Home / Software / Computer viruses and spyware / Re: CID Pop-ups ??
0 Members and 2 Guests are viewing this topic. « previous next »
Pages: 1 2 [All] - (Bottom) Print
Author Topic: Re: CID Pop-ups ??  (Read 1243 times)
Trisha
Topic Starter
Rookie



Posts: 36
« on: April 30, 2009, 11:13:25 AM »
Quote from: Broni on January 06, 2008, 09:10:31 PM
1. Run free ESET Online Scanner at: http://www.eset.com/onlinescan/
Note: This Scanner is for Internet Explorer Only
   1.  You will notice that the "Start" button is grayed out. Place a check mark at "Yes, I accept the Terms of use". The "Start" button will become visible. Click on it.
   2. If it wants to install an ActiveX component allow it
   3. You will be asked to install an ActiveX, click the "Install" button (Note: If you have a Firewall install you may have to approve the installation)
   4. Once ActiveX control is installed click on the "Start" button to initialize the scanner
   5. After initialization is complete uncheck\untick "Remove found threats"
   6. Check\tick "Scan unwanted applications"
   7. Click the "Scan" button
   8. Once the scan is done, you will find a log in C:\Program Files\esetonlinescanner\log.txt
Post ESET's log.

2. Download SUPERAntiSpyware Free for Home Users:
http://www.superantispyware.com/

Print these instructions out.

    * Double-click SUPERAntiSpyware.exe and use the default settings for installation.
    * An icon will be created on your desktop. Double-click that icon to launch the program.
    * If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here: http://www.superantispyware.com/definitions.html.)
    * Close SUPERAntiSpyware.

Restart computer in Safe Mode.
To enter Safe Mode, restart computer, and keep tapping F8 key, until menu appears; pick Safe Mode; you'll see "Safe Mode" in all four corners of your screen

    * Open SUPERAntiSpyware.
    * Under "Configuration and Preferences", click the Preferences button.
    * Click the Scanning Control tab.
    * Under Scanner Options make sure the following are checked (leave all others unchecked):
          o Close browsers before scanning.
          o Scan for tracking cookies.
          o Terminate memory threats before quarantining.
    * Click the "Close" button to leave the control center screen.
    * Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
    * On the left, make sure you check C:\Fixed Drive.
    * On the right, under "Complete Scan", choose Perform Complete Scan.
    * Click "Next" to start the scan. Please be patient while it scans your computer.
    * After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
    * Make sure everything has a checkmark next to it and click "Next".
    * A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
    * If asked if you want to reboot, click "Yes".
    * To retrieve the removal information after reboot, launch SUPERAntispyware again.
          o Click Preferences, then click the Statistics/Logs tab.
          o Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
          o If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
          o Please copy and paste the Scan Log results in your next reply with a new HijackThis log.
    * Click Close to exit the program.
Post SUPERAntiSpyware log.

3. Download HijackThis:
http://www.snapfiles.com/get/hijackthis.html
Post HijackThis log.
# version=4
# OnlineScanner.ocx=1.0.0.635
# OnlineScannerDLLA.dll=1, 0, 0, 79
# OnlineScannerDLLW.dll=1, 0, 0, 78
# OnlineScannerUninstaller.exe=1, 0, 0, 49
# vers_standard_module=4046 (20090430)
# vers_arch_module=1.064 (20080214)
# vers_adv_heur_module=1.066 (20070917)
# EOSSerial=17763d4c967b6e4fb36b45e379badf3b
# end=finished
# remove_checked=false
# unwanted_checked=true
# utc_time=2009-04-30 05:12:09
# local_time=2009-04-30 12:12:09 (-0600, Central Daylight Time)
# country="United States"
# osver=5.1.2600 NT Service Pack 3
# scanned=1227962
# found=3
# scan_time=5933
C:\System Volume Information\_restore{49D3E913-78B0-4164-8BCA-6B6BFE85D9F9}\RP331\A0055412.exe   probably a variant of Win32/Genetik trojan   2270A362B8379B57B49C51D118330645
C:\System Volume Information\_restore{49D3E913-78B0-4164-8BCA-6B6BFE85D9F9}\RP331\A0055415.exe   probably a variant of Win32/Adware.SAHAgent application   49F39165BB8CB6F3CB79DF72683069FB
C:\System Volume Information\_restore{49D3E913-78B0-4164-8BCA-6B6BFE85D9F9}\RP332\A0055418.exe   probably a variant of Win32/Genetik trojan   94B5EC8F9EB168DEAD0187E20519C75A
IP logged
evilfantasy
Malware Removal Specialist
Moderator
Genius



Thanked: 462
Posts: 11,769

Experience: Beginner
OS: Windows 7


Calm like a bomb

evilfantasy's blog
« Reply #1 on: April 30, 2009, 11:17:33 AM »
Hi Trisha and welcome to CH. I moved your post into a new topic so it will be easier to work.

Please follow these instructions.

Download Lop S&D by Eric_71 and save it to your Desktop. Lop S&D will only run on Windows XP and Windows Vista

Disable your antivirus and antimalware programs so they do not interfere with the running of Lop S&D. If needed see: How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Double click LopSD.exe - If you are using Windows Vista, right-click on the LopSD icon and select Run as administrator to perform this scan.

  • Choose the language by typing of the corresponding letter and press Enter
  • Click OK at the informative window
  • Type 1, to choose Option 1 (Search) then press Enter
  • Wait until the end of the scan
  • A report will be generated, post the contents of it in your next reply.
.
A copy of the report can be found at this location: %systemdrive%\lopR.txt, in most cases C:\lopR.txt
IP logged


ƃolq
Trisha
Topic Starter
Rookie



Posts: 36
« Reply #2 on: April 30, 2009, 02:12:08 PM »
ok i have done all that how ever when i ran the hijack this and went to open the log file to to post their was nothing in the log file did i do something wrong ??
I am still getting the CiD ad popups please help
IP logged
evilfantasy
Malware Removal Specialist
Moderator
Genius



Thanked: 462
Posts: 11,769

Experience: Beginner
OS: Windows 7


Calm like a bomb

evilfantasy's blog
« Reply #3 on: April 30, 2009, 02:16:42 PM »
Follow my instructions for running Lop S&D please.
IP logged


ƃolq
Trisha
Topic Starter
Rookie



Posts: 36
« Reply #4 on: April 30, 2009, 03:10:15 PM »
SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 04/30/2009 at 02:21 PM

Application Version : 4.26.1002

Core Rules Database Version : 3872
Trace Rules Database Version: 1820

Scan type       : Complete Scan
Total Scan Time : 01:32:23

Memory items scanned      : 537
Memory threats detected   : 0
Registry items scanned    : 8290
Registry threats detected : 4
File items scanned        : 119728
File threats detected     : 149

Adware.ShopAtHomeSelect
   HKU\S-1-5-21-789336058-1563985344-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}

Adware.Tracking Cookie
   C:\Documents and Settings\Andy\Cookies\andy@stats3.mbmii[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@ad1.king[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@socialmedia[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@realmedia[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@collective-media[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@tribalfusion[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@web-stat[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@msnbc.112.2o7[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@mycounter.tinycounter[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@network.realmedia[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@cooking.adbureau[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@ads.cnn[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@avgtechnologies.112.2o7[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@cookingcom.112.2o7[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@login.tracking101[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@247realmedia[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@a1.interclick[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@viacom.adbureau[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@insightexpressai[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@e-2dj6wfmiaicpgdo.stats.esomniture[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@adinterax[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@roiservice[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@timeinc.122.2o7[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@specificclick[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@e-2dj6wjliagazkeq.stats.esomniture[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@discounts.shopathome[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@onlinerewardcenter[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@adserver.adreactor[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@e-2dj6wdlywpazifp.stats.esomniture[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@ar.atwola[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@revsci[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@adserver.adtechus[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@specificmedia[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@www.mynortonaccount[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@www.tltrack[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@stats.adbrite[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@adlegend[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@ads.sun[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@www.googleadservices[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@subarucom.112.2o7[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@azjmp[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@nextag[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@precisionclick[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@ads.pointroll[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@msnportal.112.2o7[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@electronicarts.112.2o7[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@sparknetworks.112.2o7[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@ad.yieldmanager[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@interclick[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@bs.serving-sys[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@ads.addynamix[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@s.clickability[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@www.burstbeacon[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@tacoda[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@adserve.internetgiveawaygroup[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@yieldmanager[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@ads.nascar[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@trafficmp[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@questionmarket[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@richmedia.yahoo[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@media6degrees[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@accountnow[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@rotator.adjuggler[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@e-2dj6wfk4olc5efo.stats.esomniture[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@dc.tremormedia[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@serving-sys[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@www.socialtrack[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@qksrv[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@www.googleadservices[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@lynxtrack[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@e-2dj6wjmyolcjifo.stats.esomniture[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@server.iad.liveperson[3].txt
   C:\Documents and Settings\Andy\Cookies\andy@e-2dj6wdk4oocpgko.stats.esomniture[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@adserving.ezanga[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@ad.adconsole[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@advertising.healthguru[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@ad.zanox[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@imperium.adbureau[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@iacas.adbureau[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@adopt.specificclick[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@ad3.clickhype[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@dmtracker[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@ads.bootcampmedia[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@trafficdashboard[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@hearstmagazines.112.2o7[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@pro-market[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@ads.financialcontent[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@daisytradition[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@mediaonenetwork[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@ad.m5prod[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@vimby.adbureau[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@sexhealthguru[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@microsoftinternetexplorer.112.2o7[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@www.movableadnetwork[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@microsoftmachinetranslation.112.2o7[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@ads.react2media[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@more-banners[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@adtech[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@cdn4.specificclick[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@zillow.adbureau[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@tracking.foundry42[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@affiliate.kitaramedia[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@roadandtrack[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@www.googleadservices[4].txt
   C:\Documents and Settings\Andy\Cookies\andy@divx.112.2o7[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@media.mtvnservices[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@ads.lucidmedia[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@rotator.adjuggler[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@adserving.autotrader[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@www.googleadservices[3].txt
   C:\Documents and Settings\Andy\Cookies\andy@server.iad.liveperson[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@ads.tbs[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@coolsavings[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@adecn[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@chitika[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@sales.liveperson[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@www.sexhealthguru[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@find.myrecipes[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@kontera[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@edge.ru4[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@counter.surfcounters[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@gad.adclick.co[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@www8.addfreestats[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@microsoftwindows.112.2o7[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@ads.mediamayhemcorp[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@homestore.122.2o7[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@ads.glispa[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@adserver.racingone[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@microsoftwlmessengermkt.112.2o7[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@mkt10.122.2o7[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@myroitracking[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@sales.liveperson[3].txt
   C:\Documents and Settings\Andy\Cookies\andy@sales.liveperson[4].txt
   C:\Documents and Settings\Andy\Cookies\andy@adbrite[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@tracking.realtor[1].txt
   C:\Documents and Settings\Andy\Cookies\andy@banner.buysheerskin[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@ad.m5prod[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@media6degrees[2].txt
   C:\Documents and Settings\Andy\Cookies\andy@richmedia.yahoo[2].txt

Rogue.Component/Trace
   HKU\S-1-5-21-789336058-1563985344-725345543-1004\Software\09018090395705809450117213107926\Options
   HKU\S-1-5-21-789336058-1563985344-725345543-1004\Software\09018090395705809450117213107926\Options#Aff
   HKU\S-1-5-21-789336058-1563985344-725345543-1004\Software\09018090395705809450117213107926

Trojan.Unclassified/Loader-Suspicious
   C:\DOCUMENTS AND SETTINGS\ANDY\MY DOCUMENTS\NEW FOLDER\LOADER.EXE
   C:\SW2007SDKVISTA\LOADER.EXE

Trace.Known Threat Sources
   C:\Documents and Settings\Andy\Local Settings\Temporary Internet Files\Content.IE5\TUL22RZ5\shopica_logo_top[1].gif
   C:\Documents and Settings\Andy\Local Settings\Temporary Internet Files\Content.IE5\TUL22RZ5\sp[1].gif
   C:\Documents and Settings\Andy\Local Settings\Temporary Internet Files\Content.IE5\TUL22RZ5\js[2].js
   C:\Documents and Settings\Andy\Local Settings\Temporary Internet Files\Content.IE5\9CHMIHH6\footer_dots[1].gif
   C:\Documents and Settings\Andy\Local Settings\Temporary Internet Files\Content.IE5\9CHMIHH6\style[2].css
   C:\Documents and Settings\Andy\Local Settings\Temporary Internet Files\Content.IE5\IDDLGFQF\l.s.bg1z[1].gif
   C:\Documents and Settings\Andy\Local Settings\Temporary Internet Files\Content.IE5\LW98PJCV\l.s.bg2z[1].gif
   C:\Documents and Settings\Andy\Local Settings\Temporary Internet Files\Content.IE5\2PMKSCGZ\shopica_logo_bott[1].gif
Malwarebytes' Anti-Malware 1.36
Database version: 2062
Windows 5.1.2600 Service Pack 3

4/30/2009 4:12:02 PM
mbam-log-2009-04-30 (16-11-51).txt

Scan type: Full Scan (C:\|E:\|)
Objects scanned: 213647
Time elapsed: 1 hour(s), 4 minute(s), 21 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 7
Files Infected: 233

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{b26caa68-6ebf-4a30-a0f0-0a0bfe3da5dd} (Rogue.RegistryDefender5) -> No action taken.
HKEY_CLASSES_ROOT\downloader.downloaderctrl.1 (Adware.2020search) -> No action taken.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search\Local Page (Hijack.Search) -> Bad: (http://www2.iesearch.com/) Good: (http://www.google.com/) -> No action taken.

Folders Infected:
C:\Documents and Settings\Andy\Start Menu\Programs\Registry Defender (Rogue.Registry.Defender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0 (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100 (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse (Rogue.RegistryDefender) -> No action taken.
C:\ProgramData\RD Platinum v5.0 (Rogue.RegistryDefender) -> No action taken.
C:\ProgramData\RD Platinum v5.0\backup (Rogue.RegistryDefender) -> No action taken.

