| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 99483 | 2009-05-03 23:26:00 | HELP:Expert advice is required Please. Infected Big Time! | iammcb (14488) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 770831 | 2009-05-04 00:23:00 | Click these and click fix checked: R3 - URLSearchHook: DefaultSearchHook Class - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - (no file) ^Looks nasty O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O23 - Service: Windows Media Connect Service (WMConnectCDS) - Unknown owner - C:\Program Files\Windows Media Connect 2\wmccds.exe (file missing) Disable System Restore. Right Click My computer>Properties>system restore tab>tick "disable system restore on all drives" Then download MBAM, perform an update and scan. www.malwarebytes.org EDIT:Just saw your new post. Msconfig is fine, from the HJT log it is the LEGIT version of MSconfig... Blam |
Blam (54) | ||
| 770832 | 2009-05-04 00:29:00 | What would be easier is to just reinstall Windows. Save anything of value on to CD or another hard drive. Also I'd suggest you use an Anti-Virus and some form of Firewall. A spyware remover can't go a miss either, something like Ad-Aware or Spybot Search and Destroy. |
trinsic (6945) | ||
| 770833 | 2009-05-04 00:34:00 | okay bam thanks buddy done those 3 lines in hijack this turned off system restore in all drives im just installing malwarebtyes again from cd then i will update it and then i will be back to post the log. when its done. Ive got superantispyware free though and spyware blaster free please bear with me im on dial up:) |
iammcb (14488) | ||
| 770834 | 2009-05-04 01:23:00 | Okay here it is blam nothing was detected:) also im going to post you a log hopefully from comodo registry cleaner Its the unsafe entries that concern me. Ive deleted them all in the past It had dire consequences i was no longer able to access the help menu or msconfig I have not deleted any of the unsafe entries since then after the numourous recoverys I had to do. Malwarebytes' Anti-Malware 1.36 Database version: 2072 Windows 5.1.2600 Service Pack 2 4/05/2009 12:19:01 p.m. mbam-log-2009-05-04 (12-19-01).txt Scan type: Full Scan (C:\|D:\|) Objects scanned: 118906 Time elapsed: 17 minute(s), 9 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) |
iammcb (14488) | ||
| 770835 | 2009-05-04 01:31:00 | So what exactly are the problems your are experiencing? As it doesn't look like you have been infected by anything! Blam |
Blam (54) | ||
| 770836 | 2009-05-04 01:32:00 | Get trojan remover update it then scan. See what that picks up. Then select all options under utilities | Speedy Gonzales (78) | ||
| 770837 | 2009-05-04 02:05:00 | Cripes Ive been unable to find logs for unsafe entries in comodo registry cleaner i was unable to copy them either so i selected delete...shoot i was hoping that they would all show up in the log when i deleted them all i was wrong about that, they dont appear to be there. i can back them up though if system goes haywire again Now to speedy hi again Im downloading it as we speak thanks:) Should I have downloaded from one of those 7 bottom links? I picked the one right at the top which said download now. I got another silly question when do i start system restore back up? I have not shut down or restarted at all yet was i supposed to? Sorry guys for all the dopey questions I really thought that a squared hijack free was on to something when it said i was infected with all those worms and trojans [ 02.05.09 23:34:00 ] Starting Scan [ 02.05.09 23:34:28 ] Scan Finished [ 02.05.09 23:34:28 ] Found 478 errors. [ 02.05.09 23:35:00 ] Start Cleaning... [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\SharedDLLs (Value):"C:\\Program Files\\Common Files\\Java\\Update\\Base Images\\jre1.5.0.b64\\other.zip" = dword:00000001 [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110074983} (Value):"InstallSource" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110074983} (Value):"InstallSourceFile" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup\\betrapped-setup.exe" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700} (Value):"InstallSource" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700} (Value):"InstallSourceFile" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup\\Zuma_deluxe-setup.exe" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110113233} (Value):"InstallSource" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110113233} (Value):"InstallSourceFile" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup\\Book_Worm-Setup.exe" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11015843} (Value):"InstallSource" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11015843} (Value):"InstallSourceFile" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup\\ricochet_lost_worlds-setup.exe" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110160733} (Value):"InstallSource" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110160733} (Value):"InstallSourceFile" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup\\slingo-setup.exe" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110194827} (Value):"InstallSource" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110194827} (Value):"InstallSourceFile" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup\\jewelquest-setup.exe" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110245793} (Value):"InstallSource" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110245793} (Value):"InstallSourceFile" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup\\insaniquarium_deluxe-setup.exe" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110265407} (Value):"InstallSource" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110265407} (Value):"InstallSourceFile" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup\\bejeweled2-setup.exe" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123} (Value):"InstallSource" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123} (Value):"InstallSourceFile" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup\\bricks_of_egypt-setup.exe" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