SEGURIDAD INFORMATICA, Firewall, parches, vacunas, antivirus, anti troyanos, spyware etc > Seguridad Informatica - Firewall - Virus - Troyanos - Spyware - Ad Aware - Malware
Add aware 6, me desactiva los iconos de inicio rapido de la
Xesulp:
Barra de tareas.
Bueno, les cuento el problema con el que no soy capaz de dar una solucion.
Despues de ejecutar Add Aware 6 me detecta como 70 registros y otros supuestos espias en mi ordenador. Habia dejado pasar demasiado tiempo siiin rastrearlo, se me acumula el trabajo.
Como es logico, me acojono un poco y todos a cuarentena. Acto seguido reinicio el ordenador y no me apareacen los iconos de inicio rapido de la barra de tareas, bueno digo yo, los activo y ya esta. Pero cada vez que reinicio, desaparecen.
Necesito saber que archivo, es el que se encarga de guardar en memoria esta funcion, para asi poder mantener este archivo, ya que aparentemente el resto de aplicaciones, no he notado que deje de funcionar ninguna.
Nota, si reinstalo todos los registros puestos en cuarentena, funciona perfectamente otra vez.
Gracias de antemano.
Saludos.
FatsGordon:
Hola Xesulp, y bienvenido al foro!
Evidentemente parecería que algo que se lleva el Ad-Aware tiene que ver con esa barra.
Mi pregunta es la siguiente: ¿es una barra del Internet Explorer? Porque no me hago la idea.
Lo siguiente que me gustaría ver es el último log "sucio" del Ad-Aware, el que tiene todo lo que pusiste luego en cuarentena. No quiero el log de cuarentena, sólo quiero el log del Ad-Aware (C:\Archivos de programa\Lavasoft\Ad-aware 6\Logs\).
Muchas gracias.
Xesulp:
Gracias por responder:
Cuando digo la barra de tareas me refiero a los iconos que en windows llaman inicio rapido, osea los iconos al lado del menu inicio, digase escritorio, outlook o cualquier otro que alli alojemos. Estos aparecen en los sistemas XP y otros anteriores.
Te envio los logs en un mensaje privado.
Gracias de antemano.
FatsGordon:
Por favor, publicá el log de Ad-Aware (no el de cuarentena) en este mismo hilo.
Perdón pero por políticas del foro no acepto privados para consultas que bien pueden ser públicas y que pueden ayudar a otros. Espero que sepas entender.
Muchas gracias.
Xesulp:
No entendi bien el log que necesitas, este es el primer log creado antes de la cuarentena.
Un saludo.
Lavasoft Ad-aware Personal Build 6.181
Logfile created on :dilluns, 21 / juny / 2004 20:52:41
Created with Ad-aware Personal, free for private use.
Using reference-file :01R323 20.06.2004
______________________________________________________
Ad-aware Settings
=========================
Set : Activate in-depth scan (Recommended)
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep scan registry
21-06-2004 20:52:41 - Scan started. (Smart mode)
Listing running processes
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ThreadCreationTime : 21-06-2004 18:33:59
BasePriority : Normal
#:2 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ThreadCreationTime : 21-06-2004 18:34:04
BasePriority : High
#:3 [services.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 21-06-2004 18:34:05
BasePriority : Normal
FileSize : 99 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
Copyright : Copyright (C) Microsoft Corporation. Reservados todos los derechos.
