NEWS
PARASITES
SOFTWARE
FORUM
DIRECTORY

 
 
 
 
 
 
  
February 13, 2012, 02:27:31 PM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: SMF - Just Installed!
 
   Home   Help Search Login Register  

Zlob HELP PLEASE!


AddThis Social Bookmark Button AddThis Feed Button
Pages: [1]
« previous next »
  Print  
Author Topic: Zlob HELP PLEASE!  (Read 2324 times)
fatandy
Newbie
*
Posts: 6


View Profile
« on: February 20, 2007, 03:49:23 PM »
Hey my brother seemed to have picked quite the nasty virus on my computer yesterday.  I ran AVG 7.5, SpyBot S&D, Adaware SE Pro and Norton AV (all fully updated) in safe mode and when I restarted all kinds of strange things were happening that didn't before, plus there was a very noticeable performance decrease on my system.  Takes about 10 mins to boot up and when im actually in windows trying to do stuff it takes much MUCH longer than it should.  When i ran all those checks in safe mode it appeared to clean everything, then when i rebooted i noticed things were not ok, booted back in safe mode to see if anything popped up on the scans again and nothing.  All the programs picked up nothing.  So here i am scratching my head.  Anyway I got hijack this ran it and here is the log file:

Logfile of HijackThis v1.99.1
Scan saved at 2:49:34 PM, on 20/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\ScsiAccess.EXE
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Documents and Settings\andy\Desktop\HijackThis.exe

F2 - REG:system.ini: Shell=
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FE2FA3FE-BF09-26EC-0A72-04AA11805E02} - C:\DOCUME~1\andy\APPLIC~1\MAPICI~1\Theexit.exe (file missing)
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe"  -lang 1033
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SNM] C:\Program Files\SpyNoMore\SNM.exe /startup
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://rigs.precisiondrilling.com/mgaxctrl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1121313746812
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O20 - AppInit_DLLs: MsgPlusLoader.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: eitheror - {2016a466-91a2-43c6-97d8-2fd380f065ef} - C:\WINDOWS\system32\higehsg.dll (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\system32\ScsiAccess.EXE
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

Any help will be greatly appreciated

Thanks

Andy
Logged
Guest
Guest
« Reply #1 on: February 20, 2007, 03:49:27 PM »
Hello, visitor!

The Hijack This log analyzer has analyzed your log. Please take a closer look on the results.

Your log does not indicate any spyware or virus infection. However, there are some entries that you might want to fix. Please follow the steps below.

The following entries are not malicious, but some of them are not used anymore. You may use HijackThis to fix a few of them. However, please keep in mind that some of the entries marked as Questionable or Not Needed are fully legitimate and might be required by installed software to work properly, while some others might be related to certain parasites. It is up to you to decide whether you need any of them, or not.
O2 - BHO: (no name) - {FE2FA3FE-BF09-26EC-0A72-04AA11805E02} - C:\DOCUME~1\andy\APPLIC~1\MAPICI~1\Theexit.exe (file missing)
O9 - Extra ''Tools'' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://rigs.precisiondrilling.com/mgaxctrl.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O21 - SSODL: eitheror - {2016a466-91a2-43c6-97d8-2fd380f065ef} - C:\WINDOWS\system32\higehsg.dll (file missing)


The following files and Windows registry entries are marked as "unknown". Currently, the HijackThis Log Analyzer cannot provide required information on these items. The files and entries in the list below can be both malicious and fully legitimate. Because of this, please do not take any action! Wait for the forum responders or other forum users to provide you with necessary details and further instructions.
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

If you want to see more detailed analysis of your log, click here.

Thank you for using the 2-Spyware.com HijackThis log analyzer beta 2!
Logged
GTO
Global Moderator
Newbie
*****
Posts: 1519



View Profile
« Reply #2 on: February 21, 2007, 01:35:56 AM »
Hi fatandy

Use HijackThis to fix the following entries:
F2 - REG:system.ini: Shell=
O2 - BHO: (no name) - {FE2FA3FE-BF09-26EC-0A72-04AA11805E02} - C:\DOCUME~1\andy\APPLIC~1\MAPICI~1\Theexit.exe (file missing)
O21 - SSODL: eitheror - {2016a466-91a2-43c6-97d8-2fd380f065ef} - C:\WINDOWS\system32\higehsg.dll (file missing)

Everything else looks clean.

Quote
when I restarted all kinds of strange things were happening that didn't before
Please provide more details.

