Hi, I already complied with Stopzilla next time it opened, more to get it off the screen really! Sorry I hope that wasn't the wrong thing to do. Here's the log anyway:
Block/Extraction Pop-up blocker 2009-05-31 16:41:12 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=728x90&site=167876§ion_code=201788898&cb=1243784460384576&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-31 16:41:12 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243784424763077&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-31 16:41:02 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=728x90&site=167876§ion_code=201788898&cb=1243784460384576&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-31 16:41:02 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243784424763077&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-31 16:41:00 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243784459686605&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-31 16:41:00 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=300x250&site=167876§ion_code=201788811&cb=1243784459686605&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-31 16:40:28 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243784424763077&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-31 16:40:28 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=300x250&site=167876§ion_code=201788811&cb=1243784424763077&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-31 15:16:14 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=425x600§ion=402087
Block/Extraction Pop-up blocker 2009-05-31 15:16:09 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=425x600§ion=402087
Information General 2009-05-31 14:18:50 Exploit definition update (05/28/2009 03:38 PM GMT) successfully applied.
Information Home page protection 2009-05-31 14:05:35 Checking homepage... OK
Information Internet ExplorerSiteguard 2009-05-31 14:05:08 Inspecting registered Internet Explorer toolbars
Information Registry enforcer 2009-05-31 14:05:07 Inspecting registered Explorer bars
Information Registry enforcer 2009-05-31 14:04:56 Inspecting WinLogon notification handlers and modules loaded by WinLogon
Information Registry enforcer 2009-05-31 14:04:55 Inspecting WinSock registry (LSP Chain)
Information Registry enforcer 2009-05-31 14:04:54 Inspecting registered Browser Helper Objects (BHOs)
Information Process enforcer 2009-05-31 14:04:53 Starting process watcher
Block/Extraction NT Service enforcer 2009-05-31 14:03:06 Disabled service: messenger -
Block/Extraction NT Service enforcer 2009-05-31 14:03:06 Disabled service: messenger -
Block/Extraction Pop-up blocker 2009-05-31 14:02:58 Removed file d:\documents and settings\caroline dexter.049924520170\local settings\temp\catchme.sys
Block/Extraction Pop-up blocker 2009-05-31 14:02:58 Removed file d:\documents and settings\caroline dexter.049924520170\local settings\temp\catchme.sys
Block/Extraction Pop-up blocker 2009-05-31 14:02:58 Removed file d:\documents and settings\caroline dexter.049924520170\local settings\temp\catchme.sys
Block/Extraction Pop-up blocker 2009-05-31 14:02:58 Removed file d:\documents and settings\caroline dexter.049924520170\local settings\temp\catchme.sys
Block/Extraction Home page protection 2009-05-31 14:02:34 Resetting Homepage back to
http://www.youtube.com/watch?v=hZLchENhVVY&NR=1Warning/Detection Home page protection 2009-05-31 14:02:34 Detected homepage change to
http://www.myspace.com/Block/Extraction Pop-up blocker 2009-05-31 14:02:13 Extracted package System Policies.DisableRegistryTools
Block/Extraction Pop-up blocker 2009-05-31 14:02:13 Extracted package CatchMe
Block/Extraction Pop-up blocker 2009-05-31 14:02:11 Extracted package UACD
Block/Extraction Pop-up blocker 2009-05-31 14:02:11 Extracted package Vundo.F
Block/Extraction File enforcer 2009-05-31 14:02:10 Extracted files: path, c:\system volume information\_restore{5fed904e-6e1e-4b49-8681-d5c017bb5784}\rp97\a0026644.sys
Block/Extraction File enforcer 2009-05-31 14:02:10 Deleted file: c:\system volume information\_restore{5fed904e-6e1e-4b49-8681-d5c017bb5784}\rp97\a0026644.sys
Block/Extraction File enforcer 2009-05-31 14:02:10 Quarantined file: c:\system volume information\_restore{5fed904e-6e1e-4b49-8681-d5c017bb5784}\rp97\a0026644.sys
Block/Extraction File enforcer 2009-05-31 14:02:10 Extracted files: path, c:\system volume information\_restore{5fed904e-6e1e-4b49-8681-d5c017bb5784}\rp96\a0026355.sys
Block/Extraction File enforcer 2009-05-31 14:02:10 Deleted file: c:\system volume information\_restore{5fed904e-6e1e-4b49-8681-d5c017bb5784}\rp96\a0026355.sys
Block/Extraction File enforcer 2009-05-31 14:02:08 Quarantined file: c:\system volume information\_restore{5fed904e-6e1e-4b49-8681-d5c017bb5784}\rp96\a0026355.sys
Block/Extraction Pop-up blocker 2009-05-31 13:50:24 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=728x90&site=167876§ion_code=201788898&cb=1243774063903720&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-31 13:50:24 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243774044642287&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-31 13:50:11 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=728x90&site=167876§ion_code=201788898&cb=1243774063903720&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-31 13:50:11 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243774044642287&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-31 13:47:52 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=728x90&site=167876§ion_code=201788898&cb=1243774063903720&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-31 13:47:52 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243774044642287&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-31 13:47:46 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=728x90&site=167876§ion_code=201788898&cb=1243774063903720&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-31 13:47:46 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243774044642287&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-31 13:47:26 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243774044642287&yrc=uk&ycg=f&yyob=1977
Block/Extraction Home page protection 2009-05-31 13:46:52 Resetting Homepage back to
http://www.youtube.com/watch?v=hZLchENhVVY&NR=1Warning/Detection Home page protection 2009-05-31 13:46:52 Detected homepage change to
http://go.microsoft.com/fwlink/?LinkId=69157Block/Extraction Home page protection 2009-05-31 13:46:44 Resetting Homepage back to
http://www.youtube.com/watch?v=hZLchENhVVY&NR=1Warning/Detection Home page protection 2009-05-31 13:46:44 Detected homepage change to about:blank