CompanyName : Microsoft Corporation
FileDescription : Aplicaci
InternalName : services.exe
OriginalFilename : services.exe
ProductName : Sistema operativo Microsoft
Created on : 24/08/2001 12:00:00
Last accessed : 21/06/2004 18:33:57
Last modified : 24/08/2001 12:00:00
#:4 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 21-06-2004 18:34:05
BasePriority : Normal
FileSize : 11 KB
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
OriginalFilename : lsass.exe
ProductName : Microsoft
Created on : 09/09/2002 13:51:32
Last accessed : 21/06/2004 18:33:57
Last modified : 09/09/2002 13:51:32
#:5 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 21-06-2004 18:34:06
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 24/08/2001 12:00:00
Last accessed : 21/06/2004 18:33:57
Last modified : 24/08/2001 12:00:00
#:6 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 21-06-2004 18:34:06
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 24/08/2001 12:00:00
Last accessed : 21/06/2004 18:33:57
Last modified : 24/08/2001 12:00:00
#:7 [ccsetmgr.exe]
FilePath : C:\Archivos de programa\Archivos comunes\Symantec Shared\
ThreadCreationTime : 21-06-2004 18:34:08
BasePriority : Normal
FileSize : 229 KB
FileVersion : 2.0.0.635
ProductVersion : 2.0.0.635
Copyright : Copyright (c) 2000-2003 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Common Client Settings Manager Service
InternalName : ccSetMgr
OriginalFilename : ccSetMgr.exe
ProductName : Common Client
Created on : 20/08/2003 00:58:50
Last accessed : 21/06/2004 18:33:57
Last modified : 20/08/2003 00:58:50
#:8 [ccevtmgr.exe]
FilePath : C:\Archivos de programa\Archivos comunes\Symantec Shared\
ThreadCreationTime : 21-06-2004 18:34:08
BasePriority : Normal
FileSize : 249 KB
FileVersion : 2.0.0.635
ProductVersion : 2.0.0.635
Copyright : Copyright (c) 2000-2003 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Common Client Event Manager Service
InternalName : ccEvtMgr
OriginalFilename : ccEvtMgr.exe
ProductName : Common Client
Created on : 20/08/2003 00:56:12
Last accessed : 21/06/2004 18:33:57
Last modified : 20/08/2003 00:56:12
#:9 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 21-06-2004 18:34:09
BasePriority : Normal
FileSize : 50 KB
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
OriginalFilename : spoolsv.exe
ProductName : Microsoft
Created on : 24/08/2001 12:00:00
Last accessed : 21/06/2004 18:33:57
Last modified : 24/08/2001 12:00:00
#:10 [mdm.exe]
FilePath : C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\
ThreadCreationTime : 21-06-2004 18:34:15
BasePriority : Normal
FileSize : 314 KB
FileVersion : 7.00.9466
ProductVersion : 7.00.9466
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
OriginalFilename : mdm.exe
ProductName : Microsoft
Created on : 19/06/2003 22:25:00
Last accessed : 21/06/2004 18:33:57
Last modified : 19/06/2003 22:25:00
#:11 [navapsvc.exe]
FilePath : C:\Archivos de programa\Norton AntiVirus\
ThreadCreationTime : 21-06-2004 18:34:15
BasePriority : Normal
FileSize : 154 KB
FileVersion : 10.00.109
ProductVersion : 10.00.109
Copyright : Norton AntiVirus 2004 for Windows 98/ME/2000/XP Copyright (c) 2003 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
OriginalFilename : NAVAPSVC.EXE
ProductName : Norton AntiVirus
Created on : 22/08/2003 23:12:54
Last accessed : 21/06/2004 18:32:46
Last modified : 22/08/2003 23:12:54
#:12 [nvsvc32.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 21-06-2004 18:34:15
BasePriority : Normal
FileSize : 80 KB
FileVersion : 6.14.10.5216
ProductVersion : 6.14.10.5216
Copyright : (C) NVIDIA Corporation. All rights reserved.