110313550} (Value):"InstallSource" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110313550} (Value):"InstallSourceFile" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup\\jigsaw365-setup.exe" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110353813} (Value):"InstallSource" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110353813} (Value):"InstallSourceFile" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup\\magic_ball_2-setup.exe" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110354527} (Value):"InstallSource" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110354527} (Value):"InstallSourceFile" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup\\chicken_rush-setup.exe" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110379827} (Value):"InstallSource" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110379827} (Value):"InstallSourceFile" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup\\wonderland_secretworlds-setup.exe" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110411970} (Value):"InstallSource" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110411970} (Value):"InstallSourceFile" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup\\chuzzle-setup.exe" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110422467} (Value):"InstallSource" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110422467} (Value):"InstallSourceFile" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup\\tiks_texas_holdem-setup.exe" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11050883} (Value):"InstallSource" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11050883} (Value):"InstallSourceFile" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup\\bricks_of_atlantis-setup.exe" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110521483} (Value):"InstallSource" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110521483} (Value):"InstallSourceFile" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup\\gem_shop-setup.exe" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11052313} (Value):"InstallSource" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11052313} (Value):"InstallSourceFile" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup\\magic_match_1hr-setup.exe" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110554843} (Value):"InstallSource" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110554843} (Value):"InstallSourceFile" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup\\Pat_Sajaks_Lucky_Letters-setup.exe" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111118433} (Value):"InstallSource" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111118433} (Value):"InstallSourceFile" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup\\Mystery_Huntsville-setup.exe" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111125700} (Value):"InstallSource" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111125700} (Value):"InstallSourceFile" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup\\Rainbow_Web-setup.exe" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111170320} (Value):"InstallSource" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111170320} (Value):"InstallSourceFile" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup\\7_Wonders-setup.exe" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111177437} (Value):"InstallSource" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111177437} (Value):"InstallSourceFile" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup\\Mahjong_Match-setup.exe" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11119430} (Value):"InstallSource" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11119430} (Value):"InstallSourceFile" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup\\Hexic-setup.exe" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111195760} (Value):"InstallSource" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111195760} (Value):"InstallSourceFile" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup\\mozaki_blocks-setup.exe" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750} (Value):"InstallSource" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750} (Value):"InstallSourceFile" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup\\Cake_Mania-setup.exe" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111200223} (Value):"InstallSource" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111200223} (Value):"InstallSourceFile" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup\\Poker_Superstars2-setup.exe" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111209113} (Value):"InstallSource" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111209113} (Value):"InstallSourceFile" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup\\Jewel_of_Atlantis-setup.exe" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-1112100} (Value):"InstallSource" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-1112100} (Value):"InstallSourceFile" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup\\Mosaic-setup.exe" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111232687} (Value):"InstallSource" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111232687} (Value):"InstallSourceFile" = "C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\2I942784\\Set up\\presetup\\Ocean_Express-setup.exe" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} (Value):"InstallSource" = "C:\\SWSETUP\\AllDotNet\\DotNet\\US\\" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38} (Value):"InstallSource" = "C:\\hp\\tmp\\src\\" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Uninstall\{E892011A-4DA1-415E-9AAD-5956ED628822} (Value):"InstallLocation" = "C:\\Program Files\\BitDefender\\Backup Engine\\" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\Folders (Value):"C:\\Program Files\\Common Files\\Java\\Update\\Base Images\\jre1.5.0.b64\\" = "" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\Folders (Value):"c:\\Program Files\\Norton Internet Security\\" = "" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\Folders (Value):"c:\\Program Files\\Norton Internet Security\\Norton AntiVirus\\Savrt\\" = "1" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\Folders (Value):"c:\\Documents and Settings\\Owner\\Application Data\\Microsoft\\Installer\\{6815FCDD-401D-481E-BA88-31B4754C2B46}\\" = "" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\Folders (Value):"c:\\Documents and Settings\\Owner\\Application Data\\Microsoft\\Installer\\" = "" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\Folders (Value):"c:\\Documents and Settings\\Owner\\Application Data\\Macromedia\\Shockwave Player\\xtras\\" = "1" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\Folders (Value):"c:\\Documents and Settings\\Owner\\Application Data\\Macromedia\\Shockwave Player\\" = "1" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\Folders (Value):"c:\\Documents and Settings\\Owner\\Application Data\\Macromedia\\" = "1" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\Folders (Value):"c:\\Documents and Settings\\Owner\\Application Data\\Macromedia\\Shockwave Player\\Prefs\\" = "1" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\Folders (Value):"c:\\Documents and Settings\\Owner\\Application Data\\Macromedia\\Shockwave Player\\dswMedia\\" = "1" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\Folders (Value):"c:\\Documents and Settings\\Owner\\Application Data\\Macromedia\\Shockwave Player\\xtras\\download\\" = "1" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\Folders (Value):"c:\\Documents and Settings\\Owner\\Application Data\\Macromedia\\Shockwave Player\\xtras\\download\\MacromediaInc\\" = "1" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\Folders (Value):"c:\\Documents and Settings\\Owner\\Application Data\\Macromedia\\Shockwave Player\\xtras\\download\\MacromediaInc\\MixService s\\" = "1" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\Folders (Value):"c:\\Documents and Settings\\Owner\\Application Data\\Macromedia\\Shockwave Player\\xtras\\download\\MacromediaInc\\MPEG3Impor tExport\\" = "1" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\Folders (Value):"c:\\Documents and Settings\\Owner\\Application Data\\Macromedia\\Shockwave Player\\xtras\\download\\MacromediaInc\\SoundImpor tExport\\" = "1" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\Folders (Value):"c:\\Documents and Settings\\Owner\\Application Data\\Macromedia\\Shockwave Player\\xtras\\download\\MacromediaInc\\SWAImportE xport\\" = "1" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\Folders (Value):"c:\\Documents and Settings\\Owner\\Application Data\\Macromedia\\Shockwave Player\\xtras\\download\\MacromediaInc\\XMLParser\ \" = "1" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\Folders (Value):"C:\\Program Files\\Adobe\\Acrobat 7.0\\ActiveX\\" = "" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\Folders (Value):"C:\\Program Files\\Hewlett-Packard\\Easy Internet signup\\FrontEnd\\" = "1" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\Folders (Value):"C:\\Program Files\\Hewlett-Packard\\Easy Internet signup\\FrontEnd\\en_sg\\" = "1" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\Folders (Value):"C:\\Program Files\\Hewlett-Packard\\Easy Internet signup\\FrontEnd\\en_sg\\ui\\" = "1" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\Folders (Value):"C:\\Program Files\\Hewlett-Packard\\Easy Internet signup\\Frontend\\en_au\\" = "1" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\Folders (Value):"C:\\Program Files\\Hewlett-Packard\\Easy Internet signup\\Frontend\\en_au\\ui\\" = "1" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\Folders (Value):"C:\\Program Files\\Hewlett-Packard\\Easy Internet signup\\FrontEnd\\nl\\" = "1" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\Folders (Value):"C:\\Program Files\\Hewlett-Packard\\Easy Internet signup\\FrontEnd\\nl\\ui\\" = "1" [ 02.05.09 23:35:02 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\Folders (Value):"C:\\Program Files\\Hewlett-Packard\\Easy Internet signup\\FrontEnd\\fr\\" = "1" [ 02.05.09 23:35:03 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\Folders (Value):"C:\\Program Files\\Hewlett-Packard\\Easy Internet signup\\FrontEnd\\fr\\ui\\" = "1" [ 02.05.09 23:35:03 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\Folders (Value):"C:\\Program Files\\Hewlett-Packard\\Easy Internet signup\\FrontEnd\\de\\" = "1" [ 02.05.09 23:35:03 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\Folders (Value):"C:\\Program Files\\Hewlett-Packard\\Easy Internet signup\\FrontEnd\\de\\ui\\" = "1" [ 02.05.09 23:35:03 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\Folders (Value):"C:\\Program Files\\Hewlett-Packard\\Easy Internet signup\\FrontEnd\\es_mx\\" = "1" [ 02.05.09 23:35:03 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\Folders (Value):"C:\\Program Files\\Hewlett-Packard\\Easy Internet signup\\FrontEnd\\es_mx\\ui\\" = "1" [ 02.05.09 23:35:03 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\Folders (Value):"C:\\Program Files\\Hewlett-Packard\\Easy Internet signup\\FrontEnd\\en_gb\\" = "1" [ 02.05.09 23:35:03 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\Folders (Value):"C:\\Program Files\\Hewlett-Packard\\Easy Internet signup\\FrontEnd\\en_gb\\ui\\" = "1" [ 02.05.09 23:35:03 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\Folders (Value):"C:\\Program Files\\Hewlett-Packard\\Easy Internet Signup\\FrontEnd\\fr_ca\\" = "1" [ 02.05.09 23:35:03 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\Folders (Value):"C:\\Program Files\\Hewlett-Packard\\Easy Internet Signup\\FrontEnd\\fr_ca\\ui\\" = "1" [ 02.05.09 23:35:03 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\Folders (Value):"C:\\Program Files\\Hewlett-Packard\\Easy Internet signup\\FrontEnd\\en_sg\\ui\\content\\" = "" [ 02.05.09 23:35:03 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\Folders (Value):"C:\\Program Files\\Hewlett-Packard\\Easy Internet signup\\Frontend\\en_au\\ui\\content\\" = "" [ 02.05.09 23:35:03 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\Folders (Value):"C:\\Program Files\\Hewlett-Packard\\Easy Internet signup\\FrontEnd\\nl\\ui\\content\\" = "" [ 