5:14 PM: Removal process completed. Elapsed time 00:00:19 5:14 PM: Warning: Virus infected file c:\vundofix backups\ljjigec.dll.bad not cleaned. 5:14 PM: Informational: File c:\vundofix backups\ljjigec.dll.bad still infected with virus Troj/Virtum-Gen after 20 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\ljjigec.dll.bad still infected with virus Troj/Virtum-Gen after 19 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\ljjigec.dll.bad still infected with virus Troj/Virtum-Gen after 18 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\ljjigec.dll.bad still infected with virus Troj/Virtum-Gen after 17 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\ljjigec.dll.bad still infected with virus Troj/Virtum-Gen after 16 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\ljjigec.dll.bad still infected with virus Troj/Virtum-Gen after 15 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\ljjigec.dll.bad still infected with virus Troj/Virtum-Gen after 14 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\ljjigec.dll.bad still infected with virus Troj/Virtum-Gen after 13 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\ljjigec.dll.bad still infected with virus Troj/Virtum-Gen after 12 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\ljjigec.dll.bad still infected with virus Troj/Virtum-Gen after 11 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\ljjigec.dll.bad still infected with virus Troj/Virtum-Gen after 10 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\ljjigec.dll.bad still infected with virus Troj/Virtum-Gen after 9 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\ljjigec.dll.bad still infected with virus Troj/Virtum-Gen after 8 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\ljjigec.dll.bad still infected with virus Troj/Virtum-Gen after 7 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\ljjigec.dll.bad still infected with virus Troj/Virtum-Gen after 6 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\ljjigec.dll.bad still infected with virus Troj/Virtum-Gen after 5 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\ljjigec.dll.bad still infected with virus Troj/Virtum-Gen after 4 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\ljjigec.dll.bad still infected with virus Troj/Virtum-Gen after 3 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\ljjigec.dll.bad still infected with virus Troj/Virtum-Gen after 2 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\ljjigec.dll.bad still infected with virus Troj/Virtum-Gen after 1 round of disinfection. 5:14 PM: Warning: Virus infected file c:\vundofix backups\mljghgh.dll.bad not cleaned. 5:14 PM: Informational: File c:\vundofix backups\mljghgh.dll.bad still infected with virus Troj/Virtum-Gen after 20 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\mljghgh.dll.bad still infected with virus Troj/Virtum-Gen after 19 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\mljghgh.dll.bad still infected with virus Troj/Virtum-Gen after 18 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\mljghgh.dll.bad still infected with virus Troj/Virtum-Gen after 17 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\mljghgh.dll.bad still infected with virus Troj/Virtum-Gen after 16 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\mljghgh.dll.bad still infected with virus Troj/Virtum-Gen after 15 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\mljghgh.dll.bad still infected with virus Troj/Virtum-Gen after 14 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\mljghgh.dll.bad still infected with virus Troj/Virtum-Gen after 13 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\mljghgh.dll.bad still infected with virus Troj/Virtum-Gen after 12 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\mljghgh.dll.bad still infected with virus Troj/Virtum-Gen after 11 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\mljghgh.dll.bad still infected with virus Troj/Virtum-Gen after 10 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\mljghgh.dll.bad still infected with virus Troj/Virtum-Gen after 9 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\mljghgh.dll.bad still infected with virus Troj/Virtum-Gen after 8 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\mljghgh.dll.bad still infected with virus Troj/Virtum-Gen after 7 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\mljghgh.dll.bad still infected with virus Troj/Virtum-Gen after 6 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\mljghgh.dll.bad still infected with virus Troj/Virtum-Gen after 5 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\mljghgh.dll.bad still infected with virus Troj/Virtum-Gen after 4 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\mljghgh.dll.bad still infected with virus Troj/Virtum-Gen after 3 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\mljghgh.dll.bad still infected with virus Troj/Virtum-Gen after 2 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\mljghgh.dll.bad still infected with virus Troj/Virtum-Gen after 1 round of disinfection. 