Utilizamos Cookies de terceros para generar estadísticas de audiencia y mostrar publicidad personalizada analizando tu navegación. Si sigues navegando estarás aceptando su uso. Más información X
PortadaForo AyudaTutoriales
InicioForosForo Virus

Sobre sws antispyware 2007 y ventanas emergentes (Solucionado)

joelito77
2008-05-26 07:25 - Respuestas: 17 - Tema nº: 2520871


Características: Windows XP Home 2GB RAM, 120GB HD, intel core Duo procesador .

Hace una par de meses empecé de ver que cuando usaba el internet me salían ventanas de anuncios sin que yo las abriera. Luego me salía un aviso de que estaba infectado y que necesitaba instalar sws antispyware 2007. Tengo el Mcafee security center pero no me detecta nada. Luego instalé el superspyware y me detectó algunos coockies, luego instalé el spybot y me detectó un trojan, y así he ido scanenando con otros antivirus y sigo con el problema. Leí una pregunta sobre lo mismo en este foro y he seguido la recomendación dada:
1) pasar el antivirus (lo estoy hacindo con Panda on line)
aun me falta pasar el superantispyware, el ad-ware, el avg antispyware, limpiar con ccleaner y por último el hijackThis.

Ya he pasado en otra ocasión l AVG... pero sigo con el problema.

Comentarios adicionales: No había instalado ningún programa, ni cambiado nada de hardware en el PC.
Posibles soluciones:
Sobre sws antispyware 2007 y ventanas emergentes (solucionado)Sobre sws antispyware 2007 y ventanas emergentes (solucionado)
Sobre ventanas emergentesSobre ventanas emergentes
Ventanas emergentesVentanas emergentes
Ventanas emergentesVentanas emergentes
Ventanas emergentesVentanas emergentes
tordanxa

Re: Sobre sws antispyware 2007 y ventanas emergentes (Solucionado) - 2008-05-26 15:57 - Respuesta 2

Pues cuando termines de pasar todos esos programas (en modo a prueba de fallos) ñegas el log del hijackthis.
tordanxa

Re: Sobre sws antispyware 2007 y ventanas emergentes (Solucionado) - 2008-05-26 15:59 - Respuesta 3

¿que versión del XP exactamente tienes?
joelito77

Re: Sobre sws antispyware 2007 y ventanas emergentes (Solucionado) - 2008-05-26 17:08 - Respuesta 4

Hola. Tengo el xp home edition, he pasado los programas pero en modo normal, no en modo a prueba de fallos, la verdad no vi espesificado en la información que leí que tenía que ser de ese modo. De todas formas, a continuación les muestro los resultados que obtuve, si sirve de algo para solucionar este problema. Con el Panda online me salieron algunos que no solucioné porque pedía pagar y preferí mostrarles primero. Yo desinstalé el mcafee e instalé el AVG antivirus de prueba. A continuación los resultados.

1) Con panda

;***********************************************************************************************************************************************************************************
ANALYSIS: 2008-05-26 01:07:46
PROTECTIONS: 1
MALWARE: 8
SUSPECTS: 1
;***********************************************************************************************************************************************************************************
PROTECTIONS
Des-c-r-i-p-tion Version Active Updated
;=================
AVG Anti-Virus 8.0 Yes Yes
;=================
MALWARE
Id Des-c-r-i-p-tion Type Active Severity Disinfectable Disinfected Location
;=================
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\joel\Cookies\joel@doubleclick[1].txt
00139535 Application/Processor HackTools No 0 Yes No C:\Documents and Settings\joel\Desktop\SmitfraudFix\SmitfraudFix\Process.exe
00139535 Application/Processor HackTools No 0 Yes No C:\Documents and Settings\joel\Desktop\SmitfraudFix.zip[SmitfraudFix/Process.exe]
00139535 Application/Processor HackTools No 0 Yes No C:\WINDOWS\system32\Process.exe
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\joel\Cookies\joel@tradedoubler[1].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\joel\Cookies\joel@ad.yieldmanager[1].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\joel\Cookies\joel@advertising[2].txt
01073279 Adware/WebSearch Adware No 0 Yes No C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP247\A0040183.dll
02197130 Trj/Rebooter.J Virus/Trojan No 1 Yes No C:\Documents and Settings\joel\Desktop\SmitfraudFix.zip[SmitfraudFix/Reboot.exe]
02197130 Trj/Rebooter.J Virus/Trojan No 1 Yes No C:\Documents and Settings\joel\Desktop\SmitfraudFix\SmitfraudFix\Reboot.exe
02654326 Adware/KeenValue Adware No 0 Yes No C:\Documents and Settings\joel\My Documents\incredimail_install.exe
;=================
SUSPECTS
Sent Location Gz
;=================
No C:\DOCUMENTS AND SETTINGS\JOEL\LOCAL SETTINGS\APPLICATION DATA\WJGLXUCALM.EXE Gz
;=================
VULNERABILITIES
Id Severity Des-c-r-i-p-tion Gz
;=================
;=================

2) con superantispyware:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 05/26/2008 at 02:52 AM