CompanyName : NVIDIA Corporation
FileDescription : NVIDIA Driver Helper Service, Version 52.16
InternalName : NVSVC
OriginalFilename : nvsvc32.exe
ProductName : NVIDIA Driver Helper Service, Version 52.16
Created on : 06/10/2003 13:16:00
Last accessed : 21/06/2004 18:33:57
Last modified : 06/10/2003 13:16:00
#:13 [savscan.exe]
FilePath : C:\Archivos de programa\Norton AntiVirus\
ThreadCreationTime : 21-06-2004 18:34:15
BasePriority : Normal
FileSize : 189 KB
FileVersion : 9.2.0.79
ProductVersion : 9.2
Copyright : Copyright (c) 2003 Symantec Corporation
CompanyName : Symantec Corporation
FileDescription : Symantec AntiVirus Scanner
InternalName : SAVSCAN
OriginalFilename : SAVSCAN.EXE
ProductName : Symantec AntiVirus AutoProtect
Created on : 10/08/2003 05:26:24
Last accessed : 21/06/2004 18:33:57
Last modified : 10/08/2003 05:26:24
#:14 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 21-06-2004 18:34:15
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 24/08/2001 12:00:00
Last accessed : 21/06/2004 18:33:57
Last modified : 24/08/2001 12:00:00
#:15 [explorer.exe]
FilePath : C:\WINDOWS\
ThreadCreationTime : 21-06-2004 18:34:19
BasePriority : Normal
FileSize : 975 KB
FileVersion : 6.00.2800.1221 (xpsp2.030511-1403)
ProductVersion : 6.00.2800.1221
CompanyName : Microsoft Corporation
FileDescription : Explorador de Windows
InternalName : explorer
OriginalFilename : EXPLORER.EXE
ProductName : Sistema operativo Microsoft
Created on : 29/05/2003 10:51:26
Last accessed : 21/06/2004 18:38:16
Last modified : 29/05/2003 10:51:26
#:16 [soundman.exe]
FilePath : C:\WINDOWS\
ThreadCreationTime : 21-06-2004 18:34:23
BasePriority : Normal
FileSize : 56 KB
FileVersion : 5.1.10
ProductVersion : 5.1.10
Copyright : Copyright (c) 2001-2003 Realtek Semiconductor Corp.
CompanyName : Realtek Semiconductor Corp.
FileDescription : Realtek Sound Manager
InternalName : ALSMTray
OriginalFilename : ALSMTray.exe
ProductName : Realtek Sound Manager
Created on : 15/08/2003 14:34:50
Last accessed : 21/06/2004 18:33:57
Last modified : 15/08/2003 14:34:50
#:17 [ccapp.exe]
FilePath : C:\Archivos de programa\Archivos comunes\Symantec Shared\
ThreadCreationTime : 21-06-2004 18:34:23
BasePriority : Normal
FileSize : 69 KB
FileVersion : 2.0.0.635
ProductVersion : 2.0.0.635
Copyright : Copyright (c) 2000-2003 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Symantec Common Client User Session
InternalName : ccApp
OriginalFilename : ccApp.exe
ProductName : Common Client
Created on : 20/08/2003 00:55:56
Last accessed : 21/06/2004 18:33:57
Last modified : 20/08/2003 00:55:56
#:18 [anydvd.exe]
FilePath : C:\Archivos de programa\SlySoft\AnyDVD\
ThreadCreationTime : 21-06-2004 18:34:23
BasePriority : Normal
FileSize : 173 KB
FileVersion : 3.0.0.7
ProductVersion : 3.0.0.7
Copyright : Copyright 2002 - 2003 SlySoft, Inc.
CompanyName : SlySoft, Inc.
FileDescription : Application
InternalName : ANYDVD
OriginalFilename : AnyDVD.exe
ProductName : AnyDVD
Created on : 21/11/2003 16:07:57
Last accessed : 21/06/2004 18:38:18
Last modified : 21/11/2003 16:07:57
#:19 [rundll32.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 21-06-2004 18:34:24
BasePriority : Normal
FileSize : 31 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Ejecutar un archivo DLL como una aplicaci
InternalName : rundll
OriginalFilename : RUNDLL.EXE
ProductName : Sistema operativo Microsoft
Created on : 24/08/2001 12:00:00
Last accessed : 21/06/2004 18:35:04
Last modified : 24/08/2001 12:00:00
#:20 [btusrbdg.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 21-06-2004 18:34:24
BasePriority : Normal
FileSize : 52 KB
FileVersion : 1, 0, 1, 0
ProductVersion : 1, 0, 0, 0
Copyright : Copyright (C) 2001 Extended Systems, Inc.
CompanyName : Extended Systems, Inc.
