Trojan. CalculatemPro
*file
C:\Program Files\CalculatemPro\affil.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Calculatem Pro\Calculatem Pro.lnk
C:\Users\{USERNAME}\Desktop\Calculatem Pro.lnk
C:\Program Files\CalculatemPro\CalculatemPro.exe
C:\Program Files\CalculatemPro\NGLib.dll
C:\Program Files\CalculatemPro\readme.txt
C:\Program Files\CalculatemPro\unins000.dat
C:\Program Files\CalculatemPro\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Calculatem Pro\Uninstall Calculatem Pro.lnk
*reg_key
HKCU\Software\Calculatem
HKCU\Software\VB and VBA Program Settings
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Calculatem Pro_is1
Trojan. KGBKeyLogger
*file
C:\Program Files\KGB\unins000.exe
C:\Program Files\KGB\ssleay32.dll
C:\Program Files\KGB\sqlite3.dll
C:\Program Files\KGB\MPKView.exe
C:\Program Files\KGB\MPK64.exe
C:\Program Files\KGB\Mpk64.dll
C:\Program Files\KGB\MPK.exe
C:\Program Files\KGB\Mpk.dll
C:\Program Files\KGB\libeay32.dll
*reg_key
HKLM\SOFTWARE\Classes\mpkreg
HKLM\SOFTWARE\KGB Software
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8D319D38-B681-40FA-8063-3F50116B4E34}
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CreateExplorerShellUnelevatedTask
*reg_val
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run | Mpk.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers | C:\Program Files\KGB\Mpk.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers | C:\Program Files\KGB\MpkView.exe
Adware.AnySend, Linkury
PUP.DriverXYZ, LiveSupport
