Zlob HELP PLEASE!

fatandy · Joined: 20 Feb 2007 Posts: 6

Hey my brother seemed to have picked quite the nasty virus on my computer yesterday. I ran AVG 7.5, SpyBot S&D, Adaware SE Pro and Norton AV (all fully updated) in safe mode and when I restarted all kinds of strange things were happening that didn't before, plus there was a very noticeable performance decrease on my system. Takes about 10 mins to boot up and when im actually in windows trying to do stuff it takes much MUCH longer than it should. When i ran all those checks in safe mode it appeared to clean everything, then when i rebooted i noticed things were not ok, booted back in safe mode to see if anything popped up on the scans again and nothing. All the programs picked up nothing. So here i am scratching my head. Anyway I got hijack this ran it and here is the log file:

Logfile of HijackThis v1.99.1
Scan saved at 2:49:34 PM, on 20/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\ScsiAccess.EXE
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Documents and Settings\andy\Desktop\HijackThis.exe

F2 - REG:system.ini: Shell=
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FE2FA3FE-BF09-26EC-0A72-04AA11805E02} - C:\DOCUME~1\andy\APPLIC~1\MAPICI~1\Theexit.exe (file missing)
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SNM] C:\Program Files\SpyNoMore\SNM.exe /startup
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://rigs.precisiondrilling.com/mgaxctrl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1121313746812
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O20 - AppInit_DLLs: MsgPlusLoader.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: eitheror - {2016a466-91a2-43c6-97d8-2fd380f065ef} - C:\WINDOWS\system32\higehsg.dll (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\system32\ScsiAccess.EXE
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

Any help will be greatly appreciated

Thanks

Andy

HJT Analyzer · Joined: 15 Mar 2006 Posts: 728

Hello, visitor!

The Hijack This log analyzer has analyzed your log. Please take a closer look on the results.

Your log does not indicate any spyware or virus infection. However, there are some entries that you might want to fix. Please follow the steps below.

The following entries are not malicious, but some of them are not used anymore. You may use HijackThis to fix a few of them. However, please keep in mind that some of the entries marked as Questionable or Not Needed are fully legitimate and might be required by installed software to work properly, while some others might be related to certain parasites. It is up to you to decide whether you need any of them, or not.
O2 - BHO: (no name) - {FE2FA3FE-BF09-26EC-0A72-04AA11805E02} - C:\DOCUME~1\andy\APPLIC~1\MAPICI~1\Theexit.exe (file missing)
O9 - Extra ''Tools'' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://rigs.precisiondrilling.com/mgaxctrl.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O21 - SSODL: eitheror - {2016a466-91a2-43c6-97d8-2fd380f065ef} - C:\WINDOWS\system32\higehsg.dll (file missing)

The following files and Windows registry entries are marked as "unknown". Currently, the HijackThis Log Analyzer cannot provide required information on these items. The files and entries in the list below can be both malicious and fully legitimate. Because of this, please do not take any action! Wait for the forum responders or other forum users to provide you with necessary details and further instructions.
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

If you want to see more detailed analysis of your log, click here.

Thank you for using the 2-Spyware.com HijackThis log analyzer beta 2!

GTO · Joined: 15 Nov 2005 Posts: 1519

Hi fatandy

Use HijackThis to fix the following entries:
F2 - REG:system.ini: Shell=
O2 - BHO: (no name) - {FE2FA3FE-BF09-26EC-0A72-04AA11805E02} - C:\DOCUME~1\andy\APPLIC~1\MAPICI~1\Theexit.exe (file missing)
O21 - SSODL: eitheror - {2016a466-91a2-43c6-97d8-2fd380f065ef} - C:\WINDOWS\system32\higehsg.dll (file missing)

Everything else looks clean.

fatandy · Joined: 20 Feb 2007 Posts: 6

ok did all that and its still really slow. The strange things that are happening on my system are:

1) My norton AV all of a sudden doesnt work (and when i tryed to remove it i get all kinds of errors)
2) The background i had before somehow disappeared
I3) Internet is REALLY slow both starting a firefox session and browsing
4) Takes about 10 mins to boot computer and get to the point in windows where i can actually use my computer.
5) command prompt also mysteriously disabled. When i try to use it it says it was disabled by the administrator
6) When I restart and first get into windows i get 5 windows open with ACProtect and an "ok" button. Dont know what that is.