Application Version : 4.1.1046

Core Rules Database Version : 3468
Trace Rules Database Version: 1459

Scan type : Complete Scan
Total Scan Time : 01:19:40

Memory items scanned : 612
Memory threats detected : 0
Registry items scanned : 7496
Registry threats detected : 0
File items scanned : 30147
File threats detected : 17

Adware.Tracking Cookie
C:\Documents and Settings\joel\Cookies\joel@zanox[2].txt
C:\Documents and Settings\joel\Cookies\joel@advertising[2].txt
C:\Documents and Settings\joel\Cookies\joel@tradedoubler[1].txt
C:\Documents and Settings\joel\Cookies\joel@imrworldwide[1].txt
C:\Documents and Settings\joel\Cookies\joel (Prohibido poner emails)portal.112.2o7[1].txt
C:\Documents and Settings\joel\Cookies\joel@pandasoftware.112.2o7[1].txt
C:\Documents and Settings\joel\Cookies\joel@clickpoint[2].txt
C:\Documents and Settings\joel\Cookies\joel@2o7[2].txt
C:\Documents and Settings\joel\Cookies\joel@indextools[2].txt
C:\Documents and Settings\joel\Cookies\joel@doubleclick[1].txt
C:\Documents and Settings\joel\Cookies\joel@atdmt[1].txt
C:\Documents and Settings\joel\Cookies\joel@ad.yieldmanager[1].txt
C:\Documents and Settings\joel\Cookies\joel@intershare.112.2o7[1].txt
C:\Documents and Settings\joel\Cookies\joel@ad.zanox[1].txt
C:\Documents and Settings\joel\Cookies\joel@statcounter[1].txt
C:\Documents and Settings\joel\Cookies\joel@atdmt[2].txt
C:\Documents and Settings\joel\Cookies\joel@zbox.zanox[1].txt

3) con Ad-Aware:


Ad-Aware SE Build 1.06r1
Logfile Created on:Monday, May 26, 2008 5:07:10 AM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R210 27.12.2007
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Adware.BHO(generic)(TAC index:3):19 total references
MRU List(TAC index:0):37 total references
Tracking Cookie(TAC index:3):3 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings

Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file

Extended Ad-Aware SE Settings

Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects


5-26-2008 5:07:10 AM - Scan started. (Full System Scan)

MRU List Object Recognized!
Location: : C:\Documents and Settings\joel\recent
Des-c-r-i-p-tion : list of recently opened documents


MRU List Object Recognized!
Location: : S-1-5-21-139679810-1303746373-1002453074-1006\software\adobe\adobe acrobat\6.0\avgeneral\crecentfiles
Des-c-r-i-p-tion : list of recently used files in adobe acrobat


MRU List Object Recognized!
Location: : S-1-5-21-139679810-1303746373-1002453074-1006\software\google\navclient\1.1\history
Des-c-r-i-p-tion : list of recently used search terms in the google toolbar


MRU List Object Recognized!
Location: : S-1-5-21-139679810-1303746373-1002453074-1006\software\microsoft\direct3d\mostrecentapplication
Des-c-r-i-p-tion : most recent application to use microsoft direct3d


MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Des-c-r-i-p-tion : most recent application to use microsoft direct3d


MRU List Object Recognized!
Location: : S-1-5-21-139679810-1303746373-1002453074-1006\software\microsoft\direct3d\mostrecentapplication
Des-c-r-i-p-tion : most recent application to use microsoft direct X


MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Des-c-r-i-p-tion : most recent application to use microsoft direct X


MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Des-c-r-i-p-tion : most recent application to use microsoft directdraw


MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\directinput\mostrecentapplication
Des-c-r-i-p-tion : most recent application to use microsoft directinput


MRU List Object Recognized!
Location: : S-1-5-18\software\microsoft\directinput\mostrecentapplication
Des-c-r-i-p-tion : most recent application to use microsoft directinput


MRU List Object Recognized!
Location: : S-1-5-21-139679810-1303746373-1002453074-1006\software\microsoft\directinput\mostrecentapplication
Des-c-r-i-p-tion : most recent application to use microsoft directinput


MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\directinput\mostrecentapplication
Des-c-r-i-p-tion : most recent application to use microsoft directinput


MRU List Object Recognized!
Location: : S-1-5-18\software\microsoft\directinput\mostrecentapplication
Des-c-r-i-p-tion : most recent application to use microsoft directinput


MRU List Object Recognized!
Location: : S-1-5-21-139679810-1303746373-1002453074-1006\software\microsoft\directinput\mostrecentapplication
Des-c-r-i-p-tion : most recent application to use microsoft directinput


MRU List Object Recognized!
Location: : S-1-5-21-139679810-1303746373-1002453074-1006\software\microsoft\internet explorer
Des-c-r-i-p-tion : last download directory used in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-139679810-1303746373-1002453074-1006\software\microsoft\internet explorer\main
Des-c-r-i-p-tion : last save directory used in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-139679810-1303746373-1002453074-1006\software\microsoft\internet explorer\typedurls
Des-c-r-i-p-tion : list of recently entered addresses in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-139679810-1303746373-1002453074-1006\software\microsoft\mediaplayer\medialibraryui
Des-c-r-i-p-tion : last selected node in the microsoft windows media player media library


