Bienvenido: ( Identificarse | Registrarse )      
Foros de Trucos Windows
 
 Closed TopicStart new topicStart Poll

Outline · [ Estándar ] · Lineal+

> Inspeccion del ad-aware

SeRa
post Sep 22 2005, 03:32 PM
Publicado: #1


Miembro Avanzado
***

Grupo: Members
Mensajes: 75
Registrado: 2-December 04
Miembro nº: 41.059
Buenas gente. Vereis, el pc no me va mu bien y me recomendaron pasar el ad-aware y aki pongo lo ke me a salido, porke la verda ke no entiendo nada ese programa.

user posted image

user posted image

user posted image


Ad-Aware SE Build 1.06r1
Logfile Created on:jueves, 22 de septiembre de 2005 16:08:37
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R67 20.09.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Claria(TAC index:7):1 total references
CnsMin(TAC index:8):37 total references
Other(TAC index:5):1 total references
Possible Browser Hijack attempt(TAC index:3):2 total references
Tracking Cookie(TAC index:3):4 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects


22-9-2005 16:08:37 - Scan started. (Full System Scan)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 336
ThreadCreationTime : 21-9-2005 23:54:59
BasePriority : Normal


#:2 [csrss.exe]
FilePath : \??\C:\WINNT\system32\
ProcessID : 456
ThreadCreationTime : 21-9-2005 23:55:01
BasePriority : Normal


#:3 [winlogon.exe]
FilePath : \??\C:\WINNT\system32\
ProcessID : 480
ThreadCreationTime : 21-9-2005 23:55:02
BasePriority : High


#:4 [services.exe]
FilePath : C:\WINNT\system32\
ProcessID : 524
ThreadCreationTime : 21-9-2005 23:55:02
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Sistema operativo Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Aplicación de servicios y controlador
InternalName : services.exe
LegalCopyright : Copyright © Microsoft Corporation. Reservados todos los derechos.
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : C:\WINNT\system32\
ProcessID : 536
ThreadCreationTime : 21-9-2005 23:55:02
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
FilePath : C:\WINNT\system32\
ProcessID : 680
ThreadCreationTime : 21-9-2005 23:55:03
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
FilePath : C:\WINNT\system32\
ProcessID : 740
ThreadCreationTime : 21-9-2005 23:55:03
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
FilePath : C:\WINNT\System32\
ProcessID : 776
ThreadCreationTime : 21-9-2005 23:55:03
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
FilePath : C:\WINNT\system32\
ProcessID : 828
ThreadCreationTime : 21-9-2005 23:55:03
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [svchost.exe]
FilePath : C:\WINNT\system32\
ProcessID : 932
ThreadCreationTime : 21-9-2005 23:55:04
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:11 [spoolsv.exe]
FilePath : C:\WINNT\system32\
ProcessID : 1112
ThreadCreationTime : 21-9-2005 23:55:04
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:12 [avpcc.exe]
FilePath : C:\Archivos de programa\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\
ProcessID : 1212
ThreadCreationTime : 21-9-2005 23:55:05
BasePriority : Normal
FileVersion : 4.0.2.8
ProductVersion : 4.0.164.0
ProductName : Kaspersky Anti-Virus
CompanyName : Kaspersky Labs.
FileDescription : KL Control Centre
InternalName : KL Control Centre
LegalCopyright : Copyright © Kaspersky Labs. 1996-2002.
LegalTrademarks : Kaspersky Anti-Virus® and AVP® are registered trademarks of Kaspersky Labs.
OriginalFilename : AVPCC.EXE
Comments : Andrey Bryksin [andrey@avp.ru]

#:13 [cdantsrv.exe]
FilePath : C:\WINNT\system32\DRIVERS\
ProcessID : 1224
ThreadCreationTime : 21-9-2005 23:55:05
BasePriority : Normal
FileVersion : 3.25.010
ProductVersion : 3.25.010 Windows NT 2002/01/07
ProductName : CD-Secure/CD-Compress Windows NT
CompanyName : C-Dilla Ltd
FileDescription : C-Dilla RTS Service
InternalName : CDANTSRV
LegalCopyright : Copyright © Macrovision 1993-2002
OriginalFilename : CDANTSRV.EXE
Comments : StringFileInfo: U.S. English

