Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer slow and freezing


  • Please log in to reply
13 replies to this topic

#1 gentry12

gentry12

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:09 PM

Posted 21 December 2014 - 12:04 AM

In the late afternoon on 12/20/2014, I clicked on a link for a survey from SurveySavvy.  All of a sudden, my computer was frozen  and Norton Internet security messages kept popping up saying that it blocked several malware items.  My computer has continued to barely function, and I can't run a virus scan.  I have to shut down the computer manually.  I believe that that my computer is infected with a virus of some sort.  Please help me with the problem.

 

I am running Windows 7 home premium 64 bit version

 

thanks



BC AdBot (Login to Remove)

 


#2 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 21 December 2014 - 04:18 AM

Hello there     :welcome:
 
Welcome to Bleeping Computer, I'm LighthouseParty. Let's run a couple of scans to see what could be causing this.
 
:step1: Please download MiniToolBox to your desktop

  • Double click MiniToolBox.
  • Select the following and then press go.
  • Post the log in your next reply.

Flush DNS
Reset IE Proxy Settings
Reset FF Proxy Settings
List Installed Programs
List Restore Points
 
:step2: Please download Malwarebytes Anti-Malware to your desktop

  • Double click mbam-setup-x.x.x.xxxx and follow the on-screen instructions.
  • On the dashboard, click update now.
  • After that, click scan now - the scan will now begin.
  • When the scan's completed, select apply actions - make sure the action is quarantine.
  • Restart your computer.

How to get the log.

  • On the dashboard, select the history tab and click application logs.
  • Select the log which has the time and date of when you did the scan.
  • Click copy to clipboard and paste it into your reply.

:step3: Please download Security Check to your desktop

  • Double click SecurityCheck and follow the on-screen instructions.
  • A log should open, called checkup.txt.
  • Please post the contents of it in your next reply.

:step4: Non-malware removal steps
 
Run System File Checker - http://support.microsoft.com/KB/929833
Run Disk Check - http://support.microsoft.com/kb/2641432
Run Disk Cleanup - http://windows.microsoft.com/en-gb/windows/delete-files-using-disk-cleanup

Thanks and good luck!



#3 gentry12

gentry12
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  

Posted 21 December 2014 - 01:35 PM

I had to perform the tasks in safe mode.  The computer is very slow and freezes.  Below please see the logs.

 

MiniToolBox:

 

MiniToolBox by Farbar  Version: 30-11-2014
Ran by Mike (administrator) on 21-12-2014 at 10:47:04
Running from "C:\Users\Mike\Desktop\Mike's Virus Removal Tools"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Network
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

=========================== Installed Programs ============================
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9130 - Adobe Systems Inc.) Hidden
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
ArcadeParlor (HKCU\...\{B74443DB-5A88-4583-860A-F0D06EF399E3}) (Version:  - ArcadeParlor)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blio (HKLM-x32\...\{504CC891-B140-4E1B-860B-5E4C1DFBA9E3}) (Version: 2.0.5350 - K-NFB Reading Technology, Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
Brother HL-5240 (HKLM-x32\...\{FA7E4481-57C2-49E1-86F1-C82237703D9C}) (Version: 1.00 - Brother)
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Converter Free Online version 9.17 (HKLM-x32\...\Converter Free Online_is1) (Version: 9.17 - Converter Free Online)
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.2) (Version: 5.0.0.2 - Coupons.com Incorporated)
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3210 - CyberLink Corp.)
CyberLink DVD Suite Deluxe (x32 Version: 7.0.3210 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Desktop Temperature Monitor (HKCU\...\Desktop Temperature Monitor) (Version: 1.26.2.0 - System Alerts LLC)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.2.4412 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard) Hidden
eMusic Download Manager 4.1.4 (HKLM-x32\...\eMusic Download Manager) (Version: 4.1.4 - eMusic, Inc.)
Escape Rosecliff Island (x32 Version: 2.2.0.95 - WildTangent) Hidden
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
GeniusBox 2.0 (HKLM-x32\...\GeniusBox) (Version: 2.0 - GeniusBox 2.0)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Heroes of Hellas 2 - Olympia (x32 Version: 2.2.0.95 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Auto (Version: 1.0.12494.3472 - Hewlett-Packard Company) Hidden
HP Client Services (Version: 1.0.12656.3472 - Hewlett-Packard) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Game Console (x32 Version:  - WildTangent) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.5 - WildTangent)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.2.4725 - Hewlett-Packard)
HP MediaSmart DVD (x32 Version: 4.2.4725 - Hewlett-Packard) Hidden
HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.2.4517 - Hewlett-Packard)
HP MediaSmart Music (x32 Version: 4.2.4517 - Hewlett-Packard) Hidden
HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.2.4513 - Hewlett-Packard)
HP MediaSmart Photo (x32 Version: 4.2.4513 - Hewlett-Packard) Hidden
HP MediaSmart SmartMenu (HKLM\...\{A40F60B1-F1E1-452E-96A5-FF97F9A2D102}) (Version: 3.1.2.4 - Hewlett-Packard)
HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.2.4522 - Hewlett-Packard)
HP MediaSmart Video (x32 Version: 4.2.4522 - Hewlett-Packard) Hidden
HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{2EA3D6B2-157E-4112-A3AB-BF17E16661C3}) (Version: 1.0.4.0 - Hewlett-Packard)
HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0.2 - Hewlett-Packard)
HP MovieStore (x32 Version: 1.0.027 - Hewlett-Packard) Hidden
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{53469506-A37E-4314-A9D9-38724EC23A75}) (Version: 8.4.4400.3525 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.0.12844.3519 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.1.6.0 - Hewlett-Packard)
Hulu Desktop (HKCU\...\HuluDesktop) (Version: 0.9.14 - Hulu LLC)
Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2119 - Intel Corporation)
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kobo (HKLM-x32\...\Kobo) (Version: 1.6 - Kobo Inc.)
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3130 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.3130 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{FD7F0DB8-0E96-4D64-AD4D-9B5A936AF2A8}) (Version: 1.18.20.1 - LightScribe)
Malwarebytes Anti-Malware version 1.70.0.1100 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.70.0.1100 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Corporation (Version: 9.0.30729.1 - Microsoft Corporation) Hidden
Microsoft Corporation (x32 Version: 9.0.30729.1 - Microsoft Corporation) Hidden
Microsoft Default Manager (x32 Version: 2.2.114.0 - Microsoft Corporation) Hidden
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (Version: 2.3.188.0 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.) Hidden
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.2.4412 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden
Norton Security Suite (HKLM-x32\...\N360) (Version: 21.6.0.32 - Symantec Corporation)
PC Optimizer Pro (HKLM\...\PC Optimizer Pro) (Version: 7.1.0.7 - Xportsoft Technologies)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.9 - PDF Complete, Inc)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.7717 - CyberLink Corp.) Hidden
PictureMover (HKLM-x32\...\{264FE20A-757B-492a-B0C3-4009E2997D8A}) (Version: 3.5.0.33 - Hewlett-Packard Company)
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4329 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4329 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3129 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.3129 - CyberLink Corp.) Hidden
PressReader (HKLM-x32\...\{912CED74-88D3-4C5B-ACB0-13231864975E}) (Version: 5.10.1102.0 -  NewspaperDirect Inc.)
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version:  - Ralink)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6196 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.3219 - CyberLink Corp.) Hidden
RoxioNow Player (HKLM-x32\...\{0EDEB615-1A60-425E-8306-0E10519C7B55}) (Version: 1.9.5.101 - RoxioNow)
Skype Toolbars (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.3.7555 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.18.9.4384 - Enigma Software Group, LLC)
StormWatch (HKCU\...\StormWatch) (Version: 1.0.1.36 - StormWatch)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1014 - SUPERAntiSpyware.com)
Virtual Families (x32 Version: 2.2.0.95 - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Web Bar 2.0.5343.21616 (HKCU\...\{0BCE8B0A-1E76-44E5-9909-3CF804D92E4D}_is1) (Version: 2.0.5343.21616 - Web Bar Media)
Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - Yahoo! Inc.)
Zinio Reader 4 (HKLM-x32\...\ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1) (Version: 4.0.3184 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.0.3184 - Zinio LLC) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
========================= Restore Points ==================================

