Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Latest News:    Kraken Cryptor Ransomware Connecting to BleepingComputer During Encryption

Featured Deal: Get The Pay What You Want: AWS Cloud Development Bundle Deal

Photo

Not sure if I have malware or false positives?

Started by Groffeaston , Nov 06 2010 09:51 PM

  • Please log in to reply
7 replies to this topic

#1 Groffeaston

Groffeaston

  • Members
  • 518 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Easton,PA
  • Local time:05:42 PM

Posted 06 November 2010 - 09:51 PM

Hello everyone!

I just got done running a Emsisoft Anti-Malware free on quick scan and it picked up a lot of stuff. Some stuff, I know about as being detected and listed as malware, but I have not had any problems with, in that area that I know of. There are others that have been detected that I am not sure about whether they are malware or are legit or have had high instances of being used by malware or is a false positive?

I am including the report from the scan I ran and also could someone please explain to me what the report says.


Emsisoft Anti-Malware - Version 5.0
Last update: 11/6/2010 9:44:57 PM

Scan settings:

Scan type: Quick Scan
Objects: Memory, Traces, Cookies
Scan archives: Off
Heuristics: Off
ADS Scan: On

Scan start: 11/6/2010 9:45:52 PM

c:\programdata\microsoft\windows\start menu\programs\The Weather Channel detected: Trace.Directory.Desktop Weather!A2
c:\program files\The Weather Channel FW detected: Trace.Directory.Desktop Weather!A2
c:\program files\search toolbar detected: Trace.Directory.HuntBar.Stoolbar!A2
c:\programdata\microsoft\windows\start menu\programs\imesh detected: Trace.Directory.IMesh!A2
c:\program files\iMesh Applications\iMesh detected: Trace.Directory.iMesh!A2
c:\program files\iMesh Applications\iMesh\HTML detected: Trace.Directory.iMesh!A2
c:\program files\iMesh Applications\iMesh\Skins detected: Trace.Directory.iMesh!A2
c:\program files\iMesh Applications\iMesh\Skins\Images detected: Trace.Directory.iMesh!A2
c:\programdata\microsoft\windows\start menu\programs\Ascentive detected: Trace.Directory.Spyware Striker Pro!A2
c:\program files\Ascentive\Performance Center detected: Trace.Directory.Spyware Striker Pro!A2
c:\users\matthew\appdata\roaming\Microsoft\Internet Explorer\Quick Launch\iMesh.lnk detected: Trace.File.iMesh!A2
c:\users\public\desktop\iMesh.lnk detected: Trace.File.iMesh!A2
c:\programdata\microsoft\windows\start menu\programs\imesh\imesh.lnk detected: Trace.File.IMesh!A2
c:\program files\iMesh Applications\iMesh\HTML\error.html detected: Trace.File.iMesh!A2
c:\program files\iMesh Applications\iMesh\HTML\loading.html detected: Trace.File.iMesh!A2
c:\program files\iMesh Applications\iMesh\license.txt detected: Trace.File.iMesh!A2
c:\program files\iMesh Applications\iMesh\NCTAudioCDWriter2.dll detected: Trace.File.iMesh!A2
c:\program files\iMesh Applications\iMesh\NCTDataCDWriter2.dll detected: Trace.File.iMesh!A2
c:\program files\iMesh Applications\iMesh\Shw32.dll detected: Trace.File.iMesh!A2
c:\program files\iMesh Applications\iMesh\Skins\Default.skn detected: Trace.File.iMesh!A2
c:\program files\iMesh Applications\iMesh\Skins\Default.xml detected: Trace.File.iMesh!A2
c:\program files\iMesh Applications\iMesh\Skins\Images\DefArtwork.jpg detected: Trace.File.iMesh!A2
c:\program files\iMesh Applications\iMesh\Skins\Images\TAFLogo.PNG detected: Trace.File.iMesh!A2
c:\program files\iMesh Applications\iMesh\Skins\Images\ToGoLogo.PNG detected: Trace.File.iMesh!A2
c:\program files\iMesh Applications\iMesh\Skins\Settings.xml detected: Trace.File.iMesh!A2
c:\users\public\desktop\Optimize Internet.url detected: Trace.File.Spyware Striker Pro!A2
c:\users\public\desktop\Performance Center.lnk detected: Trace.File.Spyware Striker Pro!A2
c:\programdata\microsoft\windows\start menu\programs\Ascentive\Performance Center.lnk detected: Trace.File.Spyware Striker Pro!A2
c:\program files\Ascentive\Performance Center\ApcMain.exe detected: Trace.File.Spyware Striker Pro!A2
Key: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\TTB000001\Cache detected: Trace.Registry.Couponbar!A2
N/A detected: Trace.Registry.CouponBar!A2
Key: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\TTB000001\Toolbar\tb_items detected: Trace.Registry.Couponbar!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\TTB000001\Toolbar\tb_items --> tbs_space_010261 detected: Trace.Registry.CouponBar!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\TTB000001\Toolbar --> AutoComplete detected: Trace.Registry.CouponBar!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\TTB000001\Toolbar --> autoUpdateMsg detected: Trace.Registry.Couponbar!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\TTB000001\Toolbar --> closeAllWindowsForUpdate detected: Trace.Registry.Couponbar!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\TTB000001\Toolbar --> connectionError detected: Trace.Registry.CouponBar!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\TTB000001\Toolbar --> corruptedMsg detected: Trace.Registry.Couponbar!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\TTB000001\Toolbar --> CountOS detected: Trace.Registry.CouponBar!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\TTB000001\Toolbar --> CurrentFont detected: Trace.Registry.CouponBar!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\TTB000001\Toolbar --> CurrentLayout detected: Trace.Registry.CouponBar!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\TTB000001\Toolbar --> DescriptiveText detected: Trace.Registry.CouponBar!