Websearch plus alot of bad stuff, Avast said Panda Active scan had a v

Welcome Guest ( Log In | Register )

Discover the best free computer help!
Learn more about Geeks to Go by taking the tour. Spyware, virus, trojan, fake security or privacy alerts? Read the malware cleaning guide.

> Geeks to Go! » Security » Malware Removal - HijackThis� Logs Go Here

Websearch plus alot of bad stuff, Avast said Panda Active scan had a v, Need help, tried following the before posting instructions

Options

oregonil43 View Member Profile	Apr 19 2008, 08:19 PM Post #1
New Member Posts: 3 OS: Windows Vista Home Premium 32bit	Hi, I brought home a coworkers pc that he was having alot of trouble with. He did several things I'm not sure what. I got it and ran Asquared free, Malwarebytes, Superantispyware. Uninstalled McAfee that was out of date and installed Aast and Comodo firewall, Comodo still shows that mcafee is trying to connect. I all ready ran scans and removed stuff before I found your forum. I will post all of the logs that I have. After reading the "do this before posting" I reran the programs and Malwarebytes didn't find anything, Superantispywarre was running for over 3 hours and seemed stuck in doc+setting\braden\local\ap data so I stoped it and removed what it had found. I went to Panda Activscan and Avast complained that it found Win32:CTX so I didn't run the scan. Also there is a windows security update that will not install. Here are the logs from Asquared a-squared Free - Version 3.5 Last update: 4/19/2008 2:30:46 PM Scan settings: Objects: Memory, Traces, Cookies, C:\Windows\, C:\Program Files Scan archives: On Heuristics: On ADS Scan: On Scan start: 4/19/2008 2:31:52 PM c:\windows\system32\f3pssavr.scr detected: Trace.File.MyWebSearchToobar c:\windows\system32\f3pssavr.scr detected: Trace.File.MyWebSearchToolbar Key: HKEY_LOCAL_MACHINE\software\broderbund software\dss detected: Trace.Registry.DSSAgent Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\FunWebProducts\Settings\Yahoo --> SessionCount detected: Trace.Registry.MyWebSearch Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\FunWebProducts\Settings\Yahoo --> SessionTimestamp detected: Trace.Registry.MyWebSearch Toolbar c:\program files\freeze.com toolbar detected: Trace.Directory.Freeze.com Toolbar c:\program files\gamespy arcade detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\halflife detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\halflife\action detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\halflife\cstrike detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\halflife\firearms detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\halflife\gearbox detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\halflife\tfc detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\quake2 detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\quake2\aq2 detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\quake2\battle detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\quake2\chaosdm detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\quake2\duel detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\quake2\freeze detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\quake2\gloom detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\quake2\gxmod detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\quake2\holywars detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\quake2\jail detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\quake2\kots detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\quake2\lfiredm detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\quake2\lithium2 detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\quake2\lmctf detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\quake2\pball detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\quake2\q2comp detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\quake2\qpong detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\quake2\ra2 detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\quake2\requiem detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\quake2\sconfig detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\quake2\tourney detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\quake2\wf detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\quake2\wod detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\quake3 detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\quake3\alliance detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\quake3\beryllium detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\quake3\excessive detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\quake3\instagib detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\quake3\jailbreak detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\quake3\matchmod detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\quake3\osp detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\quake3\q3comp detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\quake3\q3f detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\quake3\requiem detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\quake3\rocketarena3 detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\quake3\wfa detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\tribes detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\tribes\arena detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\tribes\ch detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\tribes\ctf detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\tribes\ctfb detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\tribes\ctfplus detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\tribes\dd detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\tribes\dm detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\tribes\duel detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\tribes\fr detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\tribes\mt detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\tribes\open cal detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\tribes\rpg detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\tribes\tac detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\ut detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\ut\excessive detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\ut\rocketarena detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\custom\ut\swat detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\profiles detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\profiles\(default) detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\services detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\services\_demospy detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\services\_fplanet detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\services\_gnews detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\services\_gspyder detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\services\_news detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\services\_support detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\skins detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\sounds detected: Trace.Directory.GameSpy Arcade c:\program files\gamespy arcade\sounds\(default) detected: Trace.Directory.GameSpy Arcade c:\program files\freeze.com toolbar\whitelist_plugin.dll detected: Trace.File.Freeze.com Toolbar c:\program files\gamespy arcade\4dca9208.dat detected: Trace.File.GameSpy Arcade c:\program files\gamespy arcade\aphex.exe detected: Trace.File.GameSpy Arcade c:\program files\gamespy arcade\dat.bmp detected: Trace.File.GameSpy Arcade c:\program files\gamespy arcade\def_banner.gif detected: Trace.File.GameSpy Arcade c:\program files\gamespy arcade\def_banner.html detected: Trace.File.GameSpy Arcade c:\program files\gamespy arcade\def_bannerbg.jpg detected: Trace.File.GameSpy Arcade c:\program files\gamespy arcade\def_loading.gif detected: Trace.File.GameSpy Arcade c:\program files\gamespy arcade\def_logo.jpg detected: Trace.File.GameSpy Arcade c:\program files\gamespy arcade\def_news.html detected: Trace.File.GameSpy Arcade c:\program files\gamespy arcade\fpupdate.exe detected: Trace.File.GameSpy Arcade c:\program files\gamespy arcade\gsapak.exe detected: Trace.File.GameSpy Arcade c:\program files\gamespy arcade\install.log detected: Trace.File.GameSpy Arcade c:\program files\gamespy arcade\services\_news\rsrc.dir detected: Trace.File.GameSpy Arcade c:\program files\gamespy arcade\services\_news\service_tab+.tga detected: Trace.File.GameSpy Arcade c:\program files\gamespy arcade\services\_support\rsrc.dir detected: Trace.File.GameSpy Arcade c:\program files\gamespy arcade\services\_support\service_tab.psd detected: Trace.File.GameSpy Arcade Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tb_item_wlopts_pbWhiteListPS6 detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_button_008696 detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_button_009251 detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_button_015212 detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_button_016130 detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_button_018141 detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_button_020255 detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_button_021772 detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_button_023791 detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_button_028303 detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_combo_015710 detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_item_000854 detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_item_001941 detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_item_001978 detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_item_005692 detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_item_005931 detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_item_009203 detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_item_011099 detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_item_011906 detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_item_013004 detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_item_013312 detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_item_017094 detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_item_017583 detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_item_019910 detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_item_021627 detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_item_022455 detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_item_023611 detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_item_024899 detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_item_027805 detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_item_029754 detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_item_029869 detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_item_032034 detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_menu_001689 detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_menu_013864 detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_menu_021382 detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_menu_022032 detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_separator_026217 detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar --> AutoComplete detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar --> blockPopups detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar --> CloseWindow detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar --> CountOS detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar --> CurrentLayout detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar --> DescriptiveText detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar --> firstTime detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar --> Height detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar --> KeepHistory detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar --> LastCheckTime detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar --> m_bWorking detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar --> OldOS detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar --> OpenNew detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar --> RunSearchAutomatically detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar --> RunSearchDragAutomatically detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar --> ShowFindButtons detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar --> ShowHighlightButton detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar --> TBBreak detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar --> TBPos detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar --> TBShow detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar --> TBWidth detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar --> Toolbar Path detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar --> toolbar_id detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar --> toolbar_version detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar --> UpdateAutomatically detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar --> updateWaitForRestart detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar --> updateXML detected: Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\GameSpy\GameSpy Arcade --> InstDir detected: Trace.Registry.GameSpy Arcade Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GameSpy Arcade --> DisplayName detected: Trace.Registry.GameSpy Arcade Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GameSpy Arcade --> UninstallString detected: Trace.Registry.GameSpy Arcade Value: HKEY_LOCAL_MACHINE\SOFTWARE\Freeze.com\Installer --> id detected: Trace.Registry.Living Beaches #2 Animated Wallpaper c:\program files\mini golf pro detected: Trace.Directory.Mini Golf Pro c:\program files\mini golf pro\balls detected: Trace.Directory.Mini Golf Pro c:\program files\mini golf pro\editor detected: Trace.Directory.Mini Golf Pro c:\program files\mini golf pro\sounds detected: Trace.Directory.Mini Golf Pro c:\program files\mini golf pro\balls\ball10.bmp detected: Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball11.bmp detected: Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball12.bmp detected: Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball13.bmp detected: Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball14.bmp detected: Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball15.bmp detected: Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball16.bmp detected: Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball17.bmp detected: Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball18.bmp detected: Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball19.bmp detected: Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball2.bmp detected: Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball20.bmp detected: Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball21.bmp detected: Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball22.bmp detected: Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball23.bmp detected: Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball24.bmp detected: Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball25.bmp detected: Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball26.bmp detected: Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball27.bmp detected: Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball28.bmp detected: Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball29.bmp detected: Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball3.bmp detected: Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball30.bmp detected: Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball4.bmp detected: Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball5.bmp detected: Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball6.bmp detected: Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball7.bmp detected: Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball8.bmp detected: Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball9.bmp detected: Trace.File.Mini Golf Pro c:\program files\mini golf pro\editor\mini_golf_pro.scgms detected: Trace.File.Mini Golf Pro c:\program files\mini golf pro\n_menu.dll detected: Trace.File.Mini Golf Pro c:\program files\mini golf pro\readme.txt detected: Trace.File.Mini Golf Pro c:\program files\mini golf pro\scconsole.dll detected: Trace.File.Mini Golf Pro c:\program files\mini golf pro\sounds\taunt1.wav detected: Trace.File.Mini Golf Pro c:\program files\mini golf pro\sounds\taunt2.wav detected: Trace.File.Mini Golf Pro c:\program files\mini golf pro\sounds\taunt3.wav detected: Trace.File.Mini Golf Pro c:\program files\mini golf pro\sounds\taunt4.wav detected: Trace.File.Mini Golf Pro c:\program files\mini golf pro\sounds\taunt5.wav detected: Trace.File.Mini Golf Pro c:\program files\mini golf pro\sounds\taunt6.wav detected: Trace.File.Mini Golf Pro c:\program files\mini golf pro\sounds\taunt7.wav detected: Trace.File.Mini Golf Pro c:\program files\mini golf pro\sounds\taunt8.wav detected: Trace.File.Mini Golf Pro c:\program files\mini golf pro\sounds\taunt9.wav detected: Trace.File.Mini Golf Pro c:\program files\common files\napster shared detected: Trace.Directory.Napster c:\program files\common files\napster shared\burnplugin detected: Trace.Directory.Napster c:\program files\common files\napster shared\dragon detected: Trace.Directory.Napster c:\program files\common files\napster shared\sharedcom detected: Trace.Directory.Napster c:\program files\common files\napster shared\sidewinder detected: Trace.Directory.Napster c:\program files\common files\napster shared\burnplugin\burnplugin.dll detected: Trace.File.Napster c:\program files\common files\napster shared\dragon\dragon.dat detected: Trace.File.Napster c:\program files\common files\napster shared\dragon\ndragon.dll detected: Trace.File.Napster c:\program files\common files\napster shared\dragon\ndragonrs.dll detected: Trace.File.Napster c:\program files\common files\napster shared\dragon\ndragonrs.loc detected: Trace.File.Napster c:\program files\common files\napster shared\sharedcom\nxacmp3ctd.dll detected: Trace.File.Napster c:\program files\common files\napster shared\sharedcom\nxacwma.dll detected: Trace.File.Napster c:\program files\common files\napster shared\sharedcom\nxaudiocodec.dll detected: Trace.File.Napster c:\program files\common files\napster shared\sharedcom\rxacwrapper1028.lng detected: Trace.File.Napster c:\program files\common files\napster shared\sharedcom\rxacwrapper1031.lng detected: Trace.File.Napster c:\program files\common files\napster shared\sharedcom\rxacwrapper1033.lng detected: Trace.File.Napster c:\program files\common files\napster shared\sharedcom\rxacwrapper1034.lng detected: Trace.File.Napster c:\program files\common files\napster shared\sharedcom\rxacwrapper1036.lng detected: Trace.File.Napster c:\program files\common files\napster shared\sharedcom\rxacwrapper1040.lng detected: Trace.File.Napster c:\program files\common files\napster shared\sharedcom\rxacwrapper1041.lng detected: Trace.File.Napster c:\program files\common files\napster shared\sharedcom\rxacwrapper1042.lng detected: Trace.File.Napster c:\program files\common files\napster shared\sharedcom\rxacwrapper1043.lng detected: Trace.File.Napster c:\program files\common files\napster shared\sharedcom\rxacwrapper1046.lng detected: Trace.File.Napster c:\program files\common files\napster shared\sharedcom\rxacwrapper1053.lng detected: Trace.File.Napster c:\program files\common files\napster shared\sharedcom\rxacwrapper1054.lng detected: Trace.File.Napster c:\program files\common files\napster shared\sharedcom\rxacwrapper2052.lng detected: Trace.File.Napster c:\program files\common files\napster shared\sidewinder\nsidewinder.dll detected: Trace.File.Napster c:\program files\common files\napster shared\sidewinder\nsidewinderres.dll detected: Trace.File.Napster c:\program files\common files\napster shared\sidewinder\sidewinderres.loc detected: Trace.File.Napster Value: HKEY_CLASSES_ROOT\CLSID\{A0A0888B-8977-45b5-B884-57CC3A164650}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Napster Value: HKEY_CLASSES_ROOT\CLSID\{F2897008-A82D-4267-92A3-04D22450D565}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Napster Value: HKEY_CLASSES_ROOT\CLSID\{f73258F7-8BC6-4a64-A4E7-919E4D32DC63}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Napster Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\Napster\Client --> EnableSystrayIcon detected: Trace.Registry.Napster Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\Napster\Client --> InitialSynchronizationPrepared_. detected: Trace.Registry.Napster Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\Napster\Client --> UICx detected: Trace.Registry.Napster Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\Napster\Client --> UICy detected: Trace.Registry.Napster Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\Napster\Client --> UIMax detected: Trace.Registry.Napster Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\Napster\Client --> UIXPos detected: Trace.Registry.Napster Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\Napster\Client --> UIYPos detected: Trace.Registry.Napster Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\Napster\Common --> ExternalLinkHandler detected: Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A0A0888B-8977-45b5-B884-57CC3A164650}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F2897008-A82D-4267-92A3-04D22450D565}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f73258F7-8BC6-4a64-A4E7-919E4D32DC63}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> AuthorizedCDFPrefix detected: Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> Comments detected: Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> Contact detected: Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> DisplayName detected: Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> DisplayVersion detected: Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> EstimatedSize detected: Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> HelpLink detected: Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> HelpTelephone detected: Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> InstallDate detected: Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> InstallLocation detected: Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> InstallSource detected: Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> Language detected: Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> ModifyPath detected: Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> Publisher detected: Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> Readme detected: Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> Size detected: Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> SystemComponent