12-11-2014 14:50:40 Windows Update
19-11-2014 16:28:26 Windows Update
10-12-2014 22:02:02 Windows Update
12-12-2014 14:17:46 Windows Update
18-12-2014 15:00:26 Windows Update

**** End of log ****

 

 

Malwarebytes

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 12/21/2014
Scan Time: 10:51:27 AM
Logfile:
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2014.12.21.03
Rootkit Database: v2014.12.14.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Mike

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 329986
Time Elapsed: 32 min, 28 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 29
PUP.Optional.DesktopTemperature.A, C:\Users\Mike\AppData\Local\DesktopTemperature\Y9VcSK.dll, Delete-on-Reboot, [ea8d174efe7eaf87fdfb4a1b20e36799],
PUP.Optional.DesktopTemperature.A, C:\Users\Mike\AppData\Local\DesktopTemperature\Y9VcSK.dll, Delete-on-Reboot, [ea8d174efe7eaf87fdfb4a1b20e36799],
PUP.Optional.DesktopTemperature.A, C:\Users\Mike\AppData\Local\DesktopTemperature\Y9VcSK.dll, Delete-on-Reboot, [ea8d174efe7eaf87fdfb4a1b20e36799],
PUP.Optional.DesktopTemperature.A, C:\Users\Mike\AppData\Local\DesktopTemperature\Y9VcSK.dll, Delete-on-Reboot, [ea8d174efe7eaf87fdfb4a1b20e36799],
PUP.Optional.DesktopTemperature.A, C:\Users\Mike\AppData\Local\DesktopTemperature\Y9VcSK.dll, Delete-on-Reboot, [ea8d174efe7eaf87fdfb4a1b20e36799],
PUP.Optional.DesktopTemperature.A, C:\Users\Mike\AppData\Local\DesktopTemperature\Y9VcSK.dll, Delete-on-Reboot, [ea8d174efe7eaf87fdfb4a1b20e36799],
PUP.Optional.DesktopTemperature.A, C:\Users\Mike\AppData\Local\DesktopTemperature\Y9VcSK.dll, Delete-on-Reboot, [ea8d174efe7eaf87fdfb4a1b20e36799],
PUP.Optional.DesktopTemperature.A, C:\Users\Mike\AppData\Local\DesktopTemperature\Y9VcSK.dll, Delete-on-Reboot, [ea8d174efe7eaf87fdfb4a1b20e36799],
PUP.Optional.DesktopTemperature.A, C:\Users\Mike\AppData\Local\DesktopTemperature\Y9VcSK.dll, Delete-on-Reboot, [ea8d174efe7eaf87fdfb4a1b20e36799],
PUP.Optional.DesktopTemperature.A, C:\Users\Mike\AppData\Local\DesktopTemperature\Y9VcSK.dll, Delete-on-Reboot, [ea8d174efe7eaf87fdfb4a1b20e36799],
PUP.Optional.DesktopTemperature.A, C:\Users\Mike\AppData\Local\DesktopTemperature\Y9VcSK.dll, Delete-on-Reboot, [ea8d174efe7eaf87fdfb4a1b20e36799],
PUP.Optional.DesktopTemperature.A, C:\Users\Mike\AppData\Local\DesktopTemperature\Y9VcSK.dll, Delete-on-Reboot, [ea8d174efe7eaf87fdfb4a1b20e36799],
PUP.Optional.DesktopTemperature.A, C:\Users\Mike\AppData\Local\DesktopTemperature\Y9VcSK.dll, Delete-on-Reboot, [ea8d174efe7eaf87fdfb4a1b20e36799],
PUP.Optional.DesktopTemperature.A, C:\Users\Mike\AppData\Local\DesktopTemperature\Y9VcSK.dll, Delete-on-Reboot, [ea8d174efe7eaf87fdfb4a1b20e36799],
PUP.Optional.DesktopTemperature.A, C:\Users\Mike\AppData\Local\DesktopTemperature\Y9VcSK.dll, Delete-on-Reboot, [ea8d174efe7eaf87fdfb4a1b20e36799],
PUP.Optional.DesktopTemperature.A, C:\Users\Mike\AppData\Local\DesktopTemperature\Y9VcSK.dll, Delete-on-Reboot, [ea8d174efe7eaf87fdfb4a1b20e36799],
PUP.Optional.DesktopTemperature.A, C:\Users\Mike\AppData\Local\DesktopTemperature\Y9VcSK.dll, Delete-on-Reboot, [ea8d174efe7eaf87fdfb4a1b20e36799],
PUP.Optional.DesktopTemperature.A, C:\Users\Mike\AppData\Local\DesktopTemperature\Y9VcSK.dll, Delete-on-Reboot, [ea8d174efe7eaf87fdfb4a1b20e36799],
PUP.Optional.DesktopTemperature.A, C:\Users\Mike\AppData\Local\DesktopTemperature\Y9VcSK.dll, Delete-on-Reboot, [ea8d174efe7eaf87fdfb4a1b20e36799],
PUP.Optional.DesktopTemperature.A, C:\Users\Mike\AppData\Local\DesktopTemperature\Y9VcSK.dll, Delete-on-Reboot, [ea8d174efe7eaf87fdfb4a1b20e36799],
PUP.Optional.DesktopTemperature.A, C:\Users\Mike\AppData\Local\DesktopTemperature\Y9VcSK.dll, Delete-on-Reboot, [ea8d174efe7eaf87fdfb4a1b20e36799],
PUP.Optional.DesktopTemperature.A, C:\Users\Mike\AppData\Local\DesktopTemperature\Y9VcSK.dll, Delete-on-Reboot, [ea8d174efe7eaf87fdfb4a1b20e36799],
PUP.Optional.DesktopTemperature.A, C:\Users\Mike\AppData\Local\DesktopTemperature\Y9VcSK.dll, Delete-on-Reboot, [ea8d174efe7eaf87fdfb4a1b20e36799],
PUP.Optional.DesktopTemperature.A, C:\Users\Mike\AppData\Local\DesktopTemperature\Y9VcSK.dll, Delete-on-Reboot, [ea8d174efe7eaf87fdfb4a1b20e36799],
PUP.Optional.DesktopTemperature.A, C:\Users\Mike\AppData\Local\DesktopTemperature\Y9VcSK.dll, Delete-on-Reboot, [ea8d174efe7eaf87fdfb4a1b20e36799],
PUP.Optional.DesktopTemperature.A, C:\Users\Mike\AppData\Local\DesktopTemperature\Y9VcSK.dll, Delete-on-Reboot, [ea8d174efe7eaf87fdfb4a1b20e36799],
PUP.Optional.DesktopTemperature.A, C:\Users\Mike\AppData\Local\DesktopTemperature\Y9VcSK.dll, Delete-on-Reboot, [ea8d174efe7eaf87fdfb4a1b20e36799],
PUP.Optional.DesktopTemperature.A, C:\Users\Mike\AppData\Local\DesktopTemperature\Y9VcSK.dll, Delete-on-Reboot, [ea8d174efe7eaf87fdfb4a1b20e36799],
PUP.Optional.DesktopTemperature.A, C:\Users\Mike\AppData\Local\DesktopTemperature\Y9VcSK.dll, Delete-on-Reboot, [ea8d174efe7eaf87fdfb4a1b20e36799],