5:14 PM: Warning: Virus infected file c:\vundofix backups\yayvtrq.dll.bad not cleaned. 5:14 PM: Informational: File c:\vundofix backups\yayvtrq.dll.bad still infected with virus Troj/Virtum-Gen after 20 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\yayvtrq.dll.bad still infected with virus Troj/Virtum-Gen after 19 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\yayvtrq.dll.bad still infected with virus Troj/Virtum-Gen after 18 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\yayvtrq.dll.bad still infected with virus Troj/Virtum-Gen after 17 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\yayvtrq.dll.bad still infected with virus Troj/Virtum-Gen after 16 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\yayvtrq.dll.bad still infected with virus Troj/Virtum-Gen after 15 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\yayvtrq.dll.bad still infected with virus Troj/Virtum-Gen after 14 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\yayvtrq.dll.bad still infected with virus Troj/Virtum-Gen after 13 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\yayvtrq.dll.bad still infected with virus Troj/Virtum-Gen after 12 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\yayvtrq.dll.bad still infected with virus Troj/Virtum-Gen after 11 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\yayvtrq.dll.bad still infected with virus Troj/Virtum-Gen after 10 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\yayvtrq.dll.bad still infected with virus Troj/Virtum-Gen after 9 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\yayvtrq.dll.bad still infected with virus Troj/Virtum-Gen after 8 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\yayvtrq.dll.bad still infected with virus Troj/Virtum-Gen after 7 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\yayvtrq.dll.bad still infected with virus Troj/Virtum-Gen after 6 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\yayvtrq.dll.bad still infected with virus Troj/Virtum-Gen after 5 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\yayvtrq.dll.bad still infected with virus Troj/Virtum-Gen after 4 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\yayvtrq.dll.bad still infected with virus Troj/Virtum-Gen after 3 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\yayvtrq.dll.bad still infected with virus Troj/Virtum-Gen after 2 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\yayvtrq.dll.bad still infected with virus Troj/Virtum-Gen after 1 round of disinfection. 5:14 PM: Warning: Virus infected file c:\vundofix backups\tvxyxoiq.dll.bad not cleaned. 5:14 PM: Informational: File c:\vundofix backups\tvxyxoiq.dll.bad still infected with virus Troj/Virtum-Gen after 20 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\tvxyxoiq.dll.bad still infected with virus Troj/Virtum-Gen after 20 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\tvxyxoiq.dll.bad still infected with virus Troj/Virtum-Gen after 19 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\tvxyxoiq.dll.bad still infected with virus Troj/Virtum-Gen after 19 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\tvxyxoiq.dll.bad still infected with virus Troj/Virtum-Gen after 18 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\tvxyxoiq.dll.bad still infected with virus Troj/Virtum-Gen after 18 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\tvxyxoiq.dll.bad still infected with virus Troj/Virtum-Gen after 17 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\tvxyxoiq.dll.bad still infected with virus Troj/Virtum-Gen after 17 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\tvxyxoiq.dll.bad still infected with virus Troj/Virtum-Gen after 16 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\tvxyxoiq.dll.bad still infected with virus Troj/Virtum-Gen after 16 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\tvxyxoiq.dll.bad still infected with virus Troj/Virtum-Gen after 15 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\tvxyxoiq.dll.bad still infected with virus Troj/Virtum-Gen after 15 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\tvxyxoiq.dll.bad still infected with virus Troj/Virtum-Gen after 14 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\tvxyxoiq.dll.bad still infected with virus Troj/Virtum-Gen after 14 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\tvxyxoiq.dll.bad still infected with virus Troj/Virtum-Gen after 13 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\tvxyxoiq.dll.bad