Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Websearch plus alot of bad stuff, Avast said Panda Active scan had a v


  • This topic is locked This topic is locked

#1
oregonil43

oregonil43

    New Member

  • Member
  • Pip
  • 3 posts
Hi, I brought home a coworkers pc that he was having alot of trouble with. He did several things I'm not sure what. I got it and ran Asquared free, Malwarebytes, Superantispyware. Uninstalled McAfee that was out of date and installed Aast and Comodo firewall, Comodo still shows that mcafee is trying to connect.

I all ready ran scans and removed stuff before I found your forum. I will post all of the logs that I have. After reading the "do this before posting" I reran the programs and Malwarebytes didn't find anything, Superantispywarre was running for over 3 hours and seemed stuck in doc+setting\braden\local\ap data so I stoped it and removed what it had found. I went to Panda Activscan and Avast complained that it found Win32:CTX so I didn't run the scan.

Also there is a windows security update that will not install.

Here are the logs from Asquared

a-squared Free - Version 3.5
Last update: 4/19/2008 2:30:46 PM

Scan settings:

Objects: Memory, Traces, Cookies, C:\Windows\, C:\Program Files
Scan archives: On
Heuristics: On
ADS Scan: On

Scan start: 4/19/2008 2:31:52 PM

c:\windows\system32\f3pssavr.scr detected: Trace.File.MyWebSearchToobar
c:\windows\system32\f3pssavr.scr detected: Trace.File.MyWebSearchToolbar
Key: HKEY_LOCAL_MACHINE\software\broderbund software\dss detected: Trace.Registry.DSSAgent
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\FunWebProducts\Settings\Yahoo --> SessionCount detected: Trace.Registry.MyWebSearch Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\FunWebProducts\Settings\Yahoo --> SessionTimestamp detected: Trace.Registry.MyWebSearch Toolbar
c:\program files\freeze.com toolbar detected: Trace.Directory.Freeze.com Toolbar
c:\program files\gamespy arcade detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\halflife detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\halflife\action detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\halflife\cstrike detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\halflife\firearms detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\halflife\gearbox detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\halflife\tfc detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\quake2 detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\quake2\aq2 detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\quake2\battle detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\quake2\chaosdm detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\quake2\duel detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\quake2\freeze detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\quake2\gloom detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\quake2\gxmod detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\quake2\holywars detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\quake2\jail detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\quake2\kots detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\quake2\lfiredm detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\quake2\lithium2 detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\quake2\lmctf detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\quake2\pball detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\quake2\q2comp detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\quake2\qpong detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\quake2\ra2 detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\quake2\requiem detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\quake2\sconfig detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\quake2\tourney detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\quake2\wf detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\quake2\wod detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\quake3 detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\quake3\alliance detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\quake3\beryllium detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\quake3\excessive detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\quake3\instagib detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\quake3\jailbreak detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\quake3\matchmod detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\quake3\osp detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\quake3\q3comp detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\quake3\q3f detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\quake3\requiem detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\quake3\rocketarena3 detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\quake3\wfa detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\tribes detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\tribes\arena detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\tribes\ch detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\tribes\ctf detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\tribes\ctfb detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\tribes\ctfplus detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\tribes\dd detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\tribes\dm detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\tribes\duel detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\tribes\fr detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\tribes\mt detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\tribes\open cal detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\tribes\rpg detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\tribes\tac detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\ut detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\ut\excessive detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\ut\rocketarena detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\custom\ut\swat detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\profiles detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\profiles\(default) detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\services detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\services\_demospy detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\services\_fplanet detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\services\_gnews detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\services\_gspyder detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\services\_news detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\services\_support detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\skins detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\sounds detected: Trace.Directory.GameSpy Arcade