Block/Extraction Home page protection 2009-05-31 13:46:34 Resetting Homepage back to
http://www.youtube.com/watch?v=hZLchENhVVY&NR=1Warning/Detection Home page protection 2009-05-31 13:46:34 Detected homepage change to
http://www.google.co.uk/Block/Extraction Home page protection 2009-05-31 13:44:06 Resetting Homepage back to
http://www.youtube.com/watch?v=hZLchENhVVY&NR=1Warning/Detection Home page protection 2009-05-31 13:44:06 Detected homepage change to
http://www.google.co.uk/Block/Extraction Home page protection 2009-05-31 13:43:38 Resetting Homepage back to
http://www.youtube.com/watch?v=hZLchENhVVY&NR=1Warning/Detection Home page protection 2009-05-31 13:43:38 Detected homepage change to
http://www.google.co.uk/Information Home page protection 2009-05-31 13:42:10 Checking homepage... OK
Information Internet ExplorerSiteguard 2009-05-31 13:41:14 Inspecting registered Internet Explorer toolbars
Information Registry enforcer 2009-05-31 13:41:14 Inspecting registered Explorer bars
Information Registry enforcer 2009-05-31 13:41:08 Inspecting WinLogon notification handlers and modules loaded by WinLogon
Information Registry enforcer 2009-05-31 13:41:05 Inspecting WinSock registry (LSP Chain)
Information Registry enforcer 2009-05-31 13:41:04 Inspecting registered Browser Helper Objects (BHOs)
Information Process enforcer 2009-05-31 13:41:03 Starting process watcher
Block/Extraction NT Service enforcer 2009-05-31 13:39:04 Disabled service: messenger -
Block/Extraction NT Service enforcer 2009-05-31 13:39:04 Disabled service: messenger -
Block/Extraction Home page protection 2009-05-31 13:33:02 Resetting Homepage back to
http://www.youtube.com/watch?v=hZLchENhVVY&NR=1Warning/Detection Home page protection 2009-05-31 13:33:02 Detected homepage change to
http://www.google.co.uk/Warning/Detection Process enforcer 2009-05-31 13:29:31 Monitoring process c:\program files\messenger\msmsgs.exe
Information Home page protection 2009-05-31 13:28:57 Checking homepage... OK
Information Internet ExplorerSiteguard 2009-05-31 12:36:34 Inspecting registered Internet Explorer toolbars
Information Registry enforcer 2009-05-31 12:36:34 Inspecting registered Explorer bars
Information Registry enforcer 2009-05-31 12:36:15 Inspecting WinLogon notification handlers and modules loaded by WinLogon
Information Registry enforcer 2009-05-31 12:36:14 Inspecting WinSock registry (LSP Chain)
Information Registry enforcer 2009-05-31 12:36:12 Inspecting registered Browser Helper Objects (BHOs)
Information Process enforcer 2009-05-31 12:36:11 Starting process watcher
Block/Extraction Pop-up blocker 2009-05-30 19:53:24 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=728x90&site=167876§ion_code=201788898&cb=1243709387404371&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-30 19:53:24 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243709383930514&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-30 19:53:12 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=728x90&site=167876§ion_code=201788898&cb=1243709387404371&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-30 19:53:12 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243709383930514&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-30 19:49:50 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=728x90&site=167876§ion_code=201788898&cb=1243709387404371&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-30 19:49:50 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243709383930514&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-30 19:49:44 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=728x90&site=167876§ion_code=201788898&cb=1243709387404371&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-30 19:49:44 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243709383930514&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-30 19:49:40 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243709383930514&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-30 18:36:03 Blocked Pop-up: view.atdmt.com/cwg/iview/125241196/direct;wi.300;hi.250/01?click=http://servedby.advertising.com/click/site=0000756360/mnum=0000650975/cstr=93142071=_4a216e88,1236127220,756360^650975^251^0,1_/xsxdata=$xsxdata/bnum=93142071/optn=64?trg=
Block/Extraction Pop-up blocker 2009-05-30 18:27:58 Blocked Pop-up: ad.uk.doubleclick.net/adi/n1707.adcom/b3531773.38;sz=300x250;click=http://servedby.advertising.com/click/site=0000756360/mnum=0000690838/cstr=84938488=_4a216ca3,7117717860,756360^690838^250^0,1_/xsxdata=$xsxdata/bnum=84938488/optn=64?trg=;ord=7117717860?
Block/Extraction Pop-up blocker 2009-05-30 18:25:09 Blocked Pop-up: ad.uk.doubleclick.net/adi/n1707.adcom/b3630610.3;sz=728x90;click=http://servedby.advertising.com/click/site=0000756361/mnum=0000624471/cstr=92534158=_4a216bf9,5268881177,756361^624471^250^0,1_/xsxdata=$xsxdata/bnum=92534158/optn=64?trg=;ord=5268881177?
Block/Extraction Pop-up blocker 2009-05-30 18:22:52 Blocked Pop-up: ad.uk.doubleclick.net/adi/n884.platforma/b3541116.16;sz=300x250;click=http://servedby.advertising.com/click/site=0000756360/mnum=0000691979/cstr=13511560=_4a216b70,8157406760,756360^691979^250^0,1_/xsxdata=$xsxdata/bnum=13511560/optn=64?trg=;ord=8157406760?
Block/Extraction Pop-up blocker 2009-05-30 18:22:51 Blocked Pop-up: ad.uk.doubleclick.net/adi/n884.platforma/b3541116.26;sz=728x90;click=http://servedby.advertising.com/click/site=0000756361/mnum=0000695336/cstr=99667431=_4a216b70,1426752626,756361^695336^250^0,1_/xsxdata=$xsxdata/bnum=99667431/optn=64?trg=;ord=1426752626?
Block/Extraction Pop-up blocker 2009-05-30 18:08:34 Blocked Pop-up: ad.uk.doubleclick.net/adi/n1379.ad.com/b3646492.3;sz=728x90;click=http://servedby.advertising.com/click/site=0000765888/mnum=0000712784/cstr=6086490=_4a216816,8253401433,765888^712784^70^0,1_/bnum=6086490/optn=64?trg=http://oasn04.247realmedia.com/realmedia/ads/click_lx.ads/ad.com_ukb3/alfamsc/ron/728x90/8253401433/1234/x90/ukb3/alfamsc_ad.com_ukb3ron_728x90/alfamsc_728x90.html/1?;ord=8253401433?
Block/Extraction Pop-up blocker 2009-05-30 18:08:32 Blocked Pop-up: ad.uk.doubleclick.net/adi/n1238.adcom.quantum/b3549733;sz=120x600;click=http://servedby.advertising.com/click/site=0000759362/mnum=0000693201/cstr=19633909=_4a216814,6066260775,759362^693201^250^0,1_/xsxdata=$xsxdata/bnum=19633909/optn=64?trg=;ord=6066260775?
Block/Extraction Pop-up blocker 2009-05-30 18:07:57 Blocked Pop-up: ad.uk.doubleclick.net/adi/n1707.adcom/b3630610;sz=300x250;click=http://servedby.advertising.com/click/site=0000756351/mnum=0000624470/cstr=94453030=_4a2167f2,7035223380,756351^624470^250^0,1_/xsxdata=$xsxdata/bnum=94453030/optn=64?trg=;ord=7035223380?