FileDescription : btusrbdg.exe
InternalName : BTUSRBDG
OriginalFilename : btusrbdg.exe
Created on : 20/03/2004 14:48:19
Last accessed : 21/06/2004 18:34:25
Last modified : 19/06/2002 14:04:34
#:21 [ituneshelper.exe]
FilePath : C:\Archivos de programa\iTunes\
ThreadCreationTime : 21-06-2004 18:34:25
BasePriority : Normal
FileSize : 280 KB
FileVersion : 4.6.0.15
ProductVersion : 4.6.0.15
CompanyName : Apple Computer, Inc.
FileDescription : iTunesHelper Module
InternalName : iTunesHelper
OriginalFilename : iTunesHelper.exe
ProductName : iTunes
Created on : 04/06/2004 10:38:12
Last accessed : 21/06/2004 18:34:25
Last modified : 04/06/2004 10:38:12
#:22 [xmuxexzl.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 21-06-2004 18:34:26
BasePriority : Normal
FileSize : 37 KB
Created on : 21/06/2004 12:56:24
Last accessed : 21/06/2004 18:34:26
Last modified : 21/05/2004 16:02:58
#:23 [ctfmon.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 21-06-2004 18:34:26
BasePriority : Normal
FileSize : 13 KB
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
OriginalFilename : CTFMON.EXE
ProductName : Microsoft
Created on : 09/09/2002 13:51:26
Last accessed : 21/06/2004 18:33:57
Last modified : 09/09/2002 13:51:26
#:24 [msmsgs.exe]
FilePath : C:\Archivos de programa\Messenger\
ThreadCreationTime : 21-06-2004 18:34:26
BasePriority : Normal
FileSize : 1456 KB
FileVersion : 4.7.2009
ProductVersion : Version 4.7
Copyright : Copyright (c) Microsoft Corporation 1997-2003
CompanyName : Microsoft Corporation
FileDescription : Messenger
InternalName : msmsgs
OriginalFilename : msmsgs.exe
ProductName : Messenger
Created on : 14/04/2003 18:30:14
Last accessed : 21/06/2004 18:44:24
Last modified : 14/04/2003 18:30:14
#:25 [netscp.exe]
FilePath : C:\ARCHIV~1\NETSCAPE\NETSCAPE\
ThreadCreationTime : 21-06-2004 18:34:26
BasePriority : Normal
FileSize : 554 KB
FileVersion : 7.1
ProductVersion : 7.1
Copyright : License: MPL 1.1/GPL 2.0/LGPL 2.1
CompanyName : Mozilla, Netscape
FileDescription : Netscape
InternalName : apprunner
OriginalFilename : Netscp.exe
ProductName : Mozilla
Created on : 21/02/2004 19:32:17
Last accessed : 21/06/2004 18:34:30
Last modified : 24/06/2003 11:09:00
#:26 [acrotray.exe]
FilePath : C:\Archivos de programa\Adobe\Acrobat 6.0\Distillr\
ThreadCreationTime : 21-06-2004 18:34:27
BasePriority : Normal
FileSize : 212 KB
FileVersion : 6.0.0.2003051500
ProductVersion : 6.0.0.0
Copyright : Copyright 1984-2003 Adobe Systems Incorporated and its licensors. All rights reserved.
CompanyName : Adobe Systems Inc.
FileDescription : AcroTray
InternalName : AcroTray
OriginalFilename : AcroTray.exe
ProductName : AcroTray - Adobe Acrobat Distiller helper application.
Created on : 15/05/2003 00:19:50
Last accessed : 21/06/2004 18:33:57
Last modified : 15/05/2003 00:19:50
#:27 [audevicemgr.exe]
FilePath : C:\Archivos de programa\Sony Ericsson\Mobile\
ThreadCreationTime : 21-06-2004 18:34:27
BasePriority : Normal
FileSize : 788 KB
FileVersion : 1, 2, 7, 1
ProductVersion : 1, 2, 7, 1
Copyright : Copyright
CompanyName : Teleca Software Solutions AB
FileDescription : Phone Connection Monitor application
InternalName : Device Manager
OriginalFilename : audevicemgr.exe
ProductName : Phone Connection Monitor
Created on : 06/05/2004 12:55:01
Last accessed : 21/06/2004 18:34:28
Last modified : 14/01/2004 15:17:00
#:28 [ipodservice.exe]
FilePath : C:\Archivos de programa\iPod\bin\
ThreadCreationTime : 21-06-2004 18:34:28
BasePriority : Normal
FileSize : 392 KB
FileVersion : 4.6.0.15
ProductVersion : 4.6.0.15
CompanyName : Apple Computer, Inc.