c:\program files\gamespy arcade\sounds\(default) detected: Trace.Directory.GameSpy Arcade
c:\program files\freeze.com toolbar\whitelist_plugin.dll detected: Trace.File.Freeze.com Toolbar
c:\program files\gamespy arcade\4dca9208.dat detected: Trace.File.GameSpy Arcade
c:\program files\gamespy arcade\aphex.exe detected: Trace.File.GameSpy Arcade
c:\program files\gamespy arcade\dat.bmp detected: Trace.File.GameSpy Arcade
c:\program files\gamespy arcade\def_banner.gif detected: Trace.File.GameSpy Arcade
c:\program files\gamespy arcade\def_banner.html detected: Trace.File.GameSpy Arcade
c:\program files\gamespy arcade\def_bannerbg.jpg detected: Trace.File.GameSpy Arcade
c:\program files\gamespy arcade\def_loading.gif detected: Trace.File.GameSpy Arcade
c:\program files\gamespy arcade\def_logo.jpg detected: Trace.File.GameSpy Arcade
c:\program files\gamespy arcade\def_news.html detected: Trace.File.GameSpy Arcade
c:\program files\gamespy arcade\fpupdate.exe detected: Trace.File.GameSpy Arcade
c:\program files\gamespy arcade\gsapak.exe detected: Trace.File.GameSpy Arcade
c:\program files\gamespy arcade\install.log detected: Trace.File.GameSpy Arcade
c:\program files\gamespy arcade\services\_news\rsrc.dir detected: Trace.File.GameSpy Arcade
c:\program files\gamespy arcade\services\_news\service_tab+.tga detected: Trace.File.GameSpy Arcade
c:\program files\gamespy arcade\services\_support\rsrc.dir detected: Trace.File.GameSpy Arcade
c:\program files\gamespy arcade\services\_support\service_tab.psd detected: Trace.File.GameSpy Arcade
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tb_item_wlopts_pbWhiteListPS6 detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_button_008696 detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_button_009251 detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_button_015212 detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_button_016130 detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_button_018141 detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_button_020255 detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_button_021772 detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_button_023791 detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_button_028303 detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_combo_015710 detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_item_000854 detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_item_001941 detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_item_001978 detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_item_005692 detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_item_005931 detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_item_009203 detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_item_011099 detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_item_011906 detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_item_013004 detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_item_013312 detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_item_017094 detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_item_017583 detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_item_019910 detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_item_021627 detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_item_022455 detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_item_023611 detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_item_024899 detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_item_027805 detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_item_029754 detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_item_029869 detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_item_032034 detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_menu_001689 detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_menu_013864 detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_menu_021382 detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_menu_022032 detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_separator_026217 detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar --> AutoComplete detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar --> blockPopups detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar --> CloseWindow detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar --> CountOS detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar --> CurrentLayout detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar --> DescriptiveText detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar --> firstTime detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar --> Height detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar --> KeepHistory detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar --> LastCheckTime detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar --> m_bWorking detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar --> OldOS detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar --> OpenNew detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar --> RunSearchAutomatically detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar --> RunSearchDragAutomatically detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar --> ShowFindButtons detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar --> ShowHighlightButton detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar --> TBBreak detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar --> TBPos detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar --> TBShow detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar --> TBWidth detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar --> Toolbar Path detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar --> toolbar_id detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar --> toolbar_version detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar --> UpdateAutomatically detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar --> updateWaitForRestart detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar --> updateXML detected: Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\GameSpy\GameSpy Arcade --> InstDir detected: Trace.Registry.GameSpy Arcade
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GameSpy Arcade --> DisplayName detected: Trace.Registry.GameSpy Arcade
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GameSpy Arcade --> UninstallString detected: Trace.Registry.GameSpy Arcade
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Freeze.com\Installer --> id detected: Trace.Registry.Living Beaches #2 Animated Wallpaper
c:\program files\mini golf pro detected: Trace.Directory.Mini Golf Pro
c:\program files\mini golf pro\balls detected: Trace.Directory.Mini Golf Pro
c:\program files\mini golf pro\editor detected: Trace.Directory.Mini Golf Pro
c:\program files\mini golf pro\sounds detected: Trace.Directory.Mini Golf Pro
c:\program files\mini golf pro\balls\ball10.bmp detected: Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball11.bmp detected: Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball12.bmp detected: Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball13.bmp detected: Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball14.bmp detected: Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball15.bmp detected: Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball16.bmp detected: Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball17.bmp detected: Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball18.bmp detected: Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball19.bmp detected: Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball2.bmp detected: Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball20.bmp detected: Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball21.bmp detected: Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball22.bmp detected: Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball23.bmp detected: Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball24.bmp detected: Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball25.bmp detected: Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball26.bmp detected: Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball27.bmp detected: Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball28.bmp detected: Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball29.bmp detected: Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball3.bmp detected: Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball30.bmp detected: Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball4.bmp detected: Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball5.bmp detected: Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball6.bmp detected: Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball7.bmp detected: Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball8.bmp detected: Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball9.bmp detected: Trace.File.Mini Golf Pro
c:\program files\mini golf pro\editor\mini_golf_pro.scgms detected: Trace.File.Mini Golf Pro
c:\program files\mini golf pro\n_menu.dll detected: Trace.File.Mini Golf Pro
c:\program files\mini golf pro\readme.txt detected: Trace.File.Mini Golf Pro
c:\program files\mini golf pro\scconsole.dll detected: Trace.File.Mini Golf Pro
c:\program files\mini golf pro\sounds\taunt1.wav detected: Trace.File.Mini Golf Pro
c:\program files\mini golf pro\sounds\taunt2.wav detected: Trace.File.Mini Golf Pro
c:\program files\mini golf pro\sounds\taunt3.wav detected: Trace.File.Mini Golf Pro
c:\program files\mini golf pro\sounds\taunt4.wav detected: Trace.File.Mini Golf Pro
c:\program files\mini golf pro\sounds\taunt5.wav detected: Trace.File.Mini Golf Pro
c:\program files\mini golf pro\sounds\taunt6.wav detected: Trace.File.Mini Golf Pro
c:\program files\mini golf pro\sounds\taunt7.wav detected: Trace.File.Mini Golf Pro
c:\program files\mini golf pro\sounds\taunt8.wav detected: Trace.File.Mini Golf Pro
c:\program files\mini golf pro\sounds\taunt9.wav detected: Trace.File.Mini Golf Pro
c:\program files\common files\napster shared detected: Trace.Directory.Napster
c:\program files\common files\napster shared\burnplugin detected: Trace.Directory.Napster
c:\program files\common files\napster shared\dragon detected: Trace.Directory.Napster
c:\program files\common files\napster shared\sharedcom detected: Trace.Directory.Napster
c:\program files\common files\napster shared\sidewinder detected: Trace.Directory.Napster
c:\program files\common files\napster shared\burnplugin\burnplugin.dll detected: Trace.File.Napster
c:\program files\common files\napster shared\dragon\dragon.dat detected: Trace.File.Napster
c:\program files\common files\napster shared\dragon\ndragon.dll detected: Trace.File.Napster
c:\program files\common files\napster shared\dragon\ndragonrs.dll detected: Trace.File.Napster
c:\program files\common files\napster shared\dragon\ndragonrs.loc detected: Trace.File.Napster
c:\program files\common files\napster shared\sharedcom\nxacmp3ctd.dll detected: Trace.File.Napster
c:\program files\common files\napster shared\sharedcom\nxacwma.dll detected: Trace.File.Napster
c:\program files\common files\napster shared\sharedcom\nxaudiocodec.dll detected: Trace.File.Napster
c:\program files\common files\napster shared\sharedcom\rxacwrapper1028.lng detected: Trace.File.Napster