Registry Keys: 24
PUP.Optional.StormWatch.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SWUpdater, Quarantined, [482fe87da7d525110faeef049c65c739],
PUP.Optional.ConverterFreeOnline.A, HKLM\SOFTWARE\CLASSES\CLSID\{C37441D1-E3E2-4733-BA49-FB8C35629E5B}, Quarantined, [f58279ecdaa29a9cfc77834f659d32ce],
PUP.Optional.ConverterFreeOnline.A, HKLM\SOFTWARE\CLASSES\CLSID\{C37441D1-E3E2-4733-BA49-FB8C35629E5B}\INPROCSERVER32, Quarantined, [f58279ecdaa29a9cfc77834f659d32ce],
PUP.Optional.ConverterFreeOnline.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C37441D1-E3E2-4733-BA49-FB8C35629E5B}, Quarantined, [f58279ecdaa29a9cfc77834f659d32ce],
PUP.Optional.ConverterFreeOnline.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{2AD5F48E-F9B7-4FC9-8D9A-1133B5ECFD78}, Quarantined, [f58279ecdaa29a9cfc77834f659d32ce],
PUP.Optional.ConverterFreeOnline.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{CB8E1EBB-E3BE-4200-A344-FA4811766653}, Quarantined, [f58279ecdaa29a9cfc77834f659d32ce],
PUP.Optional.ConverterFreeOnline.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{CB8E1EBB-E3BE-4200-A344-FA4811766653}, Quarantined, [f58279ecdaa29a9cfc77834f659d32ce],
PUP.Optional.ConverterFreeOnline.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{2AD5F48E-F9B7-4FC9-8D9A-1133B5ECFD78}, Quarantined, [f58279ecdaa29a9cfc77834f659d32ce],
PUP.Optional.ConverterFreeOnline.A, HKLM\SOFTWARE\CLASSES\ConverterFreeOnline.1, Quarantined, [f58279ecdaa29a9cfc77834f659d32ce],
PUP.Optional.ConverterFreeOnline.A, HKLM\SOFTWARE\CLASSES\ConverterFreeOnline, Quarantined, [f58279ecdaa29a9cfc77834f659d32ce],
PUP.Optional.ConverterFreeOnline.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConverterFreeOnline, Quarantined, [f58279ecdaa29a9cfc77834f659d32ce],
PUP.Optional.ConverterFreeOnline.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{C37441D1-E3E2-4733-BA49-FB8C35629E5B}, Quarantined, [f58279ecdaa29a9cfc77834f659d32ce],
PUP.Optional.ConverterFreeOnline.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{C37441D1-E3E2-4733-BA49-FB8C35629E5B}, Quarantined, [f58279ecdaa29a9cfc77834f659d32ce],
PUP.Optional.ConverterFreeOnline.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConverterFreeOnline.1, Quarantined, [f58279ecdaa29a9cfc77834f659d32ce],
PUP.Optional.StormWatch.A, HKU\S-1-5-21-3318316492-2814308488-2573699570-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\StormWatch, Quarantined, [b5c235306d0f102607ae35202ad63dc3],
PUP.Optional.DesktopTemperature.A, HKU\S-1-5-21-3318316492-2814308488-2573699570-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Desktop Temperature Monitor, Quarantined, [c1b6b3b284f846f0e950f7d4ea172fd1],
PUP.Optional.ConverterFreeOnline.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ConverterFreeOnlineUpdt, Quarantined, [cea9abbac9b3a1956ceb8b4bf212fd03],
PUP.Optional.ConverterFreeOnline.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Converter Free Online_is1, Quarantined, [cea9abbac9b3a1956ceb8b4bf212fd03],
PUP.Optional.ConverterFreeOnline.A, HKLM\SOFTWARE\WOW6432NODE\Converter Free Online, Quarantined, [86f1e4815c201a1c92c6bb1b7d8753ad],
PUP.Optional.InstallBrain.A, HKLM\SOFTWARE\WOW6432NODE\InstallIQ, Quarantined, [50272b3ae19bc1755b28385be2214db3],
PUP.Optional.ConverterFreeOnline.A, HKLM\SOFTWARE\WOW6432NODE\ZUPDATER\ConverterFreeOnlineUpdt.exe, Quarantined, [9add570e7b0163d3d189b620976ddd23],
PUP.Optional.StormWatchApp.A, HKU\S-1-5-21-3318316492-2814308488-2573699570-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\StormWatchApp, Quarantined, [14631f4653293501176c4f11669dff01],
PUP.Optional.DesktopTemperature.A, HKU\S-1-5-21-3318316492-2814308488-2573699570-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\DesktopTemperature.exe, Quarantined, [ef88a8bd4537c86edab456048d76f10f],
PUP.Optional.ArcadeParlor.A, HKU\S-1-5-21-3318316492-2814308488-2573699570-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{B74443DB-5A88-4583-860A-F0D06EF399E3}, Quarantined, [afc8362f522acb6be15865bee91a926e],

Registry Values: 2
PUP.Optional.ConverterFreeOnline.A, HKU\S-1-5-21-3318316492-2814308488-2573699570-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|CFO, C:\Program Files (x86)\Converter Free Online\Taskbar.exe, Quarantined, [cea9abbac9b3a1956ceb8b4bf212fd03]
PUP.Optional.StormWatch.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SWUPDATER|ImagePath, C:\Program Files (x86)\StormWatch\SWUpdaterSvc.exe, Quarantined, [c7b0a7be81fbda5c598271e7eb18de22]

Registry Data: 0
(No malicious items detected)

Folders: 13
PUP.Optional.StormWatch.A, C:\Program Files (x86)\StormWatch, Quarantined, [beb9c79e90ec79bd5785352392719070],
PUP.Optional.DesktopTemperature.A, C:\Users\Mike\AppData\Local\DesktopTemperature, Delete-on-Reboot, [ea8d174efe7eaf87fdfb4a1b20e36799],
PUP.Optional.DesktopTemperature.A, C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Temperature, Quarantined, [b7c055100d6ffb3bda1ff86d22e1817f],
PUP.Optional.StormWatch.A, C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StormWatch, Quarantined, [9added782e4e0e28d28e864e0103758b],
PUP.Optional.ConverterFreeOnline.A, C:\Program Files (x86)\Converter Free Online, Quarantined, [cea9abbac9b3a1956ceb8b4bf212fd03],
PUP.Optional.ConverterFreeOnline.A, C:\Program Files (x86)\Converter Free Online\extension@Converter_Free_Online.com, Quarantined, [cea9abbac9b3a1956ceb8b4bf212fd03],
PUP.Optional.ConverterFreeOnline.A, C:\Program Files (x86)\Converter Free Online\extension@Converter_Free_Online.com\content, Quarantined, [cea9abbac9b3a1956ceb8b4bf212fd03],
PUP.Optional.ConverterFreeOnline.A, C:\Program Files (x86)\Converter Free Online\extension@Converter_Free_Online.com\defaults, Quarantined, [cea9abbac9b3a1956ceb8b4bf212fd03],
PUP.Optional.ConverterFreeOnline.A, C:\Program Files (x86)\Converter Free Online\extension@Converter_Free_Online.com\defaults\preferences, Quarantined, [cea9abbac9b3a1956ceb8b4bf212fd03],
PUP.Optional.ArcadeParlor.A, C:\Users\Mike\AppData\Local\ArcadeParlor, Quarantined, [afc8362f522acb6be15865bee91a926e],
PUP.Optional.SystemAlerts.A, C:\Users\Mike\AppData\Local\System_Alerts_LLC, Quarantined, [7700412497e5ac8a5699291fd82bc33d],
PUP.Optional.SystemAlerts.A, C:\Users\Mike\AppData\Local\System_Alerts_LLC\DesktopTemperature.exe_Url_n2bu5tooy3nnxdb2cb302abtziy1j4qq, Quarantined, [7700412497e5ac8a5699291fd82bc33d],
PUP.Optional.SystemAlerts.A, C:\Users\Mike\AppData\Local\System_Alerts_LLC\DesktopTemperature.exe_Url_n2bu5tooy3nnxdb2cb302abtziy1j4qq\1.24.0.0, Quarantined, [7700412497e5ac8a5699291fd82bc33d],