dont know if any of this helps you

GTO · Joined: 15 Nov 2005 Posts: 1519

Hi fatandy

Download the free version of SUPERAntiSpyware. Install the program, update its definitions and run a complete system scan.

fatandy · Joined: 20 Feb 2007 Posts: 6

ok superantispyware detected:

Adware.tracking Cookie
Trojan.Media-codec

and it lookis like a restart cleaned them all up...

my computer is running faster now but when i restart im still getting command prompt popping up saying it has been disabled by the administrator

GTO · Joined: 15 Nov 2005 Posts: 1519

Hi fatandy

This means that your system might still be infected. I suggest downloading Spyware Doctor. It's paid, but you can always post the log here, if you don't want to purchase it. Download the program, update its definitions and run complete system scan.

fatandy · Joined: 20 Feb 2007 Posts: 6

Scans (basic information only):
Scan Results:
scan start: 23/02/2007 4:54:28 PM
scan stop: 23/02/2007 5:09:30 PM
scanned items: 103928
found items: 267
found and ignored: 0
tools used: General Scanner, Process Scanner, LSP Scanner, Startup Scanner, Registry Scanner, Hosts Scanner, Browser Scanner, Browser Activity Scanner, Disk Scanner, ActiveX Scanner

Infection Name Location Risk
Backdoor.CIADoor.13 C:\Avenger\wsock32.sys High
Tracking Cookie(s) C:\Documents and Settings\andy\Cookies\andy@atdmt[2].txt Low
Known Bad Sites C:\Documents and Settings\andy\Cookies\andy@b22538.upd.trinityacquisitions[1].txt High
Known Bad Sites C:\Documents and Settings\andy\Cookies\andy@b8987.upd.trinityacquisitions[1].txt High
Known Bad Sites C:\Documents and Settings\andy\Cookies\andy@c14241.upd.trinityacquisitions[1].txt High
Known Bad Sites C:\Documents and Settings\andy\Cookies\andy@c29598.upd.trinityacquisitions[1].txt High
Known Bad Sites C:\Documents and Settings\andy\Cookies\andy@d6621.upd.maximumexperience[1].txt High
Known Bad Sites C:\Documents and Settings\andy\Cookies\andy@e30814.upd.maximumexperience[1].txt High
Known Bad Sites C:\Documents and Settings\andy\Cookies\andy@f22403.upd.maximumexperience[1].txt High
Known Bad Sites C:\Documents and Settings\andy\Cookies\andy@i1876.upd.maximumexperience[1].txt High
Known Bad Sites C:\Documents and Settings\andy\Cookies\andy@j7010.upd.maximumexperience[1].txt High
Tracking Cookie(s) C:\Documents and Settings\andy\Cookies\andy@joetec[2].txt Low
Known Bad Sites C:\Documents and Settings\andy\Cookies\andy@l12711.upd.trinityacquisitions[1].txt High
Tracking Cookie(s) C:\Documents and Settings\andy\Cookies\andy@m.webtrends[2].txt Low
Known Bad Sites C:\Documents and Settings\andy\Cookies\andy@m2105.upd.trinityacquisitions[1].txt High
Known Bad Sites C:\Documents and Settings\andy\Cookies\andy@o19484.upd.trinityacquisitions[1].txt High
Known Bad Sites C:\Documents and Settings\andy\Cookies\andy@o23628.upd.maximumexperience[1].txt High
Known Bad Sites C:\Documents and Settings\andy\Cookies\andy@p12537.upd.trinityacquisitions[1].txt High
Known Bad Sites C:\Documents and Settings\andy\Cookies\andy@p21528.upd.trinityacquisitions[1].txt High
Known Bad Sites C:\Documents and Settings\andy\Cookies\andy@p29628.upd.trinityacquisitions[1].txt High
Known Bad Sites C:\Documents and Settings\andy\Cookies\andy@q22335.upd.trinityacquisitions[1].txt High
