Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Not sure what i am infected with


  • This topic is locked This topic is locked
16 replies to this topic

#1 Cougar68

Cougar68

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Clearwater Fl
  • Local time:03:37 PM

Posted 14 March 2009 - 09:57 AM

Hello,
Hope someone can help. It started with IE being redirected then I lost all network connections, system restore will go as far as the last” next” button then will do nothing like it’s a dead switch. I can only boot into safe mode with networking.
I get numerous “the memory could not be read” errors from svchost.exe and other problems.
My PC is a
E machine
Windows XP home edition - Service pack 3
AMD Athlon 64 processor - 3200+ - 2.00 GHz – 768mb of Ram
I have AVG Anti Virus – Free Edition – it can find no threats> I also have Super Anti Spy – Free Edition – it can find no threats –
ATF ,
Hijack This
CCleaner
hope some one can help.
thank you

BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,605 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:37 PM

Posted 14 March 2009 - 11:09 AM

Welcome to BC.

Please download Malwarebytes Anti-Malware (v1.34) and save it to your desktop.
alternate download link 1
alternate download link 2
If you have a previous version of MBAM, remove it via Add/Remove Programs and download a fresh copy.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself.
  • Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install. Alternatively, you can update through MBAM's interface from a clean computer, copy the definitions (rules.ref) located in C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware from that system to a usb stick or CD and then copy it to the infected machine.
On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with disinfection. Regardless if prompted to restart the computer or not, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware. MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you after scanning with MBAM. Temporarily disable such programs or permit them to allow the changes. Click this link to see a list of programs that should be disabled.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 Cougar68

Cougar68
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Clearwater Fl
  • Local time:03:37 PM

Posted 14 March 2009 - 01:12 PM

here s the file
Microsoft Windows XP Home Edition Service Pack 3
5.01 build 2600 Service Pack 3
Username: Jerry
In groups: LOCAL Administrators Everyone Users None INTERACTIVE Authenticated Users
2009/03/14 13:58:37:562: Application Version: 1.9.3337.776
2009/03/14 13:58:37:578: Module Version: 1.0.3330.820
2009/03/14 13:58:37:578: Service Version: 1.9.3337.776
2009/03/14 13:58:37:578: ===============================================================
2009/03/14 13:58:37:578: Switching to PIEInProc.
2009/03/14 13:58:37:578: Checking for bad run key.
2009/03/14 13:58:37:578: Windows directory: C:\WINDOWS
2009/03/14 13:58:37:578: System directory: C:\WINDOWS\system32
2009/03/14 13:58:37:578: Program Files directory: C:\Program Files
2009/03/14 13:58:37:578: Application Data: C:\Documents and Settings\Jerry\Application Data
2009/03/14 13:58:37:578: User Profile: C:\Documents and Settings\Jerry
2009/03/14 13:58:37:578: User Temp: C:\DOCUME~1\Jerry\LOCALS~1\Temp\
2009/03/14 13:58:37:578: Start Menu: C:\Documents and Settings\Jerry\Start Menu
2009/03/14 13:58:37:578: User Desktop: C:\Documents and Settings\Jerry\Desktop
2009/03/14 13:58:37:578: Common Desktop: C:\Documents and Settings\All Users\Desktop
2009/03/14 13:58:37:578: Common Profile: C:\Documents and Settings\All Users
2009/03/14 13:58:37:578: SID set to: S-1-5-21-2000478354-2025429265-839522115-1004
2009/03/14 13:58:43:062: version was called, but is not defined in this dll version.
2009/03/14 13:58:43:062: Database Version:
2009/03/14 13:58:43:062: version was called, but is not defined in this dll version.
2009/03/14 13:58:43:062: Database Version:
2009/03/14 13:58:43:250: Driver check:
2009/03/14 13:58:43:250: SC manager open.
2009/03/14 13:58:43:250: MalwareRemovalBot not found. Attemping install.
2009/03/14 13:58:43:250: Checking for C:\Program Files\MalwareRemovalBot\FilterDrv\MalwareRemovalBot.inf
2009/03/14 13:58:43:250: StartDriver:
2009/03/14 13:58:43:250: This is a driver version.
2009/03/14 13:58:43:250: Channel: \AntiSpyFilter
2009/03/14 13:58:43:250: SC manager open.
2009/03/14 13:58:43:250: Driver is not connected.
2009/03/14 13:58:43:250: Component check complete.
2009/03/14 13:58:46:593: No command line.
2009/03/14 13:58:46:593: Parsing command line:
2009/03/14 13:58:46:609: OnitDialog...
2009/03/14 13:58:49:218: Checking for database update...
2009/03/14 13:58:51:562: Database Version: 11.3.2 1236708021
2009/03/14 13:58:51:562: Setting Timer to Hide Splash
2009/03/14 13:58:51:656: Database Version: 11.3.2 1236708021
2009/03/14 13:58:52:062: Hiding Splash
2009/03/14 13:59:38:500: Database Version: 11.3.2 1236708021
2009/03/14 13:59:53:250: Database Version: 11.3.2 1236708021
2009/03/14 14:03:56:203: Database Version: 11.3.2 1236708021
2009/03/14 14:03:59:656: Database Version: 11.3.2 1236708021
2009/03/14 14:04:43:593: Database Version: 11.3.2 1236708021
2009/03/14 14:05:16:421: Component check complete.

I still have no network connections and my pc has no ip address
and thank you for your help

#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,605 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:37 PM

Posted 14 March 2009 - 01:53 PM

That log was not created by the instructions I provided. Please reread those instructions and scan with MBAM.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 Cougar68

Cougar68
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Clearwater Fl
  • Local time:03:37 PM

Posted 14 March 2009 - 02:00 PM

I also have these files

Microsoft Windows XP Home Edition Service Pack 3
5.01 build 2600 Service Pack 3
Username: Jerry
In groups: LOCAL Administrators Everyone Users None INTERACTIVE Authenticated Users
2009/03/14 12:21:31:218: Application Version: 1.9.3337.776
2009/03/14 12:21:31:296: Module Version: 1.0.3330.820
2009/03/14 12:21:31:296: Service Version: 1.9.3337.776
2009/03/14 12:21:31:296: ===============================================================
2009/03/14 12:21:31:328: Switching to PIEInProc.
2009/03/14 12:21:31:375: Checking for bad run key.
2009/03/14 12:21:31:406: Windows directory: C:\WINDOWS
2009/03/14 12:21:31:406: System directory: C:\WINDOWS\system32
2009/03/14 12:21:31:406: Program Files directory: C:\Program Files
2009/03/14 12:21:31:406: Application Data: C:\Documents and Settings\Jerry\Application Data
2009/03/14 12:21:31:406: User Profile: C:\Documents and Settings\Jerry
2009/03/14 12:21:31:406: User Temp: C:\DOCUME~1\Jerry\LOCALS~1\Temp\
2009/03/14 12:21:31:406: Start Menu: C:\Documents and Settings\Jerry\Start Menu
2009/03/14 12:21:31:406: User Desktop: C:\Documents and Settings\Jerry\Desktop
2009/03/14 12:21:31:406: Common Desktop: C:\Documents and Settings\All Users\Desktop
2009/03/14 12:21:31:406: Common Profile: C:\Documents and Settings\All Users
2009/03/14 12:21:31:406: SID set to: S-1-5-21-2000478354-2025429265-839522115-1004
2009/03/14 12:21:37:562: version was called, but is not defined in this dll version.
2009/03/14 12:21:37:562: Database Version:
2009/03/14 12:21:37:562: version was called, but is not defined in this dll version.
2009/03/14 12:21:37:562: Database Version:
2009/03/14 12:21:42:000: No command line.
2009/03/14 12:21:42:000: Parsing command line:
2009/03/14 12:21:42:000: launch
2009/03/14 12:21:42:015: OnitDialog...
2009/03/14 12:21:44:437: Checking for database update...
2009/03/14 12:21:46:406: Database Version: 11.3.2 1236708021
2009/03/14 12:21:46:437: Setting Timer to Hide Splash
2009/03/14 12:21:46:953: Hiding Splash
2009/03/14 12:22:51:593: Start Scan
2009/03/14 12:22:51:593: Scan options:
2009/03/14 12:22:51:593: Scan Active Processes
2009/03/14 12:22:51:593: Scan Windows Registry
2009/03/14 12:22:51:593: Scan Cookies
2009/03/14 12:22:51:593: Scan Files
2009/03/14 12:22:51:593: Clearing Volatile Lists.
2009/03/14 12:22:51:687: 32-bit Winsock LSP Map:
2009/03/14 12:22:51:687: No LSPs are installed
2009/03/14 12:22:51:718: Entering Process Scan
2009/03/14 12:23:24:531: Completed Process Scan
2009/03/14 12:23:24:531: PreDbScan
2009/03/14 12:23:24:750: ResultAdded[76210]: Adware, Admedia
2009/03/14 12:23:24:812: ResultAdded[76211]: Adware, Admedia
2009/03/14 12:23:24:906: ResultAdded[573531]: Adware, Agent
2009/03/14 12:23:24:906: ResultAdded[573532]: Adware, Agent
2009/03/14 12:23:24:906: ResultAdded[573533]: Adware, Agent
2009/03/14 12:23:24:906: ResultAdded[573534]: Adware, Agent
2009/03/14 12:23:24:906: ResultAdded[573535]: Adware, Agent
2009/03/14 12:23:24:921: ResultAdded[573536]: Adware, Agent
2009/03/14 12:23:24:921: ResultAdded[573537]: Adware, Agent
2009/03/14 12:23:24:921: ResultAdded[573538]: Adware, Agent
2009/03/14 12:23:24:921: ResultAdded[573539]: Adware, Agent
2009/03/14 12:23:24:937: ResultAdded[573540]: Adware, Agent
2009/03/14 12:23:24:937: ResultAdded[573541]: Adware, Agent
2009/03/14 12:23:24:937: ResultAdded[573542]: Adware, Agent
2009/03/14 12:23:24:937: ResultAdded[573543]: Adware, Agent
2009/03/14 12:23:24:937: ResultAdded[573544]: Adware, Agent
2009/03/14 12:23:24:953: ResultAdded[573545]: Adware, Agent
2009/03/14 12:23:24:968: ResultAdded[573546]: Adware, Agent
2009/03/14 12:23:24:968: ResultAdded[573547]: Adware, Agent
2009/03/14 12:23:24:984: ResultAdded[573548]: Adware, Agent
2009/03/14 12:23:24:984: ResultAdded[573549]: Adware, Agent
2009/03/14 12:23:24:984: ResultAdded[573550]: Adware, Agent
2009/03/14 12:23:24:984: ResultAdded[573551]: Adware, Agent
2009/03/14 12:23:25:000: ResultAdded[573552]: Adware, Agent
2009/03/14 12:23:25:312: ResultAdded[44879]: Adware, DealIO Toolbar
2009/03/14 12:23:25:328: ResultAdded[41037]: Adware, DealIO Toolbar
2009/03/14 12:23:25:343: ResultAdded[41042]: Adware, DealIO Toolbar
2009/03/14 12:23:26:125: ResultAdded[620429]: Adware, SmartShopper
2009/03/14 12:23:26:156: ResultAdded[45430]: Adware, SmartShopper
2009/03/14 12:23:26:187: ResultAdded[45432]: Adware, SmartShopper
2009/03/14 12:23:26:312: ResultAdded[78801]: Adware, Trymedia
2009/03/14 12:23:26:921: ResultAdded[567115]: Browser Helper Object, Hotbar
2009/03/14 12:23:30:015: 32-bit Winsock LSP Map:
2009/03/14 12:23:30:015: No LSPs are installed
2009/03/14 12:23:30:015: 32-bit Winsock LSP Map:
2009/03/14 12:23:30:015: No LSPs are installed
2009/03/14 12:23:30:015: 32-bit Winsock LSP Map:
2009/03/14 12:23:30:015: No LSPs are installed
2009/03/14 12:23:30:312: ResultAdded[379600]: Downloader, Agent
2009/03/14 12:23:30:562: ResultAdded[622725]: Downloader, BHO
2009/03/14 12:23:30:562: ResultAdded[622726]: Downloader, BHO
2009/03/14 12:23:31:000: ResultAdded[64752]: Downloader, Zlob
2009/03/14 12:23:31:015: ResultAdded[64753]: Downloader, Zlob
2009/03/14 12:23:31:125: ResultAdded[609196]: Downloader, Zlob
2009/03/14 12:23:31:968: ResultAdded[27405]: p2p, Grokster
2009/03/14 12:23:32:328: ResultAdded[624074]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:23:32:328: ResultAdded[624080]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:23:32:328: ResultAdded[623985]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:23:32:375: ResultAdded[623993]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:23:32:468: ResultAdded[623998]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:23:32:515: ResultAdded[623999]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:23:32:562: ResultAdded[624000]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:23:32:656: ResultAdded[624001]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:23:32:687: ResultAdded[624002]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:23:32:750: ResultAdded[624003]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:23:32:796: ResultAdded[624004]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:23:32:875: ResultAdded[624005]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:23:32:906: ResultAdded[624008]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:23:32:937: ResultAdded[624009]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:23:32:968: ResultAdded[624010]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:23:33:000: ResultAdded[624011]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:23:33:046: ResultAdded[624012]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:23:33:078: ResultAdded[624013]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:23:33:109: ResultAdded[624014]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:23:33:140: ResultAdded[624019]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:23:33:171: ResultAdded[624021]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:23:33:218: ResultAdded[624022]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:23:33:250: ResultAdded[624023]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:23:33:281: ResultAdded[624025]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:23:33:312: ResultAdded[624040]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:23:33:359: ResultAdded[624041]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:23:33:390: ResultAdded[624042]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:23:33:421: ResultAdded[624043]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:23:33:437: ResultAdded[624044]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:23:33:453: ResultAdded[624045]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:23:33:468: ResultAdded[624046]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:23:33:500: ResultAdded[624047]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:23:33:515: ResultAdded[624048]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:23:33:531: ResultAdded[624049]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:23:33:546: ResultAdded[624050]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:23:33:578: ResultAdded[624051]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:23:33:593: ResultAdded[624052]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:23:33:625: ResultAdded[624053]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:23:33:625: ResultAdded[624054]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:23:33:656: ResultAdded[624055]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:23:33:687: ResultAdded[624056]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:23:33:703: ResultAdded[624057]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:23:34:781: ResultAdded[620606]: Trojan, Pakes
2009/03/14 12:23:36:187: DeepScan
2009/03/14 12:23:36:187: IsBadEnough calculation:
2009/03/14 12:23:36:187: IsBadEnough: 1
2009/03/14 12:23:36:187: OptDeepScan: 0
2009/03/14 12:23:36:187: OptDeepScanScheduleScan: 1
2009/03/14 12:23:36:187: OptScheduleScan: 0
2009/03/14 12:23:36:187: PostScan
2009/03/14 12:23:36:281: Saving scan results...
2009/03/14 12:23:36:312: Building result tree.