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\TTB000001\Toolbar --> EditWidthcombo1 detected: Trace.Registry.CouponBar!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\TTB000001\Toolbar --> firstURL detected: Trace.Registry.Couponbar!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\TTB000001\Toolbar --> FontSize detected: Trace.Registry.CouponBar!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\TTB000001\Toolbar --> KeepHistory detected: Trace.Registry.CouponBar!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\TTB000001\Toolbar --> lastVersionMsg detected: Trace.Registry.Couponbar!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\TTB000001\Toolbar --> m_bWorking detected: Trace.Registry.CouponBar!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\TTB000001\Toolbar --> OldOS detected: Trace.Registry.CouponBar!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\TTB000001\Toolbar --> OpenNew detected: Trace.Registry.CouponBar!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\TTB000001\Toolbar --> RunSearchAutomatically detected: Trace.Registry.CouponBar!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\TTB000001\Toolbar --> RunSearchDragAutomatically detected: Trace.Registry.CouponBar!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\TTB000001\Toolbar --> Scope detected: Trace.Registry.CouponBar!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\TTB000001\Toolbar --> serverpath detected: Trace.Registry.Couponbar!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\TTB000001\Toolbar --> ShowFindButtons detected: Trace.Registry.CouponBar!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\TTB000001\Toolbar --> ShowHighlightButton detected: Trace.Registry.CouponBar!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\TTB000001\Toolbar --> TBBreak detected: Trace.Registry.CouponBar!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\TTB000001\Toolbar --> TBPos detected: Trace.Registry.CouponBar!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\TTB000001\Toolbar --> TBShow detected: Trace.Registry.CouponBar!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\TTB000001\Toolbar --> TBWidth detected: Trace.Registry.CouponBar!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\TTB000001\Toolbar --> toolbar_id detected: Trace.Registry.CouponBar!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\TTB000001\Toolbar --> toolbar_version detected: Trace.Registry.CouponBar!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\TTB000001\Toolbar --> ToolbarIsFailed detected: Trace.Registry.CouponBar!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\TTB000001\Toolbar --> uninstallMsg detected: Trace.Registry.Couponbar!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\TTB000001\Toolbar --> UpdateAutomatically detected: Trace.Registry.CouponBar!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\TTB000001\Toolbar --> updateMsg detected: Trace.Registry.Couponbar!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\TTB000001\Toolbar --> updateUrl detected: Trace.Registry.Couponbar!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\TTB000001\Toolbar --> updateXML detected: Trace.Registry.CouponBar!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\TTB000001\Toolbar --> urlAfterUninstall detected: Trace.Registry.Couponbar!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\TTB000001\Toolbar --> urlAfterUpdate detected: Trace.Registry.Couponbar!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\TTB000001\Toolbar --> versionError detected: Trace.Registry.CouponBar!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar --> {5BED3930-2E9E-76D8-BACC-80DF2188D455} detected: Trace.Registry.CouponBar!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TTB000001.TTB000001Toolbar --> DisplayName detected: Trace.Registry.Couponbar!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TTB000001.TTB000001Toolbar --> UninstallString detected: Trace.Registry.Couponbar!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iMesh --> DisplayName detected: Trace.Registry.iMesh 6!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iMesh --> Publisher detected: Trace.Registry.iMesh 6!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iMesh --> UninstallString detected: Trace.Registry.iMesh 6!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Player --> Volume detected: Trace.Registry.iMesh MediaBar!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Preferences\PortablePlayers\0 --> AutoSync detected: Trace.Registry.iMesh MediaBar!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Preferences\PortablePlayers\0 --> NoRemove detected: Trace.Registry.iMesh MediaBar!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Preferences\PortablePlayers\0 --> SerialNumber detected: Trace.Registry.iMesh MediaBar!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Preferences\PortablePlayers\0 --> Usages detected: Trace.Registry.iMesh MediaBar!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Preferences\PortablePlayers --> Devices detected: Trace.Registry.iMesh MediaBar!