Block/Extraction Pop-up blocker 2009-05-30 15:09:23 Blocked Pop-up: view.atdmt.com/zo2/iview/148815027/direct;wi.728;hi.90/01/1243692568?click=http://ad.yieldmanager.com/click,qqulab3xbwcqzyeacm8kaaiaaaaaap8aaaaheaiabgi-oqwaoumoaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaabg-iuoaaaaa,,http%3a%2f%2fdelb.opt.fimserve.com%2fadopt%2f%3fr%3dh%26l%3d11013005%26pos%3dleaderboard%26rnd%3d198752144%26fid%3d77205619%26acct%3d2%26ged%3d0%3a0%3aogjhodzhnmfizjgxntm2ooapyklr1ojlygwxeult2hgluve00m8ivdsxnyvakcguvx2i8swadruzxldzxarirjxrlanbn1rhpexzfdsnry6ttxi-62vmia_i7-2eveqv%3a%3a0%3a0%3aztuzztexyjzhntu1oti4yuifi4idg1k051zfads9ur0ai6xbsmvvwc_9ikgzh55ditfckfp11wln27eukkz2lq1i0ypwuxgaoo_ae75gr0ccdqvr2r3y2qunt_9jwt19,
Block/Extraction Pop-up blocker 2009-05-30 15:08:31 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243692503989768&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-30 15:08:24 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243692503989768&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-30 15:08:20 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243692503989768&yrc=uk&ycg=f&yyob=1977
Block/Extraction Home page protection 2009-05-30 13:58:12 Resetting Homepage back to
http://www.youtube.com/watch?v=hZLchENhVVY&NR=1Warning/Detection Home page protection 2009-05-30 13:58:12 Detected homepage change to
http://www.google.co.uk/Block/Extraction Home page protection 2009-05-30 13:54:39 Resetting Homepage back to
http://www.youtube.com/watch?v=hZLchENhVVY&NR=1Warning/Detection Home page protection 2009-05-30 13:54:39 Detected homepage change to
http://www.google.co.uk/Block/Extraction Home page protection 2009-05-30 13:53:41 Resetting Homepage back to
http://www.youtube.com/watch?v=hZLchENhVVY&NR=1Warning/Detection Home page protection 2009-05-30 13:53:41 Detected homepage change to
http://www.google.co.uk/Block/Extraction Home page protection 2009-05-30 13:52:28 Resetting Homepage back to
http://www.youtube.com/watch?v=hZLchENhVVY&NR=1Warning/Detection Home page protection 2009-05-30 13:52:28 Detected homepage change to
http://www.google.co.uk/Block/Extraction Pop-up blocker 2009-05-30 13:50:42 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243687835420080&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-30 13:50:36 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243687835420080&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-30 13:50:32 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243687835420080&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-30 10:18:01 Blocked Pop-up: c13.zedo.com/jsc//zpu.html?f=;z=2-107
Block/Extraction Pop-up blocker 2009-05-30 10:17:28 Blocked Pop-up: c13.zedo.com/jsc//zpu.html?f=;z=2-107
Block/Extraction Pop-up blocker 2009-05-30 10:10:29 Blocked Pop-up: espn.go.com//[no path]
Block/Extraction Pop-up blocker 2009-05-30 10:10:27 Blocked Pop-up: espn.go.com//[no path]
Warning/Detection Process enforcer 2009-05-30 09:54:47 Monitoring process c:\program files\messenger\msmsgs.exe
Information Home page protection 2009-05-30 09:53:58 Checking homepage... OK
Information Internet ExplorerSiteguard 2009-05-30 09:53:42 Inspecting registered Internet Explorer toolbars
Information Registry enforcer 2009-05-30 09:53:42 Inspecting registered Explorer bars
Information Registry enforcer 2009-05-30 09:53:24 Inspecting WinLogon notification handlers and modules loaded by WinLogon
Information Registry enforcer 2009-05-30 09:53:22 Inspecting WinSock registry (LSP Chain)
Information Registry enforcer 2009-05-30 09:53:21 Inspecting registered Browser Helper Objects (BHOs)
Information Process enforcer 2009-05-30 09:53:19 Starting process watcher
Block/Extraction NT Service enforcer 2009-05-29 18:51:30 Disabled service: messenger -
Block/Extraction NT Service enforcer 2009-05-29 18:51:29 Disabled service: messenger -
Block/Extraction Pop-up blocker 2009-05-29 17:58:22 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243612751081588&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-29 17:01:11 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243612751081588&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-29 17:00:06 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243612751081588&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-29 16:59:26 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243612751081588&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-29 16:59:20 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243612751081588&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-29 16:59:12 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243612751081588&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-29 16:59:08 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243612751081588&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-29 16:59:08 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=300x250&site=167876§ion_code=201788811&cb=1243612751081588&yrc=uk&ycg=f&yyob=1977
Block/Extraction Home page protection 2009-05-29 11:34:39 Resetting Homepage back to
http://www.youtube.com/watch?v=hZLchENhVVY&NR=1Warning/Detection Home page protection 2009-05-29 11:34:39 Detected homepage change to
http://www.google.co.uk/Block/Extraction Pop-up blocker 2009-05-29 11:30:35 Blocked Pop-up: ad.uk.doubleclick.net/adi/n884.platforma/b3541116.16;sz=300x250;click=http://servedby.advertising.com/click/site=0000756360/mnum=0000691979/cstr=40960358=_4a1fb94e,3463854303,756360^691979^250^0,1_/xsxdata=$xsxdata/bnum=40960358/optn=64?trg=;ord=3463854303?
Block/Extraction Pop-up blocker 2009-05-29 11:27:47 Blocked Pop-up: ad.uk.doubleclick.net/adi/n5449.platforma/b3634922.6;sz=300x250;click=http://servedby.advertising.com/click/site=0000756351/mnum=0000710889/cstr=26335120=_4a1fb8a7,7541875063,756351^710889^250^0,1_/xsxdata=$xsxdata/bnum=26335120/optn=64?trg=;ord=7541875063?
Block/Extraction Home page protection 2009-05-29 10:55:20 Resetting Homepage back to
http://www.youtube.com/watch?v=hZLchENhVVY&NR=1Warning/Detection Home page protection 2009-05-29 10:55:20 Detected homepage change to
http://www.google.co.uk/Block/Extraction Home page protection 2009-05-29 10:40:58 Resetting Homepage back to
http://www.youtube.com/watch?v=hZLchENhVVY&NR=1Warning/Detection Home page protection 2009-05-29 10:40:58 Detected homepage change to
http://www.google.co.uk/Block/Extraction Pop-up blocker 2009-05-29 10:14:49 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=300x250&site=167876§ion_code=201788811&cb=1243588492464248&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-29 10:14:49 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243588492464248&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-29 10:08:30 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=728x90&site=167876§ion_code=201788898&cb=1243588102252598&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-29 10:08:30 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243588097703470&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-29 10:08:20 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=728x90&site=167876§ion_code=201788898&cb=1243588102252598&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-29 10:08:20 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243588097703470&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-29 10:08:15 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243588097703470&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-29 10:08:15 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=300x250&site=167876§ion_code=201788811&cb=1243588097703470&yrc=uk&ycg=f&yyob=1977
Warning/Detection Process enforcer 2009-05-29 10:06:41 Monitoring process c:\program files\messenger\msmsgs.exe
Information Home page protection 2009-05-29 10:06:02 Checking homepage... OK
Information Internet ExplorerSiteguard 2009-05-29 09:56:48 Inspecting registered Internet Explorer toolbars
Information Registry enforcer 2009-05-29 09:56:47 Inspecting registered Explorer bars
Information Registry enforcer 2009-05-29 09:56:36 Inspecting WinLogon notification handlers and modules loaded by WinLogon
Information Registry enforcer 2009-05-29 09:56:34 Inspecting WinSock registry (LSP Chain)
Information Registry enforcer 2009-05-29 09:56:33 Inspecting registered Browser Helper Objects (BHOs)
Information Process enforcer 2009-05-29 09:56:32 Starting process watcher
Block/Extraction NT Service enforcer 2009-05-29 09:54:44 Disabled service: messenger -
Block/Extraction NT Service enforcer 2009-05-29 09:54:44 Disabled service: messenger -
Block/Extraction Pop-up blocker 2009-05-29 09:43:47 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243586618483320&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-29 09:43:41 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243586618483320&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-29 09:43:36 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243586618483320&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-29 09:43:36 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=300x250&site=167876§ion_code=201788811&cb=1243586618483320&yrc=uk&ycg=f&yyob=1977