Microsoft Windows XP Home Edition Service Pack 3
5.01 build 2600 Service Pack 3
Username: Jerry
In groups: LOCAL Administrators Everyone Users None INTERACTIVE Authenticated Users
2009/03/14 12:25:20:062: Application Version: 1.9.3337.776
2009/03/14 12:25:20:078: Module Version: 1.0.3330.820
2009/03/14 12:25:20:078: Service Version: 1.9.3337.776
2009/03/14 12:25:20:078: ===============================================================
2009/03/14 12:25:20:078: Switching to PIEInProc.
2009/03/14 12:25:20:078: Checking for bad run key.
2009/03/14 12:25:20:078: Windows directory: C:\WINDOWS
2009/03/14 12:25:20:078: System directory: C:\WINDOWS\system32
2009/03/14 12:25:20:078: Program Files directory: C:\Program Files
2009/03/14 12:25:20:078: Application Data: C:\Documents and Settings\Jerry\Application Data
2009/03/14 12:25:20:078: User Profile: C:\Documents and Settings\Jerry
2009/03/14 12:25:20:078: User Temp: C:\DOCUME~1\Jerry\LOCALS~1\Temp\
2009/03/14 12:25:20:078: Start Menu: C:\Documents and Settings\Jerry\Start Menu
2009/03/14 12:25:20:078: User Desktop: C:\Documents and Settings\Jerry\Desktop
2009/03/14 12:25:20:078: Common Desktop: C:\Documents and Settings\All Users\Desktop
2009/03/14 12:25:20:078: Common Profile: C:\Documents and Settings\All Users
2009/03/14 12:25:20:078: SID set to: S-1-5-21-2000478354-2025429265-839522115-1004
2009/03/14 12:25:25:531: version was called, but is not defined in this dll version.
2009/03/14 12:25:25:531: Database Version:
2009/03/14 12:25:25:531: version was called, but is not defined in this dll version.
2009/03/14 12:25:25:531: Database Version:
2009/03/14 12:25:28:875: Loading Scan Results...
2009/03/14 12:25:28:890: ResultAdded[76210]: Adware, Admedia
2009/03/14 12:25:28:890: ResultAdded[76211]: Adware, Admedia
2009/03/14 12:25:28:890: ResultAdded[573531]: Adware, Agent
2009/03/14 12:25:28:890: ResultAdded[573532]: Adware, Agent
2009/03/14 12:25:28:890: ResultAdded[573533]: Adware, Agent
2009/03/14 12:25:28:890: ResultAdded[573534]: Adware, Agent
2009/03/14 12:25:28:890: ResultAdded[573535]: Adware, Agent
2009/03/14 12:25:28:890: ResultAdded[573536]: Adware, Agent
2009/03/14 12:25:28:890: ResultAdded[573537]: Adware, Agent
2009/03/14 12:25:28:890: ResultAdded[573538]: Adware, Agent
2009/03/14 12:25:28:890: ResultAdded[573539]: Adware, Agent
2009/03/14 12:25:28:890: ResultAdded[573540]: Adware, Agent
2009/03/14 12:25:28:890: ResultAdded[573541]: Adware, Agent
2009/03/14 12:25:28:890: ResultAdded[573542]: Adware, Agent
2009/03/14 12:25:28:890: ResultAdded[573543]: Adware, Agent
2009/03/14 12:25:28:890: ResultAdded[573544]: Adware, Agent
2009/03/14 12:25:28:890: ResultAdded[573545]: Adware, Agent
2009/03/14 12:25:28:890: ResultAdded[573546]: Adware, Agent
2009/03/14 12:25:28:890: ResultAdded[573547]: Adware, Agent
2009/03/14 12:25:28:890: ResultAdded[573548]: Adware, Agent
2009/03/14 12:25:28:890: ResultAdded[573549]: Adware, Agent
2009/03/14 12:25:28:890: ResultAdded[573550]: Adware, Agent
2009/03/14 12:25:28:890: ResultAdded[573551]: Adware, Agent
2009/03/14 12:25:28:890: ResultAdded[573552]: Adware, Agent
2009/03/14 12:25:28:890: ResultAdded[44879]: Adware, DealIO Toolbar
2009/03/14 12:25:28:890: ResultAdded[41037]: Adware, DealIO Toolbar
2009/03/14 12:25:28:890: ResultAdded[41042]: Adware, DealIO Toolbar
2009/03/14 12:25:28:890: ResultAdded[620429]: Adware, SmartShopper
2009/03/14 12:25:28:890: ResultAdded[45430]: Adware, SmartShopper
2009/03/14 12:25:28:890: ResultAdded[45432]: Adware, SmartShopper
2009/03/14 12:25:28:890: ResultAdded[78801]: Adware, Trymedia
2009/03/14 12:25:28:890: ResultAdded[567115]: Browser Helper Object, Hotbar
2009/03/14 12:25:28:890: ResultAdded[379600]: Downloader, Agent
2009/03/14 12:25:28:890: ResultAdded[622725]: Downloader, BHO
2009/03/14 12:25:28:890: ResultAdded[622726]: Downloader, BHO
2009/03/14 12:25:28:890: ResultAdded[64752]: Downloader, Zlob
2009/03/14 12:25:28:890: ResultAdded[64753]: Downloader, Zlob
2009/03/14 12:25:28:890: ResultAdded[609196]: Downloader, Zlob
2009/03/14 12:25:28:906: ResultAdded[27405]: p2p, Grokster
2009/03/14 12:25:28:906: ResultAdded[624074]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:25:28:906: ResultAdded[624080]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:25:28:906: ResultAdded[623985]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:25:28:906: ResultAdded[623993]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:25:28:906: ResultAdded[623998]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:25:28:906: ResultAdded[623999]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:25:28:906: ResultAdded[624000]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:25:28:906: ResultAdded[624001]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:25:28:906: ResultAdded[624002]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:25:28:906: ResultAdded[624003]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:25:28:906: ResultAdded[624004]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:25:28:906: ResultAdded[624005]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:25:28:906: ResultAdded[624008]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:25:28:906: ResultAdded[624009]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:25:28:906: ResultAdded[624010]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:25:28:906: ResultAdded[624011]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:25:28:906: ResultAdded[624012]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:25:28:906: ResultAdded[624013]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:25:28:921: ResultAdded[624014]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:25:28:921: ResultAdded[624019]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:25:28:921: ResultAdded[624021]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:25:28:921: ResultAdded[624022]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:25:28:921: ResultAdded[624023]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:25:28:921: ResultAdded[624025]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:25:28:921: ResultAdded[624040]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:25:28:921: ResultAdded[624041]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:25:28:921: ResultAdded[624042]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:25:28:921: ResultAdded[624043]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:25:28:921: ResultAdded[624044]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:25:28:921: ResultAdded[624045]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:25:28:921: ResultAdded[624046]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:25:28:921: ResultAdded[624047]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:25:28:921: ResultAdded[624048]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:25:28:921: ResultAdded[624049]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:25:28:921: ResultAdded[624050]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:25:28:921: ResultAdded[624051]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:25:28:921: ResultAdded[624052]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:25:28:921: ResultAdded[624053]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:25:28:921: ResultAdded[624054]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:25:28:921: ResultAdded[624055]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:25:28:921: ResultAdded[624056]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:25:28:921: ResultAdded[624057]: Rogue AntiSpyware, Adware Eradicator
2009/03/14 12:25:28:921: ResultAdded[620606]: Trojan, Pakes
2009/03/14 12:25:28:921: No command line.
2009/03/14 12:26:18:203: Parsing command line:
2009/03/14 12:26:18:203: launch
2009/03/14 12:26:18:203: OnitDialog...
2009/03/14 12:26:20:578: Checking for database update...
2009/03/14 12:26:22:718: Database Version: 11.3.2 1236708021
2009/03/14 12:26:22:718: Setting Timer to Hide Splash
2009/03/14 12:26:23:234: Hiding Splash
2009/03/14 12:27:36:234: Saving scan results...
2009/03/14 12:27:36:265: Building result tree.
2009/03/14 12:27:42:750: Quarantining items: debug version 1.0
2009/03/14 12:27:42:750: Selecting quarantine folder: C:\Documents and Settings\Jerry\Application Data\MalwareRemovalBot\Quarantine\14-03-2009-12-27-42
2009/03/14 12:30:32:265: Quarantining items: debug version 1.0
2009/03/14 12:30:32:265: Selecting quarantine folder: C:\Documents and Settings\Jerry\Application Data\MalwareRemovalBot\Quarantine\14-03-2009-12-30-32
2009/03/14 12:58:24:875: Driver check:
2009/03/14 12:58:24:875: SC manager open.
2009/03/14 12:58:24:875: MalwareRemovalBot not found. Attemping install.
2009/03/14 12:58:24:875: Checking for C:\Program Files\MalwareRemovalBot\FilterDrv\MalwareRemovalBot.inf
2009/03/14 12:58:24:875: StartDriver:
2009/03/14 12:58:24:875: This is a driver version.
2009/03/14 12:58:24:875: Channel: \AntiSpyFilter
2009/03/14 12:58:24:906: SC manager open.
2009/03/14 12:58:24:906: Driver is not connected.
2009/03/14 12:58:24:906: Component check complete.
2009/03/14 12:58:45:625: Database Version: 11.3.2 1236708021
2009/03/14 12:58:45:640: Database Version: 11.3.2 1236708021
2009/03/14 12:59:42:671: Saving scan results...
2009/03/14 12:59:42:703: Building result tree.
2009/03/14 12:59:46:937: Quarantining items: debug version 1.0
2009/03/14 12:59:46:937: Selecting quarantine folder: C:\Documents and Settings\Jerry\Application Data\MalwareRemovalBot\Quarantine\14-03-2009-12-59-46
2009/03/14 12:59:46:937: Component check complete.
2009/03/14 12:59:47:750: Thread created.
2009/03/14 12:59:47:750: PreQuarantine
2009/03/14 12:59:47:750: Regisry item: Path: hkey_classes_root\interface\{e3ed53c5-7ad5-4df5-9734-afb6e7e5d9db}\proxystubclsid\
2009/03/14 12:59:47:781: Regisry item: Path: HKEY_CLASSES_ROOT\INTERFACE\{E3ED53C5-7AD5-4DF5-9734-AFB6E7E5D9DB}\PROXYSTUBCLSID
2009/03/14 12:59:47:781: Regisry item: Path: hkey_classes_root\interface\{e3ed53c5-7ad5-4df5-9734-afb6e7e5d9db}\proxystubclsid32\
2009/03/14 12:59:47:796: Regisry item: Path: HKEY_CLASSES_ROOT\INTERFACE\{E3ED53C5-7AD5-4DF5-9734-AFB6E7E5D9DB}\PROXYSTUBCLSID32
2009/03/14 12:59:47:796: Regisry item: Path: hkey_classes_root\interface\{e3ed53c5-7ad5-4df5-9734-afb6e7e5d9db}\typelib\
2009/03/14 12:59:47:796: Regisry item: Path: hkey_classes_root\interface\{e3ed53c5-7ad5-4df5-9734-afb6e7e5d9db}\typelib\Version
2009/03/14 12:59:47:796: Regisry item: Path: HKEY_CLASSES_ROOT\INTERFACE\{E3ED53C5-7AD5-4DF5-9734-AFB6E7E5D9DB}\TYPELIB
2009/03/14 12:59:47:796: Regisry item: Path: hkey_classes_root\interface\{e3ed53c5-7ad5-4df5-9734-afb6e7e5d9db}\
2009/03/14 12:59:47:796: Regisry item: Path: HKEY_CLASSES_ROOT\INTERFACE\{E3ED53C5-7AD5-4DF5-9734-AFB6E7E5D9DB}
2009/03/14 12:59:47:796: Regisry item: Path: hkey_classes_root\typelib\{495874fe-4a82-4ad1-9476-0b957e0b95eb}\1.0\0\win32\
2009/03/14 12:59:47:796: Regisry item: Path: HKEY_CLASSES_ROOT\TYPELIB\{495874FE-4A82-4AD1-9476-0B957E0B95EB}\1.0\0\WIN32
2009/03/14 12:59:47:812: Regisry item: Path: HKEY_CLASSES_ROOT\TYPELIB\{495874FE-4A82-4AD1-9476-0B957E0B95EB}\1.0\0
2009/03/14 12:59:47:812: Regisry item: Path: hkey_classes_root\typelib\{495874fe-4a82-4ad1-9476-0b957e0b95eb}\1.0\flags\