Files: 46
PUP.Optional.StormWatch.A, C:\Program Files (x86)\StormWatch\SWUpdaterSvc.exe, Quarantined, [482fe87da7d525110faeef049c65c739],
PUP.Optional.ConverterFreeOnline.A, C:\Program Files (x86)\Converter Free Online\ConverterFreeOnline_x64.dll, Quarantined, [f58279ecdaa29a9cfc77834f659d32ce],
PUP.Optional.ConverterFreeOnline.A, C:\Program Files (x86)\Converter Free Online\ConverterFreeOnline.dll, Quarantined, [f58279ecdaa29a9cfc77834f659d32ce],
PUP.Optional.StormWatch.A, C:\Program Files (x86)\StormWatch\StormWatch.exe, Quarantined, [185f3b2a403c5bdbb500a3b211ef1be5],
PUP.Optional.StormWatch.A, C:\Program Files (x86)\StormWatch\StormWatchApp.exe, Quarantined, [7cfb85e068144beb397c2e275ea204fc],
PUP.Optional.StormWatch.A, C:\Program Files (x86)\StormWatch\StormWatchappuninstall.exe, Quarantined, [b5c235306d0f102607ae35202ad63dc3],
PUP.Optional.SafeInstall.A, C:\$RECYCLE.BIN\S-1-5-21-3318316492-2814308488-2573699570-1001\$RDXVXY6.exe, Quarantined, [393ea0c50c70f83e8d2387e3669b9769],
PUP.Optional.SafeInstall.A, C:\$RECYCLE.BIN\S-1-5-21-3318316492-2814308488-2573699570-1001\$R3SLUH0.exe, Quarantined, [33446104ed8f8da9cce4412969980bf5],
PUP.Optional.DesktopTemperature.A, C:\Users\Mike\AppData\Local\DesktopTemperature\uninstall.exe, Quarantined, [c1b6b3b284f846f0e950f7d4ea172fd1],
PUP.Optional.StormWatch.A, C:\Program Files (x86)\StormWatch\SWUpdaterSvc.exe.config, Quarantined, [beb9c79e90ec79bd5785352392719070],
PUP.Optional.StormWatch.A, C:\Program Files (x86)\StormWatch\ICSharpCode.SharpZipLib.dll, Quarantined, [beb9c79e90ec79bd5785352392719070],
PUP.Optional.StormWatch.A, C:\Program Files (x86)\StormWatch\StormWatch.exe.config, Quarantined, [beb9c79e90ec79bd5785352392719070],
PUP.Optional.StormWatch.A, C:\Program Files (x86)\StormWatch\uninstall.exe, Quarantined, [beb9c79e90ec79bd5785352392719070],
PUP.Optional.StormWatch.A, C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormWatch.lnk, Quarantined, [5522244178042c0abe03adb435ce32ce],
PUP.Optional.DesktopTemperature.A, C:\Users\Mike\AppData\Local\DesktopTemperature\DTUpdater.exe.config, Quarantined, [ea8d174efe7eaf87fdfb4a1b20e36799],
PUP.Optional.DesktopTemperature.A, C:\Users\Mike\AppData\Local\DesktopTemperature\DesktopTemperature.exe, Quarantined, [ea8d174efe7eaf87fdfb4a1b20e36799],
PUP.Optional.DesktopTemperature.A, C:\Users\Mike\AppData\Local\DesktopTemperature\DesktopTemperature.exe.config, Quarantined, [ea8d174efe7eaf87fdfb4a1b20e36799],
PUP.Optional.DesktopTemperature.A, C:\Users\Mike\AppData\Local\DesktopTemperature\dtm.ico, Quarantined, [ea8d174efe7eaf87fdfb4a1b20e36799],
PUP.Optional.DesktopTemperature.A, C:\Users\Mike\AppData\Local\DesktopTemperature\DTUpdater.exe, Quarantined, [ea8d174efe7eaf87fdfb4a1b20e36799],
PUP.Optional.DesktopTemperature.A, C:\Users\Mike\AppData\Local\DesktopTemperature\ICSharpCode.SharpZipLib.dll, Quarantined, [ea8d174efe7eaf87fdfb4a1b20e36799],
PUP.Optional.DesktopTemperature.A, C:\Users\Mike\AppData\Local\DesktopTemperature\install.log, Quarantined, [ea8d174efe7eaf87fdfb4a1b20e36799],
PUP.Optional.DesktopTemperature.A, C:\Users\Mike\AppData\Local\DesktopTemperature\WxStations.exe, Quarantined, [ea8d174efe7eaf87fdfb4a1b20e36799],
PUP.Optional.DesktopTemperature.A, C:\Users\Mike\AppData\Local\DesktopTemperature\Y9VcSK.dll, Delete-on-Reboot, [ea8d174efe7eaf87fdfb4a1b20e36799],
PUP.Optional.DesktopTemperature.A, C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Temperature\Desktop Temperature Monitor.lnk, Quarantined, [b7c055100d6ffb3bda1ff86d22e1817f],
PUP.Optional.DesktopTemperature.A, C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Desktop Temperature Monitor.lnk, Quarantined, [4b2c5510d4a8003615e584e1f70c40c0],
Rogue.Link, C:\Users\Mike\Favorites\Free Porn Pics and Sex Pictures in Galleries.url, Quarantined, [2a4d90d54b31c373dcddb7191ee5aa56],
Rogue.Link, C:\Users\Mike\Favorites\Free Porn Pictures  qporno.com.url, Quarantined, [c4b375f095e7fb3b18a1438d00036a96],
Rogue.Link, C:\Users\Mike\Favorites\Free Porn Videos - Kind Porn Tube.url, Quarantined, [d6a1c79e621a6bcb368316ba9271837d],
PUP.Optional.ArcadeParlor.A, C:\Windows\Tasks\ArcadeParlor.job, Quarantined, [87f08fd6c6b615213b0b8b39689ca35d],
PUP.Optional.StormWatch.A, C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormWatchApp.lnk, Quarantined, [33447fe67efe47ef401f8450e3216b95],
PUP.Optional.StormWatch.A, C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StormWatch\Uninstall StormWatch.lnk, Quarantined, [9added782e4e0e28d28e864e0103758b],
PUP.Optional.StormWatch.A, C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StormWatch\StormWatch.lnk, Quarantined, [9added782e4e0e28d28e864e0103758b],
PUP.Optional.ConverterFreeOnline.A, C:\Program Files (x86)\Converter Free Online\unins000.dat, Quarantined, [cea9abbac9b3a1956ceb8b4bf212fd03],
PUP.Optional.ConverterFreeOnline.A, C:\Program Files (x86)\Converter Free Online\ConverterFreeOnlineUpdt.exe, Quarantined, [cea9abbac9b3a1956ceb8b4bf212fd03],
PUP.Optional.ConverterFreeOnline.A, C:\Program Files (x86)\Converter Free Online\install.ico, Quarantined, [cea9abbac9b3a1956ceb8b4bf212fd03],
PUP.Optional.ConverterFreeOnline.A, C:\Program Files (x86)\Converter Free Online\Taskbar.exe, Quarantined, [cea9abbac9b3a1956ceb8b4bf212fd03],
PUP.Optional.ConverterFreeOnline.A, C:\Program Files (x86)\Converter Free Online\unins000.exe, Quarantined, [cea9abbac9b3a1956ceb8b4bf212fd03],
PUP.Optional.ConverterFreeOnline.A, C:\Program Files (x86)\Converter Free Online\extension@Converter_Free_Online.com\chrome.manifest, Quarantined, [cea9abbac9b3a1956ceb8b4bf212fd03],
PUP.Optional.ConverterFreeOnline.A, C:\Program Files (x86)\Converter Free Online\extension@Converter_Free_Online.com\install.rdf, Quarantined, [cea9abbac9b3a1956ceb8b4bf212fd03],
PUP.Optional.ConverterFreeOnline.A, C:\Program Files (x86)\Converter Free Online\extension@Converter_Free_Online.com\content\browserOverlay.js, Quarantined, [cea9abbac9b3a1956ceb8b4bf212fd03],
PUP.Optional.ConverterFreeOnline.A, C:\Program Files (x86)\Converter Free Online\extension@Converter_Free_Online.com\content\browserOverlay.xul, Quarantined, [cea9abbac9b3a1956ceb8b4bf212fd03],
PUP.Optional.ConverterFreeOnline.A, C:\Program Files (x86)\Converter Free Online\extension@Converter_Free_Online.com\defaults\preferences\defaults.js, Quarantined, [cea9abbac9b3a1956ceb8b4bf212fd03],
PUP.Optional.ArcadeParlor.A, C:\Users\Mike\AppData\Local\ArcadeParlor\ap.config, Quarantined, [afc8362f522acb6be15865bee91a926e],
PUP.Optional.ArcadeParlor.A, C:\Users\Mike\AppData\Local\ArcadeParlor\removal.exe, Quarantined, [afc8362f522acb6be15865bee91a926e],
PUP.Optional.ArcadeParlor.A, C:\Users\Mike\AppData\Local\ArcadeParlor\versioncheck.exe, Quarantined, [afc8362f522acb6be15865bee91a926e],
PUP.Optional.SystemAlerts.A, C:\Users\Mike\AppData\Local\System_Alerts_LLC\DesktopTemperature.exe_Url_n2bu5tooy3nnxdb2cb302abtziy1j4qq\1.24.0.0\user.config, Quarantined, [7700412497e5ac8a5699291fd82bc33d],