02.05.09 23:35:03 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\Folders (Value):"C:\\Program Files\\Hewlett-Packard\\Easy Internet signup\\FrontEnd\\fr\\ui\\content\\" = "" [ 02.05.09 23:35:03 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\Folders (Value):"C:\\Program Files\\Hewlett-Packard\\Easy Internet signup\\FrontEnd\\de\\ui\\content\\" = "" [ 02.05.09 23:35:03 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\Folders (Value):"C:\\Program Files\\Hewlett-Packard\\Easy Internet signup\\FrontEnd\\es_mx\\ui\\content\\" = "" [ 02.05.09 23:35:03 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\Folders (Value):"C:\\Program Files\\Hewlett-Packard\\Easy Internet signup\\FrontEnd\\en_gb\\ui\\content\\" = "" [ 02.05.09 23:35:03 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\Folders (Value):"C:\\Program Files\\Hewlett-Packard\\Easy Internet Signup\\FrontEnd\\fr_ca\\ui\\content\\" = "" [ 02.05.09 23:35:03 ] <CLEAN> (Key):HKEY_CLASSES_ROOT\MIME\Database\Content Type\application/set-payment-initiation (Value):"Extension" = ".setpay" [ 02.05.09 23:35:03 ] <CLEAN> (Key):HKEY_CLASSES_ROOT\MIME\Database\Content Type\application/set-registration-initiation (Value):"Extension" = ".setreg" [ 02.05.09 23:35:03 ] <CLEAN> (Key):HKEY_CLASSES_ROOT\MIME\Database\Content Type\application/x-mix-transfer (Value):"Extension" = ".nix" [ 02.05.09 23:35:03 ] <CLEAN> (Key):HKEY_CLASSES_ROOT\msbackupfile (Value):"FriendlyTypeName" = hex(2):40,00,25,00,53,00,79,00,73,00,74,00,65,00,6 d,00,52,00,6f,00,6f,00,74,00,25,00,5c,00,53,00,79, 00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,6e,00 ,74,00,62,00,61,00,63,00,6b,00,75,00,70,00,2e,00,6 5,00,78,00,65,00,2c,00,2d,00,34,00,30,00,00,00 [ 02.05.09 23:35:03 ] <CLEAN> (Key):HKEY_CLASSES_ROOT\CLSID\{05DFFA9C-A480-4ef2-A601-B66C625CE955} (Value):"AppID" = "{DFBF6E48-5D65-4C3A-BBDA-5871CAFED233}" [ 02.05.09 23:35:04 ] <CLEAN> (Key):HKEY_CLASSES_ROOT\CLSID\{2B6AA70F-492C-4ca4-B8FD-5499F1AB4295} (Value):"AppID" = "{DFBF6E48-5D65-4C3A-BBDA-5871CAFED233}" [ 02.05.09 23:35:04 ] <CLEAN> (Key):HKEY_CLASSES_ROOT\CLSID\{57787927-8B56-4e73-A2BB-5FC76872CDA0} (Value):"AppID" = "{DFBF6E48-5D65-4C3A-BBDA-5871CAFED233}" [ 02.05.09 23:35:04 ] <CLEAN> (Key):HKEY_CLASSES_ROOT\CLSID\{6BC09692-0CE6-11D1-BAAE-00C04FC2E20D} (Value):"AppID" = "{A5CEB593-CCC3-486B-AB91-9C5C5ED4C9E1}" [ 02.05.09 23:35:04 ] <CLEAN> (Key):HKEY_CLASSES_ROOT\CLSID\{6BC09693-0CE6-11D1-BAAE-00C04FC2E20D} (Value):"AppID" = "{A5CEB593-CCC3-486B-AB91-9C5C5ED4C9E1}" [ 02.05.09 23:35:04 ] <CLEAN> (Key):HKEY_CLASSES_ROOT\CLSID\{6BC096C4-0CE6-11D1-BAAE-00C04FC2E20D} (Value):"AppID" = "{A5CEB593-CCC3-486B-AB91-9C5C5ED4C9E1}" [ 02.05.09 23:35:05 ] <CLEAN> (Key):HKEY_CLASSES_ROOT\CLSID\{b5f8350b-0548-48b1-a6ee-88bd00b4a5e7} (Value):"AppID" = "{667524BE-9EC0-4196-91C9-C6ED1F7A899D}" [ 02.05.09 23:35:05 ] <CLEAN> (Key):HKEY_CLASSES_ROOT\CLSID\{F528D853-EAE1-43a0-BD76-546B102BC0AC} (Value):"AppID" = "{DFBF6E48-5D65-4C3A-BBDA-5871CAFED233}" [ 02.05.09 23:35:05 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\Help (Value):"en.hlp" = "C:\\WINDOWS\\ime\\Shared\\imepad" [ 02.05.09 23:35:06 ] <CLEAN> (Key):HKEY_CURRENT_USER\Software\DivXNetworks\DivX 4Windows (Value):"Nth Pass debug file name" = "c:\\newrc.txt" [ 02.05.09 23:35:06 ] <CLEAN> (Key):HKEY_CURRENT_USER\Software\DivXNetworks\DivX 4Windows (Value):"Log File Name" = "c:\\divx.log" [ 02.05.09 23:35:06 ] <CLEAN> (Key):HKEY_CURRENT_USER\Software\DivXNetworks\DivX 4Windows (Value):"MP4 File Name" = "c:\\test.divx" [ 02.05.09 23:35:06 ] <CLEAN> (Key):HKEY_CURRENT_USER\Software\DivXNetworks\DivX 4Windows (Value):"YUV Dir Name" = "c:\\yuv" [ 02.05.09 23:35:06 ] <CLEAN> (Key):HKEY_CURRENT_USER\Software\DivXNetworks\DivX 4Windows (Value):"MV File Name" = "c:\\mvinfo.bin" [ 02.05.09 23:35:06 ] <CLEAN> (Key):HKEY_CURRENT_USER\Software\Hewlett-Packard\HP Quick Launch Buttons\Cons\Picture\HP Photosmart (Value):"Assignment" = "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqthb08.exe" [ 02.05.09 23:35:06 ] <CLEAN> (Key):HKEY_CURRENT_USER\Software\Hewlett-Packard\HP Quick Launch Buttons\Cons\Picture\My Picture (Value):"Assignment" = "C:\\Documents and Settings\\Owner\\My Documents\\My Pictures" [ 02.05.09 23:35:06 ] <CLEAN> (Key):HKEY_CURRENT_USER\Software\Macromedia\Shockw ave 10\preffileloc (Value):"" = "C:\\Documents and Settings\\Owner\\Application Data\\Macromedia\\Shockwave Player\\Prefs\\D7BC8F83\\" [ 02.05.09 23:35:06 ] <CLEAN> (Key):HKEY_CURRENT_USER\Software\Microsoft\Interne t Explorer\Main (Value):"Local Page" = "C:\\WINDOWS\\system32\\blank.htm" [ 02.05.09 23:35:06 ] <CLEAN> (Key):HKEY_CURRENT_USER\Software\Microsoft\WAB\WAB 4\Wab File Name (Value):"" = "C:\\Documents and Settings\\Owner\\Application Data\\Microsoft\\Address Book\\Owner.wab" [ 02.05.09 23:35:06 ] <CLEAN> (Key):HKEY_CURRENT_USER\Software\Microsoft\Windows \CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\* (Value):"e" = "C:\\Documents and Settings\\Marina\\PROTECTION\\Ad-AwareAE.exe" [ 02.05.09 23:35:06 ] <CLEAN> (Key):HKEY_CURRENT_USER\Software\Microsoft\Windows \CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\exe (Value):"e" = "C:\\Documents and Settings\\Marina\\PROTECTION\\Ad-AwareAE.exe" [ 02.05.09 23:35:06 ] <CLEAN> (Key):HKEY_CURRENT_USER\Software\Microsoft\Windows \CurrentVersion\Explorer\Shell Folders (Value):"Local Settings" = "C:\\Documents and Settings\\Owner\\Local Settings" [ 02.05.09 23:35:06 ] <CLEAN> (Key):HKEY_CURRENT_USER\Software\Microsoft\Windows Media\WMSDK\Namespace (Value):"LocalBase" = "C:\\Documents and Settings\\Owner\\Local Settings\\Application Data\\Microsoft\\Windows Media\\10.0\\WMSDKNS.XML" [ 02.05.09 23:35:06 ] <CLEAN> (Key):HKEY_CURRENT_USER\Software\Microsoft\Windows Media\WMSDK\Namespace (Value):"DTDFile" = "C:\\Documents and Settings\\Owner\\Local Settings\\Application Data\\Microsoft\\Windows Media\\10.0\\WMSDKNS.DTD" [ 02.05.09 23:35:06 ] <CLEAN> (Key):HKEY_CURRENT_USER\Software\Microsoft\Windows Media\WMSDK\Namespace (Value):"LocalDelta" = "C:\\Documents and Settings\\Owner\\Local Settings\\Application Data\\Microsoft\\Windows Media\\10.0\\WMSDKNSD.XML" [ 02.05.09 