Files Infected:
C:\Program Files\Angle Interactive\RD Platinum v5.0\RDPlatinumv5.exe (Rogue.RegistryDefender5) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\Uninstall.exe (Rogue.RegistryDefender5) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\Updater.exe (Rogue.RegistryDefender5) -> No action taken.
C:\Documents and Settings\Andy\Start Menu\Programs\Registry Defender\Customer Support.lnk (Rogue.Registry.Defender) -> No action taken.
C:\Documents and Settings\Andy\Start Menu\Programs\Registry Defender\RD Platinum v5.lnk (Rogue.Registry.Defender) -> No action taken.
C:\Documents and Settings\Andy\Start Menu\Programs\Registry Defender\User Guide.lnk (Rogue.Registry.Defender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\Customer Support.url (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\INSTALL.LOG (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\install.sss (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\RDPlatinumv5.exe.manifest (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\User Guide.url (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-1.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-10.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-11.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-12.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-13.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-14.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-15.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-16.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-17.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-18.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-19.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-2.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-20.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-21.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-22.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-23.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-24.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-25.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-26.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-27.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-28.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-29.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-3.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-30.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-31.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-32.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-33.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-34.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-35.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-36.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-37.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-38.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-39.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-4.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-40.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-41.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-42.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-43.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-44.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-45.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-46.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-47.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-48.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-49.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-5.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-50.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-6.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-7.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-8.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-9.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\Thumbs.db (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-0.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-1.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-10.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-100.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-11.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-12.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-13.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-14.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-15.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-16.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-17.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-18.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-19.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-2.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-20.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-21.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-22.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-23.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-24.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-25.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-26.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-27.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-28.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-29.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-3.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-30.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-31.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-32.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-33.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-34.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-35.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-36.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-37.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-38.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-39.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-4.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-40.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-41.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-42.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-43.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-44.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-45.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-46.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-47.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-48.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-49.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-5.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-50.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-51.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-52.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-53.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-54.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-55.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-56.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-57.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-58.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-59.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-6.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-60.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-61.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-62.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-63.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-64.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-65.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-66.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-67.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-68.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-69.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-7.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-70.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-71.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-72.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-73.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-74.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-75.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-76.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-77.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-78.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-79.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-8.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-80.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-81.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-82.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-83.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-84.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-85.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-86.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-87.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-88.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-89.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-9.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-90.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-91.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-92.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-93.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-94.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-95.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-96.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-97.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-98.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-99.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\Thumbs.db (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-0.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-1.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-10.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-11.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-12.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-13.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-14.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-15.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-16.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-17.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-18.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-19.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-2.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-20.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-21.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-22.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-23.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-24.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-25.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-26.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-27.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-28.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-29.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-3.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-30.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-31.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-32.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-33.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-34.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-35.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-36.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-37.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-38.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-39.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-4.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-40.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-41.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-42.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-43.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-44.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-45.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-46.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-47.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-48.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-49.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-5.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-50.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-51.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-52.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-53.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-54.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-55.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-56.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-57.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-58.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-59.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-6.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-60.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-61.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-62.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-63.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-64.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-65.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-7.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-8.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-9.jpg (Rogue.RegistryDefender) -> No action taken.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\Thumbs.db (Rogue.RegistryDefender) -> No action taken.
C:\ProgramData\RD Platinum v5.0\report.csv (Rogue.RegistryDefender) -> No action taken.
C:\ProgramData\RD Platinum v5.0\backup\4_13_2009.reg (Rogue.RegistryDefender) -> No action taken.
IP logged
Trisha
Topic Starter
Rookie



Posts: 36
« Reply #5 on: April 30, 2009, 03:17:35 PM »
will do. I am doing the lop thing now
I have a log for the hijack this i just can not get it to copy and paste did i do something wrong
I am just lost at this point and have sat way t long at the computer just getting frustrated sorry
IP logged
Trisha
Topic Starter
Rookie



Posts: 36
« Reply #6 on: April 30, 2009, 03:19:01 PM »
Lop S&D file --------------------\\  Lop S&D 4.2.5-0   XP/Vista

   Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 3
   X86-based PC ( Multiprocessor Free : AMD Athlon(tm)64 X2 Dual Core Processor  4400+ )
   BIOS : BIOS Date: 10/26/06 18:30:08 Ver: 08.00.12
   USER : Andy ( Administrator )
   BOOT : Normal boot
   Antivirus : AVG Anti-Virus Free 8.0 (Activated)
   C:\ (Local Disk) - NTFS - Total:74 Go (Free:8 Go)
   D:\ (CD or DVD)
   E:\ (Local Disk) - NTFS - Total:232 Go (Free:176 Go)
   J:\ (CD or DVD)

   "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
   Option : [1] ( Thu 04/30/2009|16:20 )
 
   --------------------\\  Listing folders in APPLIC~1

   [04/13/2009|11:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          {7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
   [10/31/2008|10:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          {D5ABFFAD-D592-4F98-B02B-587125B4801F}
   [12/27/2008|12:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          acccore
   [01/09/2009|10:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          Adobe
   [07/20/2008|09:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          Ahead
   [12/27/2008|12:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          AIM Toolbar
   [12/27/2008|12:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          AOL
   [12/27/2008|12:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          AOL OCP
   [07/11/2008|11:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          Apple
   [07/11/2008|11:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          Apple Computer
   [03/02/2009|12:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          Autodesk
   [01/31/2009|09:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          Avg8
   [10/31/2008|09:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          AVS4YOU
   [02/06/2009|11:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          BufferZone
   [07/20/2008|11:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          CyberLink
   [02/06/2009|11:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          DassaultSystemes
   [10/31/2008|10:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          DriverScanner
   [01/09/2009|10:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          FLEXnet
   [04/27/2009|12:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          FloodLightGames
   [11/27/2008|09:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          Google
   [04/30/2009|11:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          Google Updater
   [11/27/2008|12:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          IM
   [11/27/2008|12:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          IncrediMail
   [08/27/2008|09:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          InstallShield
   [12/11/2008|01:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          InterAction studios
   [04/13/2009|01:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          INTERNET SPAM SUPPORT AUDIO
   [12/11/2008|02:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          iWin Games
   [07/11/2008|11:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          Lavasoft
   [08/27/2008|07:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          LightScribe
   [03/26/2009|10:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          LogiShrd
   [03/26/2009|10:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          Logitech
   [12/28/2008|05:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          Macrovision
   [04/30/2009|03:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          Malwarebytes
   [03/14/2009|01:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          Microsoft
   [11/12/2008|04:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          NeoEdge Networks
   [07/20/2008|09:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          Nero
   [07/20/2008|08:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          nView_Profiles
   [08/03/2008|01:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          PC Drivers HeadQuarters
   [04/27/2009|03:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          PlayFirst
   [04/27/2009|03:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          RealArcade
   [08/27/2008|09:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          Roxio
   [08/27/2008|09:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          Sonic
   [10/29/2008|10:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          SonyPicturesGames
   [04/15/2009|01:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          Spybot - Search & Destroy
   [04/30/2009|12:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          SUPERAntiSpyware.com
   [04/28/2009|06:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          TEMP
   [07/29/2008|03:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          Trymedia
   [12/27/2008|12:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          Viewpoint
   [07/11/2008|11:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          Windows Genuine Advantage
   [02/10/2009|02:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          Yahoo!
   [01/19/2009|03:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          Yahoo! Companion

   [12/27/2008|12:57] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          acccore
   [01/10/2009|09:07] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          Adobe
   [01/15/2009|04:09] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          Ahead
   [08/06/2008|08:22] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          Apple Computer
   [07/12/2008|01:33] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          Auslogics
   [03/02/2009|12:47] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          Autodesk
   [10/31/2008|09:34] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          AVS4YOU
   [07/11/2008|11:50] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          Camtech
   [01/03/2009|08:50] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          com.adobe.mauby.4875E02D9FB21EE389F73B8 D1702B320485DF8CE.1
   [07/21/2008|12:23] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          CyberLink
   [02/06/2009|11:52] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          DassaultSystemes
   [07/30/2008|06:57] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          DivX
   [03/16/2009|10:56] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          dvdcss
   [02/06/2009|11:52] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          EDrawings
   [04/27/2009|12:32] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          FloodLightGames
   [07/22/2008|10:12] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          Google
   [01/01/2009|10:31] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          Help
   [07/11/2008|10:04] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          Identities
   [03/26/2009|10:16] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          InstallShield
   [04/15/2009|12:32] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          Joost
   [03/26/2009|10:17] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          Logitech
   [11/12/2008|04:15] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          Macromedia
   [04/30/2009|03:04] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          Malwarebytes
   [10/31/2008|09:45] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          Media Player Classic
   [01/18/2009|12:36] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          Microsoft
   [10/17/2008|10:32] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          Move Networks
   [07/11/2008|11:37] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          Mozilla
   [03/02/2009|09:16] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          OpenOffice.org2
   [04/27/2009|03:48] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          PlayFirst
   [03/20/2009|12:41] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          Roxio
   [07/11/2008|11:19] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          Sun
   [04/30/2009|12:28] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          SUPERAntiSpyware.com
   [04/22/2009|10:19] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          U3
   [10/31/2008|10:05] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          Uniblue
   [04/13/2009|02:31] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          vlc
   [12/06/2008|10:54] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          Vso
   [10/30/2008|09:42] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          Yahoo!

   [07/11/2008|09:58] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR>          Microsoft

   [01/18/2009|12:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR>          Microsoft
   [08/27/2008|09:28] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR>          Roxio

   [01/18/2009|12:36] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR>          Microsoft
 
   --------------------\\  Scheduled Tasks located in C:\WINDOWS\Tasks

   [04/27/2009 11:48 PM][--a------] C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
   [04/30/2009 04:00 PM][--ah-----] C:\WINDOWS\tasks\8069061C808AB104.job
   [04/30/2009 02:59 PM][--a------] C:\WINDOWS\tasks\Google Software Updater.job
   [04/30/2009 01:40 AM][--a------] C:\WINDOWS\tasks\Norton Security Scan for Andy.job
   [04/30/2009 02:31 PM][--ah-----] C:\WINDOWS\tasks\MP Scheduled Scan.job
   [04/30/2009 02:27 PM][--ah-----] C:\WINDOWS\tasks\SA.DAT
   [08/04/2004 07:00 AM][-r-h-----] C:\WINDOWS\tasks\desktop.ini

   ( 8069061C808AB104.job )=( c:\docume~1\andy\applic~1\signba~1\AtomKindClock.exe )

   --------------------\\  Listing Folders in C:\Program Files

   [01/09/2009|10:24] C:\Program Files\<DIR>          Adobe
   [12/27/2008|12:57] C:\Program Files\<DIR>          AIM Toolbar
   [12/27/2008|12:57] C:\Program Files\<DIR>          AIM6
   [07/11/2008|10:56] C:\Program Files\<DIR>          Analog Devices
   [04/13/2009|11:43] C:\Program Files\<DIR>          Angle Interactive
   [03/02/2009|12:47] C:\Program Files\<DIR>          AnswerWorks 4.0
   [07/11/2008|11:40] C:\Program Files\<DIR>          Apple Software Update
   [07/23/2008|10:09] C:\Program Files\<DIR>          Ares
   [07/11/2008|11:49] C:\Program Files\<DIR>          Auslogics
   [03/02/2009|12:00] C:\Program Files\<DIR>          AutoCAD 2004
   [03/02/2009|12:49] C:\Program Files\<DIR>          Autodesk
   [07/11/2008|11:11] C:\Program Files\<DIR>          AVG
   [01/18/2009|12:07] C:\Program Files\<DIR>          AVS4YOU
   [07/11/2008|11:41] C:\Program Files\<DIR>          Bonjour
   [07/11/2008|11:50] C:\Program Files\<DIR>          Camtech
   [07/11/2008|11:43] C:\Program Files\<DIR>          CCleaner
   [04/30/2009|02:51] C:\Program Files\<DIR>          Common Files
   [07/11/2008|09:55] C:\Program Files\<DIR>          ComPlus Applications
   [07/20/2008|11:07] C:\Program Files\<DIR>          CyberLink
   [11/02/2008|11:53] C:\Program Files\<DIR>          DIFX
   [04/12/2009|04:48] C:\Program Files\<DIR>          DivX
   [01/14/2009|09:17] C:\Program Files\<DIR>          dvd43
   [11/19/2008|03:43] C:\Program Files\<DIR>          DVDFab 5
   [01/03/2009|08:42] C:\Program Files\<DIR>          ElcomSoft
   [04/30/2009|12:12] C:\Program Files\<DIR>          EsetOnlineScanner
   [11/27/2008|09:40] C:\Program Files\<DIR>          Google
   [03/26/2009|10:16] C:\Program Files\<DIR>          InstallShield Installation Information
   [03/27/2009|09:52] C:\Program Files\<DIR>          Intel Desktop Board
   [08/27/2008|09:28] C:\Program Files\<DIR>          InterActual
   [04/30/2009|09:15] C:\Program Files\<DIR>          Internet Explorer
   [07/11/2008|11:50] C:\Program Files\<DIR>          IObit
   [07/11/2008|11:41] C:\Program Files\<DIR>          iPod
   [07/11/2008|11:41] C:\Program Files\<DIR>          iTunes
   [04/30/2009|03:41] C:\Program Files\<DIR>          Java
   [07/20/2008|11:31] C:\Program Files\<DIR>          Joost
   [11/09/2008|12:01] C:\Program Files\<DIR>          JoshMadison
   [04/13/2009|11:42] C:\Program Files\<DIR>          Lavasoft
   [03/26/2009|10:16] C:\Program Files\<DIR>          Logitech
   [11/02/2008|11:55] C:\Program Files\<DIR>          LogWorks3
   [04/30/2009|03:03] C:\Program Files\<DIR>          Malwarebytes' Anti-Malware
   [08/14/2008|07:43] C:\Program Files\<DIR>          Messenger
   [03/14/2009|01:48] C:\Program Files\<DIR>          Microsoft
   [07/11/2008|09:58] C:\Program Files\<DIR>          microsoft frontpage
   [12/27/2008|02:01] C:\Program Files\<DIR>          Microsoft Office
   [04/21/2009|03:47] C:\Program Files\<DIR>          Microsoft Silverlight
   [07/11/2008|10:41] C:\Program Files\<DIR>          Movie Maker
   [04/29/2009|08:06] C:\Program Files\<DIR>          Mozilla Firefox
   [04/30/2009|09:18] C:\Program Files\<DIR>          MSBuild
   [11/09/2008|10:10] C:\Program Files\<DIR>          MSECache
   [03/14/2009|01:47] C:\Program Files\<DIR>          MSN
   [07/11/2008|09:55] C:\Program Files\<DIR>          MSN Gaming Zone
   [07/21/2008|08:40] C:\Program Files\<DIR>          MSXML 4.0
   [07/12/2008|07:45] C:\Program Files\<DIR>          Nero
   [08/24/2008|01:09] C:\Program Files\<DIR>          NETGEAR
   [07/11/2008|10:40] C:\Program Files\<DIR>          NetMeeting
   [04/30/2009|03:33] C:\Program Files\<DIR>          NoAdware
   [04/29/2009|10:00] C:\Program Files\<DIR>          Norton Security Scan
   [04/28/2009|06:14] C:\Program Files\<DIR>          Oberon Media
   [07/11/2008|09:55] C:\Program Files\<DIR>          Online Services
   [11/02/2008|11:52] C:\Program Files\<DIR>          OpenECU
   [07/11/2008|11:42] C:\Program Files\<DIR>          OpenOffice.org 2.4
   [07/11/2008|10:40] C:\Program Files\<DIR>          Outlook Express
   [12/27/2008|12:48] C:\Program Files\<DIR>          OU-VPN
   [03/26/2009|09:56] C:\Program Files\<DIR>          PC Drivers HeadQuarters
   [07/11/2008|11:40] C:\Program Files\<DIR>          QuickTime
   [04/27/2009|04:51] C:\Program Files\<DIR>          RealArcade
   [04/30/2009|09:18] C:\Program Files\<DIR>          Reference Assemblies
   [11/02/2008|11:49] C:\Program Files\<DIR>          RomRaider
   [08/27/2008|09:06] C:\Program Files\<DIR>          Roxio
   [08/27/2008|09:05] C:\Program Files\<DIR>          SightSpeed
   [04/13/2009|01:08] C:\Program Files\<DIR>          sign balm long
   [07/11/2008|11:44] C:\Program Files\<DIR>          Spybot - Search & Destroy
   [08/04/2008|07:49] C:\Program Files\<DIR>          Super DVD Creator 8.5
   [04/30/2009|12:28] C:\Program Files\<DIR>          SUPERAntiSpyware
   [08/05/2008|11:19] C:\Program Files\<DIR>          SystemRequirementsLab
   [04/30/2009|03:58] C:\Program Files\<DIR>          Trend Micro
   [07/21/2008|11:15] C:\Program Files\<DIR>          TVAnts
   [10/31/2008|10:05] C:\Program Files\<DIR>          Uniblue
   [03/27/2009|09:54] C:\Program Files\<DIR>          Unibrain
   [12/27/2008|02:06] C:\Program Files\<DIR>          Uninstall Information
   [10/31/2008|12:22] C:\Program Files\<DIR>          VideoLAN
   [12/27/2008|12:57] C:\Program Files\<DIR>          Viewpoint
   [07/11/2008|11:54] C:\Program Files\<DIR>          Windows Defender
   [07/12/2008|12:45] C:\Program Files\<DIR>          Windows Media Connect 2
   [07/12/2008|12:45] C:\Program Files\<DIR>          Windows Media Player
   [07/11/2008|10:40] C:\Program Files\<DIR>          Windows NT
   [07/11/2008|09:57] C:\Program Files\<DIR>          WindowsUpdate
   [08/29/2008|07:39] C:\Program Files\<DIR>          WMPCI54G WLAN Monitor
   [07/11/2008|09:58] C:\Program Files\<DIR>          xerox
   [08/27/2008|09:05] C:\Program Files\<DIR>          Xingtone
   [10/31/2008|09:44] C:\Program Files\<DIR>          XP Codec Pack
   [04/13/2009|01:10] C:\Program Files\<DIR>          XtalViD-Codec
   [04/13/2009|02:21] C:\Program Files\<DIR>          Xvid
   [04/13/2009|12:51] C:\Program Files\<DIR>          Xvid Decoder
   [02/10/2009|02:27] C:\Program Files\<DIR>          Yahoo!