Warning/Detection Process enforcer 2009-05-29 09:42:03 Monitoring process c:\program files\messenger\msmsgs.exe
Information Home page protection 2009-05-29 09:41:39 Checking homepage... OK
Information Internet ExplorerSiteguard 2009-05-29 09:40:54 Inspecting registered Internet Explorer toolbars
Information Registry enforcer 2009-05-29 09:40:53 Inspecting registered Explorer bars
Information Registry enforcer 2009-05-29 09:40:42 Inspecting WinLogon notification handlers and modules loaded by WinLogon
Information Registry enforcer 2009-05-29 09:40:41 Inspecting WinSock registry (LSP Chain)
Information Registry enforcer 2009-05-29 09:40:38 Inspecting registered Browser Helper Objects (BHOs)
Information Process enforcer 2009-05-29 09:40:34 Starting process watcher
Block/Extraction NT Service enforcer 2009-05-29 09:39:12 Disabled service: messenger -
Block/Extraction NT Service enforcer 2009-05-29 09:39:11 Disabled service: messenger -
Block/Extraction Pop-up blocker 2009-05-29 09:33:02 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=728x90&site=167876§ion_code=201788898&cb=1243585974778715&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-29 09:33:01 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243585969748012&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-29 09:32:53 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=728x90&site=167876§ion_code=201788898&cb=1243585974778715&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-29 09:32:53 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243585969748012&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-29 09:32:48 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243585969748012&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-29 09:32:47 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=300x250&site=167876§ion_code=201788811&cb=1243585969748012&yrc=uk&ycg=f&yyob=1977
Warning/Detection Process enforcer 2009-05-29 09:30:36 Monitoring process c:\program files\messenger\msmsgs.exe
Information Home page protection 2009-05-29 09:29:45 Checking homepage... OK
Information Internet ExplorerSiteguard 2009-05-29 09:28:41 Inspecting registered Internet Explorer toolbars
Information Registry enforcer 2009-05-29 09:28:41 Inspecting registered Explorer bars
Information Registry enforcer 2009-05-29 09:28:28 Inspecting WinLogon notification handlers and modules loaded by WinLogon
Information Registry enforcer 2009-05-29 09:28:22 Inspecting WinSock registry (LSP Chain)
Information Registry enforcer 2009-05-29 09:28:21 Inspecting registered Browser Helper Objects (BHOs)
Information Process enforcer 2009-05-29 09:28:16 Starting process watcher
Block/Extraction NT Service enforcer 2009-05-28 20:37:43 Disabled service: messenger -
Block/Extraction NT Service enforcer 2009-05-28 20:37:40 Disabled service: messenger -
Block/Extraction Pop-up blocker 2009-05-28 20:06:57 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=728x90&site=167876§ion_code=201788898&cb=1243537605055935&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-28 20:06:57 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243537594013096&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-28 20:06:47 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=728x90&site=167876§ion_code=201788898&cb=1243537605055935&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-28 20:06:45 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243537594013096&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-28 20:06:36 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243537594013096&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-28 20:06:34 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=300x250&site=167876§ion_code=201788811&cb=1243537594013096&yrc=uk&ycg=f&yyob=1977
Block/Extraction Registry enforcer 2009-05-28 20:03:41 Deleted registry value DisableRegistryTools in hklm\software\microsoft\windows\currentversion\policies\system
Warning/Detection COM enforcer 2009-05-28 20:03:41 Detected malicious registry entry DisableRegistryTools in hklm\software\microsoft\windows\currentversion\policies\system
Block/Extraction NT Service enforcer 2009-05-28 20:03:08 Removed Sys module: d:\documents and settings\caroline dexter.049924520170\local settings\temp\catchme.sys
Block/Extraction NT Service enforcer 2009-05-28 20:03:08 Removed service: catchme - catchme
Information Home page protection 2009-05-28 20:02:34 Checking homepage... OK
Information General 2009-05-28 20:02:16 Started scheduled scan.
Information Internet ExplorerSiteguard 2009-05-28 20:02:07 Inspecting registered Internet Explorer toolbars
Information Registry enforcer 2009-05-28 20:02:07 Inspecting registered Explorer bars
Block/Extraction Registry enforcer 2009-05-28 20:01:56 Deleted registry value system in hklm\software\microsoft\windows nt\currentversion\winlogon
Information Registry enforcer 2009-05-28 20:01:52 Inspecting WinLogon notification handlers and modules loaded by WinLogon
Information Registry enforcer 2009-05-28 20:01:50 Inspecting WinSock registry (LSP Chain)
Information Registry enforcer 2009-05-28 20:01:49 Inspecting registered Browser Helper Objects (BHOs)
Information Process enforcer 2009-05-28 20:01:48 Starting process watcher
Information Home page protection 2009-05-28 13:57:21 Checking homepage... OK
Block/Extraction Registry enforcer 2009-05-28 13:55:29 Deleted registry value DisableRegistryTools in hklm\software\microsoft\windows\currentversion\policies\system
Warning/Detection COM enforcer 2009-05-28 13:55:29 Detected malicious registry entry DisableRegistryTools in hklm\software\microsoft\windows\currentversion\policies\system
Block/Extraction NT Service enforcer 2009-05-28 13:55:14 Removed Sys module: d:\documents and settings\caroline dexter.049924520170\local settings\temp\catchme.sys
Block/Extraction NT Service enforcer 2009-05-28 13:55:14 Removed service: catchme - catchme
Information Internet ExplorerSiteguard 2009-05-28 13:54:38 Inspecting registered Internet Explorer toolbars
Information Registry enforcer 2009-05-28 13:54:38 Inspecting registered Explorer bars
Block/Extraction Registry enforcer 2009-05-28 13:54:24 Deleted registry value system in hklm\software\microsoft\windows nt\currentversion\winlogon
Information Registry enforcer 2009-05-28 13:54:19 Inspecting WinLogon notification handlers and modules loaded by WinLogon
Information Registry enforcer 2009-05-28 13:54:17 Inspecting WinSock registry (LSP Chain)
Information Registry enforcer 2009-05-28 13:54:15 Inspecting registered Browser Helper Objects (BHOs)
Information Process enforcer 2009-05-28 13:54:14 Starting process watcher
Block/Extraction Registry enforcer 2009-05-28 13:49:37 Deleted registry value disableregistrytools in hkus\S-1-5-21-357337470-3576400413-644577365-1005\software\microsoft\windows\currentversion\policies\system
Warning/Detection COM enforcer 2009-05-28 13:49:37 Detected malicious registry entry disableregistrytools in hkus\S-1-5-21-357337470-3576400413-644577365-1005\software\microsoft\windows\currentversion\policies\system
Block/Extraction Registry enforcer 2009-05-28 13:49:36 Deleted registry value DisableRegistryTools in hkus\S-1-5-21-357337470-3576400413-644577365-1005\software\microsoft\windows\currentversion\policies\system
Warning/Detection COM enforcer 2009-05-28 13:49:36 Detected malicious registry entry DisableRegistryTools in hkus\S-1-5-21-357337470-3576400413-644577365-1005\software\microsoft\windows\currentversion\policies\system
Block/Extraction Pop-up blocker 2009-05-28 12:21:25 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243509616993706&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-28 12:21:24 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=728x90&site=167876§ion_code=201788898&cb=1243509625192412&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-28 12:21:15 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=728x90&site=167876§ion_code=201788898&cb=1243509625192412&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-28 12:21:15 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243509616993706&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-28 12:21:03 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=728x90&site=167876§ion_code=201788898&cb=1243509625192412&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-28 12:21:02 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243509616993706&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-28 12:20:55 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=728x90&site=167876§ion_code=201788898&cb=1243509625192412&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-28 12:20:55 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243509616993706&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-28 12:20:42 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=728x90&site=167876§ion_code=201788898&cb=1243509625192412&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-28 12:20:41 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243509616993706&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-28 