FileDescription : iPodService Module
InternalName : iPodService
OriginalFilename : iPodService.exe
ProductName : iTunes
Created on : 04/06/2004 10:37:56
Last accessed : 21/06/2004 18:32:48
Last modified : 04/06/2004 10:37:56
#:29 [mroute~2.exe]
FilePath : c:\ARCHIV~1\INTUWA~1\Shared\MROUTE~1\
ThreadCreationTime : 21-06-2004 18:34:31
BasePriority : Normal
FileSize : 544 KB
FileVersion : 2, 2, 0, 371
ProductVersion : 2, 0, 0, 1
Copyright : Copyright (C) Intuwave Ltd. 2001
CompanyName : Intuwave Ltd.
FileDescription : mRouterRuntime MFC Application
InternalName : mRouterRuntime
OriginalFilename : mRouterRuntime.EXE
ProductName : mRouter
#:30 [connmn~1.exe]
FilePath : C:\ARCHIV~1\SONYER~1\Mobile\CONNEC~1\
ThreadCreationTime : 21-06-2004 18:34:35
BasePriority : Normal
FileSize : 176 KB
FileVersion : 1, 0, 0, 41
ProductVersion : 1, 0, 0, 1
Copyright : Copyright (C) Symbian Ltd. 2001
CompanyName : Symbian Ltd.
FileDescription : ConnMngmntBox Module
InternalName : ConnMngmntBox
OriginalFilename : ConnMngmntBox.EXE
ProductName : Symbian Connect
#:31 [msbb.exe]
FilePath : C:\DOCUME~1\MIQUEL~1\CONFIG~1\Temp\
ThreadCreationTime : 21-06-2004 18:35:05
BasePriority : Normal
FileSize : 106 KB
FileVersion : 5, 9, 0, 7
ProductVersion : 5, 9, 0, 7
Copyright : Copyright
CompanyName : 180solutions, Inc.
FileDescription : Search Assistant
ProductName : Search Assistant
Created on : 21/06/2004 18:35:05
Last accessed : 21/06/2004 18:35:05
Last modified : 21/06/2004 18:35:05
180Solutions Object recognized!
Type : Process
Data : msbb.exe
Object : C:\DOCUME~1\MIQUEL~1\CONFIG~1\Temp\
FileSize : 106 KB
FileVersion : 5, 9, 0, 7
ProductVersion : 5, 9, 0, 7
Copyright : Copyright
CompanyName : 180solutions, Inc.
FileDescription : Search Assistant
ProductName : Search Assistant
Created on : 21/06/2004 18:35:05
Last accessed : 21/06/2004 18:35:05
Last modified : 21/06/2004 18:35:05
Warning! 180Solutions object found in memory(msbb.exe)
"msbb.exe"Process terminated successfully.
#:32 [omniscient.exe]
FilePath : C:\Program Files\WindowsSA\
ThreadCreationTime : 21-06-2004 18:45:27
BasePriority : Normal
FileSize : 312 KB
Created on : 21/05/2004 08:19:58
Last accessed : 21/06/2004 18:45:27
Last modified : 21/05/2004 08:19:58
Warning! BlazeFind object found in memory(C:\Program Files\WindowsSA\omniscient.exe)
BlazeFind Object recognized!
Type : Process
Data : omniscient.exe
Object : C:\Program Files\WindowsSA\
FileSize : 312 KB
Created on : 21/05/2004 08:19:58
Last accessed : 21/06/2004 18:45:27
Last modified : 21/05/2004 08:19:58
"omniscient.exe"Process terminated successfully.