2009/03/14 12:59:47:812: Regisry item: Path: HKEY_CLASSES_ROOT\TYPELIB\{495874FE-4A82-4AD1-9476-0B957E0B95EB}\1.0\FLAGS
2009/03/14 12:59:47:812: Regisry item: Path: hkey_classes_root\typelib\{495874fe-4a82-4ad1-9476-0b957e0b95eb}\1.0\helpdir\
2009/03/14 12:59:47:812: Regisry item: Path: HKEY_CLASSES_ROOT\TYPELIB\{495874FE-4A82-4AD1-9476-0B957E0B95EB}\1.0\HELPDIR
2009/03/14 12:59:47:812: Regisry item: Path: hkey_classes_root\typelib\{495874fe-4a82-4ad1-9476-0b957e0b95eb}\1.0\
2009/03/14 12:59:47:812: Regisry item: Path: HKEY_CLASSES_ROOT\TYPELIB\{495874FE-4A82-4AD1-9476-0B957E0B95EB}\1.0
2009/03/14 12:59:47:812: Regisry item: Path: HKEY_CLASSES_ROOT\TYPELIB\{495874FE-4A82-4AD1-9476-0B957E0B95EB}
2009/03/14 12:59:47:812: File item: Path: C:\WINDOWS\tasks\at10.job
2009/03/14 12:59:47:812: File item: Path: C:\WINDOWS\tasks\at11.job
2009/03/14 12:59:47:812: File item: Path: C:\WINDOWS\tasks\at12.job
2009/03/14 12:59:47:812: File item: Path: C:\WINDOWS\tasks\at13.job
2009/03/14 12:59:47:828: File item: Path: C:\WINDOWS\tasks\at14.job
2009/03/14 12:59:47:828: File item: Path: C:\WINDOWS\tasks\at15.job
2009/03/14 12:59:47:828: File item: Path: C:\WINDOWS\tasks\at16.job
2009/03/14 12:59:47:828: File item: Path: C:\WINDOWS\tasks\at17.job
2009/03/14 12:59:47:828: File item: Path: C:\WINDOWS\tasks\at18.job
2009/03/14 12:59:47:828: File item: Path: C:\WINDOWS\tasks\at19.job
2009/03/14 12:59:47:828: File item: Path: C:\WINDOWS\tasks\at20.job
2009/03/14 12:59:47:828: File item: Path: C:\WINDOWS\tasks\at21.job
2009/03/14 12:59:47:828: File item: Path: C:\WINDOWS\tasks\at22.job
2009/03/14 12:59:47:828: File item: Path: C:\WINDOWS\tasks\at23.job
2009/03/14 12:59:47:828: File item: Path: C:\WINDOWS\tasks\at24.job
2009/03/14 12:59:47:828: File item: Path: C:\WINDOWS\tasks\at3.job
2009/03/14 12:59:47:828: File item: Path: C:\WINDOWS\tasks\at4.job
2009/03/14 12:59:47:828: File item: Path: C:\WINDOWS\tasks\at5.job
2009/03/14 12:59:47:828: File item: Path: C:\WINDOWS\tasks\at6.job
2009/03/14 12:59:47:828: File item: Path: C:\WINDOWS\tasks\at7.job
2009/03/14 12:59:47:828: File item: Path: C:\WINDOWS\tasks\at8.job
2009/03/14 12:59:47:843: File item: Path: C:\WINDOWS\tasks\at9.job
2009/03/14 12:59:47:843: Regisry item: Path: hkey_current_user\software\microsoft\internet explorer\toolbar\webbrowser\{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}
2009/03/14 12:59:47:843: Regisry item: Path: hkey_current_user\software\microsoft\windows\currentversion\ext\stats\{6a87b991-a31f-4130-ae72-6d0c294bf082}\iexplore\Type
2009/03/14 12:59:47:843: Regisry item: Path: hkey_current_user\software\microsoft\windows\currentversion\ext\stats\{6a87b991-a31f-4130-ae72-6d0c294bf082}\iexplore\Flags
2009/03/14 12:59:47:843: Regisry item: Path: hkey_current_user\software\microsoft\windows\currentversion\ext\stats\{6a87b991-a31f-4130-ae72-6d0c294bf082}\iexplore\Count
2009/03/14 12:59:47:843: Regisry item: Path: hkey_current_user\software\microsoft\windows\currentversion\ext\stats\{6a87b991-a31f-4130-ae72-6d0c294bf082}\iexplore\Time
2009/03/14 12:59:47:843: Regisry item: Path: HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{6A87B991-A31F-4130-AE72-6D0C294BF082}\IEXPLORE
2009/03/14 12:59:47:843: Regisry item: Path: HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{6A87B991-A31F-4130-AE72-6D0C294BF082}
2009/03/14 12:59:47:843: Regisry item: Path: hkey_current_user\software\microsoft\windows\currentversion\ext\stats\{e908b145-c847-4e85-b315-07e2e70decf8}\iexplore\Type
2009/03/14 12:59:47:843: Regisry item: Path: hkey_current_user\software\microsoft\windows\currentversion\ext\stats\{e908b145-c847-4e85-b315-07e2e70decf8}\iexplore\Flags
2009/03/14 12:59:47:843: Regisry item: Path: hkey_current_user\software\microsoft\windows\currentversion\ext\stats\{e908b145-c847-4e85-b315-07e2e70decf8}\iexplore\Count
2009/03/14 12:59:47:859: Regisry item: Path: hkey_current_user\software\microsoft\windows\currentversion\ext\stats\{e908b145-c847-4e85-b315-07e2e70decf8}\iexplore\Time
2009/03/14 12:59:47:875: Regisry item: Path: HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{E908B145-C847-4E85-B315-07E2E70DECF8}\IEXPLORE
2009/03/14 12:59:47:875: Regisry item: Path: HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{E908B145-C847-4E85-B315-07E2E70DECF8}
2009/03/14 12:59:47:875: Regisry item: Path: hkey_current_user\software\microsoft\windows\currentversion\ext\stats\{4a7c84e2-e95c-43c6-8dd3-03abcd0eb60e}\iexplore\Type
2009/03/14 12:59:47:875: Regisry item: Path: hkey_current_user\software\microsoft\windows\currentversion\ext\stats\{4a7c84e2-e95c-43c6-8dd3-03abcd0eb60e}\iexplore\Flags
2009/03/14 12:59:47:890: Regisry item: Path: hkey_current_user\software\microsoft\windows\currentversion\ext\stats\{4a7c84e2-e95c-43c6-8dd3-03abcd0eb60e}\iexplore\Count
2009/03/14 12:59:47:890: Regisry item: Path: hkey_current_user\software\microsoft\windows\currentversion\ext\stats\{4a7c84e2-e95c-43c6-8dd3-03abcd0eb60e}\iexplore\Time
2009/03/14 12:59:47:906: Regisry item: Path: hkey_current_user\software\microsoft\windows\currentversion\ext\stats\{4a7c84e2-e95c-43c6-8dd3-03abcd0eb60e}\iexplore\Blocked
2009/03/14 12:59:47:906: Regisry item: Path: HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{4A7C84E2-E95C-43C6-8DD3-03ABCD0EB60E}\IEXPLORE
2009/03/14 12:59:47:906: Regisry item: Path: HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{4A7C84E2-E95C-43C6-8DD3-03ABCD0EB60E}
2009/03/14 12:59:47:906: Regisry item: Path: hkey_current_user\software\microsoft\windows\currentversion\ext\stats\{3cc3d8fe-f0e0-4dd1-a69a-8c56bcc7bebf}\iexplore\Type
2009/03/14 12:59:47:906: Regisry item: Path: hkey_current_user\software\microsoft\windows\currentversion\ext\stats\{3cc3d8fe-f0e0-4dd1-a69a-8c56bcc7bebf}\iexplore\Flags
2009/03/14 12:59:47:906: Regisry item: Path: hkey_current_user\software\microsoft\windows\currentversion\ext\stats\{3cc3d8fe-f0e0-4dd1-a69a-8c56bcc7bebf}\iexplore\Count
2009/03/14 12:59:47:906: Regisry item: Path: hkey_current_user\software\microsoft\windows\currentversion\ext\stats\{3cc3d8fe-f0e0-4dd1-a69a-8c56bcc7bebf}\iexplore\Time
2009/03/14 12:59:47:906: Regisry item: Path: hkey_current_user\software\microsoft\windows\currentversion\ext\stats\{3cc3d8fe-f0e0-4dd1-a69a-8c56bcc7bebf}\iexplore\Blocked
2009/03/14 12:59:47:906: Regisry item: Path: HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{3CC3D8FE-F0E0-4DD1-A69A-8C56BCC7BEBF}\IEXPLORE
2009/03/14 12:59:47:906: Regisry item: Path: HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{3CC3D8FE-F0E0-4DD1-A69A-8C56BCC7BEBF}
2009/03/14 12:59:47:921: Regisry item: Path: hkey_current_user\software\microsoft\windows\currentversion\ext\stats\{3cc3d8fe-f0e0-4dd1-a69a-8c56bcc7bec0}\iexplore\Type
2009/03/14 12:59:47:921: Regisry item: Path: hkey_current_user\software\microsoft\windows\currentversion\ext\stats\{3cc3d8fe-f0e0-4dd1-a69a-8c56bcc7bec0}\iexplore\Flags
2009/03/14 12:59:47:921: Regisry item: Path: hkey_current_user\software\microsoft\windows\currentversion\ext\stats\{3cc3d8fe-f0e0-4dd1-a69a-8c56bcc7bec0}\iexplore\Count
2009/03/14 12:59:47:921: Regisry item: Path: hkey_current_user\software\microsoft\windows\currentversion\ext\stats\{3cc3d8fe-f0e0-4dd1-a69a-8c56bcc7bec0}\iexplore\Time
2009/03/14 12:59:47:921: Regisry item: Path: hkey_current_user\software\microsoft\windows\currentversion\ext\stats\{3cc3d8fe-f0e0-4dd1-a69a-8c56bcc7bec0}\iexplore\Blocked
2009/03/14 12:59:47:921: Regisry item: Path: HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{3CC3D8FE-F0E0-4DD1-A69A-8C56BCC7BEC0}\IEXPLORE
2009/03/14 12:59:47:921: Regisry item: Path: HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{3CC3D8FE-F0E0-4DD1-A69A-8C56BCC7BEC0}
2009/03/14 12:59:47:937: Regisry item: Path: hkey_local_machine\software\trymedia systems\activemark software\242d2576b02c2c85df254147c9930eb0\path
2009/03/14 12:59:47:937: Regisry item: Path: hkey_local_machine\software\trymedia systems\activemark software\242d2576b02c2c85df254147c9930eb0\currency
2009/03/14 12:59:47:937: Regisry item: Path: hkey_local_machine\software\trymedia systems\activemark software\242d2576b02c2c85df254147c9930eb0\price
2009/03/14 12:59:47:953: Regisry item: Path: HKEY_LOCAL_MACHINE\SOFTWARE\TRYMEDIA SYSTEMS\ACTIVEMARK SOFTWARE\242D2576B02C2C85DF254147C9930EB0
2009/03/14 12:59:47:953: Regisry item: Path: HKEY_LOCAL_MACHINE\SOFTWARE\TRYMEDIA SYSTEMS\ACTIVEMARK SOFTWARE
2009/03/14 12:59:47:953: Regisry item: Path: HKEY_LOCAL_MACHINE\SOFTWARE\TRYMEDIA SYSTEMS
2009/03/14 12:59:47:953: Regisry item: Path: hkey_current_user\software\microsoft\internet explorer\toolbar\webbrowser\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}
2009/03/14 12:59:47:968: Regisry item: Path: hkey_local_machine\system\currentcontrolset\services\lanmandrv\security\Security
2009/03/14 12:59:47:984: Regisry item: Path: HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\LANMANDRV\SECURITY
2009/03/14 12:59:47:984: Regisry item: Path: hkey_local_machine\system\currentcontrolset\services\lanmandrv\Type
2009/03/14 12:59:47:984: Regisry item: Path: hkey_local_machine\system\currentcontrolset\services\lanmandrv\Start
2009/03/14 12:59:48:000: Regisry item: Path: hkey_local_machine\system\currentcontrolset\services\lanmandrv\ErrorControl
2009/03/14 12:59:48:000: Regisry item: Path: hkey_local_machine\system\currentcontrolset\services\lanmandrv\ImagePath
2009/03/14 12:59:48:000: Regisry item: Path: hkey_local_machine\system\currentcontrolset\services\lanmandrv\DisplayName
2009/03/14 12:59:48:000: Regisry item: Path: HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\LANMANDRV
2009/03/14 12:59:48:015: Regisry item: Path: hkey_current_user\software\microsoft\windows\AIM
2009/03/14 12:59:48:015: Regisry item: Path: hkey_current_user\software\microsoft\windows\VRSIN
2009/03/14 12:59:48:015: File item: Path: C:\WINDOWS\tasks\at1.job
2009/03/14 12:59:48:031: File item: Path: C:\WINDOWS\tasks\at2.job
2009/03/14 12:59:48:031: Regisry item: Path: hkey_current_user\software\xml\dig15
2009/03/14 12:59:48:031: Regisry item: Path: hkey_current_user\software\xml\dig4
2009/03/14 12:59:48:031: Regisry item: Path: hkey_current_user\software\xml\dig5
2009/03/14 12:59:48:031: Regisry item: Path: hkey_current_user\software\xml\dig20
2009/03/14 12:59:48:031: Regisry item: Path: hkey_current_user\software\xml\dig25
2009/03/14 12:59:48:031: Regisry item: Path: hkey_current_user\software\xml\dig10
2009/03/14 12:59:48:031: Regisry item: Path: hkey_current_user\software\xml\str6
2009/03/14 12:59:48:031: Regisry item: Path: hkey_current_user\software\xml\str7
2009/03/14 12:59:48:031: Regisry item: Path: hkey_current_user\software\xml\str8
2009/03/14 12:59:48:031: Regisry item: Path: hkey_current_user\software\xml\str9
2009/03/14 12:59:48:046: Regisry item: Path: hkey_current_user\software\xml\str10
2009/03/14 12:59:48:062: Regisry item: Path: hkey_current_user\software\xml\str13
2009/03/14 12:59:48:062: Regisry item: Path: hkey_current_user\software\xml\str1
2009/03/14 12:59:48:062: Regisry item: Path: hkey_current_user\software\xml\str2
2009/03/14 12:59:48:062: Regisry item: Path: hkey_current_user\software\xml\str5
2009/03/14 12:59:48:062: Regisry item: Path: hkey_current_user\software\xml\dig7
2009/03/14 12:59:48:062: Regisry item: Path: hkey_current_user\software\xml\dig8
2009/03/14 12:59:48:062: Regisry item: Path: hkey_current_user\software\xml\dig6
2009/03/14 12:59:48:062: Regisry item: Path: hkey_current_user\software\xml\str16
2009/03/14 12:59:48:062: Regisry item: Path: hkey_current_user\software\xml\str17
2009/03/14 12:59:48:062: Regisry item: Path: hkey_current_user\software\xml\str19
2009/03/14 12:59:48:078: Regisry item: Path: hkey_current_user\software\xml\dig18
2009/03/14 12:59:48:078: Regisry item: Path: hkey_current_user\software\xml\dig17
2009/03/14 12:59:48:078: Regisry item: Path: hkey_current_user\software\xml\str22
2009/03/14 12:59:48:078: Regisry item: Path: hkey_current_user\software\xml\str23
2009/03/14 12:59:48:078: Regisry item: Path: hkey_current_user\software\xml\str25
2009/03/14 12:59:48:093: Regisry item: Path: hkey_current_user\software\xml\str26
2009/03/14 12:59:48:093: Regisry item: Path: hkey_current_user\software\xml\dig24
2009/03/14 12:59:48:093: Regisry item: Path: hkey_current_user\software\xml\dig23
2009/03/14 12:59:48:093: Regisry item: Path: hkey_current_user\software\xml\str130
2009/03/14 12:59:48:093: Regisry item: Path: hkey_current_user\software\xml\str15
2009/03/14 12:59:48:093: Regisry item: Path: hkey_current_user\software\xml\str128
2009/03/14 12:59:48:093: Regisry item: Path: hkey_current_user\software\xml\str129
2009/03/14 12:59:48:093: Regisry item: Path: hkey_current_user\software\xml\dig3
2009/03/14 12:59:48:093: Regisry item: Path: hkey_current_user\software\xml\str14
2009/03/14 12:59:48:093: Regisry item: Path: hkey_current_user\software\xml\str0
2009/03/14 12:59:48:109: Regisry item: Path: hkey_current_user\software\xml\dig21
2009/03/14 12:59:48:109: Regisry item: Path: HKEY_CURRENT_USER\SOFTWARE\XML
2009/03/14 12:59:48:109: Regisry item: Path: hkey_classes_root\magnet\content type\
2009/03/14 12:59:48:109: Regisry item: Path: HKEY_CLASSES_ROOT\MAGNET\CONTENT TYPE
2009/03/14 12:59:48:109: Regisry item: Path: hkey_classes_root\magnet\defaulticon\
2009/03/14 12:59:48:109: Regisry item: Path: HKEY_CLASSES_ROOT\MAGNET\DEFAULTICON
2009/03/14 12:59:48:109: Regisry item: Path: hkey_classes_root\magnet\shell\open\command\
2009/03/14 12:59:48:109: Regisry item: Path: HKEY_CLASSES_ROOT\MAGNET\SHELL\OPEN\COMMAND
2009/03/14 12:59:48:109: Regisry item: Path: HKEY_CLASSES_ROOT\MAGNET\SHELL\OPEN
2009/03/14 12:59:48:109: Regisry item: Path: hkey_classes_root\magnet\shell\
2009/03/14 12:59:48:109: Regisry item: Path: HKEY_CLASSES_ROOT\MAGNET\SHELL
2009/03/14 12:59:48:125: Regisry item: Path: hkey_classes_root\magnet\\
2009/03/14 12:59:48:140: Regisry item: Path: hkey_classes_root\magnet\\URL Protocol
2009/03/14 12:59:48:156: Regisry item: Path: HKEY_CLASSES_ROOT\MAGNET\
2009/03/14 12:59:48:203: File item: Path: C:\WINDOWS\system32\xceedcry.dll
2009/03/14 12:59:48:218: Regisry item: Path: hkey_local_machine\software\microsoft\windows\currentversion\shareddlls\C:\WINDOWS\system32\XceedCry.dll
2009/03/14 12:59:48:218: Regisry item: Path: hkey_classes_root\clsid\{231d1cf6-c578-411d-9b9b-48264355805d}\inprocserver32\
2009/03/14 12:59:48:281: Regisry item: Path: hkey_classes_root\clsid\{231d1cf6-c578-411d-9b9b-48264355805d}\inprocserver32\ThreadingModel
2009/03/14 12:59:48:281: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{231D1CF6-C578-411D-9B9B-48264355805D}\INPROCSERVER32
2009/03/14 12:59:48:312: Regisry item: Path: hkey_classes_root\clsid\{231d1cf6-c578-411d-9b9b-48264355805d}\progid\
2009/03/14 12:59:48:312: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{231D1CF6-C578-411D-9B9B-48264355805D}\PROGID
2009/03/14 12:59:48:312: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{231D1CF6-C578-411D-9B9B-48264355805D}\PROGRAMMABLE
2009/03/14 12:59:48:312: Regisry item: Path: hkey_classes_root\clsid\{231d1cf6-c578-411d-9b9b-48264355805d}\typelib\
2009/03/14 12:59:48:312: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{231D1CF6-C578-411D-9B9B-48264355805D}\TYPELIB
2009/03/14 12:59:48:312: Regisry item: Path: hkey_classes_root\clsid\{231d1cf6-c578-411d-9b9b-48264355805d}\versionindependentprogid\
2009/03/14 12:59:48:328: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{231D1CF6-C578-411D-9B9B-48264355805D}\VERSIONINDEPENDENTPROGID
2009/03/14 12:59:48:328: Regisry item: Path: hkey_classes_root\clsid\{231d1cf6-c578-411d-9b9b-48264355805d}\
2009/03/14 12:59:48:343: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{231D1CF6-C578-411D-9B9B-48264355805D}
2009/03/14 12:59:48:343: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{7EC04D5B-19A8-45EE-BCB0-6FE0067F9468}\CONTROL
2009/03/14 12:59:48:343: Regisry item: Path: hkey_classes_root\clsid\{7ec04d5b-19a8-45ee-bcb0-6fe0067f9468}\inprocserver32\
2009/03/14 12:59:48:359: Regisry item: Path: hkey_classes_root\clsid\{7ec04d5b-19a8-45ee-bcb0-6fe0067f9468}\inprocserver32\ThreadingModel
2009/03/14 12:59:48:359: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{7EC04D5B-19A8-45EE-BCB0-6FE0067F9468}\INPROCSERVER32
2009/03/14 12:59:48:359: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{7EC04D5B-19A8-45EE-BCB0-6FE0067F9468}\INSERTABLE
2009/03/14 12:59:48:359: Regisry item: Path: hkey_classes_root\clsid\{7ec04d5b-19a8-45ee-bcb0-6fe0067f9468}\miscstatus\1\
2009/03/14 12:59:48:359: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{7EC04D5B-19A8-45EE-BCB0-6FE0067F9468}\MISCSTATUS\1
2009/03/14 12:59:48:359: Regisry item: Path: hkey_classes_root\clsid\{7ec04d5b-19a8-45ee-bcb0-6fe0067f9468}\miscstatus\
2009/03/14 12:59:48:359: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{7EC04D5B-19A8-45EE-BCB0-6FE0067F9468}\MISCSTATUS
2009/03/14 12:59:48:359: Regisry item: Path: hkey_classes_root\clsid\{7ec04d5b-19a8-45ee-bcb0-6fe0067f9468}\progid\
2009/03/14 12:59:48:359: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{7EC04D5B-19A8-45EE-BCB0-6FE0067F9468}\PROGID
2009/03/14 12:59:48:359: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{7EC04D5B-19A8-45EE-BCB0-6FE0067F9468}\PROGRAMMABLE
2009/03/14 12:59:48:375: Regisry item: Path: hkey_classes_root\clsid\{7ec04d5b-19a8-45ee-bcb0-6fe0067f9468}\toolboxbitmap32\
2009/03/14 12:59:48:375: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{7EC04D5B-19A8-45EE-BCB0-6FE0067F9468}\TOOLBOXBITMAP32
2009/03/14 12:59:48:375: Regisry item: Path: hkey_classes_root\clsid\{7ec04d5b-19a8-45ee-bcb0-6fe0067f9468}\typelib\
2009/03/14 12:59:48:375: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{7EC04D5B-19A8-45EE-BCB0-6FE0067F9468}\TYPELIB
2009/03/14 12:59:48:375: Regisry item: Path: hkey_classes_root\clsid\{7ec04d5b-19a8-45ee-bcb0-6fe0067f9468}\version\
2009/03/14 12:59:48:375: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{7EC04D5B-19A8-45EE-BCB0-6FE0067F9468}\VERSION
2009/03/14 12:59:48:375: Regisry item: Path: hkey_classes_root\clsid\{7ec04d5b-19a8-45ee-bcb0-6fe0067f9468}\versionindependentprogid\
2009/03/14 12:59:48:375: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{7EC04D5B-19A8-45EE-BCB0-6FE0067F9468}\VERSIONINDEPENDENTPROGID
2009/03/14 12:59:48:375: Regisry item: Path: hkey_classes_root\clsid\{7ec04d5b-19a8-45ee-bcb0-6fe0067f9468}\
2009/03/14 12:59:48:375: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{7EC04D5B-19A8-45EE-BCB0-6FE0067F9468}
2009/03/14 12:59:48:375: Regisry item: Path: hkey_classes_root\clsid\{90fdb7bd-eb76-4ac9-8385-d1ee80bbcdcd}\inprocserver32\
2009/03/14 12:59:48:390: Regisry item: Path: hkey_classes_root\clsid\{90fdb7bd-eb76-4ac9-8385-d1ee80bbcdcd}\inprocserver32\ThreadingModel
2009/03/14 12:59:48:390: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{90FDB7BD-EB76-4AC9-8385-D1EE80BBCDCD}\INPROCSERVER32
2009/03/14 12:59:48:390: Regisry item: Path: hkey_classes_root\clsid\{90fdb7bd-eb76-4ac9-8385-d1ee80bbcdcd}\progid\
2009/03/14 12:59:48:390: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{90FDB7BD-EB76-4AC9-8385-D1EE80BBCDCD}\PROGID
2009/03/14 12:59:48:390: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{90FDB7BD-EB76-4AC9-8385-D1EE80BBCDCD}\PROGRAMMABLE
2009/03/14 12:59:48:390: Regisry item: Path: hkey_classes_root\clsid\{90fdb7bd-eb76-4ac9-8385-d1ee80bbcdcd}\typelib\
2009/03/14 12:59:48:390: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{90FDB7BD-EB76-4AC9-8385-D1EE80BBCDCD}\TYPELIB
2009/03/14 12:59:48:390: Regisry item: Path: hkey_classes_root\clsid\{90fdb7bd-eb76-4ac9-8385-d1ee80bbcdcd}\versionindependentprogid\
2009/03/14 12:59:48:390: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{90FDB7BD-EB76-4AC9-8385-D1EE80BBCDCD}\VERSIONINDEPENDENTPROGID
2009/03/14 12:59:48:390: Regisry item: Path: hkey_classes_root\clsid\{90fdb7bd-eb76-4ac9-8385-d1ee80bbcdcd}\
2009/03/14 12:59:48:406: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{90FDB7BD-EB76-4AC9-8385-D1EE80BBCDCD}
2009/03/14 12:59:48:421: Regisry item: Path: hkey_classes_root\clsid\{a02a65c1-50e4-4e5d-b9d0-625d5debc671}\inprocserver32\
2009/03/14 12:59:48:421: Regisry item: Path: hkey_classes_root\clsid\{a02a65c1-50e4-4e5d-b9d0-625d5debc671}\inprocserver32\ThreadingModel
2009/03/14 12:59:48:421: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{A02A65C1-50E4-4E5D-B9D0-625D5DEBC671}\INPROCSERVER32
2009/03/14 12:59:48:421: Regisry item: Path: hkey_classes_root\clsid\{a02a65c1-50e4-4e5d-b9d0-625d5debc671}\progid\
2009/03/14 12:59:48:421: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{A02A65C1-50E4-4E5D-B9D0-625D5DEBC671}\PROGID
2009/03/14 12:59:48:421: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{A02A65C1-50E4-4E5D-B9D0-625D5DEBC671}\PROGRAMMABLE
2009/03/14 12:59:48:421: Regisry item: Path: hkey_classes_root\clsid\{a02a65c1-50e4-4e5d-b9d0-625d5debc671}\typelib\
2009/03/14 12:59:48:421: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{A02A65C1-50E4-4E5D-B9D0-625D5DEBC671}\TYPELIB
2009/03/14 12:59:48:421: Regisry item: Path: hkey_classes_root\clsid\{a02a65c1-50e4-4e5d-b9d0-625d5debc671}\versionindependentprogid\
2009/03/14 12:59:48:421: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{A02A65C1-50E4-4E5D-B9D0-625D5DEBC671}\VERSIONINDEPENDENTPROGID
2009/03/14 12:59:48:421: Regisry item: Path: hkey_classes_root\clsid\{a02a65c1-50e4-4e5d-b9d0-625d5debc671}\
2009/03/14 12:59:48:421: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{A02A65C1-50E4-4E5D-B9D0-625D5DEBC671}
2009/03/14 12:59:48:437: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{A0A61B00-96A6-457F-AA5E-AFA5167852E5}\CONTROL
2009/03/14 12:59:48:437: Regisry item: Path: hkey_classes_root\clsid\{a0a61b00-96a6-457f-aa5e-afa5167852e5}\inprocserver32\
2009/03/14 12:59:48:437: Regisry item: Path: hkey_classes_root\clsid\{a0a61b00-96a6-457f-aa5e-afa5167852e5}\inprocserver32\ThreadingModel
2009/03/14 12:59:48:437: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{A0A61B00-96A6-457F-AA5E-AFA5167852E5}\INPROCSERVER32
2009/03/14 12:59:48:437: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{A0A61B00-96A6-457F-AA5E-AFA5167852E5}\INSERTABLE
2009/03/14 12:59:48:437: Regisry item: Path: hkey_classes_root\clsid\{a0a61b00-96a6-457f-aa5e-afa5167852e5}\miscstatus\1\
2009/03/14 12:59:48:437: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{A0A61B00-96A6-457F-AA5E-AFA5167852E5}\MISCSTATUS\1
2009/03/14 12:59:48:437: Regisry item: Path: hkey_classes_root\clsid\{a0a61b00-96a6-457f-aa5e-afa5167852e5}\miscstatus\