MRU List Object Recognized!
Location: : S-1-5-21-139679810-1303746373-1002453074-1006\software\microsoft\mediaplayer\player\recentfilelist
Des-c-r-i-p-tion : list of recently used files in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-139679810-1303746373-1002453074-1006\software\microsoft\mediaplayer\player\settings
Des-c-r-i-p-tion : last open directory used in jasc paint shop pro


MRU List Object Recognized!
Location: : S-1-5-21-139679810-1303746373-1002453074-1006\software\microsoft\mediaplayer\preferences
Des-c-r-i-p-tion : last playlist index loaded in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-139679810-1303746373-1002453074-1006\software\microsoft\mediaplayer\preferences
Des-c-r-i-p-tion : last playlist loaded in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-139679810-1303746373-1002453074-1006\software\microsoft\microsoft management console\recent file list
Des-c-r-i-p-tion : list of recent snap-ins used in the microsoft management console


MRU List Object Recognized!
Location: : S-1-5-21-139679810-1303746373-1002453074-1006\software\microsoft\search assistant\acmru
Des-c-r-i-p-tion : list of recent search terms used with the search assistant


MRU List Object Recognized!
Location: : S-1-5-21-139679810-1303746373-1002453074-1006\software\microsoft\windows\currentversion\applets\regedit
Des-c-r-i-p-tion : last key accessed using the microsoft registry editor


MRU List Object Recognized!
Location: : S-1-5-21-139679810-1303746373-1002453074-1006\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Des-c-r-i-p-tion : list of recent programs opened


MRU List Object Recognized!
Location: : S-1-5-21-139679810-1303746373-1002453074-1006\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Des-c-r-i-p-tion : list of recently saved files, stored according to file extension


MRU List Object Recognized!
Location: : S-1-5-21-139679810-1303746373-1002453074-1006\software\microsoft\windows\currentversion\explorer\recentdocs
Des-c-r-i-p-tion : list of recent documents opened


MRU List Object Recognized!
Location: : S-1-5-21-139679810-1303746373-1002453074-1006\software\microsoft\windows\currentversion\explorer\runmru
Des-c-r-i-p-tion : mru list for items opened in start | run


MRU List Object Recognized!
Location: : software\musicmatch\musicmatch jukebox\4.0\fileconv
Des-c-r-i-p-tion : file conversion location settings in musicmatch jukebox


MRU List Object Recognized!
Location: : software\musicmatch\musicmatch jukebox\4.0\mmradio
Des-c-r-i-p-tion : information on the last station listened to using musicmatch radio


MRU List Object Recognized!
Location: : S-1-5-21-139679810-1303746373-1002453074-1006\software\realnetworks\realplayer\6.0\preferences
Des-c-r-i-p-tion : list of recent skins in realplayer


MRU List Object Recognized!
Location: : S-1-5-21-139679810-1303746373-1002453074-1006\software\realnetworks\realplayer\6.0\preferences
Des-c-r-i-p-tion : list of recent clips in realplayer


MRU List Object Recognized!
Location: : S-1-5-21-139679810-1303746373-1002453074-1006\software\realnetworks\realplayer\6.0\preferences
Des-c-r-i-p-tion : last login time in realplayer


MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows media\wmsdk\general
Des-c-r-i-p-tion : windows media sdk


MRU List Object Recognized!
Location: : S-1-5-18\software\microsoft\windows media\wmsdk\general
Des-c-r-i-p-tion : windows media sdk


MRU List Object Recognized!
Location: : S-1-5-21-139679810-1303746373-1002453074-1006\software\microsoft\windows media\wmsdk\general
Des-c-r-i-p-tion : windows media sdk


Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 696
ThreadCreationTime : 5-26-2008 9:35:42 AM
BasePriority : Normal


#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 756
ThreadCreationTime : 5-26-2008 9:35:44 AM
BasePriority : Normal


#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 780
ThreadCreationTime : 5-26-2008 9:35:45 AM
BasePriority : High


#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 832
ThreadCreationTime : 5-26-2008 9:35:45 AM
BasePriority : Normal
FileVersion : 5.1.2600.5512 (xpsp.080413-2111)
ProductVersion : 5.1.2600.5512
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDes-c-r-i-p-tion : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 844
ThreadCreationTime : 5-26-2008 9:35:45 AM
BasePriority : Normal
FileVersion : 5.1.2600.5512 (xpsp.080413-2113)
ProductVersion : 5.1.2600.5512
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDes-c-r-i-p-tion : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1032
ThreadCreationTime : 5-26-2008 9:35:46 AM
BasePriority : Normal
FileVersion : 5.1.2600.5512 (xpsp.080413-2111)
ProductVersion : 5.1.2600.5512
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDes-c-r-i-p-tion : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1104
ThreadCreationTime : 5-26-2008 9:35:47 AM
BasePriority : Normal
FileVersion : 5.1.2600.5512 (xpsp.080413-2111)
ProductVersion : 5.1.2600.5512
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDes-c-r-i-p-tion : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1236
ThreadCreationTime : 5-26-2008 9:35:49 AM
BasePriority : Normal
FileVersion : 5.1.2600.5512 (xpsp.080413-2111)
ProductVersion : 5.1.2600.5512
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDes-c-r-i-p-tion : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1308
ThreadCreationTime : 5-26-2008 9:35:49 AM
BasePriority : Normal
FileVersion : 5.1.2600.5512 (xpsp.080413-2111)
ProductVersion : 5.1.2600.5512
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDes-c-r-i-p-tion : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1444
ThreadCreationTime : 5-26-2008 9:35:49 AM
BasePriority : Normal
FileVersion : 5.1.2600.5512 (xpsp.080413-2111)
ProductVersion : 5.1.2600.5512
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDes-c-r-i-p-tion : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:11 [ccsetmgr.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 1536
ThreadCreationTime : 5-26-2008 9:35:51 AM
BasePriority : Normal
FileVersion : 103.0.3.8
ProductVersion : 103.0.3.8
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDes-c-r-i-p-tion : Symantec Settings Manager Service
InternalName : ccSetMgr
LegalCopyright : Copyright (c) 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccSetMgr.exe

#:12 [ccevtmgr.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 1580
ThreadCreationTime : 5-26-2008 9:35:52 AM
BasePriority : Normal
FileVersion : 103.0.3.8
ProductVersion : 103.0.3.8
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDes-c-r-i-p-tion : Symantec Event Manager Service
InternalName : ccEvtMgr
LegalCopyright : Copyright (c) 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccEvtMgr.exe

#:13 [wltrysvc.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1680
ThreadCreationTime : 5-26-2008 9:35:53 AM
BasePriority : Normal


#:14 [bcmwltry.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1692
ThreadCreationTime : 5-26-2008 9:35:53 AM
BasePriority : Normal
FileVersion : 4.100.15.8
ProductVersion : 4.100.15.8
ProductName : Dell Wireless WLAN Card Wireless Network Controller
CompanyName : Dell Inc.
FileDes-c-r-i-p-tion : Dell Wireless WLAN Card Wireless Network Controller
InternalName : bcmwltry.exe
LegalCopyright : 1998-2006, Dell Inc. All Rights Reserved.
OriginalFilename : bcmwltry.exe

#:15 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1736
ThreadCreationTime : 5-26-2008 9:35:53 AM
BasePriority : Normal
FileVersion : 5.1.2600.5512 (xpsp.080413-0852)
ProductVersion : 5.1.2600.5512
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDes-c-r-i-p-tion : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:16 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 564
ThreadCreationTime : 5-26-2008 9:35:58 AM
BasePriority : Normal
FileVersion : 6.00.2900.5512 (xpsp.080413-2105)
ProductVersion : 6.00.2900.5512
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDes-c-r-i-p-tion : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

#:17 [hkcmd.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1848
ThreadCreationTime : 5-26-2008 9:36:03 AM
BasePriority : Normal
FileVersion : 3.0.0.4446
ProductVersion : 7.0.0.4446
ProductName : Intel(R) Common User Interface
CompanyName : Intel Corporation
FileDes-c-r-i-p-tion : hkcmd Module
InternalName : HKCMD
LegalCopyright : Copyright 1999-2004, Intel Corporation
OriginalFilename : HKCMD.EXE

#:18 [igfxpers.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1880
ThreadCreationTime : 5-26-2008 9:36:03 AM
BasePriority : Normal
FileVersion : 3.0.0.4446
ProductVersion : 7.0.0.4446
ProductName : Intel(R) Common User Interface
CompanyName : Intel Corporation
FileDes-c-r-i-p-tion : persistence Module
InternalName : PERSISTENCE
LegalCopyright : Copyright 1999-2004, Intel Corporation
OriginalFilename : IGFXPERS.EXE

#:19 [igfxsrvc.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1952
ThreadCreationTime : 5-26-2008 9:36:04 AM
BasePriority : Normal
FileVersion : 3.0.0.4446
ProductVersion : 7.0.0.4446
ProductName : Intel(R) Common User Interface
CompanyName : Intel Corporation
FileDes-c-r-i-p-tion : igfxsrvc Module
InternalName : IGFXSRVC
LegalCopyright : Copyright 1999-2004, Intel Corporation
OriginalFilename : IGFXSRVC.EXE

#:20 [wltray.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 892
ThreadCreationTime : 5-26-2008 9:36:04 AM
BasePriority : Normal
FileVersion : 4.100.15.8
ProductVersion : 4.100.15.8
ProductName : Dell Wireless WLAN Card Wireless Network Tray Applet
CompanyName : Dell Inc.
FileDes-c-r-i-p-tion : Dell Wireless WLAN Card Wireless Network Tray Applet
InternalName : wltray.exe
LegalCopyright : 1998-2006, Dell Inc. All Rights Reserved.
OriginalFilename : wltray.exe