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\General --> AppData detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\General --> DownloadDir detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\General --> DownloadLimit detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\General --> DSUniqueID detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\General --> Home detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\General --> LanguageCode detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\General --> LimitTime detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\General --> Login detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\General --> MNEnabled detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\General --> NetworkPaneShow detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\General --> OKHashes detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\General --> SettingsXML detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\General --> Skin detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\General --> SkinXML detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\General --> StatisticsFileName detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Network\IM2Net --> AccessUploading detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Network\IM2Net --> AntPort detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Network\IM2Net --> ConnectIp detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Network\IM2Net --> EnableLocalConnections detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Network\IM2Net --> MaxConnForFile detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Network\IM2Net --> MaxDownload detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Network\IM2Net --> MaxDownloadSpeed detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Network\IM2Net --> MaxUpload detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Network\IM2Net --> MaxUploadSpeed detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Network\IM2Net --> PreviewPort detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Network\IM2Net --> ReassignSlowSources detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Network\IM2Net --> SmartTraffic detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Network\IM2Net --> StatusUploadPort detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Network\IM2Net --> TimeLibraryReportSent detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Network\IM2Net --> TimeUploadPort detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Network\Proxy --> Password detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Network\Proxy --> ServerAddress detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Network\Proxy --> ServerPort detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Network\Proxy --> Type detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Network\Proxy --> UseAuthentication detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Network\Proxy --> Username detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Preferences\FileList --> DeleteFromDisk detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Preferences\FileList --> MediaTypeFilter detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Preferences\IEHomepage --> DontShowIEHomepageOffer detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Preferences\IEHomepage --> DontShowIEHomepageOfferNever detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Preferences\IEHomepage --> IEHomepage detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Preferences\IEHomepage --> LastHomepageCheck detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Preferences\Invite --> DownloadCount detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Preferences\Invite --> InviteShowCount detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Preferences\Invite --> PlayCount detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Preferences\Search --> MaxResultsCount detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Preferences\Search --> MediaTypeFilter detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Preferences\Search --> PremiumEnabled detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Preferences\Security --> DoNotShare detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Preferences --> AUDeclineDate detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Preferences --> AutoResetPlayCount detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Preferences --> CopyFromRemovable detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Preferences --> IMHistoryFolderPath detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Preferences --> IMPictureFolderPath detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Preferences --> IsAutoVolume detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Preferences --> IsCrossfadeEnable detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Preferences --> IsIMAlertContacts detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Preferences --> IsIMAlertMessages detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Preferences --> IsIMDontPlayWhenPlaying detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Preferences --> IsIMEveryone detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Preferences --> IsIMSpecialAlers detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Preferences --> IsNeedUpdateHisory detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Preferences --> IsNotPresentAnyVideo detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Preferences --> IsNotShowNick detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Preferences --> IsPlayDownloadSound detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Preferences --> IsSearchAutoSuggest detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Preferences --> IsSecurityLock detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Preferences --> IsShowCRQDialog detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Preferences --> IsShowDownloadTray detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Preferences --> IsShowFTPDialog detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Preferences --> IsShowLQDialog detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Preferences --> IsShowToday detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Preferences --> ReceiveLooking detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Preferences --> RootLicenseDate detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Preferences --> SendLooking detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Preferences --> ShowNILWarning detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Preferences --> SubsType detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Preferences --> UpdaterLocation detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Preferences --> UsedMNPortable detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Preferences --> UsedPortable detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Preferences --> VideoRegime detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Preferences --> VisualEnabled detected: Trace.Registry.iMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh\Preferences --> VisualRegime detected: Trace.Registry.iMesh!A2
Key: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\software\imesh detected: Trace.Registry.IMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\iMesh --> LastOpenFileDir detected: Trace.Registry.iMesh!A2
Key: HKEY_LOCAL_MACHINE\software\imesh detected: Trace.Registry.IMesh!A2
Key: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\imesh detected: Trace.Registry.IMesh!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\Ascentive\Performance Center --> AppPath detected: Trace.Registry.Spyware Striker Pro!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\Ascentive\Performance Center --> InstallDate detected: Trace.Registry.Spyware Striker Pro!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\Ascentive\Performance Center --> Language detected: Trace.Registry.Spyware Striker Pro!A2
Value: HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\Viewpoint\Content Debugger --> Viewpoint Manager detected: Trace.Registry.Viewpoint Media Toolbar!A2
Value: HKEY_CLASSES_ROOT\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Widomaker Toolbar!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Widomaker Toolbar!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Sony Pictures Games\JEOPARDY! --> PID detected: Trace.Registry.JEOPARDY!!A2
C:\Users\Matthew\AppData\Roaming\Microsoft\Windows\Cookies\matthew@2o7[2].txt detected: Trace.TrackingCookie.2o7!A2
C:\Users\Matthew\AppData\Roaming\Microsoft\Windows\Cookies\matthew@adtech[1].txt detected: Trace.TrackingCookie.adtech!A2
C:\Users\Matthew\AppData\Roaming\Microsoft\Windows\Cookies\matthew@bs.serving-sys[1].txt detected: Trace.TrackingCookie.bs.serving-sys!A2
C:\Users\Matthew\AppData\Roaming\Microsoft\Windows\Cookies\matthew@com[2].txt detected: Trace.TrackingCookie.com!A2
C:\Users\Matthew\AppData\Roaming\Microsoft\Windows\Cookies\matthew@pointroll[1].txt detected: Trace.TrackingCookie.pointroll!A2
C:\Users\Matthew\AppData\Roaming\Microsoft\Windows\Cookies\matthew@pro-market[2].txt detected: Trace.TrackingCookie.pro-market!A2
C:\Users\Matthew\AppData\Roaming\Microsoft\Windows\Cookies\matthew@questionmarket[1].txt detected: Trace.TrackingCookie.questionmarket!A2
C:\Users\Matthew\AppData\Roaming\Microsoft\Windows\Cookies\matthew@realmedia[1].txt detected: Trace.TrackingCookie.realmedia!A2
C:\Users\Matthew\AppData\Roaming\Microsoft\Windows\Cookies\matthew@ru4[2].txt detected: Trace.TrackingCookie.ru4!A2
C:\Users\Matthew\AppData\Roaming\Microsoft\Windows\Cookies\matthew@serving-sys[2].txt detected: Trace.TrackingCookie.serving-sys!A2
C:\Users\Matthew\AppData\Roaming\Microsoft\Windows\Cookies\matthew@specificclick[2].txt detected: Trace.TrackingCookie.specificclick!A2
C:\Users\Matthew\AppData\Roaming\Microsoft\Windows\Cookies\matthew@trafficmp[1].txt detected: Trace.TrackingCookie.trafficmp!A2
C:\Users\Matthew\AppData\Roaming\Microsoft\Windows\Cookies\matthew@tribalfusion[1].txt detected: Trace.TrackingCookie.tribalfusion!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1251259036137000 detected: Trace.TrackingCookie.m.webtrends.com!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1251261452458009 detected: Trace.TrackingCookie.myspace.com!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1251261452458012 detected: Trace.TrackingCookie.myspace.com!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1251261456837000 detected: Trace.TrackingCookie.myspace.com!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1254926620891000 detected: Trace.TrackingCookie.aol.com!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1254926670878008 detected: Trace.TrackingCookie.aol.com!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1254927090306001 detected: Trace.TrackingCookie.myspace.com!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1255160159991001 detected: Trace.TrackingCookie.e.nvero.net!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1260114884635001 detected: Trace.TrackingCookie.go.com!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1260114887598002 detected: Trace.TrackingCookie.go.com!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1260114888368000 detected: Trace.TrackingCookie.go.com!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1260114888797000 detected: Trace.TrackingCookie.go.com!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1260114889321000 detected: Trace.TrackingCookie.go.com!