2009/03/14 12:59:48:437: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{A0A61B00-96A6-457F-AA5E-AFA5167852E5}\MISCSTATUS
2009/03/14 12:59:48:437: Regisry item: Path: hkey_classes_root\clsid\{a0a61b00-96a6-457f-aa5e-afa5167852e5}\progid\
2009/03/14 12:59:48:437: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{A0A61B00-96A6-457F-AA5E-AFA5167852E5}\PROGID
2009/03/14 12:59:48:453: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{A0A61B00-96A6-457F-AA5E-AFA5167852E5}\PROGRAMMABLE
2009/03/14 12:59:48:453: Regisry item: Path: hkey_classes_root\clsid\{a0a61b00-96a6-457f-aa5e-afa5167852e5}\toolboxbitmap32\
2009/03/14 12:59:48:453: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{A0A61B00-96A6-457F-AA5E-AFA5167852E5}\TOOLBOXBITMAP32
2009/03/14 12:59:48:453: Regisry item: Path: hkey_classes_root\clsid\{a0a61b00-96a6-457f-aa5e-afa5167852e5}\typelib\
2009/03/14 12:59:48:453: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{A0A61B00-96A6-457F-AA5E-AFA5167852E5}\TYPELIB
2009/03/14 12:59:48:453: Regisry item: Path: hkey_classes_root\clsid\{a0a61b00-96a6-457f-aa5e-afa5167852e5}\version\
2009/03/14 12:59:48:453: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{A0A61B00-96A6-457F-AA5E-AFA5167852E5}\VERSION
2009/03/14 12:59:48:453: Regisry item: Path: hkey_classes_root\clsid\{a0a61b00-96a6-457f-aa5e-afa5167852e5}\versionindependentprogid\
2009/03/14 12:59:48:453: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{A0A61B00-96A6-457F-AA5E-AFA5167852E5}\VERSIONINDEPENDENTPROGID
2009/03/14 12:59:48:468: Regisry item: Path: hkey_classes_root\clsid\{a0a61b00-96a6-457f-aa5e-afa5167852e5}\
2009/03/14 12:59:48:468: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{A0A61B00-96A6-457F-AA5E-AFA5167852E5}
2009/03/14 12:59:48:468: Regisry item: Path: hkey_classes_root\clsid\{bba63cac-9913-4a13-9212-e97bb70c05c9}\inprocserver32\
2009/03/14 12:59:48:468: Regisry item: Path: hkey_classes_root\clsid\{bba63cac-9913-4a13-9212-e97bb70c05c9}\inprocserver32\ThreadingModel
2009/03/14 12:59:48:468: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{BBA63CAC-9913-4A13-9212-E97BB70C05C9}\INPROCSERVER32
2009/03/14 12:59:48:468: Regisry item: Path: hkey_classes_root\clsid\{bba63cac-9913-4a13-9212-e97bb70c05c9}\progid\
2009/03/14 12:59:48:468: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{BBA63CAC-9913-4A13-9212-E97BB70C05C9}\PROGID
2009/03/14 12:59:48:468: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{BBA63CAC-9913-4A13-9212-E97BB70C05C9}\PROGRAMMABLE
2009/03/14 12:59:48:468: Regisry item: Path: hkey_classes_root\clsid\{bba63cac-9913-4a13-9212-e97bb70c05c9}\typelib\
2009/03/14 12:59:48:468: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{BBA63CAC-9913-4A13-9212-E97BB70C05C9}\TYPELIB
2009/03/14 12:59:48:468: Regisry item: Path: hkey_classes_root\clsid\{bba63cac-9913-4a13-9212-e97bb70c05c9}\versionindependentprogid\
2009/03/14 12:59:48:468: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{BBA63CAC-9913-4A13-9212-E97BB70C05C9}\VERSIONINDEPENDENTPROGID
2009/03/14 12:59:48:484: Regisry item: Path: hkey_classes_root\clsid\{bba63cac-9913-4a13-9212-e97bb70c05c9}\
2009/03/14 12:59:48:484: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{BBA63CAC-9913-4A13-9212-E97BB70C05C9}
2009/03/14 12:59:48:484: Regisry item: Path: hkey_classes_root\clsid\{c3271080-c57a-4520-8066-337ad212d7e0}\inprocserver32\
2009/03/14 12:59:48:484: Regisry item: Path: hkey_classes_root\clsid\{c3271080-c57a-4520-8066-337ad212d7e0}\inprocserver32\ThreadingModel
2009/03/14 12:59:48:484: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{C3271080-C57A-4520-8066-337AD212D7E0}\INPROCSERVER32
2009/03/14 12:59:48:484: Regisry item: Path: hkey_classes_root\clsid\{c3271080-c57a-4520-8066-337ad212d7e0}\progid\
2009/03/14 12:59:48:484: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{C3271080-C57A-4520-8066-337AD212D7E0}\PROGID
2009/03/14 12:59:48:500: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{C3271080-C57A-4520-8066-337AD212D7E0}\PROGRAMMABLE
2009/03/14 12:59:48:500: Regisry item: Path: hkey_classes_root\clsid\{c3271080-c57a-4520-8066-337ad212d7e0}\typelib\
2009/03/14 12:59:48:500: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{C3271080-C57A-4520-8066-337AD212D7E0}\TYPELIB
2009/03/14 12:59:48:515: Regisry item: Path: hkey_classes_root\clsid\{c3271080-c57a-4520-8066-337ad212d7e0}\versionindependentprogid\
2009/03/14 12:59:48:515: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{C3271080-C57A-4520-8066-337AD212D7E0}\VERSIONINDEPENDENTPROGID
2009/03/14 12:59:48:515: Regisry item: Path: hkey_classes_root\clsid\{c3271080-c57a-4520-8066-337ad212d7e0}\
2009/03/14 12:59:48:515: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{C3271080-C57A-4520-8066-337AD212D7E0}
2009/03/14 12:59:48:515: Regisry item: Path: hkey_classes_root\clsid\{d3e95e1d-d003-42a0-91fd-465dc624bc7a}\inprocserver32\
2009/03/14 12:59:48:515: Regisry item: Path: hkey_classes_root\clsid\{d3e95e1d-d003-42a0-91fd-465dc624bc7a}\inprocserver32\ThreadingModel
2009/03/14 12:59:48:515: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{D3E95E1D-D003-42A0-91FD-465DC624BC7A}\INPROCSERVER32
2009/03/14 12:59:48:515: Regisry item: Path: hkey_classes_root\clsid\{d3e95e1d-d003-42a0-91fd-465dc624bc7a}\progid\
2009/03/14 12:59:48:515: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{D3E95E1D-D003-42A0-91FD-465DC624BC7A}\PROGID
2009/03/14 12:59:48:515: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{D3E95E1D-D003-42A0-91FD-465DC624BC7A}\PROGRAMMABLE
2009/03/14 12:59:48:531: Regisry item: Path: hkey_classes_root\clsid\{d3e95e1d-d003-42a0-91fd-465dc624bc7a}\typelib\
2009/03/14 12:59:48:546: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{D3E95E1D-D003-42A0-91FD-465DC624BC7A}\TYPELIB
2009/03/14 12:59:48:546: Regisry item: Path: hkey_classes_root\clsid\{d3e95e1d-d003-42a0-91fd-465dc624bc7a}\versionindependentprogid\
2009/03/14 12:59:48:546: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{D3E95E1D-D003-42A0-91FD-465DC624BC7A}\VERSIONINDEPENDENTPROGID
2009/03/14 12:59:48:546: Regisry item: Path: hkey_classes_root\clsid\{d3e95e1d-d003-42a0-91fd-465dc624bc7a}\
2009/03/14 12:59:48:546: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{D3E95E1D-D003-42A0-91FD-465DC624BC7A}
2009/03/14 12:59:48:546: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{D865F1E7-BAC6-4ECA-B37B-0A5DDFF2D031}\CONTROL
2009/03/14 12:59:48:546: Regisry item: Path: hkey_classes_root\clsid\{d865f1e7-bac6-4eca-b37b-0a5ddff2d031}\inprocserver32\
2009/03/14 12:59:48:546: Regisry item: Path: hkey_classes_root\clsid\{d865f1e7-bac6-4eca-b37b-0a5ddff2d031}\inprocserver32\ThreadingModel
2009/03/14 12:59:48:546: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{D865F1E7-BAC6-4ECA-B37B-0A5DDFF2D031}\INPROCSERVER32
2009/03/14 12:59:48:562: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{D865F1E7-BAC6-4ECA-B37B-0A5DDFF2D031}\INSERTABLE
2009/03/14 12:59:48:562: Regisry item: Path: hkey_classes_root\clsid\{d865f1e7-bac6-4eca-b37b-0a5ddff2d031}\miscstatus\1\
2009/03/14 12:59:48:562: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{D865F1E7-BAC6-4ECA-B37B-0A5DDFF2D031}\MISCSTATUS\1
2009/03/14 12:59:48:562: Regisry item: Path: hkey_classes_root\clsid\{d865f1e7-bac6-4eca-b37b-0a5ddff2d031}\miscstatus\
2009/03/14 12:59:48:562: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{D865F1E7-BAC6-4ECA-B37B-0A5DDFF2D031}\MISCSTATUS
2009/03/14 12:59:48:562: Regisry item: Path: hkey_classes_root\clsid\{d865f1e7-bac6-4eca-b37b-0a5ddff2d031}\progid\
2009/03/14 12:59:48:562: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{D865F1E7-BAC6-4ECA-B37B-0A5DDFF2D031}\PROGID
2009/03/14 12:59:48:562: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{D865F1E7-BAC6-4ECA-B37B-0A5DDFF2D031}\PROGRAMMABLE
2009/03/14 12:59:48:562: Regisry item: Path: hkey_classes_root\clsid\{d865f1e7-bac6-4eca-b37b-0a5ddff2d031}\toolboxbitmap32\
2009/03/14 12:59:48:562: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{D865F1E7-BAC6-4ECA-B37B-0A5DDFF2D031}\TOOLBOXBITMAP32
2009/03/14 12:59:48:562: Regisry item: Path: hkey_classes_root\clsid\{d865f1e7-bac6-4eca-b37b-0a5ddff2d031}\typelib\
2009/03/14 12:59:48:578: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{D865F1E7-BAC6-4ECA-B37B-0A5DDFF2D031}\TYPELIB
2009/03/14 12:59:48:578: Regisry item: Path: hkey_classes_root\clsid\{d865f1e7-bac6-4eca-b37b-0a5ddff2d031}\version\
2009/03/14 12:59:48:578: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{D865F1E7-BAC6-4ECA-B37B-0A5DDFF2D031}\VERSION
2009/03/14 12:59:48:578: Regisry item: Path: hkey_classes_root\clsid\{d865f1e7-bac6-4eca-b37b-0a5ddff2d031}\versionindependentprogid\
2009/03/14 12:59:48:578: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{D865F1E7-BAC6-4ECA-B37B-0A5DDFF2D031}\VERSIONINDEPENDENTPROGID
2009/03/14 12:59:48:578: Regisry item: Path: hkey_classes_root\clsid\{d865f1e7-bac6-4eca-b37b-0a5ddff2d031}\
2009/03/14 12:59:48:578: Regisry item: Path: HKEY_CLASSES_ROOT\CLSID\{D865F1E7-BAC6-4ECA-B37B-0A5DDFF2D031}
2009/03/14 12:59:48:578: Regisry item: Path: hkey_classes_root\interface\{02084676-181b-4e44-9e8a-7d2c38bff609}\proxystubclsid\
2009/03/14 12:59:48:593: Regisry item: Path: HKEY_CLASSES_ROOT\INTERFACE\{02084676-181B-4E44-9E8A-7D2C38BFF609}\PROXYSTUBCLSID
2009/03/14 12:59:48:593: Regisry item: Path: hkey_classes_root\interface\{02084676-181b-4e44-9e8a-7d2c38bff609}\proxystubclsid32\
2009/03/14 12:59:48:593: Regisry item: Path: HKEY_CLASSES_ROOT\INTERFACE\{02084676-181B-4E44-9E8A-7D2C38BFF609}\PROXYSTUBCLSID32
2009/03/14 12:59:48:593: Regisry item: Path: hkey_classes_root\interface\{02084676-181b-4e44-9e8a-7d2c38bff609}\typelib\Version
2009/03/14 12:59:48:593: Regisry item: Path: hkey_classes_root\interface\{02084676-181b-4e44-9e8a-7d2c38bff609}\typelib\
2009/03/14 12:59:48:593: Regisry item: Path: HKEY_CLASSES_ROOT\INTERFACE\{02084676-181B-4E44-9E8A-7D2C38BFF609}\TYPELIB
2009/03/14 12:59:48:593: Regisry item: Path: hkey_classes_root\interface\{02084676-181b-4e44-9e8a-7d2c38bff609}\
2009/03/14 12:59:48:593: Regisry item: Path: HKEY_CLASSES_ROOT\INTERFACE\{02084676-181B-4E44-9E8A-7D2C38BFF609}
2009/03/14 12:59:48:593: Regisry item: Path: hkey_classes_root\interface\{05755065-6eca-4f26-a3b1-0ae425b0ee07}\proxystubclsid\
2009/03/14 12:59:48:609: Regisry item: Path: HKEY_CLASSES_ROOT\INTERFACE\{05755065-6ECA-4F26-A3B1-0AE425B0EE07}\PROXYSTUBCLSID
2009/03/14 12:59:48:609: Regisry item: Path: hkey_classes_root\interface\{05755065-6eca-4f26-a3b1-0ae425b0ee07}\proxystubclsid32\
2009/03/14 12:59:48:609: Regisry item: Path: HKEY_CLASSES_ROOT\INTERFACE\{05755065-6ECA-4F26-A3B1-0AE425B0EE07}\PROXYSTUBCLSID32
2009/03/14 12:59:48:625: Regisry item: Path: hkey_classes_root\interface\{05755065-6eca-4f26-a3b1-0ae425b0ee07}\typelib\Version
2009/03/14 12:59:48:640: Regisry item: Path: hkey_classes_root\interface\{05755065-6eca-4f26-a3b1-0ae425b0ee07}\typelib\
2009/03/14 12:59:48:640: Regisry item: Path: HKEY_CLASSES_ROOT\INTERFACE\{05755065-6ECA-4F26-A3B1-0AE425B0EE07}\TYPELIB
2009/03/14 12:59:48:640: Regisry item: Path: hkey_classes_root\interface\{05755065-6eca-4f26-a3b1-0ae425b0ee07}\
2009/03/14 12:59:48:640: Regisry item: Path: HKEY_CLASSES_ROOT\INTERFACE\{05755065-6ECA-4F26-A3B1-0AE425B0EE07}