#:21 [stsystra.exe]
FilePath : C:\WINDOWS\
ProcessID : 2044
ThreadCreationTime : 5-26-2008 9:36:04 AM
BasePriority : Normal
FileVersion : 1.0.4995.1 nd446 cp1
ProductVersion : 1.0.4995.1 nd446 cp1
ProductName : C-Major Audio
CompanyName : SigmaTel, Inc.
FileDes-c-r-i-p-tion : Sigmatel Audio system tray application
InternalName : stsystray.exe
LegalCopyright : Copyright (c) 2004-2005, SigmaTel, Inc.
OriginalFilename : stsystray.exe

#:22 [quickset.exe]
FilePath : C:\Program Files\Dell\QuickSet\
ProcessID : 508
ThreadCreationTime : 5-26-2008 9:36:06 AM
BasePriority : Normal
FileVersion : 8, 1, 10, 0
ProductVersion : 8, 1, 10, 0
ProductName : QuickSet
CompanyName : Dell Inc
FileDes-c-r-i-p-tion : QuickSet
InternalName : QuickSet
OriginalFilename : Quickset.exe

#:23 [jusched.exe]
FilePath : C:\Program Files\Java\jre1.6.0_05\bin\
ProcessID : 676
ThreadCreationTime : 5-26-2008 9:36:07 AM
BasePriority : Normal


#:24 [issch.exe]
FilePath : C:\Program Files\Common Files\InstallShield\UpdateService\
ProcessID : 1192
ThreadCreationTime : 5-26-2008 9:36:08 AM
BasePriority : Normal
FileVersion : 4, 50, 100, 33433
ProductVersion : 4, 50
ProductName : InstallShield Update Service
CompanyName : InstallShield Software Corporation
FileDes-c-r-i-p-tion : InstallShield Update Service Scheduler
InternalName : Scheduler
LegalCopyright : Copyright (C) 1990-2004 InstallShield Software Corporation
OriginalFilename : issch.exe

#:25 [aolacsd.exe]
FilePath : C:\PROGRA~1\COMMON~1\AOL\ACS\
ProcessID : 1364
ThreadCreationTime : 5-26-2008 9:36:08 AM
BasePriority : Normal


#:26 [syntpenh.exe]
FilePath : C:\Program Files\Synaptics\SynTP\
ProcessID : 1384
ThreadCreationTime : 5-26-2008 9:36:09 AM
BasePriority : Normal
FileVersion : 8.2.4.6 08Mar06
ProductVersion : 8.2.4.6 08Mar06
ProductName : Synaptics Pointing Device Driver
CompanyName : Synaptics, Inc.
FileDes-c-r-i-p-tion : Synaptics TouchPad Enhancements
InternalName : Synaptics Enhancements Application
LegalCopyright : Copyright (C) Synaptics, Inc. 1996-2005
OriginalFilename : SynTPEnh.exe

#:27 [pcmservice.exe]
FilePath : C:\Program Files\Dell\MediaDirect\
ProcessID : 1124
ThreadCreationTime : 5-26-2008 9:36:09 AM
BasePriority : Normal
FileVersion : 4, 5, 0, 0
ProductVersion : 4, 5, 0, 0
ProductName : Cyberlink PowerCinema
CompanyName : CyberLink Corp.
FileDes-c-r-i-p-tion : CyberLink PowerCinema Resident Program
InternalName : CyberLink PowerCinema Resident Program
LegalCopyright : Copyright (c) 2005 CyberLink Corp.
OriginalFilename : PCMService.exe

#:28 [sprtcmd.exe]
FilePath : C:\Program Files\Dell Support Center\bin\
ProcessID : 1524
ThreadCreationTime : 5-26-2008 9:36:10 AM
BasePriority : Normal
FileVersion : 7.0.585.0
ProductVersion : 7.0.585.0
ProductName : SupportSoft sprtcmd
CompanyName : SupportSoft, Inc.
LegalCopyright : Copyright 1997-2007 SupportSoft

#:29 [avgwdsvc.exe]
FilePath : C:\PROGRA~1\AVG\AVG8\
ProcessID : 1548
ThreadCreationTime : 5-26-2008 9:36:10 AM
BasePriority : Normal


#:30 [searchprotection.exe]
FilePath : C:\Program Files\Yahoo!\Search Protection\
ProcessID : 1376
ThreadCreationTime : 5-26-2008 9:36:10 AM
BasePriority : Normal
FileVersion : 2008, 1, 10, 1
ProductVersion : 1, 2, 5, 0
ProductName : Search Protection
CompanyName : Yahoo! Inc.
FileDes-c-r-i-p-tion : Yahoo! Application
InternalName : Y! SP
LegalCopyright : Yahoo! Copyright (C) 2006-2007
OriginalFilename : ysp.exe
Comments : Search Protection

#:31 [realsched.exe]
FilePath : C:\Program Files\Common Files\Real\Update_OB\
ProcessID : 1792
ThreadCreationTime : 5-26-2008 9:36:10 AM
BasePriority : Normal
FileVersion : 0.1.1.45
ProductVersion : 0.1.1.45
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDes-c-r-i-p-tion : RealNetworks Scheduler
InternalName : schedapp
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2007
LegalTrademarks : RealAudio(tm) is a trademark of RealNetworks, Inc.
OriginalFilename : realsched.exe