still infected with virus Troj/Virtum-Gen after 13 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\tvxyxoiq.dll.bad still infected with virus Troj/Virtum-Gen after 12 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\tvxyxoiq.dll.bad still infected with virus Troj/Virtum-Gen after 12 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\tvxyxoiq.dll.bad still infected with virus Troj/Virtum-Gen after 11 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\tvxyxoiq.dll.bad still infected with virus Troj/Virtum-Gen after 11 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\tvxyxoiq.dll.bad still infected with virus Troj/Virtum-Gen after 10 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\tvxyxoiq.dll.bad still infected with virus Troj/Virtum-Gen after 10 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\tvxyxoiq.dll.bad still infected with virus Troj/Virtum-Gen after 9 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\tvxyxoiq.dll.bad still infected with virus Troj/Virtum-Gen after 9 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\tvxyxoiq.dll.bad still infected with virus Troj/Virtum-Gen after 8 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\tvxyxoiq.dll.bad still infected with virus Troj/Virtum-Gen after 8 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\tvxyxoiq.dll.bad still infected with virus Troj/Virtum-Gen after 7 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\tvxyxoiq.dll.bad still infected with virus Troj/Virtum-Gen after 7 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\tvxyxoiq.dll.bad still infected with virus Troj/Virtum-Gen after 6 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\tvxyxoiq.dll.bad still infected with virus Troj/Virtum-Gen after 6 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\tvxyxoiq.dll.bad still infected with virus Troj/Virtum-Gen after 5 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\tvxyxoiq.dll.bad still infected with virus Troj/Virtum-Gen after 5 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\tvxyxoiq.dll.bad still infected with virus Troj/Virtum-Gen after 4 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\tvxyxoiq.dll.bad still infected with virus Troj/Virtum-Gen after 4 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\tvxyxoiq.dll.bad still infected with virus Troj/Virtum-Gen after 3 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\tvxyxoiq.dll.bad still infected with virus Troj/Virtum-Gen after 3 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\tvxyxoiq.dll.bad still infected with virus Troj/Virtum-Gen after 2 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\tvxyxoiq.dll.bad still infected with virus Troj/Virtum-Gen after 2 rounds of disinfection. 5:14 PM: Informational: File c:\vundofix backups\tvxyxoiq.dll.bad still infected with virus Troj/Virtum-Gen after 1 round of disinfection. 5:14 PM: Informational: File c:\vundofix backups\tvxyxoiq.dll.bad still infected with virus Troj/Virtum-Gen after 1 round of disinfection. 5:14 PM: Quarantining All Traces: Troj/Virtum-Gen 5:14 PM: Warning: Virus infected file c:\qoobox\quarantine\c\windows\wvttrq.dll.vir not cleaned. 5:14 PM: Informational: File c:\qoobox\quarantine\c\windows\wvttrq.dll.vir still infected with virus Troj/Virtum-Gen after 20 rounds of disinfection. 5:14 PM: Informational: File c:\qoobox\quarantine\c\windows\wvttrq.dll.vir still infected with virus Mal/EncPk-BW after 20 rounds of disinfection. 5:14 PM: Informational: File c:\qoobox\quarantine\c\windows\wvttrq.dll.vir still infected with virus Troj/Virtum-Gen after 19 rounds of disinfection. 5:14 PM: Informational: File c:\qoobox\quarantine\c\windows\wvttrq.dll.vir still infected with virus Mal/EncPk-BW after 19 rounds of disinfection. 5:14 PM: Informational: File c:\qoobox\quarantine\c\windows\wvttrq.dll.vir still infected with virus Troj/Virtum-Gen after 18 rounds of disinfection. 5:14 PM: Informational: File c:\qoobox\quarantine\c\windows\wvttrq.dll.vir still infected with virus Mal/EncPk-BW after 18 rounds of disinfection. 5:14 PM: Informational: File c:\qoobox\quarantine\c\windows\wvttrq.dll.vir still infected with virus Troj/Virtum-Gen after 17 rounds of disinfection. 5:14 PM: Informational: File c:\qoobox\quarantine\c\windows\wvttrq.dll.vir still infected with virus Mal/EncPk-BW after 17 rounds of disinfection. 5:14 PM: Informational: File c:\qoobox\quarantine\c\windows\wvttrq.dll.vir still infected with virus Troj/Virtum-Gen after 16 rounds of disinfection. 5:14 PM: Informational: File c:\qoobox\quarantine\c\windows\wvttrq.dll.vir still infected with virus Mal/EncPk-BW after 16 rounds of disinfection. 5:14 PM: Informational: File c:\qoobox\quarantine\c\windows\wvttrq.dll.vir still infected with virus Troj/Virtum-Gen after 15 rounds of disinfection. 