Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Trojans an key logging should I just delete the affected area, please


  • Please log in to reply

#1
Danny1987

Danny1987

    New Member

  • Member
  • Pip
  • 3 posts
EDIT For: Is there any1 who can help me here it's been about 14 hours since my first post wich I was told was in the wrong forum section, and I wrote this over 6 hours ago an no response's. I'm sure you guys are busy but I'm a lil nervous since this has hit the second page with only 20 veiws an no response's. I apologize if I'm being impateint I know a little about computers but only enough to make my head hurt :) thankyou again and I hope this page wont be shuffled into oblivion no worries I will be back in a few hours it's almost 12PM here.



Ok Recently I've been getting randomly logged off my e-mail an my World of Warcraft account has been hacked twice. I'm guessing I have a key logger... fun. I did a few scans an I was able to resolve almost all of the found problems except for my last.

I used Symantic Security check an had a small list of problems, after cleaning up a bit I rescanned an got this.

C:\Windows\System32\net.net is infected with Trojan.Adclicker
C:\Users\Daniel\AppData\Local\VirtualStore\Windows\System32\net.net is infected with Trojan.Adclicker

I am able to follow either of the problems for a lil bit into my computer files. On the first I get as far as C:\Windows\System32 an then nothing, second I get to C:\Users\Daniel\AppData\Local an then nothing. [Aka No items match your search.] I can delete the whole file but I didn't know if that would cause problems or if this was a file require on my computer. There is another file C:\Windows\twain_32 if that has any relation to the problem.


I also Have SpyBot (Search an Destroy) On my computer. I did a scan there an fixed some more problems but I was left with 71 problems in my Registry.

--- Search result list ---
Zango: [SBI $EC65F658] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CntntCntr.CntntDic

Zango: [SBI $EC65F658] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CntntCntr.CntntDic.1

Zango: [SBI $EC65F658] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CntntCntr.CntntDic.1

Zango: [SBI $EC65F658] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CntntCntr.CntntDic

Zango: [SBI $F6958EFF] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CntntCntr.CntntDisp

Zango: [SBI $F6958EFF] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CntntCntr.CntntDisp.1

Zango: [SBI $F6958EFF] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CntntCntr.CntntDisp.1

Zango: [SBI $F6958EFF] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CntntCntr.CntntDisp

Zango: [SBI $D6578954] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Toolbar.HtmlMenuUI

Zango: [SBI $D6578954] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Toolbar.HtmlMenuUI.1

Zango: [SBI $D6578954] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Toolbar.HtmlMenuUI.1

Zango: [SBI $D6578954] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Toolbar.HtmlMenuUI

Zango: [SBI $97CF1A76] Settings (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\HostOL.MailAnim

Zango.WeatherDPA: [SBI $5306C64A] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WeatherDPA.WeatherController

Zango.WeatherDPA: [SBI $5306C64A] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WeatherDPA.WeatherController.1

Zango.WeatherDPA: [SBI $5306C64A] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WeatherDPA.WeatherController.1

Zango.WeatherDPA: [SBI $5306C64A] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WeatherDPA.WeatherController

Hotbar: [SBI $39AE85A0] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\HbCoreSrv.DynamicProp

Hotbar: [SBI $39AE85A0] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\HbCoreSrv.DynamicProp.1

Hotbar: [SBI $39AE85A0] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\HbCoreSrv.DynamicProp.1

Hotbar: [SBI $39AE85A0] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\HbCoreSrv.DynamicProp

Hotbar: [SBI $B62869CA] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wallpaper.WallpaperManager

Hotbar: [SBI $B62869CA] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wallpaper.WallpaperManager.1

Hotbar: [SBI $B62869CA] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wallpaper.WallpaperManager.1

Hotbar: [SBI $B62869CA] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wallpaper.WallpaperManager

Zango: [SBI $188DD5F3] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CoreSrv.CoreServices

Zango: [SBI $188DD5F3] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CoreSrv.CoreServices.1

Zango: [SBI $188DD5F3] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CoreSrv.CoreServices.1

Zango: [SBI $188DD5F3] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CoreSrv.CoreServices

Zango: [SBI $C44935D5] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CoreSrv.LfgAx

Zango: [SBI $C44935D5] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CoreSrv.LfgAx.1

Zango: [SBI $C44935D5] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CoreSrv.LfgAx.1

Zango: [SBI $C44935D5] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CoreSrv.LfgAx

Zango: [SBI $0B31E420] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\HostOL.MailAnim

Zango: [SBI $0B31E420] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\HostOL.MailAnim.1

Zango: [SBI $0B31E420] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\HostOL.MailAnim.1

Zango: [SBI $0B31E420] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\HostOL.MailAnim

Zango: [SBI $29DEC567] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\hbr.HbMain

Zango: [SBI $29DEC567] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\hbr.HbMain.1

Zango: [SBI $29DEC567] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\hbr.HbMain.1

Zango: [SBI $29DEC567] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\hbr.HbMain

Zango: [SBI $65E97118] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Srv.CoreServices