c:\program files\common files\napster shared\sharedcom\rxacwrapper1031.lng detected: Trace.File.Napster
c:\program files\common files\napster shared\sharedcom\rxacwrapper1033.lng detected: Trace.File.Napster
c:\program files\common files\napster shared\sharedcom\rxacwrapper1034.lng detected: Trace.File.Napster
c:\program files\common files\napster shared\sharedcom\rxacwrapper1036.lng detected: Trace.File.Napster
c:\program files\common files\napster shared\sharedcom\rxacwrapper1040.lng detected: Trace.File.Napster
c:\program files\common files\napster shared\sharedcom\rxacwrapper1041.lng detected: Trace.File.Napster
c:\program files\common files\napster shared\sharedcom\rxacwrapper1042.lng detected: Trace.File.Napster
c:\program files\common files\napster shared\sharedcom\rxacwrapper1043.lng detected: Trace.File.Napster
c:\program files\common files\napster shared\sharedcom\rxacwrapper1046.lng detected: Trace.File.Napster
c:\program files\common files\napster shared\sharedcom\rxacwrapper1053.lng detected: Trace.File.Napster
c:\program files\common files\napster shared\sharedcom\rxacwrapper1054.lng detected: Trace.File.Napster
c:\program files\common files\napster shared\sharedcom\rxacwrapper2052.lng detected: Trace.File.Napster
c:\program files\common files\napster shared\sidewinder\nsidewinder.dll detected: Trace.File.Napster
c:\program files\common files\napster shared\sidewinder\nsidewinderres.dll detected: Trace.File.Napster
c:\program files\common files\napster shared\sidewinder\sidewinderres.loc detected: Trace.File.Napster
Value: HKEY_CLASSES_ROOT\CLSID\{A0A0888B-8977-45b5-B884-57CC3A164650}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Napster
Value: HKEY_CLASSES_ROOT\CLSID\{F2897008-A82D-4267-92A3-04D22450D565}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Napster
Value: HKEY_CLASSES_ROOT\CLSID\{f73258F7-8BC6-4a64-A4E7-919E4D32DC63}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Napster
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\Napster\Client --> EnableSystrayIcon detected: Trace.Registry.Napster
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\Napster\Client --> InitialSynchronizationPrepared_. detected: Trace.Registry.Napster
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\Napster\Client --> UICx detected: Trace.Registry.Napster
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\Napster\Client --> UICy detected: Trace.Registry.Napster
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\Napster\Client --> UIMax detected: Trace.Registry.Napster
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\Napster\Client --> UIXPos detected: Trace.Registry.Napster
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\Napster\Client --> UIYPos detected: Trace.Registry.Napster
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\Napster\Common --> ExternalLinkHandler detected: Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A0A0888B-8977-45b5-B884-57CC3A164650}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F2897008-A82D-4267-92A3-04D22450D565}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f73258F7-8BC6-4a64-A4E7-919E4D32DC63}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> AuthorizedCDFPrefix detected: Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> Comments detected: Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> Contact detected: Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> DisplayName detected: Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> DisplayVersion detected: Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> EstimatedSize detected: Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> HelpLink detected: Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> HelpTelephone detected: Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> InstallDate detected: Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> InstallLocation detected: Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> InstallSource detected: Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> Language detected: Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> ModifyPath detected: Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> Publisher detected: Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> Readme detected: Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> Size detected: Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> SystemComponent detected: Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> UninstallString detected: Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> URLInfoAbout detected: Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> URLUpdateInfo detected: Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> Version detected: Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> VersionMajor detected: Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> VersionMinor detected: Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> WindowsInstaller detected: Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Napster\Client --> AffiliateId detected: Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Napster\Client --> BitRate detected: Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Napster\Client --> CurrentUser detected: Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Napster\Client --> DownloadDir detected: Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Napster\Client --> EnableSystrayIcon detected: Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Napster\Client --> EULAAccepted detected: Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Napster\Client --> HelpFaqURL detected: Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Napster\Client --> HelpTutorialURL detected: Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Napster\Client --> RegistrationURL detected: Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Napster\Common --> ExternalLinkHandler detected: Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Napster\Common --> ExternalLinkHandlerParams detected: Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Freeze.com\Installer --> id detected: Trace.Registry.EZ Game Cheats
C:\Windows\System32\f3PSSavr.scr detected: Riskware.AdTool.Win32.MyWebSearch.bg