#:14 [avpm.exe]
FilePath : C:\Archivos de programa\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\
ProcessID : 1288
ThreadCreationTime : 21-9-2005 23:55:05
BasePriority : Normal
FileVersion : 4.2.0.58
ProductVersion : 4.2.0.0
ProductName : Kaspersky Anti-Virus
CompanyName : Kaspersky Labs.
FileDescription : KAV Monitor main module
InternalName : AvpM
LegalCopyright : Copyright © Kaspersky Labs. 1996-2002.
LegalTrademarks : Kaspersky Anti-Virus® and AVP® are registered trademarks of Kaspersky Labs.
OriginalFilename : AvpM.Exe
Comments : Victor Matiouchenkov [victor@avp.ru]

#:15 [wdfmgr.exe]
FilePath : C:\WINNT\system32\
ProcessID : 1484
ThreadCreationTime : 21-9-2005 23:55:05
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe

#:16 [vsmon.exe]
FilePath : C:\WINNT\system32\ZoneLabs\
ProcessID : 1524
ThreadCreationTime : 21-9-2005 23:55:06
BasePriority : Normal
FileVersion : 3.1.395
ProductVersion : 3.1.395
ProductName : TrueVector Service
CompanyName : Zone Labs Inc.
FileDescription : TrueVector Service
InternalName : vsmon
LegalCopyright : Copyright © 1999-2002, Zone Labs Inc.
OriginalFilename : vsmon.exe

#:17 [mspmspsv.exe]
FilePath : C:\WINNT\System32\
ProcessID : 1572
ThreadCreationTime : 21-9-2005 23:55:06
BasePriority : Normal
FileVersion : 7.01.00.3055
ProductVersion : 7.01.00.3055
ProductName : Microsoft ® DRM
CompanyName : Microsoft Corporation
FileDescription : WMDM PMSP Service
InternalName : MSPMSPSV.EXE
LegalCopyright : Copyright © Microsoft Corp. 1981-2000
OriginalFilename : MSPMSPSV.EXE

#:18 [explorer.exe]
FilePath : C:\WINNT\
ProcessID : 324
ThreadCreationTime : 21-9-2005 23:55:09
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Sistema operativo Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Explorador de Windows
InternalName : explorer
LegalCopyright : © Microsoft Corporation. Reservados todos los derechos.
OriginalFilename : EXPLORER.EXE

#:19 [alg.exe]
FilePath : C:\WINNT\System32\
ProcessID : 1148
ThreadCreationTime : 21-9-2005 23:55:17
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe

#:20 [avpcc.exe]
FilePath : C:\Archivos de programa\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\
ProcessID : 1796
ThreadCreationTime : 21-9-2005 23:55:18
BasePriority : Normal
FileVersion : 4.0.2.8
ProductVersion : 4.0.164.0
ProductName : Kaspersky Anti-Virus
CompanyName : Kaspersky Labs.
FileDescription : KL Control Centre
InternalName : KL Control Centre
LegalCopyright : Copyright © Kaspersky Labs. 1996-2002.
LegalTrademarks : Kaspersky Anti-Virus® and AVP® are registered trademarks of Kaspersky Labs.
OriginalFilename : AVPCC.EXE
Comments : Andrey Bryksin [andrey@avp.ru]

#:21 [rundll32.exe]
FilePath : C:\WINNT\system32\
ProcessID : 1932
ThreadCreationTime : 21-9-2005 23:55:18
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Sistema operativo Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Ejecutar un archivo DLL como una aplicación
InternalName : rundll
LegalCopyright : © Microsoft Corporation. Reservados todos los derechos.
OriginalFilename : RUNDLL.EXE