detected: Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> UninstallString detected: Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> URLInfoAbout detected: Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> URLUpdateInfo detected: Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> Version detected: Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> VersionMajor detected: Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> VersionMinor detected: Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> WindowsInstaller detected: Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Napster\Client --> AffiliateId detected: Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Napster\Client --> BitRate detected: Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Napster\Client --> CurrentUser detected: Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Napster\Client --> DownloadDir detected: Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Napster\Client --> EnableSystrayIcon detected: Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Napster\Client --> EULAAccepted detected: Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Napster\Client --> HelpFaqURL detected: Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Napster\Client --> HelpTutorialURL detected: Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Napster\Client --> RegistrationURL detected: Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Napster\Common --> ExternalLinkHandler detected: Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Napster\Common --> ExternalLinkHandlerParams detected: Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Freeze.com\Installer --> id detected: Trace.Registry.EZ Game Cheats C:\Windows\System32\f3PSSavr.scr detected: Riskware.AdTool.Win32.MyWebSearch.bg Scanned Files: 132103 Traces: 315325 Cookies: 2 Processes: 50 Found Files: 1 Traces: 290 Cookies: 0 Processes: 0 Registry keys: 0 Scan end: 4/19/2008 3:18:47 PM Scan time: 0:46:55 C:\Windows\System32\f3PSSavr.scr Quarantined Riskware.AdTool.Win32.MyWebSearch.bg Value: HKEY_LOCAL_MACHINE\SOFTWARE\Freeze.com\Installer --> id Quarantined Trace.Registry.EZ Game Cheats Value: HKEY_CLASSES_ROOT\CLSID\{A0A0888B-8977-45b5-B884-57CC3A164650}\InprocServer32 --> ThreadingModel Quarantined Trace.Registry.Napster Value: HKEY_CLASSES_ROOT\CLSID\{F2897008-A82D-4267-92A3-04D22450D565}\InprocServer32 --> ThreadingModel Quarantined Trace.Registry.Napster Value: HKEY_CLASSES_ROOT\CLSID\{f73258F7-8BC6-4a64-A4E7-919E4D32DC63}\InprocServer32 --> ThreadingModel Quarantined Trace.Registry.Napster Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\Napster\Client --> EnableSystrayIcon Quarantined Trace.Registry.Napster Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\Napster\Client --> InitialSynchronizationPrepared_. Quarantined Trace.Registry.Napster Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\Napster\Client --> UICx Quarantined Trace.Registry.Napster Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\Napster\Client --> UICy Quarantined Trace.Registry.Napster Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\Napster\Client --> UIMax Quarantined Trace.Registry.Napster Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\Napster\Client --> UIXPos Quarantined Trace.Registry.Napster Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\Napster\Client --> UIYPos Quarantined Trace.Registry.Napster Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\Napster\Common --> ExternalLinkHandler Quarantined Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A0A0888B-8977-45b5-B884-57CC3A164650}\InprocServer32 --> ThreadingModel Quarantined Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F2897008-A82D-4267-92A3-04D22450D565}\InprocServer32 --> ThreadingModel Quarantined Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f73258F7-8BC6-4a64-A4E7-919E4D32DC63}\InprocServer32 --> ThreadingModel Quarantined Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> AuthorizedCDFPrefix Quarantined Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> Comments Quarantined Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> Contact Quarantined Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> DisplayName Quarantined Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> DisplayVersion Quarantined Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> EstimatedSize Quarantined Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> HelpLink Quarantined Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> HelpTelephone Quarantined Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> InstallDate Quarantined Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> InstallLocation Quarantined Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> InstallSource Quarantined Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> Language Quarantined Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> ModifyPath Quarantined Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> Publisher Quarantined Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> Readme Quarantined Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> Size Quarantined Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> SystemComponent Quarantined Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> UninstallString Quarantined Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> URLInfoAbout Quarantined Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> URLUpdateInfo Quarantined Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> Version Quarantined Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> VersionMajor Quarantined Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> VersionMinor Quarantined Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> WindowsInstaller