#:32 [avgtray.exe]
FilePath : C:\PROGRA~1\AVG\AVG8\
ProcessID : 548
ThreadCreationTime : 5-26-2008 9:36:11 AM
BasePriority : Normal
FileVersion : 8.0.0.88
ProductVersion : 8.0.0.88
ProductName : AVG Internet Security
CompanyName : AVG Technologies CZ, s.r.o.
FileDes-c-r-i-p-tion : AVG Tray Monitor
InternalName : avgtray
LegalCopyright : Copyright © 2008 AVG Technologies CZ, s.r.o.
OriginalFilename : avgtray.exe

#:33 [dsagnt.exe]
FilePath : C:\Program Files\DellSupport\
ProcessID : 1860
ThreadCreationTime : 5-26-2008 9:36:13 AM
BasePriority : Below Normal
FileVersion : 3, 0, 0, 197
ProductVersion : 3, 0, 0, 197
ProductName : Dell Support
CompanyName : Gteko Ltd.
FileDes-c-r-i-p-tion : Dell Support
InternalName : AUAgent
LegalCopyright : Copyright (C) 2000 - 2007 Gteko Ltd.
OriginalFilename : AUAgent.exe

#:34 [ctfmon.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1932
ThreadCreationTime : 5-26-2008 9:36:13 AM
BasePriority : Normal
FileVersion : 5.1.2600.5512 (xpsp.080413-2105)
ProductVersion : 5.1.2600.5512
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDes-c-r-i-p-tion : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:35 [gearsec.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 108
ThreadCreationTime : 5-26-2008 9:36:16 AM
BasePriority : Normal
FileVersion : 1, 0, 0, 6
ProductVersion : 1, 0, 0, 6
ProductName : gearsec
CompanyName : GEAR Software
FileDes-c-r-i-p-tion : gearsec
InternalName : gearsec
LegalCopyright : Copyright © 2001-2003 GEAR Software
OriginalFilename : gearsec.exe

#:36 [vprosvc.exe]
FilePath : C:\Program Files\Norton Ghost\Agent\
ProcessID : 1120
ThreadCreationTime : 5-26-2008 9:36:16 AM
BasePriority : Normal
FileVersion : 10.0.1.9528
ProductVersion : 10.01
ProductName : Norton Ghost
CompanyName : Symantec Corporation
FileDes-c-r-i-p-tion : Service Module
InternalName : VProSvc
LegalCopyright : Copyright © 1994-2005 Symantec Corporation. All rights reserved.
OriginalFilename : VProSvc.exe

#:37 [sprtsvc.exe]
FilePath : C:\Program Files\Dell Support Center\bin\
ProcessID : 1040
ThreadCreationTime : 5-26-2008 9:36:17 AM
BasePriority : Normal
FileVersion : 7.0.585.0
ProductVersion : 7.0.585.0
ProductName : SupportSoft sprtsvc
CompanyName : SupportSoft, Inc.
FileDes-c-r-i-p-tion : SupportSoft Agent Service
LegalCopyright : Copyright 1997-2007 SupportSoft

#:38 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1200
ThreadCreationTime : 5-26-2008 9:36:17 AM
BasePriority : Normal
FileVersion : 5.1.2600.5512 (xpsp.080413-2111)
ProductVersion : 5.1.2600.5512
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDes-c-r-i-p-tion : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:39 [edict.exe]
FilePath : C:\Program Files\Microsoft Student\Microsoft Student 2006 - DVD\
ProcessID : 2188
ThreadCreationTime : 5-26-2008 9:36:18 AM
BasePriority : Normal
FileVersion : 15.0.0.0603
ProductVersion : 15.0.0.0603
ProductName : Microsoft Encarta Dictionary Tools
CompanyName : Microsoft Corporation
FileDes-c-r-i-p-tion : Microsoft Encarta Dictionary Tools
InternalName : EDICT.EXE
LegalCopyright : Copyright © 2002-2005 Microsoft Corp.
LegalTrademarks : Microsoft ® is a registered trademark of Microsoft Corporation.
OriginalFilename : EDICT.EXE

#:40 [superantispyware.exe]
FilePath : C:\Program Files\SUPERAntiSpyware\
ProcessID : 2432
ThreadCreationTime : 5-26-2008 9:36:20 AM
BasePriority : Normal
FileVersion : 4, 1, 0, 1046
ProductVersion : 4, 1, 0, 1046
ProductName : SUPERAntiSpyware
CompanyName : SUPERAntiSpyware.com
FileDes-c-r-i-p-tion : SUPERAntiSpyware
InternalName : SUPERAntiSpyware
LegalCopyright : Copyright (C) 2005-2008 by SUPERAntiSpyware.com and SUPERAdBlocker.com
OriginalFilename : SUPERAntiSpyware.exe

#:41 [symlcsvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\CCPD-LC\
ProcessID : 2560
ThreadCreationTime : 5-26-2008 9:36:20 AM
BasePriority : Normal
FileVersion : 1, 8, 54, 534
ProductVersion : 1, 8, 54, 534
ProductName : Symantec Core Component
CompanyName : Symantec Corporation
FileDes-c-r-i-p-tion : Symantec Core Component
InternalName : symlcsvc
LegalCopyright : Copyright (C) 2003
OriginalFilename : symlcsvc.exe