As for performance decrease, try this: disconnect your computer from the Internet, disable Norton AntiVirus and reboot. Would your system run much faster?
Logged
fatandy
Newbie
*
Posts: 6


View Profile
« Reply #3 on: February 21, 2007, 05:55:06 PM »
ok did all that and its still really slow.  The strange things that are happening on my system are:

1) My norton AV all of a sudden doesnt work (and when i tryed to remove it i get all kinds of errors)
2) The background i had before somehow disappeared
I3) Internet is REALLY slow both starting a firefox session and browsing
4) Takes about 10 mins to boot computer and get to the point in windows where i can actually use my computer.
5) command prompt also mysteriously disabled.  When i try to use it it says it was disabled by the administrator
6) When I restart and first get into windows i get 5 windows open with ACProtect and an "ok" button.  Dont know what that is.

dont know if any of this helps you
Logged
GTO
Global Moderator
Newbie
*****
Posts: 1519



View Profile
« Reply #4 on: February 22, 2007, 01:00:31 AM »
Hi fatandy

Download the free version of SUPERAntiSpyware. Install the program, update its definitions and run a complete system scan.
Logged
fatandy
Newbie
*
Posts: 6


View Profile
« Reply #5 on: February 22, 2007, 07:20:42 PM »
ok superantispyware detected:

Adware.tracking Cookie
Trojan.Media-codec

and it lookis like a restart cleaned them all up...

my computer is running faster now but when i restart im still getting command prompt popping up saying it has been disabled by the administrator
Logged
GTO
Global Moderator
Newbie
*****
Posts: 1519



View Profile
« Reply #6 on: February 23, 2007, 12:30:19 AM »
Hi fatandy

This means that your system might still be infected. I suggest downloading Spyware Doctor. It's paid, but you can always post the log here, if you don't want to purchase it. Download the program, update its definitions and run complete system scan.
Logged
fatandy
Newbie
*
Posts: 6


View Profile
« Reply #7 on: February 23, 2007, 06:11:03 PM »
Scans (basic information only):
Scan Results:
scan start:    23/02/2007 4:54:28 PM
scan stop:    23/02/2007 5:09:30 PM
scanned items:    103928
found items:    267
found and ignored:    0
tools used:    General Scanner, Process Scanner, LSP Scanner, Startup Scanner, Registry Scanner, Hosts Scanner, Browser Scanner, Browser Activity Scanner, Disk Scanner, ActiveX Scanner
         