Scanned

Files: 132103
Traces: 315325
Cookies: 2
Processes: 50

Found

Files: 1
Traces: 290
Cookies: 0
Processes: 0
Registry keys: 0

Scan end: 4/19/2008 3:18:47 PM
Scan time: 0:46:55

C:\Windows\System32\f3PSSavr.scr Quarantined Riskware.AdTool.Win32.MyWebSearch.bg
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Freeze.com\Installer --> id Quarantined Trace.Registry.EZ Game Cheats
Value: HKEY_CLASSES_ROOT\CLSID\{A0A0888B-8977-45b5-B884-57CC3A164650}\InprocServer32 --> ThreadingModel Quarantined Trace.Registry.Napster
Value: HKEY_CLASSES_ROOT\CLSID\{F2897008-A82D-4267-92A3-04D22450D565}\InprocServer32 --> ThreadingModel Quarantined Trace.Registry.Napster
Value: HKEY_CLASSES_ROOT\CLSID\{f73258F7-8BC6-4a64-A4E7-919E4D32DC63}\InprocServer32 --> ThreadingModel Quarantined Trace.Registry.Napster
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\Napster\Client --> EnableSystrayIcon Quarantined Trace.Registry.Napster
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\Napster\Client --> InitialSynchronizationPrepared_. Quarantined Trace.Registry.Napster
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\Napster\Client --> UICx Quarantined Trace.Registry.Napster
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\Napster\Client --> UICy Quarantined Trace.Registry.Napster
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\Napster\Client --> UIMax Quarantined Trace.Registry.Napster
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\Napster\Client --> UIXPos Quarantined Trace.Registry.Napster
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\Napster\Client --> UIYPos Quarantined Trace.Registry.Napster
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\Napster\Common --> ExternalLinkHandler Quarantined Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A0A0888B-8977-45b5-B884-57CC3A164650}\InprocServer32 --> ThreadingModel Quarantined Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F2897008-A82D-4267-92A3-04D22450D565}\InprocServer32 --> ThreadingModel Quarantined Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f73258F7-8BC6-4a64-A4E7-919E4D32DC63}\InprocServer32 --> ThreadingModel Quarantined Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> AuthorizedCDFPrefix Quarantined Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> Comments Quarantined Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> Contact Quarantined Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> DisplayName Quarantined Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> DisplayVersion Quarantined Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> EstimatedSize Quarantined Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> HelpLink Quarantined Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> HelpTelephone Quarantined Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> InstallDate Quarantined Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> InstallLocation Quarantined Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> InstallSource Quarantined Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> Language Quarantined Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> ModifyPath Quarantined Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> Publisher Quarantined Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> Readme Quarantined Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> Size Quarantined Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> SystemComponent Quarantined Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> UninstallString Quarantined Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> URLInfoAbout Quarantined Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> URLUpdateInfo Quarantined Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> Version Quarantined Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> VersionMajor Quarantined Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> VersionMinor Quarantined Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} --> WindowsInstaller Quarantined Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Napster\Client --> AffiliateId Quarantined Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Napster\Client --> BitRate Quarantined Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Napster\Client --> CurrentUser Quarantined Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Napster\Client --> DownloadDir Quarantined Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Napster\Client --> EnableSystrayIcon Quarantined Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Napster\Client --> EULAAccepted Quarantined Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Napster\Client --> HelpFaqURL Quarantined Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Napster\Client --> HelpTutorialURL Quarantined Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Napster\Client --> RegistrationURL Quarantined Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Napster\Common --> ExternalLinkHandler Quarantined Trace.Registry.Napster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Napster\Common --> ExternalLinkHandlerParams Quarantined Trace.Registry.Napster
c:\program files\common files\napster shared\burnplugin\burnplugin.dll Quarantined Trace.File.Napster
c:\program files\common files\napster shared\dragon\dragon.dat Quarantined Trace.File.Napster
c:\program files\common files\napster shared\dragon\ndragon.dll Quarantined Trace.File.Napster
c:\program files\common files\napster shared\dragon\ndragonrs.dll Quarantined Trace.File.Napster
c:\program files\common files\napster shared\dragon\ndragonrs.loc Quarantined Trace.File.Napster
c:\program files\common files\napster shared\sharedcom\nxacmp3ctd.dll Quarantined Trace.File.Napster
c:\program files\common files\napster shared\sharedcom\nxacwma.dll Quarantined Trace.File.Napster
c:\program files\common files\napster shared\sharedcom\nxaudiocodec.dll Quarantined Trace.File.Napster
c:\program files\common files\napster shared\sharedcom\rxacwrapper1028.lng Quarantined Trace.File.Napster
c:\program files\common files\napster shared\sharedcom\rxacwrapper1031.lng Quarantined Trace.File.Napster
c:\program files\common files\napster shared\sharedcom\rxacwrapper1033.lng Quarantined Trace.File.Napster
c:\program files\common files\napster shared\sharedcom\rxacwrapper1034.lng Quarantined Trace.File.Napster
c:\program files\common files\napster shared\sharedcom\rxacwrapper1036.lng Quarantined Trace.File.Napster
c:\program files\common files\napster shared\sharedcom\rxacwrapper1040.lng Quarantined Trace.File.Napster
c:\program files\common files\napster shared\sharedcom\rxacwrapper1041.lng Quarantined Trace.File.Napster
c:\program files\common files\napster shared\sharedcom\rxacwrapper1042.lng Quarantined Trace.File.Napster