12:20:27 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=728x90&site=167876§ion_code=201788898&cb=1243509625192412&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-28 12:20:25 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243509616993706&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-28 12:20:17 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243509616993706&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-28 11:31:56 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=425x600&site=167876§ion_code=201788847&cb=1243506719203655&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-28 11:31:31 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=425x600&site=167876§ion_code=201788847&cb=1243506695055683&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-28 11:30:12 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=728x90&site=167876§ion_code=201788898&cb=1243506530418393&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-28 11:30:12 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243506526437931&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-28 11:28:48 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=728x90&site=167876§ion_code=201788898&cb=1243506530418393&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-28 11:28:48 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243506526437931&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-28 11:28:44 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243506526437931&yrc=uk&ycg=f&yyob=1977
Warning/Detection Process enforcer 2009-05-28 11:22:15 Monitoring process c:\program files\messenger\msmsgs.exe
Information Home page protection 2009-05-28 11:21:50 Checking homepage... OK
Block/Extraction Registry enforcer 2009-05-28 11:19:40 Deleted registry value DisableRegistryTools in hklm\software\microsoft\windows\currentversion\policies\system
Warning/Detection COM enforcer 2009-05-28 11:19:40 Detected malicious registry entry DisableRegistryTools in hklm\software\microsoft\windows\currentversion\policies\system
Block/Extraction NT Service enforcer 2009-05-28 11:19:35 Removed Sys module: d:\documents and settings\caroline dexter.049924520170\local settings\temp\catchme.sys
Block/Extraction NT Service enforcer 2009-05-28 11:19:35 Removed service: catchme - catchme
Information Internet ExplorerSiteguard 2009-05-28 11:18:43 Inspecting registered Internet Explorer toolbars
Information Registry enforcer 2009-05-28 11:18:43 Inspecting registered Explorer bars
Block/Extraction Registry enforcer 2009-05-28 11:18:28 Deleted registry value system in hklm\software\microsoft\windows nt\currentversion\winlogon
Information Registry enforcer 2009-05-28 11:18:21 Inspecting WinLogon notification handlers and modules loaded by WinLogon
Information Registry enforcer 2009-05-28 11:18:21 Inspecting WinSock registry (LSP Chain)
Information Registry enforcer 2009-05-28 11:18:20 Inspecting registered Browser Helper Objects (BHOs)
Information Process enforcer 2009-05-28 11:18:19 Starting process watcher
Block/Extraction Registry enforcer 2009-05-28 10:45:41 Extracted registry key HKLM\SYSTEM\CurrentControlSet\Services\UACd.sys
Block/Extraction Registry enforcer 2009-05-28 10:45:38 Extracted registry key HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BEEP
Information Home page protection 2009-05-28 10:45:14 Checking homepage... OK
Block/Extraction NT Service enforcer 2009-05-28 10:45:08 Removed service: catchme - catchme
Block/Extraction Registry enforcer 2009-05-28 10:44:44 Extracted registry key HKLM\SYSTEM\CurrentControlSet\Services\catchme
Information Internet ExplorerSiteguard 2009-05-28 10:44:32 Inspecting registered Internet Explorer toolbars
Information Registry enforcer 2009-05-28 10:44:32 Inspecting registered Explorer bars
Block/Extraction Registry enforcer 2009-05-28 10:44:32 Extracted registry key HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CATCHME
Information Registry enforcer 2009-05-28 10:44:14 Inspecting WinLogon notification handlers and modules loaded by WinLogon
Information Registry enforcer 2009-05-28 10:44:11 Inspecting WinSock registry (LSP Chain)
Information Registry enforcer 2009-05-28 10:44:10 Inspecting registered Browser Helper Objects (BHOs)
Information Process enforcer 2009-05-28 10:44:09 Starting process watcher
Block/Extraction Registry enforcer 2009-05-28 10:26:08 Deleted registry value DisableRegistryTools in hkus\S-1-5-21-357337470-3576400413-644577365-1005\software\microsoft\windows\currentversion\policies\system
Warning/Detection COM enforcer 2009-05-28 10:26:08 Detected malicious registry entry DisableRegistryTools in hkus\S-1-5-21-357337470-3576400413-644577365-1005\software\microsoft\windows\currentversion\policies\system
Block/Extraction Pop-up blocker 2009-05-28 10:20:51 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=728x90&site=167876§ion_code=201788898&cb=1243502445316424&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-28 10:20:51 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243502441761025&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-28 10:20:45 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=728x90&site=167876§ion_code=201788898&cb=1243502445316424&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-28 10:20:45 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243502441761025&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-28 10:20:40 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243502441761025&yrc=uk&ycg=f&yyob=1977
Information Home page protection 2009-05-28 10:16:52 Checking homepage... OK
Information Internet ExplorerSiteguard 2009-05-28 09:59:58 Inspecting registered Internet Explorer toolbars
Information Registry enforcer 2009-05-28 09:59:58 Inspecting registered Explorer bars
Information Registry enforcer 2009-05-28 09:59:42 Inspecting WinLogon notification handlers and modules loaded by WinLogon
Information Registry enforcer 2009-05-28 09:59:41 Inspecting WinSock registry (LSP Chain)
Information Registry enforcer 2009-05-28 09:59:40 Inspecting registered Browser Helper Objects (BHOs)
Information Process enforcer 2009-05-28 09:59:38 Starting process watcher
Block/Extraction NT Service enforcer 2009-05-28 00:55:46 Disabled service: messenger -
Block/Extraction NT Service enforcer 2009-05-28 00:55:46 Disabled service: messenger -
Block/Extraction Pop-up blocker 2009-05-28 00:32:25 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243467136840863&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-28 00:18:57 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243465709372589&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-28 00:08:41 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243465709372589&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-28 00:08:35 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243465709372589&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-28 00:08:29 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243465709372589&yrc=uk&ycg=f&yyob=1977
Information Home page protection 2009-05-27 23:50:33 Checking homepage... OK
Information Internet ExplorerSiteguard 2009-05-27 23:49:22 Inspecting registered Internet Explorer toolbars
Information Registry enforcer 2009-05-27 23:49:22 Inspecting registered Explorer bars
Information Registry enforcer 2009-05-27 23:49:04 Inspecting WinLogon notification handlers and modules loaded by WinLogon
Information Registry enforcer 2009-05-27 23:48:56 Inspecting WinSock registry (LSP Chain)
Information Registry enforcer 2009-05-27 23:48:55 Inspecting registered Browser Helper Objects (BHOs)
Information Process enforcer 2009-05-27 23:48:54 Starting process watcher
Information Home page protection 2009-05-27 23:27:39 Checking homepage... OK
Information Internet ExplorerSiteguard 2009-05-27 23:27:13 Inspecting registered Internet Explorer toolbars
Information Registry enforcer 2009-05-27 23:27:11 Inspecting registered Explorer bars
Information Registry enforcer 2009-05-27 23:26:33 Inspecting WinLogon notification handlers and modules loaded by WinLogon
Information Registry enforcer 2009-05-27 23:26:31 Inspecting WinSock registry (LSP Chain)
Information Registry enforcer 2009-05-27 23:26:30 Inspecting registered Browser Helper Objects (BHOs)
Information Process enforcer 2009-05-27 23:26:28 Starting process watcher
Block/Extraction NT Service enforcer 2009-05-27 22:54:51 Disabled service: messenger -
Block/Extraction NT Service enforcer 2009-05-27 22:54:50 Disabled service: messenger -
Block/Extraction Pop-up blocker 2009-05-27 22:47:51 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243460632075353&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-27 22:44:11 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243460632075353&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-27 22:44:01 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243460632075353&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-27 22:43:51 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243460632075353&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-27 22:43:51 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=300x250&site=167876§ion_code=201788811&cb=1243460632075353&yrc=uk&ycg=f&yyob=1977