2009/03/14 12:59:48:640: Regisry item: Path: hkey_classes_root\interface\{0c8d3206-4a88-43d9-bb91-0ecc8c5f79cf}\proxystubclsid\
2009/03/14 12:59:48:640: Regisry item: Path: HKEY_CLASSES_ROOT\INTERFACE\{0C8D3206-4A88-43D9-BB91-0ECC8C5F79CF}\PROXYSTUBCLSID
2009/03/14 12:59:48:640: Regisry item: Path: hkey_classes_root\interface\{0c8d3206-4a88-43d9-bb91-0ecc8c5f79cf}\proxystubclsid32\
2009/03/14 12:59:48:640: Regisry item: Path: HKEY_CLASSES_ROOT\INTERFACE\{0C8D3206-4A88-43D9-BB91-0ECC8C5F79CF}\PROXYSTUBCLSID32
2009/03/14 12:59:48:640: Regisry item: Path: hkey_classes_root\interface\{0c8d3206-4a88-43d9-bb91-0ecc8c5f79cf}\typelib\
2009/03/14 12:59:48:656: Regisry item: Path: hkey_classes_root\interface\{0c8d3206-4a88-43d9-bb91-0ecc8c5f79cf}\typelib\Version
2009/03/14 12:59:48:656: Regisry item: Path: HKEY_CLASSES_ROOT\INTERFACE\{0C8D3206-4A88-43D9-BB91-0ECC8C5F79CF}\TYPELIB
2009/03/14 12:59:48:656: Regisry item: Path: hkey_classes_root\interface\{0c8d3206-4a88-43d9-bb91-0ecc8c5f79cf}\
2009/03/14 12:59:48:656: Regisry item: Path: HKEY_CLASSES_ROOT\INTERFACE\{0C8D3206-4A88-43D9-BB91-0ECC8C5F79CF}
2009/03/14 12:59:48:656: Regisry item: Path: hkey_classes_root\interface\{6081a14b-77ec-4451-aba0-20957c818bfe}\proxystubclsid\
2009/03/14 12:59:48:656: Regisry item: Path: HKEY_CLASSES_ROOT\INTERFACE\{6081A14B-77EC-4451-ABA0-20957C818BFE}\PROXYSTUBCLSID
2009/03/14 12:59:48:656: Regisry item: Path: hkey_classes_root\interface\{6081a14b-77ec-4451-aba0-20957c818bfe}\proxystubclsid32\
2009/03/14 12:59:48:656: Regisry item: Path: HKEY_CLASSES_ROOT\INTERFACE\{6081A14B-77EC-4451-ABA0-20957C818BFE}\PROXYSTUBCLSID32
2009/03/14 12:59:48:656: Regisry item: Path: hkey_classes_root\interface\{6081a14b-77ec-4451-aba0-20957c818bfe}\typelib\Version
2009/03/14 12:59:48:656: Regisry item: Path: hkey_classes_root\interface\{6081a14b-77ec-4451-aba0-20957c818bfe}\typelib\
2009/03/14 12:59:48:671: Regisry item: Path: HKEY_CLASSES_ROOT\INTERFACE\{6081A14B-77EC-4451-ABA0-20957C818BFE}\TYPELIB
2009/03/14 12:59:48:671: Regisry item: Path: hkey_classes_root\interface\{6081a14b-77ec-4451-aba0-20957c818bfe}\
2009/03/14 12:59:48:671: Regisry item: Path: HKEY_CLASSES_ROOT\INTERFACE\{6081A14B-77EC-4451-ABA0-20957C818BFE}
2009/03/14 12:59:48:671: Regisry item: Path: hkey_classes_root\interface\{626bc99a-6ff2-4cfc-b027-66d618cfd6de}\proxystubclsid\
2009/03/14 12:59:48:703: Regisry item: Path: HKEY_CLASSES_ROOT\INTERFACE\{626BC99A-6FF2-4CFC-B027-66D618CFD6DE}\PROXYSTUBCLSID
2009/03/14 12:59:48:703: Regisry item: Path: hkey_classes_root\interface\{626bc99a-6ff2-4cfc-b027-66d618cfd6de}\proxystubclsid32\
2009/03/14 12:59:48:703: Regisry item: Path: HKEY_CLASSES_ROOT\INTERFACE\{626BC99A-6FF2-4CFC-B027-66D618CFD6DE}\PROXYSTUBCLSID32
2009/03/14 12:59:48:718: Regisry item: Path: hkey_classes_root\interface\{626bc99a-6ff2-4cfc-b027-66d618cfd6de}\typelib\
2009/03/14 12:59:48:718: Regisry item: Path: hkey_classes_root\interface\{626bc99a-6ff2-4cfc-b027-66d618cfd6de}\typelib\Version
2009/03/14 12:59:48:718: Regisry item: Path: HKEY_CLASSES_ROOT\INTERFACE\{626BC99A-6FF2-4CFC-B027-66D618CFD6DE}\TYPELIB
2009/03/14 12:59:48:718: Regisry item: Path: hkey_classes_root\interface\{626bc99a-6ff2-4cfc-b027-66d618cfd6de}\
2009/03/14 12:59:48:718: Regisry item: Path: HKEY_CLASSES_ROOT\INTERFACE\{626BC99A-6FF2-4CFC-B027-66D618CFD6DE}
2009/03/14 12:59:48:718: Regisry item: Path: hkey_classes_root\interface\{68051560-dba7-4939-8e34-4a8f28313e65}\proxystubclsid\
2009/03/14 12:59:48:734: Regisry item: Path: HKEY_CLASSES_ROOT\INTERFACE\{68051560-DBA7-4939-8E34-4A8F28313E65}\PROXYSTUBCLSID
2009/03/14 12:59:48:734: Regisry item: Path: hkey_classes_root\interface\{68051560-dba7-4939-8e34-4a8f28313e65}\proxystubclsid32\
2009/03/14 12:59:48:734: Regisry item: Path: HKEY_CLASSES_ROOT\INTERFACE\{68051560-DBA7-4939-8E34-4A8F28313E65}\PROXYSTUBCLSID32
2009/03/14 12:59:48:734: Regisry item: Path: hkey_classes_root\interface\{68051560-dba7-4939-8e34-4a8f28313e65}\typelib\Version
2009/03/14 12:59:48:734: Regisry item: Path: hkey_classes_root\interface\{68051560-dba7-4939-8e34-4a8f28313e65}\typelib\
2009/03/14 12:59:48:734: Regisry item: Path: HKEY_CLASSES_ROOT\INTERFACE\{68051560-DBA7-4939-8E34-4A8F28313E65}\TYPELIB
2009/03/14 12:59:48:734: Regisry item: Path: hkey_classes_root\interface\{68051560-dba7-4939-8e34-4a8f28313e65}\
2009/03/14 12:59:48:734: Regisry item: Path: HKEY_CLASSES_ROOT\INTERFACE\{68051560-DBA7-4939-8E34-4A8F28313E65}
2009/03/14 12:59:48:734: Regisry item: Path: hkey_classes_root\interface\{6f9f8921-d7a9-47e4-a0d5-b5f2ca673408}\proxystubclsid\
2009/03/14 12:59:48:734: Regisry item: Path: HKEY_CLASSES_ROOT\INTERFACE\{6F9F8921-D7A9-47E4-A0D5-B5F2CA673408}\PROXYSTUBCLSID
2009/03/14 12:59:48:750: Regisry item: Path: hkey_classes_root\interface\{6f9f8921-d7a9-47e4-a0d5-b5f2ca673408}\proxystubclsid32\
2009/03/14 12:59:48:750: Regisry item: Path: HKEY_CLASSES_ROOT\INTERFACE\{6F9F8921-D7A9-47E4-A0D5-B5F2CA673408}\PROXYSTUBCLSID32
2009/03/14 12:59:48:750: Regisry item: Path: hkey_classes_root\interface\{6f9f8921-d7a9-47e4-a0d5-b5f2ca673408}\typelib\
2009/03/14 12:59:48:750: Regisry item: Path: hkey_classes_root\interface\{6f9f8921-d7a9-47e4-a0d5-b5f2ca673408}\typelib\Version
2009/03/14 12:59:48:750: Regisry item: Path: HKEY_CLASSES_ROOT\INTERFACE\{6F9F8921-D7A9-47E4-A0D5-B5F2CA673408}\TYPELIB
2009/03/14 12:59:48:750: Regisry item: Path: hkey_classes_root\interface\{6f9f8921-d7a9-47e4-a0d5-b5f2ca673408}\
2009/03/14 12:59:48:750: Regisry item: Path: HKEY_CLASSES_ROOT\INTERFACE\{6F9F8921-D7A9-47E4-A0D5-B5F2CA673408}
2009/03/14 12:59:48:750: Regisry item: Path: hkey_classes_root\interface\{7bbbf946-057b-4b1e-bcd4-5ab8f32db7a1}\proxystubclsid\
2009/03/14 12:59:48:750: Regisry item: Path: HKEY_CLASSES_ROOT\INTERFACE\{7BBBF946-057B-4B1E-BCD4-5AB8F32DB7A1}\PROXYSTUBCLSID
2009/03/14 12:59:48:750: Regisry item: Path: hkey_classes_root\interface\{7bbbf946-057b-4b1e-bcd4-5ab8f32db7a1}\proxystubclsid32\
2009/03/14 12:59:48:765: Regisry item: Path: HKEY_CLASSES_ROOT\INTERFACE\{7BBBF946-057B-4B1E-BCD4-5AB8F32DB7A1}\PROXYSTUBCLSID32
2009/03/14 12:59:48:765: Regisry item: Path: hkey_classes_root\interface\{7bbbf946-057b-4b1e-bcd4-5ab8f32db7a1}\typelib\Version
2009/03/14 12:59:48:765: Regisry item: Path: hkey_classes_root\interface\{7bbbf946-057b-4b1e-bcd4-5ab8f32db7a1}\typelib\
2009/03/14 12:59:48:765: Regisry item: Path: HKEY_CLASSES_ROOT\INTERFACE\{7BBBF946-057B-4B1E-BCD4-5AB8F32DB7A1}\TYPELIB
2009/03/14 12:59:48:781: Regisry item: Path: hkey_classes_root\interface\{7bbbf946-057b-4b1e-bcd4-5ab8f32db7a1}\
2009/03/14 12:59:48:781: Regisry item: Path: HKEY_CLASSES_ROOT\INTERFACE\{7BBBF946-057B-4B1E-BCD4-5AB8F32DB7A1}
2009/03/14 12:59:48:781: Regisry item: Path: hkey_classes_root\interface\{ca6d55e7-f279-42ba-aec5-5338c5ce5b30}\proxystubclsid\
2009/03/14 12:59:48:781: Regisry item: Path: HKEY_CLASSES_ROOT\INTERFACE\{CA6D55E7-F279-42BA-AEC5-5338C5CE5B30}\PROXYSTUBCLSID
2009/03/14 12:59:48:781: Regisry item: Path: hkey_classes_root\interface\{ca6d55e7-f279-42ba-aec5-5338c5ce5b30}\proxystubclsid32\
2009/03/14 12:59:48:781: Regisry item: Path: HKEY_CLASSES_ROOT\INTERFACE\{CA6D55E7-F279-42BA-AEC5-5338C5CE5B30}\PROXYSTUBCLSID32
2009/03/14 12:59:48:781: Regisry item: Path: hkey_classes_root\interface\{ca6d55e7-f279-42ba-aec5-5338c5ce5b30}\typelib\
2009/03/14 12:59:48:796: Regisry item: Path: hkey_classes_root\interface\{ca6d55e7-f279-42ba-aec5-5338c5ce5b30}\typelib\Version
2009/03/14 12:59:48:796: Regisry item: Path: HKEY_CLASSES_ROOT\INTERFACE\{CA6D55E7-F279-42BA-AEC5-5338C5CE5B30}\TYPELIB
2009/03/14 12:59:48:796: Regisry item: Path: hkey_classes_root\interface\{ca6d55e7-f279-42ba-aec5-5338c5ce5b30}\
2009/03/14 12:59:48:796: Regisry item: Path: HKEY_CLASSES_ROOT\INTERFACE\{CA6D55E7-F279-42BA-AEC5-5338C5CE5B30}
2009/03/14 12:59:48:796: Regisry item: Path: hkey_classes_root\interface\{dbac3afa-8540-497e-bb31-d6a8667a43af}\proxystubclsid\
2009/03/14 12:59:48:796: Regisry item: Path: HKEY_CLASSES_ROOT\INTERFACE\{DBAC3AFA-8540-497E-BB31-D6A8667A43AF}\PROXYSTUBCLSID
2009/03/14 12:59:48:796: Regisry item: Path: hkey_classes_root\interface\{dbac3afa-8540-497e-bb31-d6a8667a43af}\proxystubclsid32\
2009/03/14 12:59:48:796: Regisry item: Path: HKEY_CLASSES_ROOT\INTERFACE\{DBAC3AFA-8540-497E-BB31-D6A8667A43AF}\PROXYSTUBCLSID32
2009/03/14 12:59:48:796: Regisry item: Path: hkey_classes_root\interface\{dbac3afa-8540-497e-bb31-d6a8667a43af}\typelib\Version
2009/03/14 12:59:48:796: Regisry item: Path: hkey_classes_root\interface\{dbac3afa-8540-497e-bb31-d6a8667a43af}\typelib\
2009/03/14 12:59:48:812: Regisry item: Path: HKEY_CLASSES_ROOT\INTERFACE\{DBAC3AFA-8540-497E-BB31-D6A8667A43AF}\TYPELIB
2009/03/14 12:59:48:812: Regisry item: Path: hkey_classes_root\interface\{dbac3afa-8540-497e-bb31-d6a8667a43af}\
2009/03/14 12:59:48:812: Regisry item: Path: HKEY_CLASSES_ROOT\INTERFACE\{DBAC3AFA-8540-497E-BB31-D6A8667A43AF}
2009/03/14 12:59:48:812: Regisry item: Path: hkey_classes_root\interface\{df814b45-2ed1-4471-b151-89e6d49ad3e5}\proxystubclsid\
2009/03/14 12:59:48:812: Regisry item: Path: HKEY_CLASSES_ROOT\INTERFACE\{DF814B45-2ED1-4471-B151-89E6D49AD3E5}\PROXYSTUBCLSID
2009/03/14 12:59:48:812: Regisry item: Path: hkey_classes_root\interface\{df814b45-2ed1-4471-b151-89e6d49ad3e5}\proxystubclsid32\
2009/03/14 12:59:48:812: Regisry item: Path: HKEY_CLASSES_ROOT\INTERFACE\{DF814B45-2ED1-4471-B151-89E6D49AD3E5}\PROXYSTUBCLSID32
2009/03/14 12:59:48:812: Regisry item: Path: hkey_classes_root\interface\{df814b45-2ed1-4471-b151-89e6d49ad3e5}\typelib\
2009/03/14 12:59:48:812: Regisry item: Path: hkey_classes_root\interface\{df814b45-2ed1-4471-b151-89e6d49ad3e5}\typelib\Version
2009/03/14 12:59:48:812: Regisry item: Path: HKEY_CLASSES_ROOT\INTERFACE\{DF814B45-2ED1-4471-B151-89E6D49AD3E5}\TYPELIB
2009/03/14 12:59:48:828: Regisry item: Path: hkey_classes_root\interface\{df814b45-2ed1-4471-b151-89e6d49ad3e5}\
2009/03/14 12:59:48:828: Regisry item: Path: HKEY_CLASSES_ROOT\INTERFACE\{DF814B45-2ED1-4471-B151-89E6D49AD3E5}
2009/03/14 12:59:48:843: Regisry item: Path: hkey_classes_root\interface\{f066ccad-163a-4617-ba3c-ba4a4f80320c}\proxystubclsid\
2009/03/14 12:59:48:843: Regisry item: Path: HKEY_CLASSES_ROOT\INTERFACE\{F066CCAD-163A-4617-BA3C-BA4A4F80320C}\PROXYSTUBCLSID
2009/03/14 12:59:48:843: Regisry item: Path: hkey_classes_root\interface\{f066ccad-163a-4617-ba3c-ba4a4f80320c}\proxystubclsid32\
2009/03/14 12:59:48:843: Regisry item: Path: HKEY_CLASSES_ROOT\INTERFACE\{F066CCAD-163A-4617-BA3C-BA4A4F80320C}\PROXYSTUBCLSID32
2009/03/14 12:59:48:843: Regisry item: Path: hkey_classes_root\interface\{f066ccad-163a-4617-ba3c-ba4a4f80320c}\typelib\Version
2009/03/14 12:59:48:843: Regisry item: Path: hkey_classes_root\interface\{f066ccad-163a-4617-ba3c-ba4a4f80320c}\typelib\
2009/03/14 12:59:48:843: Regisry item: Path: HKEY_CLASSES_ROOT\INTERFACE\{F066CCAD-163A-4617-BA3C-BA4A4F80320C}\TYPELIB
2009/03/14 12:59:48:843: Regisry item: Path: hkey_classes_root\interface\{f066ccad-163a-4617-ba3c-ba4a4f80320c}\
2009/03/14 12:59:48:843: Regisry item: Path: HKEY_CLASSES_ROOT\INTERFACE\{F066CCAD-163A-4617-BA3C-BA4A4F80320C}
2009/03/14 12:59:48:843: Regisry item: Path: hkey_classes_root\typelib\{55a560a7-e3f9-4790-8d22-f3a97009ac8f}\1.1\0\win32\