Known Bad Sites C:\Documents and Settings\andy\Cookies\andy@r29617.upd.trinityacquisitions[1].txt High
Tracking Cookie(s) C:\Documents and Settings\andy\Cookies\andy@rn11[2].txt Low
Known Bad Sites C:\Documents and Settings\andy\Cookies\andy@s17052.upd.maximumexperience[1].txt High
Known Bad Sites C:\Documents and Settings\andy\Cookies\andy@s17404.upd.trinityacquisitions[1].txt High
Known Bad Sites C:\Documents and Settings\andy\Cookies\andy@s20351.upd.maximumexperience[1].txt High
Known Bad Sites C:\Documents and Settings\andy\Cookies\andy@t3992.upd.maximumexperience[1].txt High
Known Bad Sites C:\Documents and Settings\andy\Cookies\andy@u5174.upd.trinityacquisitions[1].txt High
Known Bad Sites C:\Documents and Settings\andy\Cookies\andy@u5313.upd.maximumexperience[1].txt High
Known Bad Sites C:\Documents and Settings\andy\Cookies\andy@u8658.upd.maximumexperience[1].txt High
Known Bad Sites C:\Documents and Settings\andy\Cookies\andy@w20745.upd.trinityacquisitions[1].txt High
Tracking Cookie(s) C:\Documents and Settings\andy\Cookies\andy@www.ads.joetec[1].txt Low
7AdPower C:\Documents and Settings\andy\Cookies\andy@www.advnt01[1].txt High
Known Bad Sites C:\Documents and Settings\andy\Cookies\andy@y7176.upd.maximumexperience[1].txt High
Known Bad Sites C:\Documents and Settings\andy\Cookies\andy@z19975.upd.trinityacquisitions[1].txt High
Known Bad Sites C:\Documents and Settings\andy\Cookies\andy@z8180.upd.trinityacquisitions[1].txt High
All In One Keylogger C:\Program Files\BitComet\Downloads\logger\allinone\keysetup.exe High
Backdoor.CIADoor.13 C:\WINDOWS\system32\ckl009.dat High
Tracking Cookie(s) cookies.txt - Line #109 Low
Tracking Cookie(s) cookies.txt - Line #110 Low
Tracking Cookie(s) cookies.txt - Line #112 Low
Tracking Cookie(s) cookies.txt - Line #113 Low
Advertising cookies.txt - Line #114 Low
Tracking Cookie(s) cookies.txt - Line #119 Low
Tracking Cookie(s) cookies.txt - Line #120 Low
Tracking Cookie(s) cookies.txt - Line #137 Low
Tracking Cookie(s) cookies.txt - Line #145 Low
Tracking Cookie(s) cookies.txt - Line #158 Low
Tracking Cookie(s) cookies.txt - Line #162 Low
Tracking Cookie(s) cookies.txt - Line #163 Low
Tracking Cookie(s) cookies.txt - Line #164 Low
Tracking Cookie(s) cookies.txt - Line #165 Low
Tracking Cookie(s) cookies.txt - Line #167 Low
Tracking Cookie(s) cookies.txt - Line #168 Low
Tracking Cookie(s) cookies.txt - Line #169 Low
Tracking Cookie(s) cookies.txt - Line #170 Low
Tracking Cookie(s) cookies.txt - Line #171 Low
Tracking Cookie(s) cookies.txt - Line #172 Low
Tracking Cookie(s) cookies.txt - Line #173 Low
Tracking Cookie(s) cookies.txt - Line #174 Low
Advertising cookies.txt - Line #188 Low
Advertising cookies.txt - Line #191 Low
Tracking Cookie(s) cookies.txt - Line #192 Low
Advertising cookies.txt - Line #193 Low
Tracking Cookie(s) cookies.txt - Line #194 Low
Tracking Cookie(s) cookies.txt - Line #195 Low
Tracking Cookie(s) cookies.txt - Line #196 Low
Advertising cookies.txt - Line #197 Low
Advertising cookies.txt - Line #198 Low
Advertising cookies.txt - Line #199 Low
Tracking Cookie(s) cookies.txt - Line #205 Low
Tracking Cookie(s) cookies.txt - Line #206 Low
Tracking Cookie(s) cookies.txt - Line #207 Low
Tracking Cookie(s) cookies.txt - Line #208 Low