   Infection Name    Location    Risk
   Backdoor.CIADoor.13    C:\Avenger\wsock32.sys    High
   Tracking Cookie(s)    C:\Documents and Settings\andy\Cookies\andy@atdmt[2].txt    Low
   Known Bad Sites    C:\Documents and Settings\andy\Cookies\andy@b22538.upd.trinityacquisitions[1].txt    High
   Known Bad Sites    C:\Documents and Settings\andy\Cookies\andy@b8987.upd.trinityacquisitions[1].txt    High
   Known Bad Sites    C:\Documents and Settings\andy\Cookies\andy@c14241.upd.trinityacquisitions[1].txt    High
   Known Bad Sites    C:\Documents and Settings\andy\Cookies\andy@c29598.upd.trinityacquisitions[1].txt    High
   Known Bad Sites    C:\Documents and Settings\andy\Cookies\andy@d6621.upd.maximumexperience[1].txt    High
   Known Bad Sites    C:\Documents and Settings\andy\Cookies\andy@e30814.upd.maximumexperience[1].txt    High
   Known Bad Sites    C:\Documents and Settings\andy\Cookies\andy@f22403.upd.maximumexperience[1].txt    High
   Known Bad Sites    C:\Documents and Settings\andy\Cookies\andy@i1876.upd.maximumexperience[1].txt    High
   Known Bad Sites    C:\Documents and Settings\andy\Cookies\andy@j7010.upd.maximumexperience[1].txt    High
   Tracking Cookie(s)    C:\Documents and Settings\andy\Cookies\andy@joetec[2].txt    Low
   Known Bad Sites    C:\Documents and Settings\andy\Cookies\andy@l12711.upd.trinityacquisitions[1].txt    High
   Tracking Cookie(s)    C:\Documents and Settings\andy\Cookies\andy@m.webtrends[2].txt    Low
   Known Bad Sites    C:\Documents and Settings\andy\Cookies\andy@m2105.upd.trinityacquisitions[1].txt    High
   Known Bad Sites    C:\Documents and Settings\andy\Cookies\andy@o19484.upd.trinityacquisitions[1].txt    High
   Known Bad Sites    C:\Documents and Settings\andy\Cookies\andy@o23628.upd.maximumexperience[1].txt    High
   Known Bad Sites    C:\Documents and Settings\andy\Cookies\andy@p12537.upd.trinityacquisitions[1].txt    High
   Known Bad Sites    C:\Documents and Settings\andy\Cookies\andy@p21528.upd.trinityacquisitions[1].txt    High
   Known Bad Sites    C:\Documents and Settings\andy\Cookies\andy@p29628.upd.trinityacquisitions[1].txt    High
   Known Bad Sites    C:\Documents and Settings\andy\Cookies\andy@q22335.upd.trinityacquisitions[1].txt    High
   Known Bad Sites    C:\Documents and Settings\andy\Cookies\andy@r29617.upd.trinityacquisitions[1].txt    High
   Tracking Cookie(s)    C:\Documents and Settings\andy\Cookies\andy@rn11[2].txt    Low
   Known Bad Sites    C:\Documents and Settings\andy\Cookies\andy@s17052.upd.maximumexperience[1].txt    High
   Known Bad Sites    C:\Documents and Settings\andy\Cookies\andy@s17404.upd.trinityacquisitions[1].txt    High
   Known Bad Sites    C:\Documents and Settings\andy\Cookies\andy@s20351.upd.maximumexperience[1].txt    High
   Known Bad Sites    C:\Documents and Settings\andy\Cookies\andy@t3992.upd.maximumexperience[1].txt    High
   Known Bad Sites    C:\Documents and Settings\andy\Cookies\andy@u5174.upd.trinityacquisitions[1].txt    High
   Known Bad Sites    C:\Documents and Settings\andy\Cookies\andy@u5313.upd.maximumexperience[1].txt    High
   Known Bad Sites    C:\Documents and Settings\andy\Cookies\andy@u8658.upd.maximumexperience[1].txt    High
   Known Bad Sites    C:\Documents and Settings\andy\Cookies\andy@w20745.upd.trinityacquisitions[1].txt    High
   Tracking Cookie(s)    C:\Documents and Settings\andy\Cookies\andy@www.ads.joetec[1].txt    Low
   7AdPower    C:\Documents and Settings\andy\Cookies\andy@www.advnt01[1].txt    High
   Known Bad Sites    C:\Documents and Settings\andy\Cookies\andy@y7176.upd.maximumexperience[1].txt    High
   Known Bad Sites    C:\Documents and Settings\andy\Cookies\andy@z19975.upd.trinityacquisitions[1].txt    High
   Known Bad Sites    C:\Documents and Settings\andy\Cookies\andy@z8180.upd.trinityacquisitions[1].txt    High
   All In One Keylogger    C:\Program Files\BitComet\Downloads\logger\allinone\keysetup.exe    High
   Backdoor.CIADoor.13    C:\WINDOWS\system32\ckl009.dat    High
   Tracking Cookie(s)    cookies.txt - Line #109    Low
   Tracking Cookie(s)    cookies.txt - Line #110    Low
   Tracking Cookie(s)    cookies.txt - Line #112    Low
   Tracking Cookie(s)    cookies.txt - Line #113    Low
   Advertising    cookies.txt - Line #114    Low
   Tracking Cookie(s)    cookies.txt - Line #119    Low
   Tracking Cookie(s)    cookies.txt - Line #120    Low
   Tracking Cookie(s)    cookies.txt - Line #137    Low
   Tracking Cookie(s)    cookies.txt - Line #145    Low
   Tracking Cookie(s)    cookies.txt - Line #158    Low
   Tracking Cookie(s)    cookies.txt - Line #162    Low
   Tracking Cookie(s)    cookies.txt - Line #163    Low
   Tracking Cookie(s)    cookies.txt - Line #164    Low
