Scan History Details Start Date: 23/02/2008 06:38:20 End Date: 23/02/2008 07:16:55 Total Time: 38 Min 35 Sec Detected security risks Slagent/Navipromo Adware (General) more information... Details: Slagent/Navipromo runs without user notification after initial installation and can download and execute arbitrary files on the computer. Slagent/Navipromo contacts a Web site for advertisement purposes. Status: Quarantined Files detected C:\WINDOWS\system32\nvs2.inf Trojan.FakeAlert Trojan more information... Details: Trojan.FakeAlert consists of files that cause false warnings of spyware on the computer. Usually the alerts are displayed in a balloon type pop-up from an icon in the system tray. Status: Quarantined Processes detected C:\WINDOWS\system32\wbchha.dll Registry entries detected HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{EE9F7CF5-CD49-4CD8-8BA6-1514E7A5C22C} Trojan-Downloader.Zlob.Media-Codec Trojan Downloader more information... Details: Trojan-Downloader.Zlob.Media-Codec is a program that typically purports to be a needed upgrade to Windows Media Player in order to view adult oriented videos on certain websites. However, Trojan-Downloader.Zlob.Media-Codec actually downloads and installs additional malware on the user's machine. Status: Quarantined Files detected C:\PROGRAM FILES\NETPROJECT\uninst.exe C:\PROGRAM FILES\NETPROJECT Trojan.DNSChanger Trojan more information... Status: Quarantined Files detected C:\PROGRAM FILES\SEARCHPORN\Uninstall.exe C:\PROGRAM FILES\SEARCHPORN VirusProtectPro Rogue Security Program more information... Details: VirusProtectPro is a rogue security program known for scaremongering, high-pressure advertising practices. Status: Quarantined Files detected C:\Program Files\VirusHeat 4.3\blacklist.txt Trojan.NewMediaCodec Trojan Downloader more information... Details: Trojan.NewMediaCodec is a program that typically purports to be a needed upgrade to Windows Media Player in order to view adult oriented videos on certain websites. However, Trojan.NewMediaCodec actually downloads and installs additional malware on the user's machine. Status: Quarantined Files detected C:\WINDOWS\rs.txt Registry entries detected HKEY_LOCAL_MACHINE\Software\Classes\MSVPS.MSVPSAPP HKEY_LOCAL_MACHINE\Software\Classes\MSVPS.MSVPSAPP HKEY_LOCAL_MACHINE\Software\Classes\MSVPS.MSVPSAPP\CLSID HKEY_LOCAL_MACHINE\Software\Classes\MSVPS.MSVPSAPP\CLSID HKEY_LOCAL_MACHINE\Software\Classes\MSVPS.MSVPSAPP\CurVer HKEY_LOCAL_MACHINE\Software\Classes\MSVPS.MSVPSAPP\CurVer HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WEBVIDEO HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WEBVIDEO HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WEBVIDEO Adware.BHO.gen Adware (General) more information... Status: Quarantined Files detected c:\program files\Sotfone\1203768605.dll Cookie: Tracking Cookies Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\documents and settings\malekal_morte\cookies\malekal_morte@0[2].txt c:\documents and settings\malekal_morte\cookies\malekal_morte@0[3].txt Trojan-Dropper.Agent.JK Trojan Downloader more information... Status: Quarantined Files detected C:\RECYCLER\S-1-5-21-1214440339-1454471165-682003330-1003\Dc3.exe VirusHeat Rogue Security Program more information... Details: VirusHeat is a rogue security program known for scaremongering, high-pressure advertising practices. Status: Quarantined Files detected C:\Documents and Settings\Malekal_morte\Local Settings\Temp\laf4.exe C:\DOCUMENTS AND SETTINGS\MALEKAL_MORTE\START MENU\Programs\VIRUSHEAT 4.3\Uninstall VirusHeat 4.3.lnk C:\DOCUMENTS AND SETTINGS\MALEKAL_MORTE\START MENU\Programs\VIRUSHEAT 4.3\VirusHeat 4.3 Website.lnk C:\DOCUMENTS AND SETTINGS\MALEKAL_MORTE\START MENU\Programs\VIRUSHEAT 4.3\VirusHeat 4.3.lnk C:\Documents and Settings\Malekal_morte\Start Menu\VirusHeat 4.3.lnk C:\Program Files\Helper\1203768602.dll C:\PROGRAM FILES\VIRUSHEAT 4.3\blacklist.txt C:\PROGRAM FILES\VIRUSHEAT 4.3\ignored.lst C:\PROGRAM FILES\VIRUSHEAT 4.3\Lang\English.ini C:\PROGRAM FILES\VIRUSHEAT 4.3\uninst.exe C:\PROGRAM FILES\VIRUSHEAT 4.3\vht.dat c:\program files\virusheat 4.3\virusheat 4.3.exe C:\PROGRAM FILES\VIRUSHEAT 4.3\VirusHeat 4.3.url C:\PROGRAM FILES\VIRUSHEAT 4.3\vpp.ini C:\DOCUMENTS AND SETTINGS\MALEKAL_MORTE\START MENU\PROGRAMS\VIRUSHEAT 4.3 C:\PROGRAM FILES\VIRUSHEAT 4.3 C:\PROGRAM FILES\VIRUSHEAT 4.3\LANG C:\PROGRAM FILES\VIRUSHEAT 4.3\LOGS C:\PROGRAM FILES\VIRUSHEAT 4.3\QUARANTINE Registry entries detected HKEY_LOCAL_MACHINE\Software\Classes\TYPELIB\{E63648F7-3933-440E-B4F6-A8584DD7B7EB} HKEY_LOCAL_MACHINE\Software\Classes\TYPELIB\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}\1.0 HKEY_LOCAL_MACHINE\Software\Classes\TYPELIB\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}\1.0 HKEY_LOCAL_MACHINE\Software\Classes\TYPELIB\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}\1.0\0 HKEY_LOCAL_MACHINE\Software\Classes\TYPELIB\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}\1.0\0\win32 HKEY_LOCAL_MACHINE\Software\Classes\TYPELIB\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}\1.0\0\win32 HKEY_LOCAL_MACHINE\Software\Classes\TYPELIB\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}\1.0\FLAGS HKEY_LOCAL_MACHINE\Software\Classes\TYPELIB\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}\1.0\FLAGS HKEY_LOCAL_MACHINE\Software\Classes\TYPELIB\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}\1.0\HELPDIR HKEY_LOCAL_MACHINE\Software\Classes\TYPELIB\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}\1.0\HELPDIR HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN Trojan-Downloader.Tiny.aio Trojan Downloader more information... Status: Quarantined Files detected C:\WINDOWS\system32\netsrv.dll