Advertising cookies.txt - Line #236 Low
Advertising cookies.txt - Line #237 Low
Advertising cookies.txt - Line #238 Low
Tracking Cookie(s) cookies.txt - Line #24 Low
Tracking Cookie(s) cookies.txt - Line #250 Low
Tracking Cookie(s) cookies.txt - Line #265 Low
Tracking Cookie(s) cookies.txt - Line #266 Low
Tracking Cookie(s) cookies.txt - Line #267 Low
Tracking Cookie(s) cookies.txt - Line #28 Low
Tracking Cookie(s) cookies.txt - Line #30 Low
Tracking Cookie(s) cookies.txt - Line #306 Low
Tracking Cookie(s) cookies.txt - Line #307 Low
Tracking Cookie(s) cookies.txt - Line #308 Low
Tracking Cookie(s) cookies.txt - Line #316 Low
Advertising cookies.txt - Line #34 Low
Tracking Cookie(s) cookies.txt - Line #353 Low
Tracking Cookie(s) cookies.txt - Line #36 Low
Tracking Cookie(s) cookies.txt - Line #388 Low
Tracking Cookie(s) cookies.txt - Line #389 Low
Tracking Cookie(s) cookies.txt - Line #449 Low
Tracking Cookie(s) cookies.txt - Line #450 Low
Tracking Cookie(s) cookies.txt - Line #451 Low
Tracking Cookie(s) cookies.txt - Line #492 Low
Tracking Cookie(s) cookies.txt - Line #493 Low
Tracking Cookie(s) cookies.txt - Line #504 Low
Tracking Cookie(s) cookies.txt - Line #539 Low
Advertising cookies.txt - Line #659 Low
Tracking Cookie(s) cookies.txt - Line #660 Low
Tracking Cookie(s) cookies.txt - Line #677 Low
Advertising cookies.txt - Line #682 Low
Advertising cookies.txt - Line #683 Low
Advertising cookies.txt - Line #684 Low
Advertising cookies.txt - Line #69 Low
Tracking Cookie(s) cookies.txt - Line #692 Low
Advertising cookies.txt - Line #70 Low
Advertising cookies.txt - Line #71 Low
Advertising cookies.txt - Line #73 Low
Advertising cookies.txt - Line #76 Low
Advertising cookies.txt - Line #77 Low
Advertising cookies.txt - Line #78 Low
Advertising cookies.txt - Line #79 Low
Tracking Cookie(s) cookies.txt - Line #794 Low
Advertising cookies.txt - Line #80 Low
Advertising cookies.txt - Line #800 Low
Advertising cookies.txt - Line #801 Low
Advertising cookies.txt - Line #81 Low
Advertising cookies.txt - Line #82 Low
Advertising cookies.txt - Line #83 Low
Advertising cookies.txt - Line #84 Low
Advertising cookies.txt - Line #85 Low
Advertising cookies.txt - Line #86 Low
Advertising cookies.txt - Line #87 Low
Advertising cookies.txt - Line #88 Low
Advertising cookies.txt - Line #89 Low
Tracking Cookie(s) cookies.txt - Line #92 Low
Tracking Cookie(s) cookies.txt - Line #95 Low
Tracking Cookie(s) cookies.txt - Line #96 Low
All In One Keylogger G:\Downloads\logger\allinone\keysetup.exe High
All In One Keylogger HKCR\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A} High
All In One Keylogger HKCR\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}## High
All In One Keylogger HKCR\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\HCifsbeUcLsk High
All In One Keylogger HKCR\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\HCifsbeUcLsk## High
All In One Keylogger HKCR\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\Iebzvnj High
All In One Keylogger HKCR\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\Iebzvnj## High
All In One Keylogger HKCR\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\InprocServer32 High
All In One Keylogger HKCR\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\InprocServer32## High