#:22 [mpower.exe]
FilePath : C:\Archivos de programa\Mpower\
ProcessID : 1820
ThreadCreationTime : 21-9-2005 23:55:18
BasePriority : Normal
FileVersion : 1.1.0.0
ProductVersion : 1.1.0.0
ProductName : MPower
CompanyName : Mindbeat
FileDescription : MPower
InternalName : MPower
LegalCopyright : Mindbeat.com
LegalTrademarks : Mindbeat.com
OriginalFilename : MPower
Comments : System manager

#:23 [cnetwlanmonitor.exe]
FilePath : C:\Archivos de programa\CNet\802.11 Wireless LAN\
ProcessID : 2076
ThreadCreationTime : 21-9-2005 23:55:19
BasePriority : Normal
FileVersion : 3, 3, 4, 51
ProductVersion : 1, 0, 0, 1
ProductName : Wireless LAN Monitor Utility
FileDescription : Wireless LAN Monitor Utility
InternalName : WlanMonitor
LegalCopyright : Copyright © 2002
OriginalFilename : WlanMonitor.exe
Comments : Wireless LAN Monitor Utility

#:24 [zapro.exe]
FilePath : C:\Archivos de programa\Zone Labs\ZoneAlarm\
ProcessID : 2088
ThreadCreationTime : 21-9-2005 23:55:19
BasePriority : Normal
FileVersion : 3.1.395
ProductVersion : 3.1.395
ProductName : ZoneAlarm Pro
CompanyName : Zone Labs Inc.
FileDescription : ZoneAlarm Pro
InternalName : zapro
LegalCopyright : Copyright © 1999-2002, Zone Labs Inc.
OriginalFilename : zapro.exe

#:25 [svchost.exe]
FilePath : C:\WINNT\system32\
ProcessID : 3252
ThreadCreationTime : 22-9-2005 0:17:34
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:26 [msnmsgr.exe]
FilePath : C:\Archivos de programa\MSN Messenger\
ProcessID : 816
ThreadCreationTime : 22-9-2005 1:18:59
BasePriority : Normal
FileVersion : 7.5.0299
ProductVersion : 7.5.0299
ProductName : MSN Messenger
CompanyName : Microsoft Corporation
FileDescription : MSN Messenger
InternalName : msnmsgr
LegalCopyright : Copyright © Microsoft Corporation 1997-2004
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msnmsgr.exe

#:27 [ylive.exe]
FilePath : C:\ARCHIV~1\Yahoo!\ASSIST~1\
ProcessID : 4092
ThreadCreationTime : 22-9-2005 11:52:28
BasePriority : Normal
FileVersion : 2, 0, 0, 1001
ProductVersion : 1, 0, 0, 1001
ProductName : YLive
FileDescription : YLive
InternalName : YLive
LegalCopyright : Copyright ? 2005
OriginalFilename : YLive.exe

#:28 [rundll32.exe]
FilePath : C:\WINNT\system32\
ProcessID : 2288
ThreadCreationTime : 22-9-2005 11:52:46
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Sistema operativo Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Ejecutar un archivo DLL como una aplicación
InternalName : rundll
LegalCopyright : © Microsoft Corporation. Reservados todos los derechos.
OriginalFilename : RUNDLL.EXE

#:29 [winamp.exe]
FilePath : C:\Archivos de programa\Winamp\
ProcessID : 736
ThreadCreationTime : 22-9-2005 12:06:45
BasePriority : Normal
FileVersion : 2.91
ProductVersion : 2.91
ProductName : Winamp
CompanyName : Nullsoft
FileDescription : Winamp
InternalName : WINAMP
LegalCopyright : Copyright © 1997-2003, Nullsoft, Inc.
LegalTrademarks : Nullsoft and Winamp are trademarks of Nullsoft, Inc.
OriginalFilename : Winamp.exe
Comments : Visit http://www.winamp.com/ for updates.

#:30 [firefox.exe]
FilePath : C:\Archivos de programa\Mozilla Firefox\
ProcessID : 2732
ThreadCreationTime : 22-9-2005 13:47:09
BasePriority : Normal


#:31 [ad-aware.exe]
FilePath : C:\ARCHIV~1\Lavasoft\AD-AWA~1\
ProcessID : 3784
ThreadCreationTime : 22-9-2005 14:08:02
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

CnsMin Object Recognized!
Type : Regkey
Data :
TAC Rating : 8
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{7ca83cf1-3aea-42d0-a4e3-1594fc6e48b2}

CnsMin Object Recognized!
Type : Regkey
Data :
TAC Rating : 8
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{be08f6bc-c3e6-4149-beb1-cb449e1b372e}

CnsMin Object Recognized!
Type : Regkey
Data :
TAC Rating : 8
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{4158db95-de71-41ff-bea1-2c3d1c679df1}

CnsMin Object Recognized!
Type : Regkey
Data :
TAC Rating : 8
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{b83fc273-3522-4cc6-92ec-75cc86678da4}

CnsMin Object Recognized!
Type : Regkey
Data :
TAC Rating : 8
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : cnshelper.ch

CnsMin Object Recognized!
Type : Regkey
Data :
TAC Rating : 8
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : cnshelper.ch.1

CnsMin Object Recognized!
Type : Regkey
Data :
TAC Rating : 8
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{924f5b3a-7a27-484a-b873-e855c9708667}

CnsMin Object Recognized!
Type : Regkey
Data :
TAC Rating : 8
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{df692509-d9ef-48a0-9cd0-3aa5b81f6f68}

CnsMin Object Recognized!
Type : Regkey
Data :
TAC Rating : 8
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{aab6bce3-1df6-4930-9b14-9ca79dc8c267}

CnsMin Object Recognized!
Type : Regkey
Data :
TAC Rating : 8
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1220945662-308236825-839522115-1005\software\3721

CnsMin Object Recognized!
Type : Regkey
Data :
TAC Rating : 8
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\3721

CnsMin Object Recognized!
Type : RegValue
Data :
TAC Rating : 8
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\3721
Value : CFile

CnsMin Object Recognized!
Type : RegValue
Data :
TAC Rating : 8
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\3721
Value : alpath

CnsMin Object Recognized!
Type : RegValue
Data :
TAC Rating : 8
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\3721
Value : alliveex

CnsMin Object Recognized!
Type : Regkey
Data :
TAC Rating : 8
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\advancedoptions\!cns

CnsMin Object Recognized!
Type : RegValue
Data :
TAC Rating : 8
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\advancedoptions\!cns
Value : Text

CnsMin Object Recognized!
Type : RegValue
Data :
TAC Rating : 8
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\advancedoptions\!cns
Value : Bitmap

CnsMin Object Recognized!
Type : Regkey
Data :
TAC Rating : 8
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\cnsmin

CnsMin Object Recognized!
Type : RegValue
Data :
TAC Rating : 8
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\cnsmin
Value : UninstallString

CnsMin Object Recognized!
Type : RegValue
Data :
TAC Rating : 8
Category : Data Miner
Comment : "CnsMin"
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\run
Value : CnsMin

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 20
Objects found so far: 20


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Possible Browser Hijack attempt : Software\Microsoft\Internet Explorer\SearchSearchAssistant3721.com

Possible Browser Hijack attempt Object Recognized!
Type : RegData
Data : "http://seek.3721.com/srchasst.htm"
TAC Rating : 8
Category : Data Miner
Comment : Possible Browser Hijack attempt
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Internet Explorer\Search
Value : SearchAssistant
Data : "http://seek.3721.com/srchasst.htm"
Possible Browser Hijack attempt : Software\Microsoft\Internet Explorer\SearchCustomizeSearch3721.com

Possible Browser Hijack attempt Object Recognized!
Type : RegData
Data : "http://seek.3721.com/srchcust.htm"
TAC Rating : 8
Category : Data Miner
Comment : Possible Browser Hijack attempt
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Internet Explorer\Search
Value : CustomizeSearch
Data : "http://seek.3721.com/srchcust.htm"

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 2
Objects found so far: 22


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : sera@0[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:10
Value : Cookie:sera@jedonkey.cjt1.net/HTM/307/0
Expires : 19-9-2006 13:01:08
LastSync : Hits:10
UseCount : 0
Hits : 10

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : sera@atdmt[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:58
Value : Cookie:sera@atdmt.com/
Expires : 17-9-2010 2:00:00
LastSync : Hits:58
UseCount : 0
Hits : 58

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 2
Objects found so far: 24



Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@atdmt[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Cookies\administrador@atdmt[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@cgi-bin[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Cookies\administrador@cgi-bin[2].txt

Claria Object Recognized!
Type : File
Data : A0006228.exe
TAC Rating : 7
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{7F584B66-A269-4F75-BF00-C82874A7A6EA}\RP12\
FileVersion : 3.2.0.2
ProductVersion : 3.2.0.2
OriginalFilename : Trickler.exe


Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 27


Scanning Hosts file......
Hosts file location:"C:\WINNT\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 27




Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

CnsMin Object Recognized!
Type : Regkey
Data :
TAC Rating : 8
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : autolive.live

CnsMin Object Recognized!
Type : Regkey
Data :
TAC Rating : 8
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : autolive.live.1

CnsMin Object Recognized!
Type : Folder
TAC Rating : 8
Category : Data Miner
Comment : CnsMin
Object : C:\Archivos de programa\3721

CnsMin Object Recognized!
Type : File
Data : alliveex.dll
TAC Rating : 8
Category : Data Miner
Comment :
Object : C:\Archivos de programa\3721\
FileVersion : 1, 0, 2, 1005
ProductVersion : 1, 0, 2, 1005
ProductName : LiveEx
FileDescription : LiveEx
InternalName : LiveEx
LegalCopyright : Copyright ? 2005
OriginalFilename : LiveEx.dll


CnsMin Object Recognized!
Type : File
Data : alrex.dll
TAC Rating : 8
Category : Data Miner
Comment :
Object : C:\Archivos de programa\3721\
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : alrex Module
FileDescription : alrex Module
InternalName : alrex
LegalCopyright : Copyright 2004
OriginalFilename : ALREX.DLL


CnsMin Object Recognized!
Type : File
Data : assistse.exe
TAC Rating : 8
Category : Data Miner
Comment :
Object : C:\Archivos de programa\3721\
FileVersion : 1, 0, 1, 1001
ProductVersion : 1, 0, 1, 1001
ProductName : yahoo AssistSetting
CompanyName : yahoo
FileDescription : AssistSetting
InternalName : AssistSetting
LegalCopyright : Copyright 3721.COM 2004
OriginalFilename : AssistSe.exe


CnsMin Object Recognized!
Type : File
Data : AutoLive.dll
TAC Rating : 8
Category : Data Miner
Comment :
Object : C:\Archivos de programa\3721\
FileVersion : 1, 0, 4, 1004
ProductVersion : 1, 0, 4, 1004
ProductName : AutoLive Module
FileDescription : AutoLive Module
InternalName : AutoLive
LegalCopyright : Copyright 2004
OriginalFilename : AutoLive.DLL


CnsMin Object Recognized!
Type : File
Data : autolive.ini
TAC Rating : 8
Category : Data Miner
Comment :
Object : C:\Archivos de programa\3721\



CnsMin Object Recognized!
Type : File
Data : autolvsw.ini
TAC Rating : 8
Category : Data Miner
Comment :
Object : C:\Archivos de programa\3721\



CnsMin Object Recognized!
Type : File
Data : cns01.dat
TAC Rating : 8
Category : Data Miner
Comment :
Object : C:\Archivos de programa\3721\



CnsMin Object Recognized!
Type : File
Data : cns03.dat
TAC Rating : 8
Category : Data Miner
Comment :
Object : C:\Archivos de programa\3721\



CnsMin Object Recognized!
Type : File
Data : Helper.dll
TAC Rating : 8
Category : Data Miner
Comment :
Object : C:\Archivos de programa\3721\
FileVersion : 1, 0, 1, 6
ProductVersion : 1, 0, 1, 6
ProductName : Helper Module
FileDescription : Helper Module
InternalName : Helper
LegalCopyright : Copyright 2004
OriginalFilename : Helper.dll