#:33 [ad-aware.exe]
FilePath : C:\ARCHIV~1\Lavasoft\AD-AWA~1\
ThreadCreationTime : 21-06-2004 18:52:24
BasePriority : Normal
FileSize : 668 KB
FileVersion : 6.0.1.181
ProductVersion : 6.0.0.0
Copyright : Copyright
CompanyName : Lavasoft Sweden
FileDescription : Ad-aware 6 core application
InternalName : Ad-aware.exe
OriginalFilename : Ad-aware.exe
ProductName : Lavasoft Ad-aware Plus
Created on : 21/06/2004 18:50:31
Last accessed : 21/06/2004 18:51:50
Last modified : 12/07/2003 19:00:20
Memory scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 2
Objects found so far: 2
Started registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
180Solutions Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : SOFTWARE\180solutions\msbb
180Solutions Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\Uninstall\msbb
180Solutions Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\180solutions\msbb
Alexa Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Internet Explorer\Extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
BlazeFind Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{83DE62E0-5805-11D8-9B25-00E04C60FAF2}
BlazeFind Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83DE62E0-5805-11D8-9B25-00E04C60FAF2}
StopPop Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{4534CD6B-59D6-43FD-864B-06A0D843444A}
VX2.BetterInternet Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{000020DD-C72E-4113-AF77-DD56626C6C42}
VX2.BetterInternet Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\twaintec
VX2.BetterInternet Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TwaintecDll.TwaintecDllObj.1
VX2.BetterInternet Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TypeLib\{690BCCB4-6B83-4203-AE77-038C116594EC}
VX2.BetterInternet Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : vx2.vx2obj
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Bridge.brdg
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Bridge.brdg.1
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{80bb7465-a638-43b5-9827-8e8fe38dfcc1}
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{9C691A33-7DDA-4C2F-BE4C-C176083F35CF}
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : jao.jao
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : jao.jao.1
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TYPELIB\{c094876d-1b0e-46fa-b6a6-7ffc0f970c27}
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TypeLib\{DDAF2479-6F00-4599-998A-3ED75686C6D0}
Registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 20
Objects found so far: 22
Started deep registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\microsoft\windows\currentversion\moduleusage\C:/WINDOWS/Downloaded Program Files/bridge.dll
WinFavorites Object recognized!
Type : File
Data : bridge.dll
Object : c:\windows\downloaded program files\
FileSize : 56 KB
FileVersion : 1, 0, 0, 117
ProductVersion : 1, 0, 0, 117
Copyright : Copyright 2003
FileDescription : bridge Module
InternalName : bridge
OriginalFilename : bridge.DLL
ProductName : bridge Module
Created on : 19/03/2004 09:46:30
Last accessed : 21/06/2004 18:53:34
Last modified : 19/03/2004 09:46:30
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\microsoft\windows\currentversion\moduleusage\C:/WINDOWS/Downloaded Program Files/jao.dll
WinFavorites Object recognized!
Type : File
Data : jao.dll
Object : c:\windows\downloaded program files\
FileSize : 36 KB
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
Copyright : Copyright 2004
FileDescription : jao Module
InternalName : jao
OriginalFilename : jao.DLL
ProductName : jao Module
Created on : 17/03/2004 09:45:54
Last accessed : 21/06/2004 18:53:35
Last modified : 17/03/2004 09:45:54
Possible browser hijack attempt : {9C691A33-7DDA-4C2F-BE4C-C176083F35CF} (http://static.flingstone.com/cab/2000xp/cdtinc/bridge-c2.cab)
Possible Browser Hijack attempt Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Code Store Database\Distribution Units\{9C691A33-7DDA-4C2F-BE4C-C176083F35CF}
180Solutions Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\Run
Value : msbb
180Solutions Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\Run
Value : xsrun
180Solutions Object recognized!
Type : File
Data : xsrun.exe
Object : c:\windows\
FileSize : 92 KB
Created on : 21/06/2004 18:35:06
Last accessed : 21/06/2004 18:35:14
Last modified : 21/06/2004 18:35:14
VX2.BetterInternet Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\Run
Value : alchem
VX2.BetterInternet Object recognized!