5:14 PM: Informational: File c:\qoobox\quarantine\c\windows\wvttrq.dll.vir still infected with virus Mal/EncPk-BW after 15 rounds of disinfection. 5:14 PM: Informational: File c:\qoobox\quarantine\c\windows\wvttrq.dll.vir still infected with virus Troj/Virtum-Gen after 14 rounds of disinfection. 5:14 PM: Informational: File c:\qoobox\quarantine\c\windows\wvttrq.dll.vir still infected with virus Mal/EncPk-BW after 14 rounds of disinfection. 5:14 PM: Informational: File c:\qoobox\quarantine\c\windows\wvttrq.dll.vir still infected with virus Troj/Virtum-Gen after 13 rounds of disinfection. 5:14 PM: Informational: File c:\qoobox\quarantine\c\windows\wvttrq.dll.vir still infected with virus Mal/EncPk-BW after 13 rounds of disinfection. 5:14 PM: Informational: File c:\qoobox\quarantine\c\windows\wvttrq.dll.vir still infected with virus Troj/Virtum-Gen after 12 rounds of disinfection. 5:14 PM: Informational: File c:\qoobox\quarantine\c\windows\wvttrq.dll.vir still infected with virus Mal/EncPk-BW after 12 rounds of disinfection. 5:14 PM: Informational: File c:\qoobox\quarantine\c\windows\wvttrq.dll.vir still infected with virus Troj/Virtum-Gen after 11 rounds of disinfection. 5:14 PM: Informational: File c:\qoobox\quarantine\c\windows\wvttrq.dll.vir still infected with virus Mal/EncPk-BW after 11 rounds of disinfection. 5:14 PM: Informational: File c:\qoobox\quarantine\c\windows\wvttrq.dll.vir still infected with virus Troj/Virtum-Gen after 10 rounds of disinfection. 5:14 PM: Informational: File c:\qoobox\quarantine\c\windows\wvttrq.dll.vir still infected with virus Mal/EncPk-BW after 10 rounds of disinfection. 5:14 PM: Informational: File c:\qoobox\quarantine\c\windows\wvttrq.dll.vir still infected with virus Troj/Virtum-Gen after 9 rounds of disinfection. 5:14 PM: Informational: File c:\qoobox\quarantine\c\windows\wvttrq.dll.vir still infected with virus Mal/EncPk-BW after 9 rounds of disinfection. 5:14 PM: Informational: File c:\qoobox\quarantine\c\windows\wvttrq.dll.vir still infected with virus Troj/Virtum-Gen after 8 rounds of disinfection. 5:14 PM: Informational: File c:\qoobox\quarantine\c\windows\wvttrq.dll.vir still infected with virus Mal/EncPk-BW after 8 rounds of disinfection. 5:14 PM: Informational: File c:\qoobox\quarantine\c\windows\wvttrq.dll.vir still infected with virus Troj/Virtum-Gen after 7 rounds of disinfection. 5:14 PM: Informational: File c:\qoobox\quarantine\c\windows\wvttrq.dll.vir still infected with virus Mal/EncPk-BW after 7 rounds of disinfection. 5:14 PM: Informational: File c:\qoobox\quarantine\c\windows\wvttrq.dll.vir still infected with virus Troj/Virtum-Gen after 6 rounds of disinfection. 5:14 PM: Informational: File c:\qoobox\quarantine\c\windows\wvttrq.dll.vir still infected with virus Mal/EncPk-BW after 6 rounds of disinfection. 5:14 PM: Informational: File c:\qoobox\quarantine\c\windows\wvttrq.dll.vir still infected with virus Troj/Virtum-Gen after 5 rounds of disinfection. 5:14 PM: Informational: File c:\qoobox\quarantine\c\windows\wvttrq.dll.vir still infected with virus Mal/EncPk-BW after 5 rounds of disinfection. 5:14 PM: Informational: File c:\qoobox\quarantine\c\windows\wvttrq.dll.vir still infected with virus Troj/Virtum-Gen after 4 rounds of disinfection. 5:14 PM: Informational: File c:\qoobox\quarantine\c\windows\wvttrq.dll.vir still infected with virus Mal/EncPk-BW after 4 rounds of disinfection. 5:14 PM: Informational: File c:\qoobox\quarantine\c\windows\wvttrq.dll.vir still infected with virus Troj/Virtum-Gen after 3 rounds of disinfection. 5:14 PM: Informational: File c:\qoobox\quarantine\c\windows\wvttrq.dll.vir still infected with virus Mal/EncPk-BW after 3 rounds of disinfection. 5:14 PM: Informational: File c:\qoobox\quarantine\c\windows\wvttrq.dll.vir still infected with virus Troj/Virtum-Gen after 2 rounds of disinfection. 5:14 PM: Informational: File c:\qoobox\quarantine\c\windows\wvttrq.dll.vir still infected with virus Mal/EncPk-BW after 2 rounds of disinfection. 5:14 PM: Informational: File c:\qoobox\quarantine\c\windows\wvttrq.dll.vir still infected with virus Troj/Virtum-Gen after 1 round of disinfection. 5:14 PM: Informational: File c:\qoobox\quarantine\c\windows\wvttrq.dll.vir still infected with virus Mal/EncPk-BW after 1 round of disinfection. 