Physical Sectors: 0
(No malicious items detected)

(end)

 

 

Also

Malwarebytes Anti-Malware
www.malwarebytes.org

Update, 12/21/2014 10:50:50 AM, SYSTEM, MIKE-HP, Manual, Remediation Database, 2013.10.16.1, 2014.12.6.1,
Update, 12/21/2014 10:50:50 AM, SYSTEM, MIKE-HP, Manual, Rootkit Database, 2014.11.18.1, 2014.12.14.1,
Update, 12/21/2014 10:50:53 AM, SYSTEM, MIKE-HP, Manual, Malware Database, 2014.11.20.6, 2014.12.21.3,
Scan, 12/21/2014 11:27:27 AM, SYSTEM, MIKE-HP, Manual, Start:12/21/2014 10:51:27 AM, Duration:32 min 28 sec, Threat Scan, Completed, 3 Malware Detections, 111 Non-Malware Detections,

(end)

 

 

Security Check

 

 Results of screen317's Security Check version 0.99.93 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
 Windows Security Center service is not running! This report may not be accurate!
 Windows Firewall Enabled! 
Norton Security Suite  
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 SpyHunter 4   
 Google Chrome (39.0.2171.71)
 Google Chrome (39.0.2171.95)
````````Process Check: objlist.exe by Laurent```````` 
 Mike Desktop Mike's Virus Removal Tools SecurityCheck.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````
 

 

 



#4 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 21 December 2014 - 01:49 PM

Hello there,

:step1: Please uninstall some programs
 
There's currently some programs on your PC that we need to remove, for the time-being at least. Press the Windows + R key on your keyboard and type in appwiz.cpl and press enter. Navigate to each of the following below one-by-one and click uninstall:

  • Yahoo! Toolbar
  • StormWatch
  • SpyHunter 4
  • PC Optimizer Pro
  • GeniusBox 2.0
  • Converter Free Online version 9.17

If any programs listed above aren't in Programs and Features, you can just skip them.

:step2: Enable Windows Security Centre

  • Click Start, type services.msc in the Start Search box, and press Enter.
  • In the Services console, double-click the service called Security Center.
  • Change the Startup Type to Automatic and click Start under Service status.

:step3: Please download rKill to your desktop

  • Double click it (Win 7, 8 and Vista users, right-click and select run as admin)
  • The tool will run and then a log file should open.
  • Please post the contents of it in your next reply.

Please don't restart your computer before running the next step.

:step4: Please download AdwCleaner to your desktop

  • Double click adwcleaner_x.xxx.exe. (Win 7, 8 and Vista users, right-click and select run as admin)
  • If prompted, click I agree.
  • Click scan. When it's finished, select clean.
  • Allow AdwCleaner to restart your computer.
  • Once your computer's restarted, a log should appear.
  • Please post this in your next reply.

:step5: Please download Junkware Removal Tool to your desktop

  • Double click JRT.exe. (Win 7, 8 and Vista users, right-click and select run as admin)
  • Press any key and the scan will begin.
  • At the end, a log will open. Please post this in your next reply.

:step6: Please visit the ESET Online Scanner webpage
:exclame: Internet Explorer MUST be used for this step.  :exclame:

  • Click the checkbox next to 'Yes, I accept the Terms of Use' and click start.
  • Select the checkboxes which are displayed in the picture below.

jqnp8z.png

  • Press start and the scan will now begin - this scan will take a long time.
  • When the scand finished, select list threats and then export.
  • Choose a name for the log (e.g ESET) and click save (to your desktop)
  • Press the back button and then click finish. Please include the contents of the log in your reply.

Edited by LighthouseParty, 21 December 2014 - 01:49 PM.


#5 gentry12

gentry12
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:09 PM

Posted 21 December 2014 - 05:36 PM

I did not find StormWatch and Converter Free Online version 9.17, but was able to uninstall the other three programs.  I ran JavaRa. It did not appear to find anything, but I could be wrong.  I don't think that I ever had Java on my computer.  ESET Online Scanner would not run in either standard or safe mode (both using Internet Explorer 11).  However, my computer is running much better now.  Below please find the logs for the scans. 

 

rkill log

 

Rkill 2.6.9 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 12/21/2014 04:15:41 PM in x64 mode. (Safe Mode)
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Windows Defender Disabled

   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

 * COM+ Event System (EventSystem) is not Running.
   Startup Type set to: Automatic

 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Manual

 * Security Center (wscsvc) is not Running.
   Startup Type set to: Automatic

 * Windows Update (wuauserv) is not Running.
   Startup Type set to: Automatic (Delayed Start)

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * No issues found.

Program finished at: 12/21/2014 04:24:04 PM
Execution time: 0 hours(s), 8 minute(s), and 22 seconds(s)

 

 

AdwCleaner

 

# AdwCleaner v4.106 - Report created 21/12/2014 at 16:28:33
# Updated 21/12/2014 by Xplode
# Database : 2014-12-21.4 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Mike - MIKE-HP
# Running from : C:\Users\Mike\Desktop\Mike's Virus Removal Tools2\adwcleaner_4.106.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
File Deleted : C:\Users\Public\Desktop\eBay.lnk
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ggebenakhmhfdkmkemdmllecchcldgec
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eefhnbpnnaaokmclnihgajdnlgljajjg
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Key Deleted : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A85A5E6A-DE2C-4F4E-99DC-F469DF5A0EEC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A85A5E6A-DE2C-4F4E-99DC-F469DF5A0EEC}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EC29EDF6-AD3C-4E1C-A087-D6CB81400C43}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EC29EDF6-AD3C-4E1C-A087-D6CB81400C43}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\pc optimizer pro
Key Deleted : HKCU\Software\DesktopTemperature
Key Deleted : HKLM\SOFTWARE\StormWatch
Key Deleted : HKLM\SOFTWARE\{F2E9660B-98AF-42c0-8258-9CDDF07BF95D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Coupon Printer for Windows5.0.0.2
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\bravosweet.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\doctango.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mywebgrocer.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\onlysweeties.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\softonic.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\sweetcaramelgirls.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\sweetteengirls.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\sweetteenholes.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\teensweetpussy.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\viewpointforum.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\viewpoints.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.ask.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.bravosweet.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.onlysweeties.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.sweetcaramelgirls.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.viewpointforum.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.viewpoints.com

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496

-\\ Google Chrome v39.0.2171.95

[C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

*************************

AdwCleaner[R0].txt - [6412 octets] - [21/12/2014 16:26:32]
AdwCleaner[S0].txt - [5948 octets] - [21/12/2014 16:28:33]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6008 octets] ##########

 

 

JRT

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 7 Home Premium x64
Ran by Mike on Sun 12/21/2014 at 16:51:11.06
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

 

~~~ Files

 

~~~ Folders

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 12/21/2014 at 16:59:32.30
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#6 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 21 December 2014 - 05:48 PM

Can you confirm what happened when you tried to run ESET?



#7 gentry12

gentry12
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  

Posted 21 December 2014 - 07:36 PM

After checking the box to accept the terms and clicking on start, I get an empty white pop-up box with the message:  "An add-on for this website failed to run".  Also, I noticed that I have a search box running the entire length of the top of my desktop and above internet explorer, when it is open.  It looks like a general web search  field (with the choice of internet explorer or google chrome) with three icons (Facebook, Wikipedia and Youtube) on the extreme right.  I never had this before.



#8 gentry12

gentry12
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:09 PM

Posted 28 December 2014 - 09:59 PM

I was able to get Norton Security working again.  I ran a scan that found Poweliks.  However, I'm not sure if it completely removed it .  I then tried the Norton Poweliks Removal Tool which apparently did not find anything.  Afterwards, I ran another Norton Virus scan which found nothing too.  Finally, I was able to run ESET. The malware had altered my internet explorer security settings preventing downloads.  Once the defaults were enabled, I could download again.    Please find the results of the scans below (except the last Norton Virus scan which found nothing).  The computer seems to be running normally now.  Are there any other scans or Poweliks removal tools that I should run to make sure my computer is clean?  thanks

 

First Norton Virus Scan

 

Scan Information:
  Virus Defs Version: 2014.12.24.033
  Virus Defs Seq ID: 160064

Scan Statistics:
  Scan Start:
   Local: 12/25/2014 5:00 PM
   UTC: 12/25/2014 10:00 PM
  Scan Time: 7,131 seconds
  Scan Targets: Entire computer
  Counts:
   Total items scanned: 723,478
   - Files & Directories: 720,293
   - Registry Entries: 765
   - Processes & Start-up Items: 1,498
   - Network & Browser Items: 918
   - Other: 4
   - Trusted Files: 0
   - Skipped Files: 0

   Total security risks detected: 67
   Total items resolved: 67
   Total items that require attention: 0

Resolved Threats:
18 Tracking Cookies
 Type: Anomaly
 Risk: Low (Low Stealth, Low Removal, Low Performance, Low Privacy) 
 Categories: Tracking Cookies
 Status: Fully Resolved
 -----------
 18 Tracking Cookies
Cookie:mike@dotomi.com/ - Deleted
Cookie:mike@casalemedia.com/ - Deleted
Cookie:mike@questionmarket.com/ - Deleted
Cookie:mike@bs.serving-sys.com/BurstingPipe/ - Deleted
Cookie:mike@pixel.rubiconproject.com/ - Deleted
Cookie:mike@at.atwola.com/ - Deleted
Cookie:mike@doubleclick.net/ - Deleted
Cookie:mike@smartadserver.com/ - Deleted
Cookie:mike@ru4.com/ - Deleted
Cookie:mike@tribalfusion.com/ - Deleted
Cookie:mike@mediaplex.com/ - Deleted
Cookie:mike@tap.rubiconproject.com/ - Deleted
Cookie:mike@fastclick.net/ - Deleted
Cookie:mike@advertising.com/ - Deleted
Cookie:mike@rubiconproject.com/ - Deleted
Cookie:mike@quantserve.com/ - Deleted
Cookie:mike@insightexpressai.com/ - Deleted
 - Deleted

Trojan.Poweliks!gm
 Type: Anomaly
 Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
 Categories: Virus
 Status: Partially Resolved
 -----------
 35 Registry Entries
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
1 File
c:\windows\syswow64\00000362.tmp - Deleted
1 Browser Cache

 

Trojan.Poweliks!gm
 Type: Anomaly
 Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
 Categories: Virus
 Status: Partially Resolved
 -----------
 35 Registry Entries
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
1 File
c:\windows\syswow64\00000550.tmp - Deleted
1 Browser Cache

 

Trojan.Poweliks!gm
 Type: Anomaly
 Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
 Categories: Virus
 Status: Partially Resolved
 -----------
 35 Registry Entries
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
1 File
c:\windows\syswow64\00000782.tmp - Deleted
1 Browser Cache

 

Trojan.Poweliks!gm
 Type: Anomaly
 Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
 Categories: Virus
 Status: Partially Resolved
 -----------
 35 Registry Entries
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
1 File
c:\windows\syswow64\00002386.tmp - Deleted
1 Browser Cache

 

Trojan.Poweliks!gm
 Type: Anomaly
 Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
 Categories: Virus
 Status: Partially Resolved
 -----------
 35 Registry Entries
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
1 File
c:\windows\syswow64\00003265.tmp - Deleted
1 Browser Cache

 

Trojan.Poweliks!gm
 Type: Anomaly
 Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
 Categories: Virus
 Status: Partially Resolved
 -----------
 35 Registry Entries
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
1 File
c:\windows\syswow64\00003655.tmp - Deleted
1 Browser Cache

 

Trojan.Poweliks!gm
 Type: Anomaly
 Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
 Categories: Virus
 Status: Partially Resolved
 -----------
 35 Registry Entries
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
1 File
c:\windows\syswow64\00005704.tmp - Deleted
1 Browser Cache

 

Trojan.Poweliks!gm
 Type: Anomaly
 Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
 Categories: Virus
 Status: Partially Resolved
 -----------
 35 Registry Entries
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
1 File
c:\windows\syswow64\00006042.tmp - Deleted
1 Browser Cache

 

Trojan.Poweliks!gm
 Type: Anomaly
 Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
 Categories: Virus
 Status: Partially Resolved
 -----------
 35 Registry Entries
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
1 File
c:\windows\syswow64\00006217.tmp - Deleted
1 Browser Cache

 

Trojan.Poweliks!gm
 Type: Anomaly
 Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
 Categories: Virus
 Status: Partially Resolved
 -----------
 35 Registry Entries
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
1 File
c:\windows\syswow64\00013478.tmp - Deleted
1 Browser Cache

 

Trojan.Poweliks!gm
 Type: Anomaly
 Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
 Categories: Virus
 Status: Partially Resolved
 -----------
 35 Registry Entries
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
1 File
c:\windows\syswow64\00022747.tmp - Deleted
1 Browser Cache

 

Trojan.Poweliks!gm
 Type: Anomaly
 Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
 Categories: Virus
 Status: Partially Resolved
 -----------
 35 Registry Entries
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
1 File
c:\windows\syswow64\00031774.tmp - Deleted
1 Browser Cache

 

Trojan.Poweliks!gm
 Type: Anomaly
 Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
 Categories: Virus
 Status: Partially Resolved
 -----------
 35 Registry Entries
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
1 File
c:\windows\syswow64\00023644.tmp - Deleted
1 Browser Cache

 

Trojan.Poweliks!gm
 Type: Anomaly
 Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
 Categories: Virus
 Status: Partially Resolved
 -----------
 35 Registry Entries
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
1 File
c:\windows\syswow64\00023922.tmp - Deleted
1 Browser Cache

 

Trojan.Poweliks!gm
 Type: Anomaly
 Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
 Categories: Virus
 Status: Partially Resolved
 -----------
 35 Registry Entries
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
1 File
c:\windows\syswow64\00024012.tmp - Deleted
1 Browser Cache

 

Trojan.Poweliks!gm
 Type: Anomaly
 Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
 Categories: Virus
 Status: Partially Resolved
 -----------
 35 Registry Entries
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
1 File
c:\windows\syswow64\00025513.tmp - Deleted
1 Browser Cache

 

Trojan.Poweliks!gm
 Type: Anomaly
 Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