Type : File
Data : alchem.exe
Object : c:\windows\
FileSize : 240 KB
FileVersion : 0, 2, 1, 3
ProductVersion : 0, 2, 1, 3
Copyright : Copyright
CompanyName : ClickAlchemy
FileDescription : www.clickalchemy.com
Created on : 21/06/2004 18:40:22
Last accessed : 21/06/2004 18:40:23
Last modified : 12/03/2004 07:17:20
BlazeFind Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\Run
Value : Windows SA
WinFavorites Object recognized!
Type : RegValue
Data : c:\windows\downloaded program files\jao.dll
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\SharedDLLs
Value : C:\WINDOWS\Downloaded Program Files\jao.dll
WinFavorites Object recognized!
Type : RegValue
Data : c:\windows\downloaded program files\bridge.dll
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\SharedDLLs
Value : C:\WINDOWS\Downloaded Program Files\bridge.dll
VX2.BetterInternet Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000020DD-C72E-4113-AF77-DD56626C6C42}
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9C691A33-7DDA-4C2F-BE4C-C176083F35CF}
Deep registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 11
Objects found so far: 37
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Tracking Cookie Object recognized!
Type : File
Data : miquel costa@180solutions[1].txt
Object : C:\Documents and Settings\Miquel Costa\Cookies\
Created on : 21/06/2004 18:46:09
Last accessed : 21/06/2004 18:46:09
Last modified : 21/06/2004 18:46:09
Tracking Cookie Object recognized!
Type : File
Data : miquel costa@atdmt[1].txt
Object : C:\Documents and Settings\Miquel Costa\Cookies\
Created on : 21/06/2004 18:48:15
Last accessed : 21/06/2004 18:48:15
Last modified : 21/06/2004 18:48:15
Tracking Cookie Object recognized!
Type : File
Data : miquel costa@mediaplex[1].txt
Object : C:\Documents and Settings\Miquel Costa\Cookies\
Created on : 21/06/2004 18:48:31
Last accessed : 21/06/2004 18:48:31
Last modified : 21/06/2004 18:48:31
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Deep scanning and examining files (C:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
WinFavorites Object recognized!
Type : File
Data : a.exe
Object : C:\WINDOWS\System32\
FileSize : 14 KB
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
Copyright : Copyright
OriginalFilename : a.exe
Created on : 21/06/2004 13:28:15
Last accessed : 21/06/2004 18:53:51
Last modified : 21/06/2004 13:28:15
WinFavorites Object recognized!
Type : File
Data : bridge.dll
Object : C:\WINDOWS\System32\
FileSize : 68 KB
FileVersion : 1, 0, 0, 117
ProductVersion : 1, 0, 0, 117
Copyright : Copyright 2003
FileDescription : bridge Module
InternalName : bridge
OriginalFilename : bridge.DLL
ProductName : bridge Module
Created on : 21/06/2004 13:28:15
Last accessed : 21/06/2004 18:34:26
Last modified : 21/06/2004 13:28:15
WinFavorites Object recognized!
Type : File
Data : jao.dll
Object : C:\WINDOWS\System32\
FileSize : 48 KB
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
Copyright : Copyright 2004
FileDescription : jao Module
InternalName : jao
OriginalFilename : jao.DLL
ProductName : jao Module
Created on : 21/06/2004 13:28:15
Last accessed : 21/06/2004 18:53:12
Last modified : 21/06/2004 13:28:15
Performing conditional scans..
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
180Solutions Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\Microsoft\Internet Explorer\Explorer Bars\{30D02401-6A81-11D0-8274-00C04FD5AE38}
180Solutions Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\180solutions
180Solutions Object recognized!
Type : Folder
Object : c:\program files\N-case
180Solutions Object recognized!
Type : File
Data : fiz1
Object : c:\program files\n-case\
FileSize : 29 KB
Created on : 28/02/2004 01:14:28
Last accessed : 21/06/2004 18:54:19
Last modified : 29/02/2004 02:27:03
180Solutions Object recognized!