#:42 [avgam.exe]
FilePath : C:\PROGRA~1\AVG\AVG8\
ProcessID : 3616
ThreadCreationTime : 5-26-2008 9:36:28 AM
BasePriority : Normal
FileVersion : 8.0.0.80
ProductVersion : 8.0.0.80
ProductName : AVG Internet Security
CompanyName : AVG Technologies CZ, s.r.o.
FileDes-c-r-i-p-tion : AVG Alert Manager
InternalName : avgam.exe
LegalCopyright : Copyright © 2008 AVG Technologies CZ, s.r.o.
OriginalFilename : avgam.exe

#:43 [avgrsx.exe]
FilePath : C:\PROGRA~1\AVG\AVG8\
ProcessID : 216
ThreadCreationTime : 5-26-2008 9:36:31 AM
BasePriority : Normal


#:44 [avgnsx.exe]
FilePath : C:\PROGRA~1\AVG\AVG8\
ProcessID : 748
ThreadCreationTime : 5-26-2008 9:36:35 AM
BasePriority : Normal


#:45 [avgemc.exe]
FilePath : C:\PROGRA~1\AVG\AVG8\
ProcessID : 2332
ThreadCreationTime : 5-26-2008 9:36:56 AM
BasePriority : Normal
FileVersion : 8.0.0.80
ProductVersion : 8.0.0.80
ProductName : AVG Internet Security
CompanyName : AVG Technologies CZ, s.r.o.
FileDes-c-r-i-p-tion : AVG E-Mail Scanner
InternalName : avgemc
LegalCopyright : Copyright © 2008 AVG Technologies CZ, s.r.o.
OriginalFilename : avgemc.exe

#:46 [ymsgr_tray.exe]
FilePath : C:\PROGRA~1\Yahoo!\MESSEN~1\
ProcessID : 2408
ThreadCreationTime : 5-26-2008 9:36:57 AM
BasePriority : Normal
FileVersion : 8,1,0,0
ProductVersion : 8,1,0,0
ProductName : Yahoo! Messenger
CompanyName : Yahoo! Inc.
FileDes-c-r-i-p-tion : Yahoo! Messenger Tray
LegalCopyright : (c) 1998-2007 Yahoo! Inc. All rights reserved.

#:47 [wmiprvse.exe]
FilePath : C:\WINDOWS\system32\wbem\
ProcessID : 2492
ThreadCreationTime : 5-26-2008 9:36:57 AM
BasePriority : Normal
FileVersion : 5.1.2600.5512 (xpsp.080413-2108)
ProductVersion : 5.1.2600.5512
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDes-c-r-i-p-tion : WMI
InternalName : Wmiprvse.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : Wmiprvse.exe

#:48 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 3936
ThreadCreationTime : 5-26-2008 9:37:13 AM
BasePriority : Normal
FileVersion : 5.1.2600.5512 (xpsp.080413-0852)
ProductVersion : 5.1.2600.5512
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDes-c-r-i-p-tion : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe

#:49 [iexplore.exe]
FilePath : C:\Program Files\Internet Explorer\
ProcessID : 2652
ThreadCreationTime : 5-26-2008 9:41:46 AM
BasePriority : Normal
FileVersion : 7.00.6000.16640 (vista_gdr.080213-1606)
ProductVersion : 7.00.6000.16640
ProductName : Windows® Internet Explorer
CompanyName : Microsoft Corporation
FileDes-c-r-i-p-tion : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : IEXPLORE.EXE

#:50 [aavgapi.exe]
FilePath : C:\PROGRA~1\AVG\AVG8\
ProcessID : 520
ThreadCreationTime : 5-26-2008 9:41:51 AM
BasePriority : Normal
FileVersion : 2.0.0.14
ProductVersion : 2.0

#:51 [pando.exe]
FilePath : C:\Program Files\Pando Networks\Pando\
ProcessID : 236
ThreadCreationTime : 5-26-2008 9:41:55 AM
BasePriority : Normal
FileVersion : 1,9,5,3
ProductVersion : 1,9,5,3
ProductName : pando
CompanyName : Pando Networks
FileDes-c-r-i-p-tion : pando
InternalName : pando
LegalCopyright : Copyright Pando Networks 2005, 2006, 2007
LegalTrademarks : Pando Networks
OriginalFilename : pando.exe
Comments : http://www.pando.com

#:52 [wlloginproxy.exe]
FilePath : C:\Program Files\Common Files\Microsoft Shared\Windows Live\
ProcessID : 2080
ThreadCreationTime : 5-26-2008 9:42:16 AM
BasePriority : Normal
FileVersion : 4.100.313.1
ProductVersion : 4.100.313.1
ProductName : Microsoft® Windows Live Login Helper
CompanyName : Microsoft Corporation
FileDes-c-r-i-p-tion : WLLoginProxy.exe
InternalName : WLLoginProxy
LegalCopyright : Copyright © 1995-2006 Microsoft Corporation.
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation.
OriginalFilename : WLLoginProxy.exe