   --------------------\\  Listing Folders in C:\Program Files\Common Files

   [01/09/2009|10:27] C:\Program Files\Common Files\<DIR>          Adobe
   [07/19/2008|09:14] C:\Program Files\Common Files\<DIR>          Adobe AIR
   [07/29/2008|03:48] C:\Program Files\Common Files\<DIR>          Ahead
   [12/27/2008|12:56] C:\Program Files\Common Files\<DIR>          AOL
   [07/11/2008|11:40] C:\Program Files\Common Files\<DIR>          Apple
   [03/02/2009|12:51] C:\Program Files\Common Files\<DIR>          Autodesk Shared
   [01/18/2009|12:07] C:\Program Files\Common Files\<DIR>          AVSMedia
   [12/27/2008|02:02] C:\Program Files\Common Files\<DIR>          Designer
   [12/27/2008|12:48] C:\Program Files\Common Files\<DIR>          Deterministic Networks
   [04/12/2009|04:47] C:\Program Files\Common Files\<DIR>          DivX Shared
   [08/27/2008|08:55] C:\Program Files\Common Files\<DIR>          InstallShield
   [07/11/2008|11:20] C:\Program Files\Common Files\<DIR>          Java
   [07/19/2008|11:05] C:\Program Files\Common Files\<DIR>          LightScribe
   [03/27/2009|09:43] C:\Program Files\Common Files\<DIR>          Logitech
   [03/02/2009|12:00] C:\Program Files\Common Files\<DIR>          Macrovision Shared
   [12/27/2008|02:02] C:\Program Files\Common Files\<DIR>          Microsoft Shared
   [07/11/2008|09:56] C:\Program Files\Common Files\<DIR>          MSSoap
   [07/11/2008|04:48] C:\Program Files\Common Files\<DIR>          ODBC
   [08/27/2008|08:55] C:\Program Files\Common Files\<DIR>          Roxio Shared
   [07/11/2008|09:56] C:\Program Files\Common Files\<DIR>          Services
   [08/27/2008|08:55] C:\Program Files\Common Files\<DIR>          SightSpeed
   [12/27/2008|12:57] C:\Program Files\Common Files\<DIR>          Software Update Utility
   [02/06/2009|11:42] C:\Program Files\Common Files\<DIR>          SolidWorks Shared
   [08/27/2008|09:06] C:\Program Files\Common Files\<DIR>          Sonic Shared
   [07/11/2008|04:48] C:\Program Files\Common Files\<DIR>          SpeechEngines
   [08/27/2008|09:06] C:\Program Files\Common Files\<DIR>          SureThing Shared
   [04/26/2009|10:01] C:\Program Files\Common Files\<DIR>          Symantec Shared
   [07/11/2008|10:40] C:\Program Files\Common Files\<DIR>          System
   [04/30/2009|12:27] C:\Program Files\Common Files\<DIR>          Wise Installation Wizard

   --------------------\\  Process

   ( 60 Processes )

   IEXPLORE.EXE ~ [PID:1344]
   iexplore.exe ~ [PID:1528]
   iexplore.exe ~ [PID:3684]
   iexplore.exe ~ [PID:228]

   --------------------\\  Searching with S_Lop

   No Lop folder found !
 
   --------------------\\  Searching for Lop Files - Folders

   C:\DOCUME~1\ALLUSE~1\APPLIC~1\INTERNET SPAM SUPPORT AUDIO
   C:\DOCUME~1\ALLUSE~1\APPLIC~1\INTERNET SPAM SUPPORT AUDIO\BLUE INFO.dat
   C:\DOCUME~1\ALLUSE~1\APPLIC~1\INTERNET SPAM SUPPORT AUDIO\BLUE INFO.exe
   C:\Program Files\signba~1
   C:\DOCUME~1\Andy\LOCALS~1\Temp\nsmB.tmp
   C:\WINDOWS\Tasks\8069061C808AB104.job
 
   --------------------\\  Searching within the Registry

   [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

   [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
   "Support audio cool poll"="C:\\Documents and Settings\\All Users\\Application Data\\INTERNET SPAM SUPPORT AUDIO\\BLUE INFO.exe"

   --------------------\\  Checking the Hosts file

   Hosts file CLEAN


   --------------------\\  Searching for hidden files with Catchme
 
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2009-04-30 16:21:32
   Windows 5.1.2600 Service Pack 3 NTFS
   scanning hidden processes ...
   scanning hidden files ...
   scan completed successfully
   hidden processes: 0
   hidden files: 0
 
   --------------------\\  Searching for other infections

   --------------------\\  Cracks & Keygens ..

   C:\DOCUME~1\Andy\My Documents\Adobe Acrobat 9 Pro Extended Serial & Crack @ New
   C:\DOCUME~1\Andy\My Documents\AVS VIDEO EDITOR 3+VIDEO TOOLS+CRACK
   C:\DOCUME~1\Andy\My Documents\Adobe Acrobat 9 Pro Extended Serial & Crack @ New\AMTLibWrapper.dll
   C:\DOCUME~1\Andy\My Documents\Adobe Acrobat 9 Pro Extended Serial & Crack @ New\AMTLibWrapper_old.dll
   C:\DOCUME~1\Andy\My Documents\Adobe Acrobat 9 Pro Extended Serial & Crack @ New\MKDEV TEAM Adobe.Acrobat.9.Pro.Extended.SERIAL.MKD EV.TEAM+FIX.nfo
   C:\DOCUME~1\Andy\My Documents\Adobe Acrobat 9 Pro Extended Serial & Crack @ New\MKDEV TEAM Adobe.Acrobat.9.Pro.Extended.SERIAL.MKD EV.TEAM+FIX.txt
   C:\DOCUME~1\Andy\My Documents\AVS VIDEO EDITOR 3+VIDEO TOOLS+CRACK\AVSSmartConverter.exe
   C:\DOCUME~1\Andy\My Documents\AVS VIDEO EDITOR 3+VIDEO TOOLS+CRACK\AVSVideoConverter4.exe
   C:\DOCUME~1\Andy\My Documents\AVS VIDEO EDITOR 3+VIDEO TOOLS+CRACK\AVSVideoCutter.exe
   C:\DOCUME~1\Andy\My Documents\AVS VIDEO EDITOR 3+VIDEO TOOLS+CRACK\AVSVideoEditor3.exe
   C:\DOCUME~1\Andy\My Documents\AVS VIDEO EDITOR 3+VIDEO TOOLS+CRACK\AVSVideoTools.exe
   C:\DOCUME~1\Andy\My Documents\AVS VIDEO EDITOR 3+VIDEO TOOLS+CRACK\AVSVTManager.exe
   C:\DOCUME~1\Andy\My Documents\AVS VIDEO EDITOR 3+VIDEO TOOLS+CRACK\Crack AVS VIDEO TOOLS
   C:\DOCUME~1\Andy\My Documents\AVS VIDEO EDITOR 3+VIDEO TOOLS+CRACK\Leggimi prima!!!!!!!!!.txt
   C:\DOCUME~1\Andy\My Documents\AVS VIDEO EDITOR 3+VIDEO TOOLS+CRACK\Crack AVS VIDEO TOOLS\AVSAudioEditor.exe
   C:\DOCUME~1\Andy\My Documents\AVS VIDEO EDITOR 3+VIDEO TOOLS+CRACK\Crack AVS VIDEO TOOLS\AVSVideoEditor.exe
   C:\DOCUME~1\Andy\My Documents\AVS VIDEO EDITOR 3+VIDEO TOOLS+CRACK\Crack AVS VIDEO TOOLS\leggimi prima!!!!!!!!!!!!!!.txt
   C:\DOCUME~1\Andy\My Documents\AVS VIDEO EDITOR 3+VIDEO TOOLS+CRACK\Crack AVS VIDEO TOOLS\licence.reg
   C:\DOCUME~1\Andy\My Documents\My Pictures\heads crack.jpg


   [F:182][D:146]-> C:\DOCUME~1\Andy\LOCALS~1\Temp
   [F:676][D:0]-> C:\DOCUME~1\Andy\Cookies
   [F:22978][D:44]-> C:\DOCUME~1\Andy\LOCALS~1\TEMPOR~1\content.IE5

   1 - "C:\Lop SD\LopR_1.txt" - Thu 04/30/2009|16:23 - Option : [1]

   --------------------\\  Scan completed at 16:23:44
IP logged
evilfantasy
Malware Removal Specialist
Moderator
Genius



Thanked: 462
Posts: 11,769

Experience: Beginner
OS: Windows 7


Calm like a bomb

evilfantasy's blog
« Reply #7 on: April 30, 2009, 03:27:08 PM »
Everything in the Malwarebytes log says No action taken. Did you have it fix those entries after copying the log?

----------

Quote
--------------------\\  Cracks & Keygens ..

   C:\DOCUME~1\Andy\My Documents\Adobe Acrobat 9 Pro Extended Serial & Crack @ New
   C:\DOCUME~1\Andy\My Documents\AVS VIDEO EDITOR 3+VIDEO TOOLS+CRACK
   C:\DOCUME~1\Andy\My Documents\Adobe Acrobat 9 Pro Extended Serial & Crack @ New\AMTLibWrapper.dll
   C:\DOCUME~1\Andy\My Documents\Adobe Acrobat 9 Pro Extended Serial & Crack @ New\AMTLibWrapper_old.dll
   C:\DOCUME~1\Andy\My Documents\Adobe Acrobat 9 Pro Extended Serial & Crack @ New\MKDEV TEAM Adobe.Acrobat.9.Pro.Extended.SERIAL.MKD EV.TEAM+FIX.nfo
   C:\DOCUME~1\Andy\My Documents\Adobe Acrobat 9 Pro Extended Serial & Crack @ New\MKDEV TEAM Adobe.Acrobat.9.Pro.Extended.SERIAL.MKD EV.TEAM+FIX.txt
   C:\DOCUME~1\Andy\My Documents\AVS VIDEO EDITOR 3+VIDEO TOOLS+CRACK\AVSSmartConverter.exe
   C:\DOCUME~1\Andy\My Documents\AVS VIDEO EDITOR 3+VIDEO TOOLS+CRACK\AVSVideoConverter4.exe
   C:\DOCUME~1\Andy\My Documents\AVS VIDEO EDITOR 3+VIDEO TOOLS+CRACK\AVSVideoCutter.exe
   C:\DOCUME~1\Andy\My Documents\AVS VIDEO EDITOR 3+VIDEO TOOLS+CRACK\AVSVideoEditor3.exe
   C:\DOCUME~1\Andy\My Documents\AVS VIDEO EDITOR 3+VIDEO TOOLS+CRACK\AVSVideoTools.exe
   C:\DOCUME~1\Andy\My Documents\AVS VIDEO EDITOR 3+VIDEO TOOLS+CRACK\AVSVTManager.exe
   C:\DOCUME~1\Andy\My Documents\AVS VIDEO EDITOR 3+VIDEO TOOLS+CRACK\Crack AVS VIDEO TOOLS
   C:\DOCUME~1\Andy\My Documents\AVS VIDEO EDITOR 3+VIDEO TOOLS+CRACK\Leggimi prima!!!!!!!!!.txt
   C:\DOCUME~1\Andy\My Documents\AVS VIDEO EDITOR 3+VIDEO TOOLS+CRACK\Crack AVS VIDEO TOOLS\AVSAudioEditor.exe
   C:\DOCUME~1\Andy\My Documents\AVS VIDEO EDITOR 3+VIDEO TOOLS+CRACK\Crack AVS VIDEO TOOLS\AVSVideoEditor.exe
   C:\DOCUME~1\Andy\My Documents\AVS VIDEO EDITOR 3+VIDEO TOOLS+CRACK\Crack AVS VIDEO TOOLS\leggimi prima!!!!!!!!!!!!!!.txt
   C:\DOCUME~1\Andy\My Documents\AVS VIDEO EDITOR 3+VIDEO TOOLS+CRACK\Crack AVS VIDEO TOOLS\licence.reg

You will have to remove the cracks before I can continue helping.

Download the OTMoveIt3 by OldTimer

Note: If you are running on Vista, right-click on OTMoveIt3.exe and choose Run As Administrator.