Quarantined Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Napster\Client --> AffiliateId Quarantined Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Napster\Client --> BitRate Quarantined Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Napster\Client --> CurrentUser Quarantined Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Napster\Client --> DownloadDir Quarantined Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Napster\Client --> EnableSystrayIcon Quarantined Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Napster\Client --> EULAAccepted Quarantined Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Napster\Client --> HelpFaqURL Quarantined Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Napster\Client --> HelpTutorialURL Quarantined Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Napster\Client --> RegistrationURL Quarantined Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Napster\Common --> ExternalLinkHandler Quarantined Trace.Registry.Napster Value: HKEY_LOCAL_MACHINE\SOFTWARE\Napster\Common --> ExternalLinkHandlerParams Quarantined Trace.Registry.Napster c:\program files\common files\napster shared\burnplugin\burnplugin.dll Quarantined Trace.File.Napster c:\program files\common files\napster shared\dragon\dragon.dat Quarantined Trace.File.Napster c:\program files\common files\napster shared\dragon\ndragon.dll Quarantined Trace.File.Napster c:\program files\common files\napster shared\dragon\ndragonrs.dll Quarantined Trace.File.Napster c:\program files\common files\napster shared\dragon\ndragonrs.loc Quarantined Trace.File.Napster c:\program files\common files\napster shared\sharedcom\nxacmp3ctd.dll Quarantined Trace.File.Napster c:\program files\common files\napster shared\sharedcom\nxacwma.dll Quarantined Trace.File.Napster c:\program files\common files\napster shared\sharedcom\nxaudiocodec.dll Quarantined Trace.File.Napster c:\program files\common files\napster shared\sharedcom\rxacwrapper1028.lng Quarantined Trace.File.Napster c:\program files\common files\napster shared\sharedcom\rxacwrapper1031.lng Quarantined Trace.File.Napster c:\program files\common files\napster shared\sharedcom\rxacwrapper1033.lng Quarantined Trace.File.Napster c:\program files\common files\napster shared\sharedcom\rxacwrapper1034.lng Quarantined Trace.File.Napster c:\program files\common files\napster shared\sharedcom\rxacwrapper1036.lng Quarantined Trace.File.Napster c:\program files\common files\napster shared\sharedcom\rxacwrapper1040.lng Quarantined Trace.File.Napster c:\program files\common files\napster shared\sharedcom\rxacwrapper1041.lng Quarantined Trace.File.Napster c:\program files\common files\napster shared\sharedcom\rxacwrapper1042.lng Quarantined Trace.File.Napster c:\program files\common files\napster shared\sharedcom\rxacwrapper1043.lng Quarantined Trace.File.Napster c:\program files\common files\napster shared\sharedcom\rxacwrapper1046.lng Quarantined Trace.File.Napster c:\program files\common files\napster shared\sharedcom\rxacwrapper1053.lng Quarantined Trace.File.Napster c:\program files\common files\napster shared\sharedcom\rxacwrapper1054.lng Quarantined Trace.File.Napster c:\program files\common files\napster shared\sharedcom\rxacwrapper2052.lng Quarantined Trace.File.Napster c:\program files\common files\napster shared\sidewinder\nsidewinder.dll Quarantined Trace.File.Napster c:\program files\common files\napster shared\sidewinder\nsidewinderres.dll Quarantined Trace.File.Napster c:\program files\common files\napster shared\sidewinder\sidewinderres.loc Quarantined Trace.File.Napster c:\program files\common files\napster shared Quarantined Trace.Directory.Napster c:\program files\common files\napster shared\burnplugin Quarantined Trace.Directory.Napster c:\program files\common files\napster shared\dragon Quarantined Trace.Directory.Napster c:\program files\common files\napster shared\sharedcom Quarantined Trace.Directory.Napster c:\program files\common files\napster shared\sidewinder Quarantined Trace.Directory.Napster c:\program files\mini golf pro\balls\ball10.bmp Quarantined Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball11.bmp Quarantined Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball12.bmp Quarantined Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball13.bmp Quarantined Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball14.bmp Quarantined Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball15.bmp Quarantined Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball16.bmp Quarantined Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball17.bmp Quarantined Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball18.bmp Quarantined Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball19.bmp Quarantined Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball2.bmp Quarantined Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball20.bmp Quarantined Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball21.bmp Quarantined Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball22.bmp Quarantined Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball23.bmp Quarantined Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball24.bmp Quarantined Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball25.bmp Quarantined Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball26.bmp Quarantined Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball27.bmp Quarantined Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball28.bmp Quarantined Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball29.bmp Quarantined Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball3.bmp Quarantined Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball30.bmp Quarantined Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball4.bmp Quarantined Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball5.bmp Quarantined Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball6.bmp Quarantined Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball7.bmp Quarantined Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball8.bmp Quarantined Trace.File.Mini Golf Pro c:\program files\mini golf pro\balls\ball9.bmp Quarantined Trace.File.Mini Golf Pro c:\program files\mini golf pro\editor\mini_golf_pro.scgms Quarantined Trace.File.Mini Golf Pro c:\program files\mini golf pro\n_menu.dll Quarantined Trace.File.Mini Golf Pro c:\program files\mini golf pro\readme.txt Quarantined Trace.File.Mini Golf Pro c:\program files\mini golf pro\scconsole.dll Quarantined Trace.File.Mini Golf Pro c:\program files\mini golf pro\sounds\taunt1.wav Quarantined Trace.File.Mini Golf Pro c:\program files\mini golf pro\sounds\taunt2.wav Quarantined Trace.File.Mini Golf Pro c:\program files\mini golf pro\sounds\taunt3.wav Quarantined Trace.File.Mini Golf Pro c:\program files\mini golf pro\sounds\taunt4.wav Quarantined Trace.File.Mini Golf Pro c:\program files\mini golf pro\sounds\taunt5.wav Quarantined Trace.File.Mini Golf Pro c:\program files\mini golf pro\sounds\taunt6.wav Quarantined Trace.File.Mini Golf Pro c:\program files\mini golf pro\sounds\taunt7.wav Quarantined Trace.File.Mini Golf Pro c:\program files\mini golf pro\sounds\taunt8.wav Quarantined Trace.File.Mini Golf Pro c:\program files\mini golf pro\sounds\taunt9.wav Quarantined Trace.File.Mini Golf Pro c:\program files\mini golf pro Quarantined Trace.Directory.Mini Golf Pro c:\program files\mini golf pro\balls Quarantined Trace.Directory.Mini Golf Pro c:\program files\mini golf pro\editor Quarantined Trace.Directory.Mini Golf Pro c:\program files\mini golf pro\sounds Quarantined Trace.Directory.Mini Golf Pro Value: HKEY_LOCAL_MACHINE\SOFTWARE\Freeze.com\Installer --> id Quarantined Trace.Registry.Living Beaches #2 Animated Wallpaper Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\GameSpy\GameSpy Arcade --> InstDir Quarantined Trace.Registry.GameSpy Arcade Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GameSpy Arcade --> DisplayName Quarantined Trace.Registry.GameSpy Arcade Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GameSpy Arcade --> UninstallString Quarantined Trace.Registry.GameSpy Arcade Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tb_item_wlopts_pbWhiteListPS6 Quarantined Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_button_008696 Quarantined Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_button_009251 Quarantined Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_button_015212 Quarantined Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_button_016130 Quarantined Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_button_018141 Quarantined Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_button_020255 Quarantined Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_button_021772 Quarantined Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_button_023791 Quarantined Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_button_028303 Quarantined Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_combo_015710 Quarantined Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_item_000854 Quarantined Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_item_001941 Quarantined Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_item_001978 Quarantined Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_item_005692 Quarantined Trace.Registry.Freeze.com Toolbar Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar&a This post has been edited by oregonil43: Apr 20 2008, 05:13 AM

oregonil43 View Member Profile	Apr 19 2008, 08:27 PM Post #2
New Member Posts: 3 OS: Windows Vista Home Premium 32bit	Avast 4/18/2008 10:10:21 PM 1208574621 Amanda 972 Function setifaceUpdatePackages() has failed. Return code is 0x2000000A, dwRes is 2000000A. 4/18/2008 11:01:48 PM 1208577708 Amanda 568 Sign of "Win32:Adware-gen [Adw]" has been found in "C:\Program Files\SpongeBob SquarePants Diner Dash\bfgt_silent_en.exe\nickarcade.dll" file. 4/19/2008 2:14:53 AM 1208589293 SYSTEM 1544 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 4/19/2008 2:14:53 AM 1208589293 SYSTEM 1544 An error has occured while attempting to update. Please check the logs. 4/19/2008 2:17:36 PM 1208632656 SYSTEM 1552 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 4/19/2008 2:17:36 PM 1208632656 SYSTEM 1552 An error has occured while attempting to update. Please check the logs. 4/19/2008 4:47:23 PM 1208641643 SYSTEM 1536 Sign of "Win32:CTX" has been found in "http://acs.pandasoftware.com/activescan/cabs/as2guiie.cab\pskavs.dll" file. 4/19/2008 4:51:49 PM 1208641909 SYSTEM 1536 Sign of "Win32:CTX" has been found in "C:\Program Files\Panda Security\ActiveScan 2.0\pskavs.dll" file. 4/19/2008 8:44:36 PM 1208655876 SYSTEM 1600 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 4/19/2008 8:44:36 PM 1208655876 SYSTEM 1600 An error has occured while attempting to update. Please check the logs. And HijackThis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 8:58:45 PM, on 4/19/2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16643) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Program Files\COMODO\Firewall\cfp.exe C:\Windows\sttray.exe C:\Windows\System32\igfxpers.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Program Files\Common Files\aol\1199493783\ee\aolsoftware.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe C:\Program Files\Internet Explorer\ieuser.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\SiteAdvisor\6253\SiteAdv.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Windows\system32\SearchFilterHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage/ R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll O4 - HKLM\..\Run: [NMSSupport] "C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe" /startup O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [NapsterShell] C:\Program Files\Napster\napster.exe /systray O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1199493783\ee\AOLSoftware.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [DSS] C:\Windows\BBStore\DSS\dssagent.exe O4 - HKLM\..\Run: [CCUTRAYICON] C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe O4 - HKLM\..\Run: [BigFix] c:\program files\Bigfix\bigfix.exe /atstartup O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 O4 - HKCU\..\Run: [Uniblue RegistryBooster2] c:\program files\uniblue\registrybooster 2\StartRegistryBooster.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Startup: RollerCoaster Tycoon 3 Registration.lnk = C:\Users\Amanda\AppData\Local\Temp\{2C72795D-4CA3-4651-B8A5-6160F23631CF}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...?p=ZCxdm565MOUS O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1005.cab O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD40/JSCDL/jre/6u...ows-i586-jc.cab O16 - DPF: {AE6C4705-0F11-4ACB-BDD4-37F138BEF289} (Image Uploader Control) - http://woodmansdigitalphoto.lifepics.com/n...PUploader45.cab O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab O16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} (Toontown Installer ActiveX Control) - http://a.download.toontown.com/sv1.0.29.8/ttinst.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shock...ash/swflash.cab O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL C:\Windows\system32\guard32.dll O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: Intel® Alert Service (AlertService) - Intel® Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\Firewall\cmdagent.exe O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe O23 - Service: Google Desktop Manager 5.5.709.30344 (GoogleDesktopManager-093007-112848) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel® Software Services Manager (ISSM) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe O23 - Service: Intel® Viiv™ Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe O23 - Service: Intel® Application Tracker (MCLServiceATL) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS O23 - Service: Intel® Remoting Service (Remote UI Service) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6253\SAService.exe O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 10807 bytes HijackThis installed programs 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) Absolute Uninstaller 2.5 Activation Assistant for the 2007 Microsoft Office suites Adobe Flash Player ActiveX Adobe Flash Player Plugin Adobe Reader 8.1.1 Adobe Shockwave Player Aloha Solitaire Ancient Tripeaks II AOL Uninstaller (Choose which Products to Remove) Apple Mobile Device Support Apple Software Update a-squared Free 3.1 avast! Antivirus Bejeweled 2 Deluxe Blasterball 2 Remix Blasterball 3 Bonjour Burger Rush Cabela's Big Game Hunter 2006 Season Cake Mania Call of Duty Game of the Year Edition Canon iP1700 Canon iP1700 User Registration Canon My Printer Canon PhotoRecord Canon Utilities Easy-PhotoPrint Canon ZoomBrowser EX (E) Castle of Cards CCleaner (remove only) Chuzzle Deluxe City Magnate Clue COMODO Firewall Pro Delicious 2 Deluxe Delicious Deluxe Digital Media Reader Diner Dash Diner Dash Diner Dash 2 Diner Dash Flo on the Go DirectX Media Runtime 5.1 Disney Toontown Online ebgcInfra ebgcRes ebgcRes ebgcRes ebgcRes ebgcRes ebgcSDK ebgcSDK ebgcSDK eMachines Game Console eMachines Recovery Center Installer Fairly OddParents - Timmy's Roach Rampage Family Feud (remove only) Family Feud™ Family Feud™ II FATE Fish Tycoon Five Card Deluxe Frogger v3.0e GameHouse Sudoku Garden Dreams Gold Miner Gold Miner Vegas Google Desktop Google Earth GSP Sudoku HijackThis 2.0.2 Hotel Solitaire Intel® Graphics Media Accelerator Driver Intel® PRO Network Connections Drivers Intel® Viiv™ Software iPod for Windows 2006-03-23 iTunes Java™ 6 Update 5 JEOPARDY Jeopardy! 2nd Edition Kids Cam Sticker Factory LeapFrog� Mind Station™ Live Billiards Malwarebytes' Anti-Malware Microsoft Digital Image Starter Edition 2006 Microsoft Money 2006 Microsoft Office Excel MUI (English) 2007 Microsoft Office Home and Student 2007 Microsoft Office Home and Student 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Works Mini Golf Pro Monopoly Here & Now Edition Motocross Mania MSM32Installer MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB941833) Music Creator 4 Nick Aracde Toolbar Off Road Arena Panda ActiveScan 2.0 Penguins! Pet Vet (remove only) Picasa 2 Polar Bowler Polar Golfer Power2Go 5.0 Prison Tycoon 2 PS2 Multimedia Keyboard Driver Puppy Luv (remove only) QuickTime RealArcade Rhapsody Player Engine Risk II RollerCoaster Tycoon 2 Triple Thrill Pack RTC Client API v1.2 Saints & Sinners Bowling Sandlot Games Client Services 1.2.2 Scooby-Doo™, Showdown in Ghost Town™ SCRABBLE SCRABBLE Security Update for CAPICOM (KB931906) Security Update for CAPICOM (KB931906) Security Update for Excel 2007 (KB946974) Security Update for Office 2007 (KB947801) Security Update for Visio 2007 (KB947590) SigmaTel Audio Snowy Lunch Rush Soft Data Fax Modem with SmartCP SpongeBob SquarePants Movie 3D Game (remove only) Super Collapse! 3 Super Pop & Drop Super SpongeBob Collapse! SUPERAntiSpyware Free Edition Tank O Box Teddy Factory Test Drive Off-Road 3 Texas Hold'em Poker Update for Office 2007 (KB946691) Verizon Online DSL Viewpoint Media Player Wheel of Fortune 2 (remove only) Wheel of Fortune 2nd Edition Windows Live Messenger Windows Live Sign-in Assistant Yahoo! Internet Mail Yahoo! Messenger Yahoo! Ten Pin Championship Bowling Yahtzee Thanks in advance for any help. I'm not familar with Vista.