#:53 [winword.exe]
FilePath : C:\Program Files\Microsoft Office\Office12\
ProcessID : 1892
ThreadCreationTime : 5-26-2008 9:44:24 AM
BasePriority : Normal


#:54 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
ProcessID : 3896
ThreadCreationTime : 5-26-2008 11:05:42 AM
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDes-c-r-i-p-tion : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 37


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Adware.BHO(generic) Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{831cbac4-8283-4653-9d81-feb9f3f6e47c}

Adware.BHO(generic) Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{831cbac2-8283-4653-9d81-feb9f3f6e47c}

Adware.BHO(generic) Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\{86a44ef7-78fc-4e18-a564-b18f806f7f56}

Adware.BHO(generic) Object Recognized!
Type : RegValue
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\{86a44ef7-78fc-4e18-a564-b18f806f7f56}
Value : UninstallString

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 4
Objects found so far: 41


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 41


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : joel@tradedoubler[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:joel@tradedoubler.com/
Expires : 5-21-2028 3:52:26 AM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : joel@pandasoftware.112.2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:joel@pandasoftware.112.2o7.net/
Expires : 5-25-2013 3:43:14 AM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : joel@statcounter[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:joel@statcounter.com/
Expires : 5-25-2013 1:45:26 AM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 3
Objects found so far: 44



Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 44


Deep scanning and examining files (D:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for D:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 44


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 44




Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Adware.BHO(generic) Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : activationmanager.activationmanager

Adware.BHO(generic) Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : activationmanager.activationmanager.1

Adware.BHO(generic) Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\activationmanager

Adware.BHO(generic) Object Recognized!
Type : RegValue
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\activationmanager
Value : dig7

Adware.BHO(generic) Object Recognized!
Type : RegValue
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\activationmanager
Value : dig8

Adware.BHO(generic) Object Recognized!
Type : RegValue
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\activationmanager
Value : dig19

Adware.BHO(generic) Object Recognized!
Type : RegValue
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\activationmanager
Value : dig29

Adware.BHO(generic) Object Recognized!
Type : RegValue
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\activationmanager
Value : dig30

Adware.BHO(generic) Object Recognized!
Type : RegValue
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\activationmanager
Value : dig28

Adware.BHO(generic) Object Recognized!
Type : RegValue
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\activationmanager
Value : str0

Adware.BHO(generic) Object Recognized!
Type : RegValue
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\activationmanager
Value : str19

Adware.BHO(generic) Object Recognized!
Type : RegValue
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\activationmanager
Value : dig13

Adware.BHO(generic) Object Recognized!
Type : RegValue
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\activationmanager
Value : str128

Adware.BHO(generic) Object Recognized!
Type : RegValue
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\activationmanager
Value : dig12

Adware.BHO(generic) Object Recognized!
Type : Folder
TAC Rating : 3
Category : Adware
Comment : Adware.BHO(generic)
Object : C:\Program Files\ActivationManager

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 15
Objects found so far: 59

5:43:20 AM Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:36:09.750
Objects scanned:345143
Objects identified:22
Objects ignored:0
New critical objects:22

4) con HijackThis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:13:34 AM, on 5/26/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\System32\GEARSec.exe
C:\Program Files\Norton Ghost\Agent\VProSvc.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2R1.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft Student\Microsoft Student 2006 - DVD\EDICT.EXE
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
c:\program files\common files\installshield\updateservice\isuspm.exe
C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgfws8.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://us.mcafee.com/apps/mpfplus/en-us/redir.asp?affid=105-73&installtype=force&dtag=f2wwlb1&langid=1&systempopup=true
R3 - URLSearchHook: Barra Yahoo! - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Aplicación auxiliar de vínculos de Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: CInterceptor Object - {38D3FE60-3D53-4F37-BB0E-C7A97A26A156} - C:\Program Files\Pando Networks\Pando\PandoIEPlugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Complemento del Asistente para Internet de Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
O2 - BHO: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~1\TEXTware\QUICKF~1\PlugIns\IEHelp.dll (file missing)
O3 - Toolbar: Barra Yahoo! - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Asistente para Internet de Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [EPSON Stylus C86 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2R1.EXE /P23 "EPSON Stylus C86 Series" /O6 "USB001" /M "Stylus C86"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "c:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run
tordanxa

Re: Sobre sws antispyware 2007 y ventanas emergentes (Solucionado) - 2008-05-26 17:16 - Respuesta 5

El log del hijackthis está a mitad. Por favor ponlo completo
Página:1 Siguiente

Respuestas relacionadas:

Ventanas emergentesVentanas emergentesForo
Ventanas emergentesVentanas emergentesForo
Ventanas emergentesVentanas emergentesForo
Ventanas emergentesVentanas emergentesForo
Ventanas emergentesVentanas emergentesForo
Cid ventanas emergentesCid ventanas emergentesForo
Ventanas emergentesVentanas emergentesForo
Ventanas emergentesVentanas emergentesForo
Ventanas emergentesVentanas emergentesForo
Ventanas emergentesVentanas emergentesForo
InicioSecciones
^ SubirAviso legal
Política Privacidad
Configurarequipos22 Noviembre 2024