* Save it to your Desktop.
* Double-click OTMoveIt3.exe to run it.
* Copy the lines in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy)

Code: [Select]
:Processes
explorer.exe

:services

:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Support audio cool poll"=-

:files
C:\DOCUME~1\Andy\My Documents\AVS VIDEO EDITOR 3+VIDEO TOOLS+CRACK
C:\DOCUME~1\Andy\My Documents\Adobe Acrobat 9 Pro Extended Serial & Crack @ New

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

* Return to OTMoveIt3, right click in the "Paste Instructions for Items to be Moved" window (under the yellow bar) and choose Paste.
* Click the red Moveit! button.
* Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
Close OTMoveIt3

Note: If a file or folder cannot be moved immediately you may be asked to reboot your computer in order to finish the move process. If asked to reboot, choose Yes. If not, reboot anyway.
IP logged


ƃolq
Trisha
Topic Starter
Rookie



Posts: 36
« Reply #8 on: April 30, 2009, 03:34:48 PM »
Ok i have to get intouch with boyfriend it is his computer that i am trying to fix i will be back shortly

By the way Than you so much for the help you are giving me you a a Blessing
IP logged
evilfantasy
Malware Removal Specialist
Moderator
Genius



Thanked: 462
Posts: 11,769

Experience: Beginner
OS: Windows 7


Calm like a bomb

evilfantasy's blog
« Reply #9 on: April 30, 2009, 03:42:48 PM »
Your welcome.
IP logged


ƃolq
Trisha
Topic Starter
Rookie



Posts: 36
« Reply #10 on: April 30, 2009, 03:59:20 PM »
no i have not fixed the malware stuff at the time i do not have the money to purchase it so what can i do ? I am going to do the install of the other program to remove the code ex's
IP logged
Trisha
Topic Starter
Rookie



Posts: 36
« Reply #11 on: April 30, 2009, 04:10:53 PM »
Malwarebytes' Anti-Malware 1.36
Database version: 2062
Windows 5.1.2600 Service Pack 3

4/30/2009 5:15:17 PM
mbam-log-2009-04-30 (17-15-17).txt

Scan type: Quick Scan
Objects scanned: 89378
Time elapsed: 10 minute(s), 20 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 7
Files Infected: 233

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{b26caa68-6ebf-4a30-a0f0-0a0bfe3da5dd} (Rogue.RegistryDefender5) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\downloader.downloaderctrl.1 (Adware.2020search) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search\Local Page (Hijack.Search) -> Bad: (http://www2.iesearch.com/) Good: (http://www.google.com/) -> Quarantined and deleted successfully.

Folders Infected:
C:\Documents and Settings\Andy\Start Menu\Programs\Registry Defender (Rogue.Registry.Defender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0 (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100 (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\ProgramData\RD Platinum v5.0 (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\ProgramData\RD Platinum v5.0\backup (Rogue.RegistryDefender) -> Quarantined and deleted successfully.

Files Infected:
C:\Documents and Settings\Andy\Start Menu\Programs\Registry Defender\Customer Support.lnk (Rogue.Registry.Defender) -> Quarantined and deleted successfully.
C:\Documents and Settings\Andy\Start Menu\Programs\Registry Defender\RD Platinum v5.lnk (Rogue.Registry.Defender) -> Quarantined and deleted successfully.
C:\Documents and Settings\Andy\Start Menu\Programs\Registry Defender\User Guide.lnk (Rogue.Registry.Defender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\Customer Support.url (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\INSTALL.LOG (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\install.sss (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\RDPlatinumv5.exe (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\RDPlatinumv5.exe.manifest (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\Uninstall.exe (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\Updater.exe (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\User Guide.url (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-1.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-10.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-11.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-12.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-13.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-14.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-15.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-16.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-17.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-18.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-19.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-2.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-20.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-21.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-22.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-23.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-24.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-25.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-26.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-27.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-28.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-29.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-3.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-30.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-31.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-32.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-33.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-34.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-35.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-36.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-37.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-38.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-39.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-4.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-40.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-41.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-42.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-43.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-44.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-45.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-46.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-47.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-48.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-49.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-5.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-50.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-6.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-7.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-8.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-9.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\Thumbs.db (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-0.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-1.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-10.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-100.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-11.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-12.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-13.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-14.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-15.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-16.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-17.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-18.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-19.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-2.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-20.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-21.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-22.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-23.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-24.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-25.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-26.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-27.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-28.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-29.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-3.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-30.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-31.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-32.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-33.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-34.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-35.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-36.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-37.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-38.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-39.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-4.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-40.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-41.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-42.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-43.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-44.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-45.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-46.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-47.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-48.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-49.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-5.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-50.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-51.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-52.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-53.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-54.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-55.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-56.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-57.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-58.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-59.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-6.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-60.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-61.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-62.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-63.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-64.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-65.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-66.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-67.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-68.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-69.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-7.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-70.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-71.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-72.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-73.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-74.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-75.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-76.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-77.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-78.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-79.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-8.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-80.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-81.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-82.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-83.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-84.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-85.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-86.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-87.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-88.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-89.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-9.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-90.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-91.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-92.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-93.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-94.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-95.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-96.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-97.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-98.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-99.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\Thumbs.db (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-0.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-1.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-10.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-11.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-12.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-13.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-14.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-15.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-16.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-17.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-18.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-19.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-2.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-20.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-21.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-22.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-23.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-24.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-25.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-26.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-27.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-28.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-29.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-3.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-30.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-31.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-32.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-33.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-34.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-35.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-36.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-37.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-38.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-39.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-4.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-40.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-41.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-42.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-43.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-44.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-45.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-46.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-47.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-48.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-49.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-5.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-50.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-51.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-52.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-53.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-54.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-55.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-56.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-57.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-58.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-59.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-6.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-60.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-61.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-62.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-63.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-64.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-65.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-7.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-8.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-9.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\Thumbs.db (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\ProgramData\RD Platinum v5.0\report.csv (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\ProgramData\RD Platinum v5.0\backup\4_13_2009.reg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
IP logged
evilfantasy
Malware Removal Specialist
Moderator
Genius



Thanked: 462
Posts: 11,769

Experience: Beginner
OS: Windows 7


Calm like a bomb

evilfantasy's blog
« Reply #12 on: April 30, 2009, 04:12:11 PM »
You don't have to pay for anything but I won't help make a computer work with cracked software on it. I just need you to post the logs I ask for, starting with the one from here http://www.computerhope.com/forum/index.php/topic,82460.msg545995.html#msg545995
IP logged


ƃolq
Trisha
Topic Starter
Rookie



Posts: 36
« Reply #13 on: April 30, 2009, 04:12:29 PM »
fixing to reboot  brb thank you
IP logged
Trisha
Topic Starter
Rookie



Posts: 36
« Reply #14 on: April 30, 2009, 04:20:25 PM »
ok have done it here is a copy Error: Unable to interpret <Processes> in the current context!
Error: Unable to interpret <explorer.exe> in the current context!
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Support audio cool poll deleted successfully.
========== FILES ==========
C:\DOCUME~1\Andy\My Documents\AVS VIDEO EDITOR 3+VIDEO TOOLS+CRACK\Crack AVS VIDEO TOOLS moved successfully.
C:\DOCUME~1\Andy\My Documents\AVS VIDEO EDITOR 3+VIDEO TOOLS+CRACK moved successfully.
C:\DOCUME~1\Andy\My Documents\Adobe Acrobat 9 Pro Extended Serial & Crack @ New moved successfully.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\Andy\LOCALS~1\Temp\IMGA.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Andy\LOCALS~1\Temp\Perflib_Perfdata_82c.dat scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Andy\LOCALS~1\Temp\~DF167F.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Andy\LOCALS~1\Temp\~DF7CC4.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Andy\LOCALS~1\Temp\~DF8A1F.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Andy\LOCALS~1\Temp\~DF8B0C.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Andy\LOCALS~1\Temp\~ROMFN_0000082C scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Documents and Settings\Andy\Local Settings\Temporary Internet Files\Content.IE5\WVE3Q2PS\topic,82460.0[1].html scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Andy\Local Settings\Temporary Internet Files\Content.IE5\MZOMYL42\OTMoveIt3[1].exe scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Andy\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Andy\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat scheduled to be deleted on reboot.
User's Temporary Internet Files folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Network Service Temp folder emptied.
File delete failed. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Network Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_130.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully
 
OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 04302009_170817

Files moved on Reboot...
File C:\DOCUME~1\Andy\LOCALS~1\Temp\IMGA.tmp not found!
File C:\DOCUME~1\Andy\LOCALS~1\Temp\Perflib_Perfdata_82c.dat not found!
C:\DOCUME~1\Andy\LOCALS~1\Temp\~DF167F.tmp moved successfully.
C:\DOCUME~1\Andy\LOCALS~1\Temp\~DF7CC4.tmp moved successfully.
File C:\DOCUME~1\Andy\LOCALS~1\Temp\~DF8A1F.tmp not found!
File C:\DOCUME~1\Andy\LOCALS~1\Temp\~DF8B0C.tmp not found!
File C:\DOCUME~1\Andy\LOCALS~1\Temp\~ROMFN_0000082C not found!
File C:\Documents and Settings\Andy\Local Settings\Temporary Internet Files\Content.IE5\WVE3Q2PS\topic,82460.0[1].html not found!
C:\Documents and Settings\Andy\Local Settings\Temporary Internet Files\Content.IE5\MZOMYL42\OTMoveIt3[1].exe moved successfully.
C:\Documents and Settings\Andy\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
File C:\WINDOWS\temp\Perflib_Perfdata_130.dat not found!


Now what
IP logged
evilfantasy
Malware Removal Specialist
Moderator
Genius



Thanked: 462
Posts: 11,769

Experience: Beginner
OS: Windows 7


Calm like a bomb

evilfantasy's blog
« Reply #15 on: April 30, 2009, 04:27:10 PM »
Disable your antivirus and antimalware programs so they do not interfere with the running of Lop S&D.

Double click LopSD.exe - If you are using Windows Vista, right-click on the LopSD icon and select Run as administrator to perform this scan.

  • Choose the language by typing of the corresponding letter and press Enter
  • Click OK at the informative window.
  • Type 2 to choose Option 2 (Delete with Hosts File Restore), then press Enter
  • Wait until the end of the scan.
  • A report will be generated, post the contents of it in your next reply.
----------
IP logged


ƃolq
Trisha
Topic Starter
Rookie



Posts: 36
« Reply #16 on: April 30, 2009, 04:45:34 PM »

   --------------------\\  Lop S&D 4.2.5-0   XP/Vista

   Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 3
   X86-based PC ( Multiprocessor Free : AMD Athlon(tm)64 X2 Dual Core Processor  4400+ )
   BIOS : BIOS Date: 10/26/06 18:30:08 Ver: 08.00.12
   USER : Andy ( Administrator )
   BOOT : Normal boot
   Antivirus : AVG Anti-Virus Free 8.0 (Activated)
   C:\ (Local Disk) - NTFS - Total:74 Go (Free:9 Go)
   D:\ (CD or DVD)
   E:\ (Local Disk) - NTFS - Total:232 Go (Free:177 Go)
   J:\ (CD or DVD)

   "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
   Option : [2] ( Thu 04/30/2009|17:48 )


   \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ FIX

   Deleted! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\INTERNET SPAM SUPPORT AUDIO\BLUE INFO.dat
   Deleted! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\INTERNET SPAM SUPPORT AUDIO\BLUE INFO.exe
   Deleted! - C:\WINDOWS\Tasks\8069061C808AB104.job
   Deleted! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\INTERNET SPAM SUPPORT AUDIO
   Deleted! - C:\Program Files\signba~1
   -
   [ Hosts file ] .. Restored!
 
   \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

   Deleted! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
 
   \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

 
   --------------------\\  Listing folders in APPLIC~1

   [04/13/2009|11:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          {7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
   [10/31/2008|10:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          {D5ABFFAD-D592-4F98-B02B-587125B4801F}
   [12/27/2008|12:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          acccore
   [01/09/2009|10:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          Adobe
   [07/20/2008|09:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          Ahead
   [12/27/2008|12:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          AIM Toolbar
   [12/27/2008|12:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          AOL
   [12/27/2008|12:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          AOL OCP
   [07/11/2008|11:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          Apple
   [07/11/2008|11:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          Apple Computer
   [03/02/2009|12:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          Autodesk
   [01/31/2009|09:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          Avg8
   [10/31/2008|09:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          AVS4YOU
   [02/06/2009|11:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          BufferZone
   [07/20/2008|11:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          CyberLink
   [02/06/2009|11:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          DassaultSystemes
   [10/31/2008|10:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          DriverScanner
   [01/09/2009|10:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          FLEXnet
   [04/27/2009|12:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          FloodLightGames
   [11/27/2008|09:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          Google
   [04/30/2009|11:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          Google Updater
   [11/27/2008|12:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          IM
   [11/27/2008|12:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          IncrediMail
   [08/27/2008|09:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          InstallShield
   [12/11/2008|01:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          InterAction studios
   [12/11/2008|02:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          iWin Games
   [07/11/2008|11:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          Lavasoft
   [08/27/2008|07:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          LightScribe
   [03/26/2009|10:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          LogiShrd
   [03/26/2009|10:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          Logitech
   [12/28/2008|05:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          Macrovision
   [04/30/2009|03:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          Malwarebytes
   [03/14/2009|01:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          Microsoft
   [11/12/2008|04:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          NeoEdge Networks
   [07/20/2008|09:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          Nero
   [07/20/2008|08:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          nView_Profiles
   [08/03/2008|01:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          PC Drivers HeadQuarters
   [04/27/2009|03:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          PlayFirst
   [04/27/2009|03:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          RealArcade
   [08/27/2008|09:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          Roxio
   [08/27/2008|09:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          Sonic
   [10/29/2008|10:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          SonyPicturesGames
   [04/15/2009|01:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          Spybot - Search & Destroy
   [04/30/2009|12:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          SUPERAntiSpyware.com
   [04/28/2009|06:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          TEMP
   [07/29/2008|03:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          Trymedia
   [07/11/2008|11:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          Windows Genuine Advantage
   [02/10/2009|02:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          Yahoo!
   [01/19/2009|03:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR>          Yahoo! Companion

   [12/27/2008|12:57] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          acccore
   [01/10/2009|09:07] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          Adobe
   [01/15/2009|04:09] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          Ahead
   [08/06/2008|08:22] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          Apple Computer
   [07/12/2008|01:33] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          Auslogics
   [03/02/2009|12:47] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          Autodesk
   [10/31/2008|09:34] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          AVS4YOU
   [07/11/2008|11:50] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          Camtech
   [01/03/2009|08:50] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          com.adobe.mauby.4875E02D9FB21EE389F73B8 D1702B320485DF8CE.1
   [07/21/2008|12:23] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          CyberLink
   [02/06/2009|11:52] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          DassaultSystemes
   [07/30/2008|06:57] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          DivX
   [03/16/2009|10:56] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          dvdcss
   [02/06/2009|11:52] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          EDrawings
   [04/27/2009|12:32] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          FloodLightGames
   [07/22/2008|10:12] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          Google
   [01/01/2009|10:31] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          Help
   [07/11/2008|10:04] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          Identities
   [03/26/2009|10:16] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          InstallShield
   [04/15/2009|12:32] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          Joost
   [03/26/2009|10:17] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          Logitech
   [11/12/2008|04:15] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          Macromedia
   [04/30/2009|03:04] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          Malwarebytes
   [10/31/2008|09:45] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          Media Player Classic
   [01/18/2009|12:36] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          Microsoft
   [10/17/2008|10:32] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          Move Networks
   [07/11/2008|11:37] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          Mozilla
   [04/30/2009|05:36] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          OpenOffice.org2
   [04/27/2009|03:48] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          PlayFirst
   [03/20/2009|12:41] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          Roxio
   [07/11/2008|11:19] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          Sun
   [04/30/2009|12:28] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          SUPERAntiSpyware.com
   [04/22/2009|10:19] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          U3
   [10/31/2008|10:05] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          Uniblue
   [04/13/2009|02:31] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          vlc
   [12/06/2008|10:54] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          Vso
   [10/30/2008|09:42] C:\DOCUME~1\Andy\APPLIC~1\<DIR>          Yahoo!