23:35:06 ] <CLEAN> (Key):HKEY_CURRENT_USER\Software\Microsoft\Windows Media\WMSDK\Namespace (Value):"RemoteDelta" = "C:\\Documents and Settings\\Owner\\Local Settings\\Application Data\\Microsoft\\Windows Media\\10.0\\WMSDKNSR.XML" [ 02.05.09 23:35:06 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\BitDefender\BitD efender Total Security 2009\12.0.10.1 (Value):"" = "C:\\DOCUME~1\\Marina\\LOCALS~1\\Temp\\IXP000.TMP\\" [ 02.05.09 23:35:06 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Clients\JavaVM\M SJavaVM\InstallInfo (Value):"VerifyFile" = hex(2):25,00,73,00,79,00,73,00,74,00,65,00,6d,00,7 2,00,6f,00,6f,00,74,00,25,00,5c,00,73,00,79,00,73, 00,74,00,65,00,6d,00,33,00,32,00,5c,00,6d,00,73,00 ,6a,00,61,00,76,00,61,00,2e,00,64,00,6c,00,6c,00,0 0,00 [ 02.05.09 23:35:06 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\DivXNetworks\Art work\7B63B2922B174135AFC0E1377DD81EC2 (Value):"xmlPath" = "C:\\Program Files\\DivX\\Artwork\\Artwork-1.0.xml" [ 02.05.09 23:35:06 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\DivXNetworks\Art work\8ADFC4160D694100B5B8A22DE9DCABD9 (Value):"xmlPath" = "C:\\Program Files\\DivX\\Artwork\\Artwork-1.0.xml" [ 02.05.09 23:35:06 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\DivXNetworks\Aut oUpdate\18D10072035C4515918F7E37EAFAACFC (Value):"xmlPath" = "C:\\Program Files\\DivX\\AutoUpdate\\AutoUpdate-1.0.xml" [ 02.05.09 23:35:06 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\DivXNetworks\Aut oUpdate\62369F2F77534556AEF4C58152E3BDE5 (Value):"xmlPath" = "C:\\Program Files\\DivX\\AutoUpdate\\AutoUpdate-1.0.xml" [ 02.05.09 23:35:06 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\DivXNetworks\Aut oUpdate\7B63B2922B174135AFC0E1377DD81EC2 (Value):"xmlPath" = "C:\\Program Files\\DivX\\AutoUpdate\\AutoUpdate-1.0.xml" [ 02.05.09 23:35:06 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\DivXNetworks\Aut oUpdate\8ADFC4160D694100B5B8A22DE9DCABD9 (Value):"xmlPath" = "C:\\Program Files\\DivX\\AutoUpdate\\AutoUpdate-1.0.xml" [ 02.05.09 23:35:06 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Hewlett-Packard\DigitalImaging (Value):"LeadToolsPath" = "c:\\Program Files\\Common Files\\HP\\Digital Imaging\\LeadTools" [ 02.05.09 23:35:06 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Hewlett-Packard\HP Quick Launch Buttons\Schemes\Default\8547 (Value):"Assignment" = "C:\\WINDOWS\\system32\\tabletpc.cpl" [ 02.05.09 23:35:06 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Hewlett-Packard\Organize\LocalApps\EIS (Value):"LaunchParameter" = "/App "C:\\Program Files\\Hewlett-Packard\\Easy Internet signup\\StartEIS.aml"" [ 02.05.09 23:35:06 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Hewlett-Packard\Organize\LocalApps\EIS (Value):"LaunchIcon" = "C:\\Program Files\\Hewlett-Packard\\Easy Internet signup\\32_32.ico" [ 02.05.09 23:35:06 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup (Value):"JITSetupPage" = "file://C:\\WINDOWS\\web\\iejit.htm" [ 02.05.09 23:35:06 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Advanc ed INF Setup\IEHomePageInfo (Value):"BackupFileName" = "C:\\Program Files\\Uninstall Information\\IEHomePageInfo\\IEHomePageInfo.DAT" [ 02.05.09 23:35:06 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Advanc ed INF Setup\IEHomePageInfo (Value):"BackupPath" = "C:\\Program Files\\Uninstall Information\\IEHomePageInfo" [ 02.05.09 23:35:06 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\COM3\S etup (Value):"Source Path" = "C:\\$WIN_NT$.~LS" [ 02.05.09 23:35:06 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Intern et Explorer\Main (Value):"Local Page" = hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,5 2,00,6f,00,6f,00,74,00,25,00,5c,00,73,00,79,00,73, 00,74,00,65,00,6d,00,33,00,32,00,5c,00,62,00,6c,00 ,61,00,6e,00,6b,00,2e,00,68,00,74,00,6d,00,00,00 [ 02.05.09 23:35:06 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\MediaP layer (Value):"MetadataTemplatesDir" = "C:\\Program Files\\Windows Media Player\\Templates" [ 02.05.09 23:35:06 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Micros oft Interactive Training (Value):"MediaPath" = "c:\\appl.zip\\SBSI\\PER\\content\\" [ 02.05.09 23:35:06 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\MSDTC\ Setup (Value):"Source Path" = "C:\\$WIN_NT$.~LS" [ 02.05.09 23:35:06 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Multim edia\MPlayer2\Groups\Video\DVR-MS (Value):"RequiredFile" = "C:\\WINDOWS\\system32\\enable.dvd" [ 02.05.09 23:35:06 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Multim edia\WMPlayer\Groups\Video\DVD (Value):"RequiredFile" = "C:\\WINDOWS\\system32\\enable.dvd" [ 02.05.09 23:35:06 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Multim edia\WMPlayer\Groups\Video\DVR-MS (Value):"RequiredFile" = "C:\\WINDOWS\\system32\\enable.dvd" [ 02.05.09 23:35:06 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk (Value):"path" = "C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Adobe Reader Speed Launch.lnk" [ 02.05.09 23:35:07 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk (Value):"command" = "C:\\PROGRA~1\\Adobe\\ACROBA~1.0\\Reader\\READER~1. EXE " [ 02.05.09 23:35:07 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Photosmart Premier Fast Start.lnk (Value):"path" = "C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\HP Photosmart Premier Fast Start.lnk" [ 02.05.09 23:35:07 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Photosmart Premier Fast Start.lnk (Value):"command" = "C:\\PROGRA~1\\HP\\DIGITA~1\\bin\\hpqthb08.exe -s" [ 02.05.09 23:35:07 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Shared Tools\MSConfig\startupreg\ccApp (Value):"command" = "" c:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe"" [ 02.05.09 23:35:07 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Shared Tools\MSConfig\startupreg\hpWirelessAssistant (Value):"command" = "C:\\Program Files\\hpq\\HP Wireless Assistant\\HP Wireless Assistant.exe" [ 02.05.09 23:35:07 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Shared Tools\MSConfig\startupreg\IS CfgWiz (Value):"command" = "c:\\Program Files\\Norton Internet Security\\cfgwiz.exe /GUID {F073BDC9-0D67-4ff0-879E-27241C843828} /MODE CfgWiz /CMDLINE "REBOOT"" [ 02.05.09 23:35:07 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Shared Tools\MSConfig\startupreg\SSC_UserPrompt (Value):"command" = "" c:\\Program Files\\Common Files\\Symantec Shared\\Security Center\\UsrPrmpt.exe"" [ 02.05.09 23:35:07 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched (Value):"command" = "C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe" [ 02.05.09 23:35:07 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Transa ction Server\Setup(OCM) (Value):"Source Path" = "C:\\$WIN_NT$.~LS" [ 02.05.09 23:35:07 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Applets\DeluxeCD\Providers\Provid er0000 (Value):"ProviderLogo" = hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,5 2,00,6f,00,6f,00,74,00,25,00,5c,00,53,00,79,00,73, 00,74,00,65,00,6d,00,33,00,32,00,5c,00,74,00,75,00 ,6e,00,65,00,73,00,2e,00,62,00,6d,00,70,00,00,00 [ 02.05.09 23:35:07 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Applets\DeluxeCD\Providers\Provid er0001 (Value):"ProviderLogo" = hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,5 2,00,6f,00,6f,00,74,00,25,00,5c,00,53,00,79,00,73, 00,74,00,65,00,6d,00,33,00,32,00,5c,00,6e,00,32,00 ,6b,00,2e,00,62,00,6d,00,70,00,00,00 [ 02.05.09 23:35:07 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Control Panel\Cpls (Value):"Windows Media Connect" = "C:\\Program Files\\Windows Media Connect 2\\wmccpl.dll" [ 02.05.09 23:35:07 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Explorer\DocFolderPaths (Value):"Owner" = "C:\\Documents and Settings\\Owner\\My Documents" [ 02.05.09 23:35:07 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Explorer\MyComputer\DefragPath (Value):"" = hex(2):25,00,73,00,79,00,73,00,74,00,65,00,6d,00,7 2,00,6f,00,6f,00,74,00,25,00,5c,00,73,00,79,00,73, 00,74,00,65,00,6d,00,33,00,32,00,5c,00,64,00,66,00 ,72,00,67,00,2e,00,6d,00,73,00,63,00,20,00,25,00,6 3,00,3a,00,00,00 [ 02.05.09 23:35:07 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Explorer\VolumeCaches\Active Setup Temp Folders (Value):"Folder" = "C:\\WINDOWS\\msdownld.tmp|?:\\msdownld.tmp" [ 02.05.09 23:35:07 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Explorer\WebView\TemplateMacros\B ACKGROUNDIMAGE (Value):"" = hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,5 2,00,6f,00,6f,00,74,00,25,00,5c,00,57,00,65,00,62, 00,5c,00,77,00,76,00,6c,00,65,00,66,00,74,00,2e,00 ,62,00,6d,00,70,00,00,00 [ 02.05.09 23:35:07 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Explorer\WebView\TemplateMacros\L OGOLINE (Value):"" = hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,5 2,00,6f,00,6f,00,74,00,25,00,5c,00,57,00,65,00,62, 00,5c,00,77,00,76,00,6c,00,69,00,6e,00,65,00,2e,00 ,67,00,69,00,66,00,00,00 [ 02.05.09 23:35:07 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDD2C94427B0F5848A538A16A91CEB64 (Value):"00000000000000000000000000000000" = "C:\\Documents and Settings\\Owner\\Local Settings\\Application Data\\Microsoft\\Works\\Portfolio\\wsbsamp.wsb" [ 02.05.09 23:35:07 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\UserData\S-1-5-18\Products\6AB815BD47BC6BE4A9DB88B0D6E6F183\Insta llProperties (Value):"InstallSource" = "C:\\hp\\tmp\\src\\" [ 02.05.09 23:35:07 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\UserData\S-1-5-18\Products\A110298E1AD4E514A9DA9565DE268822\Insta llProperties (Value):"InstallLocation" = "C:\\Program Files\\BitDefender\\Backup Engine\\" [ 02.05.09 23:35:07 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\UserData\S-1-5-18\Products\DDE7F2BCF1D91C3409CFF425AE1E271A\Insta llProperties (Value):"InstallSource" = "C:\\SWSETUP\\AllDotNet\\DotNet\\US\\" [ 02.05.09 23:35:07 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Internet Settings\Url History (Value):"Directory" = hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,5 2,00,6f,00,6f,00,74,00,25,00,5c,00,48,00,69,00,73, 00,74,00,6f,00,72,00,79,00,00,00 [ 02.05.09 23:35:07 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Setup (Value):"ServicePackCachePath" = "c:\\windows\\ServicePackFiles\\ServicePackCache" [ 02.05.09 23:35:07 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\SMDEn (Value):"OEM1" = "C:\\Documents and Settings\\All Users\\Desktop\\Easy Internet Sign-up.lnk" [ 02.05.09 23:35:07 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Symantec (Value):"Instopts" = "c:\\WINDOWS\\system32\\instopts.dat" [ 02.05.09 23:35:07 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Synaptics\SynTPP lugIns\SynTP (Value):"Start" = "C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh /RegPlugIn" [ 02.05.09 23:35:08 ] Created backup file C:\Program Files\COMODO\Registry Cleaner\Backup\02-05-09_23-35-02.reg [ 02.05.09 23:35:08 ] Finished Clean! [ 02.05.09 23:35:08 ] Removed 346 errors [ 02.05.09 21:06:37 ] Starting Scan [ 02.05.09 21:07:22 ] Scan Finished [ 02.05.09 21:07:22 ] Found 162 errors. [ 02.05.09 21:07:49 ] Start Cleaning... [ 02.05.09 21:07:49 ] <CLEAN> (Key):HKEY_CLASSES_ROOT\MIME\Database\Content Type\application/x-mix-transfer (Value):"Extension" = ".nix" [ 02.05.09 21:07:49 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup (Value):"JITSetupPage" = "file://C:\\WINDOWS\\web\\iejit.htm" [ 02.05.09 21:07:49 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Advanc ed INF Setup\IE UserData NT (Value):"BackupFileName" = "C:\\Program Files\\Uninstall Information\\IE UserData NT\\IE UserData NT.DAT" [ 02.05.09 21:07:49 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Advanc ed INF Setup\IE UserData NT (Value):"BackupPath" = "C:\\Program Files\\Uninstall Information\\IE UserData NT" [ 02.05.09 21:07:49 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Advanc ed INF Setup\IE.HKCUZoneInfo (Value):"BackupFileName" = "C:\\Program Files\\Uninstall Information\\IE.HKCUZoneInfo\\IE.HKCUZoneInfo.DAT" [ 02.05.09 21:07:49 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Advanc ed INF Setup\IE.HKCUZoneInfo (Value):"BackupPath" = "C:\\Program Files\\Uninstall Information\\IE.HKCUZoneInfo" [ 02.05.09 21:07:49 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Advanc ed INF Setup\IE.HKCUZoneInfo (Value):"InstallINFFile" = "C:\\DOCUME~1\\Marina\\LOCALS~1\\Temp\\RGI2.tmp" [ 02.05.09 21:07:49 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Advanc ed INF Setup\IE40.UserAgent (Value):"BackupFileName" = "C:\\Program Files\\Uninstall Information\\IE40.UserAgent\\IE40.UserAgent.DAT" [ 02.05.09 21:07:50 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Advanc ed INF Setup\IE40.UserAgent (Value):"BackupPath" = "C:\\Program Files\\Uninstall Information\\IE40.UserAgent" [ 02.05.09 21:07:50 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Advanc ed INF Setup\IE40.UserAgent (Value):"InstallINFFile" = "C:\\DOCUME~1\\Marina\\LOCALS~1\\Temp\\RGI1.tmp" [ 02.05.09 21:07:50 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Explorer\VolumeCaches\Active Setup Temp Folders (Value):"Folder" = "C:\\WINDOWS\\msdownld.tmp|?:\\msdownld.tmp" [ 02.05.09 21:07:50 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Internet Settings\Url History (Value):"Directory" = "C:\\WINDOWS\\History" [ 02.05.09 21:07:50 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Setup (Value):"ServicePackCachePath" = "c:\\windows\\ServicePackFiles\\ServicePackCache" [ 02.05.09 21:07:50 ] Created backup file C:\Program Files\COMODO\Registry Cleaner\Backup\02-05-09_21-07-49.reg [ 02.05.09 21:07:50 ] Finished Clean! [ 02.05.09 21:07:50 ] Removed 30 errors [ 02.05.09 23:50:39 ] Starting Scan [ 02.05.09 23:51:16 ] Scan Finished [ 02.05.09 23:51:16 ] Found 132 errors. [ 02.05.09 23:51:20 ] Start Cleaning... [ 02.05.09 23:51:21 ] Finished Clean! [ 02.05.09 23:51:21 ] Removed 0 errors [ 03.05.09 00:41:24 ] Starting Scan [ 03.05.09 00:41:54 ] Scan Finished [ 03.05.09 00:41:54 ] Found 149 errors. [ 03.05.09 00:42:11 ] Start Cleaning... [ 03.05.09 00:42:11 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\Folders (Value):"C:\\Program Files\\Common Files\\BitDefender\\BitDefender Arrakis Server\\var\\" = "1" [ 03.05.09 00:42:11 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\Folders (Value):"C:\\Program Files\\Common Files\\BitDefender\\BitDefender Arrakis Server\\" = "1" [ 03.05.09 00:42:11 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\Folders (Value):"C:\\Program Files\\Common Files\\BitDefender\\BitDefender Arrakis Server\\var\\cache\\" = "1" [ 03.05.09 00:42:11 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\Folders (Value):"C:\\Program Files\\Common Files\\BitDefender\\BitDefender Arrakis Server\\var\\log\\" = "1" [ 03.05.09 00:42:11 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\Folders (Value):"C:\\WINDOWS\\winsxs\\Policies\\x86_policy.8.0.Micr osoft.VC80.CRT_1fc8b3b9a1e18e3b_x-ww_77c24773\\" = "" [ 03.05.09 00:42:11 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\Folders (Value):"C:\\WINDOWS\\winsxs\\Policies\\x86_policy.8.0.Micr osoft.VC80.MFC_1fc8b3b9a1e18e3b_x-ww_0f75c32e\\" = "" [ 03.05.09 00:42:11 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\Folders (Value):"C:\\WINDOWS\\winsxs\\Policies\\x86_policy.8.0.Micr osoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_x-ww_caeee150\\" = "" [ 03.05.09 00:42:12 ] <CLEAN> (Key):HKEY_CURRENT_USER\Software\Microsoft\Windows \CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\* (Value):"c" = "C:\\Documents and Settings\\Marina\\SOFTWARE\\zaSWITCH_Setup_en.exe" [ 03.05.09 00:42:12 ] <CLEAN> (Key):HKEY_CURRENT_USER\Software\Microsoft\Windows \CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\* (Value):"d" = "C:\\Documents and Settings\\Marina\\PROTECTION\\zaSWITCH_Setup_en.ex e" [ 03.05.09 00:42:12 ] <CLEAN> (Key):HKEY_CURRENT_USER\Software\Microsoft\Windows \CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\* (Value):"h" = "C:\\Documents and Settings\\Marina\\PROTECTION\\zaSetup_en.exe" [ 03.05.09 00:42:12 ] <CLEAN> (Key):HKEY_CURRENT_USER\Software\Microsoft\Windows \CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\exe (Value):"c" = "C:\\Documents and Settings\\Marina\\PROTECTION\\zaSWITCH_Setup_en.ex e" [ 03.05.09 00:42:12 ] <CLEAN> (Key):HKEY_CURRENT_USER\Software\Microsoft\Windows \CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\exe (Value):"h" = "C:\\Documents and Settings\\Marina\\PROTECTION\\zaSetup_en.exe" [ 03.05.09 00:42:12 ] <CLEAN> (Key):HKEY_CURRENT_USER\Software\Microsoft\Windows \CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\exe (Value):"e" = "C:\\Documents and Settings\\Marina\\SOFTWARE\\zaSWITCH_Setup_en.exe" [ 03.05.09 00:42:12 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\ Extensions (Value):"FFToolbar@bitdefender.com" = "C:\\Program Files\\BitDefender\\BitDefender 2009\\FFToolbar\\" [ 03.05.09 00:42:12 ] Created backup file C:\Program Files\COMODO\Registry Cleaner\Backup\03-05-09_00-42-11.reg [ 03.05.09 00:42:12 ] Finished Clean! [ 03.05.09 00:42:12 ] Removed 20 errors [ 03.05.09 10:30:04 ] Starting Scan [ 03.05.09 10:30:40 ] Scan Finished [ 03.05.09 10:30:40 ] Found 136 errors. [ 03.05.09 10:33:12 ] Start Cleaning... [ 03.05.09 10:33:13 ] <CLEAN> (Key):HKEY_CLASSES_ROOT\CLSID\{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} (Value):"AppID" = "{C615554D-7B87-4275-84FF-8E0BA2AD071B}" [ 03.05.09 10:33:13 ] <CLEAN> (Key):HKEY_CURRENT_USER\Software\Microsoft\Windows \CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\* (Value):"c" = "C:\\Documents and Settings\\Marina\\PROTECTION\\spywareblastersetup4 1.exe" [ 03.05.09 10:33:13 ] <CLEAN> (Key):HKEY_CURRENT_USER\Software\Microsoft\Windows \CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\exe (Value):"c" = "C:\\Documents and Settings\\Marina\\PROTECTION\\spywareblastersetup4 1.exe" [ 03.05.09 10:33:13 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Microsoft\Window s\CurrentVersion\Installer\UserData\S-1-5-21-3549075332-1273551853-3635256895-1006\Components\3FDE6B2B8B223B743885D491670F49D9 (Value):"1FBBCDDC3072CB6439B8CB8CA1E1AEAA" = "C:\\Program Files\\SUPERAntiSpyware\\Quarantine\\" [ 03.05.09 10:33:13 ] Created backup file C:\Program Files\COMODO\Registry Cleaner\Backup\03-05-09_10-33-13.reg [ 03.05.09 10:33:13 ] Finished Clean! [ 03.05.09 10:33:13 ] Removed 7 errors [ 03.05.09 18:51:35 ] Starting Scan [ 03.05.09 18:52:09 ] Scan Finished [ 03.05.09 18:52:09 ] Found 135 errors. [ 03.05.09 18:52:19 ] Start Cleaning... [ 03.05.09 18:52:19 ] <CLEAN> (Key):HKEY_CURRENT_USER\Software\Microsoft\Windows \CurrentVersion\Applets\Paint\Recent File List (Value):"File2" = "C:\\Documents and Settings\\Marina\\My Documents\\zAzA\\untitled.bmp" [ 03.05.09 18:52:19 ] <CLEAN> (Key):HKEY_CURRENT_USER\Software\Microsoft\Windows \CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\* (Value):"j" = "C:\\Documents and Settings\\Marina\\My Documents\\zAzA\\untitled.bmp" [ 03.05.09 18:52:19 ] <CLEAN> (Key):HKEY_CURRENT_USER\Software\Microsoft\Windows \CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\bmp (Value):"a" = "C:\\Documents and Settings\\Marina\\My Documents\\zAzA\\untitled.bmp" [ 03.05.09 18:52:19 ] Created backup file C:\Program Files\COMODO\Registry Cleaner\Backup\03-05-09_18-52-19.reg [ 03.05.09 18:52:19 ] Finished Clean! [ 03.05.09 18:52:19 ] Removed 6 errors [ 04.05.09 08:44:02 ] Starting Scan [ 04.05.09 08:44:48 ] Scan Finished [ 04.05.09 08:44:48 ] Found 140 errors. [ 04.05.09 08:44:55 ] Start Cleaning... [ 04.05.09 08:44:55 ] <CLEAN> (Key):HKEY_CURRENT_USER\Software\Microsoft\Windows \CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\* (Value):"g" = "C:\\Documents and Settings\\Marina\\PROTECTION\\Ad-AwareAE.exe" [ 04.05.09 08:44:55 ] <CLEAN> (Key):HKEY_CURRENT_USER\Software\Microsoft\Windows \CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\* (Value):"c" = "C:\\Documents and Settings\\Marina\\PROTECTION\\spywareblastersetup4 2.exe" [ 04.05.09 08:44:55 ] <CLEAN> (Key):HKEY_CURRENT_USER\Software\Microsoft\Windows \CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\exe (Value):"f" = "C:\\Documents and Settings\\Marina\\PROTECTION\\Ad-AwareAE.exe" [ 04.05.09 08:44:55 ] <CLEAN> (Key):HKEY_CURRENT_USER\Software\Microsoft\Windows \CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\exe (Value):"c" = "C:\\Documents and Settings\\Marina\\PROTECTION\\spywareblastersetup4 2.exe" [ 04.05.09 08:44:55 ] <CLEAN> (Key):HKEY_LOCAL_MACHINE\Software\Malwarebytes' Anti-Malware (Value):"InstallPath" = "C:\\Program Files\\Malwarebytes' Anti-Malware" [ 04.05.09 08:44:56 ] Created backup file C:\Program Files\COMODO\Registry Cleaner\Backup\04-05-09_08-44-55.reg [ 04.05.09 08:44:56 ] Finished Clean! [ 04.05.09 08:44:56 ] Removed 11 errors [ 04.05.09 12:19:34 ] Starting Scan [ 04.05.09 12:20:08 ] Scan Finished [ 04.05.09 12:20:08 ] Found 133 errors. [ 04.05.09 12:29:35 ] Start Cleaning... [ 04.05.09 12:29:35 ] <CLEAN> (Key):HKEY_CURRENT_USER\Software\Microsoft\Interne t Explorer\Suggested Sites (Value):"SlicePath" = "C:\\Documents and Settings\\Marina\\Favorites\\Links\\Suggested Sites (3).url" [ 04.05.09 12:29:36 ] <CLEAN> (Key):HKEY_CURRENT_USER\Software\Microsoft\Windows \CurrentVersion\Explorer\MountPoints2\{1322c3d8-36f6-11de-b239-806d6172696f}\_Autorun\DefaultIcon (Value):"" = "E:\\cd.ico" [ 04.05.09 12:29:36 ] Created backup file C:\Program Files\COMODO\Registry Cleaner\Backup\04-05-09_12-29-35.reg [ 04.05.09 12:29:36 ] Finished Clean! [ 04.05.09 12:29:36 ] Removed 133 errors [ 04.05.09 12:30:27 ] Starting Scan [ 04.05.09 12:30:48 ] Scan Finished [ 04.05.09 12:30:48 ] Found 0 errors. [ 04.05.09 12:31:30 ] Starting Scan [ 04.05.09 12:32:00 ] Scan Finished [ 04.05.09 12:32:00 ] Found 131 errors. [ 04.05.09 12:34:44 ] Starting Scan [ 04.05.09 12:35:11 ] Scan Finished [ 04.05.09 12:35:11 ] Found 131 errors. [ 04.05.09 12:35:37 ] Start Cleaning... [ 04.05.09 12:35:37 ] <CLEAN> (Key):HKEY_CURRENT_USER\Software\Microsoft\Interne t Explorer\Suggested Sites (Value):"SlicePath" = "C:\\Documents and Settings\\Marina\\Favorites\\Links\\Suggested Sites (3).url" [ 04.05.09 12:35:37 ] Created backup file C:\Program Files\COMODO\Registry Cleaner\Backup\04-05-09_12-35-37.reg [ 04.05.09 12:35:37 ] Finished Clean! [ 04.05.09 12:35:37 ] Removed 4 errors [ 04.05.09 12:35:48 ] Starting Scan [ 04.05.09 12:36:16 ] Scan Finished [ 04.05.09 12:36:16 ] Found 127 errors. [ 04.05.09 12:36:30 ] Start Cleaning... [ 04.05.09 12:36:31 ] <CLEAN> (Key):HKEY_CURRENT_USER\Software\Microsoft\Windows \CurrentVersion\Explorer\MountPoints2\{1322c3d8-36f6-11de-b239-806d6172696f}\_Autorun\DefaultIcon (Value):"" = "E:\\cd.ico" [ 04.05.09 12:36:31 ] Created backup file C:\Program Files\COMODO\Registry Cleaner\Backup\04-05-09_12-36-30.reg [ 04.05.09 12:36:31 ] Finished Clean! [ 04.05.09 12:36:31 ] Removed 127 errors |
iammcb (14488) | ||
| 770838 | 2009-05-04 02:09:00 | Use glary utilities instead of comodo registry cleaner. It'll probably do a better job. Yup if you mean trojan remover its in one of the links below. I would scan with trojan remover first see what it picks up / or removes And use ccleaner so it'll remove the temp files on your system |
Speedy Gonzales (78) | ||
| 770839 | 2009-05-04 02:57:00 | Well you guys were right about asquared hijack free. It seems that the trojan remover has not found anything either. I wont bother posting the log. It has been a case of false alarm it would seem. I dont know why it said i had all those problems for then??? I would like to ask another question about firewalls if I could? currently im using Online Amor from PCWORLD Mag CD (101 freebies) Do you know if thats a good one. Only asking as zonealarm wont install from cd says it cant find a msi package installer or set up is corrupt. I had it installed awhile ago. and it wouldnt update then it wouldnt uninstall it was a nightmare anyway. So i trialled PC Tools firewall and that let in a trojan and avast was popping up blocked a DCOM expoit attack further investigation told me my firewall was not protecting me So far so good with this new firewall. Hopefully I am safe. Also one more thing I actually like spybot and destroy tea timer and the registery guard. (Just wish i could get the host list running.) I had no problems with it. It never gave me grief Should I turn it back on? |
iammcb (14488) | ||
| 770840 | 2009-05-04 03:01:00 | No dont turn teatimer on. It can block programs from writing to the registry, and programs may not work properly. Update avast and scan the whole hdd |
Speedy Gonzales (78) | ||
| 1 2 3 | |||||