   Tracking Cookie(s)    cookies.txt - Line #165    Low
   Tracking Cookie(s)    cookies.txt - Line #167    Low
   Tracking Cookie(s)    cookies.txt - Line #168    Low
   Tracking Cookie(s)    cookies.txt - Line #169    Low
   Tracking Cookie(s)    cookies.txt - Line #170    Low
   Tracking Cookie(s)    cookies.txt - Line #171    Low
   Tracking Cookie(s)    cookies.txt - Line #172    Low
   Tracking Cookie(s)    cookies.txt - Line #173    Low
   Tracking Cookie(s)    cookies.txt - Line #174    Low
   Advertising    cookies.txt - Line #188    Low
   Advertising    cookies.txt - Line #191    Low
   Tracking Cookie(s)    cookies.txt - Line #192    Low
   Advertising    cookies.txt - Line #193    Low
   Tracking Cookie(s)    cookies.txt - Line #194    Low
   Tracking Cookie(s)    cookies.txt - Line #195    Low
   Tracking Cookie(s)    cookies.txt - Line #196    Low
   Advertising    cookies.txt - Line #197    Low
   Advertising    cookies.txt - Line #198    Low
   Advertising    cookies.txt - Line #199    Low
   Tracking Cookie(s)    cookies.txt - Line #205    Low
   Tracking Cookie(s)    cookies.txt - Line #206    Low
   Tracking Cookie(s)    cookies.txt - Line #207    Low
   Tracking Cookie(s)    cookies.txt - Line #208    Low
   Advertising    cookies.txt - Line #236    Low
   Advertising    cookies.txt - Line #237    Low
   Advertising    cookies.txt - Line #238    Low
   Tracking Cookie(s)    cookies.txt - Line #24    Low
   Tracking Cookie(s)    cookies.txt - Line #250    Low
   Tracking Cookie(s)    cookies.txt - Line #265    Low
   Tracking Cookie(s)    cookies.txt - Line #266    Low
   Tracking Cookie(s)    cookies.txt - Line #267    Low
   Tracking Cookie(s)    cookies.txt - Line #28    Low
   Tracking Cookie(s)    cookies.txt - Line #30    Low
   Tracking Cookie(s)    cookies.txt - Line #306    Low
   Tracking Cookie(s)    cookies.txt - Line #307    Low
   Tracking Cookie(s)    cookies.txt - Line #308    Low
   Tracking Cookie(s)    cookies.txt - Line #316    Low
   Advertising    cookies.txt - Line #34    Low
   Tracking Cookie(s)    cookies.txt - Line #353    Low
   Tracking Cookie(s)    cookies.txt - Line #36    Low
   Tracking Cookie(s)    cookies.txt - Line #388    Low
   Tracking Cookie(s)    cookies.txt - Line #389    Low
   Tracking Cookie(s)    cookies.txt - Line #449    Low
   Tracking Cookie(s)    cookies.txt - Line #450    Low
   Tracking Cookie(s)    cookies.txt - Line #451    Low
   Tracking Cookie(s)    cookies.txt - Line #492    Low
   Tracking Cookie(s)    cookies.txt - Line #493    Low
   Tracking Cookie(s)    cookies.txt - Line #504    Low
   Tracking Cookie(s)    cookies.txt - Line #539    Low
   Advertising    cookies.txt - Line #659    Low
   Tracking Cookie(s)    cookies.txt - Line #660    Low
   Tracking Cookie(s)    cookies.txt - Line #677    Low
   Advertising    cookies.txt - Line #682    Low
   Advertising    cookies.txt - Line #683    Low
   Advertising    cookies.txt - Line #684    Low
   Advertising    cookies.txt - Line #69    Low
   Tracking Cookie(s)    cookies.txt - Line #692    Low
   Advertising    cookies.txt - Line #70    Low
   Advertising    cookies.txt - Line #71    Low
   Advertising    cookies.txt - Line #73    Low
   Advertising    cookies.txt - Line #76    Low
   Advertising    cookies.txt - Line #77    Low
   Advertising    cookies.txt - Line #78    Low
   Advertising    cookies.txt - Line #79    Low
   Tracking Cookie(s)    cookies.txt - Line #794    Low
   Advertising    cookies.txt - Line #80    Low
   Advertising    cookies.txt - Line #800    Low
   Advertising    cookies.txt - Line #801    Low
   Advertising    cookies.txt - Line #81    Low
   Advertising    cookies.txt - Line #82    Low
   Advertising    cookies.txt - Line #83    Low
   Advertising    cookies.txt - Line #84    Low
   Advertising    cookies.txt - Line #85    Low
   Advertising    cookies.txt - Line #86    Low
   Advertising    cookies.txt - Line #87    Low
   Advertising    cookies.txt - Line #88    Low
   Advertising    cookies.txt - Line #89    Low
   Tracking Cookie(s)    cookies.txt - Line #92    Low
   Tracking Cookie(s)    cookies.txt - Line #95    Low
   Tracking Cookie(s)    cookies.txt - Line #96    Low
   All In One Keylogger    G:\Downloads\logger\allinone\keysetup.exe    High
   All In One Keylogger    HKCR\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}    High
   All In One Keylogger    HKCR\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}##    High
   All In One Keylogger    HKCR\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\HCifsbeUcLsk    High
   All In One Keylogger    HKCR\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\HCifsbeUcLsk##    High