2009/03/14 12:59:48:859: Regisry item: Path: HKEY_CLASSES_ROOT\TYPELIB\{55A560A7-E3F9-4790-8D22-F3A97009AC8F}\1.1\0\WIN32
2009/03/14 12:59:48:859: Regisry item: Path: HKEY_CLASSES_ROOT\TYPELIB\{55A560A7-E3F9-4790-8D22-F3A97009AC8F}\1.1\0
2009/03/14 12:59:48:859: Regisry item: Path: hkey_classes_root\typelib\{55a560a7-e3f9-4790-8d22-f3a97009ac8f}\1.1\flags\
2009/03/14 12:59:48:859: Regisry item: Path: HKEY_CLASSES_ROOT\TYPELIB\{55A560A7-E3F9-4790-8D22-F3A97009AC8F}\1.1\FLAGS
2009/03/14 12:59:48:859: Regisry item: Path: hkey_classes_root\typelib\{55a560a7-e3f9-4790-8d22-f3a97009ac8f}\1.1\helpdir\
2009/03/14 12:59:48:859: Regisry item: Path: HKEY_CLASSES_ROOT\TYPELIB\{55A560A7-E3F9-4790-8D22-F3A97009AC8F}\1.1\HELPDIR
2009/03/14 12:59:48:859: Regisry item: Path: hkey_classes_root\typelib\{55a560a7-e3f9-4790-8d22-f3a97009ac8f}\1.1\
2009/03/14 12:59:48:859: Regisry item: Path: HKEY_CLASSES_ROOT\TYPELIB\{55A560A7-E3F9-4790-8D22-F3A97009AC8F}\1.1
2009/03/14 12:59:48:859: Regisry item: Path: HKEY_CLASSES_ROOT\TYPELIB\{55A560A7-E3F9-4790-8D22-F3A97009AC8F}
2009/03/14 12:59:48:859: Regisry item: Path: hkey_classes_root\xceed.encryption\clsid\
2009/03/14 12:59:48:859: Regisry item: Path: HKEY_CLASSES_ROOT\XCEED.ENCRYPTION\CLSID
2009/03/14 12:59:48:875: Regisry item: Path: hkey_classes_root\xceed.encryption\curver\
2009/03/14 12:59:48:875: Regisry item: Path: HKEY_CLASSES_ROOT\XCEED.ENCRYPTION\CURVER
2009/03/14 12:59:48:875: Regisry item: Path: hkey_classes_root\xceed.encryption\
2009/03/14 12:59:48:875: Regisry item: Path: HKEY_CLASSES_ROOT\XCEED.ENCRYPTION
2009/03/14 12:59:48:875: Regisry item: Path: hkey_classes_root\xceed.encryption.1\clsid\
2009/03/14 12:59:48:875: Regisry item: Path: HKEY_CLASSES_ROOT\XCEED.ENCRYPTION.1\CLSID
2009/03/14 12:59:48:875: Regisry item: Path: hkey_classes_root\xceed.encryption.1\insertable\
2009/03/14 12:59:48:875: Regisry item: Path: HKEY_CLASSES_ROOT\XCEED.ENCRYPTION.1\INSERTABLE
2009/03/14 12:59:48:875: Regisry item: Path: hkey_classes_root\xceed.encryption.1\
2009/03/14 12:59:48:875: Regisry item: Path: HKEY_CLASSES_ROOT\XCEED.ENCRYPTION.1
2009/03/14 12:59:48:875: Regisry item: Path: hkey_classes_root\xceed.hashing\clsid\
2009/03/14 12:59:48:875: Regisry item: Path: HKEY_CLASSES_ROOT\XCEED.HASHING\CLSID
2009/03/14 12:59:48:890: Regisry item: Path: hkey_classes_root\xceed.hashing\curver\
2009/03/14 12:59:48:890: Regisry item: Path: HKEY_CLASSES_ROOT\XCEED.HASHING\CURVER
2009/03/14 12:59:48:890: Regisry item: Path: hkey_classes_root\xceed.hashing\
2009/03/14 12:59:48:890: Regisry item: Path: HKEY_CLASSES_ROOT\XCEED.HASHING
2009/03/14 12:59:48:890: Regisry item: Path: hkey_classes_root\xceed.hashing.1\clsid\
2009/03/14 12:59:48:890: Regisry item: Path: HKEY_CLASSES_ROOT\XCEED.HASHING.1\CLSID
2009/03/14 12:59:48:890: Regisry item: Path: hkey_classes_root\xceed.hashing.1\insertable\
2009/03/14 12:59:48:890: Regisry item: Path: HKEY_CLASSES_ROOT\XCEED.HASHING.1\INSERTABLE
2009/03/14 12:59:48:890: Regisry item: Path: hkey_classes_root\xceed.hashing.1\
2009/03/14 12:59:48:890: Regisry item: Path: HKEY_CLASSES_ROOT\XCEED.HASHING.1
2009/03/14 12:59:48:906: Regisry item: Path: hkey_classes_root\xceed.havalhashingmethod\clsid\
2009/03/14 12:59:48:906: Regisry item: Path: HKEY_CLASSES_ROOT\XCEED.HAVALHASHINGMETHOD\CLSID
2009/03/14 12:59:48:906: Regisry item: Path: hkey_classes_root\xceed.havalhashingmethod\curver\
2009/03/14 12:59:48:906: Regisry item: Path: HKEY_CLASSES_ROOT\XCEED.HAVALHASHINGMETHOD\CURVER
2009/03/14 12:59:48:906: Regisry item: Path: hkey_classes_root\xceed.havalhashingmethod\
2009/03/14 12:59:48:906: Regisry item: Path: HKEY_CLASSES_ROOT\XCEED.HAVALHASHINGMETHOD
2009/03/14 12:59:48:906: Regisry item: Path: hkey_classes_root\xceed.havalhashingmethod.1\clsid\
2009/03/14 12:59:48:906: Regisry item: Path: HKEY_CLASSES_ROOT\XCEED.HAVALHASHINGMETHOD.1\CLSID
2009/03/14 12:59:48:906: Regisry item: Path: hkey_classes_root\xceed.havalhashingmethod.1\
2009/03/14 12:59:48:906: Regisry item: Path: HKEY_CLASSES_ROOT\XCEED.HAVALHASHINGMETHOD.1
2009/03/14 12:59:48:921: Regisry item: Path: hkey_classes_root\xceed.rijndaelencryptionmethod\clsid\
2009/03/14 12:59:48:921: Regisry item: Path: HKEY_CLASSES_ROOT\XCEED.RIJNDAELENCRYPTIONMETHOD\CLSID
2009/03/14 12:59:48:921: Regisry item: Path: hkey_classes_root\xceed.rijndaelencryptionmethod\curver\
2009/03/14 12:59:48:937: Regisry item: Path: HKEY_CLASSES_ROOT\XCEED.RIJNDAELENCRYPTIONMETHOD\CURVER
2009/03/14 12:59:48:937: Regisry item: Path: hkey_classes_root\xceed.rijndaelencryptionmethod\
2009/03/14 12:59:48:937: Regisry item: Path: HKEY_CLASSES_ROOT\XCEED.RIJNDAELENCRYPTIONMETHOD
2009/03/14 12:59:48:937: Regisry item: Path: hkey_classes_root\xceed.rijndaelencryptionmethod.1\clsid\
2009/03/14 12:59:48:937: Regisry item: Path: HKEY_CLASSES_ROOT\XCEED.RIJNDAELENCRYPTIONMETHOD.1\CLSID
2009/03/14 12:59:48:937: Regisry item: Path: hkey_classes_root\xceed.rijndaelencryptionmethod.1\
2009/03/14 12:59:48:937: Regisry item: Path: HKEY_CLASSES_ROOT\XCEED.RIJNDAELENCRYPTIONMETHOD.1
2009/03/14 12:59:48:953: Regisry item: Path: hkey_classes_root\xceed.rsaencryptionmethod\clsid\
2009/03/14 12:59:48:953: Regisry item: Path: HKEY_CLASSES_ROOT\XCEED.RSAENCRYPTIONMETHOD\CLSID
2009/03/14 12:59:48:953: Regisry item: Path: hkey_classes_root\xceed.rsaencryptionmethod\curver\
2009/03/14 12:59:48:953: Regisry item: Path: HKEY_CLASSES_ROOT\XCEED.RSAENCRYPTIONMETHOD\CURVER
2009/03/14 12:59:48:953: Regisry item: Path: hkey_classes_root\xceed.rsaencryptionmethod\
2009/03/14 12:59:48:953: Regisry item: Path: HKEY_CLASSES_ROOT\XCEED.RSAENCRYPTIONMETHOD
2009/03/14 12:59:48:953: Regisry item: Path: hkey_classes_root\xceed.rsaencryptionmethod.1\clsid\
2009/03/14 12:59:48:953: Regisry item: Path: HKEY_CLASSES_ROOT\XCEED.RSAENCRYPTIONMETHOD.1\CLSID
2009/03/14 12:59:48:953: Regisry item: Path: hkey_classes_root\xceed.rsaencryptionmethod.1\
2009/03/14 12:59:48:953: Regisry item: Path: HKEY_CLASSES_ROOT\XCEED.RSAENCRYPTIONMETHOD.1
2009/03/14 12:59:48:968: Regisry item: Path: hkey_classes_root\xceed.rsasigningmethod\clsid\
2009/03/14 12:59:48:968: Regisry item: Path: HKEY_CLASSES_ROOT\XCEED.RSASIGNINGMETHOD\CLSID
2009/03/14 12:59:48:968: Regisry item: Path: hkey_classes_root\xceed.rsasigningmethod\curver\
2009/03/14 12:59:48:968: Regisry item: Path: HKEY_CLASSES_ROOT\XCEED.RSASIGNINGMETHOD\CURVER
2009/03/14 12:59:48:968: Regisry item: Path: hkey_classes_root\xceed.rsasigningmethod\
2009/03/14 12:59:48:968: Regisry item: Path: HKEY_CLASSES_ROOT\XCEED.RSASIGNINGMETHOD
2009/03/14 12:59:48:968: Regisry item: Path: hkey_classes_root\xceed.rsasigningmethod.1\clsid\
2009/03/14 12:59:48:968: Regisry item: Path: HKEY_CLASSES_ROOT\XCEED.RSASIGNINGMETHOD.1\CLSID
2009/03/14 12:59:48:968: Regisry item: Path: hkey_classes_root\xceed.rsasigningmethod.1\
2009/03/14 12:59:48:968: Regisry item: Path: HKEY_CLASSES_ROOT\XCEED.RSASIGNINGMETHOD.1
2009/03/14 12:59:48:968: Regisry item: Path: hkey_classes_root\xceed.shahashingmethod\clsid\
2009/03/14 12:59:48:984: Regisry item: Path: HKEY_CLASSES_ROOT\XCEED.SHAHASHINGMETHOD\CLSID
2009/03/14 12:59:48:984: Regisry item: Path: hkey_classes_root\xceed.shahashingmethod\curver\
2009/03/14 12:59:48:984: Regisry item: Path: HKEY_CLASSES_ROOT\XCEED.SHAHASHINGMETHOD\CURVER
2009/03/14 12:59:48:984: Regisry item: Path: hkey_classes_root\xceed.shahashingmethod\
2009/03/14 12:59:48:984: Regisry item: Path: HKEY_CLASSES_ROOT\XCEED.SHAHASHINGMETHOD
2009/03/14 12:59:48:984: Regisry item: Path: hkey_classes_root\xceed.shahashingmethod.1\clsid\
2009/03/14 12:59:48:984: Regisry item: Path: HKEY_CLASSES_ROOT\XCEED.SHAHASHINGMETHOD.1\CLSID
2009/03/14 12:59:48:984: Regisry item: Path: hkey_classes_root\xceed.shahashingmethod.1\
2009/03/14 12:59:48:984: Regisry item: Path: HKEY_CLASSES_ROOT\XCEED.SHAHASHINGMETHOD.1
2009/03/14 12:59:48:984: Regisry item: Path: hkey_classes_root\xceed.signing\clsid\
2009/03/14 12:59:48:984: Regisry item: Path: HKEY_CLASSES_ROOT\XCEED.SIGNING\CLSID
2009/03/14 12:59:48:984: Regisry item: Path: hkey_classes_root\xceed.signing\curver\
2009/03/14 12:59:49:000: Regisry item: Path: HKEY_CLASSES_ROOT\XCEED.SIGNING\CURVER
2009/03/14 12:59:49:000: Regisry item: Path: hkey_classes_root\xceed.signing\
2009/03/14 12:59:49:000: Regisry item: Path: HKEY_CLASSES_ROOT\XCEED.SIGNING
2009/03/14 12:59:49:000: Regisry item: Path: hkey_classes_root\xceed.signing.1\clsid\
2009/03/14 12:59:49:000: Regisry item: Path: HKEY_CLASSES_ROOT\XCEED.SIGNING.1\CLSID
2009/03/14 12:59:49:000: Regisry item: Path: hkey_classes_root\xceed.signing.1\insertable\
2009/03/14 12:59:49:000: Regisry item: Path: HKEY_CLASSES_ROOT\XCEED.SIGNING.1\INSERTABLE
2009/03/14 12:59:49:000: Regisry item: Path: hkey_classes_root\xceed.signing.1\
2009/03/14 12:59:49:000: Regisry item: Path: HKEY_CLASSES_ROOT\XCEED.SIGNING.1
2009/03/14 12:59:49:000: Regisry item: Path: hkey_classes_root\xceed.twofishencryptionmethod\clsid\
2009/03/14 12:59:49:000: Regisry item: Path: HKEY_CLASSES_ROOT\XCEED.TWOFISHENCRYPTIONMETHOD\CLSID
2009/03/14 12:59:49:015: Regisry item: Path: hkey_classes_root\xceed.twofishencryptionmethod\curver\
2009/03/14 12:59:49:015: Regisry item: Path: HKEY_CLASSES_ROOT\XCEED.TWOFISHENCRYPTIONMETHOD\CURVER
2009/03/14 12:59:49:015: Regisry item: Path: hkey_classes_root\xceed.twofishencryptionmethod\
2009/03/14 12:59:49:015: Regisry item: Path: HKEY_CLASSES_ROOT\XCEED.TWOFISHENCRYPTIONMETHOD
2009/03/14 12:59:49:015: Regisry item: Path: hkey_classes_root\xceed.twofishencryptionmethod.1\clsid\
2009/03/14 12:59:49:015: Regisry item: Path: HKEY_CLASSES_ROOT\XCEED.TWOFISHENCRYPTIONMETHOD.1\CLSID
2009/03/14 12:59:49:015: Regisry item: Path: hkey_classes_root\xceed.twofishencryptionmethod.1\
2009/03/14 12:59:49:031: Regisry item: Path: HKEY_CLASSES_ROOT\XCEED.TWOFISHENCRYPTIONMETHOD.1
2009/03/14 12:59:49:031: Regisry item: Path: hkey_current_user\software\cognac\s00000002
2009/03/14 12:59:49:031: Regisry item: Path: hkey_current_user\software\cognac\s00000000
2009/03/14 12:59:49:031: Regisry item: Path: hkey_current_user\software\cognac\s00000001
2009/03/14 12:59:49:031: Regisry item: Path: hkey_current_user\software\cognac\d00000004
2009/03/14 12:59:49:031: Regisry item: Path: hkey_current_user\software\cognac\d00000005
2009/03/14 12:59:49:046: Regisry item: Path: hkey_current_user\software\cognac\d00000002
2009/03/14 12:59:49:046: Regisry item: Path: hkey_current_user\software\cognac\d00000003
2009/03/14 12:59:49:046: Regisry item: Path: hkey_current_user\software\cognac\d00000006
2009/03/14 12:59:49:046: Regisry item: Path: hkey_current_user\software\cognac\d00000000
2009/03/14 12:59:49:046: Regisry item: Path: hkey_current_user\software\cognac\d00000001
2009/03/14 12:59:49:046: Regisry item: Path: HKEY_CURRENT_USER\SOFTWARE\COGNAC
2009/03/14 12:59:49:046: PostQuarantine
2009/03/14 12:59:49:046: Entering Permission Fix
2009/03/14 12:59:49:109: LSPFix v1.7: Running FixAll
2009/03/14 12:59:49:921: Database Version: 11.3.2 1236708021
2009/03/14 12:59:53:218: Database Version: 11.3.2 1236708021
2009/03/14 13:00:17:187: Updating Security Center Info: MalwareRemovalBot, C:\Program Files\MalwareRemovalBot\MalwareRemovalBot.exe, 1, 0
2009/03/14 13:00:17:328: ConnectServer: service
2009/03/14 13:00:17:421: Finish Logging