5:14 PM: Quarantining All Traces: Mal/EncPk-BW 5:14 PM: Removal process initiated 5:11 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie 3:04 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie 3:04 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie 3:04 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie 3:04 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie 2:58 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie 2:58 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie 2:46 PM: IE Tracking Cookies Shield: Removed pointroll cookie 2:46 PM: IE Tracking Cookies Shield: Removed pointroll cookie 2:46 PM: IE Tracking Cookies Shield: Removed pointroll cookie 1:59 PM: IE Tracking Cookies Shield: Removed adrevolver cookie 1:59 PM: IE Tracking Cookies Shield: Removed adrevolver cookie 1:57 PM: IE Tracking Cookies Shield: Removed specificclick.com cookie 1:56 PM: IE Tracking Cookies Shield: Removed specificclick.com cookie 1:56 PM: IE Tracking Cookies Shield: Removed specificclick.com cookie 1:56 PM: Warning: Unable to remove cookie c:\documents and settings\edward\cookies\edward@adopt.specificclick[1].txt 1:56 PM: IE Tracking Cookies Shield: Removed specificclick.com cookie 1:56 PM: IE Tracking Cookies Shield: Removed specificclick.com cookie 1:56 PM: IE Tracking Cookies Shield: Removed specificclick.com cookie 1:56 PM: IE Tracking Cookies Shield: Removed specificclick.com cookie 1:56 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie 1:56 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie 1:55 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie 1:55 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie 1:55 PM: IE Tracking Cookies Shield: Removed pointroll cookie 1:55 PM: IE Tracking Cookies Shield: Removed pointroll cookie 1:54 PM: ApplicationMinimized - EXIT 1:54 PM: ApplicationMinimized - ENTER 12:38 PM: Traces Found: 7 12:38 PM: Scheduled Sweep has completed. Elapsed time 00:38:24 12:38 PM: File Sweep Complete, Elapsed Time: 00:32:38 12:37 PM: Warning: SweepDirectories: Cannot find directory "d:". This directory was not added to the list of paths to be scanned. 12:37 PM: Warning: AntiVirus engine for IFO returned [Access Denied] on [c:\windows\system32\spool\printers\fp00001.shd] 12:37 PM: Warning: AntiVirus engine for IFO returned [Access Denied] on [c:\windows\system32\spool\printers\fp00001.spl] 12:37 PM: Warning: Failed to open file "c:\windows\system32\spool\printers\fp00001.shd". The operation completed successfully 12:37 PM: Warning: Failed to open file "c:\windows\system32\spool\printers\fp00001.spl". The operation completed successfully 12:36 PM: Warning: AntiVirus engine for IFO returned [Access Denied] on [c:\windows\softwaredistribution\datastore\datastore.edb] 12:34 PM: Warning: PerformFileOffsetMatch Failed to check file "c:\windows\system32\slide.exe". "c:\windows\system32\slide.exe": File not found 12:34 PM: Warning: AntiVirus engine for IFO returned [Access Denied] on [c:\documents and settings\edward\ntuser.dat] 12:34 PM: Warning: AntiVirus engine for IFO returned [Access Denied] on [c:\windows\system32\config\system] 12:34 PM: Warning: AntiVirus engine for IFO returned [Access Denied] on [c:\windows\system32\config\software] 12:34 PM: Warning: AntiVirus engine for IFO returned [Access Denied] on [c:\pagefile.sys] 12:25 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\documents and settings\edward\local settings\temporary internet files\content.ie5\8rrnh9z0\know_before_you_go[1].htm] Trace marked as Always Remove 12:16 PM: C:\QooBox\Quarantine\C\WINDOWS\wvttrq.dll.vir (ID = 0) 12:16 PM: C:\QooBox\Quarantine\C\WINDOWS\wvttrq.dll.vir (ID = 0) 12:16 PM: Found Mal/EncPk-BW: Mal/EncPk-BW 12:14 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\documents and settings\edward\local settings\temporary internet files\content.ie5\dtejbawd\default[1].htm] Trace marked as Always Remove 12:09 PM: C:\VundoFix Backups\tvxyxoiq.dll.bad (ID = 0) Trace marked as Always Remove 12:09 PM: C:\VundoFix Backups\tvxyxoiq.dll.bad (ID = 0) Trace marked as Always Remove 12:09 PM: C:\VundoFix Backups\yayvtrq.dll.bad (ID = 0) Trace marked as Always Remove 12:07 PM: C:\VundoFix Backups\mljghgh.dll.bad (ID = 0) Trace marked as Always Remove 12:06 PM: C:\VundoFix Backups\ljjigec.dll.bad (ID = 0) 12:06 PM: Threat marked as Always Remove 12:06 PM: Found Troj/Virtum-Gen: Troj/Virtum-Gen 12:06 PM: Warning: AntiVirus engine for IFO returned [Access Denied] on [c:\windows\system32\catroot2\tmp.edb] 12:05 PM: Starting File Sweep 12:05 PM: Warning: SweepDirectories: Cannot find directory "a:". This directory was not added to the list of paths to be scanned. 12:05 PM: Cookie Sweep Complete, Elapsed Time: 00:00:00 12:05 PM: Starting Cookie Sweep 12:05 PM: Registry Sweep Complete, Elapsed Time:00:00:34 12:05 PM: Starting Registry Sweep 12:05 PM: Memory Sweep Complete, Elapsed Time: 00:04:58 12:00 PM: Starting Memory Sweep 12:00 PM: Start Scheduled Sweep 12:00 PM: Sweep initiated using definitions version 1144 11:12 AM: Your definitions are up to date. 11:11 AM: Automated check for program update in progress. 