Zango: [SBI $65E97118] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Srv.CoreServices.1

Zango: [SBI $65E97118] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Srv.CoreServices.1

Zango: [SBI $65E97118] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Srv.CoreServices

Zango: [SBI $804BA76C] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Toolbar.ToolbarCtl

Zango: [SBI $804BA76C] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Toolbar.ToolbarCtl.1

Zango: [SBI $804BA76C] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Toolbar.ToolbarCtl.1

Zango: [SBI $804BA76C] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Toolbar.ToolbarCtl

Zango: [SBI $AF46ABDC] Settings (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\HostOL.MailAnim

Zango: [SBI $5251BB5B] Interface (Registry value, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\[email protected]

Zango: [SBI $F7DB92E5] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\HostOL.WebmailSend

Zango: [SBI $F7DB92E5] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\HostOL.WebmailSend.1

Zango: [SBI $F7DB92E5] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\HostOL.WebmailSend.1

Zango: [SBI $F7DB92E5] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\HostOL.WebmailSend

Zango: [SBI $4133524C] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\HostIE.Bho

Zango: [SBI $4133524C] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\HostIE.Bho.1

Zango: [SBI $4133524C] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\HostIE.Bho.1

Zango: [SBI $4133524C] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\HostIE.Bho

Zango: [SBI $95FFC26D] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ZangoAX.ClientDetector

Zango: [SBI $95FFC26D] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ZangoAX.ClientDetector.1

Zango: [SBI $95FFC26D] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ZangoAX.ClientDetector.1

Zango: [SBI $95FFC26D] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ZangoAX.ClientDetector

Zango: [SBI $B6761D1D] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\HBMain.CommBand

Zango: [SBI $B6761D1D] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\HBMain.CommBand.1

Zango: [SBI $B6761D1D] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\HBMain.CommBand.1

Zango: [SBI $B6761D1D] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\HBMain.CommBand

Zango: [SBI $5A6A2BC5] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ZangoAX.UserProfiles

Zango: [SBI $5A6A2BC5] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ZangoAX.UserProfiles.1

Zango: [SBI $5A6A2BC5] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ZangoAX.UserProfiles.1

Zango: [SBI $5A6A2BC5] Root class (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ZangoAX.UserProfiles


--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---

2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SDWinSec.exe (1.0.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-01-26 TeaTimer.exe (1.6.4.26)
2010-06-22 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-01-26 advcheck.dll (1.6.2.15)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2010-06-16 Includes\Adware.sbi (*)
2010-06-16 Includes\AdwareC.sbi (*)
2010-01-25 Includes\Cookies.sbi (*)
2009-11-03 Includes\Dialer.sbi (*)
2010-06-15 Includes\DialerC.sbi (*)
2010-01-25 Includes\HeavyDuty.sbi (*)
2009-05-26 Includes\Hijackers.sbi (*)
2010-06-15 Includes\HijackersC.sbi (*)
2010-06-02 Includes\iPhone.sbi (*)
2010-01-20 Includes\Keyloggers.sbi (*)
2010-06-15 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2010-06-01 Includes\Malware.sbi (*)
2010-06-15 Includes\MalwareC.sbi (*)
2010-05-18 Includes\PUPS.sbi (*)
2010-06-15 Includes\PUPSC.sbi (*)
2010-01-25 Includes\Revision.sbi (*)
2009-01-13 Includes\Security.sbi (*)
2010-06-15 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2010-06-16 Includes\Spyware.sbi (*)
2010-06-16 Includes\SpywareC.sbi (*)
2010-03-08 Includes\Tracks.uti
2010-06-01 Includes\Trojans.sbi (*)
2010-06-08 Includes\TrojansC-02.sbi (*)
2010-06-15 Includes\TrojansC-03.sbi (*)
2010-06-15 Includes\TrojansC-04.sbi (*)
2010-06-15 Includes\TrojansC-05.sbi (*)
2010-06-08 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll



--- System information ---
Windows Vista (Build: 6001) Service Pack 1 (6.0.6001)


Now I tried to have Spybot Fix thease but I get the message

[ This action may not be performed completely since you are not an adminisrator. If you want to perform this for all users, please run this application elevated as an administrator.]

Now that message struck me as odd because this is my personal Laptop, with only 2 user's one that I set up but have never used for guest's. There should be no reason for this profile not to have administrative power unless it is something that I need to manually turn on (I honestly do not know). I can Delete the guest profile if that would help, or I can go into the actual Registry Editor and Delete those files. Spybot gives me the option to see the corrupted/maleware files location but I was worried that in deleteing them from my registry that I might get rid of something that the computer needs to run. Sorry I know this is a large post but I'm in need of some advice. If at all possible please let me know if I can just delete the files in question C:\Windows\System32 an the Registry Keys. Thankyou for takeing the time to read this and I hope some1 understands what I wrote I tend to be confuseing. :)

EDIT For - Just checked my UAC [User Account Control] Is active, so I should be able to delete those files on spybot but I still cannot.

Edited by Danny1987, 22 June 2010 - 09:46 PM.

  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP