Malwarebytes' Anti-Malware 1.51.1.1800 www.malwarebytes.org Database version: 7397 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 8/6/2011 4:22:36 PM mbam-log-2011-08-06 (16-22-30).txt Scan type: Quick scan Objects scanned: 152239 Time elapsed: 4 minute(s), 35 second(s) Memory Processes Infected: 2 Memory Modules Infected: 2 Registry Keys Infected: 13 Registry Values Infected: 6 Registry Data Items Infected: 0 Folders Infected: 3 Files Infected: 33 Memory Processes Infected: c:\documents and settings\administrator\zeabei.exe (Worm.SFDC) -> 1772 -> No action taken. c:\program files\freezefrog\bin\1.0.670.0\freezefrogsa.exe (Adware.FreezeFrog) -> 1720 -> No action taken. Memory Modules Infected: c:\program files\freezefrog\bin\1.0.670.0\freezefrogsahook.dll (Adware.FreezeFrog) -> No action taken. c:\program files\common files\Spigot\wtxpcom\components\widgitoolbarff.dll (Adware.WidgiToolbar) -> No action taken. Registry Keys Infected: HKEY_CLASSES_ROOT\CLSID\{F3FEE66E-E034-436a-86E4-9690573BEE8A} (PUP.Dealio.TB) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436A-86E4-9690573BEE8A} (PUP.Dealio.TB) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F3FEE66E-E034-436A-86E4-9690573BEE8A} (PUP.Dealio.TB) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1602F07D-8BF3-4c08-BDD6-DDDB1C48AEDC} (Adware.ClickPotato) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{69725738-CD68-4f36-8D02-8C43722EE5DA} (Adware.Hotbar) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5} (Adware.ClickPotato) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SETUP.EXE (PUP.Casino) -> No action taken. HKEY_CLASSES_ROOT\FREEzeFrogAx.Info (Adware.FreezeFrog) -> No action taken. HKEY_CLASSES_ROOT\FREEzeFrogAx.Info.1 (Adware.FreezeFrog) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\FREEZEFROGSA (Adware.FreezeFrog) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FREEzeFrogSA (Adware.FreezeFrog) -> No action taken. Registry Values Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM\COMPONENTS\WIDGITOOLBARFF.DLL (Adware.WidgiToolbar) -> Value: WIDGITOOLBARFF.DLL -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{F3FEE66E-E034-436A-86E4-9690573BEE8A} (PUP.Dealio.TB) -> Value: {F3FEE66E-E034-436A-86E4-9690573BEE8A} -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{F3FEE66E-E034-436A-86E4-9690573BEE8A} (PUP.Dealio.TB) -> Value: {F3FEE66E-E034-436A-86E4-9690573BEE8A} -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\zeabei (Worm.SFDC) -> Value: zeabei -> No action taken. HKEY_CURRENT_USER\Software\freezefrogsa\actionurl_current_version (Adware.FreezeFrog) -> Value: actionurl_current_version -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\FREEzeFrogSA (Adware.FreezeFrog) -> Value: FREEzeFrogSA -> No action taken. Registry Data Items Infected: (No malicious items detected) Folders Infected: c:\documents and settings\all users\application data\2aca5cc3-0f83-453d-a079-1076fe1a8b65 (Adware.Seekmo) -> No action taken. c:\program files\freezefrog\bin\1.0.670.0 (Adware.FreezeFrog) -> No action taken. c:\documents and settings\all users\application data\freezefrogsa (Adware.FreezeFrog) -> No action taken. Files Infected: c:\program files\freezefrog\bin\1.0.670.0\freezefrogsahook.dll (Adware.FreezeFrog) -> No action taken. c:\program files\common files\Spigot\wtxpcom\components\widgitoolbarff.dll (Adware.WidgiToolbar) -> No action taken. c:\program files\youtube downloader toolbar\IE\4.5\youtubedownloadertoolbarie.dll (PUP.Dealio.TB) -> No action taken. c:\documents and settings\administrator\my documents\downloads\setup.exe (PUP.Casino) -> No action taken. c:\documents and settings\administrator\my documents\downloads\slotsjungle.exe (PUP.Casino) -> No action taken. c:\documents and settings\administrator\my documents\downloads\intertops_en_install.exe (PUP.Casino) -> No action taken. c:\documents and settings\administrator\local settings\temp\MR9Afk.exe (PUP.Casino) -> No action taken. c:\documents and settings\administrator\local settings\temp\P3uEKf.exe (PUP.Casino) -> No action taken. c:\documents and settings\administrator\local settings\temp\QLOoD.exe (PUP.Casino) -> No action taken. c:\documents and settings\administrator\local settings\temp\fEvQQ.exe (PUP.Casino) -> No action taken. c:\documents and settings\administrator\local settings\temp\Ajwpl.exe (PUP.Casino) -> No action taken. c:\documents and settings\administrator\local settings\temp\Ui87xU.exe (PUP.Casino) -> No action taken. c:\documents and settings\administrator\local settings\temp\xK5rO.exe (PUP.Casino) -> No action taken. c:\documents and settings\administrator\local settings\temp\xLlDZW.exe (PUP.Casino) -> No action taken. c:\documents and settings\administrator\local settings\temp\YTl2B.exe (PUP.Casino) -> No action taken. c:\documents and settings\administrator\local settings\temp\ZdN0o.exe (PUP.Casino) -> No action taken. c:\documents and settings\administrator\local settings\temp\0pUD8a.exe (PUP.Casino) -> No action taken. c:\documents and settings\administrator\local settings\temp\14oOX.exe (PUP.Casino) -> No action taken. c:\documents and settings\administrator\local settings\temp\58XEpY.exe (PUP.Casino) -> No action taken. c:\documents and settings\administrator\local settings\temp\7tAcfC.exe (PUP.Casino) -> No action taken. c:\documents and settings\administrator\local settings\temp\9zkusl.exe (PUP.Casino) -> No action taken. c:\documents and settings\administrator\local settings\temp\gow16.tmp (PUP.Casino.Gen) -> No action taken. c:\documents and settings\administrator\local settings\temp\gow7C.tmp (PUP.Casino.Gen) -> No action taken. c:\documents and settings\administrator\local settings\temp\k5rnw.exe (PUP.Casino) -> No action taken. c:\documents and settings\administrator\local settings\temp\LGgM7Z.exe (PUP.Casino) -> No action taken. c:\documents and settings\administrator\zeabei.exe (Worm.SFDC) -> No action taken. c:\program files\freezefrog\bin\1.0.670.0\freezefrogsa.exe (Adware.FreezeFrog) -> No action taken. c:\program files\freezefrog\bin\1.0.670.0\freezefroguninstaller.exe (Adware.FreezeFrog) -> No action taken. c:\documents and settings\all users\application data\freezefrogsa\freezefrogsa.dat (Adware.FreezeFrog) -> No action taken. c:\documents and settings\all users\application data\freezefrogsa\freezefrogsaabout.mht (Adware.FreezeFrog) -> No action taken. c:\documents and settings\all users\application data\freezefrogsa\freezefrogsaau.dat (Adware.FreezeFrog) -> No action taken. c:\documents and settings\all users\application data\freezefrogsa\freezefrogsaeula.mht (Adware.FreezeFrog) -> No action taken. c:\documents and settings\all users\application data\freezefrogsa\freezefrogsa_kyf.dat (Adware.FreezeFrog) -> No action taken.