|
Posted by Massimo on June 16, 2008, 10:54 pm
If you were Registered and logged in, you could reply and use other advanced thread options
Hello,
Avira found 3 hidden objects:
Starting search for hidden objects.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\CmdAgent$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123
[INFO] The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\CmdMon$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123
[INFO] The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Inspect$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123
[INFO] The registry entry is invisible.
'40452' objects were checked, '3' hidden objects were found
I have no idea if these objects could be dangerous or not. Will you
guys please take a look at them and comment on them?
And how can *I* myself recognize if hidden objects are dangerous or
not?
Thanks,
Massimo
|
|
Posted by jen on June 17, 2008, 9:21 am
If you were Registered and logged in, you could reply and use other advanced thread options
> Hello,
> Avira found 3 hidden objects:
> Starting search for hidden objects.
>
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\CmdAgent$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123
> [INFO] The registry entry is invisible.
>
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\CmdMon$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123
> [INFO] The registry entry is invisible.
>
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Inspect$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123
> [INFO] The registry entry is invisible.
> '40452' objects were checked, '3' hidden objects were found
>
> I have no idea if these objects could be dangerous or not. Will you
> guys please take a look at them and comment on them?
> And how can *I* myself recognize if hidden objects are dangerous or
> not?
You have installed XPSP3, right? See here for the issue:
http://forum.avira.com/wbb/index.php?page=Thread&threadID=68557
Also see here for a tool to clean it up:
If you just launch this tool normally (e.g. by double-clicking on its
icon after download) then the tool will only clean up known
Symantec/Norton areas of the Windows Registry. However, if you launch
the tool from a Command Prompt window and add the parameter /override
then the tool will clean up all of the "CurrentControlSet" area of the
Registry, including areas relevant to other anti-malware vendors. For
instance, if the Command Prompt window is open with the current
directory being the one in which SymRegFix was downlaoded into, then
just type:
symregfix /override
So it appears that this tool can be used as a general clean-up tool
after misoperation of the fixccs.exe component of SP3, regardless of
which anti-malware product provoked fixccs.exe into producing all the
garbage registry entries.
http://forums.microsoft.com/TechNet/ShowPost.aspx?PostID=3449197&SiteID=17
-jen
|
|
Posted by Massimo on June 17, 2008, 9:30 pm
If you were Registered and logged in, you could reply and use other advanced thread options
>> Hello,
>> Avira found 3 hidden objects:
>> Starting search for hidden objects.
>>
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\CmdAgent$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123
>> [INFO] The registry entry is invisible.
>>
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\CmdMon$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123
>> [INFO] The registry entry is invisible.
>>
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Inspect$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123
>> [INFO] The registry entry is invisible.
>> '40452' objects were checked, '3' hidden objects were found
>>
>> I have no idea if these objects could be dangerous or not. Will you
>> guys please take a look at them and comment on them?
>> And how can *I* myself recognize if hidden objects are dangerous or
>> not?
>
>You have installed XPSP3, right? See here for the issue:
>http://forum.avira.com/wbb/index.php?page=Thread&threadID=68557
>
Yes, on this computer I have installed sp3 :-)
When following the above url, I read the message on the forum and that
person there also used Comodo v.2.4. It is still unclear to me if the
hidden entries are connected to the use of Comodo 2.4, a flaw of sp3
of if there is another cause.
But I am studying on it...
>Also see here for a tool to clean it up:
>If you just launch this tool normally (e.g. by double-clicking on its
>icon after download) then the tool will only clean up known
>Symantec/Norton areas of the Windows Registry. However, if you launch
>the tool from a Command Prompt window and add the parameter /override
>then the tool will clean up all of the "CurrentControlSet" area of the
>Registry, including areas relevant to other anti-malware vendors. For
>instance, if the Command Prompt window is open with the current
>directory being the one in which SymRegFix was downlaoded into, then
>just type:
>
>symregfix /override
>
>So it appears that this tool can be used as a general clean-up tool
>after misoperation of the fixccs.exe component of SP3, regardless of
>which anti-malware product provoked fixccs.exe into producing all the
>garbage registry entries.
I will use symregfix anyway...
>http://forums.microsoft.com/TechNet/ShowPost.aspx?PostID=3449197&SiteID=17
>
>-jen
>
Thanks and regards,
Massimo
|
| Similar Threads | Posted | | Why doesn't Avira find hidden files anymore? | July 7, 2008, 3:24 am |
| 2 small questions about Avira logfile | April 8, 2008, 3:20 pm |
| m.r.u. objects | May 23, 2008, 9:12 am |
| Hidden folders, files | April 5, 2007, 11:19 am |
| Slacker Virus in PowerPoint files (embedded Excel objects) | July 20, 2008, 1:39 pm |
| WinXP, trojan hidden startup locations??? | April 10, 2007, 8:47 am |
| HELP BACKLIGHT DETECT STRANGE HIDDEN FILE(SEVERE WINDOWS 2000 INFECTION) | February 2, 2007, 3:17 am |
| Kapersky Finds The Following | March 30, 2006, 12:31 am |
| NAV 2007 Finds 7 Cookies | December 30, 2006, 12:38 am |
| The Cleaner finds RAS trojans, I can't find them on harddrive | November 19, 2007, 2:52 am |
|
XML site map