c:\program files\common files\napster shared\sharedcom\rxacwrapper1043.lng Quarantined Trace.File.Napster
c:\program files\common files\napster shared\sharedcom\rxacwrapper1046.lng Quarantined Trace.File.Napster
c:\program files\common files\napster shared\sharedcom\rxacwrapper1053.lng Quarantined Trace.File.Napster
c:\program files\common files\napster shared\sharedcom\rxacwrapper1054.lng Quarantined Trace.File.Napster
c:\program files\common files\napster shared\sharedcom\rxacwrapper2052.lng Quarantined Trace.File.Napster
c:\program files\common files\napster shared\sidewinder\nsidewinder.dll Quarantined Trace.File.Napster
c:\program files\common files\napster shared\sidewinder\nsidewinderres.dll Quarantined Trace.File.Napster
c:\program files\common files\napster shared\sidewinder\sidewinderres.loc Quarantined Trace.File.Napster
c:\program files\common files\napster shared Quarantined Trace.Directory.Napster
c:\program files\common files\napster shared\burnplugin Quarantined Trace.Directory.Napster
c:\program files\common files\napster shared\dragon Quarantined Trace.Directory.Napster
c:\program files\common files\napster shared\sharedcom Quarantined Trace.Directory.Napster
c:\program files\common files\napster shared\sidewinder Quarantined Trace.Directory.Napster
c:\program files\mini golf pro\balls\ball10.bmp Quarantined Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball11.bmp Quarantined Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball12.bmp Quarantined Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball13.bmp Quarantined Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball14.bmp Quarantined Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball15.bmp Quarantined Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball16.bmp Quarantined Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball17.bmp Quarantined Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball18.bmp Quarantined Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball19.bmp Quarantined Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball2.bmp Quarantined Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball20.bmp Quarantined Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball21.bmp Quarantined Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball22.bmp Quarantined Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball23.bmp Quarantined Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball24.bmp Quarantined Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball25.bmp Quarantined Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball26.bmp Quarantined Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball27.bmp Quarantined Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball28.bmp Quarantined Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball29.bmp Quarantined Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball3.bmp Quarantined Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball30.bmp Quarantined Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball4.bmp Quarantined Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball5.bmp Quarantined Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball6.bmp Quarantined Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball7.bmp Quarantined Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball8.bmp Quarantined Trace.File.Mini Golf Pro
c:\program files\mini golf pro\balls\ball9.bmp Quarantined Trace.File.Mini Golf Pro
c:\program files\mini golf pro\editor\mini_golf_pro.scgms Quarantined Trace.File.Mini Golf Pro
c:\program files\mini golf pro\n_menu.dll Quarantined Trace.File.Mini Golf Pro
c:\program files\mini golf pro\readme.txt Quarantined Trace.File.Mini Golf Pro
c:\program files\mini golf pro\scconsole.dll Quarantined Trace.File.Mini Golf Pro
c:\program files\mini golf pro\sounds\taunt1.wav Quarantined Trace.File.Mini Golf Pro
c:\program files\mini golf pro\sounds\taunt2.wav Quarantined Trace.File.Mini Golf Pro
c:\program files\mini golf pro\sounds\taunt3.wav Quarantined Trace.File.Mini Golf Pro
c:\program files\mini golf pro\sounds\taunt4.wav Quarantined Trace.File.Mini Golf Pro
c:\program files\mini golf pro\sounds\taunt5.wav Quarantined Trace.File.Mini Golf Pro
c:\program files\mini golf pro\sounds\taunt6.wav Quarantined Trace.File.Mini Golf Pro
c:\program files\mini golf pro\sounds\taunt7.wav Quarantined Trace.File.Mini Golf Pro
c:\program files\mini golf pro\sounds\taunt8.wav Quarantined Trace.File.Mini Golf Pro
c:\program files\mini golf pro\sounds\taunt9.wav Quarantined Trace.File.Mini Golf Pro
c:\program files\mini golf pro Quarantined Trace.Directory.Mini Golf Pro
c:\program files\mini golf pro\balls Quarantined Trace.Directory.Mini Golf Pro
c:\program files\mini golf pro\editor Quarantined Trace.Directory.Mini Golf Pro
c:\program files\mini golf pro\sounds Quarantined Trace.Directory.Mini Golf Pro
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Freeze.com\Installer --> id Quarantined Trace.Registry.Living Beaches #2 Animated Wallpaper
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\GameSpy\GameSpy Arcade --> InstDir Quarantined Trace.Registry.GameSpy Arcade
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GameSpy Arcade --> DisplayName Quarantined Trace.Registry.GameSpy Arcade
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GameSpy Arcade --> UninstallString Quarantined Trace.Registry.GameSpy Arcade
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tb_item_wlopts_pbWhiteListPS6 Quarantined Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_button_008696 Quarantined Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_button_009251 Quarantined Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_button_015212 Quarantined Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_button_016130 Quarantined Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_button_018141 Quarantined Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_button_020255 Quarantined Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_button_021772 Quarantined Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_button_023791 Quarantined Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_button_028303 Quarantined Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_combo_015710 Quarantined Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_item_000854 Quarantined Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_item_001941 Quarantined Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_item_001978 Quarantined Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar\tb_items --> tbs_item_005692 Quarantined Trace.Registry.Freeze.com Toolbar
Value: HKEY_USERS\S-1-5-21-3977040219-1468972353-3606996305-1001\Software\XBTB03021\Toolbar&a