Warning/Detection Process enforcer 2009-05-27 22:38:12 Monitoring process c:\program files\messenger\msmsgs.exe
Information Home page protection 2009-05-27 22:37:38 Checking homepage... OK
Information Internet ExplorerSiteguard 2009-05-27 22:28:50 Inspecting registered Internet Explorer toolbars
Information Registry enforcer 2009-05-27 22:28:50 Inspecting registered Explorer bars
Information Registry enforcer 2009-05-27 22:28:35 Inspecting WinLogon notification handlers and modules loaded by WinLogon
Information Registry enforcer 2009-05-27 22:28:34 Inspecting WinSock registry (LSP Chain)
Information Registry enforcer 2009-05-27 22:28:33 Inspecting registered Browser Helper Objects (BHOs)
Information Process enforcer 2009-05-27 22:28:30 Starting process watcher
Block/Extraction Pop-up blocker 2009-05-27 19:50:50 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243450219883584&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-27 19:50:23 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243450219883584&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-27 19:50:17 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243450219883584&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-27 19:46:31 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243449966656963&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-27 19:46:16 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243449966656963&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-27 19:46:09 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243449966656963&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-27 19:46:05 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243449966656963&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-27 19:46:04 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=300x250&site=167876§ion_code=201788811&cb=1243449966656963&yrc=uk&ycg=f&yyob=1977
Information Home page protection 2009-05-27 19:44:39 Checking homepage... OK
Information Internet ExplorerSiteguard 2009-05-27 19:36:20 Inspecting registered Internet Explorer toolbars
Information Registry enforcer 2009-05-27 19:36:20 Inspecting registered Explorer bars
Information Registry enforcer 2009-05-27 19:36:04 Inspecting WinLogon notification handlers and modules loaded by WinLogon
Information Registry enforcer 2009-05-27 19:36:02 Inspecting WinSock registry (LSP Chain)
Information Registry enforcer 2009-05-27 19:36:01 Inspecting registered Browser Helper Objects (BHOs)
Information Process enforcer 2009-05-27 19:35:59 Starting process watcher
Block/Extraction NT Service enforcer 2009-05-27 16:20:32 Disabled service: messenger -
Block/Extraction NT Service enforcer 2009-05-27 16:20:30 Disabled service: messenger -
Block/Extraction Pop-up blocker 2009-05-27 16:07:05 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243435556179493&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-27 16:06:58 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243435556179493&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-27 16:03:59 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=425x600&site=167876§ion_code=201788847&cb=1243436641477777&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-27 16:03:45 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243435556179493&yrc=uk&ycg=f&yyob=1977
Information General 2009-05-27 15:47:34 SITEguard definition update 5.0.42.6 successfully applied.
Information Registry enforcer 2009-05-27 15:47:23 Inspecting WinSock registry (LSP Chain)
Information Registry enforcer 2009-05-27 15:47:22 Inspecting WinSock registry (LSP Chain)
Information Registry enforcer 2009-05-27 15:47:22 Inspecting WinSock registry (LSP Chain)
Information Internet ExplorerSiteguard 2009-05-27 15:47:21 Inspecting registered Internet Explorer toolbars
Information Registry enforcer 2009-05-27 15:47:21 Inspecting registered Explorer bars
Information Registry enforcer 2009-05-27 15:47:21 Inspecting registered Browser Helper Objects (BHOs)
Information General 2009-05-27 15:47:20 Request to update definitions completed successfully.
Information General 2009-05-27 15:47:07 Anti-Spyware Incremental definition update 5.0.42.6 successfully applied.
Block/Extraction Pop-up blocker 2009-05-27 15:46:44 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243435556179493&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-27 15:46:36 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243435556179493&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-27 15:46:19 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243435556179493&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-27 15:46:10 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243435556179493&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-27 15:46:01 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243435556179493&yrc=uk&ycg=f&yyob=1977
Information Home page protection 2009-05-27 15:43:16 Checking homepage... OK
Information Internet ExplorerSiteguard 2009-05-27 15:42:41 Inspecting registered Internet Explorer toolbars
Information Registry enforcer 2009-05-27 15:42:41 Inspecting registered Explorer bars
Information Registry enforcer 2009-05-27 15:42:29 Inspecting WinLogon notification handlers and modules loaded by WinLogon
Information Registry enforcer 2009-05-27 15:42:27 Inspecting WinSock registry (LSP Chain)
Information Registry enforcer 2009-05-27 15:42:26 Inspecting registered Browser Helper Objects (BHOs)
Information Process enforcer 2009-05-27 15:42:25 Starting process watcher
Information Internet ExplorerSiteguard 2009-05-27 15:39:18 Inspecting registered Internet Explorer toolbars
Information Registry enforcer 2009-05-27 15:39:18 Inspecting registered Explorer bars
Information Registry enforcer 2009-05-27 15:39:02 Inspecting WinLogon notification handlers and modules loaded by WinLogon
Information Registry enforcer 2009-05-27 15:39:00 Inspecting WinSock registry (LSP Chain)
Information Registry enforcer 2009-05-27 15:38:58 Inspecting registered Browser Helper Objects (BHOs)
Information Process enforcer 2009-05-27 15:38:56 Starting process watcher
Block/Extraction NT Service enforcer 2009-05-27 06:20:46 Disabled service: messenger -
Block/Extraction NT Service enforcer 2009-05-27 06:20:46 Disabled service: messenger -
Information Home page protection 2009-05-27 06:10:46 Checking homepage... OK
Information Internet ExplorerSiteguard 2009-05-27 05:57:09 Inspecting registered Internet Explorer toolbars
Information Registry enforcer 2009-05-27 05:57:09 Inspecting registered Explorer bars
Information Registry enforcer 2009-05-27 05:56:53 Inspecting WinLogon notification handlers and modules loaded by WinLogon
Information Registry enforcer 2009-05-27 05:56:51 Inspecting WinSock registry (LSP Chain)
Information Registry enforcer 2009-05-27 05:56:51 Inspecting registered Browser Helper Objects (BHOs)
Information Process enforcer 2009-05-27 05:56:48 Starting process watcher
Block/Extraction NT Service enforcer 2009-05-26 23:24:44 Disabled service: messenger -
Block/Extraction NT Service enforcer 2009-05-26 23:24:43 Disabled service: messenger -
Block/Extraction Pop-up blocker 2009-05-26 23:23:45 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=728x90&site=167876§ion_code=201788898&cb=1243375539855023&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-26 23:23:45 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243375535939113&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-26 23:08:25 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=728x90&site=167876§ion_code=201788898&cb=1243375539855023&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-26 23:08:24 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243375535939113&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-26 23:08:13 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=728x90&site=167876§ion_code=201788898&cb=1243375539855023&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-26 23:08:12 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243375535939113&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-26 23:05:45 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=728x90&site=167876§ion_code=201788898&cb=1243375539855023&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-26 23:05:45 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243375535939113&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-26 23:05:40 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=728x90&site=167876§ion_code=201788898&cb=1243375539855023&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-26 23:05:40 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243375535939113&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-26 23:05:34 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243375535939113&yrc=uk&ycg=f&yyob=1977
Information General 2009-05-26 19:17:01 Exploit definition update (05/26/2009 03:31 PM GMT) successfully applied.
