Malware

  • Thread starter Steve Zebrowski
  • Start date
S

Steve Zebrowski

AdAware finds the following registry keys that it can't
remove. No other anti-spyware finds them. If I delete
them they keep coming back. In Safe Mode they stay gone
until I reboot into Normal Mode. lzio.com says they are
not theirs. Any ideas out there?

Ad-Aware SE Scanning Result, 8-1-2005 8:48:29 AM
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Name Type Category Object Comment
LZIO RegValue Malware HKEY_USERS:S-1-5-21-3410088236-
385672205-695138665-1005\software\microsoft\internet
explorer\toolbar\Webbrowser "{223405ec-01f9-48a2-bdbb-
d519913e2765}"
LZIO RegValue Malware HKEY_USERS:S-1-5-21-3410088236-
385672205-695138665-1005\software\microsoft\internet
explorer\toolbar\Webbrowser "{28a19c3e-91e4-4bca-a623-
baf3c43c4f49}"
LZIO RegValue Malware HKEY_USERS:S-1-5-21-3410088236-
385672205-695138665-1005\software\microsoft\internet
explorer\toolbar\Webbrowser "{efee6b59-addb-40eb-ba2c-
af860f5b42b5}"
 
A

Anonymous Bob

More information would be helpful:
OS?
Anti-virus?
Firewall?
Do you have any add on toolbars installed?
Are there any other symptoms?
etc...

What I did find:
http://www.spywareguide.com/spywarelist.html
http://www.spywareguide.com/product_show.php?id=853

Most anti-virus programs can remove LZIO.

Do you have submithook.dll on your system?

Here's a tool that may help if you have an unwanted BHO:
http://windowsxp.mvps.org/toolbarcop.htm
Use it with care and if you have any questions toolbarcop can generate a
report you can post here.

Bob Vanderveen
 
R

Ron Chamberlin

Hi Steve,
Open MWAS and see if you can send in a Suspected Spyware Report please.

I would then suggest booting from SafeMode (F8 at startup) and doing a full
scan with MWAS.

Ron Chamberlin
MS-MVP


AdAware finds the following registry keys that it can't
remove. No other anti-spyware finds them. If I delete
them they keep coming back. In Safe Mode they stay gone
until I reboot into Normal Mode. lzio.com says they are
not theirs. Any ideas out there?

Ad-Aware SE Scanning Result, 8-1-2005 8:48:29 AM
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Name Type Category Object Comment
LZIO RegValue Malware HKEY_USERS:S-1-5-21-3410088236-
385672205-695138665-1005\software\microsoft\internet
explorer\toolbar\Webbrowser "{223405ec-01f9-48a2-bdbb-
d519913e2765}"
LZIO RegValue Malware HKEY_USERS:S-1-5-21-3410088236-
385672205-695138665-1005\software\microsoft\internet
explorer\toolbar\Webbrowser "{28a19c3e-91e4-4bca-a623-
baf3c43c4f49}"
LZIO RegValue Malware HKEY_USERS:S-1-5-21-3410088236-
385672205-695138665-1005\software\microsoft\internet
explorer\toolbar\Webbrowser "{efee6b59-addb-40eb-ba2c-
af860f5b42b5}"
 
Top