10:55 AM: IE Tracking Cookies Shield: Removed specificclick.com cookie 10:55 AM: IE Tracking Cookies Shield: Removed specificclick.com cookie 10:55 AM: IE Tracking Cookies Shield: Removed specificclick.com cookie 10:55 AM: IE Tracking Cookies Shield: Removed specificclick.com cookie 10:55 AM: IE Tracking Cookies Shield: Removed specificclick.com cookie 10:55 AM: IE Tracking Cookies Shield: Removed specificclick.com cookie 10:55 AM: IE Tracking Cookies Shield: Removed specificclick.com cookie 10:55 AM: IE Tracking Cookies Shield: Removed yieldmanager cookie 10:55 AM: IE Tracking Cookies Shield: Removed yieldmanager cookie 10:55 AM: IE Tracking Cookies Shield: Removed yieldmanager cookie 10:55 AM: Warning: Unable to remove cookie c:\documents and settings\edward\cookies\edward@ad.yieldmanager[2].txt 10:55 AM: IE Tracking Cookies Shield: Removed yieldmanager cookie 10:55 AM: IE Tracking Cookies Shield: Removed yieldmanager cookie 10:11 AM: Your definitions are up to date. 10:11 AM: Automated check for program update in progress. 9:11 AM: IE Tracking Cookies Shield: Removed pointroll cookie 9:11 AM: IE Tracking Cookies Shield: Removed pointroll cookie 9:11 AM: IE Tracking Cookies Shield: Removed pointroll cookie 9:10 AM: Your virus definitions have been updated. 9:10 AM: Informational: Loaded AntiVirus Engine: 2.72.0; SDK Version: 4.28E; Virus Definitions: 5/3/2008 9:21:26 AM (GMT) 9:10 AM: Your definitions are up to date. 9:10 AM: Automated check for program update in progress. 8:42 AM: IE Tracking Cookies Shield: Removed pointroll cookie 8:42 AM: Warning: Unable to remove cookie c:\documents and settings\edward\cookies\edward@ads.pointroll[2].txt 8:42 AM: IE Tracking Cookies Shield: Removed pointroll cookie 8:42 AM: IE Tracking Cookies Shield: Removed pointroll cookie 8:42 AM: IE Tracking Cookies Shield: Removed adrevolver cookie 8:42 AM: IE Tracking Cookies Shield: Removed adrevolver cookie 8:08 AM: Your definitions are up to date. 8:08 AM: Automated check for program update in progress. 7:07 AM: Your definitions are up to date. 7:07 AM: Automated check for program update in progress. 6:06 AM: Your definitions are up to date. 6:06 AM: Automated check for program update in progress. 5:05 AM: Your definitions are up to date. 5:05 AM: Automated check for program update in progress. 4:04 AM: Your definitions are up to date. 4:04 AM: Automated check for program update in progress. Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\OverrideConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\FilteredConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\BasicConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\ForcedConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\AllocConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\BootConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\OverrideConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\FilteredConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\BasicConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\ForcedConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\AllocConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\BootConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\OverrideConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\FilteredConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\BasicConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\ForcedConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\AllocConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\BootConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\OverrideConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\FilteredConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\BasicConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\ForcedConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\AllocConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\BootConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\OverrideConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\FilteredConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\BasicConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\ForcedConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\AllocConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\BootConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\OverrideConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\FilteredConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\BasicConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\ForcedConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\AllocConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\BootConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\OverrideConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\FilteredConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\BasicConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\ForcedConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\AllocConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\BootConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\OverrideConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\FilteredConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\BasicConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\ForcedConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\AllocConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\BootConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\OverrideConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\FilteredConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\BasicConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\ForcedConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\AllocConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\BootConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\OverrideConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\FilteredConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\BasicConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\ForcedConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\AllocConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\BootConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\OverrideConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\FilteredConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\BasicConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\ForcedConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\AllocConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\BootConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\OverrideConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\FilteredConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\BasicConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\ForcedConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\AllocConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\BootConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\OverrideConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\FilteredConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\BasicConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\ForcedConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\AllocConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\BootConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\OverrideConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\FilteredConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\BasicConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\ForcedConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\AllocConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\BootConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\OverrideConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\FilteredConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\BasicConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\ForcedConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\AllocConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\BootConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\OverrideConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\FilteredConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\BasicConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\ForcedConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\AllocConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\BootConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\OverrideConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\FilteredConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\BasicConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\ForcedConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\AllocConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\BootConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\OverrideConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\FilteredConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\BasicConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\ForcedConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\AllocConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSIDRV\0000\LogConf\BootConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\OverrideConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\FilteredConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\BasicConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\ForcedConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\AllocConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\BootConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:07 