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1260838867563003 detected: Trace.TrackingCookie.go.com!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1261767604094001 detected: Trace.TrackingCookie.aol.com!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1262144774353000 detected: Trace.TrackingCookie.aol.com!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1265599192019000 detected: Trace.TrackingCookie.d1.openx.org!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1265786935034000 detected: Trace.TrackingCookie.go.com!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1266039172439000 detected: Trace.TrackingCookie.e.nvero.net!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1267065189463000 detected: Trace.TrackingCookie.aol.com!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1278395814453000 detected: Trace.TrackingCookie.www.adfusion.com!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1286087630598001 detected: Trace.TrackingCookie.eas.apm.emediate.eu!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1287443571407000 detected: Trace.TrackingCookie.trafficmp.com!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1287443571407002 detected: Trace.TrackingCookie.trafficmp.com!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1287443575799000 detected: Trace.TrackingCookie.trafficmp.com!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1287443575799001 detected: Trace.TrackingCookie.trafficmp.com!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1287443575799002 detected: Trace.TrackingCookie.trafficmp.com!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1287443575805007 detected: Trace.TrackingCookie.trafficmp.com!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1287609805203000 detected: Trace.TrackingCookie.com!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1287642511571000 detected: Trace.TrackingCookie.go.com!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1287642512410002 detected: Trace.TrackingCookie.go.com!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1287642512410003 detected: Trace.TrackingCookie.go.com!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1287642515891000 detected: Trace.TrackingCookie.go.com!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1287773021354000 detected: Trace.TrackingCookie.tribalfusion.com!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1287939865109000 detected: Trace.TrackingCookie.www.buy!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1287939865126002 detected: Trace.TrackingCookie.www.buy!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1288409774022000 detected: Trace.TrackingCookie.trafficmp.com!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1288409774022002 detected: Trace.TrackingCookie.trafficmp.com!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1288409782104000 detected: Trace.TrackingCookie.www.burstbeacon.com!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1288423376142000 detected: Trace.TrackingCookie.go.com!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1288424224487000 detected: Trace.TrackingCookie.go.com!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1288428513231000 detected: Trace.TrackingCookie.adj3.thruport.com!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1288428513392000 detected: Trace.TrackingCookie.adj3.thruport.com!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1288429674348000 detected: Trace.TrackingCookie.web4.realtracker!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1288503123542000 detected: Trace.TrackingCookie.azjmp.com!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1288503123542001 detected: Trace.TrackingCookie.azjmp.com!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1288662965411000 detected: Trace.TrackingCookie.myspace.com!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1288662967892000 detected: Trace.TrackingCookie.myspace.com!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1288662975394000 detected: Trace.TrackingCookie.myspace.com!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1288663086107012 detected: Trace.TrackingCookie.myspace.com!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1288673072436000 detected: Trace.TrackingCookie.go.com!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1288673076294000 detected: Trace.TrackingCookie.go.com!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1288679813330000 detected: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1288893733777009 detected: Trace.TrackingCookie.d1.openx.org!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1288893733777011 detected: Trace.TrackingCookie.d1.openx.org!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1288895101257001 detected: Trace.TrackingCookie.d1.openx.org!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1288895101355005 detected: Trace.TrackingCookie.d1.openx.org!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1288895101361001 detected: Trace.TrackingCookie.d1.openx.org!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1288898614700000 detected: Trace.TrackingCookie.ads.pubmatic.com!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1289019928397001 detected: Trace.TrackingCookie.trafficmp.com!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1289023851487000 detected: Trace.TrackingCookie.adserv!A2
C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\lu0si6w3.default\cookies.sqlite:1289078284403000 detected: Trace.TrackingCookie.www.googleadservices.com!A2

Scanned

Files: 503
Traces: 623281
Cookies: 2616
Processes: 71

Found

Files: 0
Traces: 177
Cookies: 78
Processes: 0
Registry keys: 0

Scan end: 11/6/2010 9:48:32 PM
Scan time: 0:02:40

BC AdBot (Login to Remove)

 

#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:42 PM

Posted 06 November 2010 - 10:40 PM

Hello I am not sure of which you refer ,but all there are spyware and adware ,some in the form of tool bars and some the result of file sharing. I remove all those myself if I found them in my scans.
Let's look at another log.

Next run MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware and save it to your desktop.
Download Link 1
Download Link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
    For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

Troubleshoot Malwarebytes' Anti-Malware

Edited by boopme, 06 November 2010 - 10:42 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Groffeaston

Groffeaston
  • Topic Starter

  • Members
  • 518 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Easton,PA
  • Local time:05:42 PM

Posted 07 November 2010 - 12:50 PM

Hello,

I ran the MBAM scan and it only picked up 2 things, they where related to the same program. I had MBAM take care of it. I am including the log below.

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 5066

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18975

11/7/2010 12:29:07 PM
mbam-log-2010-11-07 (12-29-07).txt

Scan type: Quick scan
Objects scanned: 159191
Time elapsed: 10 minute(s), 26 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{bb05bd70-4605-4829-93fc-ad80d8cc5b66} (Rogue.PerformanceCenter) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Users\Public\Desktop\Spyware Striker.url (Rogue.Multiple) -> Quarantined and deleted successfully.

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:42 PM

Posted 07 November 2010 - 06:20 PM

Ok these were malware and need to go.. We should still get an online scan and make sure.

Please perform a scan with Eset Online Antiivirus Scanner.
This scan requires Internet Explorer to work. Vista/Windows 7 users need to run Internet Explorer as Administrator.
To do this, right-click on the IE icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run As Administrator from the context menu.
  • Click the green Posted Image button.
  • Read the End User License Agreement and check the box:
  • Check Posted Image.
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Check Posted Image
  • Check Remove found threats and Scan potentially unwanted applications. (If given the option, choose "Quarantine" instead of delete.)
  • Click the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer.
  • If offered the option to get information or buy software at any point, just close the window.
  • The scan will take a while so be patient and do NOT use the computer while the scan is running. Keep all other programs and windows closed.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop as ESETScan.txt.
  • Push the Posted Image button, then Finish.
  • Copy and paste the contents of ESETScan.txt in your next reply.
Note: A log.txt file will also be created and automatically saved in the C:\Program Files\EsetOnlineScanner\ folder.
If you did not save the ESETScan log, click Posted Image > Run..., then type or copy and paste everything in the code box below into the Open dialogue box:

C:\Program Files\ESET\EsetOnlineScanner\log.txt
  • Click Ok and the scan results will open in Notepad.
  • Copy and paste the contents of log.txt in your next reply.
-- Some online scanners will detect existing anti-virus software and refuse to cooperate. You may have to disable the real-time protection components of your existing anti-virus and try running the scan again. If you do this, remember to turn them back on after you are finished.

NOTE: In some instances if no malware is found there will be no log produced.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Groffeaston

Groffeaston
  • Topic Starter

  • Members
  • 518 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Easton,PA
  • Local time:05:42 PM

Posted 07 November 2010 - 11:04 PM

Hello!

Here is the log of the ESETScan:

C:\Users\Matthew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Component Update 421 multiple threats deleted - quarantined
C:\Users\Matthew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Component Update 682 multiple threats deleted - quarantined
C:\Users\Matthew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Component Update 803 multiple threats deleted - quarantined
C:\Users\Matthew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Component Update 905 multiple threats deleted - quarantined
C:\Users\Matthew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Component Update 912 multiple threats deleted - quarantined
C:\Users\Matthew\AppData\Local\Temp\Low\CouponsBar.dll probably a variant of Win32/Adware.Softomate.AD application cleaned by deleting - quarantined
C:\Users\Matthew\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\3df62381-6196dba8 multiple threats deleted - quarantined
C:\Users\Matthew\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\3df3a642-7b71a0d1 multiple threats deleted - quarantined
C:\Users\Matthew\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\3c61e454-2dafe157 multiple threats deleted - quarantined
C:\Users\Matthew\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23\5d65b6d7-66eb3512 multiple threats deleted - quarantined
C:\Users\Matthew\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\70628d30-4edbcb8b multiple threats deleted - quarantined
C:\Users\Matthew\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62\777d457e-5a61fe55 multiple threats deleted - quarantined

I knew about CouponsBar, because I downloaded it to print out coupons for my mom so she could use for shopping the onetime and decided to keep it for a while, in case she needs a coupon and cannot find any from the local newspaper circulars.

The rest just looks like old updates from the one anti-malware program and Java Deployments from a couple of programs I always use, in the cache. That could explain some problems I have been having with those programs that use Java.

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:42 PM

Posted 07 November 2010 - 11:10 PM

OK set the scanners to ignore those apps you want.
What version of JAVA is running?
Go into Control Panel>Add Remove Programs. Be sure the 'Show Updates' box is checked. Go down the list and tell me what Java applications are installed and their version. (Highlight the program to see this).
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 Groffeaston

Groffeaston
  • Topic Starter

  • Members
  • 518 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Easton,PA
  • Local time:05:42 PM

Posted 08 November 2010 - 12:43 AM

Hello!

I am not sure I did it correctly, but the only programs that I saw that mentioned Java, was Java. The Java programs I found were:

Java SE Runtime Environment 6

Java 6 Update 16

Java 6 Update 22

When I looked at the Java control panel and clicked on "about" here is the information it showed: Java 6 Update 22 (build 1.6.0_22-b04)


When I looked in the updates section in the "Programs and Features" it just showed the updates for Microsoft Windows and its related programs.

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:42 PM

Posted 08 November 2010 - 09:25 PM

Good, go back in keep
Java 6 Update 22

When I looked at the Java control panel and clicked on "about" here is the information it showed: Java 6 Update 22 (build 1.6.0_22-b04)



Remove anything else and rebbot. The others can be be exploited by malware..
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook
Back to Am I infected? What do I do?


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users


  1. BleepingComputer.com
  2. Security
  3. Am I infected? What do I do?
  4. Privacy Policy
  5. Rules ·