#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,605 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:37 PM

Posted 14 March 2009 - 05:42 PM

Please reread and follow my instructions in Post #2.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 Cougar68

Cougar68
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Clearwater Fl
  • Local time:03:37 PM

Posted 15 March 2009 - 12:31 PM

Ithink iI did it right this time

Malwarebytes' Anti-Malware 1.34
Database version: 1749
Windows 5.1.2600 Service Pack 3

3/15/2009 01:20:56 PM
mbam-log-2009-03-15 (13-20-56).txt

Scan type: Quick Scan
Objects scanned: 71835
Time elapsed: 2 minute(s), 14 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 7
Files Infected: 11

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Documents and Settings\Jerry\Application Data\MalwareRemovalBot (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jerry\Application Data\MalwareRemovalBot\Log (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jerry\Application Data\MalwareRemovalBot\Quarantine (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jerry\Application Data\MalwareRemovalBot\Quarantine\14-03-2009-12-59-46 (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jerry\Application Data\MalwareRemovalBot\Quarantine\14-03-2009-12-59-46 (Rogue.MalwareRemovalBot) -> Files: 1018 -> Quarantined and deleted successfully.
C:\Documents and Settings\Jerry\Application Data\MalwareRemovalBot\Quarantine\14-03-2009-14-50-16 (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jerry\Application Data\MalwareRemovalBot\Settings (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.

Files Infected:
C:\Documents and Settings\Jerry\Application Data\MalwareRemovalBot\rs.dat (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jerry\Application Data\MalwareRemovalBot\Log\2009 Mar 15 - 10_19_48 AM_046.log (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jerry\Application Data\MalwareRemovalBot\Log\2009 Mar 15 - 10_22_15 AM_953.log (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jerry\Application Data\MalwareRemovalBot\Log\2009 Mar 15 - 10_31_12 AM_109.log (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jerry\Application Data\MalwareRemovalBot\Log\2009 Mar 15 - 10_35_48 AM_140.log (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jerry\Application Data\MalwareRemovalBot\Log\2009 Mar 15 - 10_35_51 AM_781.log (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jerry\Application Data\MalwareRemovalBot\Log\2009 Mar 15 - 10_40_36 AM_109.log (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jerry\Application Data\MalwareRemovalBot\Quarantine\14-03-2009-14-50-16\0.qit (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jerry\Application Data\MalwareRemovalBot\Quarantine\14-03-2009-14-50-16\0.qnf (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jerry\Application Data\MalwareRemovalBot\Quarantine\14-03-2009-14-50-16\1.qit (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jerry\Application Data\MalwareRemovalBot\Quarantine\14-03-2009-14-50-16\1.qnf (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.

#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,605 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:37 PM

Posted 15 March 2009 - 12:46 PM

Now rescan again with MBAM but this time perform a Full Scan in normal mode and check all items found for removal. Don't forgot to check for database definition updates through the program's interface (preferable way) before scanning and to reboot afterwards. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware. When done, click the Logs tab and copy/paste the contents of the new report in your next reply.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#9 Cougar68

Cougar68
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Clearwater Fl
  • Local time:03:37 PM

Posted 15 March 2009 - 02:42 PM

here it is

Malwarebytes' Anti-Malware 1.34
Database version: 1749
Windows 5.1.2600 Service Pack 3

3/15/2009 03:30:22 PM
mbam-log-2009-03-15 (15-30-22).txt

Scan type: Full Scan (C:\|)
Objects scanned: 132622
Time elapsed: 18 minute(s), 52 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#10 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,605 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:37 PM

Posted 15 March 2009 - 03:58 PM

How is your computer running now? Are there any more reports/signs of infection?
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#11 Cougar68

Cougar68
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Clearwater Fl
  • Local time:03:37 PM

Posted 15 March 2009 - 05:45 PM

I still have no interwork connection or sound I get "memory could not be read" I also get "Windows cannot start windows Firewall/Internet Connection Sharing(ICS) service.
networks connections folder is empty when I plug in the wireless USB i do see signal strengh in the systems tray

#12 Cougar68

Cougar68
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Clearwater Fl
  • Local time:03:37 PM

Posted 15 March 2009 - 09:02 PM

I will be on the road working and not be back till tursday night.
thank you for your help

#13 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,605 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:37 PM

Posted 15 March 2009 - 09:47 PM

To reset the Windows Firewall to the factory default state:
  • Click on Start > Run and type: firewall.cpl
  • Press OK.
  • Click the Advanced tab > Restore Defaults button.
  • Click Yes to continue when you see "Restoring the default settings will delete all settings of Windows Firewall that you have made since Windows was installed. This may cause some programs to stop working. Do you want to continue?"
To enable the Windows Firewall service:
  • Click on Start > Run and type: services.msc
  • Press OK.
  • Click the "Extended tab" at the bottom to view all the info on your services.
  • Scroll down the list and find the service called Windows Firewall/Internet Connection Sharing (ICS).
  • When you find the service, double-click on it or right-click and choose "Properties".
  • In the Properties Window > General Tab that opens, click the "Start" button.
  • From the drop-down menu next to "Startup Type", click on "Automatic".
Repeat the above instructions and ensure that each of the following are set to Automatic and Started:
  • Remote Procedure Call (RPC)
  • Network Connections
  • Windows Management Instrumentation
  • Security Center
Also see You cannot start the Windows Firewall service in Windows XP SP2.

Troubleshooting wireless network connection problems
Connection very low or no network - Windows cannot configure wireless connection
Troubleshooting Wireless Network Connections

"The memory could not be read" error message
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#14 Cougar68

Cougar68
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Clearwater Fl
  • Local time:03:37 PM

Posted 18 March 2009 - 10:21 PM

none of this helped when I try to turn on services i get "error 5:access is denied"
something took over admin rights. I am the only user and I no longer have admin rights

#15 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,605 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:37 PM

Posted 19 March 2009 - 09:11 AM

Please read the pinned topic titled "Preparation Guide For Use Before Posting A Hijackthis Log". If you cannot complete a step, then skip it and continue with the next. In Step 6 there are instructions for downloading and running DDS which will create a Pseudo HJT Report as part of its log.

When you have done that, post your log in the HijackThis Logs and Malware Removal forum, NOT here, for assistance by the HJT Team Experts. A member of the Team will walk you through, step by step, on how to clean your computer. If you post your log back in this thread, the response from the HJT Team will be delayed because your post will have to be moved. This means it will fall in line behind any others posted that same day.

Start a new topic, give it a relevant title and post your log along with a brief description of your problem, a summary of any anti-malware tools you have used and a summary of any steps that you have performed on your own. An expert will analyze your log and reply with instructions advising you what to fix. After doing this, we would appreciate if you post a link to your log back here so we know that your getting help from the HJT Team.

Please be patient. It may take a while to get a response because the HJT Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT "bump" your post or make another reply until it has been responded to by a member of the HJT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another HJT Team member is already assisting you and not open the thread to respond.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users