   [07/11/2008|09:58] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR>          Microsoft

   [01/18/2009|12:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR>          Microsoft
   [08/27/2008|09:28] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR>          Roxio

   [01/18/2009|12:36] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR>          Microsoft
 
   --------------------\\  Scheduled Tasks located in C:\WINDOWS\Tasks

   [04/27/2009 11:48 PM][--a------] C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
   [04/30/2009 05:20 PM][--a------] C:\WINDOWS\tasks\Google Software Updater.job
   [04/30/2009 01:40 AM][--a------] C:\WINDOWS\tasks\Norton Security Scan for Andy.job
   [04/30/2009 05:22 PM][--ah-----] C:\WINDOWS\tasks\MP Scheduled Scan.job
   [04/30/2009 05:19 PM][--ah-----] C:\WINDOWS\tasks\SA.DAT
   [08/04/2004 07:00 AM][-r-h-----] C:\WINDOWS\tasks\desktop.ini

   --------------------\\  Listing Folders in C:\Program Files

   [01/09/2009|10:24] C:\Program Files\<DIR>          Adobe
   [12/27/2008|12:57] C:\Program Files\<DIR>          AIM Toolbar
   [12/27/2008|12:57] C:\Program Files\<DIR>          AIM6
   [07/11/2008|10:56] C:\Program Files\<DIR>          Analog Devices
   [04/13/2009|11:43] C:\Program Files\<DIR>          Angle Interactive
   [03/02/2009|12:47] C:\Program Files\<DIR>          AnswerWorks 4.0
   [07/11/2008|11:40] C:\Program Files\<DIR>          Apple Software Update
   [07/23/2008|10:09] C:\Program Files\<DIR>          Ares
   [07/11/2008|11:49] C:\Program Files\<DIR>          Auslogics
   [03/02/2009|12:00] C:\Program Files\<DIR>          AutoCAD 2004
   [03/02/2009|12:49] C:\Program Files\<DIR>          Autodesk
   [07/11/2008|11:11] C:\Program Files\<DIR>          AVG
   [01/18/2009|12:07] C:\Program Files\<DIR>          AVS4YOU
   [07/11/2008|11:41] C:\Program Files\<DIR>          Bonjour
   [07/11/2008|11:50] C:\Program Files\<DIR>          Camtech
   [07/11/2008|11:43] C:\Program Files\<DIR>          CCleaner
   [04/30/2009|02:51] C:\Program Files\<DIR>          Common Files
   [07/11/2008|09:55] C:\Program Files\<DIR>          ComPlus Applications
   [07/20/2008|11:07] C:\Program Files\<DIR>          CyberLink
   [11/02/2008|11:53] C:\Program Files\<DIR>          DIFX
   [04/12/2009|04:48] C:\Program Files\<DIR>          DivX
   [01/14/2009|09:17] C:\Program Files\<DIR>          dvd43
   [11/19/2008|03:43] C:\Program Files\<DIR>          DVDFab 5
   [01/03/2009|08:42] C:\Program Files\<DIR>          ElcomSoft
   [04/30/2009|12:12] C:\Program Files\<DIR>          EsetOnlineScanner
   [11/27/2008|09:40] C:\Program Files\<DIR>          Google
   [03/26/2009|10:16] C:\Program Files\<DIR>          InstallShield Installation Information
   [03/27/2009|09:52] C:\Program Files\<DIR>          Intel Desktop Board
   [08/27/2008|09:28] C:\Program Files\<DIR>          InterActual
   [04/30/2009|09:15] C:\Program Files\<DIR>          Internet Explorer
   [07/11/2008|11:50] C:\Program Files\<DIR>          IObit
   [07/11/2008|11:41] C:\Program Files\<DIR>          iPod
   [07/11/2008|11:41] C:\Program Files\<DIR>          iTunes
   [04/30/2009|03:41] C:\Program Files\<DIR>          Java
   [07/20/2008|11:31] C:\Program Files\<DIR>          Joost
   [11/09/2008|12:01] C:\Program Files\<DIR>          JoshMadison
   [04/13/2009|11:42] C:\Program Files\<DIR>          Lavasoft
   [03/26/2009|10:16] C:\Program Files\<DIR>          Logitech
   [11/02/2008|11:55] C:\Program Files\<DIR>          LogWorks3
   [04/30/2009|03:03] C:\Program Files\<DIR>          Malwarebytes' Anti-Malware
   [08/14/2008|07:43] C:\Program Files\<DIR>          Messenger
   [03/14/2009|01:48] C:\Program Files\<DIR>          Microsoft
   [07/11/2008|09:58] C:\Program Files\<DIR>          microsoft frontpage
   [12/27/2008|02:01] C:\Program Files\<DIR>          Microsoft Office
   [04/21/2009|03:47] C:\Program Files\<DIR>          Microsoft Silverlight
   [07/11/2008|10:41] C:\Program Files\<DIR>          Movie Maker
   [04/29/2009|08:06] C:\Program Files\<DIR>          Mozilla Firefox
   [04/30/2009|09:18] C:\Program Files\<DIR>          MSBuild
   [11/09/2008|10:10] C:\Program Files\<DIR>          MSECache
   [03/14/2009|01:47] C:\Program Files\<DIR>          MSN
   [07/11/2008|09:55] C:\Program Files\<DIR>          MSN Gaming Zone
   [07/21/2008|08:40] C:\Program Files\<DIR>          MSXML 4.0
   [07/12/2008|07:45] C:\Program Files\<DIR>          Nero
   [08/24/2008|01:09] C:\Program Files\<DIR>          NETGEAR
   [07/11/2008|10:40] C:\Program Files\<DIR>          NetMeeting
   [04/30/2009|05:19] C:\Program Files\<DIR>          NoAdware
   [04/29/2009|10:00] C:\Program Files\<DIR>          Norton Security Scan
   [04/28/2009|06:14] C:\Program Files\<DIR>          Oberon Media
   [07/11/2008|09:55] C:\Program Files\<DIR>          Online Services
   [11/02/2008|11:52] C:\Program Files\<DIR>          OpenECU
   [07/11/2008|11:42] C:\Program Files\<DIR>          OpenOffice.org 2.4
   [07/11/2008|10:40] C:\Program Files\<DIR>          Outlook Express
   [12/27/2008|12:48] C:\Program Files\<DIR>          OU-VPN
   [03/26/2009|09:56] C:\Program Files\<DIR>          PC Drivers HeadQuarters
   [07/11/2008|11:40] C:\Program Files\<DIR>          QuickTime
   [04/27/2009|04:51] C:\Program Files\<DIR>          RealArcade
   [04/30/2009|09:18] C:\Program Files\<DIR>          Reference Assemblies
   [11/02/2008|11:49] C:\Program Files\<DIR>          RomRaider
   [08/27/2008|09:06] C:\Program Files\<DIR>          Roxio
   [08/27/2008|09:05] C:\Program Files\<DIR>          SightSpeed
   [07/11/2008|11:44] C:\Program Files\<DIR>          Spybot - Search & Destroy
   [08/04/2008|07:49] C:\Program Files\<DIR>          Super DVD Creator 8.5
   [04/30/2009|12:28] C:\Program Files\<DIR>          SUPERAntiSpyware
   [08/05/2008|11:19] C:\Program Files\<DIR>          SystemRequirementsLab
   [04/30/2009|03:58] C:\Program Files\<DIR>          Trend Micro
   [07/21/2008|11:15] C:\Program Files\<DIR>          TVAnts
   [10/31/2008|10:05] C:\Program Files\<DIR>          Uniblue
   [03/27/2009|09:54] C:\Program Files\<DIR>          Unibrain
   [12/27/2008|02:06] C:\Program Files\<DIR>          Uninstall Information
   [10/31/2008|12:22] C:\Program Files\<DIR>          VideoLAN
   [04/30/2009|05:48] C:\Program Files\<DIR>          Viewpoint
   [07/11/2008|11:54] C:\Program Files\<DIR>          Windows Defender
   [07/12/2008|12:45] C:\Program Files\<DIR>          Windows Media Connect 2
   [07/12/2008|12:45] C:\Program Files\<DIR>          Windows Media Player
   [07/11/2008|10:40] C:\Program Files\<DIR>          Windows NT
   [07/11/2008|09:57] C:\Program Files\<DIR>          WindowsUpdate
   [08/29/2008|07:39] C:\Program Files\<DIR>          WMPCI54G WLAN Monitor
   [07/11/2008|09:58] C:\Program Files\<DIR>          xerox
   [08/27/2008|09:05] C:\Program Files\<DIR>          Xingtone
   [10/31/2008|09:44] C:\Program Files\<DIR>          XP Codec Pack
   [04/13/2009|01:10] C:\Program Files\<DIR>          XtalViD-Codec
   [04/13/2009|02:21] C:\Program Files\<DIR>          Xvid
   [04/13/2009|12:51] C:\Program Files\<DIR>          Xvid Decoder
   [02/10/2009|02:27] C:\Program Files\<DIR>          Yahoo!

   --------------------\\  Listing Folders in C:\Program Files\Common Files

   [01/09/2009|10:27] C:\Program Files\Common Files\<DIR>          Adobe
   [07/19/2008|09:14] C:\Program Files\Common Files\<DIR>          Adobe AIR
   [07/29/2008|03:48] C:\Program Files\Common Files\<DIR>          Ahead
   [12/27/2008|12:56] C:\Program Files\Common Files\<DIR>          AOL
   [07/11/2008|11:40] C:\Program Files\Common Files\<DIR>          Apple
   [03/02/2009|12:51] C:\Program Files\Common Files\<DIR>          Autodesk Shared
   [01/18/2009|12:07] C:\Program Files\Common Files\<DIR>          AVSMedia
   [12/27/2008|02:02] C:\Program Files\Common Files\<DIR>          Designer
   [12/27/2008|12:48] C:\Program Files\Common Files\<DIR>          Deterministic Networks
   [04/12/2009|04:47] C:\Program Files\Common Files\<DIR>          DivX Shared
   [08/27/2008|08:55] C:\Program Files\Common Files\<DIR>          InstallShield
   [07/11/2008|11:20] C:\Program Files\Common Files\<DIR>          Java
   [07/19/2008|11:05] C:\Program Files\Common Files\<DIR>          LightScribe
   [03/27/2009|09:43] C:\Program Files\Common Files\<DIR>          Logitech
   [03/02/2009|12:00] C:\Program Files\Common Files\<DIR>          Macrovision Shared
   [12/27/2008|02:02] C:\Program Files\Common Files\<DIR>          Microsoft Shared
   [07/11/2008|09:56] C:\Program Files\Common Files\<DIR>          MSSoap
   [07/11/2008|04:48] C:\Program Files\Common Files\<DIR>          ODBC
   [08/27/2008|08:55] C:\Program Files\Common Files\<DIR>          Roxio Shared
   [07/11/2008|09:56] C:\Program Files\Common Files\<DIR>          Services
   [08/27/2008|08:55] C:\Program Files\Common Files\<DIR>          SightSpeed
   [12/27/2008|12:57] C:\Program Files\Common Files\<DIR>          Software Update Utility
   [02/06/2009|11:42] C:\Program Files\Common Files\<DIR>          SolidWorks Shared
   [08/27/2008|09:06] C:\Program Files\Common Files\<DIR>          Sonic Shared
   [07/11/2008|04:48] C:\Program Files\Common Files\<DIR>          SpeechEngines
   [08/27/2008|09:06] C:\Program Files\Common Files\<DIR>          SureThing Shared
   [04/26/2009|10:01] C:\Program Files\Common Files\<DIR>          Symantec Shared
   [07/11/2008|10:40] C:\Program Files\Common Files\<DIR>          System
   [04/30/2009|12:27] C:\Program Files\Common Files\<DIR>          Wise Installation Wizard

   --------------------\\  Process

   ( 62 Processes )

   ... OK !

   --------------------\\  Searching with S_Lop

   No Lop folder found !
 
   --------------------\\  Searching for Lop Files - Folders

   No Lop folder found !
 
   --------------------\\  Searching within the Registry
 
   ..... OK !

   --------------------\\  Checking the Hosts file

   Hosts file CLEAN


   --------------------\\  Searching for hidden files with Catchme
 
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2009-04-30 17:49:18
   Windows 5.1.2600 Service Pack 3 NTFS
   scanning hidden processes ...
   scanning hidden files ...
   scan completed successfully
   hidden processes: 0
   hidden files: 0
 
   --------------------\\  Searching for other infections

   --------------------\\  Cracks & Keygens ..

   C:\DOCUME~1\Andy\My Documents\My Pictures\heads crack.jpg


   [F:5][D:2]-> C:\DOCUME~1\Andy\LOCALS~1\Temp
   [F:24][D:0]-> C:\DOCUME~1\Andy\Cookies
   [F:193][D:7]-> C:\DOCUME~1\Andy\LOCALS~1\TEMPOR~1\content.IE5

   1 - "C:\Lop SD\LopR_1.txt" - Thu 04/30/2009|16:23 - Option : [1]
   2 - "C:\Lop SD\LopR_2.txt" - Thu 04/30/2009|17:50 - Option : [2]

   --------------------\\  Scan completed at 17:50:28
IP logged
Trisha
Topic Starter
Rookie



Posts: 36
« Reply #17 on: April 30, 2009, 04:49:06 PM »
ok  now what ??
when can i just blow this thing (computer) up ?? or is their hope for it yet ??

 :||x
IP logged
evilfantasy
Malware Removal Specialist
Moderator
Genius



Thanked: 462
Posts: 11,769

Experience: Beginner
OS: Windows 7


Calm like a bomb

evilfantasy's blog
« Reply #18 on: April 30, 2009, 04:52:11 PM »
It's looking better so far. Hopefully we can finish up in a few more steps.

Download ComboFix© by sUBs from one of the below links. Be sure top save it to the Desktop.

Link #1
Link #2

**Note:  It is important that it is saved directly to your Desktop

Close any open Web browsers. (Firefox, Internet Explorer, etc) before starting ComboFix.

Temporarily disable your antivirus, and any antispyware real time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them.
 
Double click combofix.exe & follow the prompts.
When finished ComboFix will produce a log for you.
Post the ComboFix log in your next reply.

Important: Do not mouseclick ComboFix's window while it is running. That may cause it to stall.

Remember to re-enable your antivirus and antispyware protection when ComboFix is complete.