   All In One Keylogger    HKCR\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\Iebzvnj    High
   All In One Keylogger    HKCR\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\Iebzvnj##    High
   All In One Keylogger    HKCR\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\InprocServer32    High
   All In One Keylogger    HKCR\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\InprocServer32##    High
   All In One Keylogger    HKCR\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\InprocServer32##ScriptBlockingInProcServer32    High
   All In One Keylogger    HKCR\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\InprocServer32##ThreadingModel    High
   All In One Keylogger    HKCR\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\jfyUGta    High
   All In One Keylogger    HKCR\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\jfyUGta##    High
   All In One Keylogger    HKCR\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\pqcwTpfib    High
   All In One Keylogger    HKCR\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\pqcwTpfib##    High
   All In One Keylogger    HKCR\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\ProgID    High
   All In One Keylogger    HKCR\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\ProgID##    High
   All In One Keylogger    HKCR\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\uxbhfoza    High
   All In One Keylogger    HKCR\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\uxbhfoza##    High
   All In One Keylogger    HKCR\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\vRoMZahnum    High
   All In One Keylogger    HKCR\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\vRoMZahnum##    High
   Backdoor.CIADoor.13    HKCR\CLSID\{E14DCE67-8FB7-4721-8149-179BAA4D792C}    High
   Backdoor.CIADoor.13    HKCR\CLSID\{E14DCE67-8FB7-4721-8149-179BAA4D792C}##    High
   Backdoor.CIADoor.13    HKCR\CLSID\{E14DCE67-8FB7-4721-8149-179BAA4D792C}\InprocServer32    High
   Backdoor.CIADoor.13    HKCR\CLSID\{E14DCE67-8FB7-4721-8149-179BAA4D792C}\InprocServer32##    High
   Backdoor.CIADoor.13    HKCR\CLSID\{E14DCE67-8FB7-4721-8149-179BAA4D792C}\InprocServer32##ThreadingModel    High
   Backdoor.CIADoor.13    HKCR\CLSID\{E14DCE67-8FB7-4721-8149-179BAA4D792C}\ProgID    High
   Backdoor.CIADoor.13    HKCR\CLSID\{E14DCE67-8FB7-4721-8149-179BAA4D792C}\ProgID##    High
   Backdoor.CIADoor.13    HKCR\CLSID\{E14DCE67-8FB7-4721-8149-179BAA4D792C}\TypeLib    High
   Backdoor.CIADoor.13    HKCR\CLSID\{E14DCE67-8FB7-4721-8149-179BAA4D792C}\TypeLib##    High
   Backdoor.CIADoor.13    HKCR\CLSID\{E14DCE67-8FB7-4721-8149-179BAA4D792C}\VERSION    High
   Backdoor.CIADoor.13    HKCR\CLSID\{E14DCE67-8FB7-4721-8149-179BAA4D792C}\VERSION##    High
   Backdoor.CIADoor.13    HKCR\Interface\{0958C4C9-77B0-4AA8-9364-7886BFCA7E39}    High
   Backdoor.CIADoor.13    HKCR\Interface\{0958C4C9-77B0-4AA8-9364-7886BFCA7E39}##    High
   Backdoor.CIADoor.13    HKCR\Interface\{0958C4C9-77B0-4AA8-9364-7886BFCA7E39}\ProxyStubClsid    High
   Backdoor.CIADoor.13    HKCR\Interface\{0958C4C9-77B0-4AA8-9364-7886BFCA7E39}\ProxyStubClsid##    High
   Backdoor.CIADoor.13    HKCR\Interface\{0958C4C9-77B0-4AA8-9364-7886BFCA7E39}\ProxyStubClsid32    High
   Backdoor.CIADoor.13    HKCR\Interface\{0958C4C9-77B0-4AA8-9364-7886BFCA7E39}\ProxyStubClsid32##    High
   Backdoor.CIADoor.13    HKCR\Interface\{0958C4C9-77B0-4AA8-9364-7886BFCA7E39}\TypeLib    High
   Backdoor.CIADoor.13    HKCR\Interface\{0958C4C9-77B0-4AA8-9364-7886BFCA7E39}\TypeLib##    High
   Backdoor.CIADoor.13    HKCR\Interface\{0958C4C9-77B0-4AA8-9364-7886BFCA7E39}\TypeLib##Version    High
   Backdoor.CIADoor.13    HKCR\N.Cs4    High
   Backdoor.CIADoor.13    HKCR\N.Cs4##    High
   Backdoor.CIADoor.13    HKCR\N.Cs4\Clsid    High
   Backdoor.CIADoor.13    HKCR\N.Cs4\Clsid##    High
   Backdoor.CIADoor.13    HKCR\TypeLib\{C9F1C5A0-F3D8-48E2-8B8C-3E86B4CAC7E3}    High
   Backdoor.CIADoor.13    HKCR\TypeLib\{C9F1C5A0-F3D8-48E2-8B8C-3E86B4CAC7E3}##    High
   Backdoor.CIADoor.13    HKCR\TypeLib\{C9F1C5A0-F3D8-48E2-8B8C-3E86B4CAC7E3}\3.0    High
   Backdoor.CIADoor.13    HKCR\TypeLib\{C9F1C5A0-F3D8-48E2-8B8C-3E86B4CAC7E3}\3.0##    High
   Backdoor.CIADoor.13    HKCR\TypeLib\{C9F1C5A0-F3D8-48E2-8B8C-3E86B4CAC7E3}\3.0\0    High
   Backdoor.CIADoor.13    HKCR\TypeLib\{C9F1C5A0-F3D8-48E2-8B8C-3E86B4CAC7E3}\3.0\0##    High
   Backdoor.CIADoor.13    HKCR\TypeLib\{C9F1C5A0-F3D8-48E2-8B8C-3E86B4CAC7E3}\3.0\0\win32    High
   Backdoor.CIADoor.13    HKCR\TypeLib\{C9F1C5A0-F3D8-48E2-8B8C-3E86B4CAC7E3}\3.0\0\win32##    High
   Backdoor.CIADoor.13    HKCR\TypeLib\{C9F1C5A0-F3D8-48E2-8B8C-3E86B4CAC7E3}\3.0\FLAGS    High
   Backdoor.CIADoor.13    HKCR\TypeLib\{C9F1C5A0-F3D8-48E2-8B8C-3E86B4CAC7E3}\3.0\FLAGS##    High
   Backdoor.CIADoor.13    HKCR\TypeLib\{C9F1C5A0-F3D8-48E2-8B8C-3E86B4CAC7E3}\3.0\HELPDIR    High
   Backdoor.CIADoor.13    HKCR\TypeLib\{C9F1C5A0-F3D8-48E2-8B8C-3E86B4CAC7E3}\3.0\HELPDIR##    High
   Trojan.Popuper    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{84938242-5C5B-4A55-B6B9-A1507543B418}    High
   Trojan.Popuper    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{84938242-5C5B-4A55-B6B9-A1507543B418}##    High
   Trojan.Popuper    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{84938242-5C5B-4A55-B6B9-A1507543B418}\iexplore    High
   Trojan.Popuper    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{84938242-5C5B-4A55-B6B9-A1507543B418}\iexplore##    High
   Trojan.Popuper    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{84938242-5C5B-4A55-B6B9-A1507543B418}\iexplore##Count    High
   Trojan.Popuper    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{84938242-5C5B-4A55-B6B9-A1507543B418}\iexplore##Time    High
   Trojan.Popuper    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{84938242-5C5B-4A55-B6B9-A1507543B418}\iexplore##Type    High
   7AdPower    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9AE283A5-DF43-4C83-B6AA-7EBDBDB0204A}    High
   7AdPower    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9AE283A5-DF43-4C83-B6AA-7EBDBDB0204A}##    High
   7AdPower    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9AE283A5-DF43-4C83-B6AA-7EBDBDB0204A}\iexplore    High
   7AdPower    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9AE283A5-DF43-4C83-B6AA-7EBDBDB0204A}\iexplore##    High
   7AdPower    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9AE283A5-DF43-4C83-B6AA-7EBDBDB0204A}\iexplore##Blocked    High
   7AdPower    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9AE283A5-DF43-4C83-B6AA-7EBDBDB0204A}\iexplore##Count    High
   7AdPower    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9AE283A5-DF43-4C83-B6AA-7EBDBDB0204A}\iexplore##Time    High
   7AdPower    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9AE283A5-DF43-4C83-B6AA-7EBDBDB0204A}\iexplore##Type    High
   Backdoor.CIADoor.13    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E14DCE67-8FB7-4721-8149-179BAA4D792C}    High
   Backdoor.CIADoor.13    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E14DCE67-8FB7-4721-8149-179BAA4D792C}##    High
   Backdoor.CIADoor.13    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E14DCE67-8FB7-4721-8149-179BAA4D792C}\iexplore    High
   Backdoor.CIADoor.13    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E14DCE67-8FB7-4721-8149-179BAA4D792C}\iexplore##    High
   Backdoor.CIADoor.13    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E14DCE67-8FB7-4721-8149-179BAA4D792C}\iexplore##Count    High
   Backdoor.CIADoor.13    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E14DCE67-8FB7-4721-8149-179BAA4D792C}\iexplore##Time    High
   Backdoor.CIADoor.13    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E14DCE67-8FB7-4721-8149-179BAA4D792C}\iexplore##Type    High
   Backdoor.CIADoor.13    HKCU\Software\VB and VBA Program Settings\set\set##set    High
   All In One Keylogger    HKLM\Software\Classes\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}    High
   All In One Keylogger    HKLM\Software\Classes\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}##    High
   All In One Keylogger    HKLM\Software\Classes\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\HCifsbeUcLsk    High
   All In One Keylogger    HKLM\Software\Classes\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\HCifsbeUcLsk##    High
   All In One Keylogger    HKLM\Software\Classes\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\Iebzvnj    High
   All In One Keylogger    HKLM\Software\Classes\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\Iebzvnj##    High
   All In One Keylogger    HKLM\Software\Classes\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\InprocServer32    High
   All In One Keylogger    HKLM\Software\Classes\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\InprocServer32##    High
   All In One Keylogger    HKLM\Software\Classes\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\InprocServer32##ScriptBlockingInProcServer32    High
   All In One Keylogger    HKLM\Software\Classes\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\InprocServer32##ThreadingModel    High
   All In One Keylogger    HKLM\Software\Classes\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\jfyUGta    High
   All In One Keylogger    HKLM\Software\Classes\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\jfyUGta##    High