Edited by oregonil43, 20 April 2008 - 05:13 AM.

  • 0

Advertisements


#2
oregonil43

oregonil43

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
Avast

4/18/2008 10:10:21 PM 1208574621 Amanda 972 Function setifaceUpdatePackages() has failed. Return code is 0x2000000A, dwRes is 2000000A.
4/18/2008 11:01:48 PM 1208577708 Amanda 568 Sign of "Win32:Adware-gen [Adw]" has been found in "C:\Program Files\SpongeBob SquarePants Diner Dash\bfgt_silent_en.exe\nickarcade.dll" file.
4/19/2008 2:14:53 AM 1208589293 SYSTEM 1544 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
4/19/2008 2:14:53 AM 1208589293 SYSTEM 1544 An error has occured while attempting to update. Please check the logs.
4/19/2008 2:17:36 PM 1208632656 SYSTEM 1552 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
4/19/2008 2:17:36 PM 1208632656 SYSTEM 1552 An error has occured while attempting to update. Please check the logs.
4/19/2008 4:47:23 PM 1208641643 SYSTEM 1536 Sign of "Win32:CTX" has been found in "http://acs.pandasoftware.com/activescan/cabs/as2guiie.cab\pskavs.dll" file.
4/19/2008 4:51:49 PM 1208641909 SYSTEM 1536 Sign of "Win32:CTX" has been found in "C:\Program Files\Panda Security\ActiveScan 2.0\pskavs.dll" file.
4/19/2008 8:44:36 PM 1208655876 SYSTEM 1600 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
4/19/2008 8:44:36 PM 1208655876 SYSTEM 1600 An error has occured while attempting to update. Please check the logs.

And HijackThis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:58:45 PM, on 4/19/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\Windows\sttray.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\Common Files\aol\1199493783\ee\aolsoftware.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.c...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityrespo...r/fix_homepage/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.c...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O4 - HKLM\..\Run: [NMSSupport] "C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe" /startup
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [NapsterShell] C:\Program Files\Napster\napster.exe /systray
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1199493783\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [DSS] C:\Windows\BBStore\DSS\dssagent.exe
O4 - HKLM\..\Run: [CCUTRAYICON] C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
O4 - HKLM\..\Run: [BigFix] c:\program files\Bigfix\bigfix.exe /atstartup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8
O4 - HKCU\..\Run: [Uniblue RegistryBooster2] c:\program files\uniblue\registrybooster 2\StartRegistryBooster.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: RollerCoaster Tycoon 3 Registration.lnk = C:\Users\Amanda\AppData\Local\Temp\{2C72795D-4CA3-4651-B8A5-6160F23631CF}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: &Search - http://edits.mywebse...?p=ZCxdm565MOUS
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoft...s/as2stubie.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace....ploader1005.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/.../GrooveAX27.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun....ows-i586-jc.cab
O16 - DPF: {AE6C4705-0F11-4ACB-BDD4-37F138BEF289} (Image Uploader Control) - http://woodmansdigit...PUploader45.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-sec...m/ols/fscax.cab
O16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} (Toontown Installer ActiveX Control) - http://a.download.to...29.8/ttinst.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.m...ash/swflash.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL C:\Windows\system32\guard32.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Intel® Alert Service (AlertService) - Intel® Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: Google Desktop Manager 5.5.709.30344 (GoogleDesktopManager-093007-112848) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel® Software Services Manager (ISSM) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: Intel® Viiv™ Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: Intel® Application Tracker (MCLServiceATL) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: Intel® Remoting Service (Remote UI Service) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6253\SAService.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 10807 bytes