If you have problems with ComboFix usage, see How to use ComboFix

Also let me know if you are still getting the popups and how the computer is running.
IP logged


ƃolq
Trisha
Topic Starter
Rookie



Posts: 36
« Reply #19 on: April 30, 2009, 04:56:48 PM »
you are such a blessing thank you
i will let you know
not sure if i still want to kill the computer or the boyfriend just yet  :rofl:
IP logged
evilfantasy
Malware Removal Specialist
Moderator
Genius



Thanked: 462
Posts: 11,769

Experience: Beginner
OS: Windows 7


Calm like a bomb

evilfantasy's blog
« Reply #20 on: April 30, 2009, 05:01:18 PM »
The computer didn't do it by itself...
IP logged


ƃolq
Trisha
Topic Starter
Rookie



Posts: 36
« Reply #21 on: April 30, 2009, 05:44:18 PM »
i know but who ever is doing the downloading of the code stuff i m fixing to put a Knot on his head   ha ha any way i have the 2 logs here tComboFix 09-04-30.05 - Andy 04/30/2009 18:41.2 - NTFSx86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.1983.1418 [GMT -5:00]
Running from: c:\documents and settings\Andy\Desktop\ComboFix.exe1.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)
.

(((((((((((((((((((((((((   Files Created from 2009-03-28 to 2009-04-30  )))))))))))))))))))))))))))))))
.

2009-04-30 22:08 . 2009-04-30 22:08   --------   d-----w   C:\_OTMoveIt
2009-04-30 21:19 . 2009-04-30 22:50   --------   d-----w   C:\Lop SD
2009-04-30 20:49 . 2009-04-30 20:58   --------   d-----w   c:\program files\Trend Micro
2009-04-30 20:04 . 2009-04-30 20:04   --------   d-----w   c:\documents and settings\Andy\Application Data\Malwarebytes
2009-04-30 20:03 . 2009-04-06 20:32   15504   ----a-w   c:\windows\system32\drivers\mbam.sys
2009-04-30 20:03 . 2009-04-06 20:32   38496   ----a-w   c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-30 20:03 . 2009-04-30 20:03   --------   d-----w   c:\documents and settings\All Users\Application Data\Malwarebytes
2009-04-30 20:03 . 2009-04-30 20:03   --------   d-----w   c:\program files\Malwarebytes' Anti-Malware
2009-04-30 19:41 . 2009-04-30 22:19   --------   d-----w   c:\program files\NoAdware
2009-04-30 17:28 . 2009-04-30 17:28   --------   d-----w   c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-04-30 17:28 . 2009-04-30 17:28   --------   d-----w   c:\program files\SUPERAntiSpyware
2009-04-30 17:28 . 2009-04-30 17:28   --------   d-----w   c:\documents and settings\Andy\Application Data\SUPERAntiSpyware.com
2009-04-30 17:27 . 2009-04-30 17:27   --------   d-----w   c:\program files\Common Files\Wise Installation Wizard
2009-04-30 15:31 . 2009-04-30 17:12   --------   d-----w   c:\program files\EsetOnlineScanner
2009-04-30 14:19 . 2009-04-30 14:19   --------   d-----w   c:\windows\system32\XPSViewer
2009-04-30 14:18 . 2009-04-30 14:18   --------   d-----w   c:\program files\MSBuild
2009-04-30 14:18 . 2009-04-30 14:18   --------   d-----w   c:\program files\Reference Assemblies
2009-04-30 14:18 . 2008-07-06 12:06   117760   ------w   c:\windows\system32\prntvpt.dll
2009-04-30 14:18 . 2008-07-06 12:06   89088   -c----w   c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-04-30 14:18 . 2008-07-06 10:50   597504   -c----w   c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-04-30 14:18 . 2008-07-06 12:06   575488   -c----w   c:\windows\system32\dllcache\xpsshhdr.dll
2009-04-30 14:18 . 2008-07-06 12:06   575488   ------w   c:\windows\system32\xpsshhdr.dll
2009-04-30 14:18 . 2008-07-06 12:06   1676288   -c----w   c:\windows\system32\dllcache\xpssvcs.dll
2009-04-30 14:18 . 2008-07-06 12:06   1676288   ------w   c:\windows\system32\xpssvcs.dll
2009-04-30 14:18 . 2009-04-30 14:21   --------   d-----w   c:\windows\SxsCaPendDel
2009-04-27 20:48 . 2009-04-27 20:48   --------   d-----w   c:\documents and settings\Andy\Application Data\PlayFirst
2009-04-27 20:48 . 2009-04-27 20:48   --------   d-----w   c:\documents and settings\All Users\Application Data\PlayFirst
2009-04-27 20:47 . 2009-04-27 21:51   --------   d-----w   C:\My Games
2009-04-27 20:47 . 2009-04-27 20:47   --------   d-----w   c:\documents and settings\All Users\Application Data\RealArcade
2009-04-27 20:47 . 2009-04-27 20:47   --------   d-----w   C:\users
2009-04-27 20:46 . 2009-04-27 21:51   --------   d-----w   c:\program files\RealArcade
2009-04-27 17:32 . 2009-04-27 17:32   --------   d-----w   c:\documents and settings\All Users\Application Data\FloodLightGames
2009-04-27 17:32 . 2009-04-27 17:32   --------   d-----w   c:\documents and settings\Andy\Saved Games
2009-04-27 17:32 . 2009-04-27 17:32   --------   d-----w   c:\documents and settings\Andy\Application Data\FloodLightGames
2009-04-21 04:48 . 2009-04-21 04:48   --------   d-sh--w   c:\documents and settings\NetworkService\IETldCache
2009-04-20 04:28 . 2009-04-20 04:28   --------   d-sh--w   c:\documents and settings\Andy\IECompatCache
2009-04-20 04:22 . 2009-04-20 04:22   --------   d-sh--w   c:\documents and settings\Andy\PrivacIE
2009-04-20 04:19 . 2009-04-20 04:19   --------   d-sh--w   c:\documents and settings\LocalService\IETldCache
2009-04-20 04:19 . 2009-04-20 04:19   --------   d-sh--w   c:\documents and settings\Andy\IETldCache
2009-04-20 04:18 . 2009-04-20 04:18   --------   d-----w   c:\windows\ie8updates
2009-04-20 04:16 . 2009-04-20 04:16   --------   dc-h--w   c:\windows\ie8
2009-04-20 04:14 . 2009-02-28 04:55   105984   -c----w   c:\windows\system32\dllcache\iecompat.dll
2009-04-16 17:04 . 2009-03-06 14:22   284160   -c----w   c:\windows\system32\dllcache\pdh.dll
2009-04-16 17:04 . 2009-02-09 12:10   401408   -c----w   c:\windows\system32\dllcache\rpcss.dll
2009-04-16 17:04 . 2009-02-06 11:11   110592   -c----w   c:\windows\system32\dllcache\services.exe
2009-04-16 17:04 . 2009-02-09 12:10   473600   -c----w   c:\windows\system32\dllcache\fastprox.dll
2009-04-16 17:04 . 2009-02-06 10:10   227840   -c----w   c:\windows\system32\dllcache\wmiprvse.exe
2009-04-16 17:04 . 2009-02-09 12:10   453120   -c----w   c:\windows\system32\dllcache\wmiprvsd.dll
2009-04-16 17:04 . 2009-02-09 12:10   729088   -c----w   c:\windows\system32\dllcache\lsasrv.dll
2009-04-16 17:04 . 2009-02-09 12:10   617472   -c----w   c:\windows\system32\dllcache\advapi32.dll
2009-04-16 17:04 . 2009-02-09 12:10   714752   -c----w   c:\windows\system32\dllcache\ntdll.dll
2009-04-16 17:04 . 2008-05-03 11:55   2560   ------w   c:\windows\system32\xpsp4res.dll
2009-04-16 17:04 . 2008-04-21 12:08   215552   -c----w   c:\windows\system32\dllcache\wordpad.exe
2009-04-15 05:32 . 2009-04-15 05:32   --------   d-----w   c:\documents and settings\Andy\Application Data\Joost
2009-04-15 05:32 . 2009-04-15 05:32   --------   d-----w   c:\documents and settings\Andy\Local Settings\Application Data\Joost
2009-04-14 12:23 . 2009-03-09 19:06   15688   ----a-w   c:\windows\system32\lsdelete.exe
2009-04-14 04:48 . 2009-04-28 04:48   64160   ----a-w   c:\windows\system32\drivers\Lbd.sys
2009-04-14 04:43 . 2009-04-30 22:15   --------   d-----w   C:\ProgramData
2009-04-14 04:43 . 2009-04-14 04:43   --------   d-----w   c:\program files\Angle Interactive
2009-04-14 04:42 . 2009-04-14 04:42   --------   dc-h--w   c:\documents and settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-04-14 04:42 . 2009-04-14 04:42   --------   d-----w   c:\program files\Lavasoft
2009-04-13 07:38 . 2009-04-13 07:38   --------   d-----w   c:\windows\system32\help
2009-04-13 07:21 . 2008-12-05 02:42   815104   ----a-w   c:\windows\system32\xvidcore.dll
2009-04-13 07:21 . 2008-12-05 02:46   180224   ----a-w   c:\windows\system32\xvidvfw.dll
2009-04-13 07:21 . 2009-04-13 07:21   --------   d-----w   c:\program files\Xvid
2009-04-13 07:07 . 2009-04-13 07:31   --------   d-----w   c:\documents and settings\Andy\Application Data\vlc
2009-04-13 06:08 . 2009-04-13 06:10   --------   d-----w   c:\program files\XtalViD-Codec
2009-04-13 05:45 . 2009-04-13 05:51   --------   d-----w   c:\program files\Xvid Decoder
2009-04-12 21:47 . 2009-04-12 21:47   --------   d-----w   c:\program files\Common Files\DivX Shared
2009-04-10 16:39 . 2009-04-28 23:14   --------   d-----w   c:\program files\Oberon Media

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-30 22:48 . 2008-12-27 17:57   --------   d-----w   c:\program files\Viewpoint
2009-04-30 22:22 . 2008-07-12 04:54   67848   ----a-w   c:\documents and settings\Andy\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-04-30 20:41 . 2008-07-12 04:20   --------   d-----w   c:\program files\Java
2009-04-30 03:00 . 2009-02-15 14:52   --------   d-----w   c:\program files\Norton Security Scan
2009-04-27 03:01 . 2009-02-15 14:52   --------   d-----w   c:\program files\Common Files\Symantec Shared
2009-04-21 20:47 . 2008-08-04 04:34   --------   d-----w   c:\program files\Microsoft Silverlight
2009-04-12 21:48 . 2008-07-30 11:49   --------   d-----w   c:\program files\DivX
2009-03-28 02:54 . 2009-03-28 02:54   --------   d-----w   c:\program files\Unibrain
2009-03-28 02:52 . 2009-03-28 02:52   --------   d-----w   c:\program files\Intel Desktop Board
2009-03-28 02:43 . 2009-03-27 03:16   --------   d-----w   c:\program files\Common Files\Logitech
2009-03-27 03:17 . 2009-03-27 03:17   0   ---ha-w   c:\windows\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
2009-03-27 03:17 . 2009-03-27 03:17   0   ---ha-w   c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2009-03-27 03:16 . 2009-03-27 03:16   --------   d-----w   c:\program files\Logitech
2009-03-27 03:16 . 2008-07-12 03:56   --------   d--h--w   c:\program files\InstallShield Installation Information
2009-03-27 02:56 . 2009-03-27 02:56   --------   d-----w   c:\program files\PC Drivers HeadQuarters
2009-03-14 06:48 . 2009-03-14 06:48   --------   d-----w   c:\program files\Microsoft
2009-03-14 06:47 . 2009-01-18 03:28   410984   ----a-w   c:\windows\system32\deploytk.dll
2009-03-08 09:34 . 2004-08-04 12:00   914944   ----a-w   c:\windows\system32\wininet.dll
2009-03-08 09:34 . 2004-08-04 12:00   43008   ----a-w   c:\windows\system32\licmgr10.dll
2009-03-08 09:33 . 2004-08-04 12:00   18944   ----a-w   c:\windows\system32\corpol.dll
2009-03-08 09:33 . 2004-08-04 12:00   420352   ----a-w   c:\windows\system32\vbscript.dll
2009-03-08 09:32 . 2004-08-04 12:00   72704   ----a-w   c:\windows\system32\admparse.dll
2009-03-08 09:32 . 2004-08-04 12:00   71680   ----a-w   c:\windows\system32\iesetup.dll
2009-03-08 09:31 . 2004-08-04 12:00   34816   ----a-w   c:\windows\system32\imgutil.dll
2009-03-08 09:31 . 2004-08-04 12:00   48128   ----a-w   c:\windows\system32\mshtmler.dll
2009-03-08 09:31 . 2004-08-04 12:00   45568   ----a-w   c:\windows\system32\mshta.exe
2009-03-08 09:22 . 2004-08-04 12:00   156160   ----a-w   c:\windows\system32\msls31.dll
2009-03-06 14:22 . 2004-08-04 12:00   284160   ----a-w   c:\windows\system32\pdh.dll
2009-03-02 05:51 . 2008-12-27 19:05   --------   d-----w   c:\program files\Common Files\Autodesk Shared
2009-03-02 05:49 . 2008-12-27 19:05   --------   d-----w   c:\program files\Autodesk
2009-03-02 05:47 . 2008-12-28 09:42   --------   d-----w   c:\program files\AnswerWorks 4.0
2009-03-02 05:00 . 2008-12-28 09:41   --------   d-----w   c:\program files\AutoCAD 2004
2009-03-02 05:00 . 2009-01-08 04:58   --------   d-----w   c:\program files\Common Files\Macrovision Shared
2009-02-24 19:34 . 2009-02-24 19:34   90112   ----a-w   c:\windows\system32\dpl100.dll
2009-02-24 19:34 . 2009-02-24 19:34   823296   ----a-w   c:\windows\system32\divx_xx0c.dll
2009-02-24 19:34 . 2009-02-24 19:34   823296   ----a-w   c:\windows\system32\divx_xx07.dll
2009-02-24 19:34 . 2009-02-24 19:34   815104   ----a-w   c:\windows\system32\divx_xx0a.dll
2009-02-24 19:34 . 2009-02-24 19:34   802816   ----a-w   c:\windows\system32\divx_xx11.dll
2009-02-24 19:34 . 2009-02-24 19:34   684032   ----a-w   c:\windows\system32\DivX.dll
2009-02-17 04:17 . 2008-07-12 03:52   453152   ----a-w   c:\windows\system32\NVUNINST.EXE
2009-02-09 12:10 . 2004-08-04 12:00   729088   ----a-w   c:\windows\system32\lsasrv.dll
2009-02-09 12:10 . 2004-08-04 12:00   714752   ----a-w   c:\windows\system32\ntdll.dll
2009-02-09 12:10 . 2004-08-04 12:00   617472   ----a-w   c:\windows\system32\advapi32.dll
2009-02-09 12:10 . 2004-08-04 12:00   401408   ----a-w   c:\windows\system32\rpcss.dll
2009-02-09 11:13 . 2004-08-04 12:00   1846784   ----a-w   c:\windows\system32\win32k.sys
2009-02-06 11:11 . 2004-08-04 12:00   110592   ----a-w   c:\windows\system32\services.exe
2009-02-06 11:06 . 2004-08-04 12:00   2145280   ----a-w   c:\windows\system32\ntoskrnl.exe
2009-02-06 10:39 . 2004-08-04 12:00   35328   ----a-w   c:\windows\system32\sc.exe
2009-02-06 10:32 . 2004-08-03 22:59   2023936   ----a-w   c:\windows\system32\ntkrnlpa.exe
2009-02-03 19:59 . 2004-08-04 12:00   56832   ----a-w   c:\windows\system32\secur32.dll
2009-01-31 14:19 . 2009-01-18 17:38   10520   ----a-w   c:\windows\system32\avgrsstx.dll
2009-01-31 14:19 . 2009-01-18 17:38   325128   ----a-w   c:\windows\system32\drivers\avgldx86.sys
2009-01-31 14:18 . 2009-01-18 17:38   107272   ----a-w   c:\windows\system32\drivers\avgtdix.sys
2009-02-24 19:34 . 2009-02-24 19:34   1044480   ----a-w   c:\program files\mozilla firefox\plugins\libdivx.dll
2009-02-24 19:34 . 2009-02-24 19:34   200704   ----a-w   c:\program files\mozilla firefox\plugins\ssldivx.dll
.

(((((((((((((((((((((((((((((   SnapShot@2009-04-30_23.16.36   )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-04-30 23:30 . 2009-04-30 23:30   16384              c:\windows\Temp\Perflib_Perfdata_148.dat
+ 2008-07-11 21:48 . 2009-04-30 23:30   259840              c:\windows\system32\FNTCACHE.DAT
- 2008-07-11 21:48 . 2009-04-30 14:21   259840              c:\windows\system32\FNTCACHE.DAT
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2008-01-22 152872]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-06-09 2363392]
"Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2009-02-20 4363504]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-07-23 68856]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-04-28 1830128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-02-18 13680640]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2008-07-12 925696]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-03 116040]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-05-27 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-07-09 289064]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2008-05-28 570664]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2003-11-01 32768]
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2006-08-10 221184]
"DMXLauncher"="c:\program files\Roxio\Media Experience\DMXLauncher.exe" [2006-08-14 102400]
"RoxioDragToDisc"="c:\program files\Roxio\Drag-to-Disc\DrgToDsc.exe" [2006-07-31 1116920]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2009-02-27 38768]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2009-02-27 640376]
"dvd43"="c:\program files\dvd43\dvd43_tray.exe" [2008-11-18 827904]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-01-31 1601304]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-14 148888]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-02-03 233304]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-02-18 86016]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-04-28 516440]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2009-02-18 1657376]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" - c:\windows\KHALMNPR.Exe [2007-04-11 56080]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 39264]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-3-27 692224]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 17:05   356352   ----a-w   c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-01-31 14:19   10520   ----a-w   c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^The University of Oklahoma OU-VPN Client.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\The University of Oklahoma OU-VPN Client.lnk
backup=c:\windows\pss\The University of Oklahoma OU-VPN Client.lnkCommon Startup

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupX.exe"=
"c:\\Program Files\\Ares\\Ares.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\AIM6\\aim6.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Joost\\xulrunner\\tvprunner.exe"=

R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2009-04-28 953168]
R3 AWINDIS5;AWINDIS5 Protocol Driver;c:\windows\system32\AWINDIS5.SYS [2002-04-11 16194]
R3 EraserUtilDrv10910;EraserUtilDrv10910;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilDrv10910.sys [2009-04-27 101936]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2009-04-28 64160]
S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2009-01-31 325128]
S1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2009-01-31 107272]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2009-04-28 9968]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.sys [2009-04-28 72944]
S2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2009-01-31 903960]
S2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-01-31 298264]
S2 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
S2 ubsbm;Unibrain 1394 SBM Driver;c:\windows\system32\DRIVERS\ubsbm.sys [2005-07-27 14080]
S2 ubumapi;Unibrain 1394 FireAPI Driver;c:\windows\system32\DRIVERS\ubumapi.sys [2005-07-27 36352]
S2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]
S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [2006-11-04 13592]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2009-04-28 7408]
S3 ubohci;Unibrain 1394 OHCI Driver;c:\windows\system32\DRIVERS\ubohci.sys [2005-07-27 77056]


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\K]
\Shell\AutoRun\command - K:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b8c6579c-598d-11dd-8679-0016b6531647}]
\Shell\AutoRun\command - F:\LaunchU3.exe -a

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Common Files\LightScribe\LSRunOnce.exe"
.
Contents of the 'Scheduled Tasks' folder

2009-04-28 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-03-09 04:48]

2009-04-30 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-07-23 23:00]

2009-04-30 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-04 00:20]

2009-04-30 c:\windows\Tasks\Norton Security Scan for Andy.job
- c:\program files\Norton Security Scan\Nss.exe [2008-09-19 01:20]
.
.
------- Supplementary Scan -------
.
uLocal Page = \blank.htm
uStart Page = hxxp://www.cnn.com/
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
IE: &AIM Toolbar Search - c:\documents and settings\All Users\Application Data\AIM Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
FF - ProfilePath - c:\documents and settings\Andy\Application Data\Mozilla\Firefox\Profiles\2xnqv335.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=SOLTDF&q=
FF - prefs.js: browser.search.selectedEngine - FireSearch
FF - prefs.js: browser.startup.homepage - hxxp://www2.firesearch.com/
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?FORM=SOLTDF&q=
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-30 18:43
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ... 

scanning hidden autostart entries ...

scanning hidden files ... 

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1040)
c:\program files\SUPERAntiSpyware\SASWINLO.dll

- - - - - - - > 'explorer.exe'(3584)
c:\windows\system32\nview.dll
c:\program files\Common Files\Ahead\Lib\NeroSearchBar.dll
c:\program files\Common Files\Ahead\Lib\MFC71U.DLL
c:\program files\Common Files\Ahead\Lib\BCGCBPRO860un71.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\OneX.DLL
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2009-04-30 18:44
ComboFix-quarantined-files.txt  2009-04-30 23:44
ComboFix2.txt  2009-04-30 23:17

Pre-Run: 9,526,657,024 bytes free
Post-Run: 9,523,359,744 bytes free

296   --- E O F ---   2009-04-30 17:51
hey are ok bu the way the computer is running great at the moment no pop ups so far ComboFix 09-04-30.05 - Andy 04/30/2009 18:41.2 - NTFSx86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.1983.1418 [GMT -5:00]
Running from: c:\documents and settings\Andy\Desktop\ComboFix.exe1.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)
.

(((((((((((((((((((((((((   Files Created from 2009-03-28 to 2009-04-30  )))))))))))))))))))))))))))))))
.

2009-04-30 22:08 . 2009-04-30 22:08   --------   d-----w   C:\_OTMoveIt
2009-04-30 21:19 . 2009-04-30 22:50   --------   d-----w   C:\Lop SD
2009-04-30 20:49 . 2009-04-30 20:58   --------   d-----w   c:\program files\Trend Micro
2009-04-30 20:04 . 2009-04-30 20:04   --------   d-----w   c:\documents and settings\Andy\Application Data\Malwarebytes
2009-04-30 20:03 . 2009-04-06 20:32   15504   ----a-w   c:\windows\system32\drivers\mbam.sys
2009-04-30 20:03 . 2009-04-06 20:32   38496   ----a-w   c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-30 20:03 . 2009-04-30 20:03   --------   d-----w   c:\documents and settings\All Users\Application Data\Malwarebytes
2009-04-30 20:03 . 2009-04-30 20:03   --------   d-----w   c:\program files\Malwarebytes' Anti-Malware
2009-04-30 19:41 . 2009-04-30 22:19   --------   d-----w   c:\program files\NoAdware
2009-04-30 17:28 . 2009-04-30 17:28   --------   d-----w   c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-04-30 17:28 . 2009-04-30 17:28   --------   d-----w   c:\program files\SUPERAntiSpyware
2009-04-30 17:28 . 2009-04-30 17:28   --------   d-----w   c:\documents and settings\Andy\Application Data\SUPERAntiSpyware.com
2009-04-30 17:27 . 2009-04-30 17:27   --------   d-----w   c:\program files\Common Files\Wise Installation Wizard
2009-04-30 15:31 . 2009-04-30 17:12   --------   d-----w   c:\program files\EsetOnlineScanner
2009-04-30 14:19 . 2009-04-30 14:19   --------   d-----w   c:\windows\system32\XPSViewer
2009-04-30 14:18 . 2009-04-30 14:18   --------   d-----w   c:\program files\MSBuild
2009-04-30 14:18 . 2009-04-30 14:18   --------   d-----w   c:\program files\Reference Assemblies
2009-04-30 14:18 . 2008-07-06 12:06   117760   ------w   c:\windows\system32\prntvpt.dll
2009-04-30 14:18 . 2008-07-06 12:06   89088   -c----w   c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-04-30 14:18 . 2008-07-06 10:50   597504   -c----w   c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-04-30 14:18 . 2008-07-06 12:06   575488   -c----w   c:\windows\system32\dllcache\xpsshhdr.dll
2009-04-30 14:18 . 2008-07-06 12:06   575488   ------w   c:\windows\system32\xpsshhdr.dll
2009-04-30 14:18 . 2008-07-06 12:06   1676288   -c----w   c:\windows\system32\dllcache\xpssvcs.dll
2009-04-30 14:18 . 2008-07-06 12:06   1676288   ------w   c:\windows\system32\xpssvcs.dll
2009-04-30 14:18 . 2009-04-30 14:21   --------   d-----w   c:\windows\SxsCaPendDel
2009-04-27 20:48 . 2009-04-27 20:48   --------   d-----w   c:\documents and settings\Andy\Application Data\PlayFirst
2009-04-27 20:48 . 2009-04-27 20:48   --------   d-----w   c:\documents and settings\All Users\Application Data\PlayFirst
2009-04-27 20:47 . 2009-04-27 21:51   --------   d-----w   C:\My Games
2009-04-27 20:47 . 2009-04-27 20:47   --------   d-----w   c:\documents and settings\All Users\Application Data\RealArcade
2009-04-27 20:47 . 2009-04-27 20:47   --------   d-----w   C:\users
2009-04-27 20:46 . 2009-04-27 21:51   --------   d-----w   c:\program files\RealArcade
2009-04-27 17:32 . 2009-04-27 17:32   --------   d-----w   c:\documents and settings\All Users\Application Data\FloodLightGames
2009-04-27 17:32 . 2009-04-27 17:32   --------   d-----w   c:\documents and settings\Andy\Saved Games
2009-04-27 17:32 . 2009-04-27 17:32   --------   d-----w   c:\documents and settings\Andy\Application Data\FloodLightGames
2009-04-21 04:48 . 2009-04-21 04:48   --------   d-sh--w   c:\documents and settings\NetworkService\IETldCache
2009-04-20 04:28 . 2009-04-20 04:28   --------   d-sh--w   c:\documents and settings\Andy\IECompatCache
2009-04-20 04:22 . 2009-04-20 04:22   --------   d-sh--w   c:\documents and settings\Andy\PrivacIE
2009-04-20 04:19 . 2009-04-20 04:19   --------   d-sh--w   c:\documents and settings\LocalService\IETldCache
2009-04-20 04:19 . 2009-04-20 04:19   --------   d-sh--w   c:\documents and settings\Andy\IETldCache
2009-04-20 04:18 . 2009-04-20 04:18   --------   d-----w   c:\windows\ie8updates
2009-04-20 04:16 . 2009-04-20 04:16   --------   dc-h--w   c:\windows\ie8
2009-04-20 04:14 . 2009-02-28 04:55   105984   -c----w   c:\windows\system32\dllcache\iecompat.dll
2009-04-16 17:04 . 2009-03-06 14:22   284160   -c----w   c:\windows\system32\dllcache\pdh.dll
2009-04-16 17:04 . 2009-02-09 12:10   401408   -c----w   c:\windows\system32\dllcache\rpcss.dll
2009-04-16 17:04 . 2009-02-06 11:11   110592   -c----w   c:\windows\system32\dllcache\services.exe
2009-04-16 17:04 . 2009-02-09 12:10   473600   -c----w   c:\windows\system32\dllcache\fastprox.dll
2009-04-16 17:04 . 2009-02-06 10:10   227840   -c----w   c:\windows\system32\dllcache\wmiprvse.exe
2009-04-16 17:04 . 2009-02-09 12:10   453120   -c----w   c:\windows\system32\dllcache\wmiprvsd.dll
2009-04-16 17:04 . 2009-02-09 12:10   729088   -c----w   c:\windows\system32\dllcache\lsasrv.dll
2009-04-16 17:04 . 2009-02-09 12:10   617472   -c----w   c:\windows\system32\dllcache\advapi32.dll
2009-04-16 17:04 . 2009-02-09 12:10   714752   -c----w   c:\windows\system32\dllcache\ntdll.dll
2009-04-16 17:04 . 2008-05-03 11:55   2560   ------w   c:\windows\system32\xpsp4res.dll
2009-04-16 17:04 . 2008-04-21 12:08   215552   -c----w   c:\windows\system32\dllcache\wordpad.exe
2009-04-15 05:32 . 2009-04-15 05:32   --------   d-----w   c:\documents and settings\Andy\Application Data\Joost
2009-04-15 05:32 . 2009-04-15 05:32   --------   d-----w   c:\documents and settings\Andy\Local Settings\Application Data\Joost
2009-04-14 12:23 . 2009-03-09 19:06   15688   ----a-w   c:\windows\system32\lsdelete.exe
2009-04-14 04:48 . 2009-04-28 04:48   64160   ----a-w   c:\windows\system32\drivers\Lbd.sys
2009-04-14 04:43 . 2009-04-30 22:15   --------   d-----w   C:\ProgramData
2009-04-14 04:43 . 2009-04-14 04:43   --------   d-----w   c:\program files\Angle Interactive
2009-04-14 04:42 . 2009-04-14 04:42   --------   dc-h--w   c:\documents and settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-04-14 04:42 . 2009-04-14 04:42   --------   d-----w   c:\program files\Lavasoft
2009-04-13 07:38 . 2009-04-13 07:38   --------   d-----w   c:\windows\system32\help
2009-04-13 07:21 . 2008-12-05 02:42   815104   ----a-w   c:\windows\system32\xvidcore.dll
2009-04-13 07:21 . 2008-12-05 02:46   180224   ----a-w   c:\windows\system32\xvidvfw.dll
2009-04-13 07:21 . 2009-04-13 07:21   --------   d-----w   c:\program files\Xvid
2009-04-13 07:07 . 2009-04-13 07:31   --------   d-----w   c:\documents and settings\Andy\Application Data\vlc
2009-04-13 06:08 . 2009-04-13 06:10   --------   d-----w   c:\program files\XtalViD-Codec
2009-04-13 05:45 . 2009-04-13 05:51   --------   d-----w   c:\program files\Xvid Decoder
2009-04-12 21:47 . 2009-04-12 21:47   --------   d-----w   c:\program files\Common Files\DivX Shared
2009-04-10 16:39 . 2009-04-28 23:14   --------   d-----w   c:\program files\Oberon Media

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-30 22:48 . 2008-12-27 17:57   --------   d-----w   c:\program files\Viewpoint
2009-04-30 22:22 . 2008-07-12 04:54   67848   ----a-w   c:\documents and settings\Andy\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-04-30 20:41 . 2008-07-12 04:20   --------   d-----w   c:\program files\Java
2009-04-30 03:00 . 2009-02-15 14:52   --------   d-----w   c:\program files\Norton Security Scan
2009-04-27 03:01 . 2009-02-15 14:52   --------   d-----w   c:\program files\Common Files\Symantec Shared
2009-04-21 20:47 . 2008-08-04 04:34   --------   d-----w   c:\program files\Microsoft Silverlight
2009-04-12 21:48 . 2008-07-30 11:49   --------   d-----w   c:\program files\DivX
2009-03-28 02:54 . 2009-03-28 02:54   --------   d-----w   c:\program files\Unibrain
2009-03-28 02:52 . 2009-03-28 02:52   --------   d-----w   c:\program files\Intel Desktop Board
2009-03-28 02:43 . 2009-03-27 03:16   --------   d-----w   c:\program files\Common Files\Logitech
2009-03-27 03:17 . 2009-03-27 03:17   0   ---ha-w   c:\windows\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
2009-03-27 03:17 . 2009-03-27 03:17   0   ---ha-w   c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2009-03-27 03:16 . 2009-03-27 03:16   --------   d-----w   c:\program files\Logitech
2009-03-27 03:16 . 2008-07-12 03:56   --------   d--h--w   c:\program files\InstallShield Installation Information
2009-03-27 02:56 . 2009-03-27 02:56   --------   d-----w   c:\program files\PC Drivers HeadQuarters
2009-03-14 06:48 . 2009-03-14 06:48   --------   d-----w   c:\program files\Microsoft
2009-03-14 06:47 . 2009-01-18 03:28   410984   ----a-w   c:\windows\system32\deploytk.dll
2009-03-08 09:34 . 2004-08-04 12:00   914944   ----a-w   c:\windows\system32\wininet.dll
2009-03-08 09:34 . 2004-08-04 12:00   43008   ----a-w   c:\windows\system32\licmgr10.dll
2009-03-08 09:33 . 2004-08-04 12:00   18944   ----a-w   c:\windows\system32\corpol.dll
2009-03-08 09:33 . 2004-08-04 12:00   420352   ----a-w   c:\windows\system32\vbscript.dll
2009-03-08 09:32 . 2004-08-04 12:00   72704   ----a-w   c:\windows\system32\admparse.dll
2009-03-08 09:32 . 2004-08-04 12:00   71680   ----a-w   c:\windows\system32\iesetup.dll
2009-03-08 09:31 . 2004-08-04 12:00   34816   ----a-w   c:\windows\system32\imgutil.dll
2009-03-08 09:31 . 2004-08-04 12:00   48128   ----a-w   c:\windows\system32\mshtmler.dll
2009-03-08 09:31 . 2004-08-04 12:00   45568   ----a-w   c:\windows\system32\mshta.exe
2009-03-08 09:22 . 2004-08-04 12:00   156160   ----a-w   c:\windows\system32\msls31.dll
2009-03-06 14:22 . 2004-08-04 12:00   284160   ----a-w   c:\windows\system32\pdh.dll
2009-03-02 05:51 . 2008-12-27 19:05   --------   d-----w   c:\program files\Common Files\Autodesk Shared
2009-03-02 05:49 . 2008-12-27 19:05   --------   d-----w   c:\program files\Autodesk
2009-03-02 05:47 . 2008-12-28 09:42   --------   d-----w   c:\program files\AnswerWorks 4.0
2009-03-02 05:00 . 2008-12-28 09:41   --------   d-----w   c:\program files\AutoCAD 2004
2009-03-02 05:00 . 2009-01-08 04:58   --------   d-----w   c:\program files\Common Files\Macrovision Shared
2009-02-24 19:34 . 2009-02-24 19:34   90112   ----a-w   c:\windows\system32\dpl100.dll
2009-02-24 19:34 . 2009-02-24 19:34   823296   ----a-w   c:\windows\system32\divx_xx0c.dll
2009-02-24 19:34 . 2009-02-24 19:34   823296   ----a-w   c:\windows\system32\divx_xx07.dll
2009-02-24 19:34 . 2009-02-24 19:34   815104   ----a-w   c:\windows\system32\divx_xx0a.dll
2009-02-24 19:34 . 2009-02-24 19:34   802816   ----a-w   c:\windows\system32\divx_xx11.dll
2009-02-24 19:34 . 2009-02-24 19:34   684032   ----a-w   c:\windows\system32\DivX.dll
2009-02-17 04:17 . 2008-07-12 03:52   453152   ----a-w   c:\windows\system32\NVUNINST.EXE
2009-02-09 12:10 . 2004-08-04 12:00   729088   ----a-w   c:\windows\system32\lsasrv.dll
2009-02-09 12:10 . 2004-08-04 12:00   714752   ----a-w   c:\windows\system32\ntdll.dll
2009-02-09 12:10 . 2004-08-04 12:00   617472   ----a-w   c:\windows\system32\advapi32.dll
2009-02-09 12:10 . 2004-08-04 12:00   401408   ----a-w   c:\windows\system32\rpcss.dll
2009-02-09 11:13 . 2004-08-04 12:00   1846784   ----a-w   c:\windows\system32\win32k.sys
2009-02-06 11:11 . 2004-08-04 12:00   110592   ----a-w   c:\windows\system32\services.exe
2009-02-06 11:06 . 2004-08-04 12:00   2145280   ----a-w   c:\windows\system32\ntoskrnl.exe
2009-02-06 10:39 . 2004-08-04 12:00   35328   ----a-w   c:\windows\system32\sc.exe
2009-02-06 10:32 . 2004-08-03 22:59   2023936   ----a-w   c:\windows\system32\ntkrnlpa.exe
2009-02-03 19:59 . 2004-08-04 12:00   56832   ----a-w   c:\windows\system32\secur32.dll
2009-01-31 14:19 . 2009-01-18 17:38   10520   ----a-w   c:\windows\system32\avgrsstx.dll
2009-01-31 14:19 . 2009-01-18 17:38   325128   ----a-w   c:\windows\system32\drivers\avgldx86.sys
2009-01-31 14:18 . 2009-01-18 17:38   107272   ----a-w   c:\windows\system32\drivers\avgtdix.sys
2009-02-24 19:34 . 2009-02-24 19:34   1044480   ----a-w   c:\program files\mozilla firefox\plugins\libdivx.dll
2009-02-24 19:34 . 2009-02-24 19:34   200704   ----a-w   c:\program files\mozilla firefox\plugins\ssldivx.dll
.

(((((((((((((((((((((((((((((   SnapShot@2009-04-30_23.16.36   )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-04-30 23:30 . 2009-04-30 23:30   16384              c:\windows\Temp\Perflib_Perfdata_148.dat
+ 2008-07-11 21:48 . 2009-04-30 23:30   259840              c:\windows\system32\FNTCACHE.DAT
- 2008-07-11 21:48 . 2009-04-30 14:21   259840              c:\windows\system32\FNTCACHE.DAT
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2008-01-22 152872]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-06-09 2363392]
"Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2009-02-20 4363504]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-07-23 68856]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-04-28 1830128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-02-18 13680640]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2008-07-12 925696]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-03 116040]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-05-27 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-07-09 289064]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2008-05-28 570664]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2003-11-01 32768]
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2006-08-10 221184]
"DMXLauncher"="c:\program files\Roxio\Media Experience\DMXLauncher.exe" [2006-08-14 102400]
"RoxioDragToDisc"="c:\program files\Roxio\Drag-to-Disc\DrgToDsc.exe" [2006-07-31 1116920]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2009-02-27 38768]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2009-02-27 640376]
"dvd43"="c:\program files\dvd43\dvd43_tray.exe" [2008-11-18 827904]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-01-31 1601304]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-14 148888]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-02-03 233304]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-02-18 86016]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-04-28 516440]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2009-02-18 1657376]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" - c:\windows\KHALMNPR.Exe [2007-04-11 56080]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 39264]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-3-27 692224]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 17:05   356352   ----a-w   c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-01-31 14:19   10520   ----a-w   c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^The University of Oklahoma OU-VPN Client.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\The University of Oklahoma OU-VPN Client.lnk
backup=c:\windows\pss\The University of Oklahoma OU-VPN Client.lnkCommon Startup

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupX.exe"=
"c:\\Program Files\\Ares\\Ares.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\AIM6\\aim6.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Joost\\xulrunner\\tvprunner.exe"=

R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2009-04-28 953168]
R3 AWINDIS5;AWINDIS5 Protocol Driver;c:\windows\system32\AWINDIS5.SYS [2002-04-11 16194]
R3 EraserUtilDrv10910;EraserUtilDrv10910;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilDrv10910.sys [2009-04-27 101936]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2009-04-28 64160]
S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2009-01-31 325128]
S1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2009-01-31 107272]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2009-04-28 9968]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.sys [2009-04-28 72944]
S2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2009-01-31 903960]
S2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-01-31 298264]
S2 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
S2 ubsbm;Unibrain 1394 SBM Driver;c:\windows\system32\DRIVERS\ubsbm.sys [2005-07-27 14080]
S2 ubumapi;Unibrain 1394 FireAPI Driver;c:\windows\system32\DRIVERS\ubumapi.sys [2005-07-27 36352]
S2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]
S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [2006-11-04 13592]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2009-04-28 7408]
S3 ubohci;Unibrain 1394 OHCI Driver;c:\windows\system32\DRIVERS\ubohci.sys [2005-07-27 77056]


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\K]
\Shell\AutoRun\command - K:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b8c6579c-598d-11dd-8679-0016b6531647}]
\Shell\AutoRun\command - F:\LaunchU3.exe -a

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Common Files\LightScribe\LSRunOnce.exe"
.
Contents of the 'Scheduled Tasks' folder

2009-04-28 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-03-09 04:48]

2009-04-30 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-07-23 23:00]

2009-04-30 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-04 00:20]

2009-04-30 c:\windows\Tasks\Norton Security Scan for Andy.job
- c:\program files\Norton Security Scan\Nss.exe [2008-09-19 01:20]
.
.
------- Supplementary Scan -------
.
uLocal Page = \blank.htm
uStart Page = hxxp://www.cnn.com/
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
IE: &AIM Toolbar Search - c:\documents and settings\All Users\Application Data\AIM Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
FF - ProfilePath - c:\documents and settings\Andy\Application Data\Mozilla\Firefox\Profiles\2xnqv335.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=SOLTDF&q=
FF - prefs.js: browser.search.selectedEngine - FireSearch
FF - prefs.js: browser.startup.homepage - hxxp://www2.firesearch.com/
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?FORM=SOLTDF&q=
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-30 18:43
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ... 

scanning hidden autostart entries ...

scanning hidden files ... 

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1040)
c:\program files\SUPERAntiSpyware\SASWINLO.dll

- - - - - - - > 'explorer.exe'(3584)
c:\windows\system32\nview.dll
c:\program files\Common Files\Ahead\Lib\NeroSearchBar.dll
c:\program files\Common Files\Ahead\Lib\MFC71U.DLL
c:\program files\Common Files\Ahead\Lib\BCGCBPRO860un71.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\OneX.DLL
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2009-04-30 18:44
ComboFix-quarantined-files.txt  2009-04-30 23:44
ComboFix2.txt  2009-04-30 23:17

Pre-Run: 9,526,657,024 bytes free
Post-Run: 9,523,359,744 bytes free

296   --- E O F ---   2009-04-30 17:51
 thank you so much for your time and effort
IP logged
evilfantasy
Malware Removal Specialist
Moderator
Genius



Thanked: 462
Posts: 11,769

Experience: Beginner
OS: Windows 7


Calm like a bomb

evilfantasy's blog
« Reply #22 on: April 30, 2009, 06:11:29 PM »
    I don't see anything else that would cause any problems so let's clean up and see how things are then.

Unistall LOP S&D

Click START then RUN
Now type C:\Lop SD\Uninstal.exe in the runbox.

Then click OK.

----------

  • Click START then RUN
  • Now type Combofix /u in the runbox
  • Make sure there's a space between Combofix and /u
  • Then hit Enter.
  • The above procedure will:
  • Delete the following:
  • ComboFix and its associated files and folders.
  • Reset the clock settings.
  • Hide file extensions, if required.
  • Hide System/Hidden files, if required.
  • Set a new, clean Restore Point.
.
----------

Download ATF Cleaner by Atribune to your Desktop.

Alternate download link

Note: Vista users must use Run As Administrator
  • Under Main: Select Files to Delete choose: Select All.
  • Click the Empty Selected button.
  • If you use Firefox browser click Firefox at the top and choose: Select All
  • Click the Empty Selected button.
    If you would like to keep your saved passwords click No at the prompt.
  • If you use Opera browser click Opera at the top and choose: Select All
  • Click the Empty Selected button.
    If you would like to keep your saved passwords click No at the prompt.
  • Click Exit on the Main menu to close the program.
.
Note that your system will run slower for a reboot or two after having used this tool so don't panic.

----------

Download OTCleanIt.exe and save it to your Desktop.
  • Double-click OTCleanIt.exe.
  • Click the CleanUp! button.
  • Select Yes when the "Begin cleanup Process?" prompt appears.
  • If you are prompted to Reboot during the cleanup, select Yes.
  • The tool will delete itself once it finishes, if not delete it yourself.
.
Important: Restart the computer before continuing.

----------

How is everything now?
IP logged


ƃolq
Trisha
Topic Starter
Rookie



Posts: 36
« Reply #23 on: April 30, 2009, 06:31:16 PM »
doing great thank you so very Much
IP logged
evilfantasy
Malware Removal Specialist
Moderator
Genius



Thanked: 462
Posts: 11,769

Experience: Beginner
OS: Windows 7


Calm like a bomb

evilfantasy's blog
« Reply #24 on: April 30, 2009, 06:57:25 PM »
I have one Free SUPERAntiSpyware Professional Edition Lifetime Key I am giving away. If you are interested then visit my blog here: http://evilfantasy.wordpress.com/2009/04/28/free-superantispyware-pro-giveaway/

----------

Use the Secunia Software Inspector to check for out of date software.
  • Click Start Now
  • Check the box next to Enable thorough system inspection.
  • Click Start
  • Allow the scan to finish and scroll down to see if any updates are needed.
  • Update anything listed.
.
----------

Go to Microsoft Windows Update and get all critical updates.

----------

I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free.

SpywareBlaster - Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox.
* Using SpywareBlaster to protect your computer from Spyware and Malware
* If you don't know what ActiveX controls are, see here

Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future.

Also see Slow Computer? It May Not Be Malware for free cleaning/maintenance tools to help keep your computer running smooth.
IP logged


ƃolq
Trisha
Topic Starter
Rookie



Posts: 36
« Reply #25 on: May 10, 2009, 11:36:00 PM »
Thank you once again
   the computer seems to be running Great now
   
IP logged
Pages: 1 2 [All] - (Top) Print 
Home / Software / Computer viruses and spyware / Re: CID Pop-ups ?? « previous next »
 


Login with username, password and session length

Old Forum Search | Forum Rules
Copyright © 2010 Computer Hope ® All rights reserved.
Powered by SMF 2.0 RC3 | SMF © 2006–2010, Simple Machines LLC
Page created in 1.142 seconds with 20 queries.