Type : File
Data : fiz2
Object : c:\program files\n-case\
FileSize : 29 KB
Created on : 28/02/2004 01:17:07
Last accessed : 21/06/2004 18:54:19
Last modified : 29/02/2004 16:09:29
180Solutions Object recognized!
Type : File
Data : fiz3
Object : c:\program files\n-case\
Created on : 29/02/2004 16:12:23
Last accessed : 21/06/2004 18:54:19
Last modified : 29/02/2004 16:13:09
180Solutions Object recognized!
Type : File
Data : kyf.dat
Object : c:\program files\n-case\
FileSize : 2327 KB
Created on : 28/02/2004 01:08:21
Last accessed : 21/06/2004 18:54:19
Last modified : 29/02/2004 14:49:08
VX2.BetterInternet Object recognized!
Type : File
Data : dummy.htm
Object : c:\docume~1\miquel~1\config~1\temp\
Created on : 21/06/2004 12:56:13
Last accessed : 21/06/2004 18:55:43
Last modified : 21/06/2004 12:56:13
VX2.BetterInternet Object recognized!
Type : File
Data : twtini.cab
Object : c:\docume~1\miquel~1\config~1\temp\
Created on : 21/06/2004 18:35:36
Last accessed : 21/06/2004 18:35:36
Last modified : 21/06/2004 18:35:36
VX2.BetterInternet Object recognized!
Type : File
Data : oem11.inf
Object : c:\windows\lastgood\inf\
Created on : 21/02/2004 22:21:01
Last accessed : 21/06/2004 18:55:43
Last modified : 21/02/2004 22:21:01
VX2.BetterInternet Object recognized!
Type : File
Data : oem11.pnf
Object : c:\windows\lastgood\inf\
Created on : 21/02/2004 22:21:01
Last accessed : 21/06/2004 18:55:43
Last modified : 21/02/2004 22:21:01
VX2.BetterInternet Object recognized!
Type : File
Data : oem12.inf
Object : c:\windows\lastgood\inf\
Created on : 22/02/2004 15:17:26
Last accessed : 21/06/2004 18:55:43
Last modified : 22/02/2004 15:17:26
VX2.BetterInternet Object recognized!
Type : File
Data : oem12.pnf
Object : c:\windows\lastgood\inf\
Created on : 22/02/2004 15:17:26
Last accessed : 21/06/2004 18:55:43
Last modified : 22/02/2004 15:17:26
VX2.BetterInternet Object recognized!
Type : File
Data : oem14.inf
Object : c:\windows\lastgood\inf\
Created on : 01/03/2004 21:55:26
Last accessed : 21/06/2004 18:55:43
Last modified : 01/03/2004 21:55:26
VX2.BetterInternet Object recognized!
Type : File
Data : oem14.pnf
Object : c:\windows\lastgood\inf\
Created on : 01/03/2004 21:55:26
Last accessed : 21/06/2004 18:55:43
Last modified : 01/03/2004 21:55:26
VX2.BetterInternet Object recognized!
Type : File
Data : twaintec.dll
Object : c:\windows\
FileSize : 136 KB
FileVersion : 0, 1, 4, 19
ProductVersion : 0, 1, 4, 19
Copyright : Copyright
CompanyName : Twain Tech
FileDescription : www.twain-tech.com
InternalName : Twaintec
OriginalFilename : Twaintec.dll
ProductName : Twaintec
Created on : 21/06/2004 12:56:22
Last accessed : 21/06/2004 18:34:29
Last modified : 04/05/2004 14:43:46
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{4FDBDBAD-FEFE-4C4C-9CC1-1181052AFB12}
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{B88A3AF1-4F1B-4400-8FFB-3FCB108CE115}
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bridge
Conditional scan result:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 19
Objects found so far: 62
20:56:11 Scan complete
Summary of this scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Total scanning time :00:03:30:203
Objects scanned :74480
Objects identified :62
Objects ignored :0
New objects :62
Navegación
[#] Página Siguiente
Ir a la versión completa