 Categories: Virus
 Status: Partially Resolved
 -----------
 35 Registry Entries
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
1 File
c:\windows\syswow64\00027026.tmp - Deleted
1 Browser Cache

 

Trojan.Poweliks!gm
 Type: Anomaly
 Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
 Categories: Virus
 Status: Partially Resolved
 -----------
 35 Registry Entries
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
1 File
c:\windows\syswow64\00029154.tmp - Deleted
1 Browser Cache

 

Trojan.Poweliks!gm
 Type: Anomaly
 Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
 Categories: Virus
 Status: Partially Resolved
 -----------
 35 Registry Entries
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
1 File
c:\windows\syswow64\00030074.tmp - Deleted
1 Browser Cache

 

Trojan.Poweliks!gm
 Type: Anomaly
 Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
 Categories: Virus
 Status: Partially Resolved
 -----------
 35 Registry Entries
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
1 File
c:\windows\syswow64\00031133.tmp - Deleted
1 Browser Cache

 

Trojan.Poweliks!gm
 Type: Anomaly
 Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
 Categories: Virus
 Status: Partially Resolved
 -----------
 35 Registry Entries
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
1 File
c:\windows\syswow64\00013647.tmp - Deleted
1 Browser Cache

 

Trojan.Poweliks!gm
 Type: Anomaly
 Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
 Categories: Virus
 Status: Partially Resolved
 -----------
 35 Registry Entries
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
1 File
c:\windows\syswow64\00013962.tmp - Deleted
1 Browser Cache

 

Trojan.Poweliks!gm
 Type: Anomaly
 Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
 Categories: Virus
 Status: Partially Resolved
 -----------
 35 Registry Entries
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
1 File
c:\windows\syswow64\00014391.tmp - Deleted
1 Browser Cache

 

Trojan.Poweliks!gm
 Type: Anomaly
 Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
 Categories: Virus
 Status: Partially Resolved
 -----------
 35 Registry Entries
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
1 File
c:\windows\syswow64\00014624.tmp - Deleted
1 Browser Cache

 

Trojan.Poweliks!gm
 Type: Anomaly
 Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
 Categories: Virus
 Status: Partially Resolved
 -----------
 35 Registry Entries
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
1 File
c:\windows\syswow64\00015504.tmp - Deleted
1 Browser Cache

 

Trojan.Poweliks!gm
 Type: Anomaly
 Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
 Categories: Virus
 Status: Partially Resolved
 -----------
 35 Registry Entries
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
1 File
c:\windows\syswow64\00015575.tmp - Deleted
1 Browser Cache

 

Trojan.Poweliks!gm
 Type: Anomaly
 Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
 Categories: Virus
 Status: Partially Resolved
 -----------
 35 Registry Entries
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
1 File
c:\windows\syswow64\00016263.tmp - Deleted
1 Browser Cache

 

Trojan.Poweliks!gm
 Type: Anomaly
 Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
 Categories: Virus
 Status: Partially Resolved
 -----------
 35 Registry Entries
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
1 File
c:\windows\syswow64\00017631.tmp - Deleted
1 Browser Cache

 

Trojan.Poweliks!gm
 Type: Anomaly
 Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
 Categories: Virus
 Status: Partially Resolved
 -----------
 35 Registry Entries
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
1 File
c:\windows\syswow64\00019154.tmp - Deleted
1 Browser Cache

 

Trojan.Poweliks!gm
 Type: Anomaly
 Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
 Categories: Virus
 Status: Partially Resolved
 -----------
 35 Registry Entries
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
1 File
c:\windows\syswow64\00019642.tmp - Deleted
1 Browser Cache

 

Trojan.Poweliks!gm
 Type: Anomaly
 Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
 Categories: Virus
 Status: Partially Resolved
 -----------
 35 Registry Entries
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
1 File
c:\windows\syswow64\00019768.tmp - Deleted
1 Browser Cache

 

Trojan.Poweliks!gm
 Type: Anomaly
 Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
 Categories: Virus
 Status: Partially Resolved
 -----------
 35 Registry Entries
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
1 File
c:\windows\syswow64\00019787.tmp - Deleted
1 Browser Cache

 

 

Continued Below


Edited by gentry12, 29 December 2014 - 03:19 PM.


#9 gentry12

gentry12
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  

Posted 28 December 2014 - 10:01 PM

Norton Virus Scan Continued

 

Trojan.Poweliks!gm
 Type: Anomaly
 Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
 Categories: Virus
 Status: Partially Resolved
 -----------
 35 Registry Entries
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
1 File
c:\windows\syswow64\00020630.tmp - Deleted
1 Browser Cache

 

Trojan.Poweliks!gm
 Type: Anomaly
 Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
 Categories: Virus
 Status: Partially Resolved
 -----------
 35 Registry Entries
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
1 File
c:\windows\syswow64\00020702.tmp - Deleted
1 Browser Cache

 

Trojan.Poweliks!gm
 Type: Anomaly
 Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
 Categories: Virus
 Status: Partially Resolved
 -----------
 35 Registry Entries
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
1 File
c:\windows\syswow64\00021457.tmp - Deleted
1 Browser Cache

 

Trojan.Poweliks!gm
 Type: Anomaly
 Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
 Categories: Virus
 Status: Partially Resolved
 -----------
 35 Registry Entries
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
1 File
c:\windows\syswow64\00021778.tmp - Deleted
1 Browser Cache

 

Trojan.Poweliks!gm
 Type: Anomaly
 Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
 Categories: Virus
 Status: Partially Resolved
 -----------
 35 Registry Entries
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
1 File
c:\windows\syswow64\00022529.tmp - Deleted
1 Browser Cache

 

Trojan.Poweliks!gm
 Type: Anomaly
 Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
 Categories: Virus
 Status: Partially Resolved
 -----------
 35 Registry Entries
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
1 File
c:\windows\syswow64\00007731.tmp - Deleted
1 Browser Cache

 

Trojan.Poweliks!gm
 Type: Anomaly
 Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
 Categories: Virus
 Status: Partially Resolved
 -----------
 35 Registry Entries
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
1 File
c:\windows\syswow64\00007931.tmp - Deleted
1 Browser Cache

 

Trojan.Poweliks!gm
 Type: Anomaly
 Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
 Categories: Virus
 Status: Partially Resolved
 -----------
 35 Registry Entries
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
1 File
c:\windows\syswow64\00008080.tmp - Deleted
1 Browser Cache

 

Trojan.Poweliks!gm
 Type: Anomaly
 Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
 Categories: Virus
 Status: Partially Resolved
 -----------
 35 Registry Entries
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
1 File
c:\windows\syswow64\00008601.tmp - Deleted
1 Browser Cache

 

Trojan.Poweliks!gm
 Type: Anomaly
 Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
 Categories: Virus
 Status: Partially Resolved
 -----------
 35 Registry Entries
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
1 File
c:\windows\syswow64\00009561.tmp - Deleted
1 Browser Cache

 

Trojan.Poweliks!gm
 Type: Anomaly
 Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
 Categories: Virus
 Status: Partially Resolved
 -----------
 35 Registry Entries
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
1 File
c:\windows\syswow64\00010439.tmp - Deleted
1 Browser Cache

 