All In One Keylogger HKCR\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\InprocServer32##ScriptBlockingInProcServer32 High
All In One Keylogger HKCR\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\InprocServer32##ThreadingModel High
All In One Keylogger HKCR\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\jfyUGta High
All In One Keylogger HKCR\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\jfyUGta## High
All In One Keylogger HKCR\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\pqcwTpfib High
All In One Keylogger HKCR\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\pqcwTpfib## High
All In One Keylogger HKCR\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\ProgID High
All In One Keylogger HKCR\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\ProgID## High
All In One Keylogger HKCR\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\uxbhfoza High
All In One Keylogger HKCR\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\uxbhfoza## High
All In One Keylogger HKCR\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\vRoMZahnum High
All In One Keylogger HKCR\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\vRoMZahnum## High
Backdoor.CIADoor.13 HKCR\CLSID\{E14DCE67-8FB7-4721-8149-179BAA4D792C} High
Backdoor.CIADoor.13 HKCR\CLSID\{E14DCE67-8FB7-4721-8149-179BAA4D792C}## High
Backdoor.CIADoor.13 HKCR\CLSID\{E14DCE67-8FB7-4721-8149-179BAA4D792C}\InprocServer32 High
Backdoor.CIADoor.13 HKCR\CLSID\{E14DCE67-8FB7-4721-8149-179BAA4D792C}\InprocServer32## High
Backdoor.CIADoor.13 HKCR\CLSID\{E14DCE67-8FB7-4721-8149-179BAA4D792C}\InprocServer32##ThreadingModel High
Backdoor.CIADoor.13 HKCR\CLSID\{E14DCE67-8FB7-4721-8149-179BAA4D792C}\ProgID High
Backdoor.CIADoor.13 HKCR\CLSID\{E14DCE67-8FB7-4721-8149-179BAA4D792C}\ProgID## High
Backdoor.CIADoor.13 HKCR\CLSID\{E14DCE67-8FB7-4721-8149-179BAA4D792C}\TypeLib High
Backdoor.CIADoor.13 HKCR\CLSID\{E14DCE67-8FB7-4721-8149-179BAA4D792C}\TypeLib## High
Backdoor.CIADoor.13 HKCR\CLSID\{E14DCE67-8FB7-4721-8149-179BAA4D792C}\VERSION High
Backdoor.CIADoor.13 HKCR\CLSID\{E14DCE67-8FB7-4721-8149-179BAA4D792C}\VERSION## High
Backdoor.CIADoor.13 HKCR\Interface\{0958C4C9-77B0-4AA8-9364-7886BFCA7E39} High
Backdoor.CIADoor.13 HKCR\Interface\{0958C4C9-77B0-4AA8-9364-7886BFCA7E39}## High
Backdoor.CIADoor.13 HKCR\Interface\{0958C4C9-77B0-4AA8-9364-7886BFCA7E39}\ProxyStubClsid High
Backdoor.CIADoor.13 HKCR\Interface\{0958C4C9-77B0-4AA8-9364-7886BFCA7E39}\ProxyStubClsid## High
Backdoor.CIADoor.13 HKCR\Interface\{0958C4C9-77B0-4AA8-9364-7886BFCA7E39}\ProxyStubClsid32 High
Backdoor.CIADoor.13 HKCR\Interface\{0958C4C9-77B0-4AA8-9364-7886BFCA7E39}\ProxyStubClsid32## High
Backdoor.CIADoor.13 HKCR\Interface\{0958C4C9-77B0-4AA8-9364-7886BFCA7E39}\TypeLib High
Backdoor.CIADoor.13 HKCR\Interface\{0958C4C9-77B0-4AA8-9364-7886BFCA7E39}\TypeLib## High
Backdoor.CIADoor.13 HKCR\Interface\{0958C4C9-77B0-4AA8-9364-7886BFCA7E39}\TypeLib##Version High
Backdoor.CIADoor.13 HKCR\N.Cs4 High
Backdoor.CIADoor.13 HKCR\N.Cs4## High
Backdoor.CIADoor.13 HKCR\N.Cs4\Clsid High
Backdoor.CIADoor.13 HKCR\N.Cs4\Clsid## High
Backdoor.CIADoor.13 HKCR\TypeLib\{C9F1C5A0-F3D8-48E2-8B8C-3E86B4CAC7E3} High
Backdoor.CIADoor.13 HKCR\TypeLib\{C9F1C5A0-F3D8-48E2-8B8C-3E86B4CAC7E3}## High
Backdoor.CIADoor.13 HKCR\TypeLib\{C9F1C5A0-F3D8-48E2-8B8C-3E86B4CAC7E3}\3.0 High
Backdoor.CIADoor.13 HKCR\TypeLib\{C9F1C5A0-F3D8-48E2-8B8C-3E86B4CAC7E3}\3.0## High
Backdoor.CIADoor.13 HKCR\TypeLib\{C9F1C5A0-F3D8-48E2-8B8C-3E86B4CAC7E3}\3.0\0 High
Backdoor.CIADoor.13 HKCR\TypeLib\{C9F1C5A0-F3D8-48E2-8B8C-3E86B4CAC7E3}\3.0\0## High
Backdoor.CIADoor.13 HKCR\TypeLib\{C9F1C5A0-F3D8-48E2-8B8C-3E86B4CAC7E3}\3.0\0\win32 High
Backdoor.CIADoor.13 HKCR\TypeLib\{C9F1C5A0-F3D8-48E2-8B8C-3E86B4CAC7E3}\3.0\0\win32## High
Backdoor.CIADoor.13 HKCR\TypeLib\{C9F1C5A0-F3D8-48E2-8B8C-3E86B4CAC7E3}\3.0\FLAGS High
Backdoor.CIADoor.13 HKCR\TypeLib\{C9F1C5A0-F3D8-48E2-8B8C-3E86B4CAC7E3}\3.0\FLAGS## High
Backdoor.CIADoor.13 HKCR\TypeLib\{C9F1C5A0-F3D8-48E2-8B8C-3E86B4CAC7E3}\3.0\HELPDIR High
Backdoor.CIADoor.13 HKCR\TypeLib\{C9F1C5A0-F3D8-48E2-8B8C-3E86B4CAC7E3}\3.0\HELPDIR## High
Trojan.Popuper HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{84938242-5C5B-4A55-B6B9-A1507543B418} High
Trojan.Popuper HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{84938242-5C5B-4A55-B6B9-A1507543B418}## High
Trojan.Popuper HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{84938242-5C5B-4A55-B6B9-A1507543B418}\iexplore High
Trojan.Popuper HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{84938242-5C5B-4A55-B6B9-A1507543B418}\iexplore## High
Trojan.Popuper HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{84938242-5C5B-4A55-B6B9-A1507543B418}\iexplore##Count High
Trojan.Popuper HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{84938242-5C5B-4A55-B6B9-A1507543B418}\iexplore##Time High
Trojan.Popuper HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{84938242-5C5B-4A55-B6B9-A1507543B418}\iexplore##Type High
7AdPower HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9AE283A5-DF43-4C83-B6AA-7EBDBDB0204A} High
7AdPower HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9AE283A5-DF43-4C83-B6AA-7EBDBDB0204A}## High
7AdPower HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9AE283A5-DF43-4C83-B6AA-7EBDBDB0204A}\iexplore High
7AdPower HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9AE283A5-DF43-4C83-B6AA-7EBDBDB0204A}\iexplore## High
7AdPower HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9AE283A5-DF43-4C83-B6AA-7EBDBDB0204A}\iexplore##Blocked High
7AdPower HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9AE283A5-DF43-4C83-B6AA-7EBDBDB0204A}\iexplore##Count High
7AdPower HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9AE283A5-DF43-4C83-B6AA-7EBDBDB0204A}\iexplore##Time High
7AdPower HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9AE283A5-DF43-4C83-B6AA-7EBDBDB0204A}\iexplore##Type High
Backdoor.CIADoor.13 HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E14DCE67-8FB7-4721-8149-179BAA4D792C} High
Backdoor.CIADoor.13 HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E14DCE67-8FB7-4721-8149-179BAA4D792C}## High
Backdoor.CIADoor.13 HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E14DCE67-8FB7-4721-8149-179BAA4D792C}\iexplore High
Backdoor.CIADoor.13 HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E14DCE67-8FB7-4721-8149-179BAA4D792C}\iexplore## High
Backdoor.CIADoor.13 HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E14DCE67-8FB7-4721-8149-179BAA4D792C}\iexplore##Count High
Backdoor.CIADoor.13 HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E14DCE67-8FB7-4721-8149-179BAA4D792C}\iexplore##Time High
Backdoor.CIADoor.13 HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E14DCE67-8FB7-4721-8149-179BAA4D792C}\iexplore##Type High
Backdoor.CIADoor.13 HKCU\Software\VB and VBA Program Settings\set\set##set High
All In One Keylogger HKLM\Software\Classes\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A} High
All In One Keylogger HKLM\Software\Classes\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}## High
All In One Keylogger HKLM\Software\Classes\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\HCifsbeUcLsk High
All In One Keylogger HKLM\Software\Classes\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\HCifsbeUcLsk## High
All In One Keylogger HKLM\Software\Classes\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\Iebzvnj High
All In One Keylogger HKLM\Software\Classes\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\Iebzvnj## High
All In One Keylogger HKLM\Software\Classes\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\InprocServer32 High
All In One Keylogger HKLM\Software\Classes\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\InprocServer32## High
All In One Keylogger HKLM\Software\Classes\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\InprocServer32##ScriptBlockingInProcServer32 High
All In One Keylogger HKLM\Software\Classes\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\InprocServer32##ThreadingModel High
All In One Keylogger HKLM\Software\Classes\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\jfyUGta High
All In One Keylogger HKLM\Software\Classes\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\jfyUGta## High
All In One Keylogger HKLM\Software\Classes\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\pqcwTpfib High
All In One Keylogger HKLM\Software\Classes\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\pqcwTpfib## High
All In One Keylogger HKLM\Software\Classes\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\ProgID High
All In One Keylogger HKLM\Software\Classes\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\ProgID## High
All In One Keylogger HKLM\Software\Classes\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\uxbhfoza High
All In One Keylogger HKLM\Software\Classes\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\uxbhfoza## High
All In One Keylogger HKLM\Software\Classes\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\vRoMZahnum High
All In One Keylogger HKLM\Software\Classes\CLSID\{96745ECD-BFAD-E0AC-CE87-4BD61D9BFA5A}\vRoMZahnum## High
Backdoor.CIADoor.13 HKLM\Software\Classes\CLSID\{E14DCE67-8FB7-4721-8149-179BAA4D792C} High
Backdoor.CIADoor.13 HKLM\Software\Classes\CLSID\{E14DCE67-8FB7-4721-8149-179BAA4D792C}## High
Backdoor.CIADoor.13 HKLM\Software\Classes\CLSID\{E14DCE67-8FB7-4721-8149-179BAA4D792C}\InprocServer32 High
Backdoor.CIADoor.13 HKLM\Software\Classes\CLSID\{E14DCE67-8FB7-4721-8149-179BAA4D792C}\InprocServer32## High
Backdoor.CIADoor.13 HKLM\Software\Classes\CLSID\{E14DCE67-8FB7-4721-8149-179BAA4D792C}\InprocServer32##ThreadingModel High
Backdoor.CIADoor.13 HKLM\Software\Classes\CLSID\{E14DCE67-8FB7-4721-8149-179BAA4D792C}\ProgID High