   All In One Keylogger    HKLM\Software\Classes\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\pqcwTpfib    High
   All In One Keylogger    HKLM\Software\Classes\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\pqcwTpfib##    High
   All In One Keylogger    HKLM\Software\Classes\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\ProgID    High
   All In One Keylogger    HKLM\Software\Classes\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\ProgID##    High
   All In One Keylogger    HKLM\Software\Classes\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\uxbhfoza    High
   All In One Keylogger    HKLM\Software\Classes\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\uxbhfoza##    High
   All In One Keylogger    HKLM\Software\Classes\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\vRoMZahnum    High
   All In One Keylogger    HKLM\Software\Classes\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\vRoMZahnum##    High
   Backdoor.CIADoor.13    HKLM\Software\Classes\CLSID\{E14DCE67-8FB7-4721-8149-179BAA4D792C}    High
   Backdoor.CIADoor.13    HKLM\Software\Classes\CLSID\{E14DCE67-8FB7-4721-8149-179BAA4D792C}##    High
   Backdoor.CIADoor.13    HKLM\Software\Classes\CLSID\{E14DCE67-8FB7-4721-8149-179BAA4D792C}\InprocServer32    High
   Backdoor.CIADoor.13    HKLM\Software\Classes\CLSID\{E14DCE67-8FB7-4721-8149-179BAA4D792C}\InprocServer32##    High
   Backdoor.CIADoor.13    HKLM\Software\Classes\CLSID\{E14DCE67-8FB7-4721-8149-179BAA4D792C}\InprocServer32##ThreadingModel    High
   Backdoor.CIADoor.13    HKLM\Software\Classes\CLSID\{E14DCE67-8FB7-4721-8149-179BAA4D792C}\ProgID    High
   Backdoor.CIADoor.13    HKLM\Software\Classes\CLSID\{E14DCE67-8FB7-4721-8149-179BAA4D792C}\ProgID##    High
   Backdoor.CIADoor.13    HKLM\Software\Classes\CLSID\{E14DCE67-8FB7-4721-8149-179BAA4D792C}\TypeLib    High
   Backdoor.CIADoor.13    HKLM\Software\Classes\CLSID\{E14DCE67-8FB7-4721-8149-179BAA4D792C}\TypeLib##    High
   Backdoor.CIADoor.13    HKLM\Software\Classes\CLSID\{E14DCE67-8FB7-4721-8149-179BAA4D792C}\VERSION    High
   Backdoor.CIADoor.13    HKLM\Software\Classes\CLSID\{E14DCE67-8FB7-4721-8149-179BAA4D792C}\VERSION##    High
   Trojan.Crypt.S    HKLM\SOFTWARE\Classes\Interface\{0958C4C9-77B0-4AA8-9364-7886BFCA7E39}    High
   Trojan.Crypt.S    HKLM\SOFTWARE\Classes\Interface\{0958C4C9-77B0-4AA8-9364-7886BFCA7E39}##    High
   Trojan.Crypt.S    HKLM\SOFTWARE\Classes\Interface\{0958C4C9-77B0-4AA8-9364-7886BFCA7E39}\ProxyStubClsid    High
   Trojan.Crypt.S    HKLM\SOFTWARE\Classes\Interface\{0958C4C9-77B0-4AA8-9364-7886BFCA7E39}\ProxyStubClsid##    High
   Trojan.Crypt.S    HKLM\SOFTWARE\Classes\Interface\{0958C4C9-77B0-4AA8-9364-7886BFCA7E39}\ProxyStubClsid32    High
   Trojan.Crypt.S    HKLM\SOFTWARE\Classes\Interface\{0958C4C9-77B0-4AA8-9364-7886BFCA7E39}\ProxyStubClsid32##    High
   Trojan.Crypt.S    HKLM\SOFTWARE\Classes\Interface\{0958C4C9-77B0-4AA8-9364-7886BFCA7E39}\TypeLib    High
   Trojan.Crypt.S    HKLM\SOFTWARE\Classes\Interface\{0958C4C9-77B0-4AA8-9364-7886BFCA7E39}\TypeLib##    High
   Trojan.Crypt.S    HKLM\SOFTWARE\Classes\Interface\{0958C4C9-77B0-4AA8-9364-7886BFCA7E39}\TypeLib##Version    High
   Trojan.Crypt.S    HKLM\SOFTWARE\Classes\N.Cs4    High
   Trojan.Crypt.S    HKLM\SOFTWARE\Classes\N.Cs4##    High
   Trojan.Crypt.S    HKLM\SOFTWARE\Classes\N.Cs4\Clsid    High
   Trojan.Crypt.S    HKLM\SOFTWARE\Classes\N.Cs4\Clsid##    High
   Trojan.Crypt.S    HKLM\SOFTWARE\Classes\TypeLib\{C9F1C5A0-F3D8-48E2-8B8C-3E86B4CAC7E3}    High
   Trojan.Crypt.S    HKLM\SOFTWARE\Classes\TypeLib\{C9F1C5A0-F3D8-48E2-8B8C-3E86B4CAC7E3}##    High
   Trojan.Crypt.S    HKLM\SOFTWARE\Classes\TypeLib\{C9F1C5A0-F3D8-48E2-8B8C-3E86B4CAC7E3}\3.0    High
   Trojan.Crypt.S    HKLM\SOFTWARE\Classes\TypeLib\{C9F1C5A0-F3D8-48E2-8B8C-3E86B4CAC7E3}\3.0##    High
   Trojan.Crypt.S    HKLM\SOFTWARE\Classes\TypeLib\{C9F1C5A0-F3D8-48E2-8B8C-3E86B4CAC7E3}\3.0\0    High
   Trojan.Crypt.S    HKLM\SOFTWARE\Classes\TypeLib\{C9F1C5A0-F3D8-48E2-8B8C-3E86B4CAC7E3}\3.0\0##    High
   Trojan.Crypt.S    HKLM\SOFTWARE\Classes\TypeLib\{C9F1C5A0-F3D8-48E2-8B8C-3E86B4CAC7E3}\3.0\0\win32    High
   Trojan.Crypt.S    HKLM\SOFTWARE\Classes\TypeLib\{C9F1C5A0-F3D8-48E2-8B8C-3E86B4CAC7E3}\3.0\0\win32##    High
   Trojan.Crypt.S    HKLM\SOFTWARE\Classes\TypeLib\{C9F1C5A0-F3D8-48E2-8B8C-3E86B4CAC7E3}\3.0\FLAGS    High
   Trojan.Crypt.S    HKLM\SOFTWARE\Classes\TypeLib\{C9F1C5A0-F3D8-48E2-8B8C-3E86B4CAC7E3}\3.0\FLAGS##    High
   Trojan.Crypt.S    HKLM\SOFTWARE\Classes\TypeLib\{C9F1C5A0-F3D8-48E2-8B8C-3E86B4CAC7E3}\3.0\HELPDIR    High
   Trojan.Crypt.S    HKLM\SOFTWARE\Classes\TypeLib\{C9F1C5A0-F3D8-48E2-8B8C-3E86B4CAC7E3}\3.0\HELPDIR##    High
         