Trojan.Poweliks!gm
 Type: Anomaly
 Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
 Categories: Virus
 Status: Partially Resolved
 -----------
 35 Registry Entries
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
1 File
c:\windows\syswow64\00010924.tmp - Deleted
1 Browser Cache

 

Trojan.Poweliks!gm
 Type: Anomaly
 Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
 Categories: Virus
 Status: Partially Resolved
 -----------
 35 Registry Entries
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
1 File
c:\windows\syswow64\00011329.tmp - Deleted
1 Browser Cache

 

Trojan.Poweliks!gm
 Type: Anomaly
 Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
 Categories: Virus
 Status: Partially Resolved
 -----------
 35 Registry Entries
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
1 File
c:\windows\syswow64\00011433.tmp - Deleted
1 Browser Cache

 

Trojan.Poweliks!gm
 Type: Anomaly
 Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
 Categories: Virus
 Status: Partially Resolved
 -----------
 35 Registry Entries
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
1 File
c:\windows\syswow64\00011499.tmp - Deleted
1 Browser Cache

 

Trojan.Poweliks!gm
 Type: Anomaly
 Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
 Categories: Virus
 Status: Partially Resolved
 -----------
 35 Registry Entries
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
1 File
c:\windows\syswow64\00012604.tmp - Deleted
1 Browser Cache

 

Trojan.Poweliks!gm
 Type: Anomaly
 Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
 Categories: Virus
 Status: Partially Resolved
 -----------
 35 Registry Entries
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32->a - Delete Failed
HKEY_USERS\S-1-5-19\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-20\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\S-1-5-21-3318316492-2814308488-2573699570-1001\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_USERS\.DEFAULT\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\localserver32 - Failed
1 File
c:\windows\syswow64\00031846.tmp - Deleted
1 Browser Cache

 

 

Unresolved Threats:
No unresolved risks

 

 

Norton Poweliks Removal Tool

 

Trojan.Poweliks has not been found on the system

 

 

ESET Scan

 

C:\Users\Mike\Documents\Downloaded Applications\Emusic Download Manager\emusic_setup_bundle.exe a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantined


Edited by gentry12, 29 December 2014 - 03:20 PM.


#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:09 PM

Posted 29 December 2014 - 09:01 PM

Hello, I'd like to continue here.

Please download aswMBR ( 4.5MB ) to your desktop.
  • Double click the aswMBR.exe icon, and click Run.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Click the Scan button to start the scan.
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.
And finally...
>>>>
Empty your temp folders using TFC (Temporary File Cleaner)
  • Please download TFC by Old Timer and save it to your desktop.
    alternate download link
  • Save any unsaved work. (TFC will close ALL open programs including your browser!)
  • Double-click on TFC.exe to run it. (If you are using Vista or above, right-click on the file and choose "Run As Administrator".)
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway allowing Windows to load normally (not into Safe Mode) to ensure a complete clean.
How is it now?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 gentry12

gentry12
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:09 PM

Posted 30 December 2014 - 01:02 PM

The computer appears to be working well.  The results of the Avast scan are below.

 

aswMBR version 1.0.1.2252 Copyright© 2014 AVAST Software
Run date: 2014-12-29 21:05:41
-----------------------------
21:05:41.062    OS Version: Windows x64 6.1.7601 Service Pack 1
21:05:41.062    Number of processors: 2 586 0x170A
21:05:41.062    ComputerName: MIKE-HP  UserName: Mike
21:05:43.464    Initialize success
21:05:43.979    VM: initialized successfully
21:05:43.979    VM: Intel CPU BiosDisabled
21:06:52.843    AVAST engine defs: 14122901
21:07:15.261    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2
21:07:15.261    Disk 0 Vendor: Hitachi_HDS721010CLA332 JP4OA3GH Size: 953869MB BusType: 3
21:07:15.385    Disk 0 MBR read successfully
21:07:15.385    Disk 0 MBR scan
21:07:15.385    Disk 0 unknown MBR code
21:07:15.401    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
21:07:15.401    Disk 0 default boot code
21:07:15.417    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       940696 MB offset 206848
21:07:15.463    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS        13071 MB offset 1926752256
21:07:15.510    Disk 0 scanning C:\Windows\system32\drivers
21:07:27.725    Service scanning
21:07:30.127    Service BHDrvx64 C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20141209.001\BHDrvx64.sys **LOCKED** 5
21:07:32.561    Service eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys **LOCKED** 5
21:07:32.998    Service EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys **LOCKED** 5
21:07:35.899    Service IDSVia64 C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20141226.001\IDSvia64.sys **LOCKED** 5
21:07:39.628    Service NAVENG C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20141228.022\ENG64.SYS **LOCKED** 5
21:07:39.768    Service NAVEX15 C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20141228.022\EX64.SYS **LOCKED** 5
21:07:52.763    Modules scanning
21:07:52.763    Disk 0 trace - called modules:
21:07:52.779    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS intelide.sys PCIIDEX.SYS hal.dll atapi.sys
21:07:52.794    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004bf7480]
21:07:52.794    3 CLASSPNP.SYS[fffff880011c943f] -> nt!IofCallDriver -> [0xfffffa8004abc520]
21:07:52.810    5 ACPI.sys[fffff88000f527a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-2[0xfffffa800472c060]
21:07:55.072    AVAST engine scan C:\
08:03:59.592    Disk 0 statistics 33583290/0/0 @ 0.45 MB/s
08:03:59.685    Scan finished successfully
08:20:10.124    Disk 0 MBR has been saved successfully to "C:\Users\Mike\Desktop\Mike's Virus Removal Tools4\MBR.dat"
08:20:10.296    The log file has been saved successfully to "C:\Users\Mike\Desktop\Mike's Virus Removal Tools4\aswMBR.txt"

 



#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:09 PM

Posted 30 December 2014 - 02:10 PM

Looks good.. .. Let's remove the tools.

bwebb7v.jpgDownload Delfix from here and save it to your desktop.
  • Ensure Remove disinfection tools is checked.
  • Also place a checkmark next to:
    • Create registry backup
    • Purge system restore
    delfix.jpg
  • Click the Run button.
When the tool is finished, a log will open in notepad. Please copy and paste the log in your next reply.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 gentry12

gentry12
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:09 PM

Posted 30 December 2014 - 02:42 PM

I had already uninstalled ESET with add/remove programs.  Please find the Delfix log below.  I am very grateful to you for fixing my computer.

 

# DelFix v10.8 - Logfile created 30/12/2014 at 14:36:02
# Updated 29/07/2014 by Xplode
# Username : Mike - MIKE-HP
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\AdwCleaner
Deleted : C:\Users\Mike\Desktop\AdwCleaner Log1.txt
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASWMBR

~ Creating registry backup ... OK

~ Cleaning system restore ...

Deleted : RP #170 [Windows Update | 12/10/2014 22:02:02]
Deleted : RP #171 [Windows Update | 12/12/2014 14:17:46]
Deleted : RP #172 [Windows Update | 12/18/2014 15:00:26]
Deleted : RP #174 [Scheduled Checkpoint | 12/30/2014 19:14:13]

New restore point created !

########## - EOF - ##########



#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:09 PM

Posted 30 December 2014 - 03:22 PM

Ok, if there are any desktop Icons left , just delete and you are good to go.

Have a great New Year!!
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users