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\OverrideConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:06 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\FilteredConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:06 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\BasicConfig Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:06 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\ForcedConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:06 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\AllocConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:06 AM: Tamper Detection Operation: Registry Access Target: \SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHRMD\0000\LogConf\BootConfigVector Source: C:\WINDOWS\SYSTEM32\SERVICES.EXE 3:06 AM: Tamper Detection 3:03 AM: Your definitions are up to date. 3:03 AM: Automated check for program update in progress. 2:52 AM: IE Tracking Cookies Shield: Removed adrevolver cookie 2:52 AM: IE Tracking Cookies Shield: Removed yieldmanager cookie 2:49 AM: IE Tracking Cookies Shield: Removed pointroll cookie 2:49 AM: IE Tracking Cookies Shield: Removed pointroll cookie 2:49 AM: IE Tracking Cookies Shield: Removed pointroll cookie 2:49 AM: IE Tracking Cookies Shield: Removed pointroll cookie 2:49 AM: Warning: Unable to remove cookie c:\documents and settings\edward\cookies\edward@ads.pointroll[2].txt 2:49 AM: IE Tracking Cookies Shield: Removed pointroll cookie 2:49 AM: IE Tracking Cookies Shield: Removed pointroll cookie 2:30 AM: IE Tracking Cookies Shield: Removed pointroll cookie 2:30 AM: IE Tracking Cookies Shield: Removed pointroll cookie 2:30 AM: IE Tracking Cookies Shield: Removed pointroll cookie 2:25 AM: IE Tracking Cookies Shield: Removed adultfriendfinder cookie 2:25 AM: IE Tracking Cookies Shield: Removed adultfriendfinder cookie 2:25 AM: IE Tracking Cookies Shield: Removed adultfriendfinder cookie 2:23 AM: IE Tracking Cookies Shield: Removed adrevolver cookie 2:23 AM: IE Tracking Cookies Shield: Removed adrevolver cookie 2:20 AM: The Internet Communication shield has blocked access to: 83.149.106.2 2:18 AM: IE Tracking Cookies Shield: Removed adultfriendfinder cookie 2:18 AM: IE Tracking Cookies Shield: Removed adultfriendfinder cookie 2:18 AM: IE Tracking Cookies Shield: Removed adultfriendfinder cookie 2:17 AM: IE Tracking Cookies Shield: Removed adultfriendfinder cookie 2:15 AM: IE Tracking Cookies Shield: Removed adultfriendfinder cookie 2:15 AM: IE Tracking Cookies Shield: Removed statcounter cookie 2:15 AM: IE Tracking Cookies Shield: Removed adultfriendfinder cookie 2:15 AM: IE Tracking Cookies Shield: Removed adultfriendfinder cookie 2:13 AM: IE Tracking Cookies Shield: Removed statcounter cookie 2:10 AM: IE Tracking Cookies Shield: Removed imlive.com cookie 2:08 AM: Warning: AntiVirus engine for IFO returned [File Corrupted] on [C:\DOCUMENTS AND SETTINGS\EDWARD\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\DTEJBAWD\MOVIE277[2].HTM] 2:05 AM: The Internet Communication shield has blocked access to: 83.149.106.2 2:05 AM: The Internet Communication shield has blocked access to: 83.149.106.2 2:03 AM: Your definitions are up to date. 2:03 AM: Automated check for program update in progress. 2:02 AM: IE Tracking Cookies Shield: Removed adultfriendfinder cookie 2:02 AM: IE Tracking Cookies Shield: Removed adultfriendfinder cookie 1:53 AM: IE Tracking Cookies Shield: Removed yieldmanager cookie 1:53 AM: IE Tracking Cookies Shield: Removed adrevolver cookie 1:53 AM: IE Tracking Cookies Shield: Removed yieldmanager cookie 1:53 AM: IE Tracking Cookies Shield: Removed yieldmanager cookie 1:53 AM: IE Tracking Cookies Shield: Removed adrevolver cookie 1:53 AM: IE Tracking Cookies Shield: Removed yieldmanager cookie Keylogger: On E-mail Attachment: On 1:50 AM: Informational: ShieldEmail: Start monitoring port 25 for mail activities 1:50 AM: Informational: ShieldEmail: Start monitoring port 110 for mail activities BHO Shield: On IE Security Shield: On Alternate Data Stream (ADS) Execution Shield: On Startup Shield: On Common Ad Sites: On Hosts File Shield: On Internet Communication Shield: On ActiveX Shield: On Windows Messenger Service Shield: On IE Favorites Shield: On File System Shield: On Execution Shield: On System Services Shield: On IE Hijack Shield: On IE Tracking Cookies Shield: On 1:49 AM: Shield States 1:49 AM: License Check Status (0): Success 1:49 AM: Spyware Definitions: 1144 1:49 AM: Informational: Loaded AntiVirus Engine: 2.72.0; SDK Version: 4.28E; Virus Definitions: 5/3/2008 1:15:12 AM (GMT) 1:48 AM: Spy Sweeper 5.5.1.3172 started 1:48 AM: Spy Sweeper 5.5.1.3172 started 1:48 AM: | Start of Session, Saturday, May 03, 2008 | ***************