Backdoor.CIADoor.13 HKLM\Software\Classes\CLSID\{E14DCE67-8FB7-4721-8149-179BAA4D792C}\ProgID## High
Backdoor.CIADoor.13 HKLM\Software\Classes\CLSID\{E14DCE67-8FB7-4721-8149-179BAA4D792C}\TypeLib High
Backdoor.CIADoor.13 HKLM\Software\Classes\CLSID\{E14DCE67-8FB7-4721-8149-179BAA4D792C}\TypeLib## High
Backdoor.CIADoor.13 HKLM\Software\Classes\CLSID\{E14DCE67-8FB7-4721-8149-179BAA4D792C}\VERSION High
Backdoor.CIADoor.13 HKLM\Software\Classes\CLSID\{E14DCE67-8FB7-4721-8149-179BAA4D792C}\VERSION## High
Trojan.Crypt.S HKLM\SOFTWARE\Classes\Interface\{0958C4C9-77B0-4AA8-9364-7886BFCA7E39} High
Trojan.Crypt.S HKLM\SOFTWARE\Classes\Interface\{0958C4C9-77B0-4AA8-9364-7886BFCA7E39}## High
Trojan.Crypt.S HKLM\SOFTWARE\Classes\Interface\{0958C4C9-77B0-4AA8-9364-7886BFCA7E39}\ProxyStubClsid High
Trojan.Crypt.S HKLM\SOFTWARE\Classes\Interface\{0958C4C9-77B0-4AA8-9364-7886BFCA7E39}\ProxyStubClsid## High
Trojan.Crypt.S HKLM\SOFTWARE\Classes\Interface\{0958C4C9-77B0-4AA8-9364-7886BFCA7E39}\ProxyStubClsid32 High
Trojan.Crypt.S HKLM\SOFTWARE\Classes\Interface\{0958C4C9-77B0-4AA8-9364-7886BFCA7E39}\ProxyStubClsid32## High
Trojan.Crypt.S HKLM\SOFTWARE\Classes\Interface\{0958C4C9-77B0-4AA8-9364-7886BFCA7E39}\TypeLib High
Trojan.Crypt.S HKLM\SOFTWARE\Classes\Interface\{0958C4C9-77B0-4AA8-9364-7886BFCA7E39}\TypeLib## High
Trojan.Crypt.S HKLM\SOFTWARE\Classes\Interface\{0958C4C9-77B0-4AA8-9364-7886BFCA7E39}\TypeLib##Version High
Trojan.Crypt.S HKLM\SOFTWARE\Classes\N.Cs4 High
Trojan.Crypt.S HKLM\SOFTWARE\Classes\N.Cs4## High
Trojan.Crypt.S HKLM\SOFTWARE\Classes\N.Cs4\Clsid High
Trojan.Crypt.S HKLM\SOFTWARE\Classes\N.Cs4\Clsid## High
Trojan.Crypt.S HKLM\SOFTWARE\Classes\TypeLib\{C9F1C5A0-F3D8-48E2-8B8C-3E86B4CAC7E3} High
Trojan.Crypt.S HKLM\SOFTWARE\Classes\TypeLib\{C9F1C5A0-F3D8-48E2-8B8C-3E86B4CAC7E3}## High
Trojan.Crypt.S HKLM\SOFTWARE\Classes\TypeLib\{C9F1C5A0-F3D8-48E2-8B8C-3E86B4CAC7E3}\3.0 High
Trojan.Crypt.S HKLM\SOFTWARE\Classes\TypeLib\{C9F1C5A0-F3D8-48E2-8B8C-3E86B4CAC7E3}\3.0## High
Trojan.Crypt.S HKLM\SOFTWARE\Classes\TypeLib\{C9F1C5A0-F3D8-48E2-8B8C-3E86B4CAC7E3}\3.0\0 High
Trojan.Crypt.S HKLM\SOFTWARE\Classes\TypeLib\{C9F1C5A0-F3D8-48E2-8B8C-3E86B4CAC7E3}\3.0\0## High
Trojan.Crypt.S HKLM\SOFTWARE\Classes\TypeLib\{C9F1C5A0-F3D8-48E2-8B8C-3E86B4CAC7E3}\3.0\0\win32 High
Trojan.Crypt.S HKLM\SOFTWARE\Classes\TypeLib\{C9F1C5A0-F3D8-48E2-8B8C-3E86B4CAC7E3}\3.0\0\win32## High
Trojan.Crypt.S HKLM\SOFTWARE\Classes\TypeLib\{C9F1C5A0-F3D8-48E2-8B8C-3E86B4CAC7E3}\3.0\FLAGS High
Trojan.Crypt.S HKLM\SOFTWARE\Classes\TypeLib\{C9F1C5A0-F3D8-48E2-8B8C-3E86B4CAC7E3}\3.0\FLAGS## High
Trojan.Crypt.S HKLM\SOFTWARE\Classes\TypeLib\{C9F1C5A0-F3D8-48E2-8B8C-3E86B4CAC7E3}\3.0\HELPDIR High
Trojan.Crypt.S HKLM\SOFTWARE\Classes\TypeLib\{C9F1C5A0-F3D8-48E2-8B8C-3E86B4CAC7E3}\3.0\HELPDIR## High

Other Sections:

GTO · Joined: 15 Nov 2005 Posts: 1519

Hi fatandy

As you can see, your system is still infected with viral parasites. Usually, reliable antivirus software eliminates these threats. However, your Norton Antivirus seems to be powerless. I highly recommend running online virus scan. Link here. You should also uninstall Norton Antivirus and get a better product. In my opinion, free programs such as avast! Antivirus or AVG Anti-virus Free Edition are much better than Norton.