HijackThis installed programs

2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
Absolute Uninstaller 2.5
Activation Assistant for the 2007 Microsoft Office suites
Adobe Flash Player ActiveX
Adobe Flash Player Plugin
Adobe Reader 8.1.1
Adobe Shockwave Player
Aloha Solitaire
Ancient Tripeaks II
AOL Uninstaller (Choose which Products to Remove)
Apple Mobile Device Support
Apple Software Update
a-squared Free 3.1
avast! Antivirus
Bejeweled 2 Deluxe
Blasterball 2 Remix
Blasterball 3
Bonjour
Burger Rush
Cabela's Big Game Hunter 2006 Season
Cake Mania
Call of Duty Game of the Year Edition
Canon iP1700
Canon iP1700 User Registration
Canon My Printer
Canon PhotoRecord
Canon Utilities Easy-PhotoPrint
Canon ZoomBrowser EX (E)
Castle of Cards
CCleaner (remove only)
Chuzzle Deluxe
City Magnate
Clue
COMODO Firewall Pro
Delicious 2 Deluxe
Delicious Deluxe
Digital Media Reader
Diner Dash
Diner Dash
Diner Dash 2
Diner Dash Flo on the Go
DirectX Media Runtime 5.1
Disney Toontown Online
ebgcInfra
ebgcRes
ebgcRes
ebgcRes
ebgcRes
ebgcRes
ebgcSDK
ebgcSDK
ebgcSDK
eMachines Game Console
eMachines Recovery Center Installer
Fairly OddParents - Timmy's Roach Rampage
Family Feud (remove only)
Family Feud™
Family Feud™ II
FATE
Fish Tycoon
Five Card Deluxe
Frogger v3.0e
GameHouse Sudoku
Garden Dreams
Gold Miner
Gold Miner Vegas
Google Desktop
Google Earth
GSP Sudoku
HijackThis 2.0.2
Hotel Solitaire
Intel® Graphics Media Accelerator Driver
Intel® PRO Network Connections Drivers
Intel® Viiv™ Software
iPod for Windows 2006-03-23
iTunes
Java™ 6 Update 5
JEOPARDY
Jeopardy! 2nd Edition
Kids Cam Sticker Factory
LeapFrog® Mind Station™
Live Billiards
Malwarebytes' Anti-Malware
Microsoft Digital Image Starter Edition 2006
Microsoft Money 2006
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Works
Mini Golf Pro
Monopoly Here & Now Edition
Motocross Mania
MSM32Installer
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
Music Creator 4
Nick Aracde Toolbar
Off Road Arena
Panda ActiveScan 2.0
Penguins!
Pet Vet (remove only)
Picasa 2
Polar Bowler
Polar Golfer
Power2Go 5.0
Prison Tycoon 2
PS2 Multimedia Keyboard Driver
Puppy Luv (remove only)
QuickTime
RealArcade
Rhapsody Player Engine
Risk II
RollerCoaster Tycoon 2 Triple Thrill Pack
RTC Client API v1.2
Saints & Sinners Bowling
Sandlot Games Client Services 1.2.2
Scooby-Doo™, Showdown in Ghost Town™
SCRABBLE
SCRABBLE
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Excel 2007 (KB946974)
Security Update for Office 2007 (KB947801)
Security Update for Visio 2007 (KB947590)
SigmaTel Audio
Snowy Lunch Rush
Soft Data Fax Modem with SmartCP
SpongeBob SquarePants Movie 3D Game (remove only)
Super Collapse! 3
Super Pop & Drop
Super SpongeBob Collapse!
SUPERAntiSpyware Free Edition
Tank O Box
Teddy Factory
Test Drive Off-Road 3
Texas Hold'em Poker
Update for Office 2007 (KB946691)
Verizon Online DSL
Viewpoint Media Player
Wheel of Fortune 2 (remove only)
Wheel of Fortune 2nd Edition
Windows Live Messenger
Windows Live Sign-in Assistant
Yahoo! Internet Mail
Yahoo! Messenger
Yahoo! Ten Pin Championship Bowling
Yahtzee

Thanks in advance for any help. I'm not familar with Vista.
  • 0

#3
oregonil43

oregonil43

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
Please close this post

Thanks
  • 0

#4
Rorschach112

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP