Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\e2g Plugin
My-Way Speedbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\MyWay
Marketscore(Netsetter) Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Netsetter
TopPicks Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\ToPicks
TIB Browser Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\WebSiteViewer
WeatherCast Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\WhenU
WurldMedia Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Tchk.TChkBHO
TopPicks Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : ToPicksReg.ToPickReg1
e2give Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TypeLib\{3B99F202-145A-4E5A-AC7B-88A36910BF5E}
Windows Object recognized!
Type : RegData
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\Microsoft\MediaPlayer\Player\Settings
Value : Client ID
Data :
Registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 36
Objects found so far: 36
Started deep registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
TopPicks Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0352960F-47BE-11D5-AB93-00D0B760B4EB}
Deep registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 1
Objects found so far: 37
Deep scanning and examining files (C:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
My-Way Speedbar Object recognized!
Type : Folder
Object : C:\Archivos de programa\MyWay
NCase Object recognized!
Type : File
Data : ncmyb.dll
Object : C:\Archivos de programa\n-Case\
FileSize : 40 KB
Created on : 29/01/2004 06:43:48 a.m.
Last accessed : 06/05/2004 06:27:53 a.m.
Last modified : 29/01/2004 06:43:48 a.m.
NCase Object recognized!
Type : File
Data : del1.tmp
Object : C:\Documents and Settings\User\Configuración local\Temp\
FileSize : 92 KB
Created on : 05/05/2004 04:51:42 p.m.
Last accessed : 06/05/2004 06:30:48 a.m.
Last modified : 29/01/2004 06:43:30 a.m.
Disk scan result for C:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 40
01:41:06 a.m. Scan complete
Summary of this scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Total scanning time :00:32:24:547
Objects scanned :107250
Objects identified :40
Objects ignored :0
New objects :40
choche:
Oh oh
--- Citar ---Lavasoft Ad-aware Personal Build 162
--- Fin de la cita ---
creo q Fast te va a pedir q descarges la versión 6.0.181 y q le hagas de nuevo el scan.
Navegación
[#] Página Siguiente
[*] Página Anterior
Ir a la versión completa