Block/Extraction Pop-up blocker 2009-05-26 19:16:57 Removed file d:\documents and settings\caroline dexter.049924520170\desktop\rsit.exe
Block/Extraction Pop-up blocker 2009-05-26 19:16:03 Extracted package ExecVariant.C
Block/Extraction Pop-up blocker 2009-05-26 19:12:49 Blocked Pop-up: ad.uk.doubleclick.net/adi/n1238.adcom.quantum/b3015474.52;sz=300x250;click=http://servedby.advertising.com/click/site=0000756360/mnum=0000713936/cstr=83617493=_4a1c3122,8618033755,756360^713936^250^0,1_/xsxdata=$xsxdata/bnum=83617493/optn=64?trg=;ord=8618033755?
Block/Extraction Pop-up blocker 2009-05-26 19:10:58 Blocked Pop-up: ad.uk.doubleclick.net/adi/n1238.adcom.quantum/b3015474.57;sz=300x250;click=http://servedby.advertising.com/click/site=0000765890/mnum=0000713968/cstr=7280538=_4a1c30b3,3312142154,765890^713968^70^0,1_/xsxdata=$xsxdata/bnum=7280538/optn=64?trg=;ord=3312142154?
Block/Extraction Pop-up blocker 2009-05-26 19:09:19 Blocked Pop-up: ad.uk.doubleclick.net/adi/n1238.adcom.quantum/b3015474.52;sz=300x250;click=http://servedby.advertising.com/click/site=0000756360/mnum=0000713936/cstr=45670907=_4a1c3050,5030426200,756360^713936^250^0,1_/xsxdata=$xsxdata/bnum=45670907/optn=64?trg=;ord=5030426200?
Block/Extraction Pop-up blocker 2009-05-26 19:07:54 Blocked Pop-up: ad.uk.doubleclick.net/adi/n3434.ad.com/b3608060.3;sz=300x250;click=http://servedby.advertising.com/click/site=0000756351/mnum=0000704482/cstr=94570212=_4a1c2ffc,0157140044,756351^704482^250^0,1_/xsxdata=$xsxdata/bnum=94570212/optn=64?trg=;ord=0157140044?
Block/Extraction Pop-up blocker 2009-05-26 18:47:30 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243359316873582&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-26 18:47:22 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243359316873582&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-26 18:47:13 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243359316873582&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-26 18:46:51 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243359316873582&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-26 18:46:47 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243359316873582&yrc=uk&ycg=f&yyob=1977
Block/Extraction File enforcer 2009-05-26 18:37:29 Deleted file: d:\documents and settings\caroline dexter.049924520170\desktop\rsit.exe
Block/Extraction File enforcer 2009-05-26 18:37:29 Suppressed file: d:\documents and settings\caroline dexter.049924520170\desktop\rsit.exe
Block/Extraction Process enforcer 2009-05-26 18:37:29 Terminated process: (4408) d:\documents and settings\caroline dexter.049924520170\desktop\rsit.exe
Block/Extraction File enforcer 2009-05-26 18:36:21 Deleted file: d:\documents and settings\caroline dexter.049924520170\local settings\temporary internet files\content.ie5\m1qpaz0d\rsit[1].exe
Block/Extraction File enforcer 2009-05-26 18:36:20 Quarantined file: d:\documents and settings\caroline dexter.049924520170\local settings\temporary internet files\content.ie5\m1qpaz0d\rsit[1].exe
Block/Extraction Process enforcer 2009-05-26 18:36:20 Terminated process: (5828) d:\documents and settings\caroline dexter.049924520170\local settings\temporary internet files\content.ie5\m1qpaz0d\rsit[1].exe
Block/Extraction Pop-up blocker 2009-05-26 18:35:29 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243359316873582&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-26 18:35:22 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243359316873582&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-26 18:35:16 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243359316873582&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-26 18:31:29 Extracted package ExecVariant.C
Warning/Detection Process enforcer 2009-05-26 18:29:15 Monitoring process c:\program files\messenger\msmsgs.exe
Information Home page protection 2009-05-26 18:28:27 Checking homepage... OK
Information Internet ExplorerSiteguard 2009-05-26 18:27:16 Inspecting registered Internet Explorer toolbars
Information Registry enforcer 2009-05-26 18:27:15 Inspecting registered Explorer bars
Information Registry enforcer 2009-05-26 18:27:02 Inspecting WinLogon notification handlers and modules loaded by WinLogon
Information Registry enforcer 2009-05-26 18:27:01 Inspecting WinSock registry (LSP Chain)
Information Registry enforcer 2009-05-26 18:27:01 Inspecting registered Browser Helper Objects (BHOs)
Information Process enforcer 2009-05-26 18:27:00 Starting process watcher
Block/Extraction File enforcer 2009-05-26 17:52:48 Deleted file: d:\documents and settings\caroline dexter.049924520170\local settings\temporary internet files\content.ie5\zg40hnvx\rsit[1].exe
Block/Extraction File enforcer 2009-05-26 17:52:47 Quarantined file: d:\documents and settings\caroline dexter.049924520170\local settings\temporary internet files\content.ie5\zg40hnvx\rsit[1].exe
Block/Extraction Process enforcer 2009-05-26 17:52:47 Terminated process: (4436) d:\documents and settings\caroline dexter.049924520170\local settings\temporary internet files\content.ie5\zg40hnvx\rsit[1].exe
Block/Extraction File enforcer 2009-05-26 17:52:21 Deleted file: d:\documents and settings\caroline dexter.049924520170\local settings\temporary internet files\content.ie5\utzw8bcy\rsit[1].exe
Block/Extraction File enforcer 2009-05-26 17:52:20 Quarantined file: d:\documents and settings\caroline dexter.049924520170\local settings\temporary internet files\content.ie5\utzw8bcy\rsit[1].exe
Block/Extraction Process enforcer 2009-05-26 17:52:20 Terminated process: (5672) d:\documents and settings\caroline dexter.049924520170\local settings\temporary internet files\content.ie5\utzw8bcy\rsit[1].exe
Block/Extraction File enforcer 2009-05-26 17:51:36 Deleted file: d:\documents and settings\caroline dexter.049924520170\desktop\rsit.exe
Block/Extraction File enforcer 2009-05-26 17:51:36 Quarantined file: d:\documents and settings\caroline dexter.049924520170\desktop\rsit.exe
Block/Extraction Process enforcer 2009-05-26 17:51:35 Terminated process: (6128) d:\documents and settings\caroline dexter.049924520170\desktop\rsit.exe
Block/Extraction Pop-up blocker 2009-05-26 17:50:33 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243356614133479&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-26 17:50:20 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243356614133479&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-26 17:50:14 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243356614133479&yrc=uk&ycg=f&yyob=1977
Warning/Detection Process enforcer 2009-05-26 17:39:40 Monitoring process c:\program files\messenger\msmsgs.exe
Information Home page protection 2009-05-26 17:38:45 Checking homepage... OK
Information Internet ExplorerSiteguard 2009-05-26 17:37:56 Inspecting registered Internet Explorer toolbars
Information Registry enforcer 2009-05-26 17:37:56 Inspecting registered Explorer bars
Information Registry enforcer 2009-05-26 17:37:47 Inspecting WinLogon notification handlers and modules loaded by WinLogon
Information Registry enforcer 2009-05-26 17:37:45 Inspecting WinSock registry (LSP Chain)
Information Registry enforcer 2009-05-26 17:37:44 Inspecting registered Browser Helper Objects (BHOs)
Information Process enforcer 2009-05-26 17:37:43 Starting process watcher
Block/Extraction NT Service enforcer 2009-05-26 08:07:50 Disabled service: messenger -
Block/Extraction NT Service enforcer 2009-05-26 08:07:50 Disabled service: messenger -
Warning/Detection Process enforcer 2009-05-26 07:35:48 Monitoring process c:\program files\messenger\msmsgs.exe
Information Home page protection 2009-05-26 07:35:21 Checking homepage... OK
Information Internet ExplorerSiteguard 2009-05-26 07:26:10 Inspecting registered Internet Explorer toolbars
Information Registry enforcer 2009-05-26 07:26:10 Inspecting registered Explorer bars