Other Sections:
Logged
GTO
Global Moderator
Newbie
*****
Posts: 1519



View Profile
« Reply #8 on: February 24, 2007, 01:02:18 AM »
Hi fatandy

As you can see, your system is still infected with viral parasites. Usually, reliable antivirus software eliminates these threats. However, your Norton Antivirus seems to be powerless. I highly recommend running online virus scan. Link here. You should also uninstall Norton Antivirus and get a better product. In my opinion, free programs such as avast! Antivirus or AVG Anti-virus Free Edition are much better than Norton.
Logged
Pages: [1]
  Print  
« previous next »
 
Jump to:  




Recommended software:
STOPzilla
(90/100)
STOPzilla is a powerful anti-spyware program that detects, blocks, and removes malicious software allowing users to surf the Web not worrying about spyware, Trojan horses,...
Malwarebytes Anti Malware
(88/100)
There are loads of malware removers on the net today and most of them are lightweight applications, which usually means they’re fast and don’t...
Spyware Doctor
(87/100)
Spyware Doctor is a very powerful, but yet highly user-friendly spyware remover, made by PC Tools, reputable computer security experts. This product provides effective and...
SpyHunter
(86/100)
SpyHunter is a quite simple, but yet highly effective spyware remover with an easy-to-use interface. This program is an excellent choice for users, who are...
XoftSpySE Anti Spyware
(84/100)
XoftSpySE, an anti-spyware program made by ParetoLogic, Inc., is a simple, but effective on-demand scanner with the typical set of functions but very easy to...
Encyclopedia of parasites:

Spreading the knowledge:

It is very hard to fight Computer parasites alone in internet space. If you have a website we would be more than happy if you would help us to spread the knowledge about latest threats. You can help your visitors to manage their Computer system manually without aditional expences. Knowledge is the power, we just need to spread it.
add text box
rss feed
help other
Latest Spyware Threats: Internet Security 2012 | Win 7 Total security 2012 | System Check | Win 7 Internet Security 2012 | Win 7 Home Security 2012 | Win 7 Antivirus 2012 | Win 7 Antispyware 2012 | Vista Security 2012 | Vista Antivirus 2012 | Vista Antispyware 2012 | XP Antispyware 2012 | XP Antivirus 2012 | XP Security 2012 | XP Home Security 2012 | Security Shield
Agreement of Use | Privacy policy | Webmasters | Contact us | RSS Feeds
© 2001-2011 2-spyware.com All Rights Reserved. Reproduction in part or whole without written permission is prohibited. Powered by: eSolutions.