CnsMin Object Recognized!
Type : File
Data : notifier.dll
TAC Rating : 8
Category : Data Miner
Comment :
Object : C:\Archivos de programa\3721\
FileVersion : 1, 0, 0, 5
ProductVersion : 1, 0, 0, 5
ProductName : ComObj Module
FileDescription : ComObj Module
InternalName : ComObj
LegalCopyright : Copyright 2004
OriginalFilename : ComObj.DLL


CnsMin Object Recognized!
Type : File
Data : patch03.dll
TAC Rating : 8
Category : Data Miner
Comment :
Object : C:\Archivos de programa\3721\



CnsMin Object Recognized!
Type : File
Data : patch05.dll
TAC Rating : 8
Category : Data Miner
Comment :
Object : C:\Archivos de programa\3721\



CnsMin Object Recognized!
Type : File
Data : patch06.dll
TAC Rating : 8
Category : Data Miner
Comment :
Object : C:\Archivos de programa\3721\
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : 3721 patch06
CompanyName : 3721
FileDescription : patch06
InternalName : patch06
LegalCopyright : Copyright © 2004 3721.com
OriginalFilename : patch06.dll


CnsMin Object Recognized!
Type : File
Data : scrblock.dll
TAC Rating : 8
Category : Data Miner
Comment :
Object : C:\Archivos de programa\3721\
FileVersion : 1, 0, 1, 1000
ProductVersion : 1, 0, 1, 1000
ProductName : 3721 ScrBlock
CompanyName : 3721
FileDescription : ScrBlock
InternalName : ScrBlock
LegalCopyright : Copyright ? 2004
OriginalFilename : ScrBlock.dll


Other Object Recognized!
Type : File
Data : ASSISTSE.EXE-1E12D192.pf
TAC Rating : 7
Category : Malware
Comment :
Object : C:\WINNT\prefetch\



Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 18
Objects found so far: 45

16:19:14 Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:10:36.859
Objects scanned:118706
Objects identified:46
Objects ignored:0
New critical objects:46





Me parece ke dejar este mensaje es un poco bestia pero espero ke alguien me pueda ayudar porfavor.

Muchas gracias y espero ansioso vuestra respuesta.


User is offlineProfile CardPM
Go to the top of the page
+Quote Post
Caito
post Sep 22 2005, 11:08 PM
Publicado: #2


No Spiware
Group Icon

Grupo: Supervisor Global
Mensajes: 17.485
Registrado: 15-August 04
Desde: Argentina
Miembro nº: 13.043
Mira esto:
http://www.trucoswindows.net/conteni5id-17...onal--1.05.html
Salu2
Caito


User is offlineProfile CardPM
Go to the top of the page
+Quote Post
SeRa
post Sep 23 2005, 02:12 AM
Publicado: #3


Miembro Avanzado
***

Grupo: Members
Mensajes: 75
Registrado: 2-December 04
Miembro nº: 41.059
Gracias ya lo tengo listo


User is offlineProfile CardPM
Go to the top of the page
+Quote Post
Caito
post Sep 23 2005, 08:06 PM
Publicado: #4


No Spiware
Group Icon

Grupo: Supervisor Global
Mensajes: 17.485
Registrado: 15-August 04
Desde: Argentina
Miembro nº: 13.043
Has solucionado el problema ?
Salu2
Caito
User is offlineProfile CardPM
Go to the top of the page
+Quote Post
 

 
 Closed TopicTopic OptionsStart new topic

Collapse

> Topicos similares

Titulo Autor visitas Respuestas Ultimo post
Quitar Ad-Aware 2007 8673 229 1 Jun 8 2008, 04:40 PM
By: elranix
Ad-Aware bixoew 287 3 Feb 29 2008, 01:17 AM
By: Caito
Error al actualizal AD-aware rigan 1.628 6 Feb 7 2008, 11:17 PM
By: rigan
actualizar ad aware se Locadeatar 1.279 1 Jan 30 2008, 12:35 AM
By: Locadeatar
Ad aware me cuelga el sistema! Ayuda! Audentes 1.170 6 Dec 21 2007, 08:25 PM
By: Audentes

Invision Power Board v2.0.4 © 2008  IPS, Inc. Licensed to: ©trucoswindows.net