Information Registry enforcer 2009-05-26 07:25:57 Inspecting WinLogon notification handlers and modules loaded by WinLogon
Information Registry enforcer 2009-05-26 07:25:55 Inspecting WinSock registry (LSP Chain)
Information Registry enforcer 2009-05-26 07:25:54 Inspecting registered Browser Helper Objects (BHOs)
Information Process enforcer 2009-05-26 07:25:52 Starting process watcher
Block/Extraction NT Service enforcer 2009-05-25 23:00:35 Disabled service: messenger -
Block/Extraction NT Service enforcer 2009-05-25 23:00:34 Disabled service: messenger -
Block/Extraction Pop-up blocker 2009-05-25 22:58:37 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243288705731219&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-25 22:58:31 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243288705731219&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-25 22:58:24 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243288705731219&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-25 21:53:17 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=728x90&site=167876§ion_code=201788898&cb=1243282662242685&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-25 21:53:16 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243282659084235&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-25 21:29:53 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=728x90&site=167876§ion_code=201788898&cb=1243282662242685&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-25 21:29:53 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243282659084235&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-25 21:26:22 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=728x90&site=167876§ion_code=201788898&cb=1243282662242685&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-25 21:26:22 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243282659084235&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-25 21:19:39 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=728x90&site=167876§ion_code=201788898&cb=1243282662242685&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-25 21:19:39 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243282659084235&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-25 21:19:34 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=728x90&site=167876§ion_code=201788898&cb=1243282662242685&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-25 21:19:34 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243282659084235&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-25 21:17:50 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=728x90&site=167876§ion_code=201788898&cb=1243282662242685&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-25 21:17:50 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243282659084235&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-25 21:17:43 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=728x90&site=167876§ion_code=201788898&cb=1243282662242685&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-25 21:17:43 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243282659084235&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-25 21:17:38 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=300x250&site=167876§ion_code=201788811&cb=1243282659084235&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-25 21:17:38 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243282659084235&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-25 20:49:14 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=728x90&site=167876§ion_code=201788898&cb=1243279347748808&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-25 20:49:14 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243279343867220&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-25 20:36:16 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=728x90&site=167876§ion_code=201788898&cb=1243279347748808&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-25 20:36:16 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243279343867220&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-25 20:36:06 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=728x90&site=167876§ion_code=201788898&cb=1243279347748808&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-25 20:36:06 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243279343867220&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-25 20:25:41 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=728x90&site=167876§ion_code=201788898&cb=1243279347748808&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-25 20:25:41 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243279343867220&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-25 20:25:33 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=425x600&site=167876§ion_code=201788847&cb=1243279535165943&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-25 20:22:52 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=728x90&site=167876§ion_code=201788898&cb=1243279347748808&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-25 20:22:52 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243279343867220&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-25 20:22:46 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=728x90&site=167876§ion_code=201788898&cb=1243279347748808&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-25 20:22:46 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243279343867220&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-25 20:22:29 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=728x90&site=167876§ion_code=201788898&cb=1243279347748808&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-25 20:22:28 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243279343867220&yrc=uk&ycg=f&yyob=1977
Block/Extraction Pop-up blocker 2009-05-25 20:22:23 Blocked Pop-up: ad.yieldmanager.com/st?ad_type=iframe&ad_size=180x150&site=167876§ion_code=201788619&cb=1243279343867220&yrc=uk&ycg=f&yyob=1977
Warning/Detection Process enforcer 2009-05-25 20:17:59 Monitoring process c:\program files\messenger\msmsgs.exe
Information Home page protection 2009-05-25 20:17:25 Checking homepage... OK
Information Internet ExplorerSiteguard 2009-05-25 20:16:31 Inspecting registered Internet Explorer toolbars
Information Registry enforcer 2009-05-25 20:16:31 Inspecting registered Explorer bars
Information Registry enforcer 2009-05-25 20:16:20 Inspecting WinLogon notification handlers and modules loaded by WinLogon
Information Registry enforcer 2009-05-25 20:16:17 Inspecting WinSock registry (LSP Chain)
Information Registry enforcer 2009-05-25 20:16:17 Inspecting registered Browser Helper Objects (BHOs)
Information Process enforcer 2009-05-25 20:16:15 Starting process watcher
Block/Extraction NT Service enforcer 2009-05-25 20:14:38 Disabled service: messenger -
Block/Extraction NT Service enforcer 2009-05-25 20:14:34 Disabled service: messenger -
Information Registry enforcer 2009-05-25 19:10:42 Inspecting WinLogon notification handlers and modules loaded by WinLogon
Information Registry enforcer 2009-05-25 19:10:42 Inspecting WinLogon notification handlers and modules loaded by WinLogon
Information Registry enforcer 2009-05-25 19:10:42 Inspecting WinLogon notification handlers and modules loaded by WinLogon
Information Registry enforcer 2009-05-25 19:10:42 Inspecting WinSock registry (LSP Chain)
Information Registry enforcer 2009-05-25 19:10:42 Inspecting WinLogon notification handlers and modules loaded by WinLogon
Information Registry enforcer 2009-05-25 19:10:42 Inspecting WinSock registry (LSP Chain)
Information Registry enforcer 2009-05-25 19:08:02 Inspecting WinLogon notification handlers and modules loaded by WinLogon
Information Registry enforcer 2009-05-25 19:07:58 Inspecting WinSock registry (LSP Chain)
Information General 2009-